diff options
| author | Frederick Muriuki Muriithi | 2024-06-20 15:34:02 -0500 |
|---|---|---|
| committer | Frederick Muriuki Muriithi | 2024-06-20 15:34:02 -0500 |
| commit | c0f5b9d646487e035f2d2e5370041b317b81baf6 (patch) | |
| tree | e1cce317553a2379aa1717d700ded55ca9418440 /tests/unit/auth/fixtures | |
| parent | 8e460b05da4d419aa1b53b1c639d3e370143de4f (diff) | |
| download | gn-auth-c0f5b9d646487e035f2d2e5370041b317b81baf6.tar.gz | |
Reorganise test fixtures. Fix tests and issues caught.
Reorganise test fixtures to more closely follow the design of the auth
system.
Fix the broken tests due to refactors and fix all issues caught by the
running tests.
Diffstat (limited to 'tests/unit/auth/fixtures')
| -rw-r--r-- | tests/unit/auth/fixtures/group_fixtures.py | 112 | ||||
| -rw-r--r-- | tests/unit/auth/fixtures/resource_fixtures.py | 109 | ||||
| -rw-r--r-- | tests/unit/auth/fixtures/role_fixtures.py | 169 | ||||
| -rw-r--r-- | tests/unit/auth/fixtures/user_fixtures.py | 25 |
4 files changed, 253 insertions, 162 deletions
diff --git a/tests/unit/auth/fixtures/group_fixtures.py b/tests/unit/auth/fixtures/group_fixtures.py index 8ddcf50..2e8cd9a 100644 --- a/tests/unit/auth/fixtures/group_fixtures.py +++ b/tests/unit/auth/fixtures/group_fixtures.py @@ -7,7 +7,7 @@ from gn_auth.auth.db import sqlite3 as db from gn_auth.auth.authorisation.resources.groups import Group from gn_auth.auth.authorisation.resources import Resource, ResourceCategory -from .role_fixtures import RESOURCE_EDITOR_ROLE +from .resource_fixtures import TEST_RESOURCES TEST_GROUP_01 = Group(uuid.UUID("9988c21d-f02f-4d45-8966-22c968ac2fbf"), "TheTestGroup", {}) @@ -15,16 +15,6 @@ TEST_GROUP_02 = Group(uuid.UUID("e37d59d7-c05e-4d67-b479-81e627d8d634"), "AnotherTestGroup", {}) TEST_GROUPS = (TEST_GROUP_01, TEST_GROUP_02) -SYSTEM_CATEGORY = ResourceCategory( - uuid.UUID("aa3d787f-af6a-44fa-9b0b-c82d40e54ad2"), - "system", - "The overall system.") -SYSTEM_RESOURCE = Resource( - uuid.UUID("0248b289-b277-4eaa-8c94-88a434d14b6e"), - "GeneNetwork System", - SYSTEM_CATEGORY, - True) - GROUP_CATEGORY = ResourceCategory( uuid.UUID("1e0f70ee-add5-4358-8c6c-43de77fa4cce"), "group", @@ -46,38 +36,11 @@ GROUP_RESOURCES = tuple( False) for row in GROUPS_AS_RESOURCES) -TEST_RESOURCES_GROUP_01 = ( - Resource(uuid.UUID("26ad1668-29f5-439d-b905-84d551f85955"), - "ResourceG01R01", - ResourceCategory(uuid.UUID("48056f84-a2a6-41ac-8319-0e1e212cba2a"), - "genotype", "Genotype Dataset"), - True), - Resource(uuid.UUID("2130aec0-fefd-434d-92fd-9ca342348b2d"), - "ResourceG01R02", - ResourceCategory(uuid.UUID("548d684b-d4d1-46fb-a6d3-51a56b7da1b3"), - "phenotype", "Phenotype (Publish) Dataset"), - False), - Resource(uuid.UUID("e9a1184a-e8b4-49fb-b713-8d9cbeea5b83"), - "ResourceG01R03", - ResourceCategory(uuid.UUID("fad071a3-2fc8-40b8-992b-cdefe7dcac79"), - "mrna", "mRNA Dataset"), - False)) - -TEST_RESOURCES_GROUP_02 = ( - Resource(uuid.UUID("14496a1c-c234-49a2-978c-8859ea274054"), - "ResourceG02R01", - ResourceCategory(uuid.UUID("48056f84-a2a6-41ac-8319-0e1e212cba2a"), - "genotype", "Genotype Dataset"), - False), - Resource(uuid.UUID("04ad9e09-94ea-4390-8a02-11f92999806b"), - "ResourceG02R02", - ResourceCategory(uuid.UUID("fad071a3-2fc8-40b8-992b-cdefe7dcac79"), - "mrna", "mRNA Dataset"), - True)) - -TEST_RESOURCES = TEST_RESOURCES_GROUP_01 + TEST_RESOURCES_GROUP_02 -TEST_RESOURCES_PUBLIC = ( - SYSTEM_RESOURCE, TEST_RESOURCES_GROUP_01[0], TEST_RESOURCES_GROUP_02[1]) + +TEST_RESOURCES_GROUP_01 = TEST_RESOURCES[0:3] +TEST_RESOURCES_GROUP_02 = TEST_RESOURCES[3:5] + + def __gtuple__(cursor): return tuple(dict(row) for row in cursor.fetchall()) @@ -115,6 +78,37 @@ def fxtr_group(conn_after_auth_migrations):# pylint: disable=[redefined-outer-na "DELETE FROM groups WHERE group_id=?", ((str(group.group_id),) for group in TEST_GROUPS)) + +@pytest.fixture(scope="function") +def fxtr_resource_ownership(# pylint: disable=[redefined-outer-name] + fxtr_resources, fxtr_group +): + """fixture: Set up group ownership of resources.""" + _conn, resources = fxtr_resources + conn, groups = fxtr_group + ownership = tuple({ + "group_id": str(TEST_GROUP_01.group_id), + "resource_id": str(res.resource_id) + } for res in TEST_RESOURCES_GROUP_01) + tuple({ + "group_id": str(TEST_GROUP_02.group_id), + "resource_id": str(res.resource_id) + } for res in TEST_RESOURCES_GROUP_02) + + with db.cursor(conn) as cursor: + cursor.executemany( + "INSERT INTO resource_ownership(group_id, resource_id) " + "VALUES (:group_id, :resource_id)", + ownership) + + yield conn, resources, groups, ownership + + with db.cursor(conn) as cursor: + cursor.executemany( + "DELETE FROM resource_ownership " + "WHERE group_id=:group_id AND resource_id=:resource_id", + ownership) + + @pytest.fixture(scope="function") def fxtr_users_in_group(fxtr_group, fxtr_users):# pylint: disable=[redefined-outer-name, unused-argument] """Link the users to the groups.""" @@ -134,35 +128,3 @@ def fxtr_users_in_group(fxtr_group, fxtr_users):# pylint: disable=[redefined-out cursor.executemany( "DELETE FROM group_users WHERE group_id=? AND user_id=?", query_params) - - -@pytest.fixture(scope="function") -def fxtr_group_user_roles(fxtr_users_in_group, fxtr_resources, fxtr_resource_roles):#pylint: disable=[redefined-outer-name,unused-argument] - """Assign roles to users.""" - _conn, _group, group_users = fxtr_users_in_group - _conn, group_resources = fxtr_resources - conn, _groups, resource_roles = fxtr_resource_roles - users = tuple(user for user in group_users if user.email - not in ("unaff@iliated.user", "group@lead.er")) - users_roles_resources = ( - (user, RESOURCE_EDITOR_ROLE, TEST_RESOURCES_GROUP_01[1]) - for user in users if user.email == "group@mem.ber01") - with db.cursor(conn) as cursor: - params = tuple({ - "user_id": str(user.user_id), - "role_id": str(role.role_id), - "resource_id": str(resource.resource_id) - } for user, role, resource in users_roles_resources) - cursor.executemany( - ("INSERT INTO user_roles " - "VALUES (:user_id, :role_id, :resource_id)"), - params) - - yield conn, group_users, resource_roles, group_resources - - with db.cursor(conn) as cursor: - cursor.executemany( - ("DELETE FROM user_roles WHERE " - "user_id=:user_id AND role_id=:role_id AND " - "resource_id=:resource_id"), - params) diff --git a/tests/unit/auth/fixtures/resource_fixtures.py b/tests/unit/auth/fixtures/resource_fixtures.py index 37397d2..e06f64e 100644 --- a/tests/unit/auth/fixtures/resource_fixtures.py +++ b/tests/unit/auth/fixtures/resource_fixtures.py @@ -1,76 +1,65 @@ """Fixtures and utilities for resource-related tests""" +import uuid + import pytest from gn_auth.auth.db import sqlite3 as db +from gn_auth.auth.authorisation.resources import Resource, ResourceCategory -from .role_fixtures import RESOURCE_EDITOR_ROLE, RESOURCE_READER_ROLE -from .group_fixtures import ( - TEST_RESOURCES, - TEST_GROUP_01, - TEST_GROUP_02, - TEST_RESOURCES_GROUP_01, - TEST_RESOURCES_GROUP_02) -@pytest.fixture(scope="function") -def fxtr_resources(fxtr_group):# pylint: disable=[redefined-outer-name] - """fixture: setup test resources in the database""" - conn, _group = fxtr_group - ownership = tuple({ - "group_id": str(TEST_GROUP_01.group_id), - "resource_id": str(res.resource_id) - } for res in TEST_RESOURCES_GROUP_01) + tuple({ - "group_id": str(TEST_GROUP_02.group_id), - "resource_id": str(res.resource_id) - } for res in TEST_RESOURCES_GROUP_02) +SYSTEM_CATEGORY = ResourceCategory( + uuid.UUID("aa3d787f-af6a-44fa-9b0b-c82d40e54ad2"), + "system", + "The overall system.") +SYSTEM_RESOURCE = Resource( + uuid.UUID("0248b289-b277-4eaa-8c94-88a434d14b6e"), + "GeneNetwork System", + SYSTEM_CATEGORY, + True) - with db.cursor(conn) as cursor: - cursor.executemany( - "INSERT INTO resources VALUES (?,?,?,?)", - ((str(res.resource_id), res.resource_name, - str(res.resource_category.resource_category_id), - 1 if res.public else 0) for res in TEST_RESOURCES)) - cursor.executemany( - "INSERT INTO resource_ownership(group_id, resource_id) " - "VALUES (:group_id, :resource_id)", - ownership) +TEST_RESOURCES = ( + Resource(uuid.UUID("26ad1668-29f5-439d-b905-84d551f85955"), + "ResourceG01R01", + ResourceCategory(uuid.UUID("48056f84-a2a6-41ac-8319-0e1e212cba2a"), + "genotype", "Genotype Dataset"), + True), + Resource(uuid.UUID("2130aec0-fefd-434d-92fd-9ca342348b2d"), + "ResourceG01R02", + ResourceCategory(uuid.UUID("548d684b-d4d1-46fb-a6d3-51a56b7da1b3"), + "phenotype", "Phenotype (Publish) Dataset"), + False), + Resource(uuid.UUID("e9a1184a-e8b4-49fb-b713-8d9cbeea5b83"), + "ResourceG01R03", + ResourceCategory(uuid.UUID("fad071a3-2fc8-40b8-992b-cdefe7dcac79"), + "mrna", "mRNA Dataset"), + False), + Resource(uuid.UUID("14496a1c-c234-49a2-978c-8859ea274054"), + "ResourceG02R01", + ResourceCategory(uuid.UUID("48056f84-a2a6-41ac-8319-0e1e212cba2a"), + "genotype", "Genotype Dataset"), + False), + Resource(uuid.UUID("04ad9e09-94ea-4390-8a02-11f92999806b"), + "ResourceG02R02", + ResourceCategory(uuid.UUID("fad071a3-2fc8-40b8-992b-cdefe7dcac79"), + "mrna", "mRNA Dataset"), + True)) - yield (conn, TEST_RESOURCES) - - with db.cursor(conn) as cursor: - cursor.executemany( - "DELETE FROM resource_ownership " - "WHERE group_id=:group_id AND resource_id=:resource_id", - ownership) - cursor.executemany("DELETE FROM resources WHERE resource_id=?", - ((str(res.resource_id),) - for res in TEST_RESOURCES)) +TEST_RESOURCES_PUBLIC = (SYSTEM_RESOURCE, TEST_RESOURCES[0], TEST_RESOURCES[4]) @pytest.fixture(scope="function") -def fxtr_resource_roles(fxtr_group, fxtr_resources, fxtr_roles):# pylint: disable=[redefined-outer-name,unused-argument] - """Link roles to resources.""" - resource_roles = ({ - "resource_id": str(TEST_RESOURCES_GROUP_01[0].resource_id), - "role_created_by": "ecb52977-3004-469e-9428-2a1856725c7f", - "role_id": str(RESOURCE_EDITOR_ROLE.role_id) - },{ - "resource_id": str(TEST_RESOURCES_GROUP_01[0].resource_id), - "role_created_by": "ecb52977-3004-469e-9428-2a1856725c7f", - "role_id": str(RESOURCE_READER_ROLE.role_id) - }) - conn, groups = fxtr_group +def fxtr_resources(conn_after_auth_migrations): + """fixture: setup test resources in the database""" + conn = conn_after_auth_migrations with db.cursor(conn) as cursor: cursor.executemany( - "INSERT INTO resource_roles(resource_id, role_created_by, role_id) " - "VALUES (:resource_id, :role_created_by, :role_id)", - resource_roles) + "INSERT INTO resources VALUES (?,?,?,?)", + ((str(res.resource_id), res.resource_name, + str(res.resource_category.resource_category_id), + 1 if res.public else 0) for res in TEST_RESOURCES)) - yield conn, groups, resource_roles + yield (conn, TEST_RESOURCES) with db.cursor(conn) as cursor: - cursor.executemany( - ("DELETE FROM resource_roles " - "WHERE resource_id=:resource_id " - "AND role_created_by=:role_created_by " - "AND role_id=:role_id"), - resource_roles) + cursor.executemany("DELETE FROM resources WHERE resource_id=?", + ((str(res.resource_id),) for res in TEST_RESOURCES)) diff --git a/tests/unit/auth/fixtures/role_fixtures.py b/tests/unit/auth/fixtures/role_fixtures.py index ddcbba5..1858712 100644 --- a/tests/unit/auth/fixtures/role_fixtures.py +++ b/tests/unit/auth/fixtures/role_fixtures.py @@ -7,18 +7,41 @@ from gn_auth.auth.db import sqlite3 as db from gn_auth.auth.authorisation.roles import Role from gn_auth.auth.authorisation.privileges import Privilege +from .user_fixtures import TEST_USERS +from .resource_fixtures import SYSTEM_RESOURCE, TEST_RESOURCES_PUBLIC +from .group_fixtures import ( + TEST_GROUP_01, + TEST_RESOURCES_GROUP_01, + TEST_RESOURCES_GROUP_02) + +PUBLIC_VIEW_ROLE = Role( + uuid.UUID("fd88bfed-d869-4969-87f2-67c4e8446ecb"), + "public-view", + False, + (Privilege("group:resource:view-resource", + "view a resource and use it in computations"),)) + RESOURCE_READER_ROLE = Role( - uuid.UUID("c3ca2507-ee24-4835-9b31-8c21e1c072d3"), "resource_reader", True, + uuid.UUID("c3ca2507-ee24-4835-9b31-8c21e1c072d3"), "resource_reader", + True, (Privilege("group:resource:view-resource", "view a resource and use it in computations"),)) RESOURCE_EDITOR_ROLE = Role( - uuid.UUID("89819f84-6346-488b-8955-86062e9eedb7"), "resource_editor", True, + uuid.UUID("89819f84-6346-488b-8955-86062e9eedb7"), + "resource_editor", + True, ( Privilege("group:resource:view-resource", "view a resource and use it in computations"), Privilege("group:resource:edit-resource", "edit/update a resource"))) +CREATE_GROUP_ROLE = Role( + uuid.UUID("ade7e6b0-ba9c-4b51-87d0-2af7fe39a347"), + "group-creator", + False, + (Privilege("system:group:create-group", "Create a group"),)) + TEST_ROLES = (RESOURCE_READER_ROLE, RESOURCE_EDITOR_ROLE) @pytest.fixture(scope="function") @@ -43,3 +66,145 @@ def fxtr_roles(conn_after_auth_migrations): cursor.executemany( ("DELETE FROM roles WHERE role_id=?"), ((str(role.role_id),) for role in TEST_ROLES)) + + +@pytest.fixture(scope="function") +def fxtr_resource_roles(fxtr_resources, fxtr_roles):# pylint: disable=[redefined-outer-name,unused-argument] + """Link roles to resources.""" + resource_roles = ({ + "resource_id": str(TEST_RESOURCES_GROUP_01[0].resource_id), + "role_created_by": "ecb52977-3004-469e-9428-2a1856725c7f", + "role_id": str(RESOURCE_EDITOR_ROLE.role_id) + },{ + "resource_id": str(TEST_RESOURCES_GROUP_01[0].resource_id), + "role_created_by": "ecb52977-3004-469e-9428-2a1856725c7f", + "role_id": str(RESOURCE_READER_ROLE.role_id) + }, { + "resource_id": str(TEST_RESOURCES_GROUP_02[1].resource_id), + "role_created_by": "ecb52977-3004-469e-9428-2a1856725c7f", + "role_id": str(RESOURCE_EDITOR_ROLE.role_id) + },{ + "resource_id": str(TEST_RESOURCES_GROUP_02[1].resource_id), + "role_created_by": "ecb52977-3004-469e-9428-2a1856725c7f", + "role_id": str(RESOURCE_READER_ROLE.role_id) + }) + + conn, resources = fxtr_resources + with db.cursor(conn) as cursor: + cursor.executemany( + "INSERT INTO resource_roles(resource_id, role_created_by, role_id) " + "VALUES (:resource_id, :role_created_by, :role_id)", + resource_roles) + + yield conn, resources, resource_roles + + with db.cursor(conn) as cursor: + cursor.executemany( + ("DELETE FROM resource_roles " + "WHERE resource_id=:resource_id " + "AND role_created_by=:role_created_by " + "AND role_id=:role_id"), + resource_roles) + + +@pytest.fixture(scope="function") +def fxtr_setup_group_leaders(fxtr_users): + """Define what roles users have that target resources of type 'Group'.""" + conn, users = fxtr_users + with db.cursor(conn) as cursor: + cursor.execute("SELECT * FROM group_resources") + g01res_id = { + row["group_id"]: row["resource_id"] + for row in cursor.fetchall() + }[str(TEST_GROUP_01.group_id)] + test_user_roles = ({ + "user_id": "ecb52977-3004-469e-9428-2a1856725c7f", + "role_id": "a0e67630-d502-4b9f-b23f-6805d0f30e30",# group-leader + "resource_id": g01res_id + },) + cursor.executemany( + "INSERT INTO user_roles(user_id, role_id, resource_id) " + "VALUES (:user_id, :role_id, :resource_id)", + test_user_roles) + + yield conn, users + + with db.cursor(conn) as cursor: + cursor.executemany( + "DELETE FROM user_roles WHERE user_id=:user_id " + "AND role_id=:role_id AND resource_id=:resource_id", + test_user_roles) + + +@pytest.fixture(scope="function") +def fxtr_system_roles(fxtr_users): + """Define what roles users have that target resources of type 'Group'.""" + conn, users = fxtr_users + with db.cursor(conn) as cursor: + cursor.execute("SELECT * FROM resources WHERE resource_name='GeneNetwork System'") + sysres_id = cursor.fetchone()["resource_id"] + test_user_roles = tuple({ + "user_id": str(user.user_id), + "role_id": str(PUBLIC_VIEW_ROLE.role_id), + "resource_id": sysres_id + } for user in TEST_USERS) + cursor.executemany( + "INSERT INTO user_roles(user_id, role_id, resource_id) " + "VALUES (:user_id, :role_id, :resource_id)", + test_user_roles) + + yield conn, users + + with db.cursor(conn) as cursor: + cursor.executemany( + "DELETE FROM user_roles WHERE user_id=:user_id " + "AND role_id=:role_id AND resource_id=:resource_id", + test_user_roles) + + +@pytest.fixture(scope="function") +def fxtr_resource_user_roles(# pylint: disable=[too-many-arguments, too-many-locals] + fxtr_resources, + fxtr_users_in_group, + fxtr_resource_ownership, + fxtr_resource_roles, + fxtr_setup_group_leaders, + fxtr_system_roles +):#pylint: disable=[redefined-outer-name,unused-argument] + """Assign roles to users.""" + _conn, group_resources = fxtr_resources + _conn, _resources, _groups, group_resources = fxtr_resource_ownership + _conn, _group, group_users = fxtr_users_in_group + conn, _groups, resource_roles = fxtr_resource_roles + + users_roles_resources = ( + # Give access to group leader to all resources in their group + tuple((TEST_USERS[0], RESOURCE_EDITOR_ROLE, resource) + for resource in TEST_RESOURCES_GROUP_01) + # Set group member as resource editor + + ((TEST_USERS[1], RESOURCE_EDITOR_ROLE, TEST_RESOURCES_GROUP_01[1]),) + # Set group-creator role on the unaffiliated user + + ((TEST_USERS[3], CREATE_GROUP_ROLE, SYSTEM_RESOURCE),) + # Set roles for public resources + + tuple( + (user, PUBLIC_VIEW_ROLE, resource) + for user in TEST_USERS for resource in TEST_RESOURCES_PUBLIC[1:])) + with db.cursor(conn) as cursor: + params = tuple({ + "user_id": str(user.user_id), + "role_id": str(role.role_id), + "resource_id": str(resource.resource_id) + } for user, role, resource in users_roles_resources) + cursor.executemany( + ("INSERT INTO user_roles " + "VALUES (:user_id, :role_id, :resource_id)"), + params) + + yield conn, group_users, resource_roles, group_resources + + with db.cursor(conn) as cursor: + cursor.executemany( + ("DELETE FROM user_roles WHERE " + "user_id=:user_id AND role_id=:role_id AND " + "resource_id=:resource_id"), + params) diff --git a/tests/unit/auth/fixtures/user_fixtures.py b/tests/unit/auth/fixtures/user_fixtures.py index b88d78a..1cf0e20 100644 --- a/tests/unit/auth/fixtures/user_fixtures.py +++ b/tests/unit/auth/fixtures/user_fixtures.py @@ -6,8 +6,6 @@ import pytest from gn_auth.auth.db import sqlite3 as db from gn_auth.auth.authentication.users import User, hash_password -from .group_fixtures import TEST_GROUP_01 - TEST_USERS = ( User(uuid.UUID("ecb52977-3004-469e-9428-2a1856725c7f"), "group@lead.er", "Group Leader"), @@ -25,29 +23,6 @@ def fxtr_users(conn_after_auth_migrations, fxtr_group):# pylint: disable=[redefi with db.cursor(conn_after_auth_migrations) as cursor: cursor.executemany(query, ( (str(user.user_id), user.email, user.name) for user in TEST_USERS)) - # setup user roles - cursor.execute("SELECT * FROM group_resources") - g01res_id = { - row["group_id"]: row["resource_id"] - for row in cursor.fetchall() - }[str(TEST_GROUP_01.group_id)] - cursor.execute("SELECT * FROM resources WHERE resource_name='GeneNetwork System'") - sysres_id = cursor.fetchone()["resource_id"] - test_user_roles = ( - { - "user_id": "ecb52977-3004-469e-9428-2a1856725c7f", - "role_id": "a0e67630-d502-4b9f-b23f-6805d0f30e30",# group-leader - "resource_id": g01res_id - }, - { - "user_id": "ecb52977-3004-469e-9428-2a1856725c7f", - "role_id": "ade7e6b0-ba9c-4b51-87d0-2af7fe39a347",# group-creator - "resource_id": sysres_id - }) - cursor.executemany( - "INSERT INTO user_roles(user_id, role_id, resource_id) " - "VALUES (:user_id, :role_id, :resource_id)", - test_user_roles) yield (conn_after_auth_migrations, TEST_USERS) |