Mercurial > gemma
diff schema/manage_users_tests.sql @ 263:13ad969a9138
Enable listing of users for all roles with appropriate filters
Waterway users should see their own account data and their should be a
single interface for account data (i.e. users.list_users). Therefore, also
the RLS policy on user_profiles for waterway_admin is translated to the
view.
current_user_country() moved because it's needed earlier during database
setup, now.
author | Tom Gottfried <tom@intevation.de> |
---|---|
date | Fri, 27 Jul 2018 19:03:56 +0200 |
parents | 92470caf81fd |
children | 72062ca52746 |
line wrap: on
line diff
--- a/schema/manage_users_tests.sql Fri Jul 27 15:26:16 2018 +0200 +++ b/schema/manage_users_tests.sql Fri Jul 27 19:03:56 2018 +0200 @@ -13,15 +13,31 @@ 42501, NULL, 'Less privileged user cannot call function in schema sys_admin'); -SET SESSION AUTHORIZATION test_sys_admin1; - -- -- Role listing -- -SELECT isnt_empty($$ - SELECT * FROM sys_admin.list_users +SET SESSION AUTHORIZATION test_user_at; +SELECT results_eq($$ + SELECT username FROM users.list_users + $$, + $$ + SELECT CAST(current_user AS varchar) $$, - 'List of users can be queried'); + 'User should only see his own profile'); + +SET SESSION AUTHORIZATION test_admin_at; +SELECT set_eq($$ + SELECT DISTINCT country FROM users.list_users + $$, + ARRAY['AT'], + 'Waterway admin should only see profiles of his country'); + +SET SESSION AUTHORIZATION test_sys_admin1; +SELECT set_eq($$ + SELECT count(*) FROM users.list_users + $$, + ARRAY[4], + 'System admin can see all users'); -- -- Role creation