def test_user_disable(session, graph, users, user_admin_perm_to_auditors, http_client, base_url):
username = u"*****@*****.**"
old_groups = sorted(get_groups(graph, username))
# disable user
fe_url = url(base_url, "/users/{}/disable".format(username))
resp = yield http_client.fetch(fe_url, method="POST",
headers={"X-Grouper-User": "******"}, body=urlencode({}))
assert resp.code == 200
# enable user, PRESERVE groups
fe_url = url(base_url, "/users/{}/enable".format(username))
resp = yield http_client.fetch(fe_url, method="POST",
headers={"X-Grouper-User": "******"},
body=urlencode({"preserve_membership": "true"}))
assert resp.code == 200
graph.update_from_db(session)
assert old_groups == sorted(get_groups(graph, username)), 'nothing should be removed'
# disable and enable, PURGE groups
fe_url = url(base_url, "/users/{}/disable".format(username))
resp = yield http_client.fetch(fe_url, method="POST",
headers={"X-Grouper-User": "******"}, body=urlencode({}))
assert resp.code == 200
fe_url = url(base_url, "/users/{}/enable".format(username))
resp = yield http_client.fetch(fe_url, method="POST",
headers={"X-Grouper-User": "******"}, body=urlencode({}))
assert resp.code == 200
graph.update_from_db(session)
assert len(get_groups(graph, username)) == 0, 'all group membership should be removed'
def main():
fields = render.get_fields()
try:
username = fields['username']
except KeyError:
return render.redirect('error.html')
call(lambda: add_user(username, fields['email'], fields['key'], fields[
'nonce']))
call(lambda: remember(username, fields['series_id'], fields['series_token']
))
call(lambda: add_group(username, fields['group_name'], fields[
'group_description']))
group_str = '<ul>'
groups = get_groups()
for code in get_groups():
if username in groups[code]['users']:
group_str += '<li>'
group_str += groups[code]['name']
group_str += '</li>'
group_str += '</ul>'
render.render_file("home.html", username=username, groups=group_str)
def test_user_disable(session, graph, users, user_admin_perm_to_auditors,
http_client, base_url):
username = u"*****@*****.**"
old_groups = sorted(get_groups(graph, username))
# disable user
fe_url = url(base_url, "/users/{}/disable".format(username))
resp = yield http_client.fetch(fe_url,
method="POST",
headers={"X-Grouper-User": "******"},
body=urlencode({}))
assert resp.code == 200
# enable user, PRESERVE groups
fe_url = url(base_url, "/users/{}/enable".format(username))
resp = yield http_client.fetch(fe_url,
method="POST",
headers={"X-Grouper-User": "******"},
body=urlencode(
{"preserve_membership": "true"}))
assert resp.code == 200
graph.update_from_db(session)
assert old_groups == sorted(get_groups(
graph, username)), 'nothing should be removed'
# disable and enable, PURGE groups
fe_url = url(base_url, "/users/{}/disable".format(username))
resp = yield http_client.fetch(fe_url,
method="POST",
headers={"X-Grouper-User": "******"},
body=urlencode({}))
assert resp.code == 200
fe_url = url(base_url, "/users/{}/enable".format(username))
resp = yield http_client.fetch(fe_url,
method="POST",
headers={"X-Grouper-User": "******"},
body=urlencode({}))
assert resp.code == 200
graph.update_from_db(session)
assert len(get_groups(
graph, username)) == 0, 'all group membership should be removed'
def test_graph_desc_to_ances(session, graph, users, groups): # noqa
""" Test adding members where all descendants already exist."""
setup_desc_to_ances(session, users, groups)
session.commit()
graph.update_from_db(session)
assert get_users(graph, "team-sre") == set(["*****@*****.**", "*****@*****.**"])
assert get_users(graph, "tech-ops") == set(["*****@*****.**", "*****@*****.**"])
assert get_users(graph, "team-infra") == set(["*****@*****.**", "*****@*****.**"])
assert get_users(graph, "team-infra", cutoff=1) == set(["*****@*****.**"])
assert get_users(graph, "all-teams") == set(
["*****@*****.**", "*****@*****.**", "*****@*****.**"])
assert get_users(graph, "all-teams", cutoff=1) == set(["*****@*****.**"])
assert get_groups(graph, "*****@*****.**") == set(
["team-sre", "all-teams", "tech-ops", "team-infra"])
assert get_groups(graph, "*****@*****.**",
cutoff=1) == set(["team-sre", "tech-ops", "team-infra"])
assert get_groups(graph, "*****@*****.**") == set(
["team-sre", "all-teams", "tech-ops", "team-infra"])
assert get_groups(graph, "*****@*****.**",
cutoff=1) == set(["team-sre", "tech-ops"])
assert get_groups(graph, "*****@*****.**") == set(["all-teams"])
assert get_groups(graph, "*****@*****.**", cutoff=1) == set(["all-teams"])
def test_graph_desc_to_ances(session, graph, users, groups): # noqa
""" Test adding members where all descendants already exist."""
setup_desc_to_ances(session, users, groups)
session.commit()
graph.update_from_db(session)
assert get_users(graph, "team-sre") == set(["*****@*****.**", "*****@*****.**"])
assert get_users(graph, "tech-ops") == set(["*****@*****.**", "*****@*****.**"])
assert get_users(graph, "team-infra") == set(["*****@*****.**", "*****@*****.**"])
assert get_users(graph, "team-infra", cutoff=1) == set(["*****@*****.**"])
assert get_users(graph, "all-teams") == set(["*****@*****.**", "*****@*****.**", "*****@*****.**"])
assert get_users(graph, "all-teams", cutoff=1) == set(["*****@*****.**"])
assert get_groups(graph, "*****@*****.**") == set(["team-sre", "all-teams", "tech-ops",
"team-infra"])
assert get_groups(graph, "*****@*****.**", cutoff=1) == set(["team-sre", "tech-ops", "team-infra"])
assert get_groups(graph, "*****@*****.**") == set(["team-sre", "all-teams", "tech-ops", "team-infra"])
assert get_groups(graph, "*****@*****.**", cutoff=1) == set(["team-sre", "tech-ops"])
assert get_groups(graph, "*****@*****.**") == set(["all-teams"])
assert get_groups(graph, "*****@*****.**", cutoff=1) == set(["all-teams"])
def test_graph_cycle_direct(session, graph, users, groups): # noqa
""" Test adding members where all descendants already exist."""
add_member(groups["team-sre"], users["*****@*****.**"])
add_member(groups["tech-ops"], users["*****@*****.**"])
add_member(groups["team-sre"], groups["tech-ops"])
add_member(groups["tech-ops"], groups["team-sre"])
session.commit()
graph.update_from_db(session)
assert get_users(graph, "team-sre") == set(["*****@*****.**", "*****@*****.**"])
assert get_users(graph, "team-sre", cutoff=1) == set(["*****@*****.**"])
assert get_users(graph, "tech-ops") == set(["*****@*****.**", "*****@*****.**"])
assert get_users(graph, "tech-ops", cutoff=1) == set(["*****@*****.**"])
assert get_groups(graph, "*****@*****.**") == set(["team-sre", "tech-ops"])
assert get_groups(graph, "*****@*****.**", cutoff=1) == set(["team-sre"])
assert get_groups(graph, "*****@*****.**") == set(["team-sre", "tech-ops"])
assert get_groups(graph, "*****@*****.**", cutoff=1) == set(["tech-ops"])
def test_graph_cycle_direct(session, graph, users, groups): # noqa
""" Test adding members where all descendants already exist."""
add_member(groups["team-sre"], users["*****@*****.**"])
add_member(groups["tech-ops"], users["*****@*****.**"])
add_member(groups["team-sre"], groups["tech-ops"])
add_member(groups["tech-ops"], groups["team-sre"])
session.commit()
graph.update_from_db(session)
assert get_users(graph, "team-sre") == set(["*****@*****.**", "*****@*****.**"])
assert get_users(graph, "team-sre", cutoff=1) == set(["*****@*****.**"])
assert get_users(graph, "tech-ops") == set(["*****@*****.**", "*****@*****.**"])
assert get_users(graph, "tech-ops", cutoff=1) == set(["*****@*****.**"])
assert get_groups(graph, "*****@*****.**") == set(["team-sre", "tech-ops"])
assert get_groups(graph, "*****@*****.**", cutoff=1) == set(["team-sre"])
assert get_groups(graph, "*****@*****.**") == set(["team-sre", "tech-ops"])
assert get_groups(graph, "*****@*****.**", cutoff=1) == set(["tech-ops"])
def test_graph_cycle_indirect(session, graph, users, groups): # noqa
""" Test adding a member that will create a cycle.
gary zay testuser
| | |
sre <----- tech-ops <----- team-infra <--
| |
| |
--------> all-teams --------------------
"""
add_member(groups["team-sre"], users["*****@*****.**"])
add_member(groups["tech-ops"], users["*****@*****.**"])
add_member(groups["team-infra"], users["*****@*****.**"])
add_member(groups["team-sre"], groups["tech-ops"])
add_member(groups["tech-ops"], groups["team-infra"])
add_member(groups["team-infra"], groups["all-teams"])
add_member(groups["all-teams"], groups["team-sre"])
session.commit()
graph.update_from_db(session)
all_users = set(["*****@*****.**", "*****@*****.**", "*****@*****.**"])
all_groups = set(["team-sre", "all-teams", "tech-ops", "team-infra"])
assert get_users(graph, "team-sre") == all_users
assert get_users(graph, "team-sre", cutoff=1) == set(["*****@*****.**"])
assert get_users(graph, "tech-ops") == all_users
assert get_users(graph, "tech-ops", cutoff=1) == set(["*****@*****.**"])
assert get_users(graph, "team-infra") == all_users
assert get_users(graph, "team-infra", cutoff=1) == set(["*****@*****.**"])
assert get_users(graph, "all-teams") == all_users
assert get_users(graph, "all-teams", cutoff=1) == set([])
assert get_groups(graph, "*****@*****.**") == all_groups
assert get_groups(graph, "*****@*****.**", cutoff=1) == set(["team-sre"])
assert get_groups(graph, "*****@*****.**") == all_groups
assert get_groups(graph, "*****@*****.**", cutoff=1) == set(["tech-ops"])
assert get_groups(graph, "*****@*****.**") == all_groups
assert get_groups(graph, "*****@*****.**", cutoff=1) == set(["team-infra"])
def test_graph_cycle_indirect(session, graph, users, groups): # noqa
""" Test adding a member that will create a cycle.
gary zay testuser
| | |
sre <----- tech-ops <----- team-infra <--
| |
| |
--------> all-teams --------------------
"""
add_member(groups["team-sre"], users["*****@*****.**"])
add_member(groups["tech-ops"], users["*****@*****.**"])
add_member(groups["team-infra"], users["*****@*****.**"])
add_member(groups["team-sre"], groups["tech-ops"])
add_member(groups["tech-ops"], groups["team-infra"])
add_member(groups["team-infra"], groups["all-teams"])
add_member(groups["all-teams"], groups["team-sre"])
session.commit()
graph.update_from_db(session)
all_users = set(["*****@*****.**", "*****@*****.**", "*****@*****.**"])
all_groups = set(["team-sre", "all-teams", "tech-ops", "team-infra"])
assert get_users(graph, "team-sre") == all_users
assert get_users(graph, "team-sre", cutoff=1) == set(["*****@*****.**"])
assert get_users(graph, "tech-ops") == all_users
assert get_users(graph, "tech-ops", cutoff=1) == set(["*****@*****.**"])
assert get_users(graph, "team-infra") == all_users
assert get_users(graph, "team-infra", cutoff=1) == set(["*****@*****.**"])
assert get_users(graph, "all-teams") == all_users
assert get_users(graph, "all-teams", cutoff=1) == set([])
assert get_groups(graph, "*****@*****.**") == all_groups
assert get_groups(graph, "*****@*****.**", cutoff=1) == set(["team-sre"])
assert get_groups(graph, "*****@*****.**") == all_groups
assert get_groups(graph, "*****@*****.**", cutoff=1) == set(["tech-ops"])
assert get_groups(graph, "*****@*****.**") == all_groups
assert get_groups(graph, "*****@*****.**", cutoff=1) == set(["team-infra"])
def test_graph_add_member_existing(session, graph, users, groups): # noqa
""" Test adding members to an existing relationship."""
add_member(groups["team-sre"], users["*****@*****.**"], role="owner")
add_member(groups["tech-ops"], users["*****@*****.**"], role="owner")
add_member(groups["team-infra"], users["*****@*****.**"], role="owner")
add_member(groups["team-infra"], groups["team-sre"])
add_member(groups["team-infra"], groups["tech-ops"])
add_member(groups["all-teams"], users["*****@*****.**"], role="owner")
add_member(groups["all-teams"], groups["team-infra"])
add_member(groups["team-sre"], users["*****@*****.**"])
add_member(groups["tech-ops"], users["*****@*****.**"])
session.commit()
graph.update_from_db(session)
assert get_users(graph, "team-sre") == set(["*****@*****.**", "*****@*****.**"])
assert get_users(graph, "tech-ops") == set(["*****@*****.**", "*****@*****.**"])
assert get_users(graph, "team-infra") == set(["*****@*****.**", "*****@*****.**"])
assert get_users(graph, "team-infra", cutoff=1) == set(["*****@*****.**"])
assert get_users(graph, "all-teams") == set(
["*****@*****.**", "*****@*****.**", "*****@*****.**"])
assert get_users(graph, "all-teams", cutoff=1) == set(["*****@*****.**"])
assert get_groups(graph, "*****@*****.**") == set(
["team-sre", "all-teams", "tech-ops", "team-infra"])
assert get_groups(graph, "*****@*****.**",
cutoff=1) == set(["team-sre", "tech-ops", "team-infra"])
assert get_groups(graph, "*****@*****.**") == set(
["team-sre", "all-teams", "tech-ops", "team-infra"])
assert get_groups(graph, "*****@*****.**",
cutoff=1) == set(["team-sre", "tech-ops"])
assert get_groups(graph, "*****@*****.**") == set(["all-teams"])
assert get_groups(graph, "*****@*****.**", cutoff=1) == set(["all-teams"])
def test_graph_add_member_existing(session, graph, users, groups): # noqa
""" Test adding members to an existing relationship."""
add_member(groups["team-sre"], users["*****@*****.**"], role="owner")
add_member(groups["tech-ops"], users["*****@*****.**"], role="owner")
add_member(groups["team-infra"], users["*****@*****.**"], role="owner")
add_member(groups["team-infra"], groups["team-sre"])
add_member(groups["team-infra"], groups["tech-ops"])
add_member(groups["all-teams"], users["*****@*****.**"], role="owner")
add_member(groups["all-teams"], groups["team-infra"])
add_member(groups["team-sre"], users["*****@*****.**"])
add_member(groups["tech-ops"], users["*****@*****.**"])
session.commit()
graph.update_from_db(session)
assert get_users(graph, "team-sre") == set(["*****@*****.**", "*****@*****.**"])
assert get_users(graph, "tech-ops") == set(["*****@*****.**", "*****@*****.**"])
assert get_users(graph, "team-infra") == set(["*****@*****.**", "*****@*****.**"])
assert get_users(graph, "team-infra", cutoff=1) == set(["*****@*****.**"])
assert get_users(graph, "all-teams") == set(["*****@*****.**", "*****@*****.**", "*****@*****.**"])
assert get_users(graph, "all-teams", cutoff=1) == set(["*****@*****.**"])
assert get_groups(graph, "*****@*****.**") == set(["team-sre", "all-teams", "tech-ops",
"team-infra"])
assert get_groups(graph, "*****@*****.**", cutoff=1) == set(["team-sre", "tech-ops", "team-infra"])
assert get_groups(graph, "*****@*****.**") == set(["team-sre", "all-teams", "tech-ops", "team-infra"])
assert get_groups(graph, "*****@*****.**", cutoff=1) == set(["team-sre", "tech-ops"])
assert get_groups(graph, "*****@*****.**") == set(["all-teams"])
assert get_groups(graph, "*****@*****.**", cutoff=1) == set(["all-teams"])
def test_graph_with_removes(session, graph, users, groups): # noqa
""" Test adding members where all descendants already exist."""
setup_desc_to_ances(session, users, groups)
groups["team-infra"].revoke_member(users["gary"], users["gary"],
"Unit Testing")
session.commit()
graph.update_from_db(session)
assert get_users(graph, "team-sre") == set(["gary", "zay"])
assert get_users(graph, "tech-ops") == set(["gary", "zay"])
assert get_users(graph, "team-infra") == set(["gary", "zay"])
assert get_users(graph, "team-infra", cutoff=1) == set()
assert get_users(graph, "all-teams") == set(["gary", "zay", "testuser"])
assert get_users(graph, "all-teams", cutoff=1) == set(["testuser"])
assert get_groups(graph, "gary") == set(
["team-sre", "all-teams", "tech-ops", "team-infra"])
assert get_groups(graph, "gary", cutoff=1) == set(["team-sre", "tech-ops"])
assert get_groups(graph, "zay") == set(
["team-sre", "all-teams", "tech-ops", "team-infra"])
assert get_groups(graph, "zay", cutoff=1) == set(["team-sre", "tech-ops"])
assert get_groups(graph, "testuser") == set(["all-teams"])
assert get_groups(graph, "testuser", cutoff=1) == set(["all-teams"])
groups["all-teams"].revoke_member(users["gary"], groups["team-infra"],
"Unit Testing")
session.commit()
graph.update_from_db(session)
assert get_users(graph, "team-sre") == set(["gary", "zay"])
assert get_users(graph, "tech-ops") == set(["gary", "zay"])
assert get_users(graph, "team-infra") == set(["gary", "zay"])
assert get_users(graph, "team-infra", cutoff=1) == set([])
assert get_users(graph, "all-teams") == set(["testuser"])
assert get_users(graph, "all-teams", cutoff=1) == set(["testuser"])
assert get_groups(graph,
"gary") == set(["team-sre", "tech-ops", "team-infra"])
assert get_groups(graph, "gary", cutoff=1) == set(["team-sre", "tech-ops"])
assert get_groups(graph,
"zay") == set(["team-sre", "tech-ops", "team-infra"])
assert get_groups(graph, "zay", cutoff=1) == set(["team-sre", "tech-ops"])
assert get_groups(graph, "testuser") == set(["all-teams"])
assert get_groups(graph, "testuser", cutoff=1) == set(["all-teams"])
groups["team-infra"].revoke_member(users["gary"], groups["tech-ops"],
"Unit Testing")
session.commit()
graph.update_from_db(session)
assert get_users(graph, "team-sre") == set(["gary", "zay"])
assert get_users(graph, "tech-ops") == set(["gary", "zay"])
assert get_users(graph, "team-infra") == set(["gary", "zay"])
assert get_users(graph, "team-infra", cutoff=1) == set([])
assert get_users(graph, "all-teams") == set(["testuser"])
assert get_users(graph, "all-teams", cutoff=1) == set(["testuser"])
assert get_groups(graph,
"gary") == set(["team-sre", "tech-ops", "team-infra"])
assert get_groups(graph, "gary", cutoff=1) == set(["team-sre", "tech-ops"])
assert get_groups(graph,
"zay") == set(["team-sre", "tech-ops", "team-infra"])
assert get_groups(graph, "zay", cutoff=1) == set(["team-sre", "tech-ops"])
assert get_groups(graph, "testuser") == set(["all-teams"])
assert get_groups(graph, "testuser", cutoff=1) == set(["all-teams"])
def test_graph_with_removes(session, graph, users, groups): # noqa
""" Test adding members where all descendants already exist."""
setup_desc_to_ances(session, users, groups)
groups["team-infra"].revoke_member(users["gary"], users["gary"], "Unit Testing")
session.commit()
graph.update_from_db(session)
assert get_users(graph, "team-sre") == set(["gary", "zay"])
assert get_users(graph, "tech-ops") == set(["gary", "zay"])
assert get_users(graph, "team-infra") == set(["gary", "zay"])
assert get_users(graph, "team-infra", cutoff=1) == set()
assert get_users(graph, "all-teams") == set(["gary", "zay", "testuser"])
assert get_users(graph, "all-teams", cutoff=1) == set(["testuser"])
assert get_groups(graph, "gary") == set(["team-sre", "all-teams", "tech-ops", "team-infra"])
assert get_groups(graph, "gary", cutoff=1) == set(["team-sre", "tech-ops"])
assert get_groups(graph, "zay") == set(["team-sre", "all-teams", "tech-ops", "team-infra"])
assert get_groups(graph, "zay", cutoff=1) == set(["team-sre", "tech-ops"])
assert get_groups(graph, "testuser") == set(["all-teams"])
assert get_groups(graph, "testuser", cutoff=1) == set(["all-teams"])
groups["all-teams"].revoke_member(users["gary"], groups["team-infra"], "Unit Testing")
session.commit()
graph.update_from_db(session)
assert get_users(graph, "team-sre") == set(["gary", "zay"])
assert get_users(graph, "tech-ops") == set(["gary", "zay"])
assert get_users(graph, "team-infra") == set(["gary", "zay"])
assert get_users(graph, "team-infra", cutoff=1) == set([])
assert get_users(graph, "all-teams") == set(["testuser"])
assert get_users(graph, "all-teams", cutoff=1) == set(["testuser"])
assert get_groups(graph, "gary") == set(["team-sre", "tech-ops", "team-infra"])
assert get_groups(graph, "gary", cutoff=1) == set(["team-sre", "tech-ops"])
assert get_groups(graph, "zay") == set(["team-sre", "tech-ops", "team-infra"])
assert get_groups(graph, "zay", cutoff=1) == set(["team-sre", "tech-ops"])
assert get_groups(graph, "testuser") == set(["all-teams"])
assert get_groups(graph, "testuser", cutoff=1) == set(["all-teams"])
groups["team-infra"].revoke_member(users["gary"], groups["tech-ops"], "Unit Testing")
session.commit()
graph.update_from_db(session)
assert get_users(graph, "team-sre") == set(["gary", "zay"])
assert get_users(graph, "tech-ops") == set(["gary", "zay"])
assert get_users(graph, "team-infra") == set(["gary", "zay"])
assert get_users(graph, "team-infra", cutoff=1) == set([])
assert get_users(graph, "all-teams") == set(["testuser"])
assert get_users(graph, "all-teams", cutoff=1) == set(["testuser"])
assert get_groups(graph, "gary") == set(["team-sre", "tech-ops", "team-infra"])
assert get_groups(graph, "gary", cutoff=1) == set(["team-sre", "tech-ops"])
assert get_groups(graph, "zay") == set(["team-sre", "tech-ops", "team-infra"])
assert get_groups(graph, "zay", cutoff=1) == set(["team-sre", "tech-ops"])
assert get_groups(graph, "testuser") == set(["all-teams"])
assert get_groups(graph, "testuser", cutoff=1) == set(["all-teams"])
