def test_create_with_invalid_permissions(self):
permissions = ["invalid_permission"]
role = Role(name="test_role", permissions=permissions)
with pytest.raises(ValidationError):
role.save()
def test_patch_add_role(self, http_client, base_url, mongo_principal,
mongo_role):
mongo_role.save()
mongo_principal.save()
new_role = Role(name="new_role",
description="Some desc",
roles=[],
permissions=["bg-all"])
new_role.save()
body = PatchOperation(operation="add", path="/roles", value="new_role")
url = base_url + "/api/v1/users/" + str(mongo_principal.id)
request = HTTPRequest(
url,
method="PATCH",
headers={"content-type": "application/json"},
body=SchemaParser.serialize_patch(body),
)
response = yield http_client.fetch(request, raise_error=False)
assert response.code == 200
updated = SchemaParser.parse_principal(response.body.decode("utf-8"),
from_string=True)
assert len(updated.roles) == 2
def test_create_with_valid_permissions(self):
permissions = [
Permissions.REQUEST_READ.value, Permissions.REQUEST_CREATE.value
]
role = Role(name="test_role", permissions=permissions)
role.save()
assert Role.objects.filter(name="test_role").count() == 1
def sync_roles(role_sync_data: list):
"""Syncs the Roles in the database with a provided role list.
Args:
role_sync_data: A list of dictionaries containing role data. See RoleSyncSchema
for the expected format.
Returns:
None
"""
roles = RoleSyncSchema(strict=True).load(role_sync_data, many=True).data
_delete_roles_not_in_list(roles)
for role in roles:
try:
role_obj = Role.objects.get(name=role["name"])
role_obj.description = role["description"]
role_obj.permissions = role["permissions"]
except DoesNotExist:
role_obj = Role(**role)
role_obj.save()