def test_show_group(tmpdir: LocalPath, setup: SetupTest, browser: Chrome) -> None:
with setup.transaction():
setup.add_user_to_group("*****@*****.**", "team-sre", role="owner")
setup.add_user_to_group("*****@*****.**", "team-sre")
setup.grant_permission_to_group("ssh", "*", "team-sre")
setup.grant_permission_to_group("team-sre", "foo", "team-sre")
setup.grant_permission_to_group("team-sre", "bar", "team-sre")
with frontend_server(tmpdir, "*****@*****.**") as frontend_url:
browser.get(url(frontend_url, "/groups/team-sre"))
page = GroupViewPage(browser)
row = page.find_member_row("*****@*****.**")
assert row.role == "owner"
assert row.href.endswith("/users/[email protected]")
row = page.find_member_row("*****@*****.**")
assert row.role == "member"
assert row.href.endswith("/users/[email protected]")
rows = page.find_permission_rows("ssh")
assert len(rows) == 1
assert rows[0].argument == "*"
assert rows[0].href.endswith("/permissions/ssh")
rows = page.find_permission_rows("team-sre")
for permission_row in rows:
assert permission_row.href.endswith("/permissions/team-sre")
assert sorted([r.argument for r in rows]) == ["bar", "foo"]
def test_grant_permission(tmpdir: LocalPath, setup: SetupTest,
browser: Chrome) -> None:
with setup.transaction():
setup.add_user_to_group("*****@*****.**", "some-group")
setup.grant_permission_to_group(PERMISSION_GRANT, "some-permission",
"some-group")
setup.create_permission("some-permission")
setup.create_group("other-group")
with frontend_server(tmpdir, "*****@*****.**") as frontend_url:
browser.get(url(frontend_url, "/groups/some-group"))
group_page = GroupViewPage(browser)
assert group_page.find_permission_rows("some-permission") == []
group_page.click_add_permission_button()
grant_page = PermissionGrantPage(browser)
grant_page.set_permission("some-permission")
grant_page.set_argument("foo")
grant_page.submit()
rows = group_page.find_permission_rows("some-permission")
assert len(rows) == 1
assert rows[0].argument == "foo"
# Grant a permission with surrounding and internal whitespace to test whitespace handling.
browser.get(url(frontend_url, "/groups/other-group"))
assert group_page.find_permission_rows("some-permission") == []
group_page.click_add_permission_button()
grant_page.set_permission("some-permission")
grant_page.set_argument(" arg u ment ")
grant_page.submit()
rows = group_page.find_permission_rows("some-permission")
assert len(rows) == 1
assert rows[0].argument in ("arg u ment", "arg u ment"
) # browser messes with whitespace
# Check directly in the database to make sure the whitespace is stripped, since we may not be
# able to see it via the browser. We need to explicitly reopen the database since otherwise
# SQLite doesn't always see changes written by the frontend.
setup.reopen_database()
permission_grant_repository = setup.sql_repository_factory.create_permission_grant_repository(
)
grants = permission_grant_repository.permission_grants_for_group(
"other-group")
assert grants == [
GroupPermissionGrant(
group="other-group",
permission="some-permission",
argument="arg u ment",
granted_on=ANY,
is_alias=False,
grant_id=ANY,
)
]
def test_show_group_hides_aliased_permissions(async_server, browser): # noqa: F811
fe_url = url(async_server, "/groups/sad-team")
browser.get(fe_url)
page = GroupViewPage(browser)
assert len(page.find_permission_rows("owner", "sad-team")) == 1
assert page.find_permission_rows("ssh", "owner=sad-team") == []
assert page.find_permission_rows("sudo", "sad-team") == []
def test_show_group_hides_aliased_permissions(
tmpdir: LocalPath, setup: SetupTest, browser: Chrome
) -> None:
with setup.transaction():
setup.add_user_to_group("*****@*****.**", "sad-team", role="owner")
setup.create_permission("ssh")
setup.create_permission("sudo")
setup.grant_permission_to_group("owner", "sad-team", "sad-team")
with frontend_server(tmpdir, "*****@*****.**") as frontend_url:
browser.get(url(frontend_url, "/groups/sad-team"))
page = GroupViewPage(browser)
assert len(page.find_permission_rows("owner", "sad-team")) == 1
assert page.find_permission_rows("ssh", "owner=sad-team") == []
assert page.find_permission_rows("sudo", "sad-team") == []
def test_show_group(async_server, browser, groups): # noqa: F811
group = groups["team-sre"]
fe_url = url(async_server, "/groups/{}".format(group.name))
browser.get(fe_url)
page = GroupViewPage(browser)
members = group.my_members()
for [_, username], _ in members.iteritems():
row = page.find_member_row(username)
assert row.href.endswith("/users/{}".format(username))
for permission in group.my_permissions():
rows = page.find_permission_rows(permission.name)
assert len(rows) == 1
assert rows[0].argument == permission.argument
assert rows[0].href.endswith("/permissions/{}".format(permission.name))
def test_end_to_end_whitespace_in_argument(tmpdir, setup, browser):
# type: (LocalPath, SetupTest, Chrome) -> None
with setup.transaction():
setup.create_group("some-group")
setup.create_permission("some-permission")
setup.add_user_to_group("*****@*****.**", "some-group", "owner")
setup.add_user_to_group("*****@*****.**", "admins")
setup.grant_permission_to_group(PERMISSION_GRANT, "some-permission", "admins")
with frontend_server(tmpdir, "*****@*****.**") as frontend_url:
browser.get(url(frontend_url, "/permissions/some-permission"))
permission_page = PermissionPage(browser)
assert permission_page.subheading == "some-permission"
permission_page.button_to_request_this_permission.click()
permission_request_page = PermissionRequestPage(browser)
permission_request_page.set_group("some-group")
permission_request_page.set_argument_freeform(" arg u ment ")
permission_request_page.set_reason("testing whitespace")
permission_request_page.submit()
with frontend_server(tmpdir, "*****@*****.**") as frontend_url:
browser.get(url(frontend_url, "/permissions/requests?status=pending"))
requests_page = PermissionRequestsPage(browser)
request_rows = requests_page.request_rows
assert len(request_rows) == 1
request = request_rows[0]
request.click_modify_link()
modify_page = PermissionRequestUpdatePage(browser)
modify_page.set_status("actioned")
modify_page.set_reason("testing whitespace")
modify_page.submit()
browser.get(url(frontend_url, "/groups/some-group?refresh=yes"))
group_page = GroupViewPage(browser)
permission_rows = group_page.find_permission_rows("some-permission")
assert len(permission_rows) == 1
grant = permission_rows[0]
assert grant.name == "some-permission"
assert grant.argument in ("arg u ment", "arg u ment") # browser messes with whitespace
assert grant.source == "(direct)"
# Check directly in the database to make sure the whitespace is stripped, since we may not be
# able to see it via the browser. We need to explicitly reopen the database since otherwise
# SQLite doesn't always see changes written by the frontend.
setup.reopen_database()
permission_grant_repository = setup.sql_repository_factory.create_permission_grant_repository()
grants = permission_grant_repository.permission_grants_for_group("some-group")
assert grants == [
GroupPermissionGrant(
group="some-group",
permission="some-permission",
argument="arg u ment",
granted_on=ANY,
is_alias=False,
grant_id=ANY,
)
]