func Test_Exercise_Permission_Selection(t *testing.T) { user := mockUser() initUser(user) exercise := mockExercise() initExercise(exercise) addUserToExercise(user, exercise) addUserPermissionToExercise(user, exercise, true, true, true) permissions, err := models.FindExercisePermissionsForUser(dbConn(), user, exercise) if err != nil { t.Fatalf("No permissions were found for user %s", user.RealName) } if !permissions.IsAdmin { t.Fatalf("No Admin permissions found, while they were set") } if !permissions.IsOc { t.Fatalf("No OC permissions found, while they were set") } if !permissions.IsTrainee { t.Fatalf("No Trainee permissions found, while they were set") } }
func (h *Handler) authenticationGetCurrentExercisePermissions(w http.ResponseWriter, r *http.Request, u *sitrep.UsersByEmail, exercise *sitrep.ExerciseByIdentifier) { exercises, err := models.FindExercisePermissionsForUser(h.Cassandra, u, exercise) if err != nil { httpError(w, "User is not authorized in this exercise at all!", false, http.StatusUnauthorized) return } w.Header().Add("content-type", "application/json") w.Write(MarshalJSON(exercises, false)) }
func Test_Exercise_Empty_Exercise(t *testing.T) { user := mockUser() initUser(user) exercise := mockExercise() initExercise(exercise) addUserToExercise(user, exercise) addUserPermissionToExercise(user, exercise, true, true, true) _, err := models.FindExercisePermissionsForUser(dbConn(), user, nil) if err == nil { t.Fatalf("Test succeeded, but should fail. No Exercise was supplied") } }
func (h *Handler) getUsersList(w http.ResponseWriter, r *http.Request, u *sitrep.UsersByEmail, exercise *sitrep.ExerciseByIdentifier) { exercises, err := models.FindExercisePermissionsForUser(h.Cassandra, u, exercise) if err != nil { httpError(w, "User is not authorized in this exercise at all!", false, http.StatusUnauthorized) return } if !exercises.IsAdmin || !u.IsAdmin { httpError(w, "User is authorized to fetch a list of users", false, http.StatusUnauthorized) return } users, err := models.FetchAllUsers(h.Cassandra) if err != nil { httpError(w, "Error occured while fetching data", false, http.StatusInternalServerError) return } w.Header().Add("content-type", "application/json") w.Write(MarshalJSON(users, false)) }
func (h *Handler) authenticationUpdateExercisesSettings(w http.ResponseWriter, r *http.Request, u *sitrep.UsersByEmail, exercise *sitrep.ExerciseByIdentifier) { exercises, err := models.FindExercisePermissionsForUser(h.Cassandra, u, exercise) if err != nil { httpError(w, "User is not authorized in this exercise at all!", false, http.StatusUnauthorized) return } if !exercises.IsAdmin || !u.IsAdmin { httpError(w, "User is authorized to update settings", false, http.StatusUnauthorized) return } req, err := unmarshalSettingsUpdateRequest(r) if err != nil { httpError(w, "Error occured while processing your settings!", false, http.StatusInternalServerError) return } updated, err := models.UpdateExerciseSetting(h.Cassandra, exercise.Id, req.Values) if err != nil { httpError(w, "Error occured while saving your settings!", false, http.StatusInternalServerError) return } w.Header().Add("content-type", "application/json") w.Write(MarshalJSON(updated, false)) }