def test_empty_sync_map(mocker):
from ldap2pg.manager import SyncManager, RoleSet
manager = SyncManager(
inspector=mocker.Mock(name='inspector'),
psql=mocker.Mock(name='psql'),
)
manager.inspector.fetch_me.return_value = 'me', True
manager.inspector.fetch_roles_blacklist.return_value = []
manager.inspector.fetch_roles.return_value = [], RoleSet(), RoleSet()
manager.inspector.filter_roles.return_value = RoleSet(), RoleSet()
manager.psql.run_queries.return_value = 0
manager.sync([])
def test_sync(mocker):
diff = mocker.patch('ldap2pg.manager.SyncManager.diff')
from ldap2pg.manager import SyncManager
psql = mocker.MagicMock()
cursor = psql.return_value.__enter__.return_value
manager = SyncManager(psql=psql)
# Simple diff with one query
diff.return_value = qry = [mocker.Mock(name='qry', args=(), message='hop')]
qry[0].expand.return_value = [qry[0]]
sync_kw = dict(
databases=['postgres', 'template1'],
pgroles=set(), pgacls=set(), ldaproles=set(), ldapacls=set(),
)
# Dry run
manager.dry = True
# No mapping, we're just testing query loop
manager.sync(**sync_kw)
assert cursor.called is False
# Real mode
manager.dry = False
manager.sync(**sync_kw)
assert cursor.called is True
# Nothing to do
diff.return_value = []
manager.dry = False
manager.sync(**sync_kw)
assert cursor.called is True
def test_sync_sql_error(mocker):
diff = mocker.patch('ldap2pg.manager.SyncManager.diff')
from ldap2pg.manager import SyncManager
psql = mocker.MagicMock()
cursor = psql.return_value.__enter__.return_value
cursor.side_effect = Exception()
manager = SyncManager(psql=psql)
# Simple diff with one query
diff.return_value = qry = [mocker.Mock(name='qry', args=())]
qry[0].expand.return_value = [qry[0]]
sync_kw = dict(
databases=['postgres', 'template1'],
pgroles=set(), pgacls=set(), ldaproles=set(), ldapacls=set(),
)
manager.dry = False
with pytest.raises(Exception):
manager.sync(**sync_kw)
assert cursor.called is True
def test_sync(mocker):
from ldap2pg.manager import RoleOptions
mod = 'ldap2pg.manager'
mocker.patch(
mod + '.RoleOptions.SUPPORTED_COLUMNS',
RoleOptions.SUPPORTED_COLUMNS[:],
)
cls = mod + '.SyncManager'
il = mocker.patch(cls + '.inspect_ldap', autospec=True)
mocker.patch(cls + '.postprocess_acl', autospec=True)
from ldap2pg.manager import SyncManager, UserError
psql = mocker.Mock(name='psql')
inspector = mocker.Mock(name='inspector')
manager = SyncManager(psql=psql, inspector=inspector)
inspector.fetch_me.return_value = ('postgres', False)
inspector.roles_blacklist = ['pg_*']
inspector.fetch_roles.return_value = (['postgres'], set(), set())
pgroles = mocker.Mock(name='pgroles')
# Simple diff with one query
pgroles.diff.return_value = qry = [
mocker.Mock(name='qry', args=(), message='hop')]
inspector.filter_roles.return_value = set(), pgroles
il.return_value = (mocker.Mock(name='ldaproles'), set())
qry[0].expand.return_value = [qry[0]]
inspector.fetch_schemas.return_value = dict(postgres=dict(ns=['owner']))
inspector.fetch_grants.return_value = pgacl = mocker.Mock(name='pgacl')
pgacl.diff.return_value = []
# No privileges to sync, one query
psql.dry = False
psql.run_queries.return_value = 1
count = manager.sync(syncmap=[])
assert pgroles.diff.called is True
assert pgacl.diff.called is False
assert 1 == count
# With privileges
manager.privileges = dict(ro=mocker.Mock(name='ro'))
count = manager.sync(syncmap=[])
assert pgroles.diff.called is True
assert pgacl.diff.called is True
assert 2 == count
# Dry run with roles and ACL
manager.psql.dry = True
manager.sync(syncmap=[])
# Nothing to do
psql.run_queries.return_value = 0
count = manager.sync(syncmap=[])
assert 0 == count
# resolve_membership failure
il.return_value[0].resolve_membership.side_effect = ValueError()
with pytest.raises(UserError):
manager.sync(syncmap=[])