def test_diff_not_rename(): from ldap2pg.role import Role, RoleSet pgmanagedroles = RoleSet() pgallroles = pgmanagedroles.union({ Role('ambigue_from'), Role('AMBIGUE_FROM'), Role('Ambigue_To'), Role('bothmin'), Role('BothMix'), }) ldaproles = RoleSet([ Role('Ambigue_From'), Role('ambigue_to'), Role('AMBIGUE_TO'), Role('bothmin'), Role('Bothmin'), Role('BothMix'), Role('bothmix'), ]) queries = [q.args[0] for q in pgmanagedroles.diff(ldaproles, pgallroles)] assert not fnfilter(queries, '* RENAME TO *') assert fnfilter(queries, '*CREATE ROLE "Ambigue_From"*') assert fnfilter(queries, '*CREATE ROLE "ambigue_to"*') assert fnfilter(queries, '*CREATE ROLE "AMBIGUE_TO"*')
def test_diff(): from ldap2pg.role import Role, RoleSet pgmanagedroles = RoleSet([ Role('drop-me'), Role('alter-me', members=['rename-me']), Role('nothing'), Role('public'), Role('rename-me'), ]) pgallroles = pgmanagedroles.union({ Role('reuse-me'), Role('dont-touch-me'), }) ldaproles = RoleSet([ Role('reuse-me'), Role('alter-me', options=dict(LOGIN=True), members=['Rename-Me']), Role('nothing'), Role('create-me'), Role('Rename-Me'), ]) queries = [q.args[0] for q in pgmanagedroles.diff(ldaproles, pgallroles)] assert fnfilter(queries, 'ALTER ROLE "alter-me" WITH* LOGIN*;') assert fnfilter(queries, 'CREATE ROLE "create-me" *;') assert fnfilter(queries, '*DROP ROLE "drop-me";*') assert not fnfilter(queries, 'CREATE ROLE "reuse-me" *') assert not fnfilter(queries, '*nothing*') assert not fnfilter(queries, '*dont-touch-me*') assert not fnfilter(queries, '*public*')
def test_resolve_membership(): from ldap2pg.role import RoleSet, Role alice = Role('alice') bob = Role('bob', members=['oscar']) oscar = Role('oscar', parents=['alice', 'bob']) roles = RoleSet([alice, bob, oscar]) roles.resolve_membership() assert not oscar.parents assert 'oscar' in alice.members
def test_diff_rename_members(): from ldap2pg.role import Role, RoleSet pgmanagedroles = RoleSet() pgallroles = pgmanagedroles.union({ Role('parent', members=['min2mix', 'min2min']), Role('min2mix'), Role('min2min'), }) ldaproles = RoleSet([ Role('parent', members=['Min2Mix', 'min2min']), Role('Min2Mix'), Role('min2min'), ]) queries = [q.args[0] for q in pgmanagedroles.diff(ldaproles, pgallroles)] # Don't modify membership. assert not fnfilter(queries, '*GRANT*') assert not fnfilter(queries, '*REVOKE*')
def test_diff_rename(): from ldap2pg.role import Role, RoleSet pgmanagedroles = RoleSet([ Role('min2min'), Role('min2mix'), Role('min2maj'), ]) pgallroles = pgmanagedroles.union({ Role('Mix2Min'), Role('Mix2Mix'), Role('Mix2Maj'), Role('MAJ2MIN'), Role('MAJ2MIX'), Role('MAJ2MAJ'), }) ldaproles = RoleSet([ Role('min2min'), Role('Min2Mix'), Role('MIN2MAJ'), Role('mix2min'), Role('Mix2Mix'), Role('MIX2MAJ'), Role('maj2min'), Role('Maj2Mix'), Role('MAJ2MAJ'), ]) queries = [q.args[0] for q in pgmanagedroles.diff(ldaproles, pgallroles)] assert fnfilter(queries, '*"MAJ2MIX" RENAME TO "Maj2Mix";') assert fnfilter(queries, '*"MAJ2MIN" RENAME TO "maj2min";') assert fnfilter(queries, '*"min2mix" RENAME TO "Min2Mix";') assert fnfilter(queries, '*"min2maj" RENAME TO "MIN2MAJ";') assert fnfilter(queries, '*"Mix2Maj" RENAME TO "MIX2MAJ";') assert fnfilter(queries, '*"Mix2Min" RENAME TO "mix2min";') assert not fnfilter(queries, '*CREATE ROLE*')
def test_resolve_membership(): from ldap2pg.role import RoleSet, Role alice = Role('alice') bob = Role('bob', members=['oscar']) oscar = Role('oscar', parents=['alice', 'bob']) roles = RoleSet([alice, bob, oscar]) roles.resolve_membership() assert not oscar.parents assert 'oscar' in alice.members alice.parents = ['unknown'] with pytest.raises(ValueError): roles.resolve_membership()
def test_flatten(): from ldap2pg.role import RoleSet, Role roles = RoleSet() roles.add(Role('parent0', members=['child0', 'child1'])) roles.add(Role('parent1', members=['child2', 'child3'])) roles.add(Role('parent2', members=['child4'])) roles.add(Role('child0', members=['subchild0'])) roles.add(Role('child1', members=['subchild1', 'subchild2'])) roles.add(Role('child2', members=['outer0'])) roles.add(Role('child3')) roles.add(Role('child4')) roles.add(Role('subchild0')) roles.add(Role('subchild1')) roles.add(Role('subchild2')) order = list(roles.flatten()) wanted = [ 'subchild0', 'child0', 'subchild1', 'subchild2', 'child1', 'child2', 'child3', 'child4', 'parent0', 'parent1', 'parent2', ] assert wanted == order