def pytest_addoption(parser): parser.addoption('--passwd', action='store', default='secret') parser.addoption('--complete', action='store_true') parser.addoption('--cluster', action='store_true') parser.addoption('--replication', action='store_true') parser.addoption('--secret', action='store', default='secret') parser.addoption('--tst_db_name', action='store', default=generate_db_name())
async def test_database_management(db, sys_db, bad_db): # Test list databases result = await sys_db.databases() assert '_system' in result # Test list databases with bad database with assert_raises(DatabaseListError): await bad_db.databases() # Test create database db_name = generate_db_name() assert await sys_db.has_database(db_name) is False assert await sys_db.create_database( name=db_name, replication_factor=1, write_concern=1, sharding="single") is True assert await sys_db.has_database(db_name) is True # Test create duplicate database with assert_raises(DatabaseCreateError) as err: await sys_db.create_database(db_name) assert err.value.error_code == 1207 # Test create database without permissions with assert_raises(DatabaseCreateError) as err: await db.create_database(db_name) assert err.value.error_code == 1230 # Test delete database without permissions with assert_raises(DatabaseDeleteError) as err: await db.delete_database(db_name) assert err.value.error_code == 1230 # Test delete database assert await sys_db.delete_database(db_name) is True assert db_name not in await sys_db.databases() # Test delete missing database with assert_raises(DatabaseDeleteError) as err: await sys_db.delete_database(db_name) assert err.value.error_code in {11, 1228} assert await sys_db.delete_database(db_name, ignore_missing=True) is False
async def test_client_bad_connection(db, username, password, cluster): client = ArangoClient(hosts=f'http://127.0.0.1:{arango_image.get_port()}') bad_db_name = generate_db_name() bad_username = generate_username() bad_password = generate_string() if not cluster: # Test connection with bad username password with pytest.raises(ServerConnectionError): await client.db(db.name, bad_username, bad_password, verify=True) # Test connection with missing database with pytest.raises(ServerConnectionError): await client.db(bad_db_name, bad_username, bad_password, verify=True) await client.close() # Test connection with invalid host URL client = ArangoClient(hosts='http://127.0.0.1:8500') with pytest.raises(ServerConnectionError) as err: await client.db(db.name, username, password, verify=True) assert 'bad connection' in str(err.value) await client.close()
async def bad_db(sys_db, client): bad_db_name = generate_db_name() # Create a user and non-system database for testing. bad_db = await client.db(bad_db_name, global_data['username'], global_data['password']) return bad_db
async def test_user_create_with_new_database(client, sys_db, cluster): if cluster: pytest.skip('Not tested in a cluster setup') db_name = generate_db_name() username1 = generate_username() username2 = generate_username() username3 = generate_username() password1 = generate_string() password2 = generate_string() password3 = generate_string() result = await sys_db.create_database(name=db_name, users=[ { 'username': username1, 'password': password1, 'active': True }, { 'username': username2, 'password': password2, 'active': True }, { 'username': username3, 'password': password3, 'active': False }, ]) assert result is True await sys_db.update_permission(username1, permission='rw', database=db_name) await sys_db.update_permission(username2, permission='rw', database=db_name) await sys_db.update_permission(username3, permission='rw', database=db_name) # Test if the users were created properly usernames = await extract('username', await sys_db.users()) assert all(u in usernames for u in [username1, username2, username3]) # Test if the first user has access to the database db = await client.db(db_name, username1, password1) await db.properties() # Test if the second user also has access to the database db = await client.db(db_name, username2, password2) await db.properties() # Test if the third user has access to the database (should not) db = await client.db(db_name, username3, password3) with assert_raises(DatabasePropertiesError) as err: await db.properties() assert err.value.http_code == 401
async def test_permission_management(client, sys_db, bad_db, cluster): if cluster: pytest.skip('Not tested in a cluster setup') username = generate_username() password = generate_string() db_name = generate_db_name() col_name_1 = generate_col_name() col_name_2 = generate_col_name() await sys_db.create_database(name=db_name, users=[{ 'username': username, 'password': password, 'active': True }]) db = await client.db(db_name, username, password) assert isinstance(await sys_db.permissions(username), dict) # Test list permissions with bad database with assert_raises(PermissionListError) as err: await bad_db.permissions(username) assert err.value.error_code in {11, 1228} # Test get permission with bad database with assert_raises(PermissionGetError) as err: await bad_db.permission(username, db_name) assert err.value.error_code in {11, 1228} # The user should not have read and write permissions assert await sys_db.permission(username, db_name) == 'rw' assert await sys_db.permission(username, db_name, col_name_1) == 'rw' # Test update permission (database level) with bad database with assert_raises(PermissionUpdateError): await bad_db.update_permission(username, 'ro', db_name) assert await sys_db.permission(username, db_name) == 'rw' # Test update permission (database level) to read only and verify access assert await sys_db.update_permission(username, 'ro', db_name) is True assert await sys_db.permission(username, db_name) == 'ro' with assert_raises(CollectionCreateError) as err: await db.create_collection(col_name_2) assert err.value.http_code == 403 assert col_name_1 not in await extract('name', await db.collections()) assert col_name_2 not in await extract('name', await db.collections()) # Test reset permission (database level) with bad database with assert_raises(PermissionResetError) as err: await bad_db.reset_permission(username, db_name) assert err.value.error_code in {11, 1228} assert await sys_db.permission(username, db_name) == 'ro' # Test reset permission (database level) and verify access assert await sys_db.reset_permission(username, db_name) is True assert await sys_db.permission(username, db_name) == 'none' with assert_raises(CollectionCreateError) as err: await db.create_collection(col_name_1) assert err.value.http_code == 401 with assert_raises(CollectionListError) as err: await db.collections() assert err.value.http_code == 401 # Test update permission (database level) and verify access assert await sys_db.update_permission(username, 'rw', db_name) is True assert await sys_db.permission(username, db_name, col_name_2) == 'rw' assert await db.create_collection(col_name_1) is not None assert await db.create_collection(col_name_2) is not None assert col_name_1 in await extract('name', await db.collections()) assert col_name_2 in await extract('name', await db.collections()) col_1 = await db.collection(col_name_1) col_2 = await db.collection(col_name_2) # Verify that user has read and write access to both collections assert isinstance(await col_1.properties(), dict) assert isinstance(await col_1.insert({}), dict) assert isinstance(await col_2.properties(), dict) assert isinstance(await col_2.insert({}), dict) # Test update permission (collection level) to read only and verify access assert await sys_db.update_permission(username, 'ro', db_name, col_name_1) assert await sys_db.permission(username, db_name, col_name_1) == 'ro' assert isinstance(await col_1.properties(), dict) with assert_raises(DocumentInsertError) as err: await col_1.insert({}) assert err.value.http_code == 403 assert isinstance(await col_2.properties(), dict) assert isinstance(await col_2.insert({}), dict) # Test update permission (collection level) to none and verify access assert await sys_db.update_permission(username, 'none', db_name, col_name_1) assert await sys_db.permission(username, db_name, col_name_1) == 'none' with assert_raises(CollectionPropertiesError) as err: await col_1.properties() assert err.value.http_code == 403 with assert_raises(DocumentInsertError) as err: await col_1.insert({}) assert err.value.http_code == 403 assert isinstance(await col_2.properties(), dict) assert isinstance(await col_2.insert({}), dict) # Test reset permission (collection level) assert await sys_db.reset_permission(username, db_name, col_name_1) is True assert await sys_db.permission(username, db_name, col_name_1) == 'rw' assert isinstance(await col_1.properties(), dict) assert isinstance(await col_1.insert({}), dict) assert isinstance(await col_2.properties(), dict) assert isinstance(await col_2.insert({}), dict)