def test_request_kwargs(service_account_response): # noqa: F811
# type: (Dict[Text, Any]) -> None
mock_fetch = Mock()
resp = Mock()
resp.body = json.dumps(service_account_response)
def check_request_obj(request):
# type: (HTTPRequest) -> Mock
assert request.user_agent == "a string"
assert request.follow_redirects is False
return resp
mock_fetch.side_effect = check_request_obj
with patch.object(HTTPClient, "fetch", mock_fetch):
# Confirm basic HTTPRequest construction with kwargs works
http_req_kwargs = {"user_agent": "a string", "follow_redirects": False}
client = Groupy(["localhost:8000"], request_kwargs=http_req_kwargs)
client.users.get("*****@*****.**")
assert mock_fetch.call_count == 1
# Confirm overwriting kwargs in individual _fetch calls works
with pytest.raises(AssertionError):
client._fetch("/some/path", user_agent="a different string")
assert mock_fetch.call_count == 2
def test_user_metadata(tmpdir, setup):
# type: (LocalPath, SetupTest) -> None
with setup.transaction():
setup.create_user("*****@*****.**")
setup.add_public_key_to_user(SSH_KEY_1, "*****@*****.**")
setup.add_public_key_to_user(SSH_KEY_2, "*****@*****.**")
setup.add_metadata_to_user("some-key", "some-value", "*****@*****.**")
setup.create_user("*****@*****.**")
setup.add_metadata_to_user("github_username", "zorkian",
"*****@*****.**")
setup.add_metadata_to_user("shell", "/usr/bin/fish", "*****@*****.**")
setup.create_user("*****@*****.**")
setup.session.flush()
setup.disable_user("*****@*****.**")
setup.create_role_user("*****@*****.**", "Some role user")
setup.create_service_account("*****@*****.**", "some-group")
ssh_key_1 = key_to_public_key(SSH_KEY_1)
ssh_key_2 = key_to_public_key(SSH_KEY_2)
expected = {
"*****@*****.**": {
"role_user":
False,
"metadata": {
"some-key": "some-value"
},
"public_keys": [
{
"public_key": ssh_key_1.public_key,
"fingerprint": ssh_key_1.fingerprint,
"fingerprint_sha256": ssh_key_1.fingerprint_sha256,
},
{
"public_key": ssh_key_2.public_key,
"fingerprint": ssh_key_2.fingerprint,
"fingerprint_sha256": ssh_key_2.fingerprint_sha256,
},
],
},
"*****@*****.**": {
"role_user": True,
"metadata": {},
"public_keys": []
},
"*****@*****.**": {
"role_user": False,
"metadata": {
"github_username": "******",
"shell": "/usr/bin/fish"
},
"public_keys": [],
},
}
with api_server(tmpdir) as api_url:
api_client = Groupy(api_url)
result = api_client._fetch("/user-metadata")
assert result["status"] == "ok"
assert result["data"]["users"] == expected
def test_list_grants_of_permission(tmpdir, setup):
# type: (LocalPath, SetupTest) -> None
with setup.transaction():
create_graph(setup)
expected = {
"users": {"*****@*****.**": ["bar", "foo"], "*****@*****.**": ["*"]},
"service_accounts": {"*****@*****.**": ["*"]},
}
with api_server(tmpdir) as api_url:
api_client = Groupy(api_url)
result = api_client._fetch("/grants/some-permission")
assert result["status"] == "ok"
assert result["data"]["permission"] == "some-permission"
assert result["data"]["grants"] == expected
def test_list_grants(tmpdir, setup):
# type: (LocalPath, SetupTest) -> None
with setup.transaction():
create_graph(setup)
expected = {
"not-gary": {
"users": {
"*****@*****.**": ["foo"]
},
"role_users": {},
"service_accounts": {}
},
"other-permission": {
"users": {
"*****@*****.**": [""]
},
"role_users": {},
"service_accounts": {},
},
"some-permission": {
"users": {
"*****@*****.**": ["bar", "foo"],
"*****@*****.**": ["*"]
},
"role_users": {
"*****@*****.**": ["foo", "role"]
},
"service_accounts": {
"*****@*****.**": ["*"]
},
},
"twice": {
"users": {
"*****@*****.**": ["*"]
},
"role_users": {},
"service_accounts": {}
},
}
with api_server(tmpdir) as api_url:
api_client = Groupy(api_url)
result = api_client._fetch("/grants")
assert result["status"] == "ok"
assert result["data"]["permissions"] == expected