Update expected privileges for group-leader users.

author: Frederick Muriuki Muriithi 2025-07-09 09:15:52 -0500
committer: Frederick Muriuki Muriithi 2025-07-09 09:27:25 -0500
commit: cf38f74e058e19b11b5e9489efb9118a69dab8fb (patch)
tree: 88dc6e6e9798c7faa493987a9aaf98152b2fef9c /tests/unit/auth
parent: 360cc3bd259c5e1c123bf8095d8474213597971d (diff)
download: gn-auth-cf38f74e058e19b11b5e9489efb9118a69dab8fb.tar.gz
2 files changed, 18 insertions, 1 deletions
diff --git a/tests/unit/auth/test_privileges.py b/tests/unit/auth/test_privileges.py
index 9b2ea04..41dae7f 100644
--- a/tests/unit/auth/test_privileges.py
+++ b/tests/unit/auth/test_privileges.py
@@ -27,7 +27,15 @@ PRIVILEGES = sorted(
      Privilege("group:resource:delete-resource", "Delete a resource"),
 
      Privilege("group:data:link-to-group",
-               "Allow linking data to only one specific group.")),
+               "Allow linking data to only one specific group."),
+
+     # Role-management privileges
+     Privilege("resource:role:create-role",
+               "Create a new role on a specific resource"),
+     Privilege("resource:role:delete-role",
+               "Delete an existing role from a specific resource"),
+     Privilege("resource:role:edit-role",
+               "Edit an existing role on a specific resource")),
     key=sort_key_privileges)
 
 @pytest.mark.unit_test
diff --git a/tests/unit/auth/test_roles.py b/tests/unit/auth/test_roles.py
index 43d84e4..b7512ef 100644
--- a/tests/unit/auth/test_roles.py
+++ b/tests/unit/auth/test_roles.py
@@ -137,6 +137,15 @@ def test_create_role_raises_exception_for_unauthorised_users(# pylint: disable=[
                         privilege_id="group:user:remove-group-member",
                         privilege_description="Remove a user from a group"),
                     Privilege(
+                        privilege_id="resource:role:create-role",
+                        privilege_description="Create a new role on a specific resource"),
+                    Privilege(
+                        privilege_id="resource:role:delete-role",
+                        privilege_description="Delete an existing role from a specific resource"),
+                    Privilege(
+                        privilege_id="resource:role:edit-role",
+                        privilege_description="Edit an existing role on a specific resource"),
+                    Privilege(
                         privilege_id="system:group:delete-group",
                         privilege_description="Delete a group"),
                     Privilege(
author	Frederick Muriuki Muriithi	2025-07-09 09:15:52 -0500
committer	Frederick Muriuki Muriithi	2025-07-09 09:27:25 -0500
commit	cf38f74e058e19b11b5e9489efb9118a69dab8fb (patch)
tree	88dc6e6e9798c7faa493987a9aaf98152b2fef9c /tests/unit/auth
parent	360cc3bd259c5e1c123bf8095d8474213597971d (diff)
download	gn-auth-cf38f74e058e19b11b5e9489efb9118a69dab8fb.tar.gz