def save(self, role: Role) -> Role:
role.group = self.session.merge(role.group)
role.identity = self.session.merge(role.identity)
self.session.add(role)
self.session.commit()
return role
def test_role() -> None:
role = Role(
identity=User(id=0, name="n"),
group=Group(id="g", name="n"),
type=RoleType.ADMIN,
)
service = Mock()
service.get_all_roles_in_group.return_value = [role]
app = create_app(service)
client = app.test_client()
res = client.get("/roles/group/g", headers=create_auth_token(app))
assert res.status_code == 200
assert res.json == [role.to_dict()]
def test_authenticate():
users = Mock()
users.get_by_name.return_value = User(id=0, password=Password("pwd"))
users.get.return_value = User(id=0, name="linus")
ldap = Mock()
ldap.login.return_value = None
ldap.get.return_value = None
roles = Mock()
roles.get_all_by_user.return_value = [
Role(type=RoleType.READER, group=Group(id="group", name="group"))
]
exp = JWTUser(
id=0,
impersonator=0,
type="users",
groups=[JWTGroup(id="group", name="group", role=RoleType.READER)],
)
service = LoginService(
user_repo=users,
bot_repo=Mock(),
group_repo=Mock(),
role_repo=roles,
ldap=ldap,
event_bus=Mock(),
)
assert exp == service.authenticate("dupond", "pwd")
users.get_by_name.assert_called_once_with("dupond")
roles.get_all_by_user.assert_called_once_with(0)
def test_get_user():
user = User(id=3)
users = Mock()
users.get.return_value = user
ldap = Mock()
ldap.get.return_value = None
role = Role(type=RoleType.READER, identity=user, group=Group(id="group"))
roles = Mock()
roles.get_all_by_user.return_value = [role]
service = LoginService(
user_repo=users,
bot_repo=Mock(),
group_repo=Mock(),
role_repo=roles,
ldap=ldap,
event_bus=Mock(),
)
assert_permission(
test=lambda x: service.get_user(3, x),
values=[(SADMIN, True), (GADMIN, True), (USER3, True)],
error=UserNotFoundError,
)
def __init__(self, session: Session):
self.session = session
if self.get(1, "admin") is None:
self.save(
Role(
type=RoleType.ADMIN,
identity=User(id=1),
group=Group(id="admin"),
))
def save_role(self, role: RoleCreationDTO,
params: RequestParameters) -> Role:
role_obj = Role(
type=role.type,
group=self.groups.get(role.group_id),
identity=self.users.get(role.identity_id),
)
if params.user and any((
params.user.is_site_admin(),
params.user.is_group_admin(role_obj.group),
)):
return self.roles.save(role_obj)
else:
raise UserHasNotPermissionError()
def test_role_create() -> None:
role = Role(
identity=User(id=0, name="n"),
group=Group(id="g", name="n"),
type=RoleType.ADMIN,
)
service = Mock()
service.save_role.return_value = role
app = create_app(service)
client = app.test_client()
res = client.post(
"/roles",
headers=create_auth_token(app),
json={
"type": RoleType.ADMIN.value,
"identity_id": 0,
"group_id": "g"
},
)
assert res.status_code == 200
assert res.json == role.to_dict()
def save_bot(self, bot: BotCreateDTO, params: RequestParameters) -> Bot:
if params.user:
role = self.roles.get(params.user.id, bot.group)
if role and role.type.is_higher_or_equals(bot.role):
b = self.bots.save(
Bot(
name=bot.name,
is_author=bot.is_author,
owner=params.user.id,
))
self.roles.save(
Role(group=Group(id=bot.group), type=bot.role, identity=b))
return b
else:
raise UserHasNotPermissionError()
else:
raise UserHasNotPermissionError()
def test_delete_role():
roles = Mock()
roles.delete.return_value = Role()
service = LoginService(
user_repo=Mock(),
bot_repo=Mock(),
group_repo=Mock(),
role_repo=roles,
ldap=Mock(),
event_bus=Mock(),
)
assert_permission(
test=lambda x: service.delete_role(3, "group", x),
values=[(SADMIN, True), (GADMIN, True), (USER3, False)],
)
def test_get_all_roles_in_group():
roles = Mock()
roles.get_all_by_group.return_value = [Role()]
service = LoginService(
user_repo=Mock(),
bot_repo=Mock(),
group_repo=Mock(),
role_repo=roles,
ldap=Mock(),
event_bus=Mock(),
)
assert_permission(
test=lambda x: service.get_all_roles_in_group("group", x),
values=[(SADMIN, True), (GADMIN, True), (USER3, False)],
)
def test_roles():
engine = create_engine("sqlite:///:memory:", echo=True)
session = scoped_session(
sessionmaker(autocommit=False, autoflush=False, bind=engine))
Base.metadata.create_all(engine)
repo = RoleRepository(session=session)
a = Role(type=RoleType.ADMIN, identity=User(id=0), group=Group(id="group"))
a = repo.save(a)
assert a == repo.get(user=0, group="group")
assert [a] == repo.get_all_by_user(user=0)
assert [a] == repo.get_all_by_group(group="group")
repo.delete(user=0, group="group")
assert repo.get(user=0, group="group") is None
def test_save_bot():
bot_create = BotCreateDTO(name="bot", group="group", role=RoleType.READER)
bots = Mock()
bots.save.side_effect = lambda b: b
roles = Mock()
roles.get.return_value = Role(
identity=Identity(id=3), group=Group(id="group"), type=RoleType.WRITER
)
service = LoginService(
user_repo=Mock(),
bot_repo=bots,
group_repo=Mock(),
role_repo=roles,
ldap=Mock(),
event_bus=Mock(),
)
res = service.save_bot(bot_create, USER3)
assert res == Bot(name="bot", is_author=True, owner=3)
def test_save_bot_wrong_role():
bot_create = BotCreateDTO(name="bot", group="group", role=RoleType.ADMIN)
bots = Mock()
bots.save.side_effect = lambda b: b
roles = Mock()
roles.get.return_value = Role(
identity=Identity(id=3), group=Group(id="group"), type=RoleType.READER
)
service = LoginService(
user_repo=Mock(),
bot_repo=bots,
group_repo=Mock(),
role_repo=roles,
ldap=Mock(),
event_bus=Mock(),
)
assert_permission(
test=lambda x: service.save_bot(bot_create, x),
values=[(USER3, False)],
)