def test_add_role_member_outqueue(): """Test adding a new member to a role. Creates two test users and a role using the first user, then adds the second user as member to role.""" user1_payload = { "name": "Test Owner 0521201905", "username": "******", "password": "******", "email": "*****@*****.**", } user2_payload = { "name": "Test Member 0521201906", "username": "******", "password": "******", "email": "*****@*****.**", } with requests.Session() as session: user1_response = create_test_user(session, user1_payload) user1_result = assert_api_success(user1_response) user1_id = user1_result["data"]["user"]["id"] user2_response = create_test_user(session, user2_payload) user2_result = assert_api_success(user2_response) user2_id = user2_result["data"]["user"]["id"] role_payload = { "name": "TestRole0521201902", "owners": user1_id, "administrators": user1_id, "description": "Test Role 3", } role_response = create_test_role(session, role_payload) role_result = assert_api_success(role_response) role_id = role_result["data"]["id"] start_depth = get_outbound_queue_depth() role_update_payload = { "id": user2_id, "reason": "Integration test of adding a member.", "metadata": "", } response = session.post( "http://rbac-server:8000/api/roles/{}/members".format(role_id), json=role_update_payload, ) result = assert_api_success(response) proposal_response = get_proposal_with_retry(session, result["proposal_id"]) proposal = assert_api_success(proposal_response) # Logging in as role owner credentials_payload = { "id": user1_payload["username"], "password": user1_payload["password"], } log_in(session, credentials_payload) # Approve proposal as role owner approval_response = approve_proposal(session, result["proposal_id"]) end_depth = get_outbound_queue_depth() assert end_depth > start_depth delete_role_by_name("TestRole0521201902") delete_user_by_username("test0521201905") delete_user_by_username("test0521201906")
def test_role_outq_insertion(): """ Test the insertion of a new fake role resource which is unique into the outbound_queue table. """ user1_payload = { "name": "Test Unique User", "username": "******", "password": "******", "email": "*****@*****.**", } with requests.Session() as session: expected_result = True user_response1 = create_test_user(session, user1_payload) user1_result = assert_api_success(user_response1) user1_id = user1_result["data"]["user"]["id"] role_payload = { "name": "TestUniqueRole0501201903", "owners": user1_id, "administrators": user1_id, "description": "Test Unique Role 1", } role_response = create_test_role(session, role_payload) role_result = assert_api_success(role_response) role_name = role_result["data"]["name"] inserted_queue_item = peek_at_queue("outbound_queue", LDAP_DC) LOGGER.info("Received queue entry %s from outbound queue...", inserted_queue_item["id"]) successful_insert = bool(inserted_queue_item) assert expected_result == successful_insert delete_role_by_name("TestUniqueRole0501201903") delete_user_by_username("testuniqueuser0501201901")
def test_add_role_task(): """Test adding a new task to a role. Creates a test user and a role, then creates a task, to add to the role.""" user1_payload = { "name": "Test Owner 2", "username": "******", "password": "******", "email": "*****@*****.**", } with requests.Session() as session: create_next_admin(session) user1_response = create_test_user(session, user1_payload) user1_result = assert_api_success(user1_response) user1_id = user1_result["data"]["user"]["id"] with requests.Session() as session: user_login(session, "testowner2", "123456") task1_payload = { "name": "TestTask1", "administrators": user1_id, "owners": user1_id, "metadata": "", } task_response = create_test_task(session, task1_payload) task_result = assert_api_success(task_response) task_id = task_result["data"]["id"] role_payload = { "name": "TestRole0501201904", "owners": user1_id, "administrators": user1_id, "description": "Test Role 4", } role_response = create_test_role(session, role_payload) role_result = assert_api_success(role_response) role_id = role_result["data"]["id"] role_update_payload = { "id": task_id, "reason": "Integration test of adding a task.", "metadata": "", } response = session.post( "http://rbac-server:8000/api/roles/{}/tasks".format(role_id), json=role_update_payload, ) result = assert_api_success(response) proposal_response = get_proposal_with_retry(session, result["proposal_id"]) proposal = assert_api_success(proposal_response) assert proposal["data"]["assigned_approver"][0] == user1_id delete_role_by_name("TestRole0501201904") delete_user_by_username("testowner2") delete_task_by_name("TestTask1")
def test_update_manager(): """ Creates a user and then updates their manager Manager is the second user created here.""" user1_payload = { "name": "Test User 6", "username": "******", "password": "******", "email": "*****@*****.**", } user2_payload = { "name": "Test User 7", "username": "******", "password": "******", "email": "*****@*****.**", } with requests.Session() as session: user1_response = create_test_user(session, user1_payload) user1_result = assert_api_success(user1_response) user1_id = user1_result["data"]["user"]["id"] user2_response = create_test_user(session, user2_payload) user2_result = assert_api_success(user2_response) user2_id = user2_result["data"]["user"]["id"] manager_payload = { "id": user2_id, "reason": "Integration test of adding role owner.", "metadata": "", } response = session.put( "http://rbac-server:8000/api/users/{}/manager".format(user1_id), json=manager_payload, ) result = assert_api_success(response) proposal_response = get_proposal_with_retry(session, result["proposal_id"]) proposal = assert_api_success(proposal_response) assert proposal["data"]["assigned_approver"][0] == user2_id # Logging in as role owner credentials_payload = { "id": user2_payload["username"], "password": user2_payload["password"], } log_in(session, credentials_payload) # Approve proposal as role owner approve_proposal(session, result["proposal_id"]) proposal_response = get_proposal_with_retry(session, result["proposal_id"]) proposal = assert_api_success(proposal_response) assert proposal["data"]["status"] == "CONFIRMED" delete_user_by_username("testuser6") delete_user_by_username("testuser7")
def test_add_task_owner(): """Test adding an owner to a task. Creates two test users and a task using the first user, then adds the second user as task owner.""" user1_payload = { "name": "Test User 10", "username": "******", "password": "******", "email": "*****@*****.**", } user2_payload = { "name": "Test User 11", "username": "******", "password": "******", "email": "*****@*****.**", } with requests.Session() as session: create_next_admin(session) user1_response = create_test_user(session, user1_payload) user1_result = assert_api_success(user1_response) user1_id = user1_result["data"]["user"]["id"] user2_response = create_test_user(session, user2_payload) user2_result = assert_api_success(user2_response) user2_id = user2_result["data"]["user"]["id"] task1_payload = { "name": "TestTask3", "administrators": user1_id, "owners": user1_id, "metadata": "", } task_response = create_test_task(session, task1_payload) task_result = assert_api_success(task_response) task_id = task_result["data"]["id"] owner_payload = { "id": user2_id, "reason": "Integration test of adding task owner.", "metadata": "", } response = session.post( "http://rbac-server:8000/api/tasks/{}/owners".format(task_id), json=owner_payload, ) result = assert_api_success(response) proposal_response = get_proposal_with_retry(session, result["proposal_id"]) proposal = assert_api_success(proposal_response) assert proposal["data"]["assigned_approver"][0] == user1_id delete_task_by_name("TestTask3") delete_user_by_username("testuser10") delete_user_by_username("testuser11")
def test_add_role_admin(): """Test adding an admin to a role. Creates two test users and a role with user1 as owner/admin, then adds the second user as role admin.""" user1_payload = { "name": "Test User 1", "username": "******", "password": "******", "email": "*****@*****.**", } user2_payload = { "name": "Test User 2", "username": "******", "password": "******", "email": "*****@*****.**", } with requests.Session() as session: create_next_admin(session) user_response1 = create_test_user(session, user1_payload) user1_result = assert_api_success(user_response1) user1_id = user1_result["data"]["user"]["id"] user2_response = create_test_user(session, user2_payload) user2_result = assert_api_success(user2_response) user2_id = user2_result["data"]["user"]["id"] role_payload = { "name": "TestRole0501201901", "owners": user1_id, "administrators": user1_id, "description": "Test Role 1", } role_response = create_test_role(session, role_payload) role_result = assert_api_success(role_response) role_id = role_result["data"]["id"] role_update_payload = { "id": user2_id, "reason": "Integration test of adding role admin.", "metadata": "", } response = session.post( "http://rbac-server:8000/api/roles/{}/admins".format(role_id), json=role_update_payload, ) result = assert_api_success(response) proposal_response = get_proposal_with_retry(session, result["proposal_id"]) proposal = assert_api_success(proposal_response) assert proposal["data"]["assigned_approver"][0] == user1_id delete_role_by_name("TestRole0501201901") delete_user_by_username("testuser1") delete_user_by_username("testuser2")
def test_update_manager_outqueue(): """ Creates a user and then updates their manager Manager is the second user created here.""" user1_payload = { "name": "Test User 0521201901", "username": "******", "password": "******", "email": "*****@*****.**", } user2_payload = { "name": "Test User 0521201902", "username": "******", "password": "******", "email": "*****@*****.**", } with requests.Session() as session: user1_response = create_test_user(session, user1_payload) user1_result = assert_api_success(user1_response) user1_id = user1_result["data"]["user"]["id"] user2_response = create_test_user(session, user2_payload) user2_result = assert_api_success(user2_response) user2_id = user2_result["data"]["user"]["id"] start_depth = get_outbound_queue_depth() manager_payload = { "id": user2_id, "reason": "Integration test of adding role owner.", "metadata": "", } response = session.put( "http://rbac-server:8000/api/users/{}/manager".format(user1_id), json=manager_payload, ) result = assert_api_success(response) proposal_response = get_proposal_with_retry(session, result["proposal_id"]) proposal = assert_api_success(proposal_response) # Logging in as role owner credentials_payload = { "id": user2_payload["username"], "password": user2_payload["password"], } log_in(session, credentials_payload) # Approve proposal as role owner approval_response = approve_proposal(session, result["proposal_id"]) end_depth = get_outbound_queue_depth() assert end_depth > start_depth delete_user_by_username("test0521201901") delete_user_by_username("test0521201902")
def get(self, proposal_id, user): """ Get a proposal """ url = self.url(proposal_id) response = requests.get(url=url, headers={"Authorization": user["token"]}) result = assert_api_success(response) assert "data" in result return result["data"]
def update(self, proposal, approver, status, reason): """ Update a proposal """ url = self.url(proposal["id"]) data = {"status": status, "reason": reason} response = requests.patch(url=url, headers={"Authorization": approver["token"]}, json=data) result = assert_api_success(response) return result
def test_role_outq_insertion(): """ Test the insertion of a new fake role resource which is unique into the outbound_queue table. This test will only run if ENABLE_NEXT_BASE_USE is set to 1. """ user1_payload = { "name": "Test Unique User", "username": "******", "password": "******", "email": "*****@*****.**", } with requests.Session() as session: create_next_admin(session) user_response1 = create_test_user(session, user1_payload) user1_result = assert_api_success(user_response1) user1_id = user1_result["data"]["user"]["id"] role_payload = { "name": "TestUniqueRole0501201903", "owners": user1_id, "administrators": user1_id, "description": "Test Unique Role 1", } role_response = create_test_role(session, role_payload) assert_api_success(role_response) outbound_queue_data = {"members": [], "remote_id": ""} expected_payload = { "data": outbound_queue_data, "data_type": "group", "provider_id": "NEXT-created", "status": "UNCONFIRMED", "action": "", } outbound_entry = get_outbound_queue_entry(outbound_queue_data) outbound_entry[0].pop("timestamp") outbound_entry[0].pop("id") assert outbound_entry[0] == expected_payload delete_role_by_name("TestUniqueRole0501201903") delete_user_by_username("testuniqueuser0501201901")
def test_api_user_login(): """ Test user login with good data """ url = helper.api.user.create.auth_url user = helper.api.user.create.current data = {"id": user["username"], "password": user["password"]} response = requests.post(url=url, headers=None, json=data) result = assert_api_success(response) assert result["data"] assert result["data"]["message"] == "Authorization successful" assert isinstance(result["data"]["user_id"], str) assert isinstance(result["token"], str)
def test_update_manager(): """ Creates a user and then updates their manager as nextAdmin""" user1_payload = { "name": "Test User 9", "username": "******", "password": "******", "email": "*****@*****.**", } with requests.Session() as session: next_admin = create_next_admin(session) admin_id = next_admin.json()["data"]["next_id"] user1_response = create_test_user(session, user1_payload) user1_result = assert_api_success(user1_response) user1_id = user1_result["data"]["user"]["id"] with requests.Session() as session: user_login(session, "testuser9", "123456") manager_payload = { "id": user1_id, "reason": "Integration test of updating manager.", "metadata": "", } next_admin_role = get_role_by_name("NextAdmins") failed_response = update_manager(session, admin_id, manager_payload) assert failed_response.json() == { "code": 400, "message": "Proposal opener is not a Next Admin.", } add_role_member(session, next_admin_role[0]["role_id"], {"id": user1_id}) with requests.session() as session: create_next_admin(session) response = update_manager(session, admin_id, manager_payload) result = assert_api_success(response) proposal_response = get_proposal_with_retry(session, result["proposal_id"]) assert_api_success(proposal_response) delete_user_by_username("testuser6") delete_user_by_username("testuser7")
def test_api_user_signup_good(data): """ Test user signup with good data """ url = helper.api.user.create.url response = requests.post(url=url, headers=None, json=data) result = assert_api_success(response) assert result["data"] assert result["data"]["message"] == "Authorization successful" assert isinstance(result["data"]["user"], dict) assert result["data"]["user"]["email"] == data["email"] assert result["data"]["user"]["username"] == data["username"] assert result["data"]["user"]["name"] == data["name"] assert "password" not in result["data"]["user"]
def authenticated(self, user=None): """ Provides newly created test user with authentication token """ if not user: user = self.new() api_wait() # temporary, see config data = {"id": user["username"], "password": user["password"]} response = requests.post(url=self.auth_url, headers=None, json=data) result = assert_api_success(response) assert result["data"]["message"] == "Authorization successful" user["user_id"] = result["data"]["user_id"] user["token"] = result["token"] return user
def test_role_outq_insertion(): """ Test the insertion of a new fake role resource which is unique into the outbound_queue table.""" user1_payload = { "name": "Test Unique User", "username": "******", "password": "******", "email": "*****@*****.**", } with requests.Session() as session: expected_result = True user_response1 = create_test_user(session, user1_payload) user1_result = assert_api_success(user_response1) user1_id = user1_result["data"]["user"]["id"] role_payload = { "name": "TestUniqueRole0501201903", "owners": user1_id, "administrators": user1_id, "description": "Test Unique Role 1", } role_response = create_test_role(session, role_payload) assert_api_success(role_response) inserted_queue_item = peek_at_q_unfiltered("outbound_queue") LOGGER.info("Received queue entry %s from outbound queue...", inserted_queue_item["id"]) successful_insert = bool(inserted_queue_item) assert expected_result == successful_insert # Check status of new outbound_entry role_entry = get_role("TestUniqueRole0501201903") outbound_queue_data = prepare_outbound_queue_data( role_entry[0], "role") outbound_entry = get_outbound_queue_entry(outbound_queue_data) assert outbound_entry[0]["status"] == "UNCONFIRMED" delete_role_by_name("TestUniqueRole0501201903") delete_user_by_username("testuniqueuser0501201901")
def new(self, manager_id=None): """ Provides a created test user """ data = { "name": self.name(), "username": self.username(), "email": self.email(), "password": self.password(), "manager": manager_id, } response = requests.post(url=self.url, headers=None, json=data) result = assert_api_success(response) assert result["data"]["message"] == "Authorization successful" return data
def test_api_user_get_self(): """ Test a user getting their self """ user = helper.api.user.current url = helper.api.user.get_url(next_id=user["next_id"]) # assert assert_api_get_requires_auth(url) time.sleep(5) response = requests.get(url=url, headers={"Authorization": user["token"]}) result = assert_api_success(response) assert result["data"]["email"] == user["email"] assert result["data"]["name"] == user["name"]
def test_add_role_member(): """Test adding a new member to a role. Creates two test users and a role using the first user, then adds the second user as member to role.""" user1_payload = { "name": "Test Owner 1", "username": "******", "password": "******", "email": "*****@*****.**", } user2_payload = { "name": "Test Member", "username": "******", "password": "******", "email": "*****@*****.**", } with requests.Session() as session: create_next_admin(session) user1_response = create_test_user(session, user1_payload) user1_result = assert_api_success(user1_response) user1_id = user1_result["data"]["user"]["id"] user2_response = create_test_user(session, user2_payload) user2_result = assert_api_success(user2_response) user2_id = user2_result["data"]["user"]["id"] role_payload = { "name": "TestRole0501201903", "owners": user1_id, "administrators": user1_id, "description": "Test Role 3", } role_response = create_test_role(session, role_payload) role_result = assert_api_success(role_response) role_id = role_result["data"]["id"] role_update_payload = { "id": user2_id, "reason": "Integration test of adding a member.", "metadata": "", } response = session.post( "http://rbac-server:8000/api/roles/{}/members".format(role_id), json=role_update_payload, ) result = assert_api_success(response) proposal_response = get_proposal_with_retry(session, result["proposal_id"]) proposal = assert_api_success(proposal_response) assert proposal["data"]["assigned_approver"][0] == user1_id # Logging in as role owner user_login(session, user1_payload["username"], user1_payload["password"]) # Approve proposal as role owner approve_proposal(session, result["proposal_id"]) proposal_response = get_proposal_with_retry(session, result["proposal_id"]) proposal = assert_api_success(proposal_response) assert proposal["data"]["status"] == "CONFIRMED" delete_role_by_name("TestRole0501201903") delete_user_by_username("testowner") delete_user_by_username("testmemeber")
def test_api_users_get_all(): """ Test getting all users with default page settings. Test that: 1. URL requires authorization 2. Returns a list of data 3. Returns at least one record """ user = helper.api.user.current url = helper.api.user.list_url # assert assert_api_get_requires_auth(url) response = requests.get(url=url, headers={"Authorization": user["token"]}) result = assert_api_success(response) assert isinstance(result["data"], list) assert result["paging"]["total"] > 0
def test_api_create_user_with_manager(data): """ Test creating a user """ url = helper.api.user.create.url data["manager"] = helper.api.user.current["user_id"] response = requests.post(url=url, headers=None, json=data) result = assert_api_success(response) assert result["data"] assert result["data"]["message"] == "Authorization successful" assert isinstance(result["data"]["user"], dict) assert result["data"]["user"]["email"] == data["email"] assert result["data"]["user"]["username"] == data["username"] assert result["data"]["user"]["name"] == data["name"] assert "password" not in result["data"]["user"] assert result["data"]["user"]["manager"] == data["manager"]
def test_api_user_get_other(): """ Test a user getting another user's data """ other = helper.api.user.current user = helper.api.user.current2 url = helper.api.user.get_url(next_id=other["next_id"]) # assert assert_api_get_requires_auth(url) api_wait() # temporary, see config response = requests.get(url=url, headers={"Authorization": user["token"]}) result = assert_api_success(response) assert result["data"]["email"] == other["email"] assert result["data"]["name"] == other["name"]
def new(self, user): """ Create a test role, assigned to user current if no user is supplied """ if not user: user = helper.user.current data = { "name": self.name(), "owners": [user["next_id"]], "administrators": [user["next_id"]], } response = requests.post(url=self.url, headers={"Authorization": user["token"]}, json=data) result = assert_api_success(response) assert result["data"]["name"] == data["name"] assert result["data"]["owners"] == data["owners"] return result["data"]
def new(self): """A user creates an add role member proposal to add themselves as an member to a role""" owner = helper.user.current role = helper.role.new(user=owner) user = helper.user.current2 url = self.url(role_id=role["id"]) data = {"id": user["next_id"]} api_wait() # temporary, see config response = requests.post( url=url, headers={"Authorization": user["token"]}, json=data ) result = assert_api_success(response) assert "proposal_id" in result api_wait() # temporary, see config proposal = helper.proposal.get(result["proposal_id"], owner) return proposal, owner
def authenticated(self, user=None): """ Provides newly created test user with authentication token """ if not user: user = self.new() time.sleep(5) data = { "id": user["username"], "password": user["password"], "auth_source": "next", } response = requests.post(url=self.auth_url, headers=None, json=data) result = assert_api_success(response) assert result["data"]["message"] == "Authorization successful" user["next_id"] = result["data"]["next_id"] user["token"] = result["token"] return user
def test_api_create_role(): """ Test creating a role """ url = helper.api.role.create.url user = helper.api.user.current data = { "name": helper.api.role.name(), "owners": [user["next_id"]], "administrators": [user["next_id"]], "description": helper.api.role.description(), } assert assert_api_post_requires_auth(url=url, json=data) response = requests.post(url=url, headers={"Authorization": user["token"]}, json=data) result = assert_api_success(response) assert result["data"] assert result["data"]["name"] == data["name"] assert result["data"]["owners"] == data["owners"] assert result["data"]["administrators"] == data["administrators"] assert result["data"]["description"] == data["description"]
def test_user_relationship_api(): """ Test to check that user relationship API is not throwing an index out of range error if user dont have any manager. Creates a test user without manager and calls the user relationship api for testing whether it is causing any index out of range error or not.""" user1_payload = { "name": "kiran kumar", "username": "******", "password": "******", "email": "*****@*****.**", } with requests.Session() as session: user1_response = create_test_user(session, user1_payload) user1_result = assert_api_success(user1_response) user1_id = user1_result["data"]["user"]["id"] response = session.get("http://rbac-server:8000/api/users/" + user1_id + "/relationships") assert response.json()["data"]["managers"] == [] delete_user_by_username("kkumar36")
def test_api_propose_role_member(): """ Test a user proposing to add themselves to a role """ owner = helper.api.user.current role = helper.api.role.create.new(user=owner) user = helper.api.user.current2 url = helper.api.role.member.propose.url(role_id=role["id"]) data = {"id": user["next_id"]} assert assert_api_post_requires_auth(url=url, json=data) response = requests.post(url=url, headers={"Authorization": user["token"]}, json=data) result = assert_api_success(response) assert result["proposal_id"] time.sleep(0.5) # temporary until API refactored to return the proposal proposal = helper.api.proposal.get(result["proposal_id"], owner) assert proposal["id"] == result["proposal_id"] assert proposal["status"] == "OPEN" assert proposal["type"] == "ADD_ROLE_MEMBER" assert proposal["object"] == role["id"] assert proposal["target"] == user["next_id"] assert proposal["opener"] == user["next_id"]
def test_add_role_member_ldap(): """ Test adding a new member to a role in LDAP-only mode. Creates two test users and a role using the first user, then adds the second user as member to role. This test will only run if ENABLE_LDAP_SYNC is set to 1. """ user1_payload = { "name": "Michael Scott", "username": "******", "password": "******", "email": "*****@*****.**", } user2_payload = { "name": "Jim Halpert", "username": "******", "password": "******", "email": "*****@*****.**", } with requests.Session() as session: start_depth = get_outbound_queue_depth() create_next_admin(session) user1_response = create_test_user(session, user1_payload) user1_result = assert_api_success(user1_response) user1_id = user1_result["data"]["user"]["id"] user2_response = create_test_user(session, user2_payload) user2_result = assert_api_success(user2_response) user2_id = user2_result["data"]["user"]["id"] role_payload = { "name": "Michael_Scott_Paper_Company", "owners": user1_id, "administrators": user1_id, "description": "Infinite ideas await....", } role_response = create_test_role(session, role_payload) role_result = assert_api_success(role_response) role_id = role_result["data"]["id"] role_update_payload = { "id": user2_id, "reason": "Integration test of adding a member.", "metadata": "", } response = session.post( "http://rbac-server:8000/api/roles/{}/members".format(role_id), json=role_update_payload, ) result = assert_api_success(response) proposal_response = get_proposal_with_retry(session, result["proposal_id"]) assert_api_success(proposal_response) # Logging in as role owner user_login(session, user1_payload["username"], user1_payload["password"]) # Approve proposal as role owner approve_proposal(session, result["proposal_id"]) end_depth = get_outbound_queue_depth() assert end_depth > start_depth # NOTE: members field contains an empty string because in NEXT # mode all user's remote_ids are set to an empty string outbound_queue_data = { "description": "Infinite ideas await....", "name": "Michael_Scott_Paper_Company", "group_types": -2147483646, "members": [""], "owners": "", "remote_id": "CN=Michael_Scott_Paper_Company," + ENV("GROUP_BASE_DN"), } expected_payload = { "data": outbound_queue_data, "data_type": "group", "provider_id": ENV("LDAP_DC"), "status": "UNCONFIRMED", "action": "", } # Check outbound_queue entry is formatted correctly outbound_entry = get_outbound_queue_entry(outbound_queue_data) outbound_entry[0].pop("timestamp") outbound_entry[0].pop("id") assert outbound_entry[0] == expected_payload delete_role_by_name("Michael_Scott_Paper_Company") delete_user_by_username("jimh062619") delete_user_by_username("michaels062619")
def test_add_role_member_outqueue(): """ Test adding a new member to a role in NEXT-only mode. Creates two test users and a role using the first user, then adds the second user as member to role. This test will only run if ENABLE_NEXT_BASE_USE is set to 1. """ user1_payload = { "name": "Test Owner 0521201905", "username": "******", "password": "******", "email": "*****@*****.**", } user2_payload = { "name": "Test Member 0521201906", "username": "******", "password": "******", "email": "*****@*****.**", } with requests.Session() as session: start_depth = get_outbound_queue_depth() create_next_admin(session) user_response1 = create_test_user(session, user1_payload) user1_result = assert_api_success(user_response1) user1_id = user1_result["data"]["user"]["id"] user2_response = create_test_user(session, user2_payload) user2_result = assert_api_success(user2_response) user2_id = user2_result["data"]["user"]["id"] role_payload = { "name": "TestRole0521201902", "owners": user1_id, "administrators": user1_id, "description": "Test Role 3", } role_response = create_test_role(session, role_payload) role_result = assert_api_success(role_response) role_id = role_result["data"]["id"] role_update_payload = { "id": user2_id, "reason": "Integration test of adding a member.", "metadata": "", } response = session.post( "http://rbac-server:8000/api/roles/{}/members".format(role_id), json=role_update_payload, ) result = assert_api_success(response) proposal_response = get_proposal_with_retry(session, result["proposal_id"]) assert_api_success(proposal_response) # Logging in as role owner user_login(session, user1_payload["username"], user1_payload["password"]) # Approve proposal as role owner approve_proposal(session, result["proposal_id"]) end_depth = get_outbound_queue_depth() assert end_depth > start_depth # NOTE: members field contains an empty string because in NEXT # mode all user's remote_ids are set to an empty string outbound_queue_data = {"members": [""], "remote_id": ""} expected_payload = { "data": outbound_queue_data, "data_type": "group", "provider_id": "NEXT-created", "status": "UNCONFIRMED", "action": "", } # Check outbound_queue entry is formatted correctly outbound_entry = get_outbound_queue_entry(outbound_queue_data) outbound_entry[0].pop("timestamp") outbound_entry[0].pop("id") assert outbound_entry[0] == expected_payload delete_role_by_name("TestRole0521201902") delete_user_by_username("test0521201905") delete_user_by_username("test0521201906")
def test_update_manager_outqueue(): """ Creates a user and then updates their manager Manager is the second user created here.""" # TODO: Rewrite this test after data gets sent to outbound_queue # after a user has their manager updated. user1_payload = { "name": "Test User 0521201901", "username": "******", "password": "******", "email": "*****@*****.**", } user2_payload = { "name": "Test User 0521201902", "username": "******", "password": "******", "email": "*****@*****.**", } with requests.Session() as session: user1_response = create_test_user(session, user1_payload) user1_result = assert_api_success(user1_response) user1_id = user1_result["data"]["user"]["id"] user2_response = create_test_user(session, user2_payload) user2_result = assert_api_success(user2_response) user2_id = user2_result["data"]["user"]["id"] start_depth = get_outbound_queue_depth() next_admins = { "name": "NextAdmins", "owners": [user2_id], "administrators": [user2_id], } role_response = create_test_role(session, next_admins) add_role_member(session, role_response.json()["data"]["id"], {"id": user2_id}) manager_payload = { "id": user2_id, "reason": "Integration test of adding role owner.", "metadata": "", } response = session.put( "http://rbac-server:8000/api/users/{}/manager".format(user1_id), json=manager_payload, ) result = assert_api_success(response) proposal_response = get_proposal_with_retry(session, result["proposal_id"]) proposal = assert_api_success(proposal_response) # Logging in as role owner credentials_payload = { "id": user2_payload["username"], "password": user2_payload["password"], } log_in(session, credentials_payload) # Approve proposal as role owner approval_response = approve_proposal(session, result["proposal_id"]) end_depth = get_outbound_queue_depth() assert end_depth > start_depth # TODO: Add tests to check for UNCONFIRMED outbound_queue entry status # when a user's manager gets updated. delete_user_by_username("test0521201901") delete_user_by_username("test0521201902") delete_role_by_name("NextAdmins")