Age | Commit message (Expand) | Author |
2023-01-23 | auth: create group: Fix group creation....* gn3/auth/authorisation/checks.py: Enable passing user to authorisation
checking function. Raise error on authorisation failure for consistent error
handling.
* gn3/auth/authorisation/groups.py: Add user to group, updating the privileges
as appropriate.
* gn3/auth/authorisation/resources.py: Fix resources querying
* gn3/auth/authorisation/roles.py: Assign/revoke roles by name
* gn3/auth/authorisation/views.py: Create group
* migrations/auth/20221108_01_CoxYh-create-the-groups-table.py: Add
group_metadata field
* tests/unit/auth/fixtures/group_fixtures.py: fix tests
* tests/unit/auth/test_groups.py: fix tests
* tests/unit/auth/test_resources.py: fix tests
* tests/unit/auth/test_roles.py: fix tests
| Frederick Muriuki Muriithi |
2023-01-21 | tests: roles - Extract values from Maybe object | Frederick Muriuki Muriithi |
2023-01-18 | auth: Fix tests after enforcing FOREIGN KEY constraint...Fix a number of tests and fixtures that were not conforming to the FOREIGN KEY
constraints:
* Each test that creates a new "object" needs to clean up after itself
* Each fixture that sets up test data needs to clean up after itself
| Frederick Muriuki Muriithi |
2023-01-16 | auth: update privileges format...Save privileges with ids of the form <top-level>:<sub-level>:<privilege-name>
rather than using a UUID, to reduce indirection levels.
* migrations/auth/20230116_01_KwuJ3-rework-privileges-schema.py: new migration
to change the schema and IDs for the privileges.
* Update code to use new privileges format
* gn3/auth/authorisation/checks.py
* gn3/auth/authorisation/groups.py
* gn3/auth/authorisation/privileges.py
* gn3/auth/authorisation/resources.py
* gn3/auth/authorisation/roles.py
* migrations/auth/20230116_01_KwuJ3-rework-privileges-schema.py
* tests/unit/auth/fixtures/role_fixtures.py
* tests/unit/auth/test_groups.py
* tests/unit/auth/test_privileges.py
* tests/unit/auth/test_roles.py
| Frederick Muriuki Muriithi |
2023-01-11 | auth: assign default role. separate group creation from group admin...A newly registered user will have the ability to create a group.
Once a user is a member of a group, either by creating a new group, or being
added to a group, they should not be able to create any more groups, i.e. they
lose the 'create-group' (and/or equivalent) privileges.
This means that the group-administration privileges should be separated from
the group-creation privilege.
* gn3/auth/authorisation/roles.py: assign default roles to user on
registration
* gn3/auth/authorisation/views.py: assign default roles to user on
registration
* migrations/auth/20230111_01_Wd6IZ-remove-create-group-privilege-from-group-leader.py:
separate group-creation role from group-administration role.
* tests/unit/auth/fixtures/user_fixtures.py: Add group-creation role to test
user
* tests/unit/auth/test_roles.py: Add the group-creation role explicitly in the
expected results for the test
| Frederick Muriuki Muriithi |
2023-01-03 | auth: Fetch all of a user's roles....* gn3/auth/authorisation/roles.py: Fetch roles from DB
* gn3/auth/authorisation/views.py: Provide API endpoint for user roles
* tests/unit/auth/test_roles.py: Tests to check fetching roles works correctly
Fix linting and typing issues in the following files:
* gn3/auth/authentication/oauth2/resource_server.py
* gn3/auth/authentication/oauth2/views.py
* tests/unit/auth/fixtures/oauth2_client_fixtures.py
| Frederick Muriuki Muriithi |
2023-01-03 | auth: rename fixtures: test_* -> fxtr_*...Since test functions are defined starting with "test_", rename the fixture to
more clearly indicate it is a fixture (fxtr_*), an not a test in itself.
| Frederick Muriuki Muriithi |
2022-12-22 | tests: Setup environment variables and configs...* gn3/settings.py: leave `OAUTH2_ACCESS_TOKEN_GENERATOR` in its default
setting
* tests/unit/auth/fixtures/oauth2_client_fixtures.py: setup
`AUTHLIB_INSECURE_TRANSPORT` before running the OAuth2 tests
* tests/unit/conftest.py: setup the test application's configuration correctly
for the tests.
| Frederick Muriuki Muriithi |
2022-12-22 | auth: implement OAuth2 flow....Add code to implement the OAuth2 flow.
* Add test fixtures for setting up users and OAuth2 clients
* Add tests for token generation with the "Password Grant" flow
* Fix some issues with test due to changes in the database connection's
row_factory
oauth2_auth_flow | Frederick Muriuki Muriithi |
2022-12-21 | migrations: create the authorisation_code table...* migrations/auth/20221219_03_PcTrb-create-authorisation-code-table.py: new
migration
* tests/unit/auth/test_migrations_create_tables.py: test new migration
| Frederick Muriuki Muriithi |
2022-12-21 | migrations: create oauth2_tokens table...* migrations/auth/20221219_02_buSEU-create-oauth2-tokens-table.py
* tests/unit/auth/test_migrations_create_tables.py
| Frederick Muriuki Muriithi |
2022-12-21 | migrations: New migration...* migrations/auth/20221219_01_CI3tN-create-oauth2-clients-table.py: New
migration
* tests/unit/auth/test_migrations_create_tables.py: tests for new migration
| Frederick Muriuki Muriithi |
2022-12-12 | tests: Update fixtures to use for testing resources functions | Frederick Muriuki Muriithi |
2022-12-12 | auth: pass cursor object to `user_group` function | Frederick Muriuki Muriithi |
2022-12-12 | auth: Attach group to GroupRole, rather than group_id | Frederick Muriuki Muriithi |
2022-12-12 | tests: Reorganise fixtures...Split the fixtures into separate modules for easier management
* tests/unit/auth/conftest.py: Import all from the `fixtures` package. Delete
all fixtures from the file
* tests/unit/auth/fixtures/__init__.py: new `fixtures` package
* tests/unit/auth/fixtures/group_fixtures.py: new groups fixtures module
* tests/unit/auth/fixtures/migration_fixtures.py: new migrations fixtures
module
* tests/unit/auth/fixtures/resource_fixtures.py: new resources fixtures module
* tests/unit/auth/fixtures/role_fixtures.py: new roles fixtures module
* tests/unit/auth/fixtures/user_fixtures.py: new users fixtures module
| Frederick Muriuki Muriithi |
2022-12-08 | auth: test for `user_resources` function (incomplete)...* gn3/auth/authorisation/resources.py: dummy `user_resources` function
* tests/unit/auth/conftest.py: (incomplete): Add some fixtures for testing the
`user_resources` function
* tests/unit/auth/test_resources.py: test the `user_resources` function
| Frederick Muriuki Muriithi |
2022-12-08 | tests: Fix issues caught by tests...The addition of the `public` field in the `resources` table, led to some
previously passing tests to fail. This commit fixes the failures, and cleans
up some pylint issues.
* gn3/auth/authorisation/resources.py: add `public` to db queries
* tests/unit/auth/test_groups.py: fix pylint issues
| Frederick Muriuki Muriithi |
2022-12-08 | auth: add test to retrieve public resources...* gn3/auth/authorisation/resources.py: new functions
* resource_categories: retrieves all resource categories
* public_resources: retrieves all public resources
* tests/unit/auth/test_resources.py: test `public_resources` function
| Frederick Muriuki Muriithi |
2022-12-08 | auth: add function to retrieve a user's group...* gn3/auth/authorisation/groups.py: new `user_group` function
* tests/unit/auth/test_groups.py: test `user_group` function
| Frederick Muriuki Muriithi |
2022-12-08 | migrations: Add column `public` to `resources` table...* migrations/auth/20221208_01_sSdHz-add-public-column-to-resources-table.py:
new migration script.
* tests/unit/auth/test_migrations_add_remove_columns.py: test new migration
script
| Frederick Muriuki Muriithi |
2022-12-06 | migrations: Add `group_user_roles_on_resources` table...* migrations/auth/20221206_01_BbeF9-create-group-user-roles-on-resources-table.py:
new migration
* tests/unit/auth/test_migrations_create_tables.py: Test creation of table
* tests/unit/auth/test_migrations_indexes.py: Test creation of index
| Frederick Muriuki Muriithi |
2022-11-24 | auth: Check for authentication and fix errors...* gn3/auth/authorisation/groups.py: base `MembershipError` on new
`AuthorisationError` base exception. Use new authentication checking
decorator.
* gn3/auth/authorisation/privileges.py: Change argument to User object rather
than UUID object
* gn3/auth/authorisation/roles.py: Use new authentication checking decorator.
* tests/unit/auth/test_groups.py: use `conftest.TEST_USER`
* tests/unit/auth/test_privileges.py: use `conftest.TEST_USER`
* tests/unit/auth/test_roles.py: use `conftest.TEST_USER`
| Frederick Muriuki Muriithi |
2022-11-24 | auth: Implement `create_resource` function...* gn3/auth/authentication/checks.py: new `authenticated_p` decorator to apply
on any function that requires the user to be authenticated before it runs.
* gn3/auth/authorisation/checks.py: use a `auth.authentication.users.User`
object rather than a UUID object in the global `g`.
* gn3/auth/authorisation/groups.py: Implement the `authenticated_user_group`
function to get the group(s) in which the currently authenticated user
belongs.
* gn3/auth/authorisation/resources.py: Implement the `create_resource`
function correctly.
* tests/unit/auth/conftest.py: extract the User objects into a global variable
for reusability with the tests.
* tests/unit/auth/test_resources.py: Use global user objects from conftest in
the tests. Set a User object (rather than UUID) in the global `g` variable.
| Frederick Muriuki Muriithi |
2022-11-24 | tests: Add test for `create_resource`...* gn3/auth/authorisation/resources.py: Define Resource and ResourceCategory
classes. Create the `create_resource` stub.
* tests/unit/auth/test_resources.py: test for `create_resource` function
| Frederick Muriuki Muriithi |
2022-11-21 | auth: Prevent group leader from being a member of multiple groups...* gn3/auth/authorisation/groups.py: Assign the group leader at group creation
time.
* tests/unit/auth/test_groups.py: Ensure the group leader is only ever a
member of a single group.
| Frederick Muriuki Muriithi |
2022-11-17 | auth: Finish implementation of `create_group_role`...* gn3/auth/authorisation/groups.py: Add `GroupRole` type. Fix typing
annotations. Fix bugs.
* tests/unit/auth/conftest.py: Fix bugs.
* tests/unit/auth/test_groups.py: Fix test to run.
| Frederick Muriuki Muriithi |
2022-11-17 | Migrations: Create `group_users` table...* migrations/auth/20221117_02_fmuZh-create-group-users-table.py: new migration
* tests/unit/auth/test_migrations_create_tables.py: test new migration
* tests/unit/auth/test_migrations_indexes.py: test new migration
| Frederick Muriuki Muriithi |
2022-11-17 | tests: Add test to check creation of roles attached to groups...* tests/unit/auth/conftest.py: Add fixtures to help with testing
* tests/unit/auth/test_groups.py: Add incomplete and failing test
| Frederick Muriuki Muriithi |
2022-11-17 | Tests: Make test failure messages clearer. | Frederick Muriuki Muriithi |
2022-11-17 | Migrations: Add column `group_role_id` to `group_roles` table...* migrations/auth/20221117_01_RDlfx-modify-group-roles-add-group-role-id.py:
new migration
* tests/unit/auth/test_migrations_add_remove_columns.py: test new migration
| Frederick Muriuki Muriithi |
2022-11-17 | tests: test for addition of data to non-empty table | Frederick Muriuki Muriithi |
2022-11-16 | pylint: fix some linting errors | Frederick Muriuki Muriithi |
2022-11-16 | tests: Add tests for privileges...* migrations/auth/20221116_01_nKUmX-add-privileges-to-group-leader-role.py:
new migration to fix data errors.
* tests/unit/auth/test_privileges.py: test privileges
| Frederick Muriuki Muriithi |
2022-11-16 | auth: fix bugs in the code...* gn3/auth/authorisation/privileges.py: Set id to UUID type
* gn3/auth/authorisation/roles.py: fix parameters to types that sqlite3
supports
* gn3/auth/db.py: add logging for errors and re-raise the exception
* tests/unit/auth/test_roles.py: fix test
| Frederick Muriuki Muriithi |
2022-11-16 | tests: Test role creation...* tests/unit/auth/test_roles.py: new tests.
| Frederick Muriuki Muriithi |
2022-11-15 | auth: Return results of calling function directly...* gn3/auth/authorisation/checks.py: Return results of calling the function
rather than a dict of values that include the results.
* gn3/auth/authorisation/groups.py: Use the newer form of `authorised_p`
decorator.
* tests/unit/auth/test_groups.py: Update tests
| Frederick Muriuki Muriithi |
2022-11-15 | Add missing module __init__.py to mitigate the mypy errors | Frederick Muriuki Muriithi |
2022-11-15 | pylint: Fix a myriad of linting errors | Frederick Muriuki Muriithi |
2022-11-15 | tests: typo: fix migration script file name | Frederick Muriuki Muriithi |
2022-11-15 | tests: Use `gn3.auth.db` functions for db connection and cursor...* tests/unit/auth/conftest.py: use the functions in `gn3.auth.db` to acquire
the database connection and cursor since they handle some of the basic
issues like rollback and commit, meaning we do not have to explicitly handle
said issues in the fixtures.
| Frederick Muriuki Muriithi |
2022-11-15 | tests: Fix cause of `DeprecationWarning`...* tests/unit/auth/test_groups.py: use Flask's application context directly
rather than the request context to access `g` in order to get rid of the
`DeprecationWarning`.
| Frederick Muriuki Muriithi |
2022-11-14 | auth: Implement `create_group` | Frederick Muriuki Muriithi |
2022-11-14 | Migrations: Create `user_roles` table...* migrations/auth/20221114_05_hQun6-create-user-roles-table.py: new migration
* tests/unit/auth/test_migrations_create_tables.py: test new migration
* tests/unit/auth/test_migrations_indexes.py: test new migration
| Frederick Muriuki Muriithi |
2022-11-14 | auth: Add test for `create_group`...* gn3/auth/authorisation/__init__.py: Add `authorised_p` decorator to be used
for all function requiring authorisation.
* gn3/auth/authorisation/groups.py: Add `create_group` function stub
* tests/unit/auth/conftest.py: Add fixture for test users
* tests/unit/auth/test_groups.py: Add tests for `create_group`
| Frederick Muriuki Muriithi |
2022-11-14 | Migrations: Create the `group-leader` role and give it privileges...* migrations/auth/20221114_04_tLUzB-initialise-basic-roles.py: new migration
* tests/unit/auth/test_migrations_insert_data_into_empty_table.py: test new
migration
| Frederick Muriuki Muriithi |
2022-11-14 | Migrations: Create `group_roles` table...* migrations/auth/20221110_05_BaNtL-create-roles-table.py: modify migration
* migrations/auth/20221114_03_PtWjc-create-group-roles-table.py: new migration
* tests/unit/auth/test_migrations_create_tables.py: test new migration
* tests/unit/auth/test_migrations_indexes.py: test new migration
| Frederick Muriuki Muriithi |
2022-11-14 | Migrations: Drop `generic_role*` tables...Drop the `generic_role*` tables, since what they were envisioned for can be
handled a different, (arguably) more simple way.
* migrations/auth/20221114_02_DKKjn-drop-generic-role-tables.py: new migration
* tests/unit/auth/test_migrations_drop_tables.py: test new migration
| Frederick Muriuki Muriithi |
2022-11-14 | Rename files for consistency...* Name all tests that test migrations to start with `test_migrations_`
| Frederick Muriuki Muriithi |
2022-11-14 | Migrations: Add generic_role_privileges table...Add table `generic_role_privileges` table to link the generic roles to the
privileges they provide.
* migrations/auth/20221114_01_n8gsF-create-generic-role-privileges-table.py:
new migration
* tests/unit/auth/test_create_table_migrations.py: test new migration
* tests/unit/auth/test_migrations_indexes.py: test new migration
| Frederick Muriuki Muriithi |