def test_delegate_flow():
#check success flow for delegate and fails sessionId used with provider
body = {
"apis": [{
"method": "get",
"endpoint": "/auth/v1/provider/access"
}]
}
r = alt_provider.get_session_id(body)
assert r['success'] is True
assert r['status_code'] == 200
alt_provider.set_user_session_id(fetch_sessionId(delegate_email))
r = alt_provider.get_provider_access('*****@*****.**')
assert r['success'] is True
assert r['status_code'] == 200
# using delegates session ID for provider
untrusted.set_user_session_id(fetch_sessionId(delegate_email))
r = untrusted.get_provider_access(None)
assert r['success'] is False
assert r['status_code'] == 403
def init():
init_provider("*****@*****.**")
assert reset_role(email) == True
assert reset_role(delegate_email) == True
# register abc.123 as delegate and set delegate rule
r = role_reg(delegate_email, '9454234223', name , ["delegate"], org_id, csr)
assert r['success'] == True
assert r['status_code'] == 200
# register barun user as all roles
r = role_reg(email, '9454234223', name , ["consumer","onboarder","data ingester", "delegate"], org_id, csr)
assert r['success'] == True
assert r['status_code'] == 200
######### session ID setup for provider, delegate and consumer with delegate role ###########
r = untrusted.get_session_id(ALL_SECURE_ENDPOINTS_BODY)
assert r['success'] is True
untrusted.set_user_session_id(fetch_sessionId('*****@*****.**'))
r = alt_provider.get_session_id(ALL_SECURE_ENDPOINTS_BODY)
assert r['success'] is True
alt_provider.set_user_session_id(fetch_sessionId(delegate_email))
r = consumer.get_session_id(ALL_SECURE_ENDPOINTS_BODY)
assert r['success'] is True
consumer.set_user_session_id(fetch_sessionId(email))
def test_sessionId_multiple_sucess():
#get session id for multiple end points and check if success
body = {
"apis": [{
"method": "get",
"endpoint": "/auth/v1/provider/access"
}, {
"method": "post",
"endpoint": "/auth/v1/provider/access"
}]
}
r = untrusted.get_session_id(body)
assert r['success'] is True
untrusted.set_user_session_id(fetch_sessionId('*****@*****.**'))
r = untrusted.get_provider_access()
assert r['success'] is True
assert r['status_code'] == 200
resource_group = ''.join(
random.choice(string.ascii_lowercase) for _ in range(10))
resource_id = provider_id + '/rs.iudx.io/' + resource_group
req = {
"user_email": email,
"user_role": 'consumer',
'capabilities': ['temporal'],
"item_id": resource_id,
"item_type": "resourcegroup"
}
r = untrusted.provider_access([req])
assert r['success'] is True
assert r['status_code'] == 200
def test_Success():
# successful flow
body = {
"apis": [{
"method": "get",
"endpoint": "/auth/v1/provider/access"
}]
}
r = untrusted.get_session_id(body)
assert r['success'] is True
untrusted.set_user_session_id(fetch_sessionId('*****@*****.**'))
r = untrusted.get_provider_access()
assert r['success'] is True
assert r['status_code'] == 200
def init():
init_provider("*****@*****.**")
assert reset_role(email) == True
assert reset_role(memail) == True
######### session ID setup ###########
r = untrusted.get_session_id(ALL_SECURE_ENDPOINTS_BODY)
assert r['success'] is True
untrusted.set_user_session_id(fetch_sessionId('*****@*****.**'))
##### for multiple rule tests #####
r = role_reg(memail, '9454234223', name,
["onboarder", "consumer", "data ingester", "delegate"],
org_id, csr)
assert r['success'] == True
assert r['status_code'] == 200
def test_incorrect_user():
#using sessionId by one user to check if it fails when used by any other user
body = {
"apis": [{
"method": "post",
"endpoint": "/auth/v1/provider/access"
}]
}
r = untrusted.get_session_id(body)
assert r['success'] is True
untrusted.set_user_session_id(fetch_sessionId('*****@*****.**'))
req = {"user_email": delegate_email, "user_role": 'delegate'}
r = untrusted.provider_access([req])
assert r['success'] == True
assert r['status_code'] == 200
alt_provider.set_user_session_id(fetch_sessionId('*****@*****.**'))
r = alt_provider.get_provider_access('*****@*****.**')
assert r['success'] is False
assert r['status_code'] == 403
def test_no_sessionId_header():
# setting session ID None will not set the header in requests
untrusted.set_user_session_id(None)
r = untrusted.get_provider_access()
assert r['success'] is False
assert r['status_code'] == 403
def test_sessionId_incorrect():
#passing incorrect session id while accessing Secure endpoint
untrusted.set_user_session_id("")
r = untrusted.get_provider_access()
assert r['success'] is False
assert r['status_code'] == 403
