From 72ad11c75ea072d80ae3c9faf704a713ad1617d1 Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Fri, 28 Jun 2019 12:26:56 +0200 Subject: [PATCH 3/3] tests: add tests on a2_rbac post_migrate handlers (#34133) --- tests/test_a2_rbac.py | 69 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 69 insertions(+) diff --git a/tests/test_a2_rbac.py b/tests/test_a2_rbac.py index 595633f5..6065b57d 100644 --- a/tests/test_a2_rbac.py +++ b/tests/test_a2_rbac.py @@ -17,13 +17,17 @@ import pytest from django.contrib.contenttypes.models import ContentType +from django.core.management import call_command from django_rbac.utils import get_permission_model from django_rbac.models import Operation + from authentic2.a2_rbac.models import Role, OrganizationalUnit as OU, RoleAttribute +from authentic2.a2_rbac.utils import get_default_ou from authentic2.models import Service from authentic2.utils import get_hex_uuid + def test_role_natural_key(db): ou = OU.objects.create(name='ou1', slug='ou1') s1 = Service.objects.create(name='s1', slug='s1') @@ -196,3 +200,68 @@ def test_ou_export_json(db): assert ou_dict['email_is_unique'] == ou.email_is_unique assert ou_dict['default'] == ou.default assert ou_dict['validate_emails'] == ou.validate_emails + + +def test_no_managed_ct(transactional_db, settings): + from django.core.management.sql import emit_post_migrate_signal + + call_command('flush', verbosity=0, interactive=False, + database='default', reset_sequences=False) + assert Role.objects.count() == 5 + OU.objects.create(name='OU1', slug='ou1') + emit_post_migrate_signal(verbosity=0, interactive=False, db='default') + assert Role.objects.count() == 5 + 4 + 4 + settings.A2_RBAC_MANAGED_CONTENT_TYPES = () + call_command('flush', verbosity=0, interactive=False, + database='default', reset_sequences=False) + assert Role.objects.count() == 0 + # create ou + OU.objects.create(name='OU1', slug='ou1') + emit_post_migrate_signal(verbosity=0, interactive=False, db='default') + assert Role.objects.count() == 0 + + +def test_global_manager_roles(db): + manager = Role.objects.get(ou__isnull=True, slug='_a2-manager') + ou_manager = Role.objects.get(ou__isnull=True, slug='_a2-manager-of-organizational-units') + user_manager = Role.objects.get(ou__isnull=True, slug='_a2-manager-of-users') + role_manager = Role.objects.get(ou__isnull=True, slug='_a2-manager-of-roles') + service_manager = Role.objects.get(ou__isnull=True, slug='_a2-manager-of-services') + assert ou_manager in manager.parents() + assert user_manager in manager.parents() + assert role_manager in manager.parents() + assert service_manager in manager.parents() + assert manager.parents(include_self=False).count() == 4 + assert Role.objects.count() == 5 + assert OU.objects.count() == 1 + + +def test_manager_roles_multi_ou(db, ou1): + manager = Role.objects.get(ou__isnull=True, slug='_a2-manager') + ou_manager = Role.objects.get(ou__isnull=True, slug='_a2-manager-of-organizational-units') + user_manager = Role.objects.get(ou__isnull=True, slug='_a2-manager-of-users') + role_manager = Role.objects.get(ou__isnull=True, slug='_a2-manager-of-roles') + service_manager = Role.objects.get(ou__isnull=True, slug='_a2-manager-of-services') + assert ou_manager in manager.parents() + assert user_manager in manager.parents() + assert role_manager in manager.parents() + assert service_manager in manager.parents() + assert manager.parents(include_self=False).count() == 4 + + for ou in [get_default_ou(), ou1]: + manager = Role.objects.get(ou__isnull=True, + slug='_a2-managers-of-{ou.slug}'.format(ou=ou)) + user_manager = Role.objects.get(ou=ou, + slug='_a2-manager-of-users-{ou.slug}'.format(ou=ou)) + role_manager = Role.objects.get(ou=ou, + slug='_a2-manager-of-roles-{ou.slug}'.format(ou=ou)) + service_manager = Role.objects.get(ou=ou, + slug='_a2-manager-of-services-{ou.slug}'.format(ou=ou)) + + assert user_manager in manager.parents() + assert role_manager in manager.parents() + assert service_manager in manager.parents() + assert manager.parents(include_self=False).count() == 3 + + # 5 global roles and 4 ou roles for both ous + assert Role.objects.count() == 5 + 4 + 4 -- 2.20.1