Mercurial > gemma

diff schema/manage_users_tests.sql @ 263:13ad969a9138

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Enable listing of users for all roles with appropriate filters Waterway users should see their own account data and their should be a single interface for account data (i.e. users.list_users). Therefore, also the RLS policy on user_profiles for waterway_admin is translated to the view. current_user_country() moved because it's needed earlier during database setup, now.
author Tom Gottfried <tom@intevation.de>
date Fri, 27 Jul 2018 19:03:56 +0200
parents 92470caf81fd
children 72062ca52746
line wrap: on
line diff
--- a/schema/manage_users_tests.sql	Fri Jul 27 15:26:16 2018 +0200
+++ b/schema/manage_users_tests.sql	Fri Jul 27 19:03:56 2018 +0200
@@ -13,15 +13,31 @@
     42501, NULL,
     'Less privileged user cannot call function in schema sys_admin');
 
-SET SESSION AUTHORIZATION test_sys_admin1;
-
 --
 -- Role listing
 --
-SELECT isnt_empty($$
-    SELECT * FROM sys_admin.list_users
+SET SESSION AUTHORIZATION test_user_at;
+SELECT results_eq($$
+    SELECT username FROM users.list_users
+    $$,
+    $$
+    SELECT CAST(current_user AS varchar)
     $$,
-    'List of users can be queried');
+    'User should only see his own profile');
+
+SET SESSION AUTHORIZATION test_admin_at;
+SELECT set_eq($$
+    SELECT DISTINCT country FROM users.list_users
+    $$,
+    ARRAY['AT'],
+    'Waterway admin should only see profiles of his country');
+
+SET SESSION AUTHORIZATION test_sys_admin1;
+SELECT set_eq($$
+    SELECT count(*) FROM users.list_users
+    $$,
+    ARRAY[4],
+    'System admin can see all users');
 
 --
 -- Role creation