Ejemplo n.º 1
0
def test_delegate_flow():
    #check success flow for delegate and fails sessionId used with provider
    body = {
        "apis": [{
            "method": "get",
            "endpoint": "/auth/v1/provider/access"
        }]
    }

    r = alt_provider.get_session_id(body)
    assert r['success'] is True
    assert r['status_code'] == 200

    alt_provider.set_user_session_id(fetch_sessionId(delegate_email))

    r = alt_provider.get_provider_access('*****@*****.**')
    assert r['success'] is True
    assert r['status_code'] == 200

    # using delegates session ID for provider
    untrusted.set_user_session_id(fetch_sessionId(delegate_email))

    r = untrusted.get_provider_access(None)
    assert r['success'] is False
    assert r['status_code'] == 403
def init():
        init_provider("*****@*****.**")

        assert reset_role(email) == True
        assert reset_role(delegate_email) == True

        # register abc.123 as delegate and set delegate rule
        r = role_reg(delegate_email, '9454234223', name , ["delegate"], org_id, csr)
        assert r['success']     == True
        assert r['status_code'] == 200

        # register barun user as all roles
        r = role_reg(email, '9454234223', name , ["consumer","onboarder","data ingester", "delegate"], org_id, csr)
        assert r['success']     == True
        assert r['status_code'] == 200

        ######### session ID setup for provider, delegate and consumer with delegate role ###########
        r = untrusted.get_session_id(ALL_SECURE_ENDPOINTS_BODY)
        assert r['success'] is True

        untrusted.set_user_session_id(fetch_sessionId('*****@*****.**'))

        r = alt_provider.get_session_id(ALL_SECURE_ENDPOINTS_BODY)
        assert r['success'] is True

        alt_provider.set_user_session_id(fetch_sessionId(delegate_email))

        r = consumer.get_session_id(ALL_SECURE_ENDPOINTS_BODY)
        assert r['success'] is True

        consumer.set_user_session_id(fetch_sessionId(email))
Ejemplo n.º 3
0
def test_sessionId_multiple_sucess():
    #get session id for multiple end points and check if success
    body = {
        "apis": [{
            "method": "get",
            "endpoint": "/auth/v1/provider/access"
        }, {
            "method": "post",
            "endpoint": "/auth/v1/provider/access"
        }]
    }
    r = untrusted.get_session_id(body)
    assert r['success'] is True
    untrusted.set_user_session_id(fetch_sessionId('*****@*****.**'))

    r = untrusted.get_provider_access()
    assert r['success'] is True
    assert r['status_code'] == 200

    resource_group = ''.join(
        random.choice(string.ascii_lowercase) for _ in range(10))
    resource_id = provider_id + '/rs.iudx.io/' + resource_group
    req = {
        "user_email": email,
        "user_role": 'consumer',
        'capabilities': ['temporal'],
        "item_id": resource_id,
        "item_type": "resourcegroup"
    }
    r = untrusted.provider_access([req])
    assert r['success'] is True
    assert r['status_code'] == 200
Ejemplo n.º 4
0
def test_Success():
    # successful flow
    body = {
        "apis": [{
            "method": "get",
            "endpoint": "/auth/v1/provider/access"
        }]
    }
    r = untrusted.get_session_id(body)
    assert r['success'] is True
    untrusted.set_user_session_id(fetch_sessionId('*****@*****.**'))

    r = untrusted.get_provider_access()
    assert r['success'] is True
    assert r['status_code'] == 200
Ejemplo n.º 5
0
def init():
    init_provider("*****@*****.**")
    assert reset_role(email) == True
    assert reset_role(memail) == True

    ######### session ID setup ###########
    r = untrusted.get_session_id(ALL_SECURE_ENDPOINTS_BODY)
    assert r['success'] is True

    untrusted.set_user_session_id(fetch_sessionId('*****@*****.**'))

    ##### for multiple rule tests #####

    r = role_reg(memail, '9454234223', name,
                 ["onboarder", "consumer", "data ingester", "delegate"],
                 org_id, csr)
    assert r['success'] == True
    assert r['status_code'] == 200
Ejemplo n.º 6
0
def test_incorrect_user():
    #using sessionId by one user to check if it fails when used by any other user
    body = {
        "apis": [{
            "method": "post",
            "endpoint": "/auth/v1/provider/access"
        }]
    }
    r = untrusted.get_session_id(body)
    assert r['success'] is True
    untrusted.set_user_session_id(fetch_sessionId('*****@*****.**'))

    req = {"user_email": delegate_email, "user_role": 'delegate'}
    r = untrusted.provider_access([req])
    assert r['success'] == True
    assert r['status_code'] == 200

    alt_provider.set_user_session_id(fetch_sessionId('*****@*****.**'))
    r = alt_provider.get_provider_access('*****@*****.**')
    assert r['success'] is False
    assert r['status_code'] == 403
Ejemplo n.º 7
0
def test_no_sessionId_header():
    # setting session ID None will not set the header in requests
    untrusted.set_user_session_id(None)
    r = untrusted.get_provider_access()
    assert r['success'] is False
    assert r['status_code'] == 403
Ejemplo n.º 8
0
def test_sessionId_incorrect():
    #passing incorrect session id while accessing Secure endpoint
    untrusted.set_user_session_id("")
    r = untrusted.get_provider_access()
    assert r['success'] is False
    assert r['status_code'] == 403