def test_user_change_password(client, sys_db): username = generate_username() password1 = generate_string() password2 = generate_string() sys_db.create_user(username, password1) sys_db.update_permission(username, 'rw', sys_db.name) db1 = client.db(sys_db.name, username, password1) db2 = client.db(sys_db.name, username, password2) # Check authentication assert isinstance(db1.properties(), dict) with assert_raises(DatabasePropertiesError) as err: db2.properties() assert err.value.http_code == 401 # Update the user password and check again sys_db.update_user(username, password2) assert isinstance(db2.properties(), dict) with assert_raises(DatabasePropertiesError) as err: db1.properties() assert err.value.http_code == 401 # Replace the user password back and check again sys_db.update_user(username, password1) assert isinstance(db1.properties(), dict) with assert_raises(DatabasePropertiesError) as err: db2.properties() assert err.value.http_code == 401
def test_user_create_with_new_database(client, sys_db, cluster): if cluster: pytest.skip("Not tested in a cluster setup") db_name = generate_db_name() username1 = generate_username() username2 = generate_username() username3 = generate_username() password1 = generate_string() password2 = generate_string() password3 = generate_string() result = sys_db.create_database( name=db_name, users=[ { "username": username1, "password": password1, "active": True }, { "username": username2, "password": password2, "active": True }, { "username": username3, "password": password3, "active": False }, ], ) assert result is True sys_db.update_permission(username1, permission="rw", database=db_name) sys_db.update_permission(username2, permission="rw", database=db_name) sys_db.update_permission(username3, permission="rw", database=db_name) # Test if the users were created properly usernames = extract("username", sys_db.users()) assert all(u in usernames for u in [username1, username2, username3]) # Test if the first user has access to the database db = client.db(db_name, username1, password1) db.properties() # Test if the second user also has access to the database db = client.db(db_name, username2, password2) db.properties() # Test if the third user has access to the database (should not) db = client.db(db_name, username3, password3) with assert_raises(DatabasePropertiesError) as err: db.properties() assert err.value.http_code == 401
def test_user_create_with_new_database(client, sys_db): db_name = generate_db_name() username1 = generate_username() username2 = generate_username() username3 = generate_username() password1 = generate_string() password2 = generate_string() password3 = generate_string() result = sys_db.create_database(name=db_name, users=[ { 'username': username1, 'password': password1, 'active': True }, { 'username': username2, 'password': password2, 'active': True }, { 'username': username3, 'password': password3, 'active': False }, ]) assert result is True sys_db.update_permission(username1, permission='rw', database=db_name) sys_db.update_permission(username2, permission='rw', database=db_name) sys_db.update_permission(username3, permission='rw', database=db_name) # Test if the users were created properly usernames = extract('username', sys_db.users()) assert all(u in usernames for u in [username1, username2, username3]) # Test if the first user has access to the database db = client.db(db_name, username1, password1) db.properties() # Test if the second user also has access to the database db = client.db(db_name, username2, password2) db.properties() # Test if the third user has access to the database (should not) db = client.db(db_name, username3, password3) with assert_raises(DatabasePropertiesError) as err: db.properties() assert err.value.http_code == 401
def test_transaction_wrapper_attributes(db, col, username): txn_db = db.begin_transaction(timeout=100, sync=True) assert txn_db._executor._sync is True assert txn_db._executor._timeout == 100 assert isinstance(txn_db, TransactionFabric) assert txn_db.username == username assert txn_db.context == 'transaction' assert txn_db.db_name == db.name assert txn_db.name == db.name assert repr(txn_db) == '<TransactionFabric {}>'.format(db.name) txn_col = txn_db.collection(col.name) assert txn_col.username == username assert txn_col.context == 'transaction' assert txn_col.db_name == db.name assert txn_col.name == col.name txn_c8ql = txn_db.c8ql assert txn_c8ql.username == username assert txn_c8ql.context == 'transaction' assert txn_c8ql.db_name == db.name job = txn_col.get(generate_string()) assert isinstance(job, TransactionJob) assert isinstance(job.id, string_types) assert repr(job) == '<TransactionJob {}>'.format(job.id)
def pytest_configure(config): client = C8Client(host=config.getoption('host'), port=config.getoption('port')) sys_fabric = client.fabric(name='_system', username='******', password=config.getoption('passwd')) # Create a user and non-system fabric for testing. username = generate_username() password = generate_string() tst_fabric_name = generate_fabric_name() bad_fabric_name = generate_fabric_name() sys_fabric.create_fabric(name=tst_fabric_name, users=[{ 'active': True, 'username': username, 'password': password, }]) tst_fabric = client.fabric(tst_fabric_name, username, password) bad_fabric = client.fabric(bad_fabric_name, username, password) # Create a standard collection for testing. col_name = generate_col_name() tst_col = tst_fabric.create_collection(col_name, edge=False) tst_col.add_skiplist_index(['val']) tst_col.add_fulltext_index(['text']) geo_index = tst_col.add_geo_index(['loc']) # Create a legacy edge collection for testing. lecol_name = generate_col_name() tst_fabric.create_collection(lecol_name, edge=True) # Create test vertex & edge collections and graph. graph_name = generate_graph_name() ecol_name = generate_col_name() fvcol_name = generate_col_name() tvcol_name = generate_col_name() tst_graph = tst_fabric.create_graph(graph_name) tst_graph.create_vertex_collection(fvcol_name) tst_graph.create_vertex_collection(tvcol_name) tst_graph.create_edge_definition(edge_collection=ecol_name, from_vertex_collections=[fvcol_name], to_vertex_collections=[tvcol_name]) global_data.update({ 'client': client, 'username': username, 'password': password, 'sys_fabric': sys_fabric, 'tst_fabric': tst_fabric, 'bad_fabric': bad_fabric, 'geo_index': geo_index, 'col_name': col_name, 'lecol_name': lecol_name, 'graph_name': graph_name, 'ecol_name': ecol_name, 'fvcol_name': fvcol_name, 'tvcol_name': tvcol_name, })
def test_user_create_with_new_database(client, sys_db): db_name = generate_db_name() username1 = generate_username() username2 = generate_username() username3 = generate_username() password1 = generate_string() password2 = generate_string() password3 = generate_string() result = sys_db.create_database( name=db_name, users=[ {'username': username1, 'password': password1, 'active': True}, {'username': username2, 'password': password2, 'active': True}, {'username': username3, 'password': password3, 'active': False}, ] ) assert result is True sys_db.update_permission(username1, permission='rw', database=db_name) sys_db.update_permission(username2, permission='rw', database=db_name) sys_db.update_permission(username3, permission='rw', database=db_name) # Test if the users were created properly usernames = extract('username', sys_db.users()) assert all(u in usernames for u in [username1, username2, username3]) # Test if the first user has access to the database db = client.db(db_name, username1, password1) db.properties() # Test if the second user also has access to the database db = client.db(db_name, username2, password2) db.properties() # Test if the third user has access to the database (should not) db = client.db(db_name, username3, password3) with assert_raises(DatabasePropertiesError) as err: db.properties() assert err.value.http_code == 401
def test_auth_jwt(client, db_name, username, password): db = client.db(name=db_name, username=username, password=password, verify=True, auth_method='jwt') assert isinstance(db.conn, JWTConnection) assert isinstance(db.version(), string_types) assert isinstance(db.properties(), dict) bad_password = generate_string() with assert_raises(JWTAuthError) as err: client.db(db_name, username, bad_password, auth_method='jwt') assert err.value.error_code == HTTP_UNAUTHORIZED
def test_pregel_management(db, graph, cluster): if cluster: pytest.skip("Not tested in a cluster setup") # Test create pregel job job_id = db.pregel.create_job( graph.name, "pagerank", store=False, max_gss=100, thread_count=1, async_mode=False, result_field="result", algorithm_params={"threshold": 0.000001}, ) assert isinstance(job_id, int) # Test create pregel job with unsupported algorithm with assert_raises(PregelJobCreateError) as err: db.pregel.create_job(graph.name, "invalid") assert err.value.error_code in {4, 10, 1600} # Test get existing pregel job job = db.pregel.job(job_id) assert isinstance(job["state"], str) assert isinstance(job["aggregators"], dict) assert isinstance(job["gss"], int) assert isinstance(job["received_count"], int) assert isinstance(job["send_count"], int) assert "total_runtime" in job # Test delete existing pregel job assert db.pregel.delete_job(job_id) is True time.sleep(0.2) with assert_raises(PregelJobGetError) as err: db.pregel.job(job_id) assert err.value.error_code in {4, 10, 1600} # Test delete missing pregel job with assert_raises(PregelJobDeleteError) as err: db.pregel.delete_job(generate_string()) assert err.value.error_code in {4, 10, 1600}
def test_client_bad_connection(db, username, password): client = ArangoClient(protocol='http', host='127.0.0.1', port=8529) bad_db_name = generate_db_name() bad_username = generate_username() bad_password = generate_string() # Test connection with bad username password with pytest.raises(ServerConnectionError): client.db(db.name, bad_username, bad_password, verify=True) # Test connection with missing database with pytest.raises(ServerConnectionError): client.db(bad_db_name, bad_username, bad_password, verify=True) # Test connection with invalid host URL client._url = 'http://127.0.0.1:8500' with pytest.raises(ServerConnectionError) as err: client.db(db.name, username, password, verify=True) assert 'bad connection' in str(err.value)
def test_client_bad_connection(db, username, password, cluster): client = ArangoClient(hosts="http://127.0.0.1:8529") bad_db_name = generate_db_name() bad_username = generate_username() bad_password = generate_string() if not cluster: # Test connection with bad username password with pytest.raises(ServerConnectionError): client.db(db.name, bad_username, bad_password, verify=True) # Test connection with missing database with pytest.raises(ServerConnectionError): client.db(bad_db_name, bad_username, bad_password, verify=True) # Test connection with invalid host URL client = ArangoClient(hosts="http://127.0.0.1:8500") with pytest.raises(ServerConnectionError) as err: client.db(db.name, username, password, verify=True) assert "bad connection" in str(err.value)
def test_pregel_management(db, graph): # Test create pregel job job_id = db.pregel.create_job( graph.name, 'pagerank', store=False, max_gss=100, thread_count=1, async_mode=False, result_field='result', algorithm_params={'threshold': 0.000001} ) assert isinstance(job_id, int) # Test create pregel job with unsupported algorithm with assert_raises(PregelJobCreateError) as err: db.pregel.create_job(graph.name, 'invalid') assert err.value.error_code in {4, 10} # Test get existing pregel job job = db.pregel.job(job_id) assert isinstance(job['state'], string_types) assert isinstance(job['aggregators'], dict) assert isinstance(job['gss'], int) assert isinstance(job['received_count'], int) assert isinstance(job['send_count'], int) assert isinstance(job['total_runtime'], float) # Test delete existing pregel job assert db.pregel.delete_job(job_id) is True with assert_raises(PregelJobGetError) as err: db.pregel.job(job_id) assert err.value.error_code in {4, 10} # Test delete missing pregel job with assert_raises(PregelJobDeleteError) as err: db.pregel.delete_job(generate_string()) assert err.value.error_code in {4, 10}
def test_pregel_management(db, graph): # Test create pregel job job_id = db.pregel.create_job(graph.name, 'pagerank', store=False, max_gss=100, thread_count=1, async_mode=False, result_field='result', algorithm_params={'threshold': 0.000001}) assert isinstance(job_id, int) # Test create pregel job with unsupported algorithm with assert_raises(PregelJobCreateError) as err: db.pregel.create_job(graph.name, 'invalid') assert err.value.error_code == 10 # Test get existing pregel job job = db.pregel.job(job_id) assert isinstance(job['state'], string_types) assert isinstance(job['aggregators'], dict) assert isinstance(job['gss'], int) assert isinstance(job['received_count'], int) assert isinstance(job['send_count'], int) assert isinstance(job['total_runtime'], float) # Test delete existing pregel job assert db.pregel.delete_job(job_id) is True with assert_raises(PregelJobGetError) as err: db.pregel.job(job_id) assert err.value.error_code == 10 # Test delete missing pregel job with assert_raises(PregelJobDeleteError) as err: db.pregel.delete_job(generate_string()) assert err.value.error_code == 10
def pytest_configure(config): client = ArangoClient( host=config.getoption('host'), port=config.getoption('port') ) sys_db = client.db( name='_system', username='******', password=config.getoption('passwd') ) # Create a user and non-system database for testing. username = generate_username() password = generate_string() tst_db_name = generate_db_name() bad_db_name = generate_db_name() sys_db.create_database( name=tst_db_name, users=[{ 'active': True, 'username': username, 'password': password, }] ) sys_db.update_permission( username=username, permission='rw', database=tst_db_name ) tst_db = client.db(tst_db_name, username, password) bad_db = client.db(bad_db_name, username, password) # Create a standard collection for testing. col_name = generate_col_name() tst_col = tst_db.create_collection(col_name, edge=False) tst_col.add_skiplist_index(['val']) tst_col.add_fulltext_index(['text']) geo_index = tst_col.add_geo_index(['loc']) # Create a legacy edge collection for testing. lecol_name = generate_col_name() tst_db.create_collection(lecol_name, edge=True) # Create test vertex & edge collections and graph. graph_name = generate_graph_name() ecol_name = generate_col_name() fvcol_name = generate_col_name() tvcol_name = generate_col_name() tst_graph = tst_db.create_graph(graph_name) tst_graph.create_vertex_collection(fvcol_name) tst_graph.create_vertex_collection(tvcol_name) tst_graph.create_edge_definition( edge_collection=ecol_name, from_vertex_collections=[fvcol_name], to_vertex_collections=[tvcol_name] ) global_data.update({ 'client': client, 'username': username, 'password': password, 'sys_db': sys_db, 'tst_db': tst_db, 'bad_db': bad_db, 'geo_index': geo_index, 'col_name': col_name, 'lecol_name': lecol_name, 'graph_name': graph_name, 'ecol_name': ecol_name, 'fvcol_name': fvcol_name, 'tvcol_name': tvcol_name, })
def test_user_management(sys_db, bad_db): # Test create user username = generate_username() password = generate_string() assert not sys_db.has_user(username) new_user = sys_db.create_user( username=username, password=password, active=True, extra={'foo': 'bar'}, ) assert new_user['username'] == username assert new_user['active'] is True assert new_user['extra'] == {'foo': 'bar'} assert sys_db.has_user(username) # Test create duplicate user with assert_raises(UserCreateError) as err: sys_db.create_user( username=username, password=password ) assert err.value.error_code == 1702 # Test list users for user in sys_db.users(): assert isinstance(user['username'], string_types) assert isinstance(user['active'], bool) assert isinstance(user['extra'], dict) assert sys_db.user(username) == new_user # Test list users with bad database with assert_raises(UserListError) as err: bad_db.users() assert err.value.error_code in {11, 1228} # Test get user users = sys_db.users() for user in users: assert 'active' in user assert 'extra' in user assert 'username' in user assert username in extract('username', sys_db.users()) # Test get missing user with assert_raises(UserGetError) as err: sys_db.user(generate_username()) assert err.value.error_code == 1703 # Update existing user new_user = sys_db.update_user( username=username, password=password, active=False, extra={'bar': 'baz'}, ) assert new_user['username'] == username assert new_user['active'] is False assert new_user['extra'] == {'bar': 'baz'} assert sys_db.user(username) == new_user # Update missing user with assert_raises(UserUpdateError) as err: sys_db.update_user( username=generate_username(), password=generate_string() ) assert err.value.error_code == 1703 # Replace existing user new_user = sys_db.replace_user( username=username, password=password, active=False, extra={'baz': 'qux'}, ) assert new_user['username'] == username assert new_user['active'] is False assert new_user['extra'] == {'baz': 'qux'} assert sys_db.user(username) == new_user # Replace missing user with assert_raises(UserReplaceError) as err: sys_db.replace_user( username=generate_username(), password=generate_string() ) assert err.value.error_code == 1703 # Delete an existing user assert sys_db.delete_user(username) is True # Delete a missing user with assert_raises(UserDeleteError) as err: sys_db.delete_user(username, ignore_missing=False) assert err.value.error_code == 1703 assert sys_db.delete_user(username, ignore_missing=True) is False
def test_user_management(sys_db, bad_db): # Test create user username = generate_username() password = generate_string() assert not sys_db.has_user(username) new_user = sys_db.create_user( username=username, password=password, active=True, extra={'foo': 'bar'}, ) assert new_user['username'] == username assert new_user['active'] is True assert new_user['extra'] == {'foo': 'bar'} assert sys_db.has_user(username) # Test create duplicate user with assert_raises(UserCreateError) as err: sys_db.create_user(username=username, password=password) assert err.value.error_code == 1702 # Test list users for user in sys_db.users(): assert isinstance(user['username'], string_types) assert isinstance(user['active'], bool) assert isinstance(user['extra'], dict) assert sys_db.user(username) == new_user # Test list users with bad fabric with assert_raises(UserListError) as err: bad_db.users() assert err.value.error_code == 1228 # Test get user users = sys_db.users() for user in users: assert 'active' in user assert 'extra' in user assert 'username' in user assert username in extract('username', sys_db.users()) # Test get missing user with assert_raises(UserGetError) as err: sys_db.user(generate_username()) assert err.value.error_code == 1703 # Update existing user new_user = sys_db.update_user( username=username, password=password, active=False, extra={'bar': 'baz'}, ) assert new_user['username'] == username assert new_user['active'] is False assert new_user['extra'] == {'bar': 'baz'} assert sys_db.user(username) == new_user # Update missing user with assert_raises(UserUpdateError) as err: sys_db.update_user(username=generate_username(), password=generate_string()) assert err.value.error_code == 1703 # Replace existing user new_user = sys_db.replace_user( username=username, password=password, active=False, extra={'baz': 'qux'}, ) assert new_user['username'] == username assert new_user['active'] is False assert new_user['extra'] == {'baz': 'qux'} assert sys_db.user(username) == new_user # Replace missing user with assert_raises(UserReplaceError) as err: sys_db.replace_user(username=generate_username(), password=generate_string()) assert err.value.error_code == 1703 # Delete an existing user assert sys_db.delete_user(username) is True # Delete a missing user with assert_raises(UserDeleteError) as err: sys_db.delete_user(username, ignore_missing=False) assert err.value.error_code == 1703 assert sys_db.delete_user(username, ignore_missing=True) is False
def pytest_configure(config): url = f"http://{config.getoption('host')}:{config.getoption('port')}" secret = config.getoption("secret") client = ArangoClient(hosts=[url, url, url]) sys_db = client.db( name="_system", username="******", password=config.getoption("passwd"), superuser_token=generate_jwt(secret), ) sys_db.version() # Create a user and non-system database for testing. username = generate_username() password = generate_string() tst_db_name = generate_db_name() bad_db_name = generate_db_name() sys_db.create_database( name=tst_db_name, users=[ { "active": True, "username": username, "password": password, } ], ) tst_db = client.db(tst_db_name, username, password) bad_db = client.db(bad_db_name, username, password) # Create a standard collection for testing. col_name = generate_col_name() tst_col = tst_db.create_collection(col_name, edge=False) tst_col.add_skiplist_index(["val"]) tst_col.add_fulltext_index(["text"]) geo_index = tst_col.add_geo_index(["loc"]) # Create a legacy edge collection for testing. icol_name = generate_col_name() tst_db.create_collection(icol_name, edge=True) # Create test vertex & edge collections and graph. graph_name = generate_graph_name() ecol_name = generate_col_name() fvcol_name = generate_col_name() tvcol_name = generate_col_name() tst_graph = tst_db.create_graph(graph_name) tst_graph.create_vertex_collection(fvcol_name) tst_graph.create_vertex_collection(tvcol_name) tst_graph.create_edge_definition( edge_collection=ecol_name, from_vertex_collections=[fvcol_name], to_vertex_collections=[tvcol_name], ) # Update global config global_data.url = url global_data.client = client global_data.username = username global_data.password = password global_data.db_name = tst_db_name global_data.sys_db = sys_db global_data.tst_db = tst_db global_data.bad_db = bad_db global_data.geo_index = geo_index global_data.col_name = col_name global_data.icol_name = icol_name global_data.graph_name = graph_name global_data.ecol_name = ecol_name global_data.fvcol_name = fvcol_name global_data.tvcol_name = tvcol_name global_data.cluster = config.getoption("cluster") global_data.complete = config.getoption("complete") global_data.replication = config.getoption("replication") global_data.enterprise = config.getoption("enterprise") global_data.secret = secret global_data.root_password = config.getoption("passwd")
def pytest_configure(config): url = 'http://{}:{}'.format( config.getoption('host'), config.getoption('port') ) client = ArangoClient(hosts=[url, url, url]) sys_db = client.db( name='_system', username='******', password=config.getoption('passwd') ) # Create a user and non-system database for testing. username = generate_username() password = generate_string() tst_db_name = generate_db_name() bad_db_name = generate_db_name() sys_db.create_database( name=tst_db_name, users=[{ 'active': True, 'username': username, 'password': password, }] ) # sys_db.update_permission( # username=username, # permission='rw', # database=tst_db_name # ) tst_db = client.db(tst_db_name, username, password) bad_db = client.db(bad_db_name, username, password) # Create a standard collection for testing. col_name = generate_col_name() tst_col = tst_db.create_collection(col_name, edge=False) tst_col.add_skiplist_index(['val']) tst_col.add_fulltext_index(['text']) geo_index = tst_col.add_geo_index(['loc']) # Create a legacy edge collection for testing. icol_name = generate_col_name() tst_db.create_collection(icol_name, edge=True) # Create test vertex & edge collections and graph. graph_name = generate_graph_name() ecol_name = generate_col_name() fvcol_name = generate_col_name() tvcol_name = generate_col_name() tst_graph = tst_db.create_graph(graph_name) tst_graph.create_vertex_collection(fvcol_name) tst_graph.create_vertex_collection(tvcol_name) tst_graph.create_edge_definition( edge_collection=ecol_name, from_vertex_collections=[fvcol_name], to_vertex_collections=[tvcol_name] ) # noinspection PyProtectedMember global_data.update({ 'url': url, 'client': client, 'username': username, 'password': password, 'sys_db': sys_db, 'tst_db': tst_db, 'bad_db': bad_db, 'geo_index': geo_index, 'col_name': col_name, 'icol_name': icol_name, 'graph_name': graph_name, 'ecol_name': ecol_name, 'fvcol_name': fvcol_name, 'tvcol_name': tvcol_name, 'cluster': config.getoption('cluster'), 'complete': config.getoption('complete'), 'replication': config.getoption('replication') })
generate_col_name, generate_string, generate_username, generate_graph_name, ) from tests.executors import (TestAsyncExecutor, TestBatchExecutor, TestTransactionExecutor) print('Setting up test ArangoDB client ...') _client = ArangoClient() _sys_db = _client.db('_system', 'root', 'passwd') print('Setting up test databases ...') _db_name = generate_db_name() _username = generate_username() _password = generate_string() _db_users = [{'username': _username, 'password': _password, 'active': True}] _sys_db.create_database(_db_name, _db_users) _db = _client.db(_db_name, _username, _password) _bad_db_name = generate_db_name() _bad_db = _client.db(_bad_db_name, '', '') print('Setting up test collections ...') _col_name = generate_col_name() _col = _db.create_collection(_col_name) _skiplist_index = _col.add_skiplist_index(['val']) _fulltext_index = _col.add_fulltext_index(['text']) _geo_index = _col.add_geo_index(['loc']) _bad_col = _bad_db.collection(_col_name) _lecol_name = generate_col_name() _lecol = _db.create_collection(_lecol_name, edge=True)
def test_user_management(sys_db, bad_db): # Test create user username = generate_username() password = generate_string() assert not sys_db.has_user(username) new_user = sys_db.create_user( username=username, password=password, active=True, extra={"foo": "bar"}, ) assert new_user["username"] == username assert new_user["active"] is True assert new_user["extra"] == {"foo": "bar"} assert sys_db.has_user(username) # Test create duplicate user with assert_raises(UserCreateError) as err: sys_db.create_user(username=username, password=password) assert err.value.error_code == 1702 # Test list users for user in sys_db.users(): assert isinstance(user["username"], str) assert isinstance(user["active"], bool) assert isinstance(user["extra"], dict) assert sys_db.user(username) == new_user # Test list users with bad database with assert_raises(UserListError) as err: bad_db.users() assert err.value.error_code in {11, 1228} # Test has user with bad database with assert_raises(UserListError) as err: bad_db.has_user(username) assert err.value.error_code in {11, 1228} # Test get user users = sys_db.users() for user in users: assert "active" in user assert "extra" in user assert "username" in user assert username in extract("username", sys_db.users()) # Test get missing user with assert_raises(UserGetError) as err: sys_db.user(generate_username()) assert err.value.error_code == 1703 # Update existing user new_user = sys_db.update_user( username=username, password=password, active=False, extra={"bar": "baz"}, ) assert new_user["username"] == username assert new_user["active"] is False assert new_user["extra"] == {"bar": "baz"} assert sys_db.user(username) == new_user # Update missing user with assert_raises(UserUpdateError) as err: sys_db.update_user(username=generate_username(), password=generate_string()) assert err.value.error_code == 1703 # Replace existing user new_user = sys_db.replace_user( username=username, password=password, active=False, extra={"baz": "qux"}, ) assert new_user["username"] == username assert new_user["active"] is False assert new_user["extra"] == {"baz": "qux"} assert sys_db.user(username) == new_user # Replace missing user with assert_raises(UserReplaceError) as err: sys_db.replace_user(username=generate_username(), password=generate_string()) assert err.value.error_code == 1703 # Delete an existing user assert sys_db.delete_user(username) is True # Delete a missing user with assert_raises(UserDeleteError) as err: sys_db.delete_user(username, ignore_missing=False) assert err.value.error_code == 1703 assert sys_db.delete_user(username, ignore_missing=True) is False
def test_permission_management(client, sys_db, bad_db, cluster): if cluster: pytest.skip("Not tested in a cluster setup") username = generate_username() password = generate_string() db_name = generate_db_name() col_name_1 = generate_col_name() col_name_2 = generate_col_name() sys_db.create_database( name=db_name, users=[{ "username": username, "password": password, "active": True }], ) db = client.db(db_name, username, password) assert isinstance(sys_db.permissions(username), dict) # Test list permissions with bad database with assert_raises(PermissionListError) as err: bad_db.permissions(username) assert err.value.error_code in {11, 1228} # Test get permission with bad database with assert_raises(PermissionGetError) as err: bad_db.permission(username, db_name) assert err.value.error_code in {11, 1228} # The user should not have read and write permissions assert sys_db.permission(username, db_name) == "rw" assert sys_db.permission(username, db_name, col_name_1) == "rw" # Test update permission (database level) with bad database with assert_raises(PermissionUpdateError): bad_db.update_permission(username, "ro", db_name) assert sys_db.permission(username, db_name) == "rw" # Test update permission (database level) to read only and verify access assert sys_db.update_permission(username, "ro", db_name) is True assert sys_db.permission(username, db_name) == "ro" with assert_raises(CollectionCreateError) as err: db.create_collection(col_name_2) assert err.value.http_code == 403 assert col_name_1 not in extract("name", db.collections()) assert col_name_2 not in extract("name", db.collections()) # Test reset permission (database level) with bad database with assert_raises(PermissionResetError) as err: bad_db.reset_permission(username, db_name) assert err.value.error_code in {11, 1228} assert sys_db.permission(username, db_name) == "ro" # Test reset permission (database level) and verify access assert sys_db.reset_permission(username, db_name) is True assert sys_db.permission(username, db_name) == "none" with assert_raises(CollectionCreateError) as err: db.create_collection(col_name_1) assert err.value.http_code == 401 with assert_raises(CollectionListError) as err: db.collections() assert err.value.http_code == 401 # Test update permission (database level) and verify access assert sys_db.update_permission(username, "rw", db_name) is True assert sys_db.permission(username, db_name, col_name_2) == "rw" assert db.create_collection(col_name_1) is not None assert db.create_collection(col_name_2) is not None assert col_name_1 in extract("name", db.collections()) assert col_name_2 in extract("name", db.collections()) col_1 = db.collection(col_name_1) col_2 = db.collection(col_name_2) # Verify that user has read and write access to both collections assert isinstance(col_1.properties(), dict) assert isinstance(col_1.insert({}), dict) assert isinstance(col_2.properties(), dict) assert isinstance(col_2.insert({}), dict) # Test update permission (collection level) to read only and verify access assert sys_db.update_permission(username, "ro", db_name, col_name_1) assert sys_db.permission(username, db_name, col_name_1) == "ro" assert isinstance(col_1.properties(), dict) with assert_raises(DocumentInsertError) as err: col_1.insert({}) assert err.value.http_code == 403 assert isinstance(col_2.properties(), dict) assert isinstance(col_2.insert({}), dict) # Test update permission (collection level) to none and verify access assert sys_db.update_permission(username, "none", db_name, col_name_1) assert sys_db.permission(username, db_name, col_name_1) == "none" with assert_raises(CollectionPropertiesError) as err: col_1.properties() assert err.value.http_code == 403 with assert_raises(DocumentInsertError) as err: col_1.insert({}) assert err.value.http_code == 403 assert isinstance(col_2.properties(), dict) assert isinstance(col_2.insert({}), dict) # Test reset permission (collection level) assert sys_db.reset_permission(username, db_name, col_name_1) is True assert sys_db.permission(username, db_name, col_name_1) == "rw" assert isinstance(col_1.properties(), dict) assert isinstance(col_1.insert({}), dict) assert isinstance(col_2.properties(), dict) assert isinstance(col_2.insert({}), dict)
def test_permission_management(client, sys_db, bad_db): username = generate_username() password = generate_string() db_name = generate_db_name() col_name_1 = generate_col_name() col_name_2 = generate_col_name() sys_db.create_database( name=db_name, users=[{ 'username': username, 'password': password, 'active': True }] ) db = client.db(db_name, username, password) assert isinstance(sys_db.permissions(username), dict) # Test list permissions with bad database with assert_raises(PermissionListError) as err: bad_db.permissions(username) assert err.value.error_code in {11, 1228} # Test get permission with bad database with assert_raises(PermissionGetError) as err: bad_db.permission(username, db_name) assert err.value.error_code in {11, 1228} # The user should not have read and write permissions assert sys_db.permission(username, db_name) == 'none' assert sys_db.permission(username, db_name, col_name_1) == 'none' with assert_raises(CollectionCreateError) as err: db.create_collection(col_name_1) assert err.value.http_code == 401 with assert_raises(CollectionListError) as err: db.collections() assert err.value.http_code == 401 # Test update permission (database level) with bad database with assert_raises(PermissionUpdateError): bad_db.update_permission(username, 'ro', db_name) assert sys_db.permission(username, db_name) == 'none' # Test update permission (database level) to read only and verify access assert sys_db.update_permission(username, 'ro', db_name) is True assert sys_db.permission(username, db_name) == 'ro' with assert_raises(CollectionCreateError) as err: db.create_collection(col_name_2) assert err.value.http_code == 403 assert col_name_1 not in extract('name', db.collections()) assert col_name_2 not in extract('name', db.collections()) # Test reset permission (database level) with bad database with assert_raises(PermissionResetError) as err: bad_db.reset_permission(username, db_name) assert err.value.error_code in {11, 1228} assert sys_db.permission(username, db_name) == 'ro' # Test reset permission (database level) and verify access assert sys_db.reset_permission(username, db_name) is True assert sys_db.permission(username, db_name) == 'none' with assert_raises(CollectionCreateError) as err: db.create_collection(col_name_1) assert err.value.http_code == 401 with assert_raises(CollectionListError) as err: db.collections() assert err.value.http_code == 401 # Test update permission (database level) and verify access assert sys_db.update_permission(username, 'rw', db_name) is True assert sys_db.permission(username, db_name, col_name_2) == 'rw' assert db.create_collection(col_name_1) is not None assert db.create_collection(col_name_2) is not None assert col_name_1 in extract('name', db.collections()) assert col_name_2 in extract('name', db.collections()) col_1 = db.collection(col_name_1) col_2 = db.collection(col_name_2) # Verify that user has read and write access to both collections assert isinstance(col_1.properties(), dict) assert isinstance(col_1.insert({}), dict) assert isinstance(col_2.properties(), dict) assert isinstance(col_2.insert({}), dict) # Test update permission (collection level) to read only and verify access assert sys_db.update_permission(username, 'ro', db_name, col_name_1) assert sys_db.permission(username, db_name, col_name_1) == 'ro' assert isinstance(col_1.properties(), dict) with assert_raises(DocumentInsertError) as err: col_1.insert({}) assert err.value.http_code == 403 assert isinstance(col_2.properties(), dict) assert isinstance(col_2.insert({}), dict) # Test update permission (collection level) to none and verify access assert sys_db.update_permission(username, 'none', db_name, col_name_1) assert sys_db.permission(username, db_name, col_name_1) == 'none' with assert_raises(CollectionPropertiesError) as err: col_1.properties() assert err.value.http_code == 403 with assert_raises(DocumentInsertError) as err: col_1.insert({}) assert err.value.http_code == 403 assert isinstance(col_2.properties(), dict) assert isinstance(col_2.insert({}), dict) # Test reset permission (collection level) assert sys_db.reset_permission(username, db_name, col_name_1) is True assert sys_db.permission(username, db_name, col_name_1) == 'rw' assert isinstance(col_1.properties(), dict) assert isinstance(col_1.insert({}), dict) assert isinstance(col_2.properties(), dict) assert isinstance(col_2.insert({}), dict)