def test_show_group(tmpdir: LocalPath, setup: SetupTest, browser: Chrome) -> None: with setup.transaction(): setup.add_user_to_group("*****@*****.**", "team-sre", role="owner") setup.add_user_to_group("*****@*****.**", "team-sre") setup.grant_permission_to_group("ssh", "*", "team-sre") setup.grant_permission_to_group("team-sre", "foo", "team-sre") setup.grant_permission_to_group("team-sre", "bar", "team-sre") with frontend_server(tmpdir, "*****@*****.**") as frontend_url: browser.get(url(frontend_url, "/groups/team-sre")) page = GroupViewPage(browser) row = page.find_member_row("*****@*****.**") assert row.role == "owner" assert row.href.endswith("/users/[email protected]") row = page.find_member_row("*****@*****.**") assert row.role == "member" assert row.href.endswith("/users/[email protected]") rows = page.find_permission_rows("ssh") assert len(rows) == 1 assert rows[0].argument == "*" assert rows[0].href.endswith("/permissions/ssh") rows = page.find_permission_rows("team-sre") for permission_row in rows: assert permission_row.href.endswith("/permissions/team-sre") assert sorted([r.argument for r in rows]) == ["bar", "foo"]
def test_grant_permission(tmpdir: LocalPath, setup: SetupTest, browser: Chrome) -> None: with setup.transaction(): setup.add_user_to_group("*****@*****.**", "some-group") setup.grant_permission_to_group(PERMISSION_GRANT, "some-permission", "some-group") setup.create_permission("some-permission") setup.create_group("other-group") with frontend_server(tmpdir, "*****@*****.**") as frontend_url: browser.get(url(frontend_url, "/groups/some-group")) group_page = GroupViewPage(browser) assert group_page.find_permission_rows("some-permission") == [] group_page.click_add_permission_button() grant_page = PermissionGrantPage(browser) grant_page.set_permission("some-permission") grant_page.set_argument("foo") grant_page.submit() rows = group_page.find_permission_rows("some-permission") assert len(rows) == 1 assert rows[0].argument == "foo" # Grant a permission with surrounding and internal whitespace to test whitespace handling. browser.get(url(frontend_url, "/groups/other-group")) assert group_page.find_permission_rows("some-permission") == [] group_page.click_add_permission_button() grant_page.set_permission("some-permission") grant_page.set_argument(" arg u ment ") grant_page.submit() rows = group_page.find_permission_rows("some-permission") assert len(rows) == 1 assert rows[0].argument in ("arg u ment", "arg u ment" ) # browser messes with whitespace # Check directly in the database to make sure the whitespace is stripped, since we may not be # able to see it via the browser. We need to explicitly reopen the database since otherwise # SQLite doesn't always see changes written by the frontend. setup.reopen_database() permission_grant_repository = setup.sql_repository_factory.create_permission_grant_repository( ) grants = permission_grant_repository.permission_grants_for_group( "other-group") assert grants == [ GroupPermissionGrant( group="other-group", permission="some-permission", argument="arg u ment", granted_on=ANY, is_alias=False, grant_id=ANY, ) ]
def test_show_group_hides_aliased_permissions(async_server, browser): # noqa: F811 fe_url = url(async_server, "/groups/sad-team") browser.get(fe_url) page = GroupViewPage(browser) assert len(page.find_permission_rows("owner", "sad-team")) == 1 assert page.find_permission_rows("ssh", "owner=sad-team") == [] assert page.find_permission_rows("sudo", "sad-team") == []
def test_show_group_hides_aliased_permissions( tmpdir: LocalPath, setup: SetupTest, browser: Chrome ) -> None: with setup.transaction(): setup.add_user_to_group("*****@*****.**", "sad-team", role="owner") setup.create_permission("ssh") setup.create_permission("sudo") setup.grant_permission_to_group("owner", "sad-team", "sad-team") with frontend_server(tmpdir, "*****@*****.**") as frontend_url: browser.get(url(frontend_url, "/groups/sad-team")) page = GroupViewPage(browser) assert len(page.find_permission_rows("owner", "sad-team")) == 1 assert page.find_permission_rows("ssh", "owner=sad-team") == [] assert page.find_permission_rows("sudo", "sad-team") == []
def test_show_group(async_server, browser, groups): # noqa: F811 group = groups["team-sre"] fe_url = url(async_server, "/groups/{}".format(group.name)) browser.get(fe_url) page = GroupViewPage(browser) members = group.my_members() for [_, username], _ in members.iteritems(): row = page.find_member_row(username) assert row.href.endswith("/users/{}".format(username)) for permission in group.my_permissions(): rows = page.find_permission_rows(permission.name) assert len(rows) == 1 assert rows[0].argument == permission.argument assert rows[0].href.endswith("/permissions/{}".format(permission.name))
def test_end_to_end_whitespace_in_argument(tmpdir, setup, browser): # type: (LocalPath, SetupTest, Chrome) -> None with setup.transaction(): setup.create_group("some-group") setup.create_permission("some-permission") setup.add_user_to_group("*****@*****.**", "some-group", "owner") setup.add_user_to_group("*****@*****.**", "admins") setup.grant_permission_to_group(PERMISSION_GRANT, "some-permission", "admins") with frontend_server(tmpdir, "*****@*****.**") as frontend_url: browser.get(url(frontend_url, "/permissions/some-permission")) permission_page = PermissionPage(browser) assert permission_page.subheading == "some-permission" permission_page.button_to_request_this_permission.click() permission_request_page = PermissionRequestPage(browser) permission_request_page.set_group("some-group") permission_request_page.set_argument_freeform(" arg u ment ") permission_request_page.set_reason("testing whitespace") permission_request_page.submit() with frontend_server(tmpdir, "*****@*****.**") as frontend_url: browser.get(url(frontend_url, "/permissions/requests?status=pending")) requests_page = PermissionRequestsPage(browser) request_rows = requests_page.request_rows assert len(request_rows) == 1 request = request_rows[0] request.click_modify_link() modify_page = PermissionRequestUpdatePage(browser) modify_page.set_status("actioned") modify_page.set_reason("testing whitespace") modify_page.submit() browser.get(url(frontend_url, "/groups/some-group?refresh=yes")) group_page = GroupViewPage(browser) permission_rows = group_page.find_permission_rows("some-permission") assert len(permission_rows) == 1 grant = permission_rows[0] assert grant.name == "some-permission" assert grant.argument in ("arg u ment", "arg u ment") # browser messes with whitespace assert grant.source == "(direct)" # Check directly in the database to make sure the whitespace is stripped, since we may not be # able to see it via the browser. We need to explicitly reopen the database since otherwise # SQLite doesn't always see changes written by the frontend. setup.reopen_database() permission_grant_repository = setup.sql_repository_factory.create_permission_grant_repository() grants = permission_grant_repository.permission_grants_for_group("some-group") assert grants == [ GroupPermissionGrant( group="some-group", permission="some-permission", argument="arg u ment", granted_on=ANY, is_alias=False, grant_id=ANY, ) ]