aboutsummaryrefslogtreecommitdiff
path: root/tests/unit/auth
diff options
context:
space:
mode:
Diffstat (limited to 'tests/unit/auth')
-rw-r--r--tests/unit/auth/conftest.py8
-rw-r--r--tests/unit/auth/test_groups.py38
2 files changed, 31 insertions, 15 deletions
diff --git a/tests/unit/auth/conftest.py b/tests/unit/auth/conftest.py
index 4f4f1f8..37d78a3 100644
--- a/tests/unit/auth/conftest.py
+++ b/tests/unit/auth/conftest.py
@@ -101,22 +101,22 @@ def test_users(conn_after_auth_migrations):# pylint: disable=[redefined-outer-na
("9a0c7ce5-2f40-4e78-979e-bf3527a59579",)))
@pytest.fixture(scope="function")
-def test_users_in_group(test_group, test_users):#pytest: disable=[redefined-outer-name]
+def test_users_in_group(test_group, test_users):# pylint: disable=[redefined-outer-name]
"""Link the users to the groups."""
conn = test_group[0]
group = test_group[1]
users = test_users[1]
- query_params = (
+ query_params = tuple(
(str(group.group_id), str(user.user_id)) for user in users
if user.email not in ("unaff@iliated.user",))
with db.cursor(conn) as cursor:
- cursor.execute(
+ cursor.executemany(
"INSERT INTO group_users(group_id, user_id) VALUES (?, ?)",
query_params)
yield (conn, group, users)
with db.cursor(conn) as cursor:
- cursor.execute(
+ cursor.executemany(
"DELETE FROM group_users WHERE group_id=? AND user_id=?",
query_params)
diff --git a/tests/unit/auth/test_groups.py b/tests/unit/auth/test_groups.py
index 0cd370e..9471cac 100644
--- a/tests/unit/auth/test_groups.py
+++ b/tests/unit/auth/test_groups.py
@@ -4,7 +4,10 @@ from uuid import UUID
import pytest
from gn3.auth import db
-from gn3.auth.authorisation.groups import Group, create_group, create_group_role
+from gn3.auth.authorisation.roles import Role
+from gn3.auth.authorisation.privileges import Privilege
+from gn3.auth.authorisation.groups import (
+ Group, GroupRole, create_group, create_group_role)
create_group_failure = {
"status": "error",
@@ -13,6 +16,13 @@ create_group_failure = {
uuid_fn = lambda : UUID("d32611e3-07fc-4564-b56c-786c6db6de2b")
+GROUP = Group(UUID("9988c21d-f02f-4d45-8966-22c968ac2fbf"), "TheTestGroup")
+PRIVILEGES = (
+ Privilege(
+ UUID("7f261757-3211-4f28-a43f-a09b800b164d"), "view-resource"),
+ Privilege(
+ UUID("2f980855-959b-4339-b80e-25d1ec286e21"), "edit-resource"))
+
@pytest.mark.unit_test
@pytest.mark.parametrize(
"user_id,expected", (
@@ -36,15 +46,22 @@ def test_create_group(# pylint: disable=[too-many-arguments]
with db.connection(auth_testdb_path) as conn:
assert create_group(conn, "a_test_group") == expected
+create_role_failure = {
+ "status": "error",
+ "message": "Unauthorised: Could not create the group role"
+}
+
@pytest.mark.unit_test
@pytest.mark.parametrize(
"user_id,expected", (
- ("ecb52977-3004-469e-9428-2a1856725c7f", Group(
- UUID("d32611e3-07fc-4564-b56c-786c6db6de2b"), "a_test_group")),
- ("21351b66-8aad-475b-84ac-53ce528451e3", create_group_failure),
- ("ae9c6245-0966-41a5-9a5e-20885a96bea7", create_group_failure),
- ("9a0c7ce5-2f40-4e78-979e-bf3527a59579", create_group_failure),
- ("e614247d-84d2-491d-a048-f80b578216cb", create_group_failure)))
+ ("ecb52977-3004-469e-9428-2a1856725c7f", GroupRole(
+ UUID("d32611e3-07fc-4564-b56c-786c6db6de2b"),
+ Role(UUID("d32611e3-07fc-4564-b56c-786c6db6de2b"),
+ "ResourceEditor", PRIVILEGES))),
+ ("21351b66-8aad-475b-84ac-53ce528451e3", create_role_failure),
+ ("ae9c6245-0966-41a5-9a5e-20885a96bea7", create_role_failure),
+ ("9a0c7ce5-2f40-4e78-979e-bf3527a59579", create_role_failure),
+ ("e614247d-84d2-491d-a048-f80b578216cb", create_role_failure)))
def test_create_group_role(mocker, test_users_in_group, test_app, user_id, expected):
"""
GIVEN: an authenticated user
@@ -54,9 +71,8 @@ def test_create_group_role(mocker, test_users_in_group, test_app, user_id, expec
"""
mocker.patch("gn3.auth.authorisation.groups.uuid4", uuid_fn)
mocker.patch("gn3.auth.authorisation.roles.uuid4", uuid_fn)
- conn, group, users = test_users_in_group
+ conn, _group, _users = test_users_in_group
with test_app.app_context() as flask_context:
flask_context.g.user_id = UUID(user_id)
- assert create_group_role(conn, GROUP, "a_test_role", PRIVILEGES)
-
- assert False, "NOT IMPLEMENTED"
+ assert create_group_role(
+ conn, GROUP, "ResourceEditor", PRIVILEGES) == expected