def test_reject_auth_rules_transaction(looper,
sdk_wallet_steward,
sdk_pool_handle):
with pytest.raises(RequestRejectedException) as e:
sdk_send_and_check_auth_rules_request(looper,
sdk_wallet_steward,
sdk_pool_handle)
e.match('Not enough TRUSTEE signatures')
def test_reject_with_empty_rules_list(looper,
sdk_wallet_trustee,
sdk_pool_handle):
with pytest.raises(RequestNackedException,
match="InvalidClientRequest.*length should be at least 1"):
sdk_send_and_check_auth_rules_request(looper,
sdk_wallet_trustee,
sdk_pool_handle,
rules=[])
def test_reqnack_auth_rules_transaction_with_wrong_key(looper,
sdk_wallet_trustee,
sdk_pool_handle):
with pytest.raises(RequestNackedException) as e:
sdk_send_and_check_auth_rules_request(looper,
sdk_wallet_trustee,
sdk_pool_handle,
[generate_auth_rule(auth_type="*")])
e.match("InvalidClientRequest")
e.match("is not found in authorization map")
def test_reqnack_auth_rules_add_transaction_with_wrong_format(looper,
sdk_wallet_trustee,
sdk_pool_handle):
with pytest.raises(RequestNackedException) as e:
sdk_send_and_check_auth_rules_request(looper,
sdk_wallet_trustee,
sdk_pool_handle,
[generate_auth_rule(old_value="*")])
e.match("InvalidClientRequest")
e.match("Transaction for change authentication "
"rule for {}={} must not contain field {}".
format(AUTH_ACTION, ADD_PREFIX, OLD_VALUE))
def test_reject_with_unacceptable_role_in_constraint(looper,
sdk_wallet_trustee,
sdk_pool_handle):
rule = generate_auth_rule()
unacceptable_role = 'olololo'
rule[CONSTRAINT][ROLE] = unacceptable_role
with pytest.raises(RequestNackedException) as e:
sdk_send_and_check_auth_rules_request(looper,
sdk_wallet_trustee,
sdk_pool_handle,
rules=[rule])
e.match('InvalidClientRequest')
e.match('Role {} is not acceptable'.format(unacceptable_role))
def test_auth_rules_transaction_without_changes(looper,
sdk_wallet_trustee,
sdk_pool_handle):
before_resp = sdk_send_and_check_get_auth_rule_request(looper,
sdk_pool_handle,
sdk_wallet_trustee)
sdk_send_and_check_auth_rules_request(looper,
sdk_wallet_trustee,
sdk_pool_handle,
rules=before_resp[0][1][RESULT][DATA])
after_resp = sdk_send_and_check_get_auth_rule_request(looper,
sdk_pool_handle,
sdk_wallet_trustee)
assert before_resp[0][1]["result"][DATA] == after_resp[0][1]["result"][DATA]
def test_reqnack_auth_rules_edit_transaction_with_wrong_format(looper,
sdk_wallet_trustee,
sdk_pool_handle):
rule = generate_auth_rule(auth_action=EDIT_PREFIX)
rule.pop(OLD_VALUE)
with pytest.raises(RequestNackedException) as e:
sdk_send_and_check_auth_rules_request(looper,
sdk_wallet_trustee,
sdk_pool_handle,
rules=[rule])
e.match("InvalidClientRequest")
e.match("Transaction for change authentication "
"rule for {}={} must contain field {}".
format(AUTH_ACTION, EDIT_PREFIX, OLD_VALUE))
def test_auth_rules_transaction(looper,
sdk_wallet_trustee,
sdk_pool_handle):
rule = generate_auth_rule()
key = dict(rule)
key.pop(CONSTRAINT)
sdk_send_and_check_auth_rules_request(looper,
sdk_wallet_trustee,
sdk_pool_handle,
rules=[rule])
after_resp = _send_and_check_get_auth_rule(looper,
sdk_pool_handle,
sdk_wallet_trustee,
key)
assert [rule] == after_resp[0][1]["result"][DATA]
def test_reject_all_rules_from_auth_rules_txn(looper,
sdk_wallet_trustee,
sdk_pool_handle):
_, before_resp = sdk_send_and_check_get_auth_rule_request(looper,
sdk_pool_handle,
sdk_wallet_trustee)[0]
rules = [generate_auth_rule(ADD_PREFIX, NYM,
ROLE, "wrong_new_value"),
generate_auth_rule(EDIT_PREFIX, NYM,
ROLE, TRUST_ANCHOR, TRUSTEE)]
with pytest.raises(RequestNackedException):
sdk_send_and_check_auth_rules_request(looper,
sdk_wallet_trustee,
sdk_pool_handle,
rules=rules)
_, after_resp = sdk_send_and_check_get_auth_rule_request(looper,
sdk_pool_handle,
sdk_wallet_trustee)[0]
assert before_resp["result"][DATA] == after_resp["result"][DATA]
def run(self):
# Step 1. Check default auth rule
sdk_send_and_check_auth_rules_request(self.looper, self.trustee_wallet, self.sdk_pool_handle)
with pytest.raises(RequestRejectedException):
sdk_send_and_check_auth_rules_request(self.looper, self.new_default_wallet, self.sdk_pool_handle)
# Step 2. Change auth rule
self.send_and_check(self.changed_auth_rule, self.trustee_wallet)
# Step 3. Check, that we cannot send txn the old way
with pytest.raises(RequestRejectedException):
sdk_send_and_check_auth_rules_request(self.looper, self.trustee_wallet, self.sdk_pool_handle)
# Step 4. Check, that new auth rule is used
sdk_send_and_check_auth_rules_request(self.looper, self.new_default_wallet, self.sdk_pool_handle)
# Step 5. Return default auth rule
self.send_and_check(self.default_auth_rule, self.new_default_wallet)
# Step 6. Check, that default auth rule works
sdk_send_and_check_auth_rules_request(self.looper, self.trustee_wallet, self.sdk_pool_handle)
with pytest.raises(RequestRejectedException):
sdk_send_and_check_auth_rules_request(self.looper, self.new_default_wallet, self.sdk_pool_handle)
