aboutsummaryrefslogtreecommitdiff
path: root/tests/unit/auth
AgeCommit message (Collapse)Author
2023-01-16auth: update privileges formatFrederick Muriuki Muriithi
Save privileges with ids of the form <top-level>:<sub-level>:<privilege-name> rather than using a UUID, to reduce indirection levels. * migrations/auth/20230116_01_KwuJ3-rework-privileges-schema.py: new migration to change the schema and IDs for the privileges. * Update code to use new privileges format * gn3/auth/authorisation/checks.py * gn3/auth/authorisation/groups.py * gn3/auth/authorisation/privileges.py * gn3/auth/authorisation/resources.py * gn3/auth/authorisation/roles.py * migrations/auth/20230116_01_KwuJ3-rework-privileges-schema.py * tests/unit/auth/fixtures/role_fixtures.py * tests/unit/auth/test_groups.py * tests/unit/auth/test_privileges.py * tests/unit/auth/test_roles.py
2023-01-11auth: assign default role. separate group creation from group adminFrederick Muriuki Muriithi
A newly registered user will have the ability to create a group. Once a user is a member of a group, either by creating a new group, or being added to a group, they should not be able to create any more groups, i.e. they lose the 'create-group' (and/or equivalent) privileges. This means that the group-administration privileges should be separated from the group-creation privilege. * gn3/auth/authorisation/roles.py: assign default roles to user on registration * gn3/auth/authorisation/views.py: assign default roles to user on registration * migrations/auth/20230111_01_Wd6IZ-remove-create-group-privilege-from-group-leader.py: separate group-creation role from group-administration role. * tests/unit/auth/fixtures/user_fixtures.py: Add group-creation role to test user * tests/unit/auth/test_roles.py: Add the group-creation role explicitly in the expected results for the test
2023-01-03auth: Fetch all of a user's roles.Frederick Muriuki Muriithi
* gn3/auth/authorisation/roles.py: Fetch roles from DB * gn3/auth/authorisation/views.py: Provide API endpoint for user roles * tests/unit/auth/test_roles.py: Tests to check fetching roles works correctly Fix linting and typing issues in the following files: * gn3/auth/authentication/oauth2/resource_server.py * gn3/auth/authentication/oauth2/views.py * tests/unit/auth/fixtures/oauth2_client_fixtures.py
2023-01-03auth: rename fixtures: test_* -> fxtr_*Frederick Muriuki Muriithi
Since test functions are defined starting with "test_", rename the fixture to more clearly indicate it is a fixture (fxtr_*), an not a test in itself.
2022-12-22tests: Setup environment variables and configsFrederick Muriuki Muriithi
* gn3/settings.py: leave `OAUTH2_ACCESS_TOKEN_GENERATOR` in its default setting * tests/unit/auth/fixtures/oauth2_client_fixtures.py: setup `AUTHLIB_INSECURE_TRANSPORT` before running the OAuth2 tests * tests/unit/conftest.py: setup the test application's configuration correctly for the tests.
2022-12-22auth: implement OAuth2 flow.oauth2_auth_flowFrederick Muriuki Muriithi
Add code to implement the OAuth2 flow. * Add test fixtures for setting up users and OAuth2 clients * Add tests for token generation with the "Password Grant" flow * Fix some issues with test due to changes in the database connection's row_factory
2022-12-21migrations: create the authorisation_code tableFrederick Muriuki Muriithi
* migrations/auth/20221219_03_PcTrb-create-authorisation-code-table.py: new migration * tests/unit/auth/test_migrations_create_tables.py: test new migration
2022-12-21migrations: create oauth2_tokens tableFrederick Muriuki Muriithi
* migrations/auth/20221219_02_buSEU-create-oauth2-tokens-table.py * tests/unit/auth/test_migrations_create_tables.py
2022-12-21migrations: New migrationFrederick Muriuki Muriithi
* migrations/auth/20221219_01_CI3tN-create-oauth2-clients-table.py: New migration * tests/unit/auth/test_migrations_create_tables.py: tests for new migration
2022-12-12tests: Update fixtures to use for testing resources functionsFrederick Muriuki Muriithi
2022-12-12auth: pass cursor object to `user_group` functionFrederick Muriuki Muriithi
2022-12-12auth: Attach group to GroupRole, rather than group_idFrederick Muriuki Muriithi
2022-12-12tests: Reorganise fixturesFrederick Muriuki Muriithi
Split the fixtures into separate modules for easier management * tests/unit/auth/conftest.py: Import all from the `fixtures` package. Delete all fixtures from the file * tests/unit/auth/fixtures/__init__.py: new `fixtures` package * tests/unit/auth/fixtures/group_fixtures.py: new groups fixtures module * tests/unit/auth/fixtures/migration_fixtures.py: new migrations fixtures module * tests/unit/auth/fixtures/resource_fixtures.py: new resources fixtures module * tests/unit/auth/fixtures/role_fixtures.py: new roles fixtures module * tests/unit/auth/fixtures/user_fixtures.py: new users fixtures module
2022-12-08auth: test for `user_resources` function (incomplete)Frederick Muriuki Muriithi
* gn3/auth/authorisation/resources.py: dummy `user_resources` function * tests/unit/auth/conftest.py: (incomplete): Add some fixtures for testing the `user_resources` function * tests/unit/auth/test_resources.py: test the `user_resources` function
2022-12-08tests: Fix issues caught by testsFrederick Muriuki Muriithi
The addition of the `public` field in the `resources` table, led to some previously passing tests to fail. This commit fixes the failures, and cleans up some pylint issues. * gn3/auth/authorisation/resources.py: add `public` to db queries * tests/unit/auth/test_groups.py: fix pylint issues
2022-12-08auth: add test to retrieve public resourcesFrederick Muriuki Muriithi
* gn3/auth/authorisation/resources.py: new functions * resource_categories: retrieves all resource categories * public_resources: retrieves all public resources * tests/unit/auth/test_resources.py: test `public_resources` function
2022-12-08auth: add function to retrieve a user's groupFrederick Muriuki Muriithi
* gn3/auth/authorisation/groups.py: new `user_group` function * tests/unit/auth/test_groups.py: test `user_group` function
2022-12-08migrations: Add column `public` to `resources` tableFrederick Muriuki Muriithi
* migrations/auth/20221208_01_sSdHz-add-public-column-to-resources-table.py: new migration script. * tests/unit/auth/test_migrations_add_remove_columns.py: test new migration script
2022-12-06migrations: Add `group_user_roles_on_resources` tableFrederick Muriuki Muriithi
* migrations/auth/20221206_01_BbeF9-create-group-user-roles-on-resources-table.py: new migration * tests/unit/auth/test_migrations_create_tables.py: Test creation of table * tests/unit/auth/test_migrations_indexes.py: Test creation of index
2022-11-24auth: Check for authentication and fix errorsFrederick Muriuki Muriithi
* gn3/auth/authorisation/groups.py: base `MembershipError` on new `AuthorisationError` base exception. Use new authentication checking decorator. * gn3/auth/authorisation/privileges.py: Change argument to User object rather than UUID object * gn3/auth/authorisation/roles.py: Use new authentication checking decorator. * tests/unit/auth/test_groups.py: use `conftest.TEST_USER` * tests/unit/auth/test_privileges.py: use `conftest.TEST_USER` * tests/unit/auth/test_roles.py: use `conftest.TEST_USER`
2022-11-24auth: Implement `create_resource` functionFrederick Muriuki Muriithi
* gn3/auth/authentication/checks.py: new `authenticated_p` decorator to apply on any function that requires the user to be authenticated before it runs. * gn3/auth/authorisation/checks.py: use a `auth.authentication.users.User` object rather than a UUID object in the global `g`. * gn3/auth/authorisation/groups.py: Implement the `authenticated_user_group` function to get the group(s) in which the currently authenticated user belongs. * gn3/auth/authorisation/resources.py: Implement the `create_resource` function correctly. * tests/unit/auth/conftest.py: extract the User objects into a global variable for reusability with the tests. * tests/unit/auth/test_resources.py: Use global user objects from conftest in the tests. Set a User object (rather than UUID) in the global `g` variable.
2022-11-24tests: Add test for `create_resource`Frederick Muriuki Muriithi
* gn3/auth/authorisation/resources.py: Define Resource and ResourceCategory classes. Create the `create_resource` stub. * tests/unit/auth/test_resources.py: test for `create_resource` function
2022-11-21auth: Prevent group leader from being a member of multiple groupsFrederick Muriuki Muriithi
* gn3/auth/authorisation/groups.py: Assign the group leader at group creation time. * tests/unit/auth/test_groups.py: Ensure the group leader is only ever a member of a single group.
2022-11-17auth: Finish implementation of `create_group_role`Frederick Muriuki Muriithi
* gn3/auth/authorisation/groups.py: Add `GroupRole` type. Fix typing annotations. Fix bugs. * tests/unit/auth/conftest.py: Fix bugs. * tests/unit/auth/test_groups.py: Fix test to run.
2022-11-17Migrations: Create `group_users` tableFrederick Muriuki Muriithi
* migrations/auth/20221117_02_fmuZh-create-group-users-table.py: new migration * tests/unit/auth/test_migrations_create_tables.py: test new migration * tests/unit/auth/test_migrations_indexes.py: test new migration
2022-11-17tests: Add test to check creation of roles attached to groupsFrederick Muriuki Muriithi
* tests/unit/auth/conftest.py: Add fixtures to help with testing * tests/unit/auth/test_groups.py: Add incomplete and failing test
2022-11-17Tests: Make test failure messages clearer.Frederick Muriuki Muriithi
2022-11-17Migrations: Add column `group_role_id` to `group_roles` tableFrederick Muriuki Muriithi
* migrations/auth/20221117_01_RDlfx-modify-group-roles-add-group-role-id.py: new migration * tests/unit/auth/test_migrations_add_remove_columns.py: test new migration
2022-11-17tests: test for addition of data to non-empty tableFrederick Muriuki Muriithi
2022-11-16pylint: fix some linting errorsFrederick Muriuki Muriithi
2022-11-16tests: Add tests for privilegesFrederick Muriuki Muriithi
* migrations/auth/20221116_01_nKUmX-add-privileges-to-group-leader-role.py: new migration to fix data errors. * tests/unit/auth/test_privileges.py: test privileges
2022-11-16auth: fix bugs in the codeFrederick Muriuki Muriithi
* gn3/auth/authorisation/privileges.py: Set id to UUID type * gn3/auth/authorisation/roles.py: fix parameters to types that sqlite3 supports * gn3/auth/db.py: add logging for errors and re-raise the exception * tests/unit/auth/test_roles.py: fix test
2022-11-16tests: Test role creationFrederick Muriuki Muriithi
* tests/unit/auth/test_roles.py: new tests.
2022-11-15auth: Return results of calling function directlyFrederick Muriuki Muriithi
* gn3/auth/authorisation/checks.py: Return results of calling the function rather than a dict of values that include the results. * gn3/auth/authorisation/groups.py: Use the newer form of `authorised_p` decorator. * tests/unit/auth/test_groups.py: Update tests
2022-11-15Add missing module __init__.py to mitigate the mypy errorsFrederick Muriuki Muriithi
2022-11-15pylint: Fix a myriad of linting errorsFrederick Muriuki Muriithi
2022-11-15tests: typo: fix migration script file nameFrederick Muriuki Muriithi
2022-11-15tests: Use `gn3.auth.db` functions for db connection and cursorFrederick Muriuki Muriithi
* tests/unit/auth/conftest.py: use the functions in `gn3.auth.db` to acquire the database connection and cursor since they handle some of the basic issues like rollback and commit, meaning we do not have to explicitly handle said issues in the fixtures.
2022-11-15tests: Fix cause of `DeprecationWarning`Frederick Muriuki Muriithi
* tests/unit/auth/test_groups.py: use Flask's application context directly rather than the request context to access `g` in order to get rid of the `DeprecationWarning`.
2022-11-14auth: Implement `create_group`Frederick Muriuki Muriithi
2022-11-14Migrations: Create `user_roles` tableFrederick Muriuki Muriithi
* migrations/auth/20221114_05_hQun6-create-user-roles-table.py: new migration * tests/unit/auth/test_migrations_create_tables.py: test new migration * tests/unit/auth/test_migrations_indexes.py: test new migration
2022-11-14auth: Add test for `create_group`Frederick Muriuki Muriithi
* gn3/auth/authorisation/__init__.py: Add `authorised_p` decorator to be used for all function requiring authorisation. * gn3/auth/authorisation/groups.py: Add `create_group` function stub * tests/unit/auth/conftest.py: Add fixture for test users * tests/unit/auth/test_groups.py: Add tests for `create_group`
2022-11-14Migrations: Create the `group-leader` role and give it privilegesFrederick Muriuki Muriithi
* migrations/auth/20221114_04_tLUzB-initialise-basic-roles.py: new migration * tests/unit/auth/test_migrations_insert_data_into_empty_table.py: test new migration
2022-11-14Migrations: Create `group_roles` tableFrederick Muriuki Muriithi
* migrations/auth/20221110_05_BaNtL-create-roles-table.py: modify migration * migrations/auth/20221114_03_PtWjc-create-group-roles-table.py: new migration * tests/unit/auth/test_migrations_create_tables.py: test new migration * tests/unit/auth/test_migrations_indexes.py: test new migration
2022-11-14Migrations: Drop `generic_role*` tablesFrederick Muriuki Muriithi
Drop the `generic_role*` tables, since what they were envisioned for can be handled a different, (arguably) more simple way. * migrations/auth/20221114_02_DKKjn-drop-generic-role-tables.py: new migration * tests/unit/auth/test_migrations_drop_tables.py: test new migration
2022-11-14Rename files for consistencyFrederick Muriuki Muriithi
* Name all tests that test migrations to start with `test_migrations_`
2022-11-14Migrations: Add generic_role_privileges tableFrederick Muriuki Muriithi
Add table `generic_role_privileges` table to link the generic roles to the privileges they provide. * migrations/auth/20221114_01_n8gsF-create-generic-role-privileges-table.py: new migration * tests/unit/auth/test_create_table_migrations.py: test new migration * tests/unit/auth/test_migrations_indexes.py: test new migration
2022-11-14Migrations: Migration for initial privilegesFrederick Muriuki Muriithi
* migrations/auth/20221113_01_7M0hv-enumerate-initial-privileges.py: new migration. * tests/unit/auth/test_migrations_insert_data_into_empty_table.py: test new migration.
2022-11-10Migrations: Add columns to 'privileges' tableFrederick Muriuki Muriithi
* migrations/auth/20221110_08_23psB-add-privilege-category-and-privilege-description-columns-to-privileges-table.py: new migration * tests/unit/auth/test_migrations_add_remove_columns.py: test new migration
2022-11-10Tests: Generalise tests for adding/removing columns to/from tablesFrederick Muriuki Muriithi