def remove_relationship(api_details, endpoint, resource, related_resource,
relation):
"""Remove a relationship between two security resources and check if the resources were deleted.
Parameters
----------
api_details : dict
API details such as the headers.
endpoint : str
Request endpoint.
resource : int
Resource ID.
related_resource : dict
Dict with resource information (parameter and ID).
relation : str
Role entry of the related resource.
"""
# Assert the relationship exists
assert get_security_resource_information(role_ids=resource)[relation], f'Resource {resource} does not belong to ' \
f'any {relation}'
# Remove relationship between
response = requests.delete(endpoint,
headers=api_details['auth_headers'],
verify=False)
assert response.status_code == 200, f'Status code was not 200. Response: {response.text}'
res = get_security_resource_information(role_ids=resource)
# Assert resources still exist but the relationship does not
assert res, 'Resource was removed as well'
assert not res[relation], f'Relationship still exists'
assert get_security_resource_information(
**related_resource), 'Related user was removed as well'
def test_add_old_rule(set_security_resources, get_api_details):
"""Remove a rule with defined relationships and create it with the same ID to see if said relationships remain."""
api_details = get_api_details()
old_rule_info = get_security_resource_information(rule_ids=rule_id)
assert old_rule_info, f'There is not information about this policy: {rule_id}'
delete_endpoint = api_details[
'base_url'] + f'/security/rules?rule_ids={rule_id}'
response = requests.delete(delete_endpoint,
headers=api_details['auth_headers'],
verify=False)
assert response.status_code == 200, f'Status code was not 200. Response: {response.text}'
add_endpoint = api_details['base_url'] + f'/security/rules'
response = requests.post(add_endpoint,
json={
'name': old_rule_info['name'],
'rule': old_rule_info['rule']
},
headers=api_details['auth_headers'],
verify=False)
assert response.status_code == 200, f'Status code was not 200. Response: {response.text}'
relationships = response.json()['data']['affected_items'][0]
for key, value in relationships.items():
if key not in ['id', 'name', 'rule']:
assert not value, f'Relationships are not empty: {key}->{value}'
def test_remove_user(set_security_resources, get_api_details):
"""Test if relationships between security resources stay the same after removing the linked user."""
api_details = get_api_details()
relationships = get_security_resource_information(role_ids=role_id)
assert relationships, 'There are not relationships'
delete_endpoint = api_details[
'base_url'] + f'/security/users?user_ids={user_id}'
response = requests.delete(delete_endpoint,
headers=api_details['auth_headers'],
verify=False)
assert response.status_code == 200, f'Status code was not 200. Response: {response.text}'
new_relationships = get_security_resource_information(role_ids=role_id)
assert new_relationships, 'There are not relationships'
check_resources('users', user_id)
check_relationships(relationships, new_relationships, 'users')
def check_resources(deleted_resource, resource_id):
"""Check if the security resources stay the same.
Parameters
----------
deleted_resource : str
Name of the deleted resource.
resource_id : int
ID of the resource.
"""
resources = {
'users': 'user_ids',
'roles': 'role_ids',
'policies': 'policy_ids',
'rules': 'rule_ids'
}
del resources[deleted_resource]
# Check that the rest of resources still exists
for param in resources.values():
assert get_security_resource_information(**{param: resource_id})