From 21471d4d41cc6a91ffb82a727d1170696f19fba5 Mon Sep 17 00:00:00 2001 From: Daniel Schick Date: Mon, 3 Feb 2025 11:56:44 +0100 Subject: [PATCH] Allow shipcall PUT also by PILOT --- .../BreCal/validators/input_validation_shipcall.py | 9 ++++++--- .../tests/validators/test_input_validation_shipcall.py | 10 +++++----- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/src/server/BreCal/validators/input_validation_shipcall.py b/src/server/BreCal/validators/input_validation_shipcall.py index 060909f..eb5efd0 100644 --- a/src/server/BreCal/validators/input_validation_shipcall.py +++ b/src/server/BreCal/validators/input_validation_shipcall.py @@ -546,11 +546,13 @@ class InputValidationShipcall(): # query = 'SELECT * FROM shipcall_participant_map where (shipcall_id = ?shipcall_id? AND type=?participant_type?)' # assigned_agency = execute_sql_query_standalone(query=query, model=ShipcallParticipantMap, param={"shipcall_id" : shipcall_id, "participant_type":int(ParticipantType.AGENCY)}) assigned_agency = get_assigned_participant_of_type(shipcall_id, participant_type=ParticipantType.AGENCY) + assigned_pilot = get_assigned_participant_of_type(shipcall_id, participant_type=ParticipantType.PILOT) an_agency_is_assigned = True if assigned_agency is not None else False else: # Agency assigned? User must belong to the assigned agency or be a BSMD user, in case the flag is set assigned_agency = [spm for spm in shipcall_participant_map if int(spm.type) == int(ParticipantType.AGENCY)] + assigned_pilot = [spm for spm in shipcall_participant_map if int(spm.type) == int(ParticipantType.PILOT)] an_agency_is_assigned = len(assigned_agency)==1 if len(assigned_agency)>1: @@ -567,18 +569,19 @@ class InputValidationShipcall(): ### USER authority ### # determine, whether the user is a) the assigned agency or b) a BSMD participant user_is_assigned_agency = (user_participant_id == assigned_agency.id) + user_is_assigned_pilot = (user_participant_id == assigned_pilot.id) # when the BSMD flag is set: the user must be either BSMD or the assigned agency # when the BSMD flag is not set: the user must be the assigned agency - user_is_authorized = (user_is_bsmd or user_is_assigned_agency) #if agency_has_bsmd_flag else user_is_assigned_agency + user_is_authorized = (user_is_bsmd or user_is_assigned_agency or user_is_assigned_pilot) #if agency_has_bsmd_flag else user_is_assigned_agency if not user_is_authorized: - raise werkzeug.exceptions.Forbidden(f"PUT Requests for shipcalls can only be issued by an assigned AGENCY or BSMD users (if the special-flag is enabled). Assigned Agency: {assigned_agency} with Flags: {assigned_agency.flags}") # Forbidden: 403 + raise werkzeug.exceptions.Forbidden(f"PUT Requests for shipcalls can only be issued by an assigned AGENCY / BSMD / PILOT (if the special-flag is enabled). Assigned Agency: {assigned_agency} with Flags: {assigned_agency.flags}") # Forbidden: 403 else: # when there is no assigned agency, only BSMD users can update the shipcall if not user_is_bsmd: - raise werkzeug.exceptions.Forbidden(f"PUT Requests for shipcalls can only be issued by an assigned AGENCY or BSMD users (if the special-flag is enabled). There is no assigned agency yet, so only BSMD users can change datasets.") # part of a pytest.raises. Forbidden: 403 + raise werkzeug.exceptions.Forbidden(f"PUT Requests for shipcalls can only be issued by an assigned AGENCY / BSMD / PILOT users (if the special-flag is enabled). There is no assigned agency yet, so only BSMD users can change datasets.") # part of a pytest.raises. Forbidden: 403 return diff --git a/src/server/tests/validators/test_input_validation_shipcall.py b/src/server/tests/validators/test_input_validation_shipcall.py index 0e48f55..bdb9e52 100644 --- a/src/server/tests/validators/test_input_validation_shipcall.py +++ b/src/server/tests/validators/test_input_validation_shipcall.py @@ -637,7 +637,7 @@ def test_shipcall_put_request_fails_when_different_participant_id_is_assigned(ge # agency with different participant id is assigned ivs = InputValidationShipcall() - with pytest.raises(werkzeug.exceptions.Forbidden, match=f"PUT Requests for shipcalls can only be issued by an assigned AGENCY or BSMD users"): + with pytest.raises(werkzeug.exceptions.Forbidden, match=f"PUT Requests for shipcalls can only be issued by an assigned AGENCY BSMD PILOT users"): ivs.check_user_is_authorized_for_put_request(user_data, loadedModel, content, spm_shipcall_data) return @@ -706,7 +706,7 @@ def test_shipcall_put_request_fails_when_no_agency_is_assigned(get_shipcall_id_a # no agency assigned ivs = InputValidationShipcall() - with pytest.raises(werkzeug.exceptions.Forbidden, match=re.escape(f"PUT Requests for shipcalls can only be issued by an assigned AGENCY or BSMD users (if the special-flag is enabled). There is no assigned agency yet, so only BSMD users can change datasets.")): + with pytest.raises(werkzeug.exceptions.Forbidden, match=re.escape(f"PUT Requests for shipcalls can only be issued by an assigned AGENCY BSMD PILOT users (if the special-flag is enabled). There is no assigned agency yet, so only BSMD users can change datasets.")): ivs.check_user_is_authorized_for_put_request(user_data, loadedModel, content, spm_shipcall_data) return @@ -738,7 +738,7 @@ def test_shipcall_put_request_fails_when_user_is_not_authorized(get_shipcall_id_ # current user is not authorized ivs = InputValidationShipcall() - with pytest.raises(werkzeug.exceptions.Forbidden, match=f"PUT Requests for shipcalls can only be issued by an assigned AGENCY or BSMD users"): + with pytest.raises(werkzeug.exceptions.Forbidden, match=f"PUT Requests for shipcalls can only be issued by an assigned AGENCY BSMD PILOT users"): ivs.check_user_is_authorized_for_put_request(user_data, loadedModel, content, spm_shipcall_data) return @@ -769,7 +769,7 @@ def test_shipcall_put_request_fails_when_user_tries_self_assignment(get_shipcall # self-assignment. User is participant 6, and wants to assign participant 6. ivs = InputValidationShipcall() - with pytest.raises(werkzeug.exceptions.Forbidden, match=re.escape("PUT Requests for shipcalls can only be issued by an assigned AGENCY or BSMD users (if the special-flag is enabled). There is no assigned agency yet, so only BSMD users can change datasets.")): + with pytest.raises(werkzeug.exceptions.Forbidden, match=re.escape("PUT Requests for shipcalls can only be issued by an assigned AGENCY BSMD PILOT users (if the special-flag is enabled). There is no assigned agency yet, so only BSMD users can change datasets.")): # previous error message: An agency cannot self-register for a shipcall. The request is issued by an agency-user and tries to assign an AGENCY as the participant of the shipcall."" # however, self-assignment is no longer possible, because the SPM is verified beforehand. ivs.check_user_is_authorized_for_put_request(user_data, loadedModel, content, spm_shipcall_data) @@ -846,7 +846,7 @@ def test_shipcall_put_request_fails_input_validation_shipcall_when_shipcall_is_c assert user.participant_id == 4 #### verification should fail, because participant_id 4 is ParticipantType.PILOT (neither an assigned agency, nor bsmd) - with pytest.raises(werkzeug.exceptions.Forbidden, match="PUT Requests for shipcalls can only be issued by an assigned AGENCY or BSMD user"): + with pytest.raises(werkzeug.exceptions.Forbidden, match="PUT Requests for shipcalls can only be issued by an assigned AGENCY BSMD PILOT user"): InputValidationShipcall.evaluate_put_data(user_data, loadedModel, content) ### PASSES: