genenetwork3/tests/unit/auth/fixtures, branch auth/implement-authorization-code-flow GeneNetwork3 REST API for data science and machine learning http://git.genenetwork.org/genenetwork3/atom?h=auth%2Fimplement-authorization-code-flow 2023-04-25T06:42:36+00:00 auth: Roles: Check for editability 2023-04-25T06:42:36+00:00 Frederick Muriuki Muriithi 2023-04-25T06:42:36+00:00 urn:sha1:8471ed1187a8abc5e28207776c5f49a59ba24b92 Some roles should not be user-editable, and as such, we need to check before allowing any edits on such roles. This commit makes that possible. auth: users: Use the same basic functions for password hashing 2023-03-08T08:42:04+00:00 Frederick Muriuki Muriithi 2023-03-08T08:42:04+00:00 urn:sha1:a35d16f9a191afbb31e2c185e87e5eec5e23122f To avoid repeating the same thing in multiple places, leading to errors and breakages, reuse the same basic functions for password hashing. auth: tests: mock token acquisition. Fix minor bugs. 2023-02-03T12:15:26+00:00 Frederick Muriuki Muriithi 2023-02-03T12:15:26+00:00 urn:sha1:e6dd74a3fab65355c0aa187ee31d5ee74a888649 auth: create group: Fix group creation. 2023-01-23T11:30:20+00:00 Frederick Muriuki Muriithi 2023-01-23T11:30:20+00:00 urn:sha1:b9139c2356f75103bc5fd17f074f4ee0e74b64aa * gn3/auth/authorisation/checks.py: Enable passing user to authorisation checking function. Raise error on authorisation failure for consistent error handling. * gn3/auth/authorisation/groups.py: Add user to group, updating the privileges as appropriate. * gn3/auth/authorisation/resources.py: Fix resources querying * gn3/auth/authorisation/roles.py: Assign/revoke roles by name * gn3/auth/authorisation/views.py: Create group * migrations/auth/20221108_01_CoxYh-create-the-groups-table.py: Add group_metadata field * tests/unit/auth/fixtures/group_fixtures.py: fix tests * tests/unit/auth/test_groups.py: fix tests * tests/unit/auth/test_resources.py: fix tests * tests/unit/auth/test_roles.py: fix tests auth: Fix tests after enforcing FOREIGN KEY constraint 2023-01-18T11:59:35+00:00 Frederick Muriuki Muriithi 2023-01-18T11:59:35+00:00 urn:sha1:4cc328ef78c7b8108d7623fdd4fcae5294317f2e Fix a number of tests and fixtures that were not conforming to the FOREIGN KEY constraints: * Each test that creates a new "object" needs to clean up after itself * Each fixture that sets up test data needs to clean up after itself auth: update privileges format 2023-01-16T09:14:24+00:00 Frederick Muriuki Muriithi 2023-01-16T09:14:24+00:00 urn:sha1:98dc0c5b1a67a7c7b97a1fa02211e9f99360edce Save privileges with ids of the form <top-level>:<sub-level>:<privilege-name> rather than using a UUID, to reduce indirection levels. * migrations/auth/20230116_01_KwuJ3-rework-privileges-schema.py: new migration to change the schema and IDs for the privileges. * Update code to use new privileges format * gn3/auth/authorisation/checks.py * gn3/auth/authorisation/groups.py * gn3/auth/authorisation/privileges.py * gn3/auth/authorisation/resources.py * gn3/auth/authorisation/roles.py * migrations/auth/20230116_01_KwuJ3-rework-privileges-schema.py * tests/unit/auth/fixtures/role_fixtures.py * tests/unit/auth/test_groups.py * tests/unit/auth/test_privileges.py * tests/unit/auth/test_roles.py auth: assign default role. separate group creation from group admin 2023-01-11T08:20:36+00:00 Frederick Muriuki Muriithi 2023-01-11T08:20:36+00:00 urn:sha1:53371fb668d1d18ba4696b3e4739f26edd677d8d A newly registered user will have the ability to create a group. Once a user is a member of a group, either by creating a new group, or being added to a group, they should not be able to create any more groups, i.e. they lose the 'create-group' (and/or equivalent) privileges. This means that the group-administration privileges should be separated from the group-creation privilege. * gn3/auth/authorisation/roles.py: assign default roles to user on registration * gn3/auth/authorisation/views.py: assign default roles to user on registration * migrations/auth/20230111_01_Wd6IZ-remove-create-group-privilege-from-group-leader.py: separate group-creation role from group-administration role. * tests/unit/auth/fixtures/user_fixtures.py: Add group-creation role to test user * tests/unit/auth/test_roles.py: Add the group-creation role explicitly in the expected results for the test auth: Fetch all of a user's roles. 2023-01-03T04:24:46+00:00 Frederick Muriuki Muriithi 2023-01-03T04:22:02+00:00 urn:sha1:0a31f61ee9db84eb35087073ef6b58f352252aae * gn3/auth/authorisation/roles.py: Fetch roles from DB * gn3/auth/authorisation/views.py: Provide API endpoint for user roles * tests/unit/auth/test_roles.py: Tests to check fetching roles works correctly Fix linting and typing issues in the following files: * gn3/auth/authentication/oauth2/resource_server.py * gn3/auth/authentication/oauth2/views.py * tests/unit/auth/fixtures/oauth2_client_fixtures.py auth: rename fixtures: test_* -> fxtr_* 2023-01-03T03:16:28+00:00 Frederick Muriuki Muriithi 2023-01-03T02:49:53+00:00 urn:sha1:da33d719105d67afb1ee6b040380211cfa8be23d Since test functions are defined starting with "test_", rename the fixture to more clearly indicate it is a fixture (fxtr_*), an not a test in itself. tests: Setup environment variables and configs 2022-12-22T06:45:20+00:00 Frederick Muriuki Muriithi 2022-12-22T06:45:20+00:00 urn:sha1:8e055558e2e12250fd744caa2b9b3078a3025208 * gn3/settings.py: leave `OAUTH2_ACCESS_TOKEN_GENERATOR` in its default setting * tests/unit/auth/fixtures/oauth2_client_fixtures.py: setup `AUTHLIB_INSECURE_TRANSPORT` before running the OAuth2 tests * tests/unit/conftest.py: setup the test application's configuration correctly for the tests.