Skip to content

Commit

Permalink
Add some additional role access rights application tests
Browse files Browse the repository at this point in the history
  • Loading branch information
@index-git @jirik
index-git authored and jirik committed Dec 6, 2023
1 parent 5a724ac commit 4d99e52
Showing 1 changed file with 10 additions and 2 deletions.
12 changes: 10 additions & 2 deletions tests/dynamic_data/publications/access_rights/test_access_rights_application.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -154,6 +154,8 @@ class TestAccessRights:
READER = 'test_access_rights_application_reader'
OTHER_USER = 'test_access_rights_application_other_user'
ROLE = 'TEST_ACCESS_RIGHTS_APPLICATION_ROLE'
OTHER_ROLE = 'TEST_ACCESS_RIGHTS_APPLICATION_OTHER_ROLE'
NON_EXISTING_ROLE = 'TEST_ACCESS_RIGHTS_NON_EXISTING_ROLE'

LAYER_NO_ACCESS = Publication(OWNER, process_client.LAYER_TYPE, 'test_no_access_layer')
LAYER_USER_ACCESS = Publication(OWNER, process_client.LAYER_TYPE, 'test_user_access_layer')
Expand All @@ -173,7 +175,7 @@ class TestAccessRights:
'write': OWNER,
}
ACCESS_RIGHTS_ROLE_ACCESS = {
'read': f'{OWNER}, {ROLE}',
'read': f'{OWNER}, {ROLE}, {NON_EXISTING_ROLE}',
'write': OWNER,
}
ACCESS_RIGHTS_EVERYONE_ACCESS = {
Expand Down Expand Up @@ -212,17 +214,23 @@ def class_fixture(self, request):
process_client.ensure_reserved_username(self.OWNER, process_client.get_authz_headers(self.OWNER))
process_client.ensure_reserved_username(self.READER, process_client.get_authz_headers(self.READER))
process_client.ensure_reserved_username(self.OTHER_USER, process_client.get_authz_headers(self.OTHER_USER))
role_service_util.ensure_user_role(self.READER, self.ROLE)
role_service_util.ensure_user_role(self.OTHER_USER, self.OTHER_ROLE)
role_service_util.ensure_user_role(self.READER, self.NON_EXISTING_ROLE)
for publication, access_rights in self.PUBLICATIONS_DEFS:
process_client.publish_workspace_publication(publication.type, publication.workspace, publication.name,
actor_name=self.OWNER, access_rights=access_rights, )
role_service_util.ensure_user_role(self.READER, self.ROLE)
role_service_util.delete_user_role(self.READER, self.NON_EXISTING_ROLE)
role_service_util.delete_role(self.NON_EXISTING_ROLE)
yield
if request.node.session.testsfailed == 0 and not request.config.option.nocleanup:
for publication, access_rights in self.PUBLICATIONS_DEFS:
process_client.delete_workspace_publication(publication.type, publication.workspace, publication.name,
actor_name=self.OWNER, )
role_service_util.delete_user_role(self.READER, self.ROLE)
role_service_util.delete_role(self.ROLE)
role_service_util.delete_user_role(self.OTHER_USER, self.OTHER_ROLE)
role_service_util.delete_role(self.OTHER_ROLE)

def test_single_positive(self, rest_method, rest_args, ):
rest_method(**rest_args)
Expand Down

0 comments on commit 4d99e52

Please sign in to comment.