aboutsummaryrefslogtreecommitdiff
path: root/tests/unit/auth
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2022-12-12 13:33:13 +0300
committerFrederick Muriuki Muriithi2022-12-12 13:33:13 +0300
commit5269d0e9927a18f7266d53ecb67a81c7eadf70b9 (patch)
tree8076d960d860b1bed533c12d33616c580221d94d /tests/unit/auth
parent2344e4cd55cc37dac93ab2127a456a39dc4fedbe (diff)
downloadgenenetwork3-5269d0e9927a18f7266d53ecb67a81c7eadf70b9.tar.gz
tests: Update fixtures to use for testing resources functions
Diffstat (limited to 'tests/unit/auth')
-rw-r--r--tests/unit/auth/fixtures/group_fixtures.py104
-rw-r--r--tests/unit/auth/fixtures/resource_fixtures.py42
-rw-r--r--tests/unit/auth/fixtures/role_fixtures.py42
-rw-r--r--tests/unit/auth/test_resources.py25
4 files changed, 148 insertions, 65 deletions
diff --git a/tests/unit/auth/fixtures/group_fixtures.py b/tests/unit/auth/fixtures/group_fixtures.py
index a106ef4..d17d5cb 100644
--- a/tests/unit/auth/fixtures/group_fixtures.py
+++ b/tests/unit/auth/fixtures/group_fixtures.py
@@ -4,11 +4,46 @@ import uuid
import pytest
from gn3.auth import db
-from gn3.auth.authorisation.groups import Group
+from gn3.auth.authorisation.groups import Group, GroupRole
+from gn3.auth.authorisation.resources import Resource, ResourceCategory
-TEST_GROUPS = (
- Group(uuid.UUID("9988c21d-f02f-4d45-8966-22c968ac2fbf"), "TheTestGroup"),
- Group(uuid.UUID("e37d59d7-c05e-4d67-b479-81e627d8d634"), "TheTestGroup"))
+TEST_GROUP_01 = Group(uuid.UUID("9988c21d-f02f-4d45-8966-22c968ac2fbf"),
+ "TheTestGroup")
+TEST_GROUP_02 = Group(uuid.UUID("e37d59d7-c05e-4d67-b479-81e627d8d634"),
+ "AnotherTestGroup")
+TEST_GROUPS = (TEST_GROUP_01, TEST_GROUP_02)
+
+TEST_RESOURCES_GROUP_01 = (
+ Resource(TEST_GROUPS[0], uuid.UUID("26ad1668-29f5-439d-b905-84d551f85955"),
+ "ResourceG01R01",
+ ResourceCategory(uuid.UUID("48056f84-a2a6-41ac-8319-0e1e212cba2a"),
+ "genotype", "Genotype Dataset"),
+ True),
+ Resource(TEST_GROUPS[0], uuid.UUID("2130aec0-fefd-434d-92fd-9ca342348b2d"),
+ "ResourceG01R02",
+ ResourceCategory(uuid.UUID("548d684b-d4d1-46fb-a6d3-51a56b7da1b3"),
+ "phenotype", "Phenotype (Publish) Dataset"),
+ False),
+ Resource(TEST_GROUPS[0], uuid.UUID("e9a1184a-e8b4-49fb-b713-8d9cbeea5b83"),
+ "ResourceG01R03",
+ ResourceCategory(uuid.UUID("fad071a3-2fc8-40b8-992b-cdefe7dcac79"),
+ "mrna", "mRNA Dataset"),
+ False))
+
+TEST_RESOURCES_GROUP_02 = (
+ Resource(TEST_GROUPS[1], uuid.UUID("14496a1c-c234-49a2-978c-8859ea274054"),
+ "ResourceG02R01",
+ ResourceCategory(uuid.UUID("48056f84-a2a6-41ac-8319-0e1e212cba2a"),
+ "genotype", "Genotype Dataset"),
+ False),
+ Resource(TEST_GROUPS[1], uuid.UUID("04ad9e09-94ea-4390-8a02-11f92999806b"),
+ "ResourceG02R02",
+ ResourceCategory(uuid.UUID("fad071a3-2fc8-40b8-992b-cdefe7dcac79"),
+ "mrna", "mRNA Dataset"),
+ True))
+
+TEST_RESOURCES = TEST_RESOURCES_GROUP_01 + TEST_RESOURCES_GROUP_02
+TEST_RESOURCES_PUBLIC = (TEST_RESOURCES_GROUP_01[0], TEST_RESOURCES_GROUP_02[1])
@pytest.fixture(scope="function")
def test_group(conn_after_auth_migrations):# pylint: disable=[redefined-outer-name]
@@ -23,22 +58,69 @@ def test_group(conn_after_auth_migrations):# pylint: disable=[redefined-outer-na
yield (conn_after_auth_migrations, TEST_GROUPS[0])
@pytest.fixture(scope="function")
-def test_users_in_group(test_group, test_users):# pylint: disable=[redefined-outer-name]
+def test_users_in_group(test_group, test_users):# pylint: disable=[redefined-outer-name, unused-argument]
"""Link the users to the groups."""
- conn = test_group[0]
- group = test_group[1]
- users = test_users[1]
+ conn, all_users = test_users
+ users = tuple(
+ user for user in all_users if user.email not in ("unaff@iliated.user",))
query_params = tuple(
- (str(group.group_id), str(user.user_id)) for user in users
- if user.email not in ("unaff@iliated.user",))
+ (str(TEST_GROUP_01.group_id), str(user.user_id)) for user in users)
with db.cursor(conn) as cursor:
cursor.executemany(
"INSERT INTO group_users(group_id, user_id) VALUES (?, ?)",
query_params)
- yield (conn, group, users)
+ yield (conn, TEST_GROUP_01, users)
with db.cursor(conn) as cursor:
cursor.executemany(
"DELETE FROM group_users WHERE group_id=? AND user_id=?",
query_params)
+
+@pytest.fixture(scope="function")
+def fixture_group_roles(test_group):# pylint: disable=[redefined-outer-name]
+ """Link roles to group"""
+ from .role_fixtures import RESOURCE_EDITOR_ROLE, RESOURCE_READER_ROLE# pylint: disable=[import-outside-toplevel]
+ group_roles = (
+ GroupRole(uuid.UUID("9c25efb2-b477-4918-a95c-9914770cbf4d"),
+ TEST_GROUP_01, RESOURCE_EDITOR_ROLE),
+ GroupRole(uuid.UUID("82aed039-fe2f-408c-ab1e-81cd1ba96630"),
+ TEST_GROUP_02, RESOURCE_READER_ROLE))
+ conn, groups = test_group
+ with db.cursor(conn) as cursor:
+ cursor.executemany(
+ "INSERT INTO group_roles VALUES (?, ?, ?)",
+ ((str(role.group_role_id), str(role.group.group_id),
+ str(role.role.role_id))
+ for role in group_roles))
+
+ yield conn, groups, group_roles
+
+@pytest.fixture(scope="function")
+def fixture_group_user_roles(test_users_in_group, fixture_group_roles, fixture_resources):#pylint: disable=[redefined-outer-name,unused-argument]
+ """Assign roles to users."""
+ from .role_fixtures import RESOURCE_EDITOR_ROLE # pylint: disable=[import-outside-toplevel]
+ conn, _groups, _group_roles = fixture_group_roles
+ _conn, _group, group_users = test_users_in_group
+ users = tuple(user for user in group_users if user.email
+ not in ("unaff@iliated.user", "group@lead.er"))
+ users_roles_resources = (
+ (user, RESOURCE_EDITOR_ROLE, TEST_RESOURCES_GROUP_01[1])
+ for user in users if user.email == "group@mem.ber01")
+ with db.cursor(conn) as cursor:
+ cursor.executemany(
+ ("INSERT INTO group_user_roles_on_resources VALUES (?, ?, ?, ?)"),
+ ((str(TEST_GROUP_01.group_id), str(user.user_id), str(role.role_id),
+ str(resource.resource_id))
+ for user, role, resource in users_roles_resources))
+
+ yield conn
+
+ with db.cursor(conn) as cursor:
+ cursor.executemany(
+ ("DELETE FROM group_user_roles_on_resources WHERE "
+ "group_id=? AND user_id=? AND role_id=? AND "
+ "resource_id=?"),
+ ((str(TEST_GROUP_01.group_id), str(user.user_id), str(role.role_id),
+ str(resource.resource_id))
+ for user, role, resource in users_roles_resources))
diff --git a/tests/unit/auth/fixtures/resource_fixtures.py b/tests/unit/auth/fixtures/resource_fixtures.py
index 1d6c25b..9287936 100644
--- a/tests/unit/auth/fixtures/resource_fixtures.py
+++ b/tests/unit/auth/fixtures/resource_fixtures.py
@@ -1,42 +1,12 @@
"""Fixtures and utilities for resource-related tests"""
-import uuid
-
import pytest
from gn3.auth import db
-from gn3.auth.authorisation.resources import Resource, ResourceCategory
-
-from .group_fixtures import TEST_GROUPS
-TEST_RESOURCES = (
- Resource(TEST_GROUPS[0], uuid.UUID("26ad1668-29f5-439d-b905-84d551f85955"),
- "ResourceG01R01",
- ResourceCategory(uuid.UUID("48056f84-a2a6-41ac-8319-0e1e212cba2a"),
- "genotype", "Genotype Dataset"),
- True),
- Resource(TEST_GROUPS[0], uuid.UUID("2130aec0-fefd-434d-92fd-9ca342348b2d"),
- "ResourceG01R02",
- ResourceCategory(uuid.UUID("548d684b-d4d1-46fb-a6d3-51a56b7da1b3"),
- "phenotype", "Phenotype (Publish) Dataset"),
- False),
- Resource(TEST_GROUPS[0], uuid.UUID("e9a1184a-e8b4-49fb-b713-8d9cbeea5b83"),
- "ResourceG01R03",
- ResourceCategory(uuid.UUID("fad071a3-2fc8-40b8-992b-cdefe7dcac79"),
- "mrna", "mRNA Dataset"),
- False),
- Resource(TEST_GROUPS[1], uuid.UUID("14496a1c-c234-49a2-978c-8859ea274054"),
- "ResourceG02R01",
- ResourceCategory(uuid.UUID("48056f84-a2a6-41ac-8319-0e1e212cba2a"),
- "genotype", "Genotype Dataset"),
- False),
- Resource(TEST_GROUPS[1], uuid.UUID("04ad9e09-94ea-4390-8a02-11f92999806b"),
- "ResourceG02R02",
- ResourceCategory(uuid.UUID("fad071a3-2fc8-40b8-992b-cdefe7dcac79"),
- "mrna", "mRNA Dataset"),
- True))
+from .group_fixtures import TEST_RESOURCES
@pytest.fixture(scope="function")
-def test_resources(test_group):# pylint: disable=[redefined-outer-name]
+def fixture_resources(test_group):# pylint: disable=[redefined-outer-name]
"""fixture: setup test resources in the database"""
conn, _group = test_group
with db.cursor(conn) as cursor:
@@ -46,11 +16,3 @@ def test_resources(test_group):# pylint: disable=[redefined-outer-name]
str(res.resource_category.resource_category_id),
1 if res.public else 0) for res in TEST_RESOURCES))
return (conn, TEST_RESOURCES)
-
-@pytest.fixture(scope="function")
-def fixture_user_resources(test_users_in_group, test_resources):# pylint: disable=[redefined-outer-name, unused-argument]
- """fixture: link users to roles and resources"""
- conn, _resources = test_resources
- ## TODO: setup user roles
- ## TODO: attach user roles to specific resources
- return conn
diff --git a/tests/unit/auth/fixtures/role_fixtures.py b/tests/unit/auth/fixtures/role_fixtures.py
index f8b0f6f..befa6b0 100644
--- a/tests/unit/auth/fixtures/role_fixtures.py
+++ b/tests/unit/auth/fixtures/role_fixtures.py
@@ -1,9 +1,45 @@
"""Fixtures and utilities for role-related tests"""
+import uuid
+
import pytest
from gn3.auth import db
+from gn3.auth.authorisation.roles import Role
+from gn3.auth.authorisation.privileges import Privilege
+
+RESOURCE_READER_ROLE = Role(
+ uuid.UUID("c3ca2507-ee24-4835-9b31-8c21e1c072d3"), "resource_reader",
+ (Privilege(uuid.UUID("7f261757-3211-4f28-a43f-a09b800b164d"),
+ "view-resource"),))
+
+RESOURCE_EDITOR_ROLE = Role(
+ uuid.UUID("89819f84-6346-488b-8955-86062e9eedb7"), "resource_editor", (
+ Privilege(uuid.UUID("7f261757-3211-4f28-a43f-a09b800b164d"),
+ "view-resource"),
+ Privilege(uuid.UUID("2f980855-959b-4339-b80e-25d1ec286e21"),
+ "edit-resource")))
+
+TEST_ROLES = (RESOURCE_READER_ROLE, RESOURCE_EDITOR_ROLE)
@pytest.fixture(scope="function")
-def fixture_user_roles(test_users_in_group):
- conn, *_others = test_users_in_group
- raise Exception("NOT IMPLEMENTED ...")
+def fixture_roles(conn_after_auth_migrations):
+ """Setup some example roles."""
+ with db.cursor(conn_after_auth_migrations) as cursor:
+ cursor.executemany(
+ ("INSERT INTO roles VALUES (?, ?, ?)"),
+ ((str(role.role_id), role.role_name, 1) for role in TEST_ROLES))
+ cursor.executemany(
+ ("INSERT INTO role_privileges VALUES (?, ?)"),
+ ((str(role.role_id), str(privilege.privilege_id))
+ for role in TEST_ROLES for privilege in role.privileges))
+
+ yield conn_after_auth_migrations, TEST_ROLES
+
+ with db.cursor(conn_after_auth_migrations) as cursor:
+ cursor.executemany(
+ ("DELETE FROM role_privileges WHERE role_id=? AND privilege_id=?"),
+ ((str(role.role_id), str(privilege.privilege_id))
+ for role in TEST_ROLES for privilege in role.privileges))
+ cursor.executemany(
+ ("DELETE FROM roles WHERE role_id=?"),
+ ((str(role.role_id),) for role in TEST_ROLES))
diff --git a/tests/unit/auth/test_resources.py b/tests/unit/auth/test_resources.py
index 88edc77..824062d 100644
--- a/tests/unit/auth/test_resources.py
+++ b/tests/unit/auth/test_resources.py
@@ -42,34 +42,37 @@ def test_create_resource(mocker, test_app, test_users_in_group, user, expected):
SORTKEY = lambda resource: resource.resource_id
@pytest.mark.unit_test
-def test_public_resources(test_resources):
+def test_public_resources(fixture_resources):
"""
GIVEN: some resources in the database
WHEN: public resources are requested
THEN: only list the resources that are public
"""
- conn, _res = test_resources
+ conn, _res = fixture_resources
assert sorted(public_resources(conn), key=SORTKEY) == sorted(tuple(
res for res in conftest.TEST_RESOURCES if res.public), key=SORTKEY)
-PUBLIC_RESOURCES = sorted(conftest.TEST_RESOURCES, key=SORTKEY)
+PUBLIC_RESOURCES = sorted(conftest.TEST_RESOURCES_PUBLIC, key=SORTKEY)
-@pytest.mark.skip # REMOVE THIS LINE!!!
@pytest.mark.unit_test
@pytest.mark.parametrize(
"user,expected",
tuple(zip(
conftest.TEST_USERS,
- (sorted(conftest.TEST_RESOURCES, key=SORTKEY),
- sorted(res for res in conftest.TEST_RESOURCES
- if str(res.resource_id) not in
- ("2130aec0-fefd-434d-92fd-9ca342348b2d",
- "14496a1c-c234-49a2-978c-8859ea274054")),
+ (sorted(
+ set(conftest.TEST_RESOURCES_GROUP_01).union(
+ conftest.TEST_RESOURCES_PUBLIC),
+ key=SORTKEY),
+ sorted(
+ set([conftest.TEST_RESOURCES_GROUP_01[1]]).union(
+ conftest.TEST_RESOURCES_PUBLIC),
+ key=SORTKEY),
PUBLIC_RESOURCES, PUBLIC_RESOURCES))))
-def test_user_resources(fixture_user_resources, user, expected):
+def test_user_resources(fixture_group_user_roles, user, expected):
"""
GIVEN: some resources in the database
WHEN: a particular user's resources are requested
THEN: list only the resources for which the user can access
"""
- assert user_resources(fixture_user_resources, user) == expected
+ conn = fixture_group_user_roles
+ assert sorted(user_resources(conn, user), key=SORTKEY) == expected