Skip to content

Commit

Permalink
(PC-32495)[BO] fix: unsuspend backoffice user
Browse files Browse the repository at this point in the history
  • Loading branch information
@prouzet
prouzet committed Oct 18, 2024
1 parent 0d10d51 commit a02156b
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 2 deletions.
2 changes: 1 addition & 1 deletion api/src/pcapi/routes/backoffice/users/blueprint.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ def _redirect_to_user_page(user: users_models.User) -> utils.BackofficeResponse:


def _check_user_role_vs_backoffice_permission(user: users_models.User, unsuspend: bool = False) -> None:
if user.has_admin_role:
if user.has_admin_role or user.backoffice_profile:
if not utils.has_current_user_permission(perm_models.Permissions.MANAGE_ADMIN_ACCOUNTS):
raise Forbidden()
elif user.has_any_pro_role:
Expand Down
26 changes: 25 additions & 1 deletion api/tests/routes/backoffice/users_test.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -409,7 +409,7 @@ def test_unsuspend_beneficiary_user_as_beneficiary_fraud(self, client, fraude_je
assert response.status_code == 303
assert user.isActive

def test_suspend_beneficiary_user_as_support_n2(self, client, support_n2_admin):
def test_unsuspend_beneficiary_user_as_support_n2(self, client, support_n2_admin):
user = users_factories.BeneficiaryGrant18Factory(isActive=False)

response = self.post_to_endpoint(
Expand All @@ -421,6 +421,30 @@ def test_suspend_beneficiary_user_as_support_n2(self, client, support_n2_admin):
assert response.status_code == 403
assert not user.isActive

# When suspended, admin user loses ADMIN role
@pytest.mark.parametrize("user_roles", [[users_models.UserRole.ADMIN], []])
def test_unsuspend_admin_user(self, client, super_admin, user_roles):
user = users_factories.AdminFactory(roles=user_roles, backoffice_profile__roles=[], isActive=False)

response = self.post_to_endpoint(
client.with_bo_session_auth(super_admin),
user_id=user.id,
form={"comment": "Test"},
)

assert response.status_code == 303

db.session.refresh(user)
assert user.isActive
assert user.backoffice_profile
assert not user.backoffice_profile.roles

assert len(user.action_history) == 1
assert user.action_history[0].actionType == history_models.ActionType.USER_UNSUSPENDED
assert user.action_history[0].authorUser == super_admin
assert user.action_history[0].user == user
assert user.action_history[0].comment == "Test"


class GetBatchSuspendUsersFormTest(GetEndpointHelper):
endpoint = "backoffice_web.users.get_batch_suspend_users_form"
Expand Down

0 comments on commit a02156b

Please sign in to comment.