def setUp(self) -> None:
super(DeleteApiTest, self).setUp()
response = self.buckets_api.find_buckets()
for bucket in response.buckets:
if bucket.name.endswith("_IT"):
print("Delete bucket: ", bucket.name)
self.buckets_api.delete_bucket(bucket)
self.bucket = self.create_test_bucket()
self.organization = self.find_my_org()
resource = PermissionResource(type="buckets",
org_id=self.organization.id,
id=self.bucket.id)
read_bucket = Permission(resource=resource, action="read")
write_bucket = Permission(resource=resource, action="write")
authorization = self.client.authorizations_api().create_authorization(
org_id=self.organization.id,
permissions=[read_bucket, write_bucket])
self.auth_token = authorization.token
self.client.close()
self.client = InfluxDBClient(url=self.host,
token=self.auth_token,
debug=True,
org=self.org)
self.delete_api = self.client.delete_api()
def test_createAuthorizationBucket(self):
organization = self.client.organizations_api().create_organization(
self.generate_name("Auth Organization"))
bucket = self.client.buckets_api().create_bucket(
bucket_name=self.generate_name("Auth Bucket"),
retention_rules=BaseTest.retention_rule(),
org_id=self.organization.id)
resource = PermissionResource(org_id=organization.id,
type="buckets",
id=bucket.id)
create_bucket = Permission(action="read", resource=resource)
delete_bucket = Permission(action="write", resource=resource)
permissions = [create_bucket, delete_bucket]
authorization = self.authorizations_api.create_authorization(
organization.id, permissions)
self.log(authorization)
self.assertTrue(len(authorization.permissions) == 2)
self.assertEqual(authorization.permissions[0].resource.id, bucket.id)
self.assertEqual(authorization.permissions[0].resource.type, "buckets")
self.assertEqual(authorization.permissions[0].action, "read")
self.assertEqual(authorization.permissions[1].resource.id, bucket.id)
self.assertEqual(authorization.permissions[1].resource.type, "buckets")
self.assertEqual(authorization.permissions[1].action, "write")
self.delete_test_bucket(bucket)
def test_createAuthorization(self):
user_resource = PermissionResource(org_id=self.organization.id, type="users")
read_users = Permission(action="read", resource=user_resource)
org_resource = PermissionResource(org_id=self.organization.id, type="orgs")
write_organizations = Permission(action="write", resource=org_resource)
permissions = [read_users, write_organizations]
authorization = self.authorizations_api.create_authorization(self.organization.id, permissions)
self.log(authorization)
self.assertIsNotNone(authorization)
self.assertTrue(len(authorization.token) > 0)
self.assertEqual(authorization.user_id, self.user.id)
self.assertEqual(authorization.user, self.user.name)
self.assertEqual(authorization.org_id, self.organization.id)
self.assertEqual(authorization.org, self.organization.name)
self.assertEqual(authorization.status, "active")
self.assertTrue(len(authorization.permissions) == 2)
self.assertEqual(authorization.permissions[0].resource.type, "users")
self.assertEqual(authorization.permissions[0].resource.org_id, self.organization.id)
self.assertEqual(authorization.permissions[0].action, "read")
self.assertEqual(authorization.permissions[1].resource.type, "orgs")
self.assertEqual(authorization.permissions[1].resource.org_id, self.organization.id)
self.assertEqual(authorization.permissions[1].action, "write")
self.assertTrue(authorization.links is not None)
self.assertEqual(authorization.links["self"], "/api/v2/authorizations/" + authorization.id)
self.assertEqual(authorization.links["user"], "/api/v2/users/" + self.user.id)
def add_tasks_authorization(self, organization):
resource = PermissionResource(org=organization.name, type="tasks")
create_task = Permission(resource=resource, action="read")
delete_task = Permission(resource=resource, action="write")
org_resource = PermissionResource(type="orgs")
create_org = Permission(resource=org_resource, action="write")
read_org = Permission(resource=org_resource, action="read")
user_resource = PermissionResource(type="users")
create_users = Permission(resource=user_resource, action="write")
label_resource = PermissionResource(type="labels")
create_labels = Permission(resource=label_resource, action="write")
auth_resource = PermissionResource(type="authorizations")
create_auth = Permission(resource=auth_resource, action="write")
bucket = self.client.buckets_api().find_bucket_by_name("my-bucket")
bucket_resource = PermissionResource(org_id=organization.id,
id=bucket.id,
type="buckets")
read_bucket = Permission(resource=bucket_resource, action="read")
write_bucket = Permission(resource=bucket_resource, action="write")
return self.client.authorizations_api().create_authorization(
org_id=organization.id,
permissions=[
create_task, delete_task, create_org, read_org, create_users,
create_labels, create_auth, read_bucket, write_bucket
])
def test_createAuthorizationTask(self):
resource = PermissionResource(org_id=self.organization.id, type="tasks")
create_task = Permission(action="read", resource=resource)
delete_task = Permission(action="write", resource=resource)
permissions = [create_task, delete_task]
authorization = self.authorizations_api.create_authorization(self.organization.id, permissions)
self.assertTrue(len(authorization.permissions) == 2)
self.assertEqual(authorization.permissions[0].resource.type, "tasks")
self.assertEqual(authorization.permissions[0].resource.org_id, self.organization.id)
self.assertEqual(authorization.permissions[0].action, "read")
self.assertEqual(authorization.permissions[1].resource.type, "tasks")
self.assertEqual(authorization.permissions[1].resource.org_id, self.organization.id)
self.assertEqual(authorization.permissions[1].action, "write")
def test_not_permission_to_read_org(self):
# Create Token without permission to read Organizations
resource = PermissionResource(type="buckets",
org_id=self.find_my_org().id)
authorization = self.client \
.authorizations_api() \
.create_authorization(org_id=self.find_my_org().id,
permissions=[Permission(resource=resource, action="read"),
Permission(resource=resource, action="write")])
self.client.close()
# Initialize client without permission to read Organizations
self.client = InfluxDBClient(url=self.client.url,
token=authorization.token)
with pytest.raises(InfluxDBError) as e:
get_org_query_param("my-org", self.client, required_id=True)
assert "The client cannot find organization with name: 'my-org' to determine their ID. Are you using token " \
"with sufficient permission?" in f"{e.value} "
def test_authorizationDescription(self):
organization = self.my_organization
resource = PermissionResource(org_id=organization.id, type="sources")
create_source = Permission(action="write", resource=resource)
permissions = [create_source]
authorization = Authorization(org_id=organization.id, permissions=permissions)
authorization.status = "active"
authorization.description = "My description!"
created = self.authorizations_api.create_authorization(authorization=authorization)
self.assertIsNotNone(created)
self.assertEqual(created.description, "My description!")
def test_updateAuthorizationStatus(self):
resource = PermissionResource(org_id=self.organization.id, type="users")
read_user = Permission(action="read", resource=resource)
permissions = [read_user]
authorization = self.authorization_api().create_authorization(org_id=self.my_organization.id,
permissions=permissions)
self.assertEqual(authorization.status, "active")
authorization.status = "inactive"
authorization = self.authorization_api().update_authorization(authorization)
self.assertEqual(authorization.status, "inactive")
authorization.status = "active"
authorization = self.authorization_api().update_authorization(authorization)
self.assertEqual(authorization.status, "active")
def new_permissions(self):
resource = PermissionResource(org_id=self.organization.id,
type="users")
permission = Permission(action="read", resource=resource)
return [permission]