auth: create group: Fix group creation.

* gn3/auth/authorisation/checks.py: Enable passing user to authorisation checking function. Raise error on authorisation failure for consistent error handling. * gn3/auth/authorisation/groups.py: Add user to group, updating the privileges as appropriate. * gn3/auth/authorisation/resources.py: Fix resources querying * gn3/auth/authorisation/roles.py: Assign/revoke roles by name * gn3/auth/authorisation/views.py: Create group * migrations/auth/20221108_01_CoxYh-create-the-groups-table.py: Add group_metadata field * tests/unit/auth/fixtures/group_fixtures.py: fix tests * tests/unit/auth/test_groups.py: fix tests * tests/unit/auth/test_resources.py: fix tests * tests/unit/auth/test_roles.py: fix tests
author: Frederick Muriuki Muriithi 2023-01-23 14:30:20 +0300
committer: Frederick Muriuki Muriithi 2023-01-23 14:30:20 +0300
commit: b9139c2356f75103bc5fd17f074f4ee0e74b64aa (patch)
tree: 06803f97ccea91ce5137d42f42e1abe33c38365c /tests/unit/auth/test_resources.py
parent: e92ceacccb4c8d32f28ed7d2530ddc6912a730d4 (diff)
download: genenetwork3-b9139c2356f75103bc5fd17f074f4ee0e74b64aa.tar.gz
1 files changed, 36 insertions, 13 deletions
diff --git a/tests/unit/auth/test_resources.py b/tests/unit/auth/test_resources.py
index e6ebeb9..a0236c4 100644
--- a/tests/unit/auth/test_resources.py
+++ b/tests/unit/auth/test_resources.py
@@ -5,13 +5,15 @@ import pytest
 
 from gn3.auth import db
 from gn3.auth.authorisation.groups import Group
+from gn3.auth.authorisation.errors import AuthorisationError
 from gn3.auth.authorisation.resources import (
     Resource, user_resources, create_resource, ResourceCategory,
     public_resources)
 
 from tests.unit.auth import conftest
 
-group = Group(uuid.UUID("9988c21d-f02f-4d45-8966-22c968ac2fbf"), "TheTestGroup")
+group = Group(uuid.UUID("9988c21d-f02f-4d45-8966-22c968ac2fbf"), "TheTestGroup",
+              {})
 resource_category = ResourceCategory(
     uuid.UUID("fad071a3-2fc8-40b8-992b-cdefe7dcac79"), "mrna", "mRNA Dataset")
 create_resource_failure = {
@@ -24,14 +26,10 @@ uuid_fn = lambda : uuid.UUID("d32611e3-07fc-4564-b56c-786c6db6de2b")
 @pytest.mark.parametrize(
     "user,expected",
     tuple(zip(
-        conftest.TEST_USERS,
+        conftest.TEST_USERS[0:1],
         (Resource(
             group, uuid.UUID("d32611e3-07fc-4564-b56c-786c6db6de2b"),
-            "test_resource", resource_category, False),
-         create_resource_failure,
-         create_resource_failure,
-         create_resource_failure,
-         create_resource_failure))))
+            "test_resource", resource_category, False),))))
 def test_create_resource(mocker, fxtr_app, fxtr_users_in_group, user, expected):
     """Test that resource creation works as expected."""
     mocker.patch("gn3.auth.authorisation.resources.uuid4", uuid_fn)
@@ -44,6 +42,24 @@ def test_create_resource(mocker, fxtr_app, fxtr_users_in_group, user, expected):
         cursor.execute(
             "DELETE FROM resources WHERE resource_id=?", (str(uuid_fn()),))
 
+@pytest.mark.unit_test
+@pytest.mark.parametrize(
+    "user,expected",
+    tuple(zip(
+        conftest.TEST_USERS[1:],
+        (create_resource_failure, create_resource_failure,
+         create_resource_failure))))
+def test_create_resource_raises_for_unauthorised_users(
+        mocker, fxtr_app, fxtr_users_in_group, user, expected):
+    """Test that resource creation works as expected."""
+    mocker.patch("gn3.auth.authorisation.resources.uuid4", uuid_fn)
+    conn, _group, _users = fxtr_users_in_group
+    with fxtr_app.app_context() as flask_context:
+        flask_context.g.user = user
+        with pytest.raises(AuthorisationError):
+            assert create_resource(
+                conn, "test_resource", resource_category) == expected
+
 SORTKEY = lambda resource: resource.resource_id
 
 @pytest.mark.unit_test
@@ -57,7 +73,9 @@ def test_public_resources(fxtr_resources):
     assert sorted(public_resources(conn), key=SORTKEY) == sorted(tuple(
         res for res in conftest.TEST_RESOURCES if res.public), key=SORTKEY)
 
-PUBLIC_RESOURCES = sorted(conftest.TEST_RESOURCES_PUBLIC, key=SORTKEY)
+PUBLIC_RESOURCES = sorted(
+    {res.resource_id: res for res in conftest.TEST_RESOURCES_PUBLIC}.values(),
+    key=SORTKEY)
 
 @pytest.mark.unit_test
 @pytest.mark.parametrize(
@@ -65,12 +83,15 @@ PUBLIC_RESOURCES = sorted(conftest.TEST_RESOURCES_PUBLIC, key=SORTKEY)
     tuple(zip(
         conftest.TEST_USERS,
         (sorted(
-            set(conftest.TEST_RESOURCES_GROUP_01).union(
-                conftest.TEST_RESOURCES_PUBLIC),
+            {res.resource_id: res for res in
+             (conftest.TEST_RESOURCES_GROUP_01 +
+              conftest.TEST_RESOURCES_PUBLIC)}.values(),
             key=SORTKEY),
          sorted(
-             set([conftest.TEST_RESOURCES_GROUP_01[1]]).union(
-                 conftest.TEST_RESOURCES_PUBLIC),
+             {res.resource_id: res for res in
+              ((conftest.TEST_RESOURCES_GROUP_01[1],) +
+               conftest.TEST_RESOURCES_PUBLIC)}.values()
+             ,
              key=SORTKEY),
          PUBLIC_RESOURCES, PUBLIC_RESOURCES))))
 def test_user_resources(fxtr_group_user_roles, user, expected):
@@ -80,4 +101,6 @@ def test_user_resources(fxtr_group_user_roles, user, expected):
     THEN: list only the resources for which the user can access
     """
     conn, *_others = fxtr_group_user_roles
-    assert sorted(user_resources(conn, user), key=SORTKEY) == expected
+    assert sorted(
+        {res.resource_id: res for res in user_resources(conn, user)
+         }.values(), key=SORTKEY) == expected
author	Frederick Muriuki Muriithi	2023-01-23 14:30:20 +0300
committer	Frederick Muriuki Muriithi	2023-01-23 14:30:20 +0300
commit	b9139c2356f75103bc5fd17f074f4ee0e74b64aa (patch)
tree	06803f97ccea91ce5137d42f42e1abe33c38365c /tests/unit/auth/test_resources.py
parent	e92ceacccb4c8d32f28ed7d2530ddc6912a730d4 (diff)
download	genenetwork3-b9139c2356f75103bc5fd17f074f4ee0e74b64aa.tar.gz