numerique-gouv · klorydryk · Aug 9, 2023 · Jul 11, 2023 · Jul 17, 2023 · Jul 19, 2023
diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -7,9 +7,7 @@ readme = "README.md"
 
 [tool.poetry.dependencies]
 python = ">=3.8.1,<4.0"
-cffi = "1.14.0"
-chardet = "3.0.4"
-flask-pyoidc = "3.10.0"
+flask-pyoidc = "^3.14.2"
 flask-sqlalchemy = "^3.0.3"
 flask-uploads = "0.2.1"
 flask-migrate = "3.1.0"
@@ -23,26 +21,27 @@ webdavclient3 = "3.14.6"
 filetype = "^1.2.0"
 flask-babel = "2.0.0"
 celery = "5.2.7"
-flask = "2.2.5"
+flask = "<2.3"
 flask-caching = "^2.0.2"
-flask-wtf = "1.0.1"
+flask-wtf = "^1.1.1"
 redis = "4.4.4"
 requests = "^2.27.1"
-werkzeug = "^2.3.4"
+werkzeug = "<2.3"
 
 [tool.poetry.group.dev]
 optional = true
 
 [tool.poetry.group.dev.dependencies]
-pytest = "^7.2.2"
-pytest-mock = "^3.10.0"
-Flask-WebTest = "^0.1.1"
+pytest = "^7.4.0"
+pytest-mock = "^3.11.1"
+Flask-WebTest = "^0.1.3"
 freezegun = "^1.2.2"
 black = "^23.1.0"
 flake8 = "^6.0.0"
 pre-commit = "^3.1.1"
-pytest-cov = "^4.0.0"
+pytest-cov = "^4.1.0"
 pytest-dotenv = "^0.5.2"
+pytest-flask = "^1.2.0"
 coverage = "^7.2.2"
 
 [build-system]

diff --git a/web/flaskr/forms.py b/web/flaskr/forms.py
@@ -22,7 +22,7 @@ class JoinMeetingAsRoleForm(Form):
 class JoinMeetingForm(FlaskForm):
     fullname = StringField()
     meeting_fake_id = StringField()
-    user_id = StringField()
+    user_id = IntegerField()
     h = StringField()
     fullname_suffix = StringField()
 

diff --git a/web/flaskr/models.py b/web/flaskr/models.py
@@ -712,7 +712,7 @@ def get_join_url(self, meeting_role, fullname, fullname_suffix="", create=False)
             )
             return self.bbb.prepare_request_to_join_bbb(meeting_role, nickname).url
         return url_for(
-            "waiting_meeting",
+            "routes.waiting_meeting",
             meeting_fake_id=self.fake_id,
             user_id=self.user.id,
             h=self.get_hash(meeting_role),
@@ -722,7 +722,7 @@ def get_join_url(self, meeting_role, fullname, fullname_suffix="", create=False)
 
     def get_signin_url(self, meeting_role):
         return current_app.config["SERVER_FQDN"] + url_for(
-            "signin_meeting",
+            "routes.signin_meeting",
             meeting_fake_id=self.fake_id,
             user_id=self.user.id,
             h=self.get_hash(meeting_role),
@@ -740,7 +740,7 @@ def get_mail_signin_url(self):
         ]  # remove milliseconds
         hash_param = self.get_mail_signin_hash(self.fake_id, expiration)
         return current_app.config["SERVER_FQDN"] + url_for(
-            "signin_mail_meeting",
+            "routes.signin_mail_meeting",
             meeting_fake_id=self.fake_id,
             expiration=expiration,
             h=hash_param,
@@ -767,8 +767,10 @@ def get_data_as_dict(self, fullname, fetch_recording=False):
         d["attendee_join_url"] = self.get_join_url("attendee", fullname)
         return d
 
-    def get_role(self, hashed_role):
-        if self.get_hash("attendee") == hashed_role:
+    def get_role(self, hashed_role, user_id=None):
+        if user_id and self.user.id == user_id:
+            return "moderator"
+        elif self.get_hash("attendee") == hashed_role:
             role = "attendee"
         elif self.get_hash("moderator") == hashed_role:
             role = "moderator"