def test_user_change_password(client, sys_db):
username = generate_username()
password1 = generate_string()
password2 = generate_string()
sys_db.create_user(username, password1)
sys_db.update_permission(username, 'rw', sys_db.name)
db1 = client.db(sys_db.name, username, password1)
db2 = client.db(sys_db.name, username, password2)
# Check authentication
assert isinstance(db1.properties(), dict)
with assert_raises(DatabasePropertiesError) as err:
db2.properties()
assert err.value.http_code == 401
# Update the user password and check again
sys_db.update_user(username, password2)
assert isinstance(db2.properties(), dict)
with assert_raises(DatabasePropertiesError) as err:
db1.properties()
assert err.value.http_code == 401
# Replace the user password back and check again
sys_db.update_user(username, password1)
assert isinstance(db1.properties(), dict)
with assert_raises(DatabasePropertiesError) as err:
db2.properties()
assert err.value.http_code == 401
def test_user_change_password(client, sys_db):
username = generate_username()
password1 = generate_string()
password2 = generate_string()
sys_db.create_user(username, password1)
sys_db.update_permission(username, 'rw', sys_db.name)
db1 = client.db(sys_db.name, username, password1)
db2 = client.db(sys_db.name, username, password2)
# Check authentication
assert isinstance(db1.properties(), dict)
with assert_raises(DatabasePropertiesError) as err:
db2.properties()
assert err.value.http_code == 401
# Update the user password and check again
sys_db.update_user(username, password2)
assert isinstance(db2.properties(), dict)
with assert_raises(DatabasePropertiesError) as err:
db1.properties()
assert err.value.http_code == 401
# Replace the user password back and check again
sys_db.update_user(username, password1)
assert isinstance(db1.properties(), dict)
with assert_raises(DatabasePropertiesError) as err:
db2.properties()
assert err.value.http_code == 401
def test_user_create_with_new_database(client, sys_db, cluster):
if cluster:
pytest.skip("Not tested in a cluster setup")
db_name = generate_db_name()
username1 = generate_username()
username2 = generate_username()
username3 = generate_username()
password1 = generate_string()
password2 = generate_string()
password3 = generate_string()
result = sys_db.create_database(
name=db_name,
users=[
{
"username": username1,
"password": password1,
"active": True
},
{
"username": username2,
"password": password2,
"active": True
},
{
"username": username3,
"password": password3,
"active": False
},
],
)
assert result is True
sys_db.update_permission(username1, permission="rw", database=db_name)
sys_db.update_permission(username2, permission="rw", database=db_name)
sys_db.update_permission(username3, permission="rw", database=db_name)
# Test if the users were created properly
usernames = extract("username", sys_db.users())
assert all(u in usernames for u in [username1, username2, username3])
# Test if the first user has access to the database
db = client.db(db_name, username1, password1)
db.properties()
# Test if the second user also has access to the database
db = client.db(db_name, username2, password2)
db.properties()
# Test if the third user has access to the database (should not)
db = client.db(db_name, username3, password3)
with assert_raises(DatabasePropertiesError) as err:
db.properties()
assert err.value.http_code == 401
def test_user_create_with_new_database(client, sys_db):
db_name = generate_db_name()
username1 = generate_username()
username2 = generate_username()
username3 = generate_username()
password1 = generate_string()
password2 = generate_string()
password3 = generate_string()
result = sys_db.create_database(name=db_name,
users=[
{
'username': username1,
'password': password1,
'active': True
},
{
'username': username2,
'password': password2,
'active': True
},
{
'username': username3,
'password': password3,
'active': False
},
])
assert result is True
sys_db.update_permission(username1, permission='rw', database=db_name)
sys_db.update_permission(username2, permission='rw', database=db_name)
sys_db.update_permission(username3, permission='rw', database=db_name)
# Test if the users were created properly
usernames = extract('username', sys_db.users())
assert all(u in usernames for u in [username1, username2, username3])
# Test if the first user has access to the database
db = client.db(db_name, username1, password1)
db.properties()
# Test if the second user also has access to the database
db = client.db(db_name, username2, password2)
db.properties()
# Test if the third user has access to the database (should not)
db = client.db(db_name, username3, password3)
with assert_raises(DatabasePropertiesError) as err:
db.properties()
assert err.value.http_code == 401
def test_transaction_wrapper_attributes(db, col, username):
txn_db = db.begin_transaction(timeout=100, sync=True)
assert txn_db._executor._sync is True
assert txn_db._executor._timeout == 100
assert isinstance(txn_db, TransactionFabric)
assert txn_db.username == username
assert txn_db.context == 'transaction'
assert txn_db.db_name == db.name
assert txn_db.name == db.name
assert repr(txn_db) == '<TransactionFabric {}>'.format(db.name)
txn_col = txn_db.collection(col.name)
assert txn_col.username == username
assert txn_col.context == 'transaction'
assert txn_col.db_name == db.name
assert txn_col.name == col.name
txn_c8ql = txn_db.c8ql
assert txn_c8ql.username == username
assert txn_c8ql.context == 'transaction'
assert txn_c8ql.db_name == db.name
job = txn_col.get(generate_string())
assert isinstance(job, TransactionJob)
assert isinstance(job.id, string_types)
assert repr(job) == '<TransactionJob {}>'.format(job.id)
def pytest_configure(config):
client = C8Client(host=config.getoption('host'),
port=config.getoption('port'))
sys_fabric = client.fabric(name='_system',
username='******',
password=config.getoption('passwd'))
# Create a user and non-system fabric for testing.
username = generate_username()
password = generate_string()
tst_fabric_name = generate_fabric_name()
bad_fabric_name = generate_fabric_name()
sys_fabric.create_fabric(name=tst_fabric_name,
users=[{
'active': True,
'username': username,
'password': password,
}])
tst_fabric = client.fabric(tst_fabric_name, username, password)
bad_fabric = client.fabric(bad_fabric_name, username, password)
# Create a standard collection for testing.
col_name = generate_col_name()
tst_col = tst_fabric.create_collection(col_name, edge=False)
tst_col.add_skiplist_index(['val'])
tst_col.add_fulltext_index(['text'])
geo_index = tst_col.add_geo_index(['loc'])
# Create a legacy edge collection for testing.
lecol_name = generate_col_name()
tst_fabric.create_collection(lecol_name, edge=True)
# Create test vertex & edge collections and graph.
graph_name = generate_graph_name()
ecol_name = generate_col_name()
fvcol_name = generate_col_name()
tvcol_name = generate_col_name()
tst_graph = tst_fabric.create_graph(graph_name)
tst_graph.create_vertex_collection(fvcol_name)
tst_graph.create_vertex_collection(tvcol_name)
tst_graph.create_edge_definition(edge_collection=ecol_name,
from_vertex_collections=[fvcol_name],
to_vertex_collections=[tvcol_name])
global_data.update({
'client': client,
'username': username,
'password': password,
'sys_fabric': sys_fabric,
'tst_fabric': tst_fabric,
'bad_fabric': bad_fabric,
'geo_index': geo_index,
'col_name': col_name,
'lecol_name': lecol_name,
'graph_name': graph_name,
'ecol_name': ecol_name,
'fvcol_name': fvcol_name,
'tvcol_name': tvcol_name,
})
def test_user_create_with_new_database(client, sys_db):
db_name = generate_db_name()
username1 = generate_username()
username2 = generate_username()
username3 = generate_username()
password1 = generate_string()
password2 = generate_string()
password3 = generate_string()
result = sys_db.create_database(
name=db_name,
users=[
{'username': username1, 'password': password1, 'active': True},
{'username': username2, 'password': password2, 'active': True},
{'username': username3, 'password': password3, 'active': False},
]
)
assert result is True
sys_db.update_permission(username1, permission='rw', database=db_name)
sys_db.update_permission(username2, permission='rw', database=db_name)
sys_db.update_permission(username3, permission='rw', database=db_name)
# Test if the users were created properly
usernames = extract('username', sys_db.users())
assert all(u in usernames for u in [username1, username2, username3])
# Test if the first user has access to the database
db = client.db(db_name, username1, password1)
db.properties()
# Test if the second user also has access to the database
db = client.db(db_name, username2, password2)
db.properties()
# Test if the third user has access to the database (should not)
db = client.db(db_name, username3, password3)
with assert_raises(DatabasePropertiesError) as err:
db.properties()
assert err.value.http_code == 401
def test_auth_jwt(client, db_name, username, password):
db = client.db(name=db_name,
username=username,
password=password,
verify=True,
auth_method='jwt')
assert isinstance(db.conn, JWTConnection)
assert isinstance(db.version(), string_types)
assert isinstance(db.properties(), dict)
bad_password = generate_string()
with assert_raises(JWTAuthError) as err:
client.db(db_name, username, bad_password, auth_method='jwt')
assert err.value.error_code == HTTP_UNAUTHORIZED
def test_pregel_management(db, graph, cluster):
if cluster:
pytest.skip("Not tested in a cluster setup")
# Test create pregel job
job_id = db.pregel.create_job(
graph.name,
"pagerank",
store=False,
max_gss=100,
thread_count=1,
async_mode=False,
result_field="result",
algorithm_params={"threshold": 0.000001},
)
assert isinstance(job_id, int)
# Test create pregel job with unsupported algorithm
with assert_raises(PregelJobCreateError) as err:
db.pregel.create_job(graph.name, "invalid")
assert err.value.error_code in {4, 10, 1600}
# Test get existing pregel job
job = db.pregel.job(job_id)
assert isinstance(job["state"], str)
assert isinstance(job["aggregators"], dict)
assert isinstance(job["gss"], int)
assert isinstance(job["received_count"], int)
assert isinstance(job["send_count"], int)
assert "total_runtime" in job
# Test delete existing pregel job
assert db.pregel.delete_job(job_id) is True
time.sleep(0.2)
with assert_raises(PregelJobGetError) as err:
db.pregel.job(job_id)
assert err.value.error_code in {4, 10, 1600}
# Test delete missing pregel job
with assert_raises(PregelJobDeleteError) as err:
db.pregel.delete_job(generate_string())
assert err.value.error_code in {4, 10, 1600}
def test_client_bad_connection(db, username, password):
client = ArangoClient(protocol='http', host='127.0.0.1', port=8529)
bad_db_name = generate_db_name()
bad_username = generate_username()
bad_password = generate_string()
# Test connection with bad username password
with pytest.raises(ServerConnectionError):
client.db(db.name, bad_username, bad_password, verify=True)
# Test connection with missing database
with pytest.raises(ServerConnectionError):
client.db(bad_db_name, bad_username, bad_password, verify=True)
# Test connection with invalid host URL
client._url = 'http://127.0.0.1:8500'
with pytest.raises(ServerConnectionError) as err:
client.db(db.name, username, password, verify=True)
assert 'bad connection' in str(err.value)
def test_client_bad_connection(db, username, password):
client = ArangoClient(protocol='http', host='127.0.0.1', port=8529)
bad_db_name = generate_db_name()
bad_username = generate_username()
bad_password = generate_string()
# Test connection with bad username password
with pytest.raises(ServerConnectionError):
client.db(db.name, bad_username, bad_password, verify=True)
# Test connection with missing database
with pytest.raises(ServerConnectionError):
client.db(bad_db_name, bad_username, bad_password, verify=True)
# Test connection with invalid host URL
client._url = 'http://127.0.0.1:8500'
with pytest.raises(ServerConnectionError) as err:
client.db(db.name, username, password, verify=True)
assert 'bad connection' in str(err.value)
def test_client_bad_connection(db, username, password, cluster):
client = ArangoClient(hosts="http://127.0.0.1:8529")
bad_db_name = generate_db_name()
bad_username = generate_username()
bad_password = generate_string()
if not cluster:
# Test connection with bad username password
with pytest.raises(ServerConnectionError):
client.db(db.name, bad_username, bad_password, verify=True)
# Test connection with missing database
with pytest.raises(ServerConnectionError):
client.db(bad_db_name, bad_username, bad_password, verify=True)
# Test connection with invalid host URL
client = ArangoClient(hosts="http://127.0.0.1:8500")
with pytest.raises(ServerConnectionError) as err:
client.db(db.name, username, password, verify=True)
assert "bad connection" in str(err.value)
def test_pregel_management(db, graph):
# Test create pregel job
job_id = db.pregel.create_job(
graph.name,
'pagerank',
store=False,
max_gss=100,
thread_count=1,
async_mode=False,
result_field='result',
algorithm_params={'threshold': 0.000001}
)
assert isinstance(job_id, int)
# Test create pregel job with unsupported algorithm
with assert_raises(PregelJobCreateError) as err:
db.pregel.create_job(graph.name, 'invalid')
assert err.value.error_code in {4, 10}
# Test get existing pregel job
job = db.pregel.job(job_id)
assert isinstance(job['state'], string_types)
assert isinstance(job['aggregators'], dict)
assert isinstance(job['gss'], int)
assert isinstance(job['received_count'], int)
assert isinstance(job['send_count'], int)
assert isinstance(job['total_runtime'], float)
# Test delete existing pregel job
assert db.pregel.delete_job(job_id) is True
with assert_raises(PregelJobGetError) as err:
db.pregel.job(job_id)
assert err.value.error_code in {4, 10}
# Test delete missing pregel job
with assert_raises(PregelJobDeleteError) as err:
db.pregel.delete_job(generate_string())
assert err.value.error_code in {4, 10}
def test_pregel_management(db, graph):
# Test create pregel job
job_id = db.pregel.create_job(graph.name,
'pagerank',
store=False,
max_gss=100,
thread_count=1,
async_mode=False,
result_field='result',
algorithm_params={'threshold': 0.000001})
assert isinstance(job_id, int)
# Test create pregel job with unsupported algorithm
with assert_raises(PregelJobCreateError) as err:
db.pregel.create_job(graph.name, 'invalid')
assert err.value.error_code == 10
# Test get existing pregel job
job = db.pregel.job(job_id)
assert isinstance(job['state'], string_types)
assert isinstance(job['aggregators'], dict)
assert isinstance(job['gss'], int)
assert isinstance(job['received_count'], int)
assert isinstance(job['send_count'], int)
assert isinstance(job['total_runtime'], float)
# Test delete existing pregel job
assert db.pregel.delete_job(job_id) is True
with assert_raises(PregelJobGetError) as err:
db.pregel.job(job_id)
assert err.value.error_code == 10
# Test delete missing pregel job
with assert_raises(PregelJobDeleteError) as err:
db.pregel.delete_job(generate_string())
assert err.value.error_code == 10
def pytest_configure(config):
client = ArangoClient(
host=config.getoption('host'),
port=config.getoption('port')
)
sys_db = client.db(
name='_system',
username='******',
password=config.getoption('passwd')
)
# Create a user and non-system database for testing.
username = generate_username()
password = generate_string()
tst_db_name = generate_db_name()
bad_db_name = generate_db_name()
sys_db.create_database(
name=tst_db_name,
users=[{
'active': True,
'username': username,
'password': password,
}]
)
sys_db.update_permission(
username=username,
permission='rw',
database=tst_db_name
)
tst_db = client.db(tst_db_name, username, password)
bad_db = client.db(bad_db_name, username, password)
# Create a standard collection for testing.
col_name = generate_col_name()
tst_col = tst_db.create_collection(col_name, edge=False)
tst_col.add_skiplist_index(['val'])
tst_col.add_fulltext_index(['text'])
geo_index = tst_col.add_geo_index(['loc'])
# Create a legacy edge collection for testing.
lecol_name = generate_col_name()
tst_db.create_collection(lecol_name, edge=True)
# Create test vertex & edge collections and graph.
graph_name = generate_graph_name()
ecol_name = generate_col_name()
fvcol_name = generate_col_name()
tvcol_name = generate_col_name()
tst_graph = tst_db.create_graph(graph_name)
tst_graph.create_vertex_collection(fvcol_name)
tst_graph.create_vertex_collection(tvcol_name)
tst_graph.create_edge_definition(
edge_collection=ecol_name,
from_vertex_collections=[fvcol_name],
to_vertex_collections=[tvcol_name]
)
global_data.update({
'client': client,
'username': username,
'password': password,
'sys_db': sys_db,
'tst_db': tst_db,
'bad_db': bad_db,
'geo_index': geo_index,
'col_name': col_name,
'lecol_name': lecol_name,
'graph_name': graph_name,
'ecol_name': ecol_name,
'fvcol_name': fvcol_name,
'tvcol_name': tvcol_name,
})
def test_user_management(sys_db, bad_db):
# Test create user
username = generate_username()
password = generate_string()
assert not sys_db.has_user(username)
new_user = sys_db.create_user(
username=username,
password=password,
active=True,
extra={'foo': 'bar'},
)
assert new_user['username'] == username
assert new_user['active'] is True
assert new_user['extra'] == {'foo': 'bar'}
assert sys_db.has_user(username)
# Test create duplicate user
with assert_raises(UserCreateError) as err:
sys_db.create_user(
username=username,
password=password
)
assert err.value.error_code == 1702
# Test list users
for user in sys_db.users():
assert isinstance(user['username'], string_types)
assert isinstance(user['active'], bool)
assert isinstance(user['extra'], dict)
assert sys_db.user(username) == new_user
# Test list users with bad database
with assert_raises(UserListError) as err:
bad_db.users()
assert err.value.error_code in {11, 1228}
# Test get user
users = sys_db.users()
for user in users:
assert 'active' in user
assert 'extra' in user
assert 'username' in user
assert username in extract('username', sys_db.users())
# Test get missing user
with assert_raises(UserGetError) as err:
sys_db.user(generate_username())
assert err.value.error_code == 1703
# Update existing user
new_user = sys_db.update_user(
username=username,
password=password,
active=False,
extra={'bar': 'baz'},
)
assert new_user['username'] == username
assert new_user['active'] is False
assert new_user['extra'] == {'bar': 'baz'}
assert sys_db.user(username) == new_user
# Update missing user
with assert_raises(UserUpdateError) as err:
sys_db.update_user(
username=generate_username(),
password=generate_string()
)
assert err.value.error_code == 1703
# Replace existing user
new_user = sys_db.replace_user(
username=username,
password=password,
active=False,
extra={'baz': 'qux'},
)
assert new_user['username'] == username
assert new_user['active'] is False
assert new_user['extra'] == {'baz': 'qux'}
assert sys_db.user(username) == new_user
# Replace missing user
with assert_raises(UserReplaceError) as err:
sys_db.replace_user(
username=generate_username(),
password=generate_string()
)
assert err.value.error_code == 1703
# Delete an existing user
assert sys_db.delete_user(username) is True
# Delete a missing user
with assert_raises(UserDeleteError) as err:
sys_db.delete_user(username, ignore_missing=False)
assert err.value.error_code == 1703
assert sys_db.delete_user(username, ignore_missing=True) is False
def test_user_management(sys_db, bad_db):
# Test create user
username = generate_username()
password = generate_string()
assert not sys_db.has_user(username)
new_user = sys_db.create_user(
username=username,
password=password,
active=True,
extra={'foo': 'bar'},
)
assert new_user['username'] == username
assert new_user['active'] is True
assert new_user['extra'] == {'foo': 'bar'}
assert sys_db.has_user(username)
# Test create duplicate user
with assert_raises(UserCreateError) as err:
sys_db.create_user(username=username, password=password)
assert err.value.error_code == 1702
# Test list users
for user in sys_db.users():
assert isinstance(user['username'], string_types)
assert isinstance(user['active'], bool)
assert isinstance(user['extra'], dict)
assert sys_db.user(username) == new_user
# Test list users with bad fabric
with assert_raises(UserListError) as err:
bad_db.users()
assert err.value.error_code == 1228
# Test get user
users = sys_db.users()
for user in users:
assert 'active' in user
assert 'extra' in user
assert 'username' in user
assert username in extract('username', sys_db.users())
# Test get missing user
with assert_raises(UserGetError) as err:
sys_db.user(generate_username())
assert err.value.error_code == 1703
# Update existing user
new_user = sys_db.update_user(
username=username,
password=password,
active=False,
extra={'bar': 'baz'},
)
assert new_user['username'] == username
assert new_user['active'] is False
assert new_user['extra'] == {'bar': 'baz'}
assert sys_db.user(username) == new_user
# Update missing user
with assert_raises(UserUpdateError) as err:
sys_db.update_user(username=generate_username(),
password=generate_string())
assert err.value.error_code == 1703
# Replace existing user
new_user = sys_db.replace_user(
username=username,
password=password,
active=False,
extra={'baz': 'qux'},
)
assert new_user['username'] == username
assert new_user['active'] is False
assert new_user['extra'] == {'baz': 'qux'}
assert sys_db.user(username) == new_user
# Replace missing user
with assert_raises(UserReplaceError) as err:
sys_db.replace_user(username=generate_username(),
password=generate_string())
assert err.value.error_code == 1703
# Delete an existing user
assert sys_db.delete_user(username) is True
# Delete a missing user
with assert_raises(UserDeleteError) as err:
sys_db.delete_user(username, ignore_missing=False)
assert err.value.error_code == 1703
assert sys_db.delete_user(username, ignore_missing=True) is False
def pytest_configure(config):
url = f"http://{config.getoption('host')}:{config.getoption('port')}"
secret = config.getoption("secret")
client = ArangoClient(hosts=[url, url, url])
sys_db = client.db(
name="_system",
username="******",
password=config.getoption("passwd"),
superuser_token=generate_jwt(secret),
)
sys_db.version()
# Create a user and non-system database for testing.
username = generate_username()
password = generate_string()
tst_db_name = generate_db_name()
bad_db_name = generate_db_name()
sys_db.create_database(
name=tst_db_name,
users=[
{
"active": True,
"username": username,
"password": password,
}
],
)
tst_db = client.db(tst_db_name, username, password)
bad_db = client.db(bad_db_name, username, password)
# Create a standard collection for testing.
col_name = generate_col_name()
tst_col = tst_db.create_collection(col_name, edge=False)
tst_col.add_skiplist_index(["val"])
tst_col.add_fulltext_index(["text"])
geo_index = tst_col.add_geo_index(["loc"])
# Create a legacy edge collection for testing.
icol_name = generate_col_name()
tst_db.create_collection(icol_name, edge=True)
# Create test vertex & edge collections and graph.
graph_name = generate_graph_name()
ecol_name = generate_col_name()
fvcol_name = generate_col_name()
tvcol_name = generate_col_name()
tst_graph = tst_db.create_graph(graph_name)
tst_graph.create_vertex_collection(fvcol_name)
tst_graph.create_vertex_collection(tvcol_name)
tst_graph.create_edge_definition(
edge_collection=ecol_name,
from_vertex_collections=[fvcol_name],
to_vertex_collections=[tvcol_name],
)
# Update global config
global_data.url = url
global_data.client = client
global_data.username = username
global_data.password = password
global_data.db_name = tst_db_name
global_data.sys_db = sys_db
global_data.tst_db = tst_db
global_data.bad_db = bad_db
global_data.geo_index = geo_index
global_data.col_name = col_name
global_data.icol_name = icol_name
global_data.graph_name = graph_name
global_data.ecol_name = ecol_name
global_data.fvcol_name = fvcol_name
global_data.tvcol_name = tvcol_name
global_data.cluster = config.getoption("cluster")
global_data.complete = config.getoption("complete")
global_data.replication = config.getoption("replication")
global_data.enterprise = config.getoption("enterprise")
global_data.secret = secret
global_data.root_password = config.getoption("passwd")
def pytest_configure(config):
url = 'http://{}:{}'.format(
config.getoption('host'),
config.getoption('port')
)
client = ArangoClient(hosts=[url, url, url])
sys_db = client.db(
name='_system',
username='******',
password=config.getoption('passwd')
)
# Create a user and non-system database for testing.
username = generate_username()
password = generate_string()
tst_db_name = generate_db_name()
bad_db_name = generate_db_name()
sys_db.create_database(
name=tst_db_name,
users=[{
'active': True,
'username': username,
'password': password,
}]
)
# sys_db.update_permission(
# username=username,
# permission='rw',
# database=tst_db_name
# )
tst_db = client.db(tst_db_name, username, password)
bad_db = client.db(bad_db_name, username, password)
# Create a standard collection for testing.
col_name = generate_col_name()
tst_col = tst_db.create_collection(col_name, edge=False)
tst_col.add_skiplist_index(['val'])
tst_col.add_fulltext_index(['text'])
geo_index = tst_col.add_geo_index(['loc'])
# Create a legacy edge collection for testing.
icol_name = generate_col_name()
tst_db.create_collection(icol_name, edge=True)
# Create test vertex & edge collections and graph.
graph_name = generate_graph_name()
ecol_name = generate_col_name()
fvcol_name = generate_col_name()
tvcol_name = generate_col_name()
tst_graph = tst_db.create_graph(graph_name)
tst_graph.create_vertex_collection(fvcol_name)
tst_graph.create_vertex_collection(tvcol_name)
tst_graph.create_edge_definition(
edge_collection=ecol_name,
from_vertex_collections=[fvcol_name],
to_vertex_collections=[tvcol_name]
)
# noinspection PyProtectedMember
global_data.update({
'url': url,
'client': client,
'username': username,
'password': password,
'sys_db': sys_db,
'tst_db': tst_db,
'bad_db': bad_db,
'geo_index': geo_index,
'col_name': col_name,
'icol_name': icol_name,
'graph_name': graph_name,
'ecol_name': ecol_name,
'fvcol_name': fvcol_name,
'tvcol_name': tvcol_name,
'cluster': config.getoption('cluster'),
'complete': config.getoption('complete'),
'replication': config.getoption('replication')
})
generate_col_name,
generate_string,
generate_username,
generate_graph_name,
)
from tests.executors import (TestAsyncExecutor, TestBatchExecutor,
TestTransactionExecutor)
print('Setting up test ArangoDB client ...')
_client = ArangoClient()
_sys_db = _client.db('_system', 'root', 'passwd')
print('Setting up test databases ...')
_db_name = generate_db_name()
_username = generate_username()
_password = generate_string()
_db_users = [{'username': _username, 'password': _password, 'active': True}]
_sys_db.create_database(_db_name, _db_users)
_db = _client.db(_db_name, _username, _password)
_bad_db_name = generate_db_name()
_bad_db = _client.db(_bad_db_name, '', '')
print('Setting up test collections ...')
_col_name = generate_col_name()
_col = _db.create_collection(_col_name)
_skiplist_index = _col.add_skiplist_index(['val'])
_fulltext_index = _col.add_fulltext_index(['text'])
_geo_index = _col.add_geo_index(['loc'])
_bad_col = _bad_db.collection(_col_name)
_lecol_name = generate_col_name()
_lecol = _db.create_collection(_lecol_name, edge=True)
def test_user_management(sys_db, bad_db):
# Test create user
username = generate_username()
password = generate_string()
assert not sys_db.has_user(username)
new_user = sys_db.create_user(
username=username,
password=password,
active=True,
extra={"foo": "bar"},
)
assert new_user["username"] == username
assert new_user["active"] is True
assert new_user["extra"] == {"foo": "bar"}
assert sys_db.has_user(username)
# Test create duplicate user
with assert_raises(UserCreateError) as err:
sys_db.create_user(username=username, password=password)
assert err.value.error_code == 1702
# Test list users
for user in sys_db.users():
assert isinstance(user["username"], str)
assert isinstance(user["active"], bool)
assert isinstance(user["extra"], dict)
assert sys_db.user(username) == new_user
# Test list users with bad database
with assert_raises(UserListError) as err:
bad_db.users()
assert err.value.error_code in {11, 1228}
# Test has user with bad database
with assert_raises(UserListError) as err:
bad_db.has_user(username)
assert err.value.error_code in {11, 1228}
# Test get user
users = sys_db.users()
for user in users:
assert "active" in user
assert "extra" in user
assert "username" in user
assert username in extract("username", sys_db.users())
# Test get missing user
with assert_raises(UserGetError) as err:
sys_db.user(generate_username())
assert err.value.error_code == 1703
# Update existing user
new_user = sys_db.update_user(
username=username,
password=password,
active=False,
extra={"bar": "baz"},
)
assert new_user["username"] == username
assert new_user["active"] is False
assert new_user["extra"] == {"bar": "baz"}
assert sys_db.user(username) == new_user
# Update missing user
with assert_raises(UserUpdateError) as err:
sys_db.update_user(username=generate_username(),
password=generate_string())
assert err.value.error_code == 1703
# Replace existing user
new_user = sys_db.replace_user(
username=username,
password=password,
active=False,
extra={"baz": "qux"},
)
assert new_user["username"] == username
assert new_user["active"] is False
assert new_user["extra"] == {"baz": "qux"}
assert sys_db.user(username) == new_user
# Replace missing user
with assert_raises(UserReplaceError) as err:
sys_db.replace_user(username=generate_username(),
password=generate_string())
assert err.value.error_code == 1703
# Delete an existing user
assert sys_db.delete_user(username) is True
# Delete a missing user
with assert_raises(UserDeleteError) as err:
sys_db.delete_user(username, ignore_missing=False)
assert err.value.error_code == 1703
assert sys_db.delete_user(username, ignore_missing=True) is False
def test_permission_management(client, sys_db, bad_db, cluster):
if cluster:
pytest.skip("Not tested in a cluster setup")
username = generate_username()
password = generate_string()
db_name = generate_db_name()
col_name_1 = generate_col_name()
col_name_2 = generate_col_name()
sys_db.create_database(
name=db_name,
users=[{
"username": username,
"password": password,
"active": True
}],
)
db = client.db(db_name, username, password)
assert isinstance(sys_db.permissions(username), dict)
# Test list permissions with bad database
with assert_raises(PermissionListError) as err:
bad_db.permissions(username)
assert err.value.error_code in {11, 1228}
# Test get permission with bad database
with assert_raises(PermissionGetError) as err:
bad_db.permission(username, db_name)
assert err.value.error_code in {11, 1228}
# The user should not have read and write permissions
assert sys_db.permission(username, db_name) == "rw"
assert sys_db.permission(username, db_name, col_name_1) == "rw"
# Test update permission (database level) with bad database
with assert_raises(PermissionUpdateError):
bad_db.update_permission(username, "ro", db_name)
assert sys_db.permission(username, db_name) == "rw"
# Test update permission (database level) to read only and verify access
assert sys_db.update_permission(username, "ro", db_name) is True
assert sys_db.permission(username, db_name) == "ro"
with assert_raises(CollectionCreateError) as err:
db.create_collection(col_name_2)
assert err.value.http_code == 403
assert col_name_1 not in extract("name", db.collections())
assert col_name_2 not in extract("name", db.collections())
# Test reset permission (database level) with bad database
with assert_raises(PermissionResetError) as err:
bad_db.reset_permission(username, db_name)
assert err.value.error_code in {11, 1228}
assert sys_db.permission(username, db_name) == "ro"
# Test reset permission (database level) and verify access
assert sys_db.reset_permission(username, db_name) is True
assert sys_db.permission(username, db_name) == "none"
with assert_raises(CollectionCreateError) as err:
db.create_collection(col_name_1)
assert err.value.http_code == 401
with assert_raises(CollectionListError) as err:
db.collections()
assert err.value.http_code == 401
# Test update permission (database level) and verify access
assert sys_db.update_permission(username, "rw", db_name) is True
assert sys_db.permission(username, db_name, col_name_2) == "rw"
assert db.create_collection(col_name_1) is not None
assert db.create_collection(col_name_2) is not None
assert col_name_1 in extract("name", db.collections())
assert col_name_2 in extract("name", db.collections())
col_1 = db.collection(col_name_1)
col_2 = db.collection(col_name_2)
# Verify that user has read and write access to both collections
assert isinstance(col_1.properties(), dict)
assert isinstance(col_1.insert({}), dict)
assert isinstance(col_2.properties(), dict)
assert isinstance(col_2.insert({}), dict)
# Test update permission (collection level) to read only and verify access
assert sys_db.update_permission(username, "ro", db_name, col_name_1)
assert sys_db.permission(username, db_name, col_name_1) == "ro"
assert isinstance(col_1.properties(), dict)
with assert_raises(DocumentInsertError) as err:
col_1.insert({})
assert err.value.http_code == 403
assert isinstance(col_2.properties(), dict)
assert isinstance(col_2.insert({}), dict)
# Test update permission (collection level) to none and verify access
assert sys_db.update_permission(username, "none", db_name, col_name_1)
assert sys_db.permission(username, db_name, col_name_1) == "none"
with assert_raises(CollectionPropertiesError) as err:
col_1.properties()
assert err.value.http_code == 403
with assert_raises(DocumentInsertError) as err:
col_1.insert({})
assert err.value.http_code == 403
assert isinstance(col_2.properties(), dict)
assert isinstance(col_2.insert({}), dict)
# Test reset permission (collection level)
assert sys_db.reset_permission(username, db_name, col_name_1) is True
assert sys_db.permission(username, db_name, col_name_1) == "rw"
assert isinstance(col_1.properties(), dict)
assert isinstance(col_1.insert({}), dict)
assert isinstance(col_2.properties(), dict)
assert isinstance(col_2.insert({}), dict)
def test_permission_management(client, sys_db, bad_db):
username = generate_username()
password = generate_string()
db_name = generate_db_name()
col_name_1 = generate_col_name()
col_name_2 = generate_col_name()
sys_db.create_database(
name=db_name,
users=[{
'username': username,
'password': password,
'active': True
}]
)
db = client.db(db_name, username, password)
assert isinstance(sys_db.permissions(username), dict)
# Test list permissions with bad database
with assert_raises(PermissionListError) as err:
bad_db.permissions(username)
assert err.value.error_code in {11, 1228}
# Test get permission with bad database
with assert_raises(PermissionGetError) as err:
bad_db.permission(username, db_name)
assert err.value.error_code in {11, 1228}
# The user should not have read and write permissions
assert sys_db.permission(username, db_name) == 'none'
assert sys_db.permission(username, db_name, col_name_1) == 'none'
with assert_raises(CollectionCreateError) as err:
db.create_collection(col_name_1)
assert err.value.http_code == 401
with assert_raises(CollectionListError) as err:
db.collections()
assert err.value.http_code == 401
# Test update permission (database level) with bad database
with assert_raises(PermissionUpdateError):
bad_db.update_permission(username, 'ro', db_name)
assert sys_db.permission(username, db_name) == 'none'
# Test update permission (database level) to read only and verify access
assert sys_db.update_permission(username, 'ro', db_name) is True
assert sys_db.permission(username, db_name) == 'ro'
with assert_raises(CollectionCreateError) as err:
db.create_collection(col_name_2)
assert err.value.http_code == 403
assert col_name_1 not in extract('name', db.collections())
assert col_name_2 not in extract('name', db.collections())
# Test reset permission (database level) with bad database
with assert_raises(PermissionResetError) as err:
bad_db.reset_permission(username, db_name)
assert err.value.error_code in {11, 1228}
assert sys_db.permission(username, db_name) == 'ro'
# Test reset permission (database level) and verify access
assert sys_db.reset_permission(username, db_name) is True
assert sys_db.permission(username, db_name) == 'none'
with assert_raises(CollectionCreateError) as err:
db.create_collection(col_name_1)
assert err.value.http_code == 401
with assert_raises(CollectionListError) as err:
db.collections()
assert err.value.http_code == 401
# Test update permission (database level) and verify access
assert sys_db.update_permission(username, 'rw', db_name) is True
assert sys_db.permission(username, db_name, col_name_2) == 'rw'
assert db.create_collection(col_name_1) is not None
assert db.create_collection(col_name_2) is not None
assert col_name_1 in extract('name', db.collections())
assert col_name_2 in extract('name', db.collections())
col_1 = db.collection(col_name_1)
col_2 = db.collection(col_name_2)
# Verify that user has read and write access to both collections
assert isinstance(col_1.properties(), dict)
assert isinstance(col_1.insert({}), dict)
assert isinstance(col_2.properties(), dict)
assert isinstance(col_2.insert({}), dict)
# Test update permission (collection level) to read only and verify access
assert sys_db.update_permission(username, 'ro', db_name, col_name_1)
assert sys_db.permission(username, db_name, col_name_1) == 'ro'
assert isinstance(col_1.properties(), dict)
with assert_raises(DocumentInsertError) as err:
col_1.insert({})
assert err.value.http_code == 403
assert isinstance(col_2.properties(), dict)
assert isinstance(col_2.insert({}), dict)
# Test update permission (collection level) to none and verify access
assert sys_db.update_permission(username, 'none', db_name, col_name_1)
assert sys_db.permission(username, db_name, col_name_1) == 'none'
with assert_raises(CollectionPropertiesError) as err:
col_1.properties()
assert err.value.http_code == 403
with assert_raises(DocumentInsertError) as err:
col_1.insert({})
assert err.value.http_code == 403
assert isinstance(col_2.properties(), dict)
assert isinstance(col_2.insert({}), dict)
# Test reset permission (collection level)
assert sys_db.reset_permission(username, db_name, col_name_1) is True
assert sys_db.permission(username, db_name, col_name_1) == 'rw'
assert isinstance(col_1.properties(), dict)
assert isinstance(col_1.insert({}), dict)
assert isinstance(col_2.properties(), dict)
assert isinstance(col_2.insert({}), dict)
