def test_diff(mocker):
from ldap2pg.privilege import Privilege, Grant, Acl
priv = Privilege(name='priv', revoke='REVOKE {role}', grant='GRANT {role}')
nogrant = Privilege(name='nogrant', revoke='REVOKE')
norvk = Privilege(name='norvk', grant='GRANT')
privileges = {p.name: p for p in [priv, nogrant, norvk]}
item0 = Grant(privilege=priv.name, dbname='backend', role='daniel')
pgacl = Acl([
item0,
Grant(privilege=priv.name, dbname='backend', role='alice'),
Grant(priv.name, dbname='backend', role='irrelevant', full=None),
Grant(privilege=norvk.name, role='torevoke'),
])
ldapacl = Acl([
item0,
Grant(privilege=priv.name, dbname='backend', role='david'),
Grant(privilege=nogrant.name, role='togrant'),
])
queries = [q.args[0] for q in pgacl.diff(ldapacl, privileges)]
assert not fnfilter(queries, 'REVOKE "daniel"*')
assert fnfilter(queries, 'REVOKE "alice"*')
assert fnfilter(queries, 'GRANT "david"*')
def test_privilege_object():
from ldap2pg.privilege import Privilege
connect = Privilege('connect')
ro = Privilege('ro')
assert 'connect' in repr(connect)
assert connect < ro
def test_revoke():
from ldap2pg.privilege import Privilege, Grant
priv = Privilege(name='connect', revoke='REVOKE {database} FROM {role};')
item = Grant(priv.name, dbname='backend', schema=None, role='daniel')
qry = priv.revoke(item)
assert 'REVOKE "backend"' in qry.args[0]
assert 'daniel' in qry.args[0]
def test_grant_object():
from ldap2pg.privilege import Privilege, Grant
priv = Privilege(name='connect', grant='GRANT {database} TO {role};')
item = Grant(priv.name, dbname='backend', schema=None, role='daniel')
qry = priv.grant(item)
assert 'GRANT "backend"' in qry.args[0]
assert 'daniel' in qry.args[0]
def test_grant_object():
from ldap2pg.privilege import Privilege, Grant
from ldap2pg.role import Role
priv = Privilege(name='connect', grant='GRANT {database} TO {role};')
item = Grant(priv.name, dbname='backend', schema=None, role='daniel')
qry = priv.grant(item)
assert 'GRANT "backend"' in qry.args[0]
assert 'daniel' in qry.args[0]
assert 'db' in repr(Grant('p', ['db'], ['schema']))
# Test hash with Role object.
str_h = hash(Grant('priv', ['db'], ['schema'], role=Role(u'rôle')))
obj_h = hash(Grant('priv', ['db'], ['schema'], role=u'rôle'))
assert str_h == obj_h
