feat(guideline): enable non-admin users to fetch their own guidelines (…

…#113) * feat(guideline): enable non-admin ausers to fetch their own guidelines * test(guideline): update test case * test(guidelines): update test case
quack-ai · Mar 6, 2024 · d40e2da · d40e2da
1 parent d97c110
commit d40e2da
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 8 deletions.
diff --git a/src/app/api/api_v1/endpoints/guidelines.py b/src/app/api/api_v1/endpoints/guidelines.py
@@ -43,10 +43,11 @@ async def get_guideline(
 @router.get("/", status_code=status.HTTP_200_OK, summary="Fetch all the guidelines")
 async def fetch_guidelines(
     guidelines: GuidelineCRUD = Depends(get_guideline_crud),
-    token_payload: TokenPayload = Security(get_token_payload, scopes=[UserScope.ADMIN]),
+    token_payload: TokenPayload = Security(get_token_payload, scopes=[UserScope.USER, UserScope.ADMIN]),
 ) -> List[Guideline]:
     telemetry_client.capture(token_payload.user_id, event="guideline-fetch")
-    return [elt for elt in await guidelines.fetch_all()]
+    filter_pair = ("creator_id", token_payload.user_id) if UserScope.ADMIN not in token_payload.scopes else None
+    return [elt for elt in await guidelines.fetch_all(filter_pair=filter_pair)]
 
 
 @router.patch("/{guideline_id}", status_code=status.HTTP_200_OK, summary="Update a guideline content")

diff --git a/src/tests/endpoints/test_guidelines.py b/src/tests/endpoints/test_guidelines.py
@@ -1,4 +1,4 @@
-from typing import Any, Dict, Union
+from typing import Any, Dict, List, Union
 
 import pytest
 from httpx import AsyncClient
@@ -73,11 +73,11 @@ async def test_get_guideline(
 
 
 @pytest.mark.parametrize(
-    ("user_idx", "status_code", "status_detail"),
+    ("user_idx", "status_code", "status_detail", "expected_result"),
     [
-        (None, 401, "Not authenticated"),
-        (0, 200, None),
-        (1, 403, "Incompatible token scope."),
+        (None, 401, "Not authenticated", None),
+        (0, 200, None, pytest.guideline_table),
+        (1, 200, None, pytest.guideline_table[1:]),
     ],
 )
 @pytest.mark.asyncio()
@@ -87,6 +87,7 @@ async def test_fetch_guidelines(
     user_idx: Union[int, None],
     status_code: int,
     status_detail: Union[str, None],
+    expected_result: Union[List[Dict[str, Any]], None],
 ):
     auth = None
     if isinstance(user_idx, int):
@@ -97,7 +98,7 @@ async def test_fetch_guidelines(
     if isinstance(status_detail, str):
         assert response.json()["detail"] == status_detail
     if response.status_code // 100 == 2:
-        assert response.json() == pytest.guideline_table
+        assert response.json() == expected_result
 
 
 @pytest.mark.parametrize(