-
Notifications
You must be signed in to change notification settings - Fork 10
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
f60872b
commit a1989ec
Showing
2 changed files
with
181 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -8,7 +8,16 @@ tokenauth: | |
| organization: Organization 1 | ||
| application: Application 1 | ||
| administration: Administration 1 | ||
| is_superuser: True | ||
| permissions: | ||
| - object_type: 3a82fb7f-fc9b-4104-9804-993f639d6d0d | ||
| mode: read_only | ||
| use_fields: true | ||
| fields: | ||
| key1: value1 | ||
| key2: value2 | ||
| key3: value3 | ||
| - object_type: ca754b52-3f37-4c49-837c-130e8149e337 | ||
| mode: read_and_write | ||
|
|
||
| - identifier: token-2 | ||
| token: e882642bd0ec2482adcdc97258c2e6f98cb06d85 | ||
|
|
@@ -17,4 +26,15 @@ tokenauth: | |
| organization: Organization 2 | ||
| application: Application 2 | ||
| administration: Administration 2 | ||
| permissions: | ||
| - object_type: feeaa795-d212-4fa2-bb38-2c34996e5702 | ||
| mode: read_only | ||
|
|
||
| - identifier: token-3 | ||
| token: ff835859ecf8df4d541aab09f2d0854d17b41a77 | ||
| contact_person: Person 3 | ||
| email: [email protected] | ||
| organization: Organization 3 | ||
| application: Application 3 | ||
| administration: Administration 3 | ||
| is_superuser: True | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -7,9 +7,14 @@ | |
| PrerequisiteFailed, | ||
| ) | ||
| from django_setup_configuration.test_utils import execute_single_step | ||
| from zgw_consumers.models import Service | ||
| from zgw_consumers.test.factories import ServiceFactory | ||
|
|
||
| from objects.core.models import ObjectType | ||
| from objects.core.tests.factories import ObjectTypeFactory | ||
| from objects.setup_configuration.steps.token_auth import TokenAuthConfigurationStep | ||
| from objects.token.models import TokenAuth | ||
| from objects.token.constants import PermissionModes | ||
| from objects.token.models import Permission, TokenAuth | ||
| from objects.token.tests.factories import TokenAuthFactory | ||
|
|
||
| DIR_FILES = (Path(__file__).parent / "files/token_auth").resolve() | ||
|
|
@@ -388,3 +393,157 @@ def test_invalid_empty_identifier(self): | |
| execute_single_step(TokenAuthConfigurationStep, object_source=object_source) | ||
| self.assertTrue("String should match pattern" in str(command_error.exception)) | ||
| self.assertEqual(TokenAuth.objects.count(), 0) | ||
|
|
||
|
|
||
| class TokenAuthConfigurationStepWithPermissionsTests(TestCase): | ||
| def setUp(self): | ||
| self.service = ServiceFactory(slug="service") | ||
| ObjectTypeFactory( | ||
| service=self.service, | ||
| uuid="3a82fb7f-fc9b-4104-9804-993f639d6d0d", | ||
| _name="Object Type 001", | ||
| ) | ||
| ObjectTypeFactory( | ||
| service=self.service, | ||
| uuid="ca754b52-3f37-4c49-837c-130e8149e337", | ||
| _name="Object Type 002", | ||
| ) | ||
| ObjectTypeFactory( | ||
| service=self.service, | ||
| uuid="feeaa795-d212-4fa2-bb38-2c34996e5702", | ||
| _name="Object Type 003", | ||
| ) | ||
|
|
||
| # superuser settato | ||
| # permission con diversi valori | ||
| # UUID -> sbagliato | ||
| # UUID -> vuoto | ||
| # mode | ||
| # mode- > sbagliat con valori fuori dalle choice | ||
| # use_fields | ||
| # fields | ||
| # fields ->sbagliati | ||
| # | ||
|
|
||
| return super().setUp() | ||
|
|
||
| def test_valid_setup_default_without_permissions(self): | ||
| self.assertEqual(TokenAuth.objects.count(), 0) | ||
| self.assertEqual(Permission.objects.count(), 0) | ||
| self.assertEqual(Service.objects.count(), 1) | ||
| self.assertEqual(ObjectType.objects.count(), 3) | ||
|
|
||
| execute_single_step( | ||
| TokenAuthConfigurationStep, | ||
| yaml_source=str(DIR_FILES / "valid_setup_default.yaml"), | ||
| ) | ||
| tokens = TokenAuth.objects.all() | ||
| self.assertEqual(tokens.count(), 2) | ||
|
|
||
| token = tokens.get(identifier="token-1") | ||
| self.assertEqual(token.token, "18b2b74ef994314b84021d47b9422e82b685d82f") | ||
| self.assertEqual(token.contact_person, "Person 1") | ||
| self.assertEqual(token.email, "[email protected]") | ||
| self.assertEqual(token.organization, "") | ||
| self.assertEqual(token.application, "") | ||
| self.assertEqual(token.administration, "") | ||
| self.assertFalse(token.is_superuser) | ||
| self.assertEqual(token.permissions.count(), 0) | ||
| self.assertEqual(token.object_types.count(), 0) | ||
|
|
||
| token = tokens.get(identifier="token-2") | ||
| self.assertEqual(token.contact_person, "Person 2") | ||
| self.assertEqual(token.token, "e882642bd0ec2482adcdc97258c2e6f98cb06d85") | ||
| self.assertEqual(token.email, "[email protected]") | ||
| self.assertEqual(token.organization, "") | ||
| self.assertEqual(token.application, "") | ||
| self.assertEqual(token.administration, "") | ||
| self.assertFalse(token.is_superuser) | ||
| self.assertEqual(token.permissions.count(), 0) | ||
| self.assertEqual(token.object_types.count(), 0) | ||
|
|
||
| def test_valid_setup_complete(self): | ||
| self.assertEqual(TokenAuth.objects.count(), 0) | ||
| self.assertEqual(Permission.objects.count(), 0) | ||
| self.assertEqual(Service.objects.count(), 1) | ||
| self.assertEqual(ObjectType.objects.count(), 3) | ||
|
|
||
| execute_single_step( | ||
| TokenAuthConfigurationStep, | ||
| yaml_source=str(DIR_FILES / "valid_setup_complete.yaml"), | ||
| ) | ||
|
|
||
| tokens = TokenAuth.objects.all() | ||
| self.assertEqual(tokens.count(), 3) | ||
| self.assertEqual(Permission.objects.count(), 3) | ||
|
|
||
| token = tokens.get(identifier="token-1") | ||
| token_permissions = token.permissions.all() | ||
| self.assertEqual(token.token, "18b2b74ef994314b84021d47b9422e82b685d82f") | ||
| self.assertEqual(token.contact_person, "Person 1") | ||
| self.assertEqual(token.email, "[email protected]") | ||
| self.assertEqual(token.organization, "Organization 1") | ||
| self.assertEqual(token.application, "Application 1") | ||
| self.assertEqual(token.administration, "Administration 1") | ||
| self.assertFalse(token.is_superuser) | ||
| self.assertEqual(token.object_types.count(), 2) | ||
| self.assertEqual(token_permissions.count(), 2) | ||
| object_type = ObjectType.objects.get( | ||
| uuid="3a82fb7f-fc9b-4104-9804-993f639d6d0d", service=self.service | ||
| ) | ||
| permission = token_permissions.get(object_type=object_type) | ||
| self.assertTrue(object_type in token.object_types.all()) | ||
| self.assertTrue(permission in token.permissions.all()) | ||
| self.assertEqual(permission.mode, PermissionModes.read_only) | ||
| self.assertTrue(permission.use_fields) | ||
| self.assertTrue(isinstance(permission.fields, dict)) | ||
| self.assertTrue( | ||
| all(key in permission.fields.keys() for key in ["key1", "key2", "key3"]) | ||
| ) | ||
| self.assertTrue( | ||
| all( | ||
| value in permission.fields.values() | ||
| for value in ["value1", "value2", "value3"] | ||
| ) | ||
| ) | ||
| object_type = ObjectType.objects.get( | ||
| uuid="ca754b52-3f37-4c49-837c-130e8149e337", service=self.service | ||
| ) | ||
| permission = token_permissions.get(object_type=object_type) | ||
| self.assertTrue(object_type in token.object_types.all()) | ||
| self.assertTrue(permission in token.permissions.all()) | ||
| self.assertEqual(permission.mode, PermissionModes.read_and_write) | ||
| self.assertFalse(permission.use_fields) | ||
| self.assertIsNone(permission.fields) | ||
|
|
||
| token = tokens.get(identifier="token-2") | ||
| token_permissions = token.permissions.all() | ||
| self.assertEqual(token.contact_person, "Person 2") | ||
| self.assertEqual(token.token, "e882642bd0ec2482adcdc97258c2e6f98cb06d85") | ||
| self.assertEqual(token.email, "[email protected]") | ||
| self.assertEqual(token.organization, "Organization 2") | ||
| self.assertEqual(token.application, "Application 2") | ||
| self.assertEqual(token.administration, "Administration 2") | ||
| self.assertFalse(token.is_superuser) | ||
| self.assertEqual(token.permissions.count(), 1) | ||
| self.assertEqual(token.object_types.count(), 1) | ||
| object_type = ObjectType.objects.get( | ||
| uuid="feeaa795-d212-4fa2-bb38-2c34996e5702", service=self.service | ||
| ) | ||
| permission = token_permissions.get(object_type=object_type) | ||
| self.assertTrue(object_type in token.object_types.all()) | ||
| self.assertTrue(permission in token.permissions.all()) | ||
| self.assertEqual(permission.mode, PermissionModes.read_only) | ||
| self.assertFalse(permission.use_fields) | ||
| self.assertIsNone(permission.fields) | ||
|
|
||
| token = tokens.get(identifier="token-3") | ||
| self.assertEqual(token.contact_person, "Person 3") | ||
| self.assertEqual(token.token, "ff835859ecf8df4d541aab09f2d0854d17b41a77") | ||
| self.assertEqual(token.email, "[email protected]") | ||
| self.assertEqual(token.organization, "Organization 3") | ||
| self.assertEqual(token.application, "Application 3") | ||
| self.assertEqual(token.administration, "Administration 3") | ||
| self.assertTrue(token.is_superuser) | ||
| self.assertEqual(token.permissions.count(), 0) | ||
| self.assertEqual(token.object_types.count(), 0) | ||