From 8e0ed6fdb03d1a2c284a68a387105623c8947abd Mon Sep 17 00:00:00 2001 From: Frederick Muriuki Muriithi Date: Thu, 17 Nov 2022 14:03:19 +0300 Subject: auth: Finish implementation of `create_group_role` * gn3/auth/authorisation/groups.py: Add `GroupRole` type. Fix typing annotations. Fix bugs. * tests/unit/auth/conftest.py: Fix bugs. * tests/unit/auth/test_groups.py: Fix test to run. --- tests/unit/auth/conftest.py | 8 ++++---- tests/unit/auth/test_groups.py | 38 +++++++++++++++++++++++++++----------- 2 files changed, 31 insertions(+), 15 deletions(-) (limited to 'tests/unit') diff --git a/tests/unit/auth/conftest.py b/tests/unit/auth/conftest.py index 4f4f1f8..37d78a3 100644 --- a/tests/unit/auth/conftest.py +++ b/tests/unit/auth/conftest.py @@ -101,22 +101,22 @@ def test_users(conn_after_auth_migrations):# pylint: disable=[redefined-outer-na ("9a0c7ce5-2f40-4e78-979e-bf3527a59579",))) @pytest.fixture(scope="function") -def test_users_in_group(test_group, test_users):#pytest: disable=[redefined-outer-name] +def test_users_in_group(test_group, test_users):# pylint: disable=[redefined-outer-name] """Link the users to the groups.""" conn = test_group[0] group = test_group[1] users = test_users[1] - query_params = ( + query_params = tuple( (str(group.group_id), str(user.user_id)) for user in users if user.email not in ("unaff@iliated.user",)) with db.cursor(conn) as cursor: - cursor.execute( + cursor.executemany( "INSERT INTO group_users(group_id, user_id) VALUES (?, ?)", query_params) yield (conn, group, users) with db.cursor(conn) as cursor: - cursor.execute( + cursor.executemany( "DELETE FROM group_users WHERE group_id=? AND user_id=?", query_params) diff --git a/tests/unit/auth/test_groups.py b/tests/unit/auth/test_groups.py index 0cd370e..9471cac 100644 --- a/tests/unit/auth/test_groups.py +++ b/tests/unit/auth/test_groups.py @@ -4,7 +4,10 @@ from uuid import UUID import pytest from gn3.auth import db -from gn3.auth.authorisation.groups import Group, create_group, create_group_role +from gn3.auth.authorisation.roles import Role +from gn3.auth.authorisation.privileges import Privilege +from gn3.auth.authorisation.groups import ( + Group, GroupRole, create_group, create_group_role) create_group_failure = { "status": "error", @@ -13,6 +16,13 @@ create_group_failure = { uuid_fn = lambda : UUID("d32611e3-07fc-4564-b56c-786c6db6de2b") +GROUP = Group(UUID("9988c21d-f02f-4d45-8966-22c968ac2fbf"), "TheTestGroup") +PRIVILEGES = ( + Privilege( + UUID("7f261757-3211-4f28-a43f-a09b800b164d"), "view-resource"), + Privilege( + UUID("2f980855-959b-4339-b80e-25d1ec286e21"), "edit-resource")) + @pytest.mark.unit_test @pytest.mark.parametrize( "user_id,expected", ( @@ -36,15 +46,22 @@ def test_create_group(# pylint: disable=[too-many-arguments] with db.connection(auth_testdb_path) as conn: assert create_group(conn, "a_test_group") == expected +create_role_failure = { + "status": "error", + "message": "Unauthorised: Could not create the group role" +} + @pytest.mark.unit_test @pytest.mark.parametrize( "user_id,expected", ( - ("ecb52977-3004-469e-9428-2a1856725c7f", Group( - UUID("d32611e3-07fc-4564-b56c-786c6db6de2b"), "a_test_group")), - ("21351b66-8aad-475b-84ac-53ce528451e3", create_group_failure), - ("ae9c6245-0966-41a5-9a5e-20885a96bea7", create_group_failure), - ("9a0c7ce5-2f40-4e78-979e-bf3527a59579", create_group_failure), - ("e614247d-84d2-491d-a048-f80b578216cb", create_group_failure))) + ("ecb52977-3004-469e-9428-2a1856725c7f", GroupRole( + UUID("d32611e3-07fc-4564-b56c-786c6db6de2b"), + Role(UUID("d32611e3-07fc-4564-b56c-786c6db6de2b"), + "ResourceEditor", PRIVILEGES))), + ("21351b66-8aad-475b-84ac-53ce528451e3", create_role_failure), + ("ae9c6245-0966-41a5-9a5e-20885a96bea7", create_role_failure), + ("9a0c7ce5-2f40-4e78-979e-bf3527a59579", create_role_failure), + ("e614247d-84d2-491d-a048-f80b578216cb", create_role_failure))) def test_create_group_role(mocker, test_users_in_group, test_app, user_id, expected): """ GIVEN: an authenticated user @@ -54,9 +71,8 @@ def test_create_group_role(mocker, test_users_in_group, test_app, user_id, expec """ mocker.patch("gn3.auth.authorisation.groups.uuid4", uuid_fn) mocker.patch("gn3.auth.authorisation.roles.uuid4", uuid_fn) - conn, group, users = test_users_in_group + conn, _group, _users = test_users_in_group with test_app.app_context() as flask_context: flask_context.g.user_id = UUID(user_id) - assert create_group_role(conn, GROUP, "a_test_role", PRIVILEGES) - - assert False, "NOT IMPLEMENTED" + assert create_group_role( + conn, GROUP, "ResourceEditor", PRIVILEGES) == expected -- cgit v1.2.3