def test_group_add_remove_owner( make_session, get_plugin_proxy, session, users, groups # noqa: F811 ): make_session.return_value = session get_plugin_proxy.return_value = PluginProxy([GroupOwnershipPolicyPlugin()]) username = "******" groupname = "team-sre" # add assert (u"User", username) not in groups[groupname].my_members() call_main(session, "group", "add_member", "--owner", groupname, username) all_members = Group.get(session, name=groupname).my_members() assert (u"User", username) in all_members _, _, _, role, _, _ = all_members[(u"User", username)] assert GROUP_EDGE_ROLES[role] == "owner" # remove (fails) call_main(session, "group", "remove_member", groupname, username) assert (u"User", username) in Group.get(session, name=groupname).my_members()
def test_can_disable_member(get_plugin_proxy, session, groups, users): get_plugin_proxy.return_value = PluginProxy([GroupOwnershipPolicyPlugin()]) group = groups["team-infra"] member = users["*****@*****.**"] add_member(group, member) disable_user(session, member)
def test_can_add_owner_twice(get_plugin_proxy, session, groups, users): get_plugin_proxy.return_value = PluginProxy([GroupOwnershipPolicyPlugin()]) group = groups["team-infra"] owner = users["*****@*****.**"] add_member(group, owner, role="owner") add_member(group, owner, role="owner")
def test_cant_demote_last_owner(get_plugin_proxy, groups, users): get_plugin_proxy.return_value = PluginProxy([GroupOwnershipPolicyPlugin()]) group = groups["team-infra"] owner = users["*****@*****.**"] add_member(group, owner, role="owner") with pytest.raises(PluginRejectedGroupMembershipUpdate): group.edit_member(owner, owner, "Unit Testing", role="member")
def test_cant_disable_last_owner(get_plugin_proxy, session, groups, users): get_plugin_proxy.return_value = PluginProxy([GroupOwnershipPolicyPlugin()]) group = groups["team-infra"] owner = users["*****@*****.**"] add_member(group, owner, role="owner") with pytest.raises(PluginRejectedDisablingUser): disable_user(session, owner)
def test_cant_expire_last_owner(get_plugin_proxy, groups, users): get_plugin_proxy.return_value = PluginProxy([GroupOwnershipPolicyPlugin()]) group = groups["team-infra"] owner = users["*****@*****.**"] expiration = datetime.utcnow() + timedelta(1) add_member(group, owner, role="owner") with pytest.raises(PluginRejectedGroupMembershipUpdate): group.edit_member(owner, owner, "Unit Testing", expiration=expiration)
def test_can_always_revoke_members(get_plugin_proxy, groups, users): get_plugin_proxy.return_value = PluginProxy([GroupOwnershipPolicyPlugin()]) group = groups["team-infra"] owner = users["*****@*****.**"] member = users["*****@*****.**"] expiration = datetime.utcnow() + timedelta(1) add_member(group, owner, role="owner", expiration=expiration) add_member(group, member) revoke_member(group, member)
def test_cant_revoke_last_permanent_owner(get_plugin_proxy, groups, users): get_plugin_proxy.return_value = PluginProxy([GroupOwnershipPolicyPlugin()]) group = groups["team-infra"] first_owner = users["*****@*****.**"] second_owner = users["*****@*****.**"] expiration = datetime.utcnow() + timedelta(1) add_member(group, first_owner, role="owner", expiration=expiration) add_member(group, second_owner, role="owner") with pytest.raises(PluginRejectedGroupMembershipUpdate): revoke_member(group, second_owner)
def test_group_disable_group_owner(user_make_session, group_make_session, get_plugin_proxy, session, users, groups): group_make_session.return_value = session user_make_session.return_value = session get_plugin_proxy.return_value = PluginProxy([GroupOwnershipPolicyPlugin()]) username = '******' groupname = 'team-sre' # add call_main('group', 'add_member', '--owner', groupname, username) assert (u'User', username) in Group.get(session, name=groupname).my_members() # disable (fails) call_main('user', 'disable', username) assert (u'User', username) in Group.get(session, name=groupname).my_members()
def test_cant_revoke_last_npowner(get_plugin_proxy, session, groups, users): get_plugin_proxy.return_value = PluginProxy([GroupOwnershipPolicyPlugin()]) group = groups["team-infra"] first_owner = users["*****@*****.**"] second_owner = users["*****@*****.**"] add_member(group, first_owner, role="np-owner") add_member(group, second_owner, role="np-owner") # Revoking the first owner does not raise an exception revoke_member(group, first_owner) session.commit() with pytest.raises(PluginRejectedGroupMembershipUpdate): revoke_member(group, second_owner)
def test_group_disable_group_owner(get_plugin_proxy, session, tmpdir, users, groups): # noqa: F811 get_plugin_proxy.return_value = PluginProxy([GroupOwnershipPolicyPlugin()]) username = "******" groupname = "team-sre" # add call_main(session, tmpdir, "group", "add_member", "--owner", groupname, username) assert (u"User", username) in Group.get(session, name=groupname).my_members() # disable (fails) call_main(session, tmpdir, "user", "disable", username) assert (u"User", username) in Group.get(session, name=groupname).my_members()
def test_group_add_remove_owner(make_session, get_plugins, session, users, groups): make_session.return_value = session get_plugins.return_value = [GroupOwnershipPolicyPlugin()] username = '******' groupname = 'team-sre' # add assert (u'User', username) not in groups[groupname].my_members() call_main('group', 'add_member', '--owner', groupname, username) all_members = Group.get(session, name=groupname).my_members() assert (u'User', username) in all_members _, _, _, role, _, _ = all_members[(u'User', username)] assert GROUP_EDGE_ROLES[role] == "owner" # remove (fails) call_main('group', 'remove_member', groupname, username) assert (u'User', username) in Group.get(session, name=groupname).my_members()
def test_cant_revoke_last_owner(get_plugins, session, groups, users): get_plugins.return_value = [GroupOwnershipPolicyPlugin()] group = groups["team-infra"] first_owner = users["*****@*****.**"] second_owner = users["*****@*****.**"] add_member(group, first_owner, role="owner") add_member(group, second_owner, role="owner") assert len(group.my_owners()) == 2 # Revoking the first owner does not raise an exception revoke_member(group, first_owner) session.commit() assert len(group.my_owners()) == 1 with pytest.raises(PluginRejectedGroupMembershipUpdate): revoke_member(group, second_owner) assert len(group.my_owners()) == 1