def test_create_accprov_with_roles(self):
providerName = "provider_with_roles"
issuerName = "issuer_%s" % (self._randStr())
fullUri = "https: //$%s.auth0.com" % (self._randStr(4))
roleOneName = "role_one_%s" % (self._randStr(4))
roleTwoName = "role_two_%s" % (self._randStr(4))
self.admin_client.query(
query.create_role({
"name":
roleOneName,
"privileges": [
{
"resource": query.databases(),
"actions": {
"read": True
},
},
],
}))
self.admin_client.query(
query.create_role({
"name":
roleTwoName,
"privileges": [
{
"resource": query.databases(),
"actions": {
"read": True
},
},
],
}))
provider = self.admin_client.query(
query.create_access_provider({
"name":
providerName,
"issuer":
issuerName,
"jwks_uri":
fullUri,
"roles": [
query.role(roleOneName),
{
"role": query.role(roleTwoName),
"predicate": query.query(query.lambda_("x", True)),
},
],
}))
self.assertEqual(provider["name"], providerName)
self.assertEqual(provider["issuer"], issuerName)
self.assertEqual(provider["jwks_uri"], fullUri)
self.assertTrue(isinstance(provider["roles"], list))
def test_create_role(self):
self.admin_client.query(query.create_role({
"name": "a_role",
"privileges": {
"resource": query.collections(),
"actions": {"read": True}
}
}))
self.assertTrue(self.admin_client.query(query.exists(query.role("a_role"))))
def create_or_update_role(client, payload={}):
try:
response = client.query(q.create_role(payload))
except BadRequest as err:
if str(err) == 'Role already exists.':
role_name = payload.pop("name")
response = client.query(q.update(q.role(role_name), payload))
else:
raise err
return response
def test_nested_references(self):
client1 = self.create_new_database(self.admin_client,
"parent-database")
client2 = self.create_new_database(client1, "child-database")
client2.query(query.create_collection({"name": "a_collection"}))
client2.query(
query.create_role({
"name": "a_role",
"privileges": {
"resource": query.collections(),
"actions": {
"read": True
}
}
}))
nested_database_ref = query.database("child-database",
query.database("parent-database"))
nested_collection_ref = query.collection("a_collection",
nested_database_ref)
nested_role_ref = query.role("a_role", nested_database_ref)
self.assertEqual(
self.admin_client.query(query.exists(nested_collection_ref)), True)
self.assertEqual(
self.admin_client.query(query.exists(nested_role_ref)), True)
parent_db_ref = Ref("parent-database", Native.DATABASES)
child_db_ref = Ref("child-database", Native.DATABASES, parent_db_ref)
self.assertEqual(
self.admin_client.query(
query.paginate(
query.collections(nested_database_ref)))["data"],
[Ref("a_collection", Native.COLLECTIONS, child_db_ref)])
self.assertEqual(
self.admin_client.query(
query.paginate(query.roles(nested_database_ref)))["data"],
[Ref("a_role", Native.ROLES, child_db_ref)])
def test_role(self):
self.assertJson(query.role("role-name"), '{"role":"role-name"}')
def test_role(self):
self.assertEqual(self._q(query.role("role-name")),
Ref("role-name", Native.ROLES))