def test_sync_roles_locally_removed_roles_are_removed_from_db(self): syncer = RBACDefinitionsDBSyncer() # Initial state, DB is empty, we sync with two roles defined on disk self.assertEqual(len(Role.get_all()), 0) api1 = RoleDefinitionFileFormatAPI(name='test_role_1', description='test description 1', permission_grants=[]) api2 = RoleDefinitionFileFormatAPI(name='test_role_2', description='test description 2', permission_grants=[]) created_role_dbs, deleted_role_dbs = syncer.sync_roles( role_definition_apis=[api1, api2]) self.assertEqual(len(created_role_dbs), 2) self.assertItemsEqual(deleted_role_dbs, []) # Assert role and grants have been created in the DB self.assertEqual(len(Role.get_all()), 2) self.assertRoleDBObjectExists(role_db=created_role_dbs[0]) self.assertRoleDBObjectExists(role_db=created_role_dbs[1]) # We sync again, this time with one role (role 1) removed locally created_role_dbs, deleted_role_dbs = syncer.sync_roles( role_definition_apis=[api2]) self.assertEqual(len(created_role_dbs), 1) self.assertEqual(len(deleted_role_dbs), 2) # Assert role and grants have been created in the DB self.assertEqual(len(Role.get_all()), 1) self.assertRoleDBObjectExists(role_db=created_role_dbs[0]) self.assertEqual(Role.get_all()[0].name, 'test_role_2')
def test_sync_roles_locally_removed_roles_are_removed_from_db(self): syncer = RBACDefinitionsDBSyncer() # Initial state, DB is empty, we sync with two roles defined on disk self.assertEqual(len(Role.get_all()), 0) api1 = RoleDefinitionFileFormatAPI(name='test_role_1', description='test description 1', permission_grants=[]) api2 = RoleDefinitionFileFormatAPI(name='test_role_2', description='test description 2', permission_grants=[]) created_role_dbs, deleted_role_dbs = syncer.sync_roles(role_definition_apis=[api1, api2]) self.assertEqual(len(created_role_dbs), 2) self.assertItemsEqual(deleted_role_dbs, []) # Assert role and grants have been created in the DB self.assertEqual(len(Role.get_all()), 2) self.assertRoleDBObjectExists(role_db=created_role_dbs[0]) self.assertRoleDBObjectExists(role_db=created_role_dbs[1]) # We sync again, this time with one role (role 1) removed locally created_role_dbs, deleted_role_dbs = syncer.sync_roles(role_definition_apis=[api2]) self.assertEqual(len(created_role_dbs), 1) self.assertEqual(len(deleted_role_dbs), 2) # Assert role and grants have been created in the DB self.assertEqual(len(Role.get_all()), 1) self.assertRoleDBObjectExists(role_db=created_role_dbs[0]) self.assertEqual(Role.get_all()[0].name, 'test_role_2')
def get_all_roles(exclude_system=False): """ Retrieve all the available roles. :param exclude_system: True to exclude system roles. :type exclude_system: ``bool`` :rtype: ``list`` of :class:`RoleDB` """ if exclude_system: result = Role.query(system=False) else: result = Role.get_all() return result