def pytest_addoption(parser):
parser.addoption('--passwd', action='store', default='secret')
parser.addoption('--complete', action='store_true')
parser.addoption('--cluster', action='store_true')
parser.addoption('--replication', action='store_true')
parser.addoption('--secret', action='store', default='secret')
parser.addoption('--tst_db_name',
action='store',
default=generate_db_name())
async def test_database_management(db, sys_db, bad_db):
# Test list databases
result = await sys_db.databases()
assert '_system' in result
# Test list databases with bad database
with assert_raises(DatabaseListError):
await bad_db.databases()
# Test create database
db_name = generate_db_name()
assert await sys_db.has_database(db_name) is False
assert await sys_db.create_database(
name=db_name, replication_factor=1, write_concern=1,
sharding="single") is True
assert await sys_db.has_database(db_name) is True
# Test create duplicate database
with assert_raises(DatabaseCreateError) as err:
await sys_db.create_database(db_name)
assert err.value.error_code == 1207
# Test create database without permissions
with assert_raises(DatabaseCreateError) as err:
await db.create_database(db_name)
assert err.value.error_code == 1230
# Test delete database without permissions
with assert_raises(DatabaseDeleteError) as err:
await db.delete_database(db_name)
assert err.value.error_code == 1230
# Test delete database
assert await sys_db.delete_database(db_name) is True
assert db_name not in await sys_db.databases()
# Test delete missing database
with assert_raises(DatabaseDeleteError) as err:
await sys_db.delete_database(db_name)
assert err.value.error_code in {11, 1228}
assert await sys_db.delete_database(db_name, ignore_missing=True) is False
async def test_client_bad_connection(db, username, password, cluster):
client = ArangoClient(hosts=f'http://127.0.0.1:{arango_image.get_port()}')
bad_db_name = generate_db_name()
bad_username = generate_username()
bad_password = generate_string()
if not cluster:
# Test connection with bad username password
with pytest.raises(ServerConnectionError):
await client.db(db.name, bad_username, bad_password, verify=True)
# Test connection with missing database
with pytest.raises(ServerConnectionError):
await client.db(bad_db_name, bad_username, bad_password, verify=True)
await client.close()
# Test connection with invalid host URL
client = ArangoClient(hosts='http://127.0.0.1:8500')
with pytest.raises(ServerConnectionError) as err:
await client.db(db.name, username, password, verify=True)
assert 'bad connection' in str(err.value)
await client.close()
async def bad_db(sys_db, client):
bad_db_name = generate_db_name()
# Create a user and non-system database for testing.
bad_db = await client.db(bad_db_name, global_data['username'],
global_data['password'])
return bad_db
async def test_user_create_with_new_database(client, sys_db, cluster):
if cluster:
pytest.skip('Not tested in a cluster setup')
db_name = generate_db_name()
username1 = generate_username()
username2 = generate_username()
username3 = generate_username()
password1 = generate_string()
password2 = generate_string()
password3 = generate_string()
result = await sys_db.create_database(name=db_name,
users=[
{
'username': username1,
'password': password1,
'active': True
},
{
'username': username2,
'password': password2,
'active': True
},
{
'username': username3,
'password': password3,
'active': False
},
])
assert result is True
await sys_db.update_permission(username1,
permission='rw',
database=db_name)
await sys_db.update_permission(username2,
permission='rw',
database=db_name)
await sys_db.update_permission(username3,
permission='rw',
database=db_name)
# Test if the users were created properly
usernames = await extract('username', await sys_db.users())
assert all(u in usernames for u in [username1, username2, username3])
# Test if the first user has access to the database
db = await client.db(db_name, username1, password1)
await db.properties()
# Test if the second user also has access to the database
db = await client.db(db_name, username2, password2)
await db.properties()
# Test if the third user has access to the database (should not)
db = await client.db(db_name, username3, password3)
with assert_raises(DatabasePropertiesError) as err:
await db.properties()
assert err.value.http_code == 401
async def test_permission_management(client, sys_db, bad_db, cluster):
if cluster:
pytest.skip('Not tested in a cluster setup')
username = generate_username()
password = generate_string()
db_name = generate_db_name()
col_name_1 = generate_col_name()
col_name_2 = generate_col_name()
await sys_db.create_database(name=db_name,
users=[{
'username': username,
'password': password,
'active': True
}])
db = await client.db(db_name, username, password)
assert isinstance(await sys_db.permissions(username), dict)
# Test list permissions with bad database
with assert_raises(PermissionListError) as err:
await bad_db.permissions(username)
assert err.value.error_code in {11, 1228}
# Test get permission with bad database
with assert_raises(PermissionGetError) as err:
await bad_db.permission(username, db_name)
assert err.value.error_code in {11, 1228}
# The user should not have read and write permissions
assert await sys_db.permission(username, db_name) == 'rw'
assert await sys_db.permission(username, db_name, col_name_1) == 'rw'
# Test update permission (database level) with bad database
with assert_raises(PermissionUpdateError):
await bad_db.update_permission(username, 'ro', db_name)
assert await sys_db.permission(username, db_name) == 'rw'
# Test update permission (database level) to read only and verify access
assert await sys_db.update_permission(username, 'ro', db_name) is True
assert await sys_db.permission(username, db_name) == 'ro'
with assert_raises(CollectionCreateError) as err:
await db.create_collection(col_name_2)
assert err.value.http_code == 403
assert col_name_1 not in await extract('name', await db.collections())
assert col_name_2 not in await extract('name', await db.collections())
# Test reset permission (database level) with bad database
with assert_raises(PermissionResetError) as err:
await bad_db.reset_permission(username, db_name)
assert err.value.error_code in {11, 1228}
assert await sys_db.permission(username, db_name) == 'ro'
# Test reset permission (database level) and verify access
assert await sys_db.reset_permission(username, db_name) is True
assert await sys_db.permission(username, db_name) == 'none'
with assert_raises(CollectionCreateError) as err:
await db.create_collection(col_name_1)
assert err.value.http_code == 401
with assert_raises(CollectionListError) as err:
await db.collections()
assert err.value.http_code == 401
# Test update permission (database level) and verify access
assert await sys_db.update_permission(username, 'rw', db_name) is True
assert await sys_db.permission(username, db_name, col_name_2) == 'rw'
assert await db.create_collection(col_name_1) is not None
assert await db.create_collection(col_name_2) is not None
assert col_name_1 in await extract('name', await db.collections())
assert col_name_2 in await extract('name', await db.collections())
col_1 = await db.collection(col_name_1)
col_2 = await db.collection(col_name_2)
# Verify that user has read and write access to both collections
assert isinstance(await col_1.properties(), dict)
assert isinstance(await col_1.insert({}), dict)
assert isinstance(await col_2.properties(), dict)
assert isinstance(await col_2.insert({}), dict)
# Test update permission (collection level) to read only and verify access
assert await sys_db.update_permission(username, 'ro', db_name, col_name_1)
assert await sys_db.permission(username, db_name, col_name_1) == 'ro'
assert isinstance(await col_1.properties(), dict)
with assert_raises(DocumentInsertError) as err:
await col_1.insert({})
assert err.value.http_code == 403
assert isinstance(await col_2.properties(), dict)
assert isinstance(await col_2.insert({}), dict)
# Test update permission (collection level) to none and verify access
assert await sys_db.update_permission(username, 'none', db_name,
col_name_1)
assert await sys_db.permission(username, db_name, col_name_1) == 'none'
with assert_raises(CollectionPropertiesError) as err:
await col_1.properties()
assert err.value.http_code == 403
with assert_raises(DocumentInsertError) as err:
await col_1.insert({})
assert err.value.http_code == 403
assert isinstance(await col_2.properties(), dict)
assert isinstance(await col_2.insert({}), dict)
# Test reset permission (collection level)
assert await sys_db.reset_permission(username, db_name, col_name_1) is True
assert await sys_db.permission(username, db_name, col_name_1) == 'rw'
assert isinstance(await col_1.properties(), dict)
assert isinstance(await col_1.insert({}), dict)
assert isinstance(await col_2.properties(), dict)
assert isinstance(await col_2.insert({}), dict)