def test_success(self):
"""正确
"""
user = User(uuid=str(uuid.uuid4()))
self.db.add(user)
total = 10
user_role_total = 5
basename = "myrole"
for i in range(total):
role = Role(name=basename + str(i))
self.db.add(role)
if i < user_role_total:
user.roles.append(role)
self.db.commit()
resp = self.api_get(f"/user/{user.uuid}/role")
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
spec = self.rs.get_user_id_role.op_spec["responses"]["200"]["schema"]
api.validate_object(spec, body)
self.assertEqual([basename + str(i) for i in range(user_role_total)],
sorted([role["name"] for role in body["data"]]))
def test_post_success(self):
"""删除权限成功
"""
role_name = "my-role"
role = Role(name=role_name)
self.db.add(role)
remove_permission_total = 3
remove_permission_list = []
permission_total = 12
permission_basename = "my-permission"
for i in range(permission_total):
perm = Permission(name=permission_basename + str(i))
self.db.add(perm)
role.permissions.append(perm)
self.db.commit()
if i < remove_permission_total:
remove_permission_list.append(perm.name)
resp = self.api_post("/role/permission/remove", body={
"role": role.name,
"permissions": remove_permission_list,
})
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
role = self.db.query(Role).filter_by(name=role_name).one()
self.assertEqual(
len(role.permissions),
permission_total - remove_permission_total
)
def test_get_success(self):
"""正确
"""
role_name = "my-role"
role = Role(name=role_name)
self.db.add(role)
permission_total = 12
permission_basename = "my-permission"
for i in range(permission_total):
perm = Permission(name=permission_basename + str(i))
self.db.add(perm)
role.permissions.append(perm)
self.db.commit()
resp = self.api_get(f"/role/{role.uuid}/permission")
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
spec = self.rs.get_role_id_permission.op_spec["responses"]["200"]["schema"]
api.validate_object(spec, body)
self.assertEqual(len(body["data"]), permission_total)
def test_update_success(self):
"""更新成功
"""
name = "my-role"
summary = "my summary"
description = "my description"
role = Role(name=name, summary=summary, description=description)
self.db.add(role)
self.db.commit()
old_updated = role.updated
role_id = str(role.uuid)
del role
resp = self.api_post(f"/role/{role_id}", body={
"summary": summary + ":new",
"description": description + ":new"})
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
role = self.db.query(Role).filter_by(uuid=role_id).one()
self.assertEqual(role.summary, summary + ":new")
self.assertEqual(role.description, description + ":new")
self.assertNotEqual(old_updated, role.updated)
def test_delete_success(self):
"""删除成功
"""
user_id = self.current_user.id
role_name = "my-role"
role = Role(name=role_name)
role.users.append(self.current_user)
perm = Permission(name="my-permission")
self.db.add(perm)
role.permissions.append(perm)
self.db.add(role)
self.db.commit()
role_id = str(role.uuid)
resp = self.api_delete(f"/role/{role_id}")
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
del role
role = self.db.query(Role).filter_by(uuid=role_id).first()
self.assertIs(role, None)
user = self.db.query(User).get(user_id)
self.assertNotIn(role_name, [r.name for r in user.roles])
def test_delete_success(self):
"""删除成功
"""
role_name = "my-role"
role = Role(name=role_name)
self.db.add(role)
perm_name = "my-permission"
perm = Permission(name=perm_name)
perm.roles.append(role)
self.db.add(perm)
self.db.commit()
resp = self.api_delete(f"/permission/{perm.uuid}")
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
del perm
perm = self.db.query(Permission).filter_by(name=perm_name).first()
self.assertIs(perm, None)
role = self.db.query(Role).filter_by(name=role_name).one()
self.assertNotIn(perm_name, [p.name for p in role.permissions])
def test_success(self):
"""返回正确
"""
role_numbers = 10
perm_numbers = 20
role_basename = "myrole"
permission_basename = "myperm"
for i in range(role_numbers):
role = Role(name=role_basename + str(i))
for j in range(perm_numbers):
perm = Permission(name=permission_basename + str(i) + str(j))
self.db.add(perm)
role.permissions.append(perm)
self.db.add(role)
self.current_user.roles.append(role)
self.db.commit()
resp = self.api_get("/my/permission")
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
spec = self.rs.get_my_permission.op_spec["responses"]["200"]["schema"]
api.validate_object(spec, body)
self.assertEqual(len(body["data"]), role_numbers)
for role_data in body["data"]:
self.assertEqual(len(role_data["permissions"]), perm_numbers)
role_names = [role_data["name"] for role_data in body["data"]]
self.assertEqual([role_basename + str(i) for i in range(role_numbers)],
sorted(role_names))
def test_remove_success(self):
"""删除成功
"""
user = User(uuid=str(uuid.uuid4()))
self.db.add(user)
self.db.commit()
remove_role_total = 3
remove_role_list = []
role_total = 12
role_basename = "test-role"
for i in range(role_total):
role = Role(name=role_basename + str(i))
self.db.add(role)
user.roles.append(role)
self.db.commit()
if i < remove_role_total:
remove_role_list.append(str(role.uuid))
user_id = user.uuid
del user
resp = self.api_post(f"/user/{user_id}/role/remove",
body={
"roles": remove_role_list,
})
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
user = self.db.query(User).filter_by(uuid=user_id).one()
self.assertEqual(len(user.roles), role_total - remove_role_total)
def test_name_exist(self):
"""使用重复的名称
"""
role_name = "my-role"
role = Role(name=role_name)
self.db.add(role)
self.db.commit()
resp = self.api_post("/role", body={"name": role_name})
body = get_body_json(resp)
self.assertEqual(resp.code, 400)
validate_default_error(body)
self.assertEqual(body["status"], "name-exist")
def test_notexist_permissions(self):
"""使用不存在的权限名称
"""
role_name = "my-role"
role = Role(name=role_name)
self.db.add(role)
self.db.commit()
notexist_total = 12
resp = self.api_post("/role/permission/append", body={
"role": role.name,
"permissions": [str(uuid.uuid4()) for i in range(notexist_total)],
})
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
def setUp(self):
super().setUp()
user = User(uuid=str(uuid.uuid4()))
self.db.add(user)
role = Role(name="test-role")
self.db.add(role)
user.roles.append(role)
perm = Permission(name="test-permission")
self.db.add(perm)
role.permissions.append(perm)
self.db.commit()
self.user = user
self.permission = perm
async def post(self):
"""增加指定角色的权限
"""
body = self.get_body_json()
role = self.db.query(Role).filter_by(name=body["role"]).first()
if not role:
role = Role(name=body["role"])
self.db.add(role)
self.db.commit()
perms = []
for perm_name in body["permissions"]:
perm = self.db.query(Permission).filter_by(name=perm_name).first()
if not perm:
perm = Permission(name=perm_name)
self.db.add(perm)
self.db.commit()
perms.append(perm)
if not perms:
self.fail("no-permissions")
return
# sync to etcd
if settings.SYCN_ETCD:
# create etcd client
for endpoint in settings.ETCD_ENDPOINTS.split(";"):
host, port = endpoint.split(":")
client = Client(host, int(port))
break # FIXME: try when failed
key = get_permission_role_key(perm.name)
new_roles = []
r = client.range(key)
if r.count == 1:
new_roles.extend(json.loads(r.kvs[0].value))
if role.name not in new_roles:
new_roles.append(role.name)
client.put(key, json.dumps(new_roles))
# append permissions
role.permissions.extend(perms)
self.db.commit()
self.success()
def setUp(self):
super().setUp()
total = 5
basename = "fortest"
for _ in range(total):
user = User(uuid=str(uuid.uuid4()))
self.db.add(user)
self.db.commit()
for j in range(total):
role = Role(name=str(user.id) + basename + str(j))
self.db.add(role)
user.roles.append(role)
self.db.commit()
self.total = total * total
def post(self):
"""创建角色
"""
body = self.get_body_json()
role = self.db.query(Role).filter_by(name=body["name"]).first()
if role:
self.fail("name-exist")
return
role = Role(
name=body["name"],
summary=body.get("summary"),
description=body.get("description"),
)
self.db.add(role)
self.db.commit()
self.success(id=str(role.uuid))
def append_roles(self, user_id):
roles = []
role_total = 12
role_basename = "testrole"
for i in range(role_total):
role = Role(name=role_basename + str(i))
self.db.add(role)
self.db.commit()
roles.append(str(role.uuid))
resp = self.api_post(f"/user/{user_id}/role/append",
body={"roles": roles})
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
user = self.db.query(User).filter_by(uuid=user_id).one()
self.assertEqual(
sorted([role_basename + str(i) for i in range(role_total)]),
sorted([role.name for role in user.roles]))
def test_get_success(self):
"""正确
"""
role_name = "my-role"
role_summary = "my summary"
role = Role(name=role_name, summary=role_summary)
self.db.add(role)
self.db.commit()
resp = self.api_get(f"/role/{role.uuid}")
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
spec = self.rs.get_role_id.op_spec["responses"]["200"]["schema"]
api.validate_object(spec, body)
data = body["data"]
self.assertEqual(data["summary"], role_summary)
self.assertEqual(data["created"], utc_rfc3339_string(role.created))
self.assertEqual(data["updated"], utc_rfc3339_string(role.updated))
def test_success(self):
"""正确
"""
numbers = 10
basename = "myrole"
for i in range(numbers):
role = Role(name=basename + str(i))
self.db.add(role)
self.current_user.roles.append(role)
self.db.commit()
resp = self.api_get("/my/role")
body = get_body_json(resp)
self.assertEqual(resp.code, 200)
self.validate_default_success(body)
spec = self.rs.get_my_role.op_spec["responses"]["200"]["schema"]
api.validate_object(spec, body)
names = [role["name"] for role in body["data"]]
self.assertEqual([basename + str(i)
for i in range(numbers)], sorted(names))
def test_notexist_permissions(self):
"""使用不存在的权限名称
"""
role_name = "my-role"
role = Role(name=role_name)
self.db.add(role)
self.db.commit()
notexist_total = 12
resp = self.api_post("/role/permission/remove", body={
"role": role.name,
"permissions": [str(uuid.uuid4()) for i in range(notexist_total)],
})
body = get_body_json(resp)
self.assertEqual(resp.code, 400)
spec = self.rs.post_role_permission_remove.op_spec[
"responses"]["default"]["schema"]
api.validate_object(spec, body)
self.assertEqual(body["status"], "have-not-exist")
self.assertEqual(len(body["data"]), notexist_total)