aboutsummaryrefslogtreecommitdiff
path: root/tests/unit/test_authentication.py
diff options
context:
space:
mode:
Diffstat (limited to 'tests/unit/test_authentication.py')
-rw-r--r--tests/unit/test_authentication.py101
1 files changed, 101 insertions, 0 deletions
diff --git a/tests/unit/test_authentication.py b/tests/unit/test_authentication.py
new file mode 100644
index 0000000..061b684
--- /dev/null
+++ b/tests/unit/test_authentication.py
@@ -0,0 +1,101 @@
+"""Test cases for authentication.py"""
+import json
+import unittest
+
+from unittest import mock
+from gn3.authentication import AdminRole
+from gn3.authentication import DataRole
+from gn3.authentication import get_highest_user_access_role
+from gn3.authentication import get_user_membership
+
+
+class TestGetUserMembership(unittest.TestCase):
+ """Test cases for `get_user_membership`"""
+
+ def setUp(self):
+ conn = mock.MagicMock()
+ conn.hgetall.return_value = {
+ '7fa95d07-0e2d-4bc5-b47c-448fdc1260b2': (
+ '{"name": "editors", '
+ '"admins": ["8ad942fe-490d-453e-bd37-56f252e41604", "rand"], '
+ '"members": ["8ad942fe-490d-453e-bd37-56f252e41603", '
+ '"rand"], '
+ '"changed_timestamp": "Oct 06 2021 06:39PM", '
+ '"created_timestamp": "Oct 06 2021 06:39PM"}')}
+ self.conn = conn
+
+ def test_user_is_group_member_only(self):
+ """Test that a user is only a group member"""
+ self.assertEqual(
+ get_user_membership(
+ conn=self.conn,
+ user_id="8ad942fe-490d-453e-bd37-56f252e41603",
+ group_id="7fa95d07-0e2d-4bc5-b47c-448fdc1260b2"),
+ {"member": True,
+ "admin": False})
+
+ def test_user_is_group_admin_only(self):
+ """Test that a user is a group admin only"""
+ self.assertEqual(
+ get_user_membership(
+ conn=self.conn,
+ user_id="8ad942fe-490d-453e-bd37-56f252e41604",
+ group_id="7fa95d07-0e2d-4bc5-b47c-448fdc1260b2"),
+ {"member": False,
+ "admin": True})
+
+ def test_user_is_both_group_member_and_admin(self):
+ """Test that a user is both an admin and member of a group"""
+ self.assertEqual(
+ get_user_membership(
+ conn=self.conn,
+ user_id="rand",
+ group_id="7fa95d07-0e2d-4bc5-b47c-448fdc1260b2"),
+ {"member": True,
+ "admin": True})
+
+
+class TestCheckUserAccessRole(unittest.TestCase):
+ """Test cases for `get_highest_user_access_role`"""
+
+ @mock.patch("gn3.authentication.requests.get")
+ def test_edit_access(self, requests_mock):
+ """Test that the right access roles are set if the user has edit access"""
+ response = mock.PropertyMock(return_value=json.dumps(
+ {
+ 'data': ['no-access', 'view', 'edit', ],
+ 'metadata': ['no-access', 'view', 'edit', ],
+ 'admin': ['not-admin', 'edit-access', ],
+ }
+ ))
+ type(requests_mock.return_value).content = response
+ self.assertEqual(
+ get_highest_user_access_role(
+ resource_id="0196d92e1665091f202f",
+ user_id="8ad942fe-490d-453e-bd37"),
+ {
+ "data": DataRole.EDIT,
+ "metadata": DataRole.EDIT,
+ "admin": AdminRole.EDIT_ACCESS,
+ })
+
+ @mock.patch("gn3.authentication.requests.get")
+ def test_no_access(self, requests_mock):
+ """Test that the right access roles are set if the user has no access"""
+ response = mock.PropertyMock(return_value=json.dumps(
+ {
+ 'data': ['no-access', ],
+ 'metadata': ['no-access', ],
+ 'admin': ['not-admin', ],
+ }
+ ))
+ type(requests_mock.return_value).content = response
+ self.assertEqual(
+ get_highest_user_access_role(
+ resource_id="0196d92e1665091f202f",
+ user_id=""),
+ {
+ "data": DataRole.NO_ACCESS,
+ "metadata": DataRole.NO_ACCESS,
+ "admin": AdminRole.NOT_ADMIN,
+ })