def test_group_disable(session, groups, http_client, base_url):
# create global audit
fe_url = url(base_url, '/audits/create')
ends_at = date.today() + timedelta(days=7)
resp = yield http_client.fetch(fe_url, method="POST",
headers={"X-Grouper-User": "******"},
body=urlencode({"ends_at": ends_at.strftime("%m/%d/%Y")}))
assert resp.code == 200
serving_team, just_created = Group.get_or_create(session, groupname="serving-team")
assert not just_created
assert serving_team.audit
assert not serving_team.audit.complete
# disable with insufficient permissions
fe_url = url(base_url, '/groups/serving-team/disable')
with pytest.raises(HTTPError):
resp = yield http_client.fetch(fe_url, method="POST",
headers={"X-Grouper-User": "******"}, body=urlencode({"name": "serving-team"}))
# disable
fe_url = url(base_url, '/groups/serving-team/disable')
resp = yield http_client.fetch(fe_url, method="POST",
headers={"X-Grouper-User": "******"}, body=urlencode({"name": "serving-team"}))
assert resp.code == 200
serving_team, just_created = Group.get_or_create(session, groupname="serving-team")
assert not just_created
assert serving_team.audit
assert serving_team.audit.complete, "disabling group should complete any outstanding audit"
def run(self, session, **kwargs):
if kwargs.get('group'):
Group.get_or_create(session, groupname=groupname)
session.commit()
elif kwargs.get('key') == 'valuewith=':
User.get_or_create(session, username=other_username)
session.commit()
else:
User.get_or_create(session, username=username)
session.commit()
def run(self, session, **kwargs):
if kwargs.get('group'):
Group.get_or_create(session, groupname=groupname)
session.commit()
elif kwargs.get('key') == 'valuewith=':
User.get_or_create(session, username=other_username)
session.commit()
else:
User.get_or_create(session, username=username)
session.commit()
def groups(session):
groups = {
groupname: Group.get_or_create(session, groupname=groupname)[0]
for groupname in ("team-sre", "tech-ops", "team-infra", "all-teams", "serving-team",
"security-team", "auditors", "sad-team", "audited-team")
}
session.commit()
return groups
def groups(session):
groups = {
groupname: Group.get_or_create(session, groupname=groupname)[0]
for groupname in ("team-sre", "tech-ops", "team-infra", "all-teams",
"serving-team", "security-team", "auditors",
"sad-team", "audited-team", "user-admins")
}
session.commit()
return groups
def test_group_disable(session, groups, http_client, base_url):
# create global audit
fe_url = url(base_url, '/audits/create')
ends_at = date.today() + timedelta(days=7)
resp = yield http_client.fetch(
fe_url,
method="POST",
headers={"X-Grouper-User": "******"},
body=urlencode({"ends_at": ends_at.strftime("%m/%d/%Y")}))
assert resp.code == 200
serving_team, just_created = Group.get_or_create(session,
groupname="serving-team")
assert not just_created
assert serving_team.audit
assert not serving_team.audit.complete
# disable with insufficient permissions
fe_url = url(base_url, '/groups/serving-team/disable')
with pytest.raises(HTTPError):
resp = yield http_client.fetch(fe_url,
method="POST",
headers={"X-Grouper-User": "******"},
body=urlencode({"name":
"serving-team"}))
# disable
fe_url = url(base_url, '/groups/serving-team/disable')
resp = yield http_client.fetch(fe_url,
method="POST",
headers={"X-Grouper-User": "******"},
body=urlencode({"name": "serving-team"}))
assert resp.code == 200
serving_team, just_created = Group.get_or_create(session,
groupname="serving-team")
assert not just_created
assert serving_team.audit
assert serving_team.audit.complete, "disabling group should complete any outstanding audit"