def test_delete_role_with_admins(): """Test the delete roll api Create a test user for auth Create a test role Deletes the test role Check that the role admin object was deleted """ with requests.Session() as session: # Create test user user_payload = { "name": "Elaine Marley", "username": "******", "password": "******", "email": "*****@*****.**", } create_next_admin(session) user_response = create_test_user(session, user_payload) assert user_response.status_code == 200, ( "Error creating user: %s" % user_response.json() ) # Create test role user_id = user_response.json()["data"]["user"]["id"] role_resource = { "name": "Tri-Island Area", "owners": user_id, "administrators": user_id, } role_response = session.post( "http://rbac-server:8000/api/roles", json=role_resource ) assert role_response.status_code == 200, ( "Error creating role: %s" % role_response.json() ) # Wait for role in db role_id = role_response.json()["data"]["id"] is_role_in_db = wait_for_role_in_db(role_id) assert ( is_role_in_db is True ), "Couldn't find role in rethinkdb, maximum attempts exceeded." # Delete test role delete_role_response = session.delete( "http://rbac-server:8000/api/roles/%s" % role_id ) assert delete_role_response.status_code == 200, ( "Error deleting role: %s" % delete_role_response.json() ) # Check for role admins are_admins_removed = wait_for_resource_removal_in_db( "role_admins", "role_id", role_id ) assert are_admins_removed is True # clean up delete_user_by_username("elaine1")
def test_delete_role(): """Test the delete roll api Create a test user for auth Create a test role Deletes the test role Only checks that the role was deleted """ with requests.Session() as session: # Create test user user_payload = { "name": "Guybrush Threepwood", "username": "******", "password": "******", "email": "*****@*****.**", } create_next_admin(session) user_response = create_test_user(session, user_payload) assert user_response.status_code == 200, ( "Error creating user: %s" % user_response.json() ) # Create test role user_id = user_response.json()["data"]["user"]["id"] role_resource = { "name": "Men of Low Moral Fiber", "owners": user_id, "administrators": user_id, } role_response = session.post( "http://rbac-server:8000/api/roles", json=role_resource ) assert role_response.status_code == 200, ( "Error creating role: %s" % role_response.json() ) # Wait for role in db role_id = role_response.json()["data"]["id"] is_role_in_db = wait_for_role_in_db(role_id) assert ( is_role_in_db is True ), "Couldn't find role in rethinkdb, maximum attempts exceeded." # Delete test role delete_role_response = session.delete( "http://rbac-server:8000/api/roles/%s" % role_id ) assert delete_role_response.status_code == 200, ( "Error deleting role: %s" % delete_role_response.json() ) # clean up delete_user_by_username("guybrush3pw00d")
def test_role_owner_and_mem(): """Create a new fake role and try to add yourself to role you created""" with requests.Session() as session: # create test user user_payload = { "name": "Susan S", "username": "******", "password": "******", "email": "*****@*****.**", } create_next_admin(session) user_response = create_test_user(session, user_payload) assert user_response.status_code == 200, ( "Error creating user: %s" % user_response.json() ) with requests.Session() as session: user_login(session, "susans2224", "12345678") # create test role user_id = user_response.json()["data"]["user"]["id"] role_resource = { "name": "Office_Assistant", "owners": user_id, "administrators": user_id, } role_response = session.post( "http://rbac-server:8000/api/roles", json=role_resource ) assert role_response.status_code == 200, ( "Error creating role: %s" % role_response.json() ) # Wait for role in rethinkdb role_id = role_response.json()["data"]["id"] is_role_in_db = wait_for_role_in_db(role_id) assert ( is_role_in_db is True ), "Couldn't find role in rethinkdb, maximum attempts exceeded." # create a membership proposal to test autoapproval response = add_role_member(session, role_id, {"id": user_id}) assert ( response.json()["message"] == "Owner is the requester. Proposal is autoapproved." ) # clean up delete_user_by_username("susans2224") delete_role_by_name("Office_Assistant")
def test_delete_role_not_owner(): """ Test the delete role api Create a test user for auth Create a test user for role membership Create a test role Attempt to delete the test role as a non role owner/admin Check that the deletion attempt was autorejected """ with requests.Session() as session: # Create test user role_owner = { "name": "Fred Pirate", "username": "******", "password": "******", "email": "*****@*****.**", } create_next_admin(session) user_response = create_test_user(session, role_owner) assert user_response.status_code == 200, "Error creating user: %s;\n %s" % ( role_owner["name"], user_response.json(), ) role_owner["next_id"] = user_response.json()["data"]["user"]["id"] # Create test user test_user = { "name": "Meunster Monster", "username": "******", "password": "******", "email": "*****@*****.**", } user_response = create_test_user(session, test_user) assert user_response.status_code == 200, "Error creating user: %s;\n %s" % ( test_user["name"], user_response.json(), ) test_user["next_id"] = user_response.json()["data"]["user"]["id"] # Auth as new_member payload = {"id": role_owner["username"], "password": role_owner["password"]} auth_response = session.post( "http://rbac-server:8000/api/authorization/", json=payload ) assert auth_response.status_code == 200, "Failed to authenticate as %s. %s" % ( test_user["name"], auth_response.json(), ) # Create test role role_resource = { "name": "Men of Low Moral Fiber", "owners": role_owner["next_id"], "administrators": role_owner["next_id"], } role_response = session.post( "http://rbac-server:8000/api/roles", json=role_resource ) assert role_response.status_code == 200, ( "Error creating role: %s" % role_response.json() ) # Wait for role in db role_id = role_response.json()["data"]["id"] is_role_in_db = wait_for_role_in_db(role_id) assert ( is_role_in_db is True ), "Couldn't find role in rethinkdb, maximum attempts exceeded." # Auth as test_user payload = {"id": test_user["username"], "password": test_user["password"]} auth_response = session.post( "http://rbac-server:8000/api/authorization/", json=payload ) assert auth_response.status_code == 200, "Failed to authenticate as %s. %s" % ( role_owner["name"], auth_response.json(), ) # Delete test role delete_role_response = session.delete( "http://rbac-server:8000/api/roles/%s" % role_id ) assert delete_role_response.status_code == 403, ( "Unexpected response: %s" % delete_role_response.json() ) # clean up delete_user_by_username("fred1") delete_user_by_username("meunster1") delete_role_by_name("Men of Low Moral Fiber")
def test_delete_role_with_proposals(): """ Test the delete roll api Create a test user for auth Create a test user for role membership Create a test role Propose adding the second user as a member Deletes the test role Check that the membership proposal was autorejected """ with requests.Session() as session: # Create test user role_owner = { "name": "Fin Pirate", "username": "******", "password": "******", "email": "*****@*****.**", } create_next_admin(session) user_response = create_test_user(session, role_owner) assert user_response.status_code == 200, ( "Error creating user: %s" % user_response.json() ) role_owner["next_id"] = user_response.json()["data"]["user"]["id"] # Create test user new_member = { "name": "Frank Pirate", "username": "******", "password": "******", "email": "*****@*****.**", } user_response = create_test_user(session, new_member) assert user_response.status_code == 200, ( "Error creating user: %s" % user_response.json() ) new_member["next_id"] = user_response.json()["data"]["user"]["id"] # Auth as role_owner auth_response = user_login( session, role_owner["username"], role_owner["password"] ) assert auth_response.status_code == 200, "Failed to authenticate as %s. %s" % ( role_owner["username"], auth_response.json(), ) # Create test role role_resource = { "name": "Men of Low Moral Fiber", "owners": role_owner["next_id"], "administrators": role_owner["next_id"], } role_response = session.post( "http://rbac-server:8000/api/roles", json=role_resource ) assert role_response.status_code == 200, ( "Error creating role: %s" % role_response.json() ) # Wait for role in db role_id = role_response.json()["data"]["id"] is_role_in_db = wait_for_role_in_db(role_id) assert ( is_role_in_db is True ), "Couldn't find role in rethinkdb, maximum attempts exceeded." # Auth as new_member auth_response = user_login( session, new_member["username"], new_member["password"] ) assert auth_response.status_code == 200, "Failed to authenticate as %s. %s" % ( new_member["username"], auth_response.json(), ) # Add role member role_update_payload = { "id": new_member["next_id"], "reason": "Integration test of membership proposal removal on role deletion.", "metadata": "", } member_response = session.post( "http://rbac-server:8000/api/roles/{}/members".format(role_id), json=role_update_payload, ) assert member_response.status_code == 200, ( "Error adding role member: %s" % member_response.json() ) # Auth as role_owner auth_response = user_login( session, role_owner["username"], role_owner["password"] ) assert auth_response.status_code == 200, "Failed to authenticate as %s. %s" % ( role_owner["username"], auth_response.json(), ) # Delete test role delete_role_response = session.delete( "http://rbac-server:8000/api/roles/%s" % role_id ) assert delete_role_response.status_code == 200, ( "Error deleting role: %s" % delete_role_response.json() ) # Check for open role member proposals are_proposals_rejected = wait_for_prpsl_rjctn_in_db(role_id) assert are_proposals_rejected is True # clean up delete_user_by_username("fin1") delete_user_by_username("frank1")
def test_delete_role_with_members(): """ Test the delete roll api Create a test user for auth Create a test role Add the first user as a member of the role Deletes the test role Check that the role member object was deleted """ with requests.Session() as session: # Create test user user_payload = { "name": "Walt the Dog", "username": "******", "password": "******", "email": "*****@*****.**", } create_next_admin(session) user_response = create_test_user(session, user_payload) assert user_response.status_code == 200, ( "Error creating user: %s" % user_response.json() ) user_id = user_response.json()["data"]["user"]["id"] with requests.Session() as session: user_login(session, "walt1", "12345678") # Create test role role_resource = { "name": "Phatt Island Jail", "owners": user_id, "administrators": user_id, } role_response = session.post( "http://rbac-server:8000/api/roles", json=role_resource ) assert role_response.status_code == 200, ( "Error creating role: %s" % role_response.json() ) # Wait for role in db role_id = role_response.json()["data"]["id"] is_role_in_db = wait_for_role_in_db(role_id) assert ( is_role_in_db is True ), "Couldn't find role in rethinkdb, maximum attempts exceeded." # Add role member role_update_payload = { "id": user_id, "reason": "Integration test of member removal on role deletion.", "metadata": "", } member_response = session.post( "http://rbac-server:8000/api/roles/{}/members".format(role_id), json=role_update_payload, ) assert member_response.status_code == 200, ( "Error adding role member: %s" % member_response.json() ) # Wait for member in rethinkdb is_member_in_db = wait_for_resource_in_db("role_members", "related_id", user_id) assert ( is_member_in_db is True, ), "Couldn't find member in rethinkdb, maximum attempts exceeded." # Delete test role delete_role_response = session.delete( "http://rbac-server:8000/api/roles/%s" % role_id ) assert delete_role_response.status_code == 200, ( "Error deleting role: %s" % delete_role_response.json() ) # Check for role members are_members_removed = wait_for_resource_removal_in_db( "role_members", "role_id", role_id ) assert are_members_removed is True # clean up delete_user_by_username("walt1")