def user_has_role(step, stored_user, user_name, stored_role, role_name):
userModel = UserModel()
user_name = userModel.get_stored_or_store_name(stored_user, user_name)
roleModel = RoleModel()
role_name = roleModel.get_stored_or_store_name(stored_role, role_name)
userModel.has_role(user_name, role_name)
def remove_role_from_user(step, stored_role, role_name, stored_user, user_name):
userModel = UserModel()
user_name = userModel.get_stored_or_store_name(stored_user, user_name)
roleModel = RoleModel()
role_name = roleModel.get_stored_or_store_name(stored_role, role_name)
userModel.remove_role(user_name, role_name)
def order_role_searches_list_foo_before_bar(step, order, first, second):
roleModel = RoleModel()
role_list = roleModel.get_all_list(sort_direction = order,
sort_field = "name")
# check that the index of "first" is before "second"
check_first_before_second("name", first, second, role_list)
def find_role_by_id(step, stored_role, role_name):
roleModel = RoleModel()
role_name = roleModel.get_stored_or_store_name(stored_role, role_name)
role = roleModel.get_by_name(role_name)
assert role[ns("name")] == role_name, "Expected to find role with name %s in:\n%s" % (role_name,
jstr(role))
def check_roles_exist(hashes):
roleModel = RoleModel()
role_list = roleModel.get_all_list()
# walk through all the expected roles and make sure it has them all
# note, it doesn't check that ONLY these roles exist. That should be a different
# method.
for role in hashes:
role_name = role["name"]
found_perm = [x for x in role_list if x[ns("name")] == role_name]
assert len(found_perm) == 1, "Expected to find role name %s in:\n%s" % (role_name,
jstr(role_list))
def create_role_with_permissions(step, stored, name):
roleModel = RoleModel()
name = roleModel.get_stored_or_store_name(stored, name)
# create the new role
role_payload = {"companyId": CompanyModel().get_seed_resid()[0],
"name": name}
roleModel.create(role_payload)
#get the new role ID
role_id, role_version = roleModel.get_resid(name)
# get the list of all available permissions
perm_array = PermissionModel().get_all_list()
# walk the hash of permissionCodes add these to the new role
for perm_code in step.hashes:
permissionCode = perm_code["permissionCode"]
# find the matching permission object based on the permissionCode field
found_perm = verify_single_item_in_list(perm_array, "permissionCode", permissionCode)
try:
# there will always be only one that matches, in this case
perm_id = found_perm[ns("resourceIdentity")]["@id"]
except KeyError:
assert False, "%s.%s not found in:\n%s" % (ns("resourceIdentity"), "@id", found_perm)
# now add the permissions to that role
roleModel.add_permission(role_id, role_version, perm_id)
def role_has_permissions(step, stored, role_name):
roleModel = RoleModel()
role_name = roleModel.get_stored_or_store_name(stored, role_name)
perm_list = roleModel.get_permissions_list(role_name)
# walk through all the expected roles and make sure it has them all
# note, it doesn't check that ONLY these roles exist. That should be a different
# method.
for perm_code in step.hashes:
permissionCode = perm_code["permissionCode"]
found_perm = [x for x in perm_list if x[ns("permissionCode")] == permissionCode]
assert len(found_perm) == 1, "Expected to find permissionCode %s in:\n%s" % (permissionCode,
str(perm_list))
def replace_role_list_for_user(step, stored_user, user_name):
userModel = UserModel()
user_name = userModel.get_stored_or_store_name(stored_user, user_name)
role_ids = []
for role in step.hashes:
role_id = RoleModel().get_resid(role["name"])[0]
role_ids.append(role_id)
userModel.set_roles(user_name, role_ids)
def add_role_to_user(step, stored_role, role_name, stored_user, user_name):
userModel = UserModel()
user_name = userModel.get_stored_or_store_name(stored_user, user_name)
roleModel = RoleModel()
role_name = roleModel.get_stored_or_store_name(stored_role, role_name)
userModel.add_role(user_name, role_name)
