def setUp(self):
super(PermissionsTest, self).setUp()
self.technical_admin_in_datastore = user_model.User(
id=loanertest.TECHNICAL_ADMIN_EMAIL,
roles=[permissions.TECHNICAL_ADMIN_ROLE.name])
self.operational_admin_in_datastore = user_model.User(
id=loanertest.OPERATIONAL_ADMIN_EMAIL,
roles=[permissions.OPERATIONAL_ADMIN_ROLE.name])
self.technician_in_datastore = user_model.User(
id=loanertest.TECHNICIAN_EMAIL,
roles=[permissions.TECHNICIAN_ROLE.name])
self.user_in_datastore = user_model.User(
id=loanertest.USER_EMAIL, roles=[permissions.USER_ROLE.name])
self.user_no_permission_in_datastore = user_model.User(
id=loanertest.USER_EMAIL)
self.technical_admin_in_datastore.put()
self.operational_admin_in_datastore.put()
self.technician_in_datastore.put()
self.user_in_datastore.put()
def setUp(self):
super(LoanerEndpointsTest, self).setUp()
self.service_user_auth_check = FakeApiUserCheck()
self.service_permission_check = FakeApiPermissionCheck()
self.request = message_types.VoidMessage()
user_model.User(id=loanertest.TECHNICAL_ADMIN_EMAIL,
roles=[permissions.TECHNICAL_ADMIN_ROLE.name]).put()
user_model.User(id=loanertest.OPERATIONAL_ADMIN_EMAIL,
roles=[permissions.OPERATIONAL_ADMIN_ROLE.name]).put()
user_model.User(id=loanertest.TECHNICIAN_EMAIL,
roles=[permissions.TECHNICIAN_ROLE.name]).put()
user_model.User(id=loanertest.USER_EMAIL,
roles=[permissions.USER_ROLE.name]).put()
def setUp(self):
super(LoanerEndpointsTest, self).setUp()
self.service = FakeApiPermissionChecks()
self.request = message_types.VoidMessage()
user_model.Role.create(
'technical_admin',
role_permissions=[permissions.Permissions.AUDIT_SHELF],
associated_group=loanertest.TECHNICAL_ADMIN_EMAIL)
user_model.User(id=loanertest.SUPER_ADMIN_EMAIL, superadmin=True).put()
user_model.User(id=loanertest.TECHNICAL_ADMIN_EMAIL,
roles=[ndb.Key(user_model.Role,
'technical_admin')]).put()
user_model.User(id=loanertest.USER_EMAIL).put()
def test_get_user(self):
# No user model exists.
user = user_model.User.get_by_id('undefined_user')
self.assertEqual(user, None)
# get_user will return user model.
existing_user_in_datastore = user_model.User(
id=loanertest.USER_EMAIL, roles=['test'])
existing_user_in_datastore.put()
user = user_model.User.get_user(loanertest.USER_EMAIL)
self.assertEqual(user, existing_user_in_datastore)
self.assertEqual(user.roles, existing_user_in_datastore.roles)
# get_user will create new user model.
user = user_model.User.get_user(email=loanertest.SUPER_ADMIN_EMAIL)
self.assertEqual(user.key.id(), loanertest.SUPER_ADMIN_EMAIL)
# make sure role is set as user by default
self.assertEqual(user.roles, [permissions.USER_ROLE.name])
# get user will create a new user model with an admin role.
opt_roles = [
permissions.OPERATIONAL_ADMIN_ROLE.name,
permissions.TECHNICAL_ADMIN_ROLE.name,
permissions.TECHNICIAN_ROLE.name,
]
user = user_model.User.get_user(
email=loanertest.TECHNICAL_ADMIN_EMAIL, opt_roles=opt_roles)
opt_roles.append(permissions.USER_ROLE.name)
self.assertEqual(user.key.id(), loanertest.TECHNICAL_ADMIN_EMAIL)
# make sure there is more than the default role
for role in user.roles:
self.assertTrue(role in opt_roles)
def test_update__multiple_roles(self):
user = user_model.User(id=loanertest.USER_EMAIL)
expected_roles = [self.technician_role.key, self.operations_role.key]
user.update(roles=['technician', 'operations'])
self.assertCountEqual(user.roles, expected_roles)
def test_update__remove_roles(self):
user = user_model.User(id=loanertest.USER_EMAIL)
user.update(roles=['technician'])
self.assertCountEqual(user.role_names, ['technician'])
user.update(roles=[])
self.assertEqual(user.roles, [])
def test_yaml_import_with_wipe(self, mock_directoryclass):
"""Tests YAML importing with a datastore wipe."""
mock_directoryclient = mock_directoryclass.return_value
mock_directoryclient.get_chrome_device_by_serial.return_value = (
loanertest.TEST_DIR_DEVICE1)
mock_directoryclient.move_chrome_device_org_unit.return_value = (
loanertest.TEST_DIR_DEVICE_DEFAULT)
test_device = device_model.Device.enroll(
serial_number='0987654321', user_email=loanertest.USER_EMAIL)
test_shelf = shelf_model.Shelf.enroll(
user_email='test@{}'.format(loanertest.USER_DOMAIN),
location='Somewhere',
capacity=42,
friendly_name='Nice shelf',
responsible_for_audit='inventory')
user_model.User(id=loanertest.USER_EMAIL).put()
template_model.Template.create('template_1')
template_model.Template.create('template_2')
test_event = event_models.CoreEvent.create('test_event')
test_event.description = 'A test event'
test_event.enabled = True
test_event.actions = ['some_action', 'another_action']
test_event.put()
event_models.CustomEvent.create('test_custom_event')
datastore_yaml.import_yaml(ALL_YAML, loanertest.USER_EMAIL, wipe=True)
# Datastore wiped, new devices/shelves from YAML.
devices = device_model.Device.query().fetch()
shelves = shelf_model.Shelf.query().fetch()
core_events = event_models.CoreEvent.query().fetch()
shelf_audit_events = event_models.ShelfAuditEvent.query().fetch()
custom_events = event_models.CustomEvent.query().fetch()
reminder_events = event_models.ReminderEvent.query().fetch()
survey_questions = survey_models.Question.query().fetch()
templates = template_model.Template.query().fetch()
users = user_model.User.query().fetch()
self.assertLen(shelves, 2)
self.assertLen(devices, 2)
self.assertLen(core_events, 1)
self.assertLen(shelf_audit_events, 1)
self.assertLen(custom_events, 1)
self.assertLen(reminder_events, 1)
self.assertLen(survey_questions, 1)
self.assertLen(templates, 1)
self.assertLen(users, 2)
self.assertNotIn(test_device.serial_number,
[device.serial_number for device in devices])
self.assertNotIn(test_shelf.location,
[shelf.location for shelf in shelves])
self.assertNotIn(test_event.name,
[event.name for event in core_events])
self.assertIsInstance(custom_events[0].conditions[0].value,
datetime.timedelta)
def test_get_permissions__multiple_roles(self):
user = user_model.User(id=loanertest.USER_EMAIL)
user.update(roles=['technician', 'operations'])
expected_permissions = [
permissions.Permissions.AUDIT_SHELF,
permissions.Permissions.READ_SHELVES,
permissions.Permissions.MODIFY_DEVICE,
permissions.Permissions.MODIFY_SHELF,
]
self.assertCountEqual(user.get_permissions(), expected_permissions)
def test_get_user(self):
# No user model exists.
user = user_model.User.get_by_id('undefined_user')
self.assertEqual(user, None)
# get_user will return user model.
existing_user_in_datastore = user_model.User(id=loanertest.USER_EMAIL)
existing_user_in_datastore.put()
user = user_model.User.get_user(loanertest.USER_EMAIL)
self.assertEqual(user, existing_user_in_datastore)
# get_user will create new user model.
user = user_model.User.get_user(email=loanertest.SUPER_ADMIN_EMAIL)
self.assertEqual(user.key.id(), loanertest.SUPER_ADMIN_EMAIL)
def test_get(self):
"""Test that a get returns the expected user message from the datastore."""
self.login_endpoints_user(loanertest.USER_EMAIL)
test_user_key = user_model.User(id=loanertest.USER_EMAIL).put()
test_user = test_user_key.get()
request = message_types.VoidMessage()
expected_response = user_messages.User(email=test_user.key.id(),
roles=[],
permissions=[],
superadmin=False)
actual_response = self.service.get(request)
self.assertEqual(actual_response.email, expected_response.email)
self.assertEqual(actual_response.roles, expected_response.roles)
self.assertEqual(actual_response.permissions,
expected_response.permissions)
self.assertEqual(actual_response.superadmin,
expected_response.superadmin)
def import_yaml(yaml_data, user_email, wipe=False, randomize_shelving=False):
"""Imports YAML data and creates app datastore entities.
This function optionally wipes and populates datastore with default values.
Args:
yaml_data: str, the YAML data containing device, shelf, core_event,
custom_event, and user data.
user_email: str, email address of the user making the request.
wipe: bool, whether to delete the existing datastore contents.
randomize_shelving: bool, whether to assign Devices to Shelves randomly,
which may be useful in app testing.
"""
yaml_data = yaml.load(yaml_data)
if wipe:
logging.info(
'Wiping existing datastore entities for kinds found in YAML.')
if yaml_data.get('core_events'):
ndb.delete_multi(
event_models.CoreEvent.query().fetch(keys_only=True))
if yaml_data.get('custom_events'):
ndb.delete_multi(
event_models.CustomEvent.query().fetch(keys_only=True))
if yaml_data.get('devices'):
ndb.delete_multi(device_model.Device.query().fetch(keys_only=True))
if yaml_data.get('reminder_events'):
ndb.delete_multi(
event_models.ReminderEvent.query().fetch(keys_only=True))
if yaml_data.get('shelves'):
ndb.delete_multi(shelf_model.Shelf.query().fetch(keys_only=True))
if yaml_data.get('survey_questions'):
ndb.delete_multi(
survey_models.Question.query().fetch(keys_only=True))
if yaml_data.get('templates'):
ndb.delete_multi(
template_model.Template.query().fetch(keys_only=True))
if yaml_data.get('users'):
ndb.delete_multi(user_model.User.query().fetch(keys_only=True))
shelf_keys = []
for shelf in yaml_data.get('shelves', []):
shelf = shelf_model.Shelf.enroll(user_email, **shelf).put()
shelf_keys.append(shelf)
for device in yaml_data.get('devices', []):
device = device_model.Device.enroll(user_email=user_email, **device)
if randomize_shelving:
device.shelf = shelf_keys[random.randint(0, len(shelf_keys) - 1)]
device.put()
for core_event in yaml_data.get('core_events', []):
model = event_models.CoreEvent.create(core_event['name'])
_import_event_dict(model, core_event)
for shelf_audit_event in yaml_data.get('shelf_audit_events', []):
model = event_models.ShelfAuditEvent.create()
_import_event_dict(model, shelf_audit_event)
for custom_event in yaml_data.get('custom_events', []):
model = event_models.CustomEvent.create(custom_event['name'])
_import_event_dict(model, custom_event)
for reminder_event in yaml_data.get('reminder_events', []):
model = event_models.ReminderEvent.create(reminder_event['level'])
_import_event_dict(model, reminder_event)
for question in yaml_data.get('survey_questions', []):
question['answers'] = [
survey_models.Answer.create(**answer)
for answer in question['answers']
]
model = survey_models.Question.create(**question)
for template in yaml_data.get('templates', []):
template_model.Template.create(template['name'], template.get('title'),
template.get('body'))
for user in yaml_data.get('users', []):
user_model.User(**user).put()
def test_role_names(self):
user = user_model.User(id=loanertest.USER_EMAIL)
roles = ['technician', 'operations']
user.update(roles=roles)
self.assertCountEqual(roles, user.role_names)
def test_get_permissions__one_role(self):
user = user_model.User(id=loanertest.USER_EMAIL)
user.update(roles=['technician'])
self.assertCountEqual(user.get_permissions(),
self.technician_role.permissions)
def test_update__invalid_role(self):
user = user_model.User(id=loanertest.USER_EMAIL)
self.assertRaises(user_model.RoleNotFoundError,
user.update,
roles=['unknown'])
def import_yaml(yaml_data, user_email, wipe=False, randomize_shelving=False):
"""Imports YAML data and creates app datastore entities.
This allows wiping of the entire datastore, so for safety this option is
disallowed if the constants module's BOOTSTRAP_ENABLED option is False.
Args:
yaml_data: str, the YAML data containing device, shelf, core_event,
custom_event, and user data.
user_email: str, email address of the user making the request.
wipe: bool, whether to delete the existing datastore contents. Ignored if
constants.BOOTSTRAP_ENABLED is False.
randomize_shelving: bool, whether to assign Devices to Shelves randomly,
which may be useful in app testing.
Raises:
DatastoreWipeError: if a datastore wipe is requested but BOOTSTRAP_ENABLED
is False.
"""
yaml_data = yaml.load(yaml_data)
if wipe:
if not constants.BOOTSTRAP_ENABLED:
raise DatastoreWipeError(
'Requested datastore wipe disallowed. Change '
'constants.BOOTSTRAP_ENABLED to True to permit wiping.')
else:
logging.info(
'Wiping existing datastore entities for kinds found in YAML.')
if yaml_data.get('core_events'):
ndb.delete_multi(event_models.CoreEvent.query().fetch(keys_only=True))
if yaml_data.get('custom_events'):
ndb.delete_multi(event_models.CustomEvent.query().fetch(keys_only=True))
if yaml_data.get('devices'):
ndb.delete_multi(device_model.Device.query().fetch(keys_only=True))
if yaml_data.get('reminder_events'):
ndb.delete_multi(
event_models.ReminderEvent.query().fetch(keys_only=True))
if yaml_data.get('shelves'):
ndb.delete_multi(shelf_model.Shelf.query().fetch(keys_only=True))
if yaml_data.get('survey_questions'):
ndb.delete_multi(
survey_models.Question.query().fetch(keys_only=True))
if yaml_data.get('templates'):
ndb.delete_multi(template_model.Template.query().fetch(keys_only=True))
if yaml_data.get('users'):
ndb.delete_multi(user_model.User.query().fetch(keys_only=True))
shelf_keys = []
for shelf in yaml_data.get('shelves', []):
shelf = shelf_model.Shelf.enroll(user_email, **shelf).put()
shelf_keys.append(shelf)
for device in yaml_data.get('devices', []):
device = device_model.Device.enroll(user_email=user_email, **device)
if randomize_shelving:
device.shelf = shelf_keys[random.randint(0, len(shelf_keys) - 1)]
device.put()
for core_event in yaml_data.get('core_events', []):
model = event_models.CoreEvent.create(core_event['name'])
_import_event_dict(model, core_event)
for shelf_audit_event in yaml_data.get('shelf_audit_events', []):
model = event_models.ShelfAuditEvent.create()
_import_event_dict(model, shelf_audit_event)
for custom_event in yaml_data.get('custom_events', []):
model = event_models.CustomEvent.create(custom_event['name'])
_import_event_dict(model, custom_event)
for reminder_event in yaml_data.get('reminder_events', []):
model = event_models.ReminderEvent.create(reminder_event['level'])
_import_event_dict(model, reminder_event)
for question in yaml_data.get('survey_questions', []):
question['answers'] = [
survey_models.Answer.create(**answer) for answer in question['answers']]
model = survey_models.Question.create(**question)
for template in yaml_data.get('templates', []):
template_model.Template.create(
template['name'], template.get('title'), template.get('body'))
for user in yaml_data.get('users', []):
user_model.User(**user).put()
def test_update__one_role(self):
user = user_model.User(id=loanertest.USER_EMAIL)
user.update(roles=['technician'])
self.assertEqual(user.roles, [self.technician_role.key])
def test_role_names__no_roles(self):
user = user_model.User(id=loanertest.USER_EMAIL)
self.assertEqual(user.role_names, [])
