def test_proposal_api_as_owner():
"""Test updating a proposal as role owner"""
with requests.Session() as session:
# Logging in as role owner
credentials_payload = {
"id": TEST_USERS[0]["username"],
"password": TEST_USERS[0]["password"],
}
log_in(session, credentials_payload)
# Creating Proposal
proposal_payload = {"id": TEST_USERS[1]["id"]}
proposal_id = add_role_member(session, TEST_ROLES[0]["id"],
proposal_payload).json()["proposal_id"]
# Updating proposal created above as role owner
update_proposal_payload = {
"status": "APPROVED",
"reason": "Need on team."
}
update_proposal_response = update_proposal(session, proposal_id,
update_proposal_payload)
assert (update_proposal_response.status_code == 200
), update_proposal_response.json()
assert update_proposal_response.json()["proposal_id"] == proposal_id
def test_add_role_member_outqueue():
"""Test adding a new member to a role.
Creates two test users and a role using the first user,
then adds the second user as member to role."""
user1_payload = {
"name": "Test Owner 0521201905",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
user2_payload = {
"name": "Test Member 0521201906",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
with requests.Session() as session:
user1_response = create_test_user(session, user1_payload)
user1_result = assert_api_success(user1_response)
user1_id = user1_result["data"]["user"]["id"]
user2_response = create_test_user(session, user2_payload)
user2_result = assert_api_success(user2_response)
user2_id = user2_result["data"]["user"]["id"]
role_payload = {
"name": "TestRole0521201902",
"owners": user1_id,
"administrators": user1_id,
"description": "Test Role 3",
}
role_response = create_test_role(session, role_payload)
role_result = assert_api_success(role_response)
role_id = role_result["data"]["id"]
start_depth = get_outbound_queue_depth()
role_update_payload = {
"id": user2_id,
"reason": "Integration test of adding a member.",
"metadata": "",
}
response = session.post(
"http://rbac-server:8000/api/roles/{}/members".format(role_id),
json=role_update_payload,
)
result = assert_api_success(response)
proposal_response = get_proposal_with_retry(session,
result["proposal_id"])
proposal = assert_api_success(proposal_response)
# Logging in as role owner
credentials_payload = {
"id": user1_payload["username"],
"password": user1_payload["password"],
}
log_in(session, credentials_payload)
# Approve proposal as role owner
approval_response = approve_proposal(session, result["proposal_id"])
end_depth = get_outbound_queue_depth()
assert end_depth > start_depth
delete_role_by_name("TestRole0521201902")
delete_user_by_username("test0521201905")
delete_user_by_username("test0521201906")
def test_proposal_api_as_non_owner():
"""Test updating a proposal as non role owner"""
with requests.Session() as session:
# Logging in as non role owner
credentials_payload = {
"id": TEST_USERS[1]["username"],
"password": TEST_USERS[1]["password"],
}
log_in(session, credentials_payload)
# Creating payload
proposal_payload = {"id": TEST_USERS[1]["id"]}
proposal_id = add_role_member(session, TEST_ROLES[1]["id"],
proposal_payload).json()["proposal_id"]
# Updating proposale created above as non role owner
update_proposal_payload = {
"status": "APPROVED",
"reason": "Approving myself"
}
update_proposal_response = update_proposal(session, proposal_id,
update_proposal_payload)
assert (update_proposal_response.status_code == 400
), update_proposal_response.json()
assert (
update_proposal_response.json()["message"] ==
"Bad Request: You don't have the authorization to APPROVE or REJECT the proposal"
)
def test_update_manager():
""" Creates a user and then updates their manager
Manager is the second user created here."""
user1_payload = {
"name": "Test User 6",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
user2_payload = {
"name": "Test User 7",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
with requests.Session() as session:
user1_response = create_test_user(session, user1_payload)
user1_result = assert_api_success(user1_response)
user1_id = user1_result["data"]["user"]["id"]
user2_response = create_test_user(session, user2_payload)
user2_result = assert_api_success(user2_response)
user2_id = user2_result["data"]["user"]["id"]
manager_payload = {
"id": user2_id,
"reason": "Integration test of adding role owner.",
"metadata": "",
}
response = session.put(
"http://rbac-server:8000/api/users/{}/manager".format(user1_id),
json=manager_payload,
)
result = assert_api_success(response)
proposal_response = get_proposal_with_retry(session,
result["proposal_id"])
proposal = assert_api_success(proposal_response)
assert proposal["data"]["assigned_approver"][0] == user2_id
# Logging in as role owner
credentials_payload = {
"id": user2_payload["username"],
"password": user2_payload["password"],
}
log_in(session, credentials_payload)
# Approve proposal as role owner
approve_proposal(session, result["proposal_id"])
proposal_response = get_proposal_with_retry(session,
result["proposal_id"])
proposal = assert_api_success(proposal_response)
assert proposal["data"]["status"] == "CONFIRMED"
delete_user_by_username("testuser6")
delete_user_by_username("testuser7")
def test_update_manager_outqueue():
""" Creates a user and then updates their manager
Manager is the second user created here."""
user1_payload = {
"name": "Test User 0521201901",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
user2_payload = {
"name": "Test User 0521201902",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
with requests.Session() as session:
user1_response = create_test_user(session, user1_payload)
user1_result = assert_api_success(user1_response)
user1_id = user1_result["data"]["user"]["id"]
user2_response = create_test_user(session, user2_payload)
user2_result = assert_api_success(user2_response)
user2_id = user2_result["data"]["user"]["id"]
start_depth = get_outbound_queue_depth()
manager_payload = {
"id": user2_id,
"reason": "Integration test of adding role owner.",
"metadata": "",
}
response = session.put(
"http://rbac-server:8000/api/users/{}/manager".format(user1_id),
json=manager_payload,
)
result = assert_api_success(response)
proposal_response = get_proposal_with_retry(session,
result["proposal_id"])
proposal = assert_api_success(proposal_response)
# Logging in as role owner
credentials_payload = {
"id": user2_payload["username"],
"password": user2_payload["password"],
}
log_in(session, credentials_payload)
# Approve proposal as role owner
approval_response = approve_proposal(session, result["proposal_id"])
end_depth = get_outbound_queue_depth()
assert end_depth > start_depth
delete_user_by_username("test0521201901")
delete_user_by_username("test0521201902")
def test_update_manager_outqueue():
""" Creates a user and then updates their manager
Manager is the second user created here."""
# TODO: Rewrite this test after data gets sent to outbound_queue
# after a user has their manager updated.
user1_payload = {
"name": "Test User 0521201901",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
user2_payload = {
"name": "Test User 0521201902",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
with requests.Session() as session:
user1_response = create_test_user(session, user1_payload)
user1_result = assert_api_success(user1_response)
user1_id = user1_result["data"]["user"]["id"]
user2_response = create_test_user(session, user2_payload)
user2_result = assert_api_success(user2_response)
user2_id = user2_result["data"]["user"]["id"]
start_depth = get_outbound_queue_depth()
next_admins = {
"name": "NextAdmins",
"owners": [user2_id],
"administrators": [user2_id],
}
role_response = create_test_role(session, next_admins)
add_role_member(session,
role_response.json()["data"]["id"], {"id": user2_id})
manager_payload = {
"id": user2_id,
"reason": "Integration test of adding role owner.",
"metadata": "",
}
response = session.put(
"http://rbac-server:8000/api/users/{}/manager".format(user1_id),
json=manager_payload,
)
result = assert_api_success(response)
proposal_response = get_proposal_with_retry(session,
result["proposal_id"])
proposal = assert_api_success(proposal_response)
# Logging in as role owner
credentials_payload = {
"id": user2_payload["username"],
"password": user2_payload["password"],
}
log_in(session, credentials_payload)
# Approve proposal as role owner
approval_response = approve_proposal(session, result["proposal_id"])
end_depth = get_outbound_queue_depth()
assert end_depth > start_depth
# TODO: Add tests to check for UNCONFIRMED outbound_queue entry status
# when a user's manager gets updated.
delete_user_by_username("test0521201901")
delete_user_by_username("test0521201902")
delete_role_by_name("NextAdmins")
def test_add_role_owner_outqueue():
"""Test adding an owner to a role.
Creates two test users and a role with user1 as owner/admin,
then adds the second user as role owner."""
user1_payload = {
"name": "Test User 0521201903",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
user2_payload = {
"name": "Test User 0521201904",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
with requests.Session() as session:
user_response1 = create_test_user(session, user1_payload)
user1_result = assert_api_success(user_response1)
user1_id = user1_result["data"]["user"]["id"]
user2_response = create_test_user(session, user2_payload)
user2_result = assert_api_success(user2_response)
user2_id = user2_result["data"]["user"]["id"]
role_payload = {
"name": "TestRole0521201901",
"owners": user1_id,
"administrators": user1_id,
"description": "Test Role 1",
}
role_response = create_test_role(session, role_payload)
role_result = assert_api_success(role_response)
role_id = role_result["data"]["id"]
start_depth = get_outbound_queue_depth()
role_update_payload = {
"id": user2_id,
"reason": "Integration test of adding role owner.",
"metadata": "",
}
response = session.post(
"http://rbac-server:8000/api/roles/{}/owners".format(role_id),
json=role_update_payload,
)
result = assert_api_success(response)
proposal_response = get_proposal_with_retry(session,
result["proposal_id"])
proposal = assert_api_success(proposal_response)
# Logging in as role owner
credentials_payload = {
"id": user1_payload["username"],
"password": user1_payload["password"],
}
log_in(session, credentials_payload)
# Approve proposal as role owner
approval_response = approve_proposal(session, result["proposal_id"])
end_depth = get_outbound_queue_depth()
assert end_depth > start_depth
# Check status of new outbound_entry
role_entry = get_role("TestRole0521201901")
outbound_queue_data = prepare_outbound_queue_data(
role_entry[0], "role")
outbound_entry = get_outbound_queue_entry(outbound_queue_data)
assert outbound_entry[0]["status"] == "UNCONFIRMED"
delete_role_by_name("TestRole0521201901")
delete_user_by_username("test0521201903")
delete_user_by_username("test0521201904")
def test_add_role_owner():
"""Test adding an owner to a role.
Creates two test users and a role with user1 as owner/admin,
then adds the second user as role owner."""
user1_payload = {
"name": "Test User 3",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
user2_payload = {
"name": "Test User 4",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
with requests.Session() as session:
user_response1 = create_test_user(session, user1_payload)
user1_result = assert_api_success(user_response1)
user1_id = user1_result["data"]["user"]["id"]
user2_response = create_test_user(session, user2_payload)
user2_result = assert_api_success(user2_response)
user2_id = user2_result["data"]["user"]["id"]
role_payload = {
"name": "TestRole0501201902",
"owners": user1_id,
"administrators": user1_id,
"description": "Test Role 2",
}
role_response = create_test_role(session, role_payload)
role_result = assert_api_success(role_response)
role_id = role_result["data"]["id"]
role_update_payload = {
"id": user2_id,
"reason": "Integration test of adding role owner.",
"metadata": "",
}
response = session.post(
"http://rbac-server:8000/api/roles/{}/owners".format(role_id),
json=role_update_payload,
)
result = assert_api_success(response)
proposal_response = get_proposal_with_retry(session,
result["proposal_id"])
proposal = assert_api_success(proposal_response)
assert proposal["data"]["assigned_approver"][0] == user1_id
# Logging in as role owner
credentials_payload = {
"id": user1_payload["username"],
"password": user1_payload["password"],
}
log_in(session, credentials_payload)
# Approve proposal as role owner
approve_proposal(session, result["proposal_id"])
proposal_response = get_proposal_with_retry(session,
result["proposal_id"])
proposal = assert_api_success(proposal_response)
assert proposal["data"]["status"] == "CONFIRMED"
delete_role_by_name("TestRole0501201902")
delete_user_by_username("testuser3")
delete_user_by_username("testuser4")