updated control access

py_app/test_ciprian_access.py

@@ -0,0 +1,73 @@
+#!/usr/bin/env python3
+
+import pymysql
+import json
+
+def test_login_data():
+    try:
+        # Connect to the database
+        conn = pymysql.connect(
+            host='localhost',
+            database='trasabilitate',
+            user='trasabilitate',
+            password='Initial01!',
+            cursorclass=pymysql.cursors.DictCursor
+        )
+        
+        with conn.cursor() as cursor:
+            # Simulate login for Ciprian
+            cursor.execute("SELECT username, password, role, modules FROM users WHERE username = 'Ciprian'")
+            user = cursor.fetchone()
+            
+            if user:
+                print("Ciprian's database record:")
+                print(f"Username: {user['username']}")
+                print(f"Role: {user['role']}")
+                print(f"Raw modules: {user['modules']}")
+                
+                # Simulate what happens in login
+                user_modules = []
+                if user['modules']:
+                    try:
+                        user_modules = json.loads(user['modules'])
+                        print(f"Parsed modules: {user_modules}")
+                    except Exception as e:
+                        print(f"Error parsing modules: {e}")
+                        user_modules = []
+                
+                # Check if user should have quality access
+                has_quality = 'quality' in user_modules
+                print(f"Has quality module access: {has_quality}")
+                
+                # Check role level
+                ROLES = {
+                    'superadmin': {'level': 100},
+                    'admin': {'level': 90},
+                    'manager': {'level': 70},
+                    'worker': {'level': 50}
+                }
+                
+                user_level = ROLES.get(user['role'], {}).get('level', 0)
+                print(f"Role level: {user_level}")
+                
+                # Test access control logic
+                print("\nAccess Control Test:")
+                print(f"Required modules: ['quality']")
+                print(f"User role: {user['role']}")
+                print(f"User modules: {user_modules}")
+                
+                if user['role'] in ['superadmin', 'admin']:
+                    print("✅ Access granted: Superadmin/Admin has access to all modules")
+                elif any(module in user_modules for module in ['quality']):
+                    print("✅ Access granted: User has required quality module")
+                else:
+                    print("❌ Access denied: User does not have quality module")
+            
+            else:
+                print("User 'Ciprian' not found!")
+                
+    finally:
+        conn.close()
+
+if __name__ == "__main__":
+    test_login_data()