aboutsummaryrefslogtreecommitdiff
path: root/tests/unit/auth/test_resources.py
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2023-08-04 10:10:28 +0300
committerFrederick Muriuki Muriithi2023-08-04 10:20:09 +0300
commit8b7c598407a5fea9a3d78473e72df87606998cd4 (patch)
tree8526433a17eca6b511feb082a0574f9b15cb9469 /tests/unit/auth/test_resources.py
parentf7fcbbcc014686ac597b783a8dcb38b43024b9d6 (diff)
downloadgn-auth-8b7c598407a5fea9a3d78473e72df87606998cd4.tar.gz
Copy over files from GN3 repository.
Diffstat (limited to 'tests/unit/auth/test_resources.py')
-rw-r--r--tests/unit/auth/test_resources.py117
1 files changed, 117 insertions, 0 deletions
diff --git a/tests/unit/auth/test_resources.py b/tests/unit/auth/test_resources.py
new file mode 100644
index 0000000..2884add
--- /dev/null
+++ b/tests/unit/auth/test_resources.py
@@ -0,0 +1,117 @@
+"""Test resource-management functions"""
+import uuid
+
+import pytest
+
+from gn3.auth import db
+
+from gn3.auth.authorisation.groups import Group
+from gn3.auth.authorisation.errors import AuthorisationError
+from gn3.auth.authorisation.resources.models import (
+ Resource, user_resources, create_resource, ResourceCategory,
+ public_resources)
+
+from tests.unit.auth import conftest
+
+group = Group(uuid.UUID("9988c21d-f02f-4d45-8966-22c968ac2fbf"), "TheTestGroup",
+ {})
+resource_category = ResourceCategory(
+ uuid.UUID("fad071a3-2fc8-40b8-992b-cdefe7dcac79"), "mrna", "mRNA Dataset")
+create_resource_failure = {
+ "status": "error",
+ "message": "Unauthorised: Could not create resource"
+}
+uuid_fn = lambda : uuid.UUID("d32611e3-07fc-4564-b56c-786c6db6de2b")
+
+@pytest.mark.unit_test
+@pytest.mark.parametrize(
+ "user,expected",
+ tuple(zip(
+ conftest.TEST_USERS[0:1],
+ (Resource(
+ group, uuid.UUID("d32611e3-07fc-4564-b56c-786c6db6de2b"),
+ "test_resource", resource_category, False),))))
+def test_create_resource(mocker, fxtr_users_in_group, user, expected):
+ """Test that resource creation works as expected."""
+ mocker.patch("gn3.auth.authorisation.resources.models.uuid4", uuid_fn)
+ mocker.patch("gn3.auth.authorisation.checks.require_oauth.acquire",
+ conftest.get_tokeniser(user))
+ conn, _group, _users = fxtr_users_in_group
+ resource = create_resource(
+ conn, "test_resource", resource_category, user, False)
+ assert resource == expected
+
+ with db.cursor(conn) as cursor:
+ # Cleanup
+ cursor.execute(
+ "DELETE FROM group_user_roles_on_resources WHERE resource_id=?",
+ (str(resource.resource_id),))
+ cursor.execute(
+ "DELETE FROM group_roles WHERE group_id=?",
+ (str(resource.group.group_id),))
+ cursor.execute(
+ "DELETE FROM resources WHERE resource_id=?",
+ (str(resource.resource_id),))
+
+@pytest.mark.unit_test
+@pytest.mark.parametrize(
+ "user,expected",
+ tuple(zip(
+ conftest.TEST_USERS[1:],
+ (create_resource_failure, create_resource_failure,
+ create_resource_failure))))
+def test_create_resource_raises_for_unauthorised_users(
+ mocker, fxtr_users_in_group, user, expected):
+ """Test that resource creation works as expected."""
+ mocker.patch("gn3.auth.authorisation.resources.models.uuid4", uuid_fn)
+ mocker.patch("gn3.auth.authorisation.checks.require_oauth.acquire",
+ conftest.get_tokeniser(user))
+ conn, _group, _users = fxtr_users_in_group
+ with pytest.raises(AuthorisationError):
+ assert create_resource(
+ conn, "test_resource", resource_category, user, False) == expected
+
+SORTKEY = lambda resource: resource.resource_id
+
+@pytest.mark.unit_test
+def test_public_resources(fxtr_resources):
+ """
+ GIVEN: some resources in the database
+ WHEN: public resources are requested
+ THEN: only list the resources that are public
+ """
+ conn, _res = fxtr_resources
+ assert sorted(public_resources(conn), key=SORTKEY) == sorted(tuple(
+ res for res in conftest.TEST_RESOURCES if res.public), key=SORTKEY)
+
+PUBLIC_RESOURCES = sorted(
+ {res.resource_id: res for res in conftest.TEST_RESOURCES_PUBLIC}.values(),
+ key=SORTKEY)
+
+@pytest.mark.unit_test
+@pytest.mark.parametrize(
+ "user,expected",
+ tuple(zip(
+ conftest.TEST_USERS,
+ (sorted(
+ {res.resource_id: res for res in
+ (conftest.TEST_RESOURCES_GROUP_01 +
+ conftest.TEST_RESOURCES_PUBLIC)}.values(),
+ key=SORTKEY),
+ sorted(
+ {res.resource_id: res for res in
+ ((conftest.TEST_RESOURCES_GROUP_01[1],) +
+ conftest.TEST_RESOURCES_PUBLIC)}.values()
+ ,
+ key=SORTKEY),
+ PUBLIC_RESOURCES, PUBLIC_RESOURCES))))
+def test_user_resources(fxtr_group_user_roles, user, expected):
+ """
+ GIVEN: some resources in the database
+ WHEN: a particular user's resources are requested
+ THEN: list only the resources for which the user can access
+ """
+ conn, *_others = fxtr_group_user_roles
+ assert sorted(
+ {res.resource_id: res for res in user_resources(conn, user)
+ }.values(), key=SORTKEY) == expected