API & Client - fix link to user profile in workout card

This commit is contained in:
Sam 2022-03-30 11:30:26 +02:00
parent 8f4272ee76
commit 26c600fa32
3 changed files with 27 additions and 3 deletions

View File

@ -28,6 +28,26 @@ class TestGetUser(ApiTestCaseMixin):
self.assert_403(response)
def test_user_can_access_his_profile(
self, app: Flask, user_1: User, user_2: User
) -> None:
client, auth_token = self.get_test_client_and_auth_token(
app, user_1.email
)
response = client.get(
f'/api/users/{user_1.username}',
content_type='application/json',
headers=dict(Authorization=f'Bearer {auth_token}'),
)
data = json.loads(response.data.decode())
assert response.status_code == 200
assert data['status'] == 'success'
assert len(data['data']['users']) == 1
user = data['data']['users'][0]
assert user['username'] == user_1.username
def test_it_gets_inactive_user(
self, app: Flask, user_1_admin: User, inactive_user: User
) -> None:

View File

@ -249,12 +249,13 @@ def get_users(auth_user: User) -> Dict:
@users_blueprint.route('/users/<user_name>', methods=['GET'])
@authenticate_as_admin
@authenticate
def get_single_user(
auth_user: User, user_name: str
) -> Union[Dict, HttpResponse]:
"""
Get single user details. Only user with admin rights can get user details.
Get single user details. Only user with admin rights can get other users
details.
It returns user preferences only for authenticated user.
@ -353,6 +354,9 @@ def get_single_user(
:statuscode 404:
- user does not exist
"""
if user_name != auth_user.username and not auth_user.admin:
return ForbiddenErrorResponse()
try:
user = User.query.filter_by(username=user_name).first()
if user:

View File

@ -263,7 +263,7 @@ const routes: Array<RouteRecordRaw> = [
},
{
path: 'users/:username',
name: 'User',
name: 'UserFromAdmin',
component: () =>
import(/* webpackChunkName: 'profile' */ '@/views/user/UserView.vue'),
props: { fromAdmin: true },