From 361a934d1c0d75da01bd19d8ac78bf15aa7e2cad Mon Sep 17 00:00:00 2001 From: Frederick Muriuki Muriithi Date: Mon, 6 Mar 2023 15:19:35 +0300 Subject: auth: privileges/roles: fix issues caught by tests. --- migrations/auth/20230306_01_pRfxl-add-system-user-list-privilege.py | 2 +- ...r-list-privilege-to-system-administrator-and-group-leader-roles.py | 2 +- tests/unit/auth/test_privileges.py | 1 + tests/unit/auth/test_roles.py | 4 +++- 4 files changed, 6 insertions(+), 3 deletions(-) diff --git a/migrations/auth/20230306_01_pRfxl-add-system-user-list-privilege.py b/migrations/auth/20230306_01_pRfxl-add-system-user-list-privilege.py index 0393cd3..17db17c 100644 --- a/migrations/auth/20230306_01_pRfxl-add-system-user-list-privilege.py +++ b/migrations/auth/20230306_01_pRfxl-add-system-user-list-privilege.py @@ -12,7 +12,7 @@ def insert_users_list_priv(conn): with contextlib.closing(conn.cursor()) as cursor: cursor.execute( "INSERT INTO privileges(privilege_id, privilege_description) " - "VALUES('system:user:list', 'List users in the system.') " + "VALUES('system:user:list', 'List users in the system') " "ON CONFLICT (privilege_id) DO NOTHING") def delete_users_list_priv(conn): diff --git a/migrations/auth/20230306_02_7GnRY-add-system-user-list-privilege-to-system-administrator-and-group-leader-roles.py b/migrations/auth/20230306_02_7GnRY-add-system-user-list-privilege-to-system-administrator-and-group-leader-roles.py index 4cfd068..3caad55 100644 --- a/migrations/auth/20230306_02_7GnRY-add-system-user-list-privilege-to-system-administrator-and-group-leader-roles.py +++ b/migrations/auth/20230306_02_7GnRY-add-system-user-list-privilege-to-system-administrator-and-group-leader-roles.py @@ -35,7 +35,7 @@ def del_privilege_from_roles(conn): cursor.execute( "DELETE FROM role_privileges WHERE " "role_id IN (?, ?) AND privilege_id='system:user:list'", - tuple(role_ids(cursor))) + tuple(str(role_id) for role_id in role_ids(cursor))) steps = [ step(add_privilege_to_roles, del_privilege_from_roles) diff --git a/tests/unit/auth/test_privileges.py b/tests/unit/auth/test_privileges.py index e6c86d8..8395293 100644 --- a/tests/unit/auth/test_privileges.py +++ b/tests/unit/auth/test_privileges.py @@ -12,6 +12,7 @@ PRIVILEGES = sorted( (Privilege("system:group:create-group", "Create a group"), Privilege("system:group:view-group", "View the details of a group"), Privilege("system:group:edit-group", "Edit the details of a group"), + Privilege("system:user:list", "List users in the system"), Privilege("system:group:delete-group", "Delete a group"), Privilege("group:user:add-group-member", "Add a user to a group"), Privilege("group:user:remove-group-member", "Remove a user from a group"), diff --git a/tests/unit/auth/test_roles.py b/tests/unit/auth/test_roles.py index 0914b54..0a3ba19 100644 --- a/tests/unit/auth/test_roles.py +++ b/tests/unit/auth/test_roles.py @@ -103,7 +103,9 @@ def test_create_role_raises_exception_for_unauthorised_users(# pylint: disable=[ 'Transfer leadership of the group to some other ' 'member')), Privilege(privilege_id='system:group:view-group', - privilege_description='View the details of a group'))), + privilege_description='View the details of a group'), + Privilege(privilege_id='system:user:list', + privilege_description='List users in the system'))), Role( role_id=uuid.UUID("ade7e6b0-ba9c-4b51-87d0-2af7fe39a347"), role_name="group-creator", -- cgit v1.2.3