def test_update_token_add_resource():
resource_id_1 = set_policy()
resource_id_2 = set_policy()
body = {}
body['request'] = [resource_id_1]
r = consumer.get_token(body)
assert r['success'] is True
assert r['status_code'] == 200
token = r['response']['token']
s = token.split("/")
uuid = s[3]
resources = []
r = consumer.view_tokens()
for tokens in r['response']:
if tokens['uuid'] == uuid:
resources = tokens['request']
for resource in resources:
assert resource_id_1 == resource['cat_id']
assert resource['status'] == 'active'
assert len(resources) == 1
body['request'] = [{
'token': uuid,
'resources': [resource_id_1, resource_id_2]
}]
r = consumer.update_token(body)
assert r['success'] is True
assert r['status_code'] == 200
resources = []
r = consumer.view_tokens()
for tokens in r['response']:
if tokens['uuid'] == uuid:
resources = tokens['request']
check = 0
for i in resources:
if i['cat_id'] == resource_id_1 and i['status'] == 'active':
check = check + 1
if i['cat_id'] == resource_id_2 and i['status'] == 'active':
check = check + 1
assert check == 2
def test_get_tokens_deleted_resource():
resource_id_1 = set_policy()
resource_id_2 = set_policy()
body = {}
body['request'] = [resource_id_1, resource_id_2]
r = consumer.get_token(body)
assert r['success'] is True
assert r['status_code'] == 200
token = r['response']['token']
s = token.split("/")
uuid = s[3]
body['request'] = [{'token': uuid, 'resources': [resource_id_2]}]
r = consumer.update_token(body)
assert r['success'] is True
assert r['status_code'] == 200
r = consumer.view_tokens()
resources = []
check = False
for tokens in r['response']:
if uuid == tokens['uuid']:
resources = tokens['request']
for i in resources:
if i['cat_id'] == resource_id_1:
assert i['status'] == 'deleted'
check = True
assert check is True
def test_delete_token_again():
resource_id = set_policy()
body = {}
body['request'] = [resource_id]
r = consumer.get_token(body)
assert r['success'] is True
assert r['status_code'] == 200
token = r['response']['token']
s = token.split("/")
uuid = s[3]
body = {'tokens': [uuid]}
r = consumer.delete_token(body)
assert r['success'] is True
assert r['status_code'] == 200
r = consumer.view_tokens()
for tokens in r['response']:
assert tokens['uuid'] != uuid
body = {'tokens': [uuid]}
r = consumer.delete_token(body)
assert r['success'] is False
assert r['status_code'] == 400
def test_delete_token_success():
resource_id_1 = set_policy()
resource_id_2 = set_policy()
body = {}
# get first token
body['request'] = [resource_id_1]
r = consumer.get_token(body)
assert r['success'] is True
assert r['status_code'] == 200
token = r['response']['token']
s = token.split("/")
uuid_1 = s[3]
# get second token
body['request'] = [resource_id_2]
r = consumer.get_token(body)
assert r['success'] is True
assert r['status_code'] == 200
token = r['response']['token']
s = token.split("/")
uuid_2 = s[3]
body = {'tokens': [uuid_1, uuid_2]}
r = consumer.delete_token(body)
assert r['success'] is True
assert r['status_code'] == 200
r = consumer.view_tokens()
for tokens in r['response']:
assert tokens['uuid'] != uuid_1
assert tokens['uuid'] != uuid_2
def test_get_valid_token_multiple_resources():
# test resource groups and resource items
resource_id_1 = set_policy()
resource_id_2 = set_policy() + '/item-1'
resource_id_3 = set_policy()
resource_id_4 = set_policy() + '/item-2'
resource_id_5 = set_policy() + '/item-5'
body = {}
body['request'] = [
resource_id_1, resource_id_2, resource_id_3, resource_id_4,
resource_id_5
]
r = consumer.get_token(body)
assert r['success'] is True
assert r['status_code'] == 200
token = r['response']['token']
s = token.split("/")
uuid = s[3]
resources = []
r = consumer.view_tokens()
for tokens in r['response']:
if tokens['uuid'] == uuid:
resources = tokens['request']
for resource in resources:
assert resource['cat_id'] in body['request']
def test_get_tokens_revoked_resource():
resource_id = set_policy()
body = {}
body['request'] = [resource_id]
r = consumer.get_token(body)
assert r['success'] is True
assert r['status_code'] == 200
token = r['response']['token']
s = token.split("/")
uuid = s[3]
access_id = -1
# find access ID and delete it
r = provider.get_provider_access()
assert r['success'] == True
assert r['status_code'] == 200
rules = r['response']
for r in rules:
if resource_id == r['item']['cat_id']:
access_id = r['id']
break
assert access_id != -1
r = provider.delete_rule([{'id': access_id}])
assert r['success'] == True
assert r['status_code'] == 200
r = consumer.view_tokens()
check = False
for tokens in r['response']:
if uuid == tokens['uuid']:
assert tokens['request'][0]['status'] == 'revoked'
check = True
assert check is True
def test_get_valid_token():
resource_id = set_policy()
body = {}
body['request'] = [resource_id]
r = consumer.get_token(body)
assert r['success'] is True
assert r['status_code'] == 200
token = r['response']['token']
s = token.split("/")
assert len(s) == 4
assert s[0] == 'auth.iudx.org.in'
uuid = s[3]
check = False
r = consumer.view_tokens()
for tokens in r['response']:
if tokens['uuid'] == uuid:
check = True
assert check is True
def test_different_provider_tokens():
resource_id = set_policy()
# let alt_provider set a policy
resource_id_alt = "iisc.ac.in/2052f450ac2dde345335fb18b82e21da92e3388c/rs.iudx.io/" + rand_rsg(
)
access_req = {
"user_email": email,
"user_role": 'consumer',
"item_id": resource_id_alt,
"item_type": "resourcegroup",
"capabilities": ["complex", "subscription", "temporal"]
}
r = alt_provider.provider_access([access_req])
assert r['success'] == True
assert r['status_code'] == 200
body = {}
body['request'] = [resource_id, resource_id_alt]
r = consumer.get_token(body)
assert r['success'] is True
assert r['status_code'] == 200
token = r['response']['token']
s = token.split("/")
uuid = s[3]
r = consumer.view_tokens()
check = False
for tokens in r['response']:
if uuid == tokens['uuid']:
assert len(tokens['request']) == 2
resources = [i['cat_id'] for i in tokens['request']]
assert set(resources) == set(body['request'])
check = True
assert check is True
def test_same_resource_same_user_diff_role():
# policy set for same resource for a user registered as consumer
# and data ingester. Getting a token for the resource will result
# in a token with '2' resources, one reflecting the consumer
# policy, the other for the ingester policy
resource_id = set_policy()
access_req = {
"user_email": email,
"user_role": 'data ingester',
"item_id": resource_id,
"item_type": "resourcegroup"
}
r = provider.provider_access([access_req])
assert r['success'] == True
assert r['status_code'] == 200
body = {}
body['request'] = [resource_id]
r = consumer.get_token(body)
assert r['success'] is True
assert r['status_code'] == 200
token = r['response']['token']
s = token.split("/")
uuid = s[3]
r = consumer.view_tokens()
check = False
for tokens in r['response']:
if uuid == tokens['uuid']:
assert len(tokens['request']) == 2
check = True
assert check is True
def test_get_tokens_expired_token():
resource_id = set_policy()
body = {}
body['request'] = [resource_id]
r = consumer.get_token(body)
assert r['success'] is True
assert r['status_code'] == 200
token = r['response']['token']
s = token.split("/")
uuid = s[3]
assert expire_token(uuid) is True
r = consumer.view_tokens()
check = False
for tokens in r['response']:
if uuid == tokens['uuid']:
assert tokens['status'] == 'expired'
check = True
assert check is True
def test_update_token_delete_and_undelete_resource():
resource_id_1 = set_policy()
resource_id_2 = set_policy()
body = {}
body['request'] = [resource_id_1, resource_id_2]
r = consumer.get_token(body)
assert r['success'] is True
assert r['status_code'] == 200
token = r['response']['token']
s = token.split("/")
uuid = s[3]
resources = []
r = consumer.view_tokens()
for tokens in r['response']:
if tokens['uuid'] == uuid:
resources = tokens['request']
assert len(resources) == 2
for i in resources:
assert i['status'] == 'active'
body['request'] = [{'token': uuid, 'resources': [resource_id_2]}]
r = consumer.update_token(body)
assert r['success'] is True
assert r['status_code'] == 200
assert resource_id_1 in r['response'][0]['deleted_resources']
assert resource_id_2 in r['response'][0]['active_resources']
resources = []
r = consumer.view_tokens()
for tokens in r['response']:
if tokens['uuid'] == uuid:
resources = tokens['request']
check = 0
for i in resources:
if i['cat_id'] == resource_id_1:
assert i['status'] == 'deleted'
check = check + 1
if i['cat_id'] == resource_id_2:
assert i['status'] == 'active'
check = check + 1
assert check == 2
# undelete the resource/add it again
body['request'] = [{
'token': uuid,
'resources': [resource_id_1, resource_id_2]
}]
r = consumer.update_token(body)
assert r['success'] is True
assert r['status_code'] == 200
assert len(r['response'][0]['deleted_resources']) == 0
resources = []
r = consumer.view_tokens()
for tokens in r['response']:
if tokens['uuid'] == uuid:
resources = tokens['request']
check = 0
for i in resources:
assert i['status'] == 'active'
