Add admin page to list the users
There is no way, for now, to add, edit or remove users, because
currently we only need to list users.
I can not give admins access to the user table, for security
permissions, so i had to create a new view. I could name it also ‘user’
in ‘camper’ scheme, but then i was afraid i would have problems with
unit tests and their search_path, so instead i called it
‘company_user_profile’, which is like ‘user_profile’ but for all users
in ‘company_user’.
I created a new Go package for it, rather than add the admin handler in
‘auth’, because ‘template’ depends on ‘auth’, and rendering from ‘auth’
would cause a dependency loop.
I needed to have the roles in gettext to translate them, but there is
no obvious place where to put the call to PgettextNoop. For now, there
are in ‘NewAdminHandler’ because it is called once in the application’s
lifetime and they actually do not matter much.
2024-01-17 18:42:47 +00:00
|
|
|
-- Test company_user_profile
|
|
|
|
|
set client_min_messages to warning;
|
|
|
|
|
create extension if not exists pgtap;
|
|
|
|
|
reset client_min_messages;
|
|
|
|
|
|
|
|
|
|
begin;
|
|
|
|
|
|
|
|
|
|
select plan(37);
|
|
|
|
|
|
|
|
|
|
set search_path to camper, auth, public;
|
|
|
|
|
|
|
|
|
|
select has_view('company_user_profile');
|
|
|
|
|
select table_privs_are('company_user_profile', 'guest', array []::text[]);
|
|
|
|
|
select table_privs_are('company_user_profile', 'employee', array []::text[]);
|
|
|
|
|
select table_privs_are('company_user_profile', 'admin', array ['SELECT']);
|
|
|
|
|
select table_privs_are('company_user_profile', 'authenticator', array []::text[]);
|
|
|
|
|
|
|
|
|
|
select has_column('company_user_profile', 'user_id');
|
|
|
|
|
select col_type_is('company_user_profile', 'user_id', 'integer');
|
|
|
|
|
select column_privs_are('company_user_profile', 'user_id', 'guest', array []::text[]);
|
|
|
|
|
select column_privs_are('company_user_profile', 'user_id', 'employee', array []::text[]);
|
|
|
|
|
select column_privs_are('company_user_profile', 'user_id', 'admin', array ['SELECT']);
|
|
|
|
|
select column_privs_are('company_user_profile', 'user_id', 'authenticator', array []::text[]);
|
|
|
|
|
|
|
|
|
|
select has_column('company_user_profile', 'email');
|
|
|
|
|
select col_type_is('company_user_profile', 'email', 'email');
|
|
|
|
|
select column_privs_are('company_user_profile', 'email', 'guest', array []::text[]);
|
|
|
|
|
select column_privs_are('company_user_profile', 'email', 'employee', array []::text[]);
|
|
|
|
|
select column_privs_are('company_user_profile', 'email', 'admin', array ['SELECT']);
|
|
|
|
|
select column_privs_are('company_user_profile', 'email', 'authenticator', array []::text[]);
|
|
|
|
|
|
|
|
|
|
select has_column('company_user_profile', 'name');
|
|
|
|
|
select col_type_is('company_user_profile', 'name', 'text');
|
|
|
|
|
select column_privs_are('company_user_profile', 'name', 'guest', array []::text[]);
|
|
|
|
|
select column_privs_are('company_user_profile', 'name', 'employee', array []::text[]);
|
|
|
|
|
select column_privs_are('company_user_profile', 'name', 'admin', array ['SELECT']);
|
|
|
|
|
select column_privs_are('company_user_profile', 'name', 'authenticator', array []::text[]);
|
|
|
|
|
|
|
|
|
|
select has_column('company_user_profile', 'role');
|
|
|
|
|
select col_type_is('company_user_profile', 'role', 'name');
|
|
|
|
|
select column_privs_are('company_user_profile', 'role', 'guest', array []::text[]);
|
|
|
|
|
select column_privs_are('company_user_profile', 'role', 'employee', array []::text[]);
|
|
|
|
|
select column_privs_are('company_user_profile', 'role', 'admin', array ['SELECT']);
|
|
|
|
|
select column_privs_are('company_user_profile', 'role', 'authenticator', array []::text[]);
|
|
|
|
|
|
|
|
|
|
select has_column('company_user_profile', 'lang_tag');
|
|
|
|
|
select col_type_is('company_user_profile', 'lang_tag', 'text');
|
|
|
|
|
select column_privs_are('company_user_profile', 'lang_tag', 'guest', array []::text[]);
|
|
|
|
|
select column_privs_are('company_user_profile', 'lang_tag', 'employee', array []::text[]);
|
|
|
|
|
select column_privs_are('company_user_profile', 'lang_tag', 'admin', array ['SELECT']);
|
|
|
|
|
select column_privs_are('company_user_profile', 'lang_tag', 'authenticator', array []::text[]);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
set client_min_messages to warning;
|
|
|
|
|
truncate company_host cascade;
|
|
|
|
|
truncate company_user cascade;
|
|
|
|
|
truncate company cascade;
|
|
|
|
|
truncate auth."user" cascade;
|
|
|
|
|
reset client_min_messages;
|
|
|
|
|
|
|
|
|
|
insert into auth."user" (user_id, email, name, password, cookie, cookie_expires_at, lang_tag)
|
|
|
|
|
values (1, 'demo@tandem.blog', 'Demo', 'test', '44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e', current_timestamp + interval '1 month', 'ca')
|
|
|
|
|
, (5, 'admin@tandem.blog', 'Admin', 'test', '12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524', current_timestamp + interval '1 month', 'es')
|
|
|
|
|
, (7, 'another@tandem.blog', 'Another Employee', 'test', default, default, default)
|
|
|
|
|
;
|
|
|
|
|
|
2024-02-27 18:45:47 +00:00
|
|
|
insert into company (company_id, business_name, vatin, trade_name, phone, email, web, address, city, province, postal_code, rtc_number, tourist_tax, tourist_tax_max_days, country_code, currency_code, default_lang_tag)
|
|
|
|
|
values (2, 'Company 2', 'XX123', '', '555-555-555', 'a@a', '', '', '', '', '', '', 60, 7, 'ES', 'EUR', 'ca')
|
|
|
|
|
, (4, 'Company 4', 'XX234', '', '666-666-666', 'b@b', '', '', '', '', '', '', 60, 7, 'FR', 'USD', 'es')
|
Add admin page to list the users
There is no way, for now, to add, edit or remove users, because
currently we only need to list users.
I can not give admins access to the user table, for security
permissions, so i had to create a new view. I could name it also ‘user’
in ‘camper’ scheme, but then i was afraid i would have problems with
unit tests and their search_path, so instead i called it
‘company_user_profile’, which is like ‘user_profile’ but for all users
in ‘company_user’.
I created a new Go package for it, rather than add the admin handler in
‘auth’, because ‘template’ depends on ‘auth’, and rendering from ‘auth’
would cause a dependency loop.
I needed to have the roles in gettext to translate them, but there is
no obvious place where to put the call to PgettextNoop. For now, there
are in ‘NewAdminHandler’ because it is called once in the application’s
lifetime and they actually do not matter much.
2024-01-17 18:42:47 +00:00
|
|
|
;
|
|
|
|
|
|
|
|
|
|
insert into company_user (company_id, user_id, role)
|
|
|
|
|
values (2, 1, 'admin')
|
|
|
|
|
, (4, 5, 'admin')
|
|
|
|
|
, (4, 7, 'employee')
|
|
|
|
|
;
|
|
|
|
|
|
|
|
|
|
insert into company_host (company_id, host)
|
|
|
|
|
values (2, 'co2')
|
|
|
|
|
, (4, 'co4')
|
|
|
|
|
;
|
|
|
|
|
|
|
|
|
|
prepare profile as
|
|
|
|
|
select user_id, email::text, name, role::text, lang_tag
|
|
|
|
|
from company_user_profile
|
|
|
|
|
;
|
|
|
|
|
|
|
|
|
|
select set_cookie('44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e/demo@tandem.blog', 'co2');
|
|
|
|
|
|
|
|
|
|
select bag_eq(
|
|
|
|
|
'profile',
|
|
|
|
|
$$ values (1, 'demo@tandem.blog', 'Demo', 'admin', 'ca') $$,
|
|
|
|
|
'Should only see profiles from the first company'
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
reset role;
|
|
|
|
|
|
|
|
|
|
select set_cookie('12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524/admin@tandem.blog', 'co4');
|
|
|
|
|
|
|
|
|
|
select bag_eq(
|
|
|
|
|
'profile',
|
|
|
|
|
$$ values (5, 'admin@tandem.blog', 'Admin', 'admin', 'es')
|
|
|
|
|
, (7, 'another@tandem.blog', 'Another Employee', 'employee', 'und')
|
|
|
|
|
$$,
|
|
|
|
|
'Should only see profiles from the second company'
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
reset role;
|
|
|
|
|
|
|
|
|
|
select *
|
|
|
|
|
from finish();
|
|
|
|
|
|
|
|
|
|
rollback;
|
