Skip to content

Commit

Permalink
Remove role and role-user operations on GeoServer
Browse files Browse the repository at this point in the history
  • Loading branch information
index-git committed Dec 15, 2023
1 parent 44db82b commit 2e7eec2
Show file tree
Hide file tree
Showing 4 changed files with 0 additions and 115 deletions.
38 changes: 0 additions & 38 deletions src/geoserver/geoserver_test.py
Original file line number Diff line number Diff line change
Expand Up @@ -24,29 +24,6 @@ def gs_user():
assert gs_util.delete_user(TEST_USER, GS_AUTH)


@pytest.fixture()
def gs_role():
roles = gs_util.get_roles(GS_AUTH)
assert TEST_ROLE not in roles
assert gs_util.ensure_role(TEST_ROLE, GS_AUTH)
yield TEST_ROLE
assert gs_util.delete_role(TEST_ROLE, GS_AUTH)


def test_role_management():
init_roles = gs_util.get_roles(GS_AUTH)
new_role = TEST_ROLE
assert new_role not in init_roles
assert gs_util.ensure_role(new_role, GS_AUTH)
roles = gs_util.get_roles(GS_AUTH)
assert new_role in roles
assert len(init_roles) + 1 == len(roles)
assert gs_util.delete_role(new_role, GS_AUTH)
roles = gs_util.get_roles(GS_AUTH)
assert new_role not in roles
assert len(init_roles) == len(roles)


def test_user_management():
init_usernames = gs_util.get_usernames(GS_AUTH)
new_user = TEST_USER
Expand All @@ -62,21 +39,6 @@ def test_user_management():
assert len(init_usernames) == len(usernames)


def test_user_role_management(gs_user, gs_role):
user = gs_user[0]
init_user_roles = gs_util.get_user_roles(user, GS_AUTH)
role = gs_role
assert role not in init_user_roles
assert gs_util.ensure_user_role(user, role, GS_AUTH)
user_roles = gs_util.get_user_roles(user, GS_AUTH)
assert role in user_roles
assert len(init_user_roles) + 1 == len(user_roles)
assert gs_util.delete_user_role(user, role, GS_AUTH)
user_roles = gs_util.get_user_roles(user, GS_AUTH)
assert role not in user_roles
assert len(init_user_roles) == len(user_roles)


@pytest.mark.parametrize('service', gs_util.SERVICE_TYPES)
def test_service_srs_list_management(service):
init_service_epsg_codes = gs_util.get_service_srs_list(service, GS_AUTH)
Expand Down
66 changes: 0 additions & 66 deletions src/geoserver/util.py
Original file line number Diff line number Diff line change
Expand Up @@ -78,38 +78,6 @@ def get_roles(auth):
return response.json()['roles']


def ensure_role(role, auth):
roles = get_roles(auth)
role_exists = role in roles
if not role_exists:
logger.info(f"Role {role} does not exist yet, creating.")
response = requests.post(
urljoin(GS_REST_ROLES, 'role/' + role),
headers=headers_json,
auth=auth,
timeout=GS_REST_TIMEOUT,
)
response.raise_for_status()
else:
logger.info(f"Role {role} already exists")
role_created = not role_exists
return role_created


def delete_role(role, auth):
response = requests.delete(
urljoin(GS_REST_ROLES, 'role/' + role),
headers=headers_json,
auth=auth,
timeout=GS_REST_TIMEOUT,
)
role_not_exists = response.status_code == 404
if not role_not_exists:
response.raise_for_status()
role_deleted = not role_not_exists
return role_deleted


def get_usernames(auth):
r_url = GS_REST_USERS
response = requests.get(r_url,
Expand Down Expand Up @@ -902,40 +870,6 @@ def get_user_roles(user, auth):
return response.json()['roles']


def ensure_user_role(user, role, auth):
roles = get_user_roles(user, auth)
association_exists = role in roles
if not association_exists:
logger.info(f"Role {role} not associated with user {user} yet, associating.")
r_url = urljoin(GS_REST_ROLES, f'role/{role}/user/{user}/')
response = requests.post(
r_url,
headers=headers_json,
auth=auth,
timeout=GS_REST_TIMEOUT,
)
response.raise_for_status()
else:
logger.info(f"Role {role} already associated with user {user}")
association_created = not association_exists
return association_created


def delete_user_role(user, role, auth):
r_url = urljoin(GS_REST_ROLES, f'role/{role}/user/{user}/')
response = requests.delete(
r_url,
headers=headers_json,
auth=auth,
timeout=GS_REST_TIMEOUT,
)
association_not_exists = response.status_code == 404
if not association_not_exists:
response.raise_for_status()
association_deleted = not association_not_exists
return association_deleted


def get_service_url(service):
return {
WMS_SERVICE_TYPE: GS_REST_WMS_SETTINGS,
Expand Down
3 changes: 0 additions & 3 deletions src/layman/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -86,10 +86,7 @@
logger.info(f'Adjusting GeoServer roles')

if settings.GEOSERVER_ADMIN_AUTH:
gs_util.ensure_role(settings.LAYMAN_GS_ROLE, settings.GEOSERVER_ADMIN_AUTH)
gs_util.ensure_user(settings.LAYMAN_GS_USER, settings.LAYMAN_GS_PASSWORD, settings.GEOSERVER_ADMIN_AUTH)
gs_util.ensure_user_role(settings.LAYMAN_GS_USER, 'ADMIN', settings.GEOSERVER_ADMIN_AUTH)
gs_util.ensure_user_role(settings.LAYMAN_GS_USER, settings.LAYMAN_GS_ROLE, settings.GEOSERVER_ADMIN_AUTH)

gs_util.ensure_proxy_base_url(settings.LAYMAN_GS_PROXY_BASE_URL_WITH_PLACEHOLDERS, settings.LAYMAN_GS_AUTH)

Expand Down
8 changes: 0 additions & 8 deletions src/layman/layer/geoserver/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -16,19 +16,11 @@

def ensure_whole_user(username, auth=settings.LAYMAN_GS_AUTH):
gs_util.ensure_user(username, None, auth)
role = gs_util.username_to_rolename(username)
gs_util.ensure_role(role, auth)
gs_util.ensure_user_role(username, role, auth)
gs_util.ensure_user_role(username, settings.LAYMAN_GS_ROLE, auth)
ensure_workspace(username, auth)


def delete_whole_user(username, auth=settings.LAYMAN_GS_AUTH):
role = gs_util.username_to_rolename(username)
delete_workspace(username, auth)
gs_util.delete_user_role(username, role, auth)
gs_util.delete_user_role(username, settings.LAYMAN_GS_ROLE, auth)
gs_util.delete_role(role, auth)
gs_util.delete_user(username, auth)


Expand Down

0 comments on commit 2e7eec2

Please sign in to comment.