def test_update_node_normal_user(client: TestClient,
superuser_token_headers: dict,
db: Session) -> None:
"""Successfully update a node as a normal user"""
setup = node_permission_setup(
db,
node_type="test_update_node_normal_user",
permission_type=PermissionTypeEnum.update,
permission_enabled=True,
)
data = {
"node_type": "updated_test_node",
"name": random_lower_string(),
}
user_token_headers = authentication_token_from_email(
client=client, email=setup["user"].email, db=db)
response = client.put(
f"{settings.API_V1_STR}/nodes/{setup['node'].id}",
headers=user_token_headers,
json=data,
)
assert response.status_code == 200
content = response.json()
assert content["node_type"] == data["node_type"]
assert content["name"] == data["name"]
assert content["is_active"] == setup["node"].is_active
assert content["parent_id"] == setup["node"].parent_id
assert content["depth"] == 0
assert "id" in content
assert "created_at" in content
assert "updated_at" in content
assert "created_by_id" in content
assert "updated_by_id" in content
def test_update_node_fail_user_no_permission(client: TestClient,
superuser_token_headers: dict,
db: Session) -> None:
"""Fails if the user doesn't have update permissions on the target node"""
setup = node_permission_setup(
db,
node_type="test_update_node_fail_user_no_permission",
permission_type=PermissionTypeEnum.update,
permission_enabled=False,
)
user_token_headers = authentication_token_from_email(
client=client, email=setup["user"].email, db=db)
data = {"name": "no matter"}
response = client.put(
f"{settings.API_V1_STR}/nodes/{setup['node'].id}",
headers=user_token_headers,
json=data,
)
assert response.status_code == 403
content = response.json()
assert content["detail"] == (
f"User ID {setup['user'].id} does not have "
f"{setup['permission'].permission_type} permissions for "
f"{setup['permission'].resource_type} ID {setup['node'].id}")
def test_read_node_normal_user(client: TestClient,
superuser_token_headers: dict,
db: Session) -> None:
"""Successfully read a node with permissions"""
setup = node_permission_setup(
db,
node_type="test_read_node_normal_user",
permission_type=PermissionTypeEnum.read,
permission_enabled=True,
)
user_token_headers = authentication_token_from_email(
client=client, email=setup["user"].email, db=db)
response = client.get(
f"{settings.API_V1_STR}/nodes/{setup['node'].id}",
headers=user_token_headers,
)
assert response.status_code == 200
content = response.json()
assert content["node_type"] == setup["node"].node_type
assert content["name"] == setup["node"].name
assert content["is_active"]
assert content["depth"] == 0
assert "id" in content
assert "parent_id" in content
assert "created_at" in content
assert "updated_at" in content
assert "created_by_id" in content
assert "updated_by_id" in content
def test_create_node_fail_permission_false(client: TestClient,
superuser_token_headers: dict,
db: Session) -> None:
"""Node creation fails when user has a permission not enabled for node parent"""
setup = node_permission_setup(
db,
node_type="test_create_node_fail_permission_false",
permission_type=PermissionTypeEnum.create,
permission_enabled=False,
)
user_token_headers = authentication_token_from_email(
client=client, email=setup["user"].email, db=db)
data = {
"node_type": "test_create_node",
"name": random_lower_string(),
"is_active": True,
"parent_id": setup["node"].id,
}
response = client.post(
f"{settings.API_V1_STR}/nodes/",
headers=user_token_headers,
json=data,
)
assert response.status_code == 403
content = response.json()
assert content[
"detail"] == "User does not have permission to create this node"
def test_get_node_with_children_normal_user_fail_no_permission(
client: TestClient, db: Session) -> None:
"""Fail if the user doesn't have read permissions on the node"""
setup = node_permission_setup(
db,
node_type="test",
permission_type=PermissionTypeEnum.read,
permission_enabled=False,
)
node = setup["node"]
user = setup["user"]
user_token_headers = authentication_token_from_email(client=client,
email=user.email,
db=db)
response = client.get(
f"{settings.API_V1_STR}/nodes/{node.id}/children",
headers=user_token_headers,
)
content = response.json()
assert response.status_code == 403
assert content["detail"] == (
f"User ID {user.id} does not have "
f"{setup['permission'].permission_type} permissions for "
f"{setup['permission'].resource_type} ID {node.id}")
def test_get_node_with_children_normal_user(client: TestClient,
db: Session) -> None:
"""Successfully get a node with children listing"""
setup = node_permission_setup(
db,
node_type="test",
permission_type=PermissionTypeEnum.read,
permission_enabled=True,
)
node = setup["node"]
user = setup["user"]
user_group = setup["user_group"]
user_token_headers = authentication_token_from_email(client=client,
email=user.email,
db=db)
response = client.get(
f"{settings.API_V1_STR}/nodes/{node.id}/children",
headers=user_token_headers,
)
content = response.json()
assert response.status_code == 200
for child in content:
if child["child_type"] == "user_group":
assert child["child_id"] == user_group.id
def test_read_node_fail_node_no_permission(client: TestClient,
superuser_token_headers: dict,
db: Session) -> None:
"""Fails if the user has no read permission on the node"""
setup = node_permission_setup(
db,
node_type="test_read_node_fail_node_no_permission",
permission_type=PermissionTypeEnum.read,
permission_enabled=False,
)
user_token_headers = authentication_token_from_email(
client=client, email=setup["user"].email, db=db)
response = client.get(
f"{settings.API_V1_STR}/nodes/{setup['node'].id}",
headers=user_token_headers,
)
assert response.status_code == 403
content = response.json()
assert content["detail"] == (f"User ID {setup['user'].id} does not have "
f"read permissions for "
f"node ID {setup['node'].id}")
