def test_user_info():
client = ClientFactory()
role1 = RoleFactory()
role2 = RoleFactory()
user = UserFactory(roles=(role1, role2))
actual_user_info = get_user_info(user.id, client.id)
expected_user_info = UserInfo(
sub=user.id,
email=user.email,
email_verified=user.verified,
name=user.name,
picture=None,
roles=[role1.id, role2.id],
)
assert expected_user_info == actual_user_info
def test_create_role_with_scopes():
scopes = ScopeFactory.create_batch(
5, type='odp') + ScopeFactory.create_batch(5, type='client')
role = RoleFactory(scopes=scopes)
result = Session.execute(select(RoleScope)).scalars()
assert [(row.role_id, row.scope_id, row.scope_type) for row in result] \
== [(role.id, scope.id, scope.type) for scope in scopes]
def test_platform_roles():
scopes = ScopeFactory.create_batch(8, type='odp')
client = ClientFactory(scopes=scopes[1:7])
role1 = RoleFactory(scopes=scopes[:3])
role2 = RoleFactory(scopes=scopes[5:])
user = UserFactory(roles=(role1, role2))
actual_user_perm = get_user_permissions(user.id, client.id)
expected_user_perm = {
scope.id: '*'
for n, scope in enumerate(scopes) if n in (1, 2, 5, 6)
}
assert_compare(expected_user_perm, actual_user_perm)
actual_client_perm = get_client_permissions(client.id)
expected_client_perm = {scope.id: '*' for scope in scopes[1:7]}
assert_compare(expected_client_perm, actual_client_perm)
def test_user_info_collection_roles_and_client():
client = ClientFactory(is_collection_client=True)
role1 = RoleFactory()
role2 = RoleFactory(collection=client.collection)
role3 = RoleFactory(collection=client.collection)
role4 = RoleFactory(is_collection_role=True)
user = UserFactory(roles=(role1, role2, role3, role4))
actual_user_info = get_user_info(user.id, client.id)
expected_user_info = UserInfo(
sub=user.id,
email=user.email,
email_verified=user.verified,
name=user.name,
picture=None,
roles=[role1.id, role2.id, role3.id],
)
assert expected_user_info == actual_user_info
def role_batch():
"""Create and commit a batch of Role instances."""
return [
RoleFactory(
scopes=ScopeFactory.create_batch(randint(0, 3), type=choice(('odp', 'client'))),
is_collection_role=n in (1, 2) or randint(0, 1),
)
for n in range(randint(3, 5))
]
def test_collection_client_platform_collection_role_mix():
scopes = ScopeFactory.create_batch(8, type='odp')
client = ClientFactory(scopes=scopes[1:7], is_collection_client=True)
role1 = RoleFactory(scopes=scopes[:3])
role2 = RoleFactory(scopes=scopes[3:5], is_collection_role=True)
role3 = RoleFactory(scopes=scopes[5:], collection=client.collection)
user = UserFactory(roles=(role1, role2, role3))
actual_user_perm = get_user_permissions(user.id, client.id)
expected_user_perm = {
scope.id: [client.collection_id]
for n, scope in enumerate(scopes) if n in (1, 2, 5, 6)
}
assert_compare(expected_user_perm, actual_user_perm)
actual_client_perm = get_client_permissions(client.id)
expected_client_perm = {
scope.id: [client.collection_id]
for scope in scopes[1:7]
}
assert_compare(expected_client_perm, actual_client_perm)
def test_collection_roles():
scopes = ScopeFactory.create_batch(8, type='odp')
client = ClientFactory(scopes=scopes[1:7])
role1 = RoleFactory(scopes=scopes[:5], is_collection_role=True)
role2 = RoleFactory(scopes=scopes[3:], is_collection_role=True)
user = UserFactory(roles=(role1, role2))
actual_user_perm = get_user_permissions(user.id, client.id)
expected_user_perm = {
scope.id: [role1.collection_id]
for n, scope in enumerate(scopes) if n in (1, 2)
} | {
scope.id: [role1.collection_id, role2.collection_id]
for n, scope in enumerate(scopes) if n in (3, 4)
} | {
scope.id: [role2.collection_id]
for n, scope in enumerate(scopes) if n in (5, 6)
}
assert_compare(expected_user_perm, actual_user_perm)
actual_client_perm = get_client_permissions(client.id)
expected_client_perm = {scope.id: '*' for scope in scopes[1:7]}
assert_compare(expected_client_perm, actual_client_perm)
def test_create_role_with_collection():
role = RoleFactory(is_collection_role=True)
result = Session.execute(select(Role, Collection).join(Collection)).one()
assert (result.Role.id, result.Role.collection_id, result.Collection.name) \
== (role.id, role.collection.id, role.collection.name)
def test_create_role():
role = RoleFactory()
result = Session.execute(select(Role)).scalar_one()
assert (result.id, result.collection_id) == (role.id, None)
