def setUp(self): super(PermissionsTest, self).setUp() self.technical_admin_in_datastore = user_model.User( id=loanertest.TECHNICAL_ADMIN_EMAIL, roles=[permissions.TECHNICAL_ADMIN_ROLE.name]) self.operational_admin_in_datastore = user_model.User( id=loanertest.OPERATIONAL_ADMIN_EMAIL, roles=[permissions.OPERATIONAL_ADMIN_ROLE.name]) self.technician_in_datastore = user_model.User( id=loanertest.TECHNICIAN_EMAIL, roles=[permissions.TECHNICIAN_ROLE.name]) self.user_in_datastore = user_model.User( id=loanertest.USER_EMAIL, roles=[permissions.USER_ROLE.name]) self.user_no_permission_in_datastore = user_model.User( id=loanertest.USER_EMAIL) self.technical_admin_in_datastore.put() self.operational_admin_in_datastore.put() self.technician_in_datastore.put() self.user_in_datastore.put()
def setUp(self): super(LoanerEndpointsTest, self).setUp() self.service_user_auth_check = FakeApiUserCheck() self.service_permission_check = FakeApiPermissionCheck() self.request = message_types.VoidMessage() user_model.User(id=loanertest.TECHNICAL_ADMIN_EMAIL, roles=[permissions.TECHNICAL_ADMIN_ROLE.name]).put() user_model.User(id=loanertest.OPERATIONAL_ADMIN_EMAIL, roles=[permissions.OPERATIONAL_ADMIN_ROLE.name]).put() user_model.User(id=loanertest.TECHNICIAN_EMAIL, roles=[permissions.TECHNICIAN_ROLE.name]).put() user_model.User(id=loanertest.USER_EMAIL, roles=[permissions.USER_ROLE.name]).put()
def setUp(self): super(LoanerEndpointsTest, self).setUp() self.service = FakeApiPermissionChecks() self.request = message_types.VoidMessage() user_model.Role.create( 'technical_admin', role_permissions=[permissions.Permissions.AUDIT_SHELF], associated_group=loanertest.TECHNICAL_ADMIN_EMAIL) user_model.User(id=loanertest.SUPER_ADMIN_EMAIL, superadmin=True).put() user_model.User(id=loanertest.TECHNICAL_ADMIN_EMAIL, roles=[ndb.Key(user_model.Role, 'technical_admin')]).put() user_model.User(id=loanertest.USER_EMAIL).put()
def test_get_user(self): # No user model exists. user = user_model.User.get_by_id('undefined_user') self.assertEqual(user, None) # get_user will return user model. existing_user_in_datastore = user_model.User( id=loanertest.USER_EMAIL, roles=['test']) existing_user_in_datastore.put() user = user_model.User.get_user(loanertest.USER_EMAIL) self.assertEqual(user, existing_user_in_datastore) self.assertEqual(user.roles, existing_user_in_datastore.roles) # get_user will create new user model. user = user_model.User.get_user(email=loanertest.SUPER_ADMIN_EMAIL) self.assertEqual(user.key.id(), loanertest.SUPER_ADMIN_EMAIL) # make sure role is set as user by default self.assertEqual(user.roles, [permissions.USER_ROLE.name]) # get user will create a new user model with an admin role. opt_roles = [ permissions.OPERATIONAL_ADMIN_ROLE.name, permissions.TECHNICAL_ADMIN_ROLE.name, permissions.TECHNICIAN_ROLE.name, ] user = user_model.User.get_user( email=loanertest.TECHNICAL_ADMIN_EMAIL, opt_roles=opt_roles) opt_roles.append(permissions.USER_ROLE.name) self.assertEqual(user.key.id(), loanertest.TECHNICAL_ADMIN_EMAIL) # make sure there is more than the default role for role in user.roles: self.assertTrue(role in opt_roles)
def test_update__multiple_roles(self): user = user_model.User(id=loanertest.USER_EMAIL) expected_roles = [self.technician_role.key, self.operations_role.key] user.update(roles=['technician', 'operations']) self.assertCountEqual(user.roles, expected_roles)
def test_update__remove_roles(self): user = user_model.User(id=loanertest.USER_EMAIL) user.update(roles=['technician']) self.assertCountEqual(user.role_names, ['technician']) user.update(roles=[]) self.assertEqual(user.roles, [])
def test_yaml_import_with_wipe(self, mock_directoryclass): """Tests YAML importing with a datastore wipe.""" mock_directoryclient = mock_directoryclass.return_value mock_directoryclient.get_chrome_device_by_serial.return_value = ( loanertest.TEST_DIR_DEVICE1) mock_directoryclient.move_chrome_device_org_unit.return_value = ( loanertest.TEST_DIR_DEVICE_DEFAULT) test_device = device_model.Device.enroll( serial_number='0987654321', user_email=loanertest.USER_EMAIL) test_shelf = shelf_model.Shelf.enroll( user_email='test@{}'.format(loanertest.USER_DOMAIN), location='Somewhere', capacity=42, friendly_name='Nice shelf', responsible_for_audit='inventory') user_model.User(id=loanertest.USER_EMAIL).put() template_model.Template.create('template_1') template_model.Template.create('template_2') test_event = event_models.CoreEvent.create('test_event') test_event.description = 'A test event' test_event.enabled = True test_event.actions = ['some_action', 'another_action'] test_event.put() event_models.CustomEvent.create('test_custom_event') datastore_yaml.import_yaml(ALL_YAML, loanertest.USER_EMAIL, wipe=True) # Datastore wiped, new devices/shelves from YAML. devices = device_model.Device.query().fetch() shelves = shelf_model.Shelf.query().fetch() core_events = event_models.CoreEvent.query().fetch() shelf_audit_events = event_models.ShelfAuditEvent.query().fetch() custom_events = event_models.CustomEvent.query().fetch() reminder_events = event_models.ReminderEvent.query().fetch() survey_questions = survey_models.Question.query().fetch() templates = template_model.Template.query().fetch() users = user_model.User.query().fetch() self.assertLen(shelves, 2) self.assertLen(devices, 2) self.assertLen(core_events, 1) self.assertLen(shelf_audit_events, 1) self.assertLen(custom_events, 1) self.assertLen(reminder_events, 1) self.assertLen(survey_questions, 1) self.assertLen(templates, 1) self.assertLen(users, 2) self.assertNotIn(test_device.serial_number, [device.serial_number for device in devices]) self.assertNotIn(test_shelf.location, [shelf.location for shelf in shelves]) self.assertNotIn(test_event.name, [event.name for event in core_events]) self.assertIsInstance(custom_events[0].conditions[0].value, datetime.timedelta)
def test_get_permissions__multiple_roles(self): user = user_model.User(id=loanertest.USER_EMAIL) user.update(roles=['technician', 'operations']) expected_permissions = [ permissions.Permissions.AUDIT_SHELF, permissions.Permissions.READ_SHELVES, permissions.Permissions.MODIFY_DEVICE, permissions.Permissions.MODIFY_SHELF, ] self.assertCountEqual(user.get_permissions(), expected_permissions)
def test_get_user(self): # No user model exists. user = user_model.User.get_by_id('undefined_user') self.assertEqual(user, None) # get_user will return user model. existing_user_in_datastore = user_model.User(id=loanertest.USER_EMAIL) existing_user_in_datastore.put() user = user_model.User.get_user(loanertest.USER_EMAIL) self.assertEqual(user, existing_user_in_datastore) # get_user will create new user model. user = user_model.User.get_user(email=loanertest.SUPER_ADMIN_EMAIL) self.assertEqual(user.key.id(), loanertest.SUPER_ADMIN_EMAIL)
def test_get(self): """Test that a get returns the expected user message from the datastore.""" self.login_endpoints_user(loanertest.USER_EMAIL) test_user_key = user_model.User(id=loanertest.USER_EMAIL).put() test_user = test_user_key.get() request = message_types.VoidMessage() expected_response = user_messages.User(email=test_user.key.id(), roles=[], permissions=[], superadmin=False) actual_response = self.service.get(request) self.assertEqual(actual_response.email, expected_response.email) self.assertEqual(actual_response.roles, expected_response.roles) self.assertEqual(actual_response.permissions, expected_response.permissions) self.assertEqual(actual_response.superadmin, expected_response.superadmin)
def import_yaml(yaml_data, user_email, wipe=False, randomize_shelving=False): """Imports YAML data and creates app datastore entities. This function optionally wipes and populates datastore with default values. Args: yaml_data: str, the YAML data containing device, shelf, core_event, custom_event, and user data. user_email: str, email address of the user making the request. wipe: bool, whether to delete the existing datastore contents. randomize_shelving: bool, whether to assign Devices to Shelves randomly, which may be useful in app testing. """ yaml_data = yaml.load(yaml_data) if wipe: logging.info( 'Wiping existing datastore entities for kinds found in YAML.') if yaml_data.get('core_events'): ndb.delete_multi( event_models.CoreEvent.query().fetch(keys_only=True)) if yaml_data.get('custom_events'): ndb.delete_multi( event_models.CustomEvent.query().fetch(keys_only=True)) if yaml_data.get('devices'): ndb.delete_multi(device_model.Device.query().fetch(keys_only=True)) if yaml_data.get('reminder_events'): ndb.delete_multi( event_models.ReminderEvent.query().fetch(keys_only=True)) if yaml_data.get('shelves'): ndb.delete_multi(shelf_model.Shelf.query().fetch(keys_only=True)) if yaml_data.get('survey_questions'): ndb.delete_multi( survey_models.Question.query().fetch(keys_only=True)) if yaml_data.get('templates'): ndb.delete_multi( template_model.Template.query().fetch(keys_only=True)) if yaml_data.get('users'): ndb.delete_multi(user_model.User.query().fetch(keys_only=True)) shelf_keys = [] for shelf in yaml_data.get('shelves', []): shelf = shelf_model.Shelf.enroll(user_email, **shelf).put() shelf_keys.append(shelf) for device in yaml_data.get('devices', []): device = device_model.Device.enroll(user_email=user_email, **device) if randomize_shelving: device.shelf = shelf_keys[random.randint(0, len(shelf_keys) - 1)] device.put() for core_event in yaml_data.get('core_events', []): model = event_models.CoreEvent.create(core_event['name']) _import_event_dict(model, core_event) for shelf_audit_event in yaml_data.get('shelf_audit_events', []): model = event_models.ShelfAuditEvent.create() _import_event_dict(model, shelf_audit_event) for custom_event in yaml_data.get('custom_events', []): model = event_models.CustomEvent.create(custom_event['name']) _import_event_dict(model, custom_event) for reminder_event in yaml_data.get('reminder_events', []): model = event_models.ReminderEvent.create(reminder_event['level']) _import_event_dict(model, reminder_event) for question in yaml_data.get('survey_questions', []): question['answers'] = [ survey_models.Answer.create(**answer) for answer in question['answers'] ] model = survey_models.Question.create(**question) for template in yaml_data.get('templates', []): template_model.Template.create(template['name'], template.get('title'), template.get('body')) for user in yaml_data.get('users', []): user_model.User(**user).put()
def test_role_names(self): user = user_model.User(id=loanertest.USER_EMAIL) roles = ['technician', 'operations'] user.update(roles=roles) self.assertCountEqual(roles, user.role_names)
def test_get_permissions__one_role(self): user = user_model.User(id=loanertest.USER_EMAIL) user.update(roles=['technician']) self.assertCountEqual(user.get_permissions(), self.technician_role.permissions)
def test_update__invalid_role(self): user = user_model.User(id=loanertest.USER_EMAIL) self.assertRaises(user_model.RoleNotFoundError, user.update, roles=['unknown'])
def import_yaml(yaml_data, user_email, wipe=False, randomize_shelving=False): """Imports YAML data and creates app datastore entities. This allows wiping of the entire datastore, so for safety this option is disallowed if the constants module's BOOTSTRAP_ENABLED option is False. Args: yaml_data: str, the YAML data containing device, shelf, core_event, custom_event, and user data. user_email: str, email address of the user making the request. wipe: bool, whether to delete the existing datastore contents. Ignored if constants.BOOTSTRAP_ENABLED is False. randomize_shelving: bool, whether to assign Devices to Shelves randomly, which may be useful in app testing. Raises: DatastoreWipeError: if a datastore wipe is requested but BOOTSTRAP_ENABLED is False. """ yaml_data = yaml.load(yaml_data) if wipe: if not constants.BOOTSTRAP_ENABLED: raise DatastoreWipeError( 'Requested datastore wipe disallowed. Change ' 'constants.BOOTSTRAP_ENABLED to True to permit wiping.') else: logging.info( 'Wiping existing datastore entities for kinds found in YAML.') if yaml_data.get('core_events'): ndb.delete_multi(event_models.CoreEvent.query().fetch(keys_only=True)) if yaml_data.get('custom_events'): ndb.delete_multi(event_models.CustomEvent.query().fetch(keys_only=True)) if yaml_data.get('devices'): ndb.delete_multi(device_model.Device.query().fetch(keys_only=True)) if yaml_data.get('reminder_events'): ndb.delete_multi( event_models.ReminderEvent.query().fetch(keys_only=True)) if yaml_data.get('shelves'): ndb.delete_multi(shelf_model.Shelf.query().fetch(keys_only=True)) if yaml_data.get('survey_questions'): ndb.delete_multi( survey_models.Question.query().fetch(keys_only=True)) if yaml_data.get('templates'): ndb.delete_multi(template_model.Template.query().fetch(keys_only=True)) if yaml_data.get('users'): ndb.delete_multi(user_model.User.query().fetch(keys_only=True)) shelf_keys = [] for shelf in yaml_data.get('shelves', []): shelf = shelf_model.Shelf.enroll(user_email, **shelf).put() shelf_keys.append(shelf) for device in yaml_data.get('devices', []): device = device_model.Device.enroll(user_email=user_email, **device) if randomize_shelving: device.shelf = shelf_keys[random.randint(0, len(shelf_keys) - 1)] device.put() for core_event in yaml_data.get('core_events', []): model = event_models.CoreEvent.create(core_event['name']) _import_event_dict(model, core_event) for shelf_audit_event in yaml_data.get('shelf_audit_events', []): model = event_models.ShelfAuditEvent.create() _import_event_dict(model, shelf_audit_event) for custom_event in yaml_data.get('custom_events', []): model = event_models.CustomEvent.create(custom_event['name']) _import_event_dict(model, custom_event) for reminder_event in yaml_data.get('reminder_events', []): model = event_models.ReminderEvent.create(reminder_event['level']) _import_event_dict(model, reminder_event) for question in yaml_data.get('survey_questions', []): question['answers'] = [ survey_models.Answer.create(**answer) for answer in question['answers']] model = survey_models.Question.create(**question) for template in yaml_data.get('templates', []): template_model.Template.create( template['name'], template.get('title'), template.get('body')) for user in yaml_data.get('users', []): user_model.User(**user).put()
def test_update__one_role(self): user = user_model.User(id=loanertest.USER_EMAIL) user.update(roles=['technician']) self.assertEqual(user.roles, [self.technician_role.key])
def test_role_names__no_roles(self): user = user_model.User(id=loanertest.USER_EMAIL) self.assertEqual(user.role_names, [])