Exemple #1
0
def test_update_user_command__command_is_disabled(mocker):
    """
    Given:
        - An Okta IAM client object
        - A user-profile argument that contains user data
    When:
        - Update User command is disabled
        - Calling function update_user_command
    Then:
        - Ensure the command is considered successful and skipped
    """
    client = mock_client()
    args = {
        'user-profile': {
            'email': '*****@*****.**',
            'givenname': 'mock_first_name'
        }
    }

    mocker.patch.object(client, 'get_user', return_value=None)
    mocker.patch.object(IAMUserProfile, 'map_object', return_value={})
    mocker.patch.object(client, 'update_user', return_value=OKTA_USER_OUTPUT)

    user_profile = update_user_command(client,
                                       args,
                                       'mapper_out',
                                       is_command_enabled=False,
                                       is_create_user_enabled=False,
                                       create_if_not_exists=False)
    outputs = get_outputs_from_user_profile(user_profile)

    assert outputs.get('action') == IAMActions.UPDATE_USER
    assert outputs.get('success') is True
    assert outputs.get('skipped') is True
    assert outputs.get('reason') == 'Command is disabled.'
Exemple #2
0
def test_update_user_command__non_existing_user(mocker):
    """
    Given:
        - An Okta IAM client object
        - A user-profile argument that contains user data
    When:
        - The user does not exist in Okta
        - create-if-not-exists parameter is checked
        - Create User command is enabled
        - Calling function update_user_command
    Then:
        - Ensure the create action is executed
        - Ensure a User Profile object with the user data is returned
    """
    client = mock_client()
    args = {'user-profile': {'email': '*****@*****.**', 'givenname': 'mock_first_name'}}

    mocker.patch.object(client, 'get_user', return_value=None)
    mocker.patch.object(IAMUserProfile, 'map_object', return_value={})
    mocker.patch.object(client, 'create_user', return_value=OKTA_USER_OUTPUT)

    user_profile = update_user_command(client, args, 'mapper_out', is_command_enabled=True,
                                       is_create_user_enabled=True, create_if_not_exists=True)
    outputs = get_outputs_from_user_profile(user_profile)

    assert outputs.get('action') == IAMActions.CREATE_USER
    assert outputs.get('success') is True
    assert outputs.get('active') is True
    assert outputs.get('id') == 'mock_id'
    assert outputs.get('username') == '*****@*****.**'
    assert outputs.get('details', {}).get('profile', {}).get('firstName') == 'mock_first_name'
    assert outputs.get('details', {}).get('profile', {}).get('lastName') == 'mock_last_name'
Exemple #3
0
def test_update_user_command__rate_limit_error(mocker):
    """
    Given:
        - An Okta IAM client object
        - A user-profile argument
    When:
        - Calling function update_user_command
        - API call exceeded rate limit
    Then:
        - Ensure an error entry is returned, as rate limit error code is in ERROR_CODES_TO_RETURN_ERROR list.
    """
    client = mock_client()
    args = {'user-profile': {'email': '*****@*****.**', 'givenname': 'mock_first_name'}}

    bad_response = Response()
    bad_response.status_code = 429
    bad_response._content = b'{"errorCode": "E0000047", ' \
                            b'"errorSummary": "API call exceeded rate limit due to too many requests."}'

    mocker.patch.object(Session, 'request', return_value=bad_response)

    user_profile = update_user_command(client, args, 'mapper_out', is_command_enabled=True,
                                       is_create_user_enabled=False, create_if_not_exists=False)

    entry_context = user_profile.to_entry()
    outputs = entry_context.get('Contents')

    assert entry_context.get('Type') == EntryType.ERROR
    assert outputs.get('action') == IAMActions.UPDATE_USER
    assert outputs.get('success') is False
    assert outputs.get('errorCode') == 'E0000047'
Exemple #4
0
def test_update_user_command__allow_enable(mocker):
    """
    Given:
        - An Okta IAM client object
        - A user-profile argument that contains user data
    When:
        - The user is disabled in Okta
        - allow-enable argument is true
        - Calling function update_user_command
    Then:
        - Ensure the user is enabled at the end of the command execution.
    """
    client = mock_client()
    args = {'user-profile': {'email': '*****@*****.**', 'givenname': 'mock_first_name'},
            'allow-enable': 'true'}

    mocker.patch.object(client, 'get_user', return_value=OKTA_DISABLED_USER_OUTPUT)
    mocker.patch.object(client, 'activate_user', return_value=None)

    user_profile = update_user_command(client, args, 'mapper_out', is_command_enabled=True, is_enable_enabled=True,
                                       is_create_user_enabled=False, create_if_not_exists=False)
    outputs = get_outputs_from_user_profile(user_profile)

    assert outputs.get('action') == IAMActions.ENABLE_USER
    assert outputs.get('success') is True
    assert outputs.get('active') is True
    assert outputs.get('id') == 'mock_id'
    assert outputs.get('username') == '*****@*****.**'
    assert outputs.get('details', {}).get('profile', {}).get('firstName') == 'mock_first_name'
    assert outputs.get('details', {}).get('profile', {}).get('lastName') == 'mock_last_name'