def collection_batch_no_projects(): """Create and commit a batch of Collection instances without projects, for testing the update API - we cannot assign projects to collections, only the other way around.""" collections = [CollectionFactory() for _ in range(randint(3, 5))] for collection in collections: ClientFactory.create_batch(randint(0, 3), collection=collection) RoleFactory.create_batch(randint(0, 3), collection=collection) return collections
def collection_batch(): """Create and commit a batch of Collection instances, with associated projects, clients and roles.""" collections = [CollectionFactory() for _ in range(randint(3, 5))] ProjectFactory.create_batch(randint(0, 3), collections=collections) for collection in collections: ClientFactory.create_batch(randint(0, 3), collection=collection) RoleFactory.create_batch(randint(0, 3), collection=collection) return collections
def client_build(collection=None, **id): """Build and return an uncommitted Client instance. Referenced scopes and/or collection are however committed.""" return ClientFactory.build( **id, scopes=ScopeFactory.create_batch(randint(1, 3)), collection=collection or (collection := CollectionFactory() if randint(0, 1) else None), collection_id=collection.id if collection else None, )
def client_batch(hydra_admin_api): """Create and commit a batch of Client instances, and create an OAuth2 client config on Hydra for each.""" clients = [] for n in range(randint(3, 5)): clients += [ client := ClientFactory( scopes=(scopes := ScopeFactory.create_batch(randint(1, 3))), is_collection_client=n in (1, 2) or randint(0, 1), ) ]
def test_user_info(): client = ClientFactory() role1 = RoleFactory() role2 = RoleFactory() user = UserFactory(roles=(role1, role2)) actual_user_info = get_user_info(user.id, client.id) expected_user_info = UserInfo( sub=user.id, email=user.email, email_verified=user.verified, name=user.name, picture=None, roles=[role1.id, role2.id], ) assert expected_user_info == actual_user_info
def test_platform_roles(): scopes = ScopeFactory.create_batch(8, type='odp') client = ClientFactory(scopes=scopes[1:7]) role1 = RoleFactory(scopes=scopes[:3]) role2 = RoleFactory(scopes=scopes[5:]) user = UserFactory(roles=(role1, role2)) actual_user_perm = get_user_permissions(user.id, client.id) expected_user_perm = { scope.id: '*' for n, scope in enumerate(scopes) if n in (1, 2, 5, 6) } assert_compare(expected_user_perm, actual_user_perm) actual_client_perm = get_client_permissions(client.id) expected_client_perm = {scope.id: '*' for scope in scopes[1:7]} assert_compare(expected_client_perm, actual_client_perm)
def test_user_info_collection_roles_and_client(): client = ClientFactory(is_collection_client=True) role1 = RoleFactory() role2 = RoleFactory(collection=client.collection) role3 = RoleFactory(collection=client.collection) role4 = RoleFactory(is_collection_role=True) user = UserFactory(roles=(role1, role2, role3, role4)) actual_user_info = get_user_info(user.id, client.id) expected_user_info = UserInfo( sub=user.id, email=user.email, email_verified=user.verified, name=user.name, picture=None, roles=[role1.id, role2.id, role3.id], ) assert expected_user_info == actual_user_info
def test_collection_client_platform_collection_role_mix(): scopes = ScopeFactory.create_batch(8, type='odp') client = ClientFactory(scopes=scopes[1:7], is_collection_client=True) role1 = RoleFactory(scopes=scopes[:3]) role2 = RoleFactory(scopes=scopes[3:5], is_collection_role=True) role3 = RoleFactory(scopes=scopes[5:], collection=client.collection) user = UserFactory(roles=(role1, role2, role3)) actual_user_perm = get_user_permissions(user.id, client.id) expected_user_perm = { scope.id: [client.collection_id] for n, scope in enumerate(scopes) if n in (1, 2, 5, 6) } assert_compare(expected_user_perm, actual_user_perm) actual_client_perm = get_client_permissions(client.id) expected_client_perm = { scope.id: [client.collection_id] for scope in scopes[1:7] } assert_compare(expected_client_perm, actual_client_perm)
def scoped_client(scopes, collection=None): ClientFactory( id='odp.test', scopes=[ScopeFactory(id=s.value, type='odp') for s in scopes], collection=collection, ) token = OAuth2Session( client_id='odp.test', client_secret='secret', scope=' '.join(s.value for s in odp.ODPScope), ).fetch_token( f'{hydra_public_url}/oauth2/token', grant_type='client_credentials', timeout=1.0, ) api_client = TestClient(app=odp.api.app) api_client.headers = { 'Accept': 'application/json', 'Authorization': 'Bearer ' + token['access_token'], } return api_client
def test_collection_roles(): scopes = ScopeFactory.create_batch(8, type='odp') client = ClientFactory(scopes=scopes[1:7]) role1 = RoleFactory(scopes=scopes[:5], is_collection_role=True) role2 = RoleFactory(scopes=scopes[3:], is_collection_role=True) user = UserFactory(roles=(role1, role2)) actual_user_perm = get_user_permissions(user.id, client.id) expected_user_perm = { scope.id: [role1.collection_id] for n, scope in enumerate(scopes) if n in (1, 2) } | { scope.id: [role1.collection_id, role2.collection_id] for n, scope in enumerate(scopes) if n in (3, 4) } | { scope.id: [role2.collection_id] for n, scope in enumerate(scopes) if n in (5, 6) } assert_compare(expected_user_perm, actual_user_perm) actual_client_perm = get_client_permissions(client.id) expected_client_perm = {scope.id: '*' for scope in scopes[1:7]} assert_compare(expected_client_perm, actual_client_perm)
def setUpClass(cls): super(GetClientByIdTestCase, cls).setUpClass() clients = ClientFactory.build_batch(10) db.session.bulk_save_objects(clients) db.session.commit()
def test_create_client_with_scopes(): scopes = ScopeFactory.create_batch(5) client = ClientFactory(scopes=scopes) result = Session.execute(select(ClientScope)).scalars() assert [(row.client_id, row.scope_id, row.scope_type) for row in result] \ == [(client.id, scope.id, scope.type) for scope in scopes]
def test_create_client_with_collection(): client = ClientFactory(is_collection_client=True) result = Session.execute(select(Client, Collection).join(Collection)).one() assert (result.Client.id, result.Client.collection_id, result.Collection.name) \ == (client.id, client.collection.id, client.collection.name)
def test_create_client(): client = ClientFactory() result = Session.execute(select(Client)).scalar_one() assert (result.id, result.collection_id) == (client.id, None)