lean101/data-entry-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v0.1.11 - Editor

Browse Source
This commit is contained in:
ponzischeme89
2026-06-03 00:17:12 +12:00
parent f5a588d631
commit cf968e802b
23 changed files with 2165 additions and 655 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/tests/test_access.py
+36 -3
View File
@@ -11,6 +11,7 @@ from app.api.access import router as access_router
from app.core.access import (
INTERNAL_USER_SUBJECT,
get_user_permissions,
permissions_to_module_map,
require_all_permissions,
require_any_permission,
require_permission,
@@ -72,9 +73,17 @@ def test_admin_role_permissions_match_spec():
assert granted == set(ROLE_DEFINITIONS["Admin"]["permissions"])
assert "manage_users" in granted
assert "manage_permissions" in granted
# Admin spec deliberately excludes edit_products / edit_mixes.
assert "edit_products" not in granted
assert "edit_mixes" not in granted
assert "edit_products" in granted
assert "edit_mixes" in granted
assert "view_scenarios" in granted
assert "edit_scenarios" in granted
assert "manage_client_access" in granted
modules = permissions_to_module_map(granted)
assert modules["products"] == "edit"
assert modules["mix_master"] == "edit"
assert modules["scenarios"] == "edit"
assert modules["client_access"] == "manage"
def test_operations_role_is_mix_calculator_and_throughput_only():
@@ -108,6 +117,30 @@ def test_full_access_role_can_edit_operational_data_but_not_users():
assert "manage_permissions" not in granted
def test_lean_role_has_unrestricted_workspace_permissions():
db = _build_session()
seed_access(db)
lean_role = db.query(Role).filter_by(name="lean").one()
user = User(email="lean@example.com", name="Lean User", role_id=lean_role.id, is_active=True)
db.add(user)
db.flush()
granted = get_user_permissions(user)
assert granted == set(ROLE_DEFINITIONS["lean"]["permissions"])
assert {key for key, _ in PERMISSION_DEFINITIONS} == granted
modules = permissions_to_module_map(granted)
assert modules["dashboard"] == "view"
assert modules["raw_materials"] == "edit"
assert modules["mix_master"] == "edit"
assert modules["mix_calculator"] == "edit"
assert modules["products"] == "edit"
assert modules["operations_throughput"] == "edit"
assert modules["scenarios"] == "edit"
assert modules["client_access"] == "manage"
def test_inactive_user_has_no_permissions():
db = _build_session()
seed_access(db)