mirror of
https://github.com/bec-project/bec_atlas.git
synced 2025-07-14 07:01:48 +02:00
112 lines
3.7 KiB
Python
112 lines
3.7 KiB
Python
from unittest import mock
|
|
|
|
import pytest
|
|
|
|
from bec_atlas.model.model import DeploymentAccess
|
|
|
|
|
|
@pytest.fixture
|
|
def logged_in_client(backend):
|
|
client, _ = backend
|
|
response = client.post(
|
|
"/api/v1/user/login", json={"username": "admin@bec_atlas.ch", "password": "admin"}
|
|
)
|
|
assert response.status_code == 200
|
|
token = response.json()
|
|
assert isinstance(token, str)
|
|
assert len(token) > 20
|
|
return client
|
|
|
|
|
|
def test_deployment_access_router_invalid_deployment_id(logged_in_client):
|
|
"""
|
|
Test that the deployment access endpoint returns a 400 when the deployment id is invalid.
|
|
"""
|
|
response = logged_in_client.get("/api/v1/deployment_access", params={"deployment_id": "test"})
|
|
assert response.status_code == 400
|
|
assert response.json() == {"detail": "Invalid deployment ID"}
|
|
|
|
|
|
def test_deployment_access_router(logged_in_client):
|
|
"""
|
|
Test that the deployment access endpoint returns a 200 when the deployment id is valid.
|
|
"""
|
|
deployments = logged_in_client.get(
|
|
"/api/v1/deployments/realm", params={"realm": "demo_beamline_1"}
|
|
).json()
|
|
deployment_id = deployments[0]["_id"]
|
|
|
|
response = logged_in_client.get(
|
|
"/api/v1/deployment_access", params={"deployment_id": deployment_id}
|
|
)
|
|
assert response.status_code == 200
|
|
out = response.json()
|
|
out = DeploymentAccess(**out)
|
|
|
|
|
|
def test_patch_deployment_access(logged_in_client, backend):
|
|
"""
|
|
Test that the deployment access endpoint returns a 200 when the deployment id is valid.
|
|
"""
|
|
_, app = backend
|
|
deployments = logged_in_client.get(
|
|
"/api/v1/deployments/realm", params={"realm": "demo_beamline_1"}
|
|
).json()
|
|
deployment_id = deployments[0]["_id"]
|
|
|
|
response = logged_in_client.get(
|
|
"/api/v1/deployment_access", params={"deployment_id": deployment_id}
|
|
)
|
|
assert response.status_code == 200
|
|
out = response.json()
|
|
out = DeploymentAccess(**out)
|
|
|
|
with mock.patch.object(app.deployment_access_router, "_is_valid_user", return_value=True):
|
|
response = logged_in_client.patch(
|
|
"/api/v1/deployment_access",
|
|
params={"deployment_id": deployment_id},
|
|
json={
|
|
"user_read_access": ["test1"],
|
|
"user_write_access": ["test2"],
|
|
"su_read_access": ["test3"],
|
|
"su_write_access": ["test4"],
|
|
"remote_read_access": ["test5"],
|
|
"remote_write_access": ["test6"],
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
out = response.json()
|
|
out = DeploymentAccess(**out)
|
|
assert out.user_read_access == ["test1"]
|
|
assert out.user_write_access == ["test2"]
|
|
assert out.su_read_access == ["test3"]
|
|
assert out.su_write_access == ["test4"]
|
|
assert out.remote_read_access == ["test5"]
|
|
assert out.remote_write_access == ["test6"]
|
|
|
|
for user in ["test1", "test2", "test3", "test4"]:
|
|
out = logged_in_client.get(
|
|
"/api/v1/bec_access", params={"deployment_id": deployment_id, "user": user}
|
|
)
|
|
assert out.status_code == 200
|
|
out = out.json()
|
|
assert "token" in out
|
|
|
|
for user in ["test5", "test6"]:
|
|
out = logged_in_client.get(
|
|
"/api/v1/bec_access", params={"deployment_id": deployment_id, "user": user}
|
|
)
|
|
assert out.status_code == 404
|
|
|
|
# Test that the access can also be retrieved directly
|
|
client, _ = backend
|
|
client.post("/api/v1/user/logout")
|
|
response = client.post(
|
|
"/api/v1/bec_access_login",
|
|
json={"username": "admin@bec_atlas.ch", "password": "admin"},
|
|
params={"deployment_id": deployment_id, "user": "test1"},
|
|
)
|
|
assert response.status_code == 200
|
|
out = response.json()
|
|
assert "token" in out
|