diff options
| -rw-r--r-- | gn_auth/auth/authentication/oauth2/endpoints/utilities.py | 4 | ||||
| -rw-r--r-- | gn_auth/auth/authentication/oauth2/models/oauth2token.py | 3 | ||||
| -rw-r--r-- | tests/unit/auth/conftest.py | 4 | ||||
| -rw-r--r-- | tests/unit/auth/test_groups.py | 18 | ||||
| -rw-r--r-- | tests/unit/auth/test_privileges.py | 8 | ||||
| -rw-r--r-- | tests/unit/auth/test_resources.py | 21 | ||||
| -rw-r--r-- | tests/unit/auth/test_roles.py | 6 |
7 files changed, 35 insertions, 29 deletions
diff --git a/gn_auth/auth/authentication/oauth2/endpoints/utilities.py b/gn_auth/auth/authentication/oauth2/endpoints/utilities.py index 29ace7c..2c13c66 100644 --- a/gn_auth/auth/authentication/oauth2/endpoints/utilities.py +++ b/gn_auth/auth/authentication/oauth2/endpoints/utilities.py @@ -12,7 +12,9 @@ def query_token(# pylint: disable=[unused-argument] endpoint_object: Any, token_str: str, token_type_hint) -> Optional[ OAuth2Token]: """Retrieve the token from the database.""" - __identity__ = lambda val: val + def __identity__(val): + """Identity function.""" + return val token = Nothing with db.connection(current_app.config["AUTH_DB"]) as conn: if token_type_hint == "access_token": diff --git a/gn_auth/auth/authentication/oauth2/models/oauth2token.py b/gn_auth/auth/authentication/oauth2/models/oauth2token.py index 6f9dc12..bbcdc4c 100644 --- a/gn_auth/auth/authentication/oauth2/models/oauth2token.py +++ b/gn_auth/auth/authentication/oauth2/models/oauth2token.py @@ -51,7 +51,8 @@ class OAuth2Token(NamedTuple): return self.revoked def __token_from_resultset__(conn: db.DbConnection, rset) -> Maybe: - __identity__ = lambda val: val + def __identity__(value): + return value try: the_user = user_by_id(conn, uuid.UUID(rset["user_id"])) except NotFoundError as _nfe: diff --git a/tests/unit/auth/conftest.py b/tests/unit/auth/conftest.py index facfb81..7f9d42d 100644 --- a/tests/unit/auth/conftest.py +++ b/tests/unit/auth/conftest.py @@ -22,3 +22,7 @@ def get_tokeniser(user): }[user.user_id] return __token__ + +def uuid_fn(): + """Return a specific UUID for testing.""" + return uuid.UUID("d32611e3-07fc-4564-b56c-786c6db6de2b") diff --git a/tests/unit/auth/test_groups.py b/tests/unit/auth/test_groups.py index af33f85..9c4e760 100644 --- a/tests/unit/auth/test_groups.py +++ b/tests/unit/auth/test_groups.py @@ -19,8 +19,6 @@ create_group_failure = { "message": "Unauthorised: Failed to create group." } -uuid_fn = lambda : UUID("d32611e3-07fc-4564-b56c-786c6db6de2b") - GROUP = Group(UUID("9988c21d-f02f-4d45-8966-22c968ac2fbf"), "TheTestGroup", {"group_description": "The test group"}) PRIVILEGES = ( @@ -45,7 +43,7 @@ def test_create_group(# pylint: disable=[too-many-arguments] THEN: verify they are only able to create the group if they have the appropriate privileges """ - mocker.patch("gn_auth.auth.authorisation.groups.models.uuid4", uuid_fn) + mocker.patch("gn_auth.auth.authorisation.groups.models.uuid4", conftest.uuid_fn) mocker.patch("gn_auth.auth.authorisation.checks.require_oauth.acquire", conftest.get_tokeniser(user)) with db.connection(auth_testdb_path) as conn: @@ -61,7 +59,7 @@ def test_create_group_raises_exception_with_non_privileged_user(# pylint: disabl WHEN: the user attempts to create a group THEN: verify the system raises an exception """ - mocker.patch("gn_auth.auth.authorisation.groups.models.uuid4", uuid_fn) + mocker.patch("gn_auth.auth.authorisation.groups.models.uuid4", conftest.uuid_fn) mocker.patch("gn_auth.auth.authorisation.checks.require_oauth.acquire", conftest.get_tokeniser(user)) with db.connection(auth_testdb_path) as conn: @@ -88,8 +86,8 @@ def test_create_group_role(mocker, fxtr_users_in_group, user, expected): THEN: verify they are only able to create the role if they have the appropriate privileges and that the role is attached to the given group """ - mocker.patch("gn_auth.auth.authorisation.groups.models.uuid4", uuid_fn) - mocker.patch("gn_auth.auth.authorisation.roles.models.uuid4", uuid_fn) + mocker.patch("gn_auth.auth.authorisation.groups.models.uuid4", conftest.uuid_fn) + mocker.patch("gn_auth.auth.authorisation.roles.models.uuid4", conftest.uuid_fn) mocker.patch("gn_auth.auth.authorisation.checks.require_oauth.acquire", conftest.get_tokeniser(user)) conn, _group, _users = fxtr_users_in_group @@ -100,7 +98,7 @@ def test_create_group_role(mocker, fxtr_users_in_group, user, expected): cursor.execute( ("DELETE FROM group_roles " "WHERE group_role_id=? AND group_id=? AND role_id=?"), - (str(uuid_fn()), str(GROUP.group_id), str(uuid_fn()))) + (str(conftest.uuid_fn()), str(GROUP.group_id), str(conftest.uuid_fn()))) @pytest.mark.unit_test @pytest.mark.parametrize( @@ -114,8 +112,8 @@ def test_create_group_role_raises_exception_with_unauthorised_users( THEN: verify they are only able to create the role if they have the appropriate privileges and that the role is attached to the given group """ - mocker.patch("gn_auth.auth.authorisation.groups.models.uuid4", uuid_fn) - mocker.patch("gn_auth.auth.authorisation.roles.models.uuid4", uuid_fn) + mocker.patch("gn_auth.auth.authorisation.groups.models.uuid4", conftest.uuid_fn) + mocker.patch("gn_auth.auth.authorisation.roles.models.uuid4", conftest.uuid_fn) mocker.patch("gn_auth.auth.authorisation.checks.require_oauth.acquire", conftest.get_tokeniser(user)) conn, _group, _users = fxtr_users_in_group @@ -132,7 +130,7 @@ def test_create_multiple_groups(mocker, fxtr_users): THEN: The system should prevent that, and respond with an appropriate error message """ - mocker.patch("gn_auth.auth.authorisation.groups.models.uuid4", uuid_fn) + mocker.patch("gn_auth.auth.authorisation.groups.models.uuid4", conftest.uuid_fn) user = User( UUID("ecb52977-3004-469e-9428-2a1856725c7f"), "group@lead.er", "Group Leader") diff --git a/tests/unit/auth/test_privileges.py b/tests/unit/auth/test_privileges.py index b37a1a7..0b5f120 100644 --- a/tests/unit/auth/test_privileges.py +++ b/tests/unit/auth/test_privileges.py @@ -6,7 +6,9 @@ from gn_auth.auth.authorisation.privileges import Privilege, user_privileges from tests.unit.auth import conftest -SORT_KEY = lambda x: x.privilege_id +def sort_key_privileges(priv): + """Sort-key for privileges.""" + return priv.privilege_id PRIVILEGES = sorted( (Privilege("system:group:create-group", "Create a group"), @@ -29,7 +31,7 @@ PRIVILEGES = sorted( Privilege("group:role:edit-role", "edit/update an existing role"), Privilege("group:user:assign-role", "Assign a role to an existing user"), Privilege("group:role:delete-role", "Delete an existing role")), - key=SORT_KEY) + key=sort_key_privileges) @pytest.mark.unit_test @pytest.mark.parametrize( @@ -43,4 +45,4 @@ def test_user_privileges(auth_testdb_path, fxtr_users, user, expected):# pylint: """ with db.connection(auth_testdb_path) as conn: assert sorted( - user_privileges(conn, user), key=SORT_KEY) == expected + user_privileges(conn, user), key=sort_key_privileges) == expected diff --git a/tests/unit/auth/test_resources.py b/tests/unit/auth/test_resources.py index 9d2671c..7018e73 100644 --- a/tests/unit/auth/test_resources.py +++ b/tests/unit/auth/test_resources.py @@ -21,7 +21,6 @@ create_resource_failure = { "status": "error", "message": "Unauthorised: Could not create resource" } -uuid_fn = lambda : uuid.UUID("d32611e3-07fc-4564-b56c-786c6db6de2b") @pytest.mark.unit_test @pytest.mark.parametrize( @@ -33,7 +32,7 @@ uuid_fn = lambda : uuid.UUID("d32611e3-07fc-4564-b56c-786c6db6de2b") "test_resource", resource_category, False),)))) def test_create_resource(mocker, fxtr_users_in_group, user, expected): """Test that resource creation works as expected.""" - mocker.patch("gn_auth.auth.authorisation.resources.models.uuid4", uuid_fn) + mocker.patch("gn_auth.auth.authorisation.resources.models.uuid4", conftest.uuid_fn) mocker.patch("gn_auth.auth.authorisation.checks.require_oauth.acquire", conftest.get_tokeniser(user)) conn, _group, _users = fxtr_users_in_group @@ -63,7 +62,7 @@ def test_create_resource(mocker, fxtr_users_in_group, user, expected): def test_create_resource_raises_for_unauthorised_users( mocker, fxtr_users_in_group, user, expected): """Test that resource creation works as expected.""" - mocker.patch("gn_auth.auth.authorisation.resources.models.uuid4", uuid_fn) + mocker.patch("gn_auth.auth.authorisation.resources.models.uuid4", conftest.uuid_fn) mocker.patch("gn_auth.auth.authorisation.checks.require_oauth.acquire", conftest.get_tokeniser(user)) conn, _group, _users = fxtr_users_in_group @@ -71,7 +70,9 @@ def test_create_resource_raises_for_unauthorised_users( assert create_resource( conn, "test_resource", resource_category, user, False) == expected -SORTKEY = lambda resource: resource.resource_id +def sort_key_resources(resource): + """Sort-key for resources.""" + return resource.resource_id @pytest.mark.unit_test def test_public_resources(fxtr_resources): @@ -81,12 +82,12 @@ def test_public_resources(fxtr_resources): THEN: only list the resources that are public """ conn, _res = fxtr_resources - assert sorted(public_resources(conn), key=SORTKEY) == sorted(tuple( - res for res in conftest.TEST_RESOURCES if res.public), key=SORTKEY) + assert sorted(public_resources(conn), key=sort_key_resources) == sorted(tuple( + res for res in conftest.TEST_RESOURCES if res.public), key=sort_key_resources) PUBLIC_RESOURCES = sorted( {res.resource_id: res for res in conftest.TEST_RESOURCES_PUBLIC}.values(), - key=SORTKEY) + key=sort_key_resources) @pytest.mark.unit_test @pytest.mark.parametrize( @@ -97,13 +98,13 @@ PUBLIC_RESOURCES = sorted( {res.resource_id: res for res in (conftest.TEST_RESOURCES_GROUP_01 + conftest.TEST_RESOURCES_PUBLIC)}.values(), - key=SORTKEY), + key=sort_key_resources), sorted( {res.resource_id: res for res in ((conftest.TEST_RESOURCES_GROUP_01[1],) + conftest.TEST_RESOURCES_PUBLIC)}.values() , - key=SORTKEY), + key=sort_key_resources), PUBLIC_RESOURCES, PUBLIC_RESOURCES)))) def test_user_resources(fxtr_group_user_roles, user, expected): """ @@ -114,4 +115,4 @@ def test_user_resources(fxtr_group_user_roles, user, expected): conn, *_others = fxtr_group_user_roles assert sorted( {res.resource_id: res for res in user_resources(conn, user) - }.values(), key=SORTKEY) == expected + }.values(), key=sort_key_resources) == expected diff --git a/tests/unit/auth/test_roles.py b/tests/unit/auth/test_roles.py index 67654d8..227cb9e 100644 --- a/tests/unit/auth/test_roles.py +++ b/tests/unit/auth/test_roles.py @@ -16,8 +16,6 @@ create_role_failure = { "message": "Unauthorised: Could not create role" } -uuid_fn = lambda : uuid.UUID("d32611e3-07fc-4564-b56c-786c6db6de2b") - PRIVILEGES = ( Privilege("group:resource:view-resource", "view a resource and use it in computations"), @@ -36,7 +34,7 @@ def test_create_role(# pylint: disable=[too-many-arguments] THEN: verify they are only able to create the role if they have the appropriate privileges """ - mocker.patch("gn_auth.auth.authorisation.roles.models.uuid4", uuid_fn) + mocker.patch("gn_auth.auth.authorisation.roles.models.uuid4", conftest.uuid_fn) mocker.patch("gn_auth.auth.authorisation.checks.require_oauth.acquire", conftest.get_tokeniser(user)) with db.connection(auth_testdb_path) as conn, db.cursor(conn) as cursor: @@ -55,7 +53,7 @@ def test_create_role_raises_exception_for_unauthorised_users(# pylint: disable=[ THEN: verify they are only able to create the role if they have the appropriate privileges """ - mocker.patch("gn_auth.auth.authorisation.roles.models.uuid4", uuid_fn) + mocker.patch("gn_auth.auth.authorisation.roles.models.uuid4", conftest.uuid_fn) mocker.patch("gn_auth.auth.authorisation.checks.require_oauth.acquire", conftest.get_tokeniser(user)) with db.connection(auth_testdb_path) as conn, db.cursor(conn) as cursor: |