def test_add_role_member_outqueue():
"""Test adding a new member to a role.
Creates two test users and a role using the first user,
then adds the second user as member to role."""
user1_payload = {
"name": "Test Owner 0521201905",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
user2_payload = {
"name": "Test Member 0521201906",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
with requests.Session() as session:
user1_response = create_test_user(session, user1_payload)
user1_result = assert_api_success(user1_response)
user1_id = user1_result["data"]["user"]["id"]
user2_response = create_test_user(session, user2_payload)
user2_result = assert_api_success(user2_response)
user2_id = user2_result["data"]["user"]["id"]
role_payload = {
"name": "TestRole0521201902",
"owners": user1_id,
"administrators": user1_id,
"description": "Test Role 3",
}
role_response = create_test_role(session, role_payload)
role_result = assert_api_success(role_response)
role_id = role_result["data"]["id"]
start_depth = get_outbound_queue_depth()
role_update_payload = {
"id": user2_id,
"reason": "Integration test of adding a member.",
"metadata": "",
}
response = session.post(
"http://rbac-server:8000/api/roles/{}/members".format(role_id),
json=role_update_payload,
)
result = assert_api_success(response)
proposal_response = get_proposal_with_retry(session,
result["proposal_id"])
proposal = assert_api_success(proposal_response)
# Logging in as role owner
credentials_payload = {
"id": user1_payload["username"],
"password": user1_payload["password"],
}
log_in(session, credentials_payload)
# Approve proposal as role owner
approval_response = approve_proposal(session, result["proposal_id"])
end_depth = get_outbound_queue_depth()
assert end_depth > start_depth
delete_role_by_name("TestRole0521201902")
delete_user_by_username("test0521201905")
delete_user_by_username("test0521201906")
async def test_check_admin_status():
"""Test that checking a users admin status returns the correct boolean."""
admin_user = {
"name": "admin nadia",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
user = {
"name": "nadia four",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
with requests.Session() as session:
non_admin_response = create_test_user(session, user)
admin_response = create_test_user(session, admin_user)
admin_id = admin_response.json()["data"]["user"]["id"]
non_admin_id = non_admin_response.json()["data"]["user"]["id"]
next_admins = {
"name": "NextAdmins",
"owners": admin_id,
"administrators": admin_id,
}
role_response = create_test_role(session, next_admins)
add_role_member(session,
role_response.json()["data"]["id"], {"id": admin_id})
admin = await check_admin_status(admin_id)
non_admin = await check_admin_status(non_admin_id)
assert admin
assert not non_admin
def test_search_api():
"""Tests the search api endpoint functions and returns a valid payload."""
delete_user_by_username("susan20")
with requests.Session() as session:
create_user_input = {
"name": "Susan Susanson",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
create_test_user(session, create_user_input)
search_query = {
"query": {
"search_input": "super long search input",
"search_object_types": ["role", "pack", "user"],
"page_size": "20",
"page": "2",
}
}
response = session.post("http://rbac-server:8000/api/search",
json=search_query)
assert response.json()["data"] == {
"roles": [],
"packs": [],
"users": []
}
delete_user_by_username("susan23")
def test_delete_pack_as_non_admin():
"""Testing delete pack API with as non-admin"""
with requests.Session() as session:
user_id_1 = create_test_user(
session, TEST_USERS[4]).json()["data"]["user"]["id"]
role_id = create_fake_role(session, user_id_1,
TEST_ROLES[4]).json()["data"]["id"]
pack_id = create_fake_pack(session, user_id_1, role_id,
TEST_PACKS[6]).json()["data"]["pack_id"]
user_response = create_test_user(session, TEST_USERS[5])
assert user_response.status_code == 200, "Error creating user: %s \n%s" % (
TEST_USERS[5]["username"],
user_response.json(),
)
# auth as a non-admin
user_payload = {
"id": TEST_USERS[5]["username"],
"password": TEST_USERS[5]["password"],
}
auth_response = session.post(
"http://rbac-server:8000/api/authorization/", json=user_payload)
assert auth_response.status_code == 200, "Error authing as %s: \n%s" % (
TEST_USERS[5]["username"],
auth_response.json(),
)
# try to delete the pack as a non-admin
response = session.delete(
"http://rbac-server:8000/api/packs/{}".format(pack_id))
assert response.status_code == 503, (
"Unexpected response when deleting pack: %s" % response.json())
def test_reject_users_proposals():
"""Test that a user's proposals are rejected when they are deleted."""
user_to_delete = {
"name": "nadia two",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
user = {
"name": "nadia three",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
with requests.Session() as session:
response1 = create_test_user(session, user_to_delete)
response2 = create_test_user(session, user)
role_payload_1 = {
"name": "NadiaRole1",
"owners": response1.json()["data"]["user"]["id"],
"administrators": response1.json()["data"]["user"]["id"],
"description": "Nadia Role 1",
}
role_response1 = create_test_role(session, role_payload_1)
proposal_1 = add_role_member(
session,
role_response1.json()["data"]["id"],
{"id": response2.json()["data"]["user"]["id"]},
)
next_id = response1.json()["data"]["user"]["id"]
conn = connect_to_db()
user_exists = (r.db("rbac").table("users").filter({
"next_id": next_id
}).coerce_to("array").run(conn))
assert user_exists
deletion = session.delete("http://rbac-server:8000/api/users/" +
next_id)
time.sleep(5)
assert deletion.json() == {
"message": "User {} successfully deleted".format(next_id),
"deleted": 1,
}
user_exists = (r.db("rbac").table("users").filter({
"next_id": next_id
}).coerce_to("array").run(conn))
assert not user_exists
proposal_1_result = (r.db("rbac").table("proposals").filter({
"proposal_id":
proposal_1.json()["proposal_id"]
}).coerce_to("array").run(conn))
conn.close()
assert proposal_1_result[0]["status"] == "REJECTED"
def test_invalid_auth_inputs(login_inputs, expected_result,
expected_status_code):
""" Test authorization API endpoint with invalid inputs """
create_test_user(requests.Session(), USER_INPUT)
with requests.Session() as session:
response = session.post("http://rbac-server:8000/api/authorization/",
json=login_inputs)
assert response.json()["message"] == expected_result
assert response.json()["code"] == expected_status_code
def test_valid_auth_inputs(login_inputs, expected_result,
expected_status_code):
""" Test authorization API endpoint with valid inputs """
with requests.Session() as session:
create_test_user(session, USER_INPUT)
time.sleep(5)
response = session.post("http://rbac-server:8000/api/authorization/",
json=login_inputs)
assert response.json()["data"]["message"] == expected_result
assert response.status_code == expected_status_code
def test_update_manager():
""" Creates a user and then updates their manager
Manager is the second user created here."""
user1_payload = {
"name": "Test User 6",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
user2_payload = {
"name": "Test User 7",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
with requests.Session() as session:
user1_response = create_test_user(session, user1_payload)
user1_result = assert_api_success(user1_response)
user1_id = user1_result["data"]["user"]["id"]
user2_response = create_test_user(session, user2_payload)
user2_result = assert_api_success(user2_response)
user2_id = user2_result["data"]["user"]["id"]
manager_payload = {
"id": user2_id,
"reason": "Integration test of adding role owner.",
"metadata": "",
}
response = session.put(
"http://rbac-server:8000/api/users/{}/manager".format(user1_id),
json=manager_payload,
)
result = assert_api_success(response)
proposal_response = get_proposal_with_retry(session,
result["proposal_id"])
proposal = assert_api_success(proposal_response)
assert proposal["data"]["assigned_approver"][0] == user2_id
# Logging in as role owner
credentials_payload = {
"id": user2_payload["username"],
"password": user2_payload["password"],
}
log_in(session, credentials_payload)
# Approve proposal as role owner
approve_proposal(session, result["proposal_id"])
proposal_response = get_proposal_with_retry(session,
result["proposal_id"])
proposal = assert_api_success(proposal_response)
assert proposal["data"]["status"] == "CONFIRMED"
delete_user_by_username("testuser6")
delete_user_by_username("testuser7")
def test_add_role_member():
"""Test adding a new member to a role.
Creates two test users and a role using the first user,
then adds the second user as member to role."""
user1_payload = {
"name": "Test Owner 1",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
user2_payload = {
"name": "Test Member",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
with requests.Session() as session:
user1_response = create_test_user(session, user1_payload)
user1_result = assert_api_success(user1_response)
user1_id = user1_result["data"]["user"]["id"]
user2_response = create_test_user(session, user2_payload)
user2_result = assert_api_success(user2_response)
user2_id = user2_result["data"]["user"]["id"]
role_payload = {
"name": "TestRole0501201903",
"owners": user1_id,
"administrators": user1_id,
"description": "Test Role 3",
}
role_response = create_test_role(session, role_payload)
role_result = assert_api_success(role_response)
role_id = role_result["data"]["id"]
role_update_payload = {
"id": user2_id,
"reason": "Integration test of adding a member.",
"metadata": "",
}
response = session.post(
"http://rbac-server:8000/api/roles/{}/members".format(role_id),
json=role_update_payload,
)
result = assert_api_success(response)
proposal_response = get_proposal_with_retry(session,
result["proposal_id"])
proposal = assert_api_success(proposal_response)
assert proposal["data"]["assigned_approver"][0] == user1_id
delete_role_by_name("TestRole0501201903")
delete_user_by_username("testowner")
delete_user_by_username("testmemeber")
def test_add_task_owner():
"""Test adding an owner to a task.
Creates two test users and a task using the first user,
then adds the second user as task owner."""
user1_payload = {
"name": "Test User 10",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
user2_payload = {
"name": "Test User 11",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
with requests.Session() as session:
user1_response = create_test_user(session, user1_payload)
user1_result = assert_api_success(user1_response)
user1_id = user1_result["data"]["user"]["id"]
user2_response = create_test_user(session, user2_payload)
user2_result = assert_api_success(user2_response)
user2_id = user2_result["data"]["user"]["id"]
task1_payload = {
"name": "TestTask3",
"administrators": user1_id,
"owners": user1_id,
"metadata": "",
}
task_response = create_test_task(session, task1_payload)
task_result = assert_api_success(task_response)
task_id = task_result["data"]["id"]
owner_payload = {
"id": user2_id,
"reason": "Integration test of adding task owner.",
"metadata": "",
}
response = session.post(
"http://rbac-server:8000/api/tasks/{}/owners".format(task_id),
json=owner_payload,
)
result = assert_api_success(response)
proposal_response = get_proposal_with_retry(session,
result["proposal_id"])
proposal = assert_api_success(proposal_response)
assert proposal["data"]["assigned_approver"][0] == user1_id
delete_task_by_name("TestTask3")
delete_user_by_username("testuser10")
delete_user_by_username("testuser11")
def test_update_manager_outqueue():
""" Creates a user and then updates their manager
Manager is the second user created here."""
user1_payload = {
"name": "Test User 0521201901",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
user2_payload = {
"name": "Test User 0521201902",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
with requests.Session() as session:
user1_response = create_test_user(session, user1_payload)
user1_result = assert_api_success(user1_response)
user1_id = user1_result["data"]["user"]["id"]
user2_response = create_test_user(session, user2_payload)
user2_result = assert_api_success(user2_response)
user2_id = user2_result["data"]["user"]["id"]
start_depth = get_outbound_queue_depth()
manager_payload = {
"id": user2_id,
"reason": "Integration test of adding role owner.",
"metadata": "",
}
response = session.put(
"http://rbac-server:8000/api/users/{}/manager".format(user1_id),
json=manager_payload,
)
result = assert_api_success(response)
proposal_response = get_proposal_with_retry(session,
result["proposal_id"])
proposal = assert_api_success(proposal_response)
# Logging in as role owner
credentials_payload = {
"id": user2_payload["username"],
"password": user2_payload["password"],
}
log_in(session, credentials_payload)
# Approve proposal as role owner
approval_response = approve_proposal(session, result["proposal_id"])
end_depth = get_outbound_queue_depth()
assert end_depth > start_depth
delete_user_by_username("test0521201901")
delete_user_by_username("test0521201902")
def test_delete_invalid_role():
"""Test the delete roll api
Create a test user for auth
Create a test role
Deletes the test role
Only checks that the role was deleted
"""
with requests.Session() as session:
# Create test user
user_payload = {
"name": "Rapp Scallion",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
user_response = create_test_user(session, user_payload)
assert user_response.status_code == 200, ("Error creating user: %s" %
user_response.json())
# Delete test role
delete_role_response = session.delete(
"http://rbac-server:8000/api/roles/invalid_role_id")
assert delete_role_response.status_code == 404, (
"Unexpected response: %s" % delete_role_response.json())
# clean up
delete_user_by_username("guybrush3pw00d")
def test_proposals():
"""Create a new fake role and try to add yourself to role you created"""
with requests.Session() as session:
user_payload = {
"name": "Susan S",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
user_response = create_test_user(session, user_payload)
user_id = user_response.json()["data"]["user"]["id"]
role_resource = {
"name": "Office_Assistant",
"owners": user_id,
"administrators": user_id,
}
insert_role(role_resource)
delete_role_by_name("Office_Assistant")
role_response = session.post("http://rbac-server:8000/api/roles",
json=role_resource)
role_id = role_response.json()["data"]["id"]
insert_role(role_resource)
res = session.post(
"http://rbac-server:8000/api/roles/" + role_id + "/members",
json=user_response.json()["data"]["user"],
)
assert (res.json()["message"] ==
"Owner is the requester. Proposal is autoapproved")
delete_user_by_username("susans2224")
delete_role_by_name("Office_Assistant")
def test_create_duplicate_role():
"""Create a new fake role resource"""
insert_role({
"name": "Manager0501201901",
"owners": "12345",
"administrators": "12345"
})
with requests.Session() as session:
user_payload = {
"name": "Susan Susanson",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
user_response = create_test_user(session, user_payload)
user_id = user_response.json()["data"]["user"]["id"]
role_resource = {
"name": "Manager0501201901",
"owners": user_id,
"administrators": user_id,
}
insert_role(role_resource)
response = session.post("http://rbac-server:8000/api/roles",
json=role_resource)
assert (
response.json()["message"] ==
"Error: Could not create this role because the role name already exists."
)
assert response.json()["code"] == 400
delete_user_by_username("susan22")
delete_role_by_name("Manager0501201901")
def setup_module():
"""actions to be performed to configure the database before tests are run.
"""
wait_for_rethink()
with requests.Session() as session:
# create a management chain of users
user_id = None
for i, user in enumerate(TEST_USERS):
# Sixth User should be outside of the management chain
# Fifth User is the highest manager and should have no managers
if i > 1:
user["manager"] = user_id
response = create_test_user(session, user)
assert response.status_code == 200, response.json()
user_id = response.json()["data"]["user"]["id"]
# save the returned next_id in the TEST_USER object
user["next_id"] = user_id
# create test role(s)
for i, role in enumerate(TEST_ROLES):
# set the Zeroth User as the role owner
role["owners"] = [user_id]
role["administrators"] = [user_id]
response = create_test_role(session, role)
assert response.status_code == 200, response.json()
role_id = response.json()["data"]["id"]
role["next_id"] = role_id
def test_duplicate_pack_with_spaces():
"""Create a new fake role resource with varying spaces in between the name"""
with requests.Session() as session:
user_payload = {
"name": "Susan Susanson",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
user_response = create_test_user(session, user_payload)
user_id = user_response.json()["data"]["user"]["id"]
role_response = create_fake_role(session, user_id)
role_id = role_response.json()["data"]["id"]
create_fake_pack(session, user_id, role_id)
pack_resource = {
"name": " My Pack ",
"owners": user_id,
"roles": role_id,
}
response = session.post("http://rbac-server:8000/api/packs",
json=pack_resource)
assert (
response.json()["message"] ==
"Error: Could not create this pack because the pack name already exists."
)
assert response.json()["code"] == 400
delete_user_by_username("susan21")
delete_role_by_name("Manager")
delete_pack_by_name("My Pack")
def test_role_outq_insertion():
""" Test the insertion of a new fake role resource which is unique
into the outbound_queue table.
"""
user1_payload = {
"name": "Test Unique User",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
with requests.Session() as session:
expected_result = True
user_response1 = create_test_user(session, user1_payload)
user1_result = assert_api_success(user_response1)
user1_id = user1_result["data"]["user"]["id"]
role_payload = {
"name": "TestUniqueRole0501201903",
"owners": user1_id,
"administrators": user1_id,
"description": "Test Unique Role 1",
}
role_response = create_test_role(session, role_payload)
role_result = assert_api_success(role_response)
role_name = role_result["data"]["name"]
inserted_queue_item = peek_at_queue("outbound_queue", LDAP_DC)
LOGGER.info("Received queue entry %s from outbound queue...",
inserted_queue_item["id"])
successful_insert = bool(inserted_queue_item)
assert expected_result == successful_insert
delete_role_by_name("TestUniqueRole0501201903")
delete_user_by_username("testuniqueuser0501201901")
def test_delete_role_with_admins():
"""Test the delete roll api
Create a test user for auth
Create a test role
Deletes the test role
Check that the role admin object was deleted
"""
with requests.Session() as session:
# Create test user
user_payload = {
"name": "Elaine Marley",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
user_response = create_test_user(session, user_payload)
assert user_response.status_code == 200, ("Error creating user: %s" %
user_response.json())
# Create test role
user_id = user_response.json()["data"]["user"]["id"]
role_resource = {
"name": "Tri-Island Area",
"owners": user_id,
"administrators": user_id,
}
role_response = session.post("http://rbac-server:8000/api/roles",
json=role_resource)
assert role_response.status_code == 200, ("Error creating role: %s" %
role_response.json())
# Wait for role in db
role_id = role_response.json()["data"]["id"]
is_role_in_db = wait_for_role_in_db(role_id)
assert (
is_role_in_db is True
), "Couldn't find role in rethinkdb, maximum attempts exceeded."
# Delete test role
delete_role_response = session.delete(
"http://rbac-server:8000/api/roles/%s" % role_id)
assert delete_role_response.status_code == 200, (
"Error deleting role: %s" % delete_role_response.json())
# Check for role admins
are_admins_removed = wait_for_resource_removal_in_db(
"role_admins", "role_id", role_id)
assert are_admins_removed is True
# clean up
delete_user_by_username("elaine1")
def test_delete_nonexistent_pack():
"""Testing delete pack API with nonexistent pack"""
with requests.Session() as session:
user_response = create_test_user(session, TEST_USERS[2])
pack_id = "123"
response = session.delete(
"http://rbac-server:8000/api/packs/{}".format(pack_id))
assert (
response.json()["message"] ==
"Error: Pack does not currently exist or has already been deleted."
)
assert response.json()["code"] == 400
def test_delete_pack():
"""Testing delete pack API"""
with requests.Session() as session:
user_id = create_test_user(session,
TEST_USERS[1]).json()["data"]["user"]["id"]
role_id = create_fake_role(session, user_id,
TEST_ROLES[1]).json()["data"]["id"]
pack_id = create_fake_pack(session, user_id, role_id,
TEST_PACKS[2]).json()["data"]["pack_id"]
response = session.delete(
"http://rbac-server:8000/api/packs/{}".format(pack_id))
assert response.json()["pack_id"] == pack_id
assert get_pack_by_pack_id(pack_id) == []
def test_add_role_task():
"""Test adding a new task to a role.
Creates a test user and a role, then creates
a task, to add to the role."""
user1_payload = {
"name": "Test Owner 2",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
with requests.Session() as session:
user1_response = create_test_user(session, user1_payload)
user1_result = assert_api_success(user1_response)
user1_id = user1_result["data"]["user"]["id"]
task1_payload = {
"name": "TestTask1",
"administrators": user1_id,
"owners": user1_id,
"metadata": "",
}
task_response = create_test_task(session, task1_payload)
task_result = assert_api_success(task_response)
task_id = task_result["data"]["id"]
role_payload = {
"name": "TestRole0501201904",
"owners": user1_id,
"administrators": user1_id,
"description": "Test Role 4",
}
role_response = create_test_role(session, role_payload)
role_result = assert_api_success(role_response)
role_id = role_result["data"]["id"]
role_update_payload = {
"id": task_id,
"reason": "Integration test of adding a task.",
"metadata": "",
}
response = session.post(
"http://rbac-server:8000/api/roles/{}/tasks".format(role_id),
json=role_update_payload,
)
result = assert_api_success(response)
proposal_response = get_proposal_with_retry(session,
result["proposal_id"])
proposal = assert_api_success(proposal_response)
assert proposal["data"]["assigned_approver"][0] == user1_id
delete_role_by_name("TestRole0501201904")
delete_user_by_username("testowner2")
delete_task_by_name("TestTask1")
def setup_module():
"""Setting up users and roles for various tests """
with requests.Session() as session:
# Creating test users
for user in TEST_USERS:
user_id = create_test_user(session,
user).json()["data"]["user"]["id"]
user["id"] = user_id
# Creating test roles
for role in TEST_ROLES:
role["owners"] = TEST_USERS[0]["id"]
role["administrators"] = TEST_USERS[0]["id"]
role_id = create_test_role(session, role).json()["data"]["id"]
role["id"] = role_id
def test_delete_pack_as_non_admin():
"""Testing delete pack API with as non-admin"""
with requests.Session() as session:
user_id_1 = create_test_user(
session, TEST_USERS[4]).json()["data"]["user"]["id"]
role_id = create_fake_role(session, user_id_1,
TEST_ROLES[4]).json()["data"]["id"]
pack_id = create_fake_pack(session, user_id_1, role_id,
TEST_PACKS[6]).json()["data"]["pack_id"]
user_id = create_test_user(session,
TEST_USERS[5]).json()["data"]["user"]["id"]
user_payload = {
"id": TEST_USERS[5]["username"],
"password": TEST_USERS[5]["password"],
}
session.post("http://rbac-server:8000/api/authorization/",
json=user_payload)
response = session.delete(
"http://rbac-server:8000/api/packs/{}".format(pack_id))
assert (
response.json()["message"] ==
"Error: You do not have the authorization to delete this pack.")
assert response.json()["code"] == 400
def setup_module():
"""Create a new fake role resource which is unique"""
with requests.Session() as session:
user_payload = {
"name": "Susan SusansonRandom",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
user_response = create_test_user(session, user_payload)
user_id = user_response.json()["data"]["user"]["id"]
role_resource = {
"name": "ManagerRandom0501201902",
"owners": user_id,
"administrators": user_id,
}
session.post("http://rbac-server:8000/api/roles", json=role_resource)
def test_delete_role():
"""Test the delete roll api
Create a test user for auth
Create a test role
Deletes the test role
Only checks that the role was deleted
"""
with requests.Session() as session:
# Create test user
user_payload = {
"name": "Guybrush Threepwood",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
user_response = create_test_user(session, user_payload)
assert user_response.status_code == 200, ("Error creating user: %s" %
user_response.json())
# Create test role
user_id = user_response.json()["data"]["user"]["id"]
role_resource = {
"name": "Men of Low Moral Fiber",
"owners": user_id,
"administrators": user_id,
}
role_response = session.post("http://rbac-server:8000/api/roles",
json=role_resource)
assert role_response.status_code == 200, ("Error creating role: %s" %
role_response.json())
# Wait for role in db
role_id = role_response.json()["data"]["id"]
is_role_in_db = wait_for_role_in_db(role_id)
assert (
is_role_in_db is True
), "Couldn't find role in rethinkdb, maximum attempts exceeded."
# Delete test role
delete_role_response = session.delete(
"http://rbac-server:8000/api/roles/%s" % role_id)
assert delete_role_response.status_code == 200, (
"Error deleting role: %s" % delete_role_response.json())
# clean up
delete_user_by_username("guybrush3pw00d")
def test_proposals():
"""Create a new fake role and try to add yourself to role you created"""
with requests.Session() as session:
# create test user
user_payload = {
"name": "Susan S",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
user_response = create_test_user(session, user_payload)
assert user_response.status_code == 200, ("Error creating user: %s" %
user_response.json())
# create test role
user_id = user_response.json()["data"]["user"]["id"]
role_resource = {
"name": "Office_Assistant",
"owners": user_id,
"administrators": user_id,
}
role_response = session.post("http://rbac-server:8000/api/roles",
json=role_resource)
assert role_response.status_code == 200, ("Error creating role: %s" %
role_response.json())
# Wait for role in rethinkdb
role_id = role_response.json()["data"]["id"]
is_role_in_db = wait_for_role_in_db(role_id)
assert (
is_role_in_db is True
), "Couldn't find role in rethinkdb, maximum attempts exceeded."
# create a membership proposal to test autoapproval
res = session.post(
"http://rbac-server:8000/api/roles/" + role_id + "/members",
json=user_response.json()["data"]["user"],
)
assert (res.json()["message"] ==
"Owner is the requester. Proposal is autoapproved")
# clean up
delete_user_by_username("susans2224")
delete_role_by_name("Office_Assistant")
def test_duplicate_pack_with_spaces():
"""Test creating two pack resources with varying spaces in between the name"""
with requests.Session() as session:
user_id = create_test_user(session,
TEST_USERS[3]).json()["data"]["user"]["id"]
role_id = create_fake_role(session, user_id,
TEST_ROLES[3]).json()["data"]["id"]
create_fake_pack(session, user_id, role_id, TEST_PACKS[4])
pack_resource = TEST_PACKS[5]
pack_resource["owners"] = user_id
pack_resource["roles"] = role_id
response = session.post("http://rbac-server:8000/api/packs",
json=pack_resource)
assert (
response.json()["message"] ==
"Error: Could not create this pack because the pack name already exists."
)
assert response.json()["code"] == 400
def test_update_user_password():
"""Test that an admin user can change a user's password."""
user = {
"name": "nadia five",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
with requests.Session() as session:
created_user = create_test_user(session, user)
login_inputs = {"id": "admin_nadia", "password": "******"}
session.post("http://rbac-server:8000/api/authorization/",
json=login_inputs)
payload = {
"next_id": created_user.json()["data"]["user"]["id"],
"password": "******",
}
password_response = session.put(
"http://rbac-server:8000/api/users/password", json=payload)
assert password_response.status_code == 200
assert password_response.json() == {
"message": "Password successfully updated"
}
session.close()
with requests.Session() as session2:
login_inputs = {"id": "nadia5", "password": "******"}
response = session2.post("http://rbac-server:8000/api/authorization/",
json=login_inputs)
assert response.status_code == 200
payload = {
"next_id": created_user.json()["data"]["user"]["id"],
"password": "******",
}
password_response = session2.put(
"http://rbac-server:8000/api/users/password", json=payload)
assert password_response.status_code == 400
assert (password_response.json()["message"] ==
"You are not a NEXT Administrator.")
def test_user_relationship_api():
""" Test to check that user relationship API is not throwing
an index out of range error if user dont have any manager.
Creates a test user without manager and calls the user
relationship api for testing whether it is causing any
index out of range error or not."""
user1_payload = {
"name": "kiran kumar",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
with requests.Session() as session:
user1_response = create_test_user(session, user1_payload)
user1_result = assert_api_success(user1_response)
user1_id = user1_result["data"]["user"]["id"]
response = session.get("http://rbac-server:8000/api/users/" +
user1_id + "/relationships")
assert response.json()["data"]["managers"] == []
delete_user_by_username("kkumar36")
def test_role_outq_insertion():
""" Test the insertion of a new fake role resource which is unique
into the outbound_queue table."""
user1_payload = {
"name": "Test Unique User",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
with requests.Session() as session:
expected_result = True
user_response1 = create_test_user(session, user1_payload)
user1_result = assert_api_success(user_response1)
user1_id = user1_result["data"]["user"]["id"]
role_payload = {
"name": "TestUniqueRole0501201903",
"owners": user1_id,
"administrators": user1_id,
"description": "Test Unique Role 1",
}
role_response = create_test_role(session, role_payload)
assert_api_success(role_response)
inserted_queue_item = peek_at_q_unfiltered("outbound_queue")
LOGGER.info("Received queue entry %s from outbound queue...",
inserted_queue_item["id"])
successful_insert = bool(inserted_queue_item)
assert expected_result == successful_insert
# Check status of new outbound_entry
role_entry = get_role("TestUniqueRole0501201903")
outbound_queue_data = prepare_outbound_queue_data(
role_entry[0], "role")
outbound_entry = get_outbound_queue_entry(outbound_queue_data)
assert outbound_entry[0]["status"] == "UNCONFIRMED"
delete_role_by_name("TestUniqueRole0501201903")
delete_user_by_username("testuniqueuser0501201901")