Skip to content

Commit

Permalink
Fix nits and add extra test case
Browse files Browse the repository at this point in the history
  • Loading branch information
@upadhyeammit
upadhyeammit committed Sep 1, 2023
1 parent 6962d8a commit f88dd75
Show file tree
Hide file tree
Showing 8 changed files with 103 additions and 12 deletions.
3 changes: 2 additions & 1 deletion ros/lib/rbac_interface.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -162,7 +162,7 @@ def set_host_groups(rbac_response):
for role in role_list:
if 'permission' not in role:
continue
if role['permission'] not in ['inventory:hosts:read', 'inventory:hosts:*', 'inventory:*:read']:
if role['permission'] not in ['inventory:hosts:read', 'inventory:hosts:*', 'inventory:*:read', 'inventory:*:*']:
continue
# ignore the failure modes, try moving on to other roles that
# also match this permission
Expand Down Expand Up @@ -191,6 +191,7 @@ def set_host_groups(rbac_response):
if not isinstance(value, list):
continue
# Finally, we have the right key: add them to our list
# The host_groups may have duplicate group_ids
host_groups.extend(value)

# If we found any host groups at the end of that, store them
Expand Down
63 changes: 63 additions & 0 deletions tests/data_files/mock_rbac_returns_array_of_groups.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
{
"meta": {
"count": 3,
"limit": 1000,
"offset": 0
},
"links": {
"first": "/api/rbac/v1/access/?application=ros%2Cinventory&limit=1000&offset=0",
"next": null,
"previous": null,
"last": "/api/rbac/v1/access/?application=ros%2Cinventory&limit=1000&offset=0"
},
"data": [
{
"resourceDefinitions": [],
"permission": "ros:*:*"
},
{
"resourceDefinitions": [
{
"attributeFilter": {
"key": "group.id",
"value": [
"12345678-fe1b-4191-8408-cbadbd47f7a3",
"abcdefgh-d97e-4ed0-9095-ef07d73b4839",
"d4e2fc0f-617d-49d5-8d1b-acbb423f0fbe"
],
"operation": "in"
}
}
],
"permission": "inventory:hosts:read"
},
{
"resourceDefinitions": [
{
"attributeFilter": {
"key": "group.id",
"value": [
"d4e2fc0f-617d-49d5-8d1b-acbb423f0fbe"
],
"operation": "in"
}
}
],
"permission": "inventory:hosts:read"
},
{
"resourceDefinitions": [
{
"attributeFilter": {
"key": "group.id",
"value": [
"d4e2fc0f-617d-49d5-8d1b-acbb423f0fbe"
],
"operation": "in"
}
}
],
"permission": "inventory:groups:read"
}
]
}
4 changes: 2 additions & 2 deletions tests/data_files/mock_rbac_returns_emtpy_group.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,10 @@
"offset": 0
},
"links": {
"first": "/api/rbac/v1/access/?application=advisor%2Cinventory&limit=7&offset=0",
"first": "/api/rbac/v1/access/?application=ros%2Cinventory&limit=1000&offset=0",
"next": null,
"previous": null,
"last": "/api/rbac/v1/access/?application=advisor%2Cinventory&limit=7&offset=0"
"last": "/api/rbac/v1/access/?application=ros%2Cinventory&limit=1000&offset=0"
},
"data": [
{
Expand Down
6 changes: 3 additions & 3 deletions tests/data_files/mock_rbac_returns_groups_including_example_group.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,10 @@
"offset": 0
},
"links": {
"first": "/api/rbac/v1/access/?application=advisor%2Cinventory&limit=7&offset=0",
"first": "/api/rbac/v1/access/?application=ros%2Cinventory&limit=1000&offset=0",
"next": null,
"previous": null,
"last": "/api/rbac/v1/access/?application=advisor%2Cinventory&limit=7&offset=0"
"last": "/api/rbac/v1/access/?application=ros%2Cinventory&limit=1000&offset=0"
},
"data": [
{
Expand All @@ -20,9 +20,9 @@
{
"attributeFilter": {
"key": "group.id",
"_comment": "The example-group id",
"value": [
"12345678-fe1b-4191-8408-cbadbd47f7a3",
"99999999-d97e-4ed0-9095-ef07d73b4839",
null
],
"operation": "in"
Expand Down
7 changes: 5 additions & 2 deletions tests/data_files/mock_rbac_returns_multiple_read_permissions.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,11 @@
"offset": 0
},
"links": {
"first": "/api/rbac/v1/access/?application=inventory&limit=1000&offset=0",

"first": "/api/rbac/v1/access/?application=ros%2Cinventory&limit=1000&offset=0",
"next": null,
"previous": null,
"last": "/api/rbac/v1/access/?application=inventory&limit=1000&offset=0"
"last": "/api/rbac/v1/access/?application=ros%2Cinventory&limit=1000&offset=0"
},
"data": [
{
Expand Down Expand Up @@ -48,6 +49,7 @@
{
"attributeFilter": {
"key": "group.id",
"_comment": "The test-group id",
"value": [
"abcdefgh-d97e-4ed0-9095-ef07d73b4839"
],
Expand All @@ -62,6 +64,7 @@
{
"attributeFilter": {
"key": "group.id",
"_comment": "The foo-group id",
"value": [
"d4e2fc0f-617d-49d5-8d1b-acbb423f0fbe"
],
Expand Down
6 changes: 4 additions & 2 deletions tests/data_files/mock_rbac_returns_multiple_types_of_read_permissions.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,10 @@
"offset": 0
},
"links": {
"first": "/api/rbac/v1/access/?application=inventory&limit=1000&offset=0",
"first": "/api/rbac/v1/access/?application=ros%2Cinventory&limit=1000&offset=0",
"next": null,
"previous": null,
"last": "/api/rbac/v1/access/?application=inventory&limit=1000&offset=0"
"last": "/api/rbac/v1/access/?application=ros%2Cinventory&limit=1000&offset=0"
},
"data": [
{
Expand Down Expand Up @@ -48,6 +48,7 @@
{
"attributeFilter": {
"key": "group.id",
"_comment": "The example-group id",
"value": [
"12345678-fe1b-4191-8408-cbadbd47f7a3"
],
Expand Down Expand Up @@ -76,6 +77,7 @@
{
"attributeFilter": {
"key": "group.id",
"_comment": "The foo-group id",
"value": [
"d4e2fc0f-617d-49d5-8d1b-acbb423f0fbe"
],
Expand Down
4 changes: 2 additions & 2 deletions tests/data_files/mock_rbac_returns_no_groups.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,10 @@
"offset": 0
},
"links": {
"first": "/api/rbac/v1/access/?application=advisor%2Cinventory&limit=7&offset=0",
"first": "/api/rbac/v1/access/?application=ros%2Cinventory&limit=1000&offset=0",
"next": null,
"previous": null,
"last": "/api/rbac/v1/access/?application=advisor%2Cinventory&limit=7&offset=0"
"last": "/api/rbac/v1/access/?application=ros%2Cinventory&limit=1000&offset=0"
},
"data": [
{
Expand Down
22 changes: 22 additions & 0 deletions tests/test_api_endpoints.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -508,6 +508,7 @@ def test_systems_mock_rbac_returns_multiple_inventory_hosts_read(
mocker):
with app.test_client() as client:
mock_enable_rbac(mocker)
# This mocks example and foo groups
mock_rbac(get_rbac_mock_file("mock_rbac_returns_multiple_read_permissions.json"), mocker)
response = client.get('/api/ros/v1/systems', headers={"x-rh-identity": auth_token})
assert response.status_code == 200
Expand All @@ -527,7 +528,28 @@ def test_systems_mock_rbac_returns_multiple_types_of_read_permissions(
mocker):
with app.test_client() as client:
mock_enable_rbac(mocker)
# This mocks example, test and foo groups
mock_rbac(get_rbac_mock_file("mock_rbac_returns_multiple_types_of_read_permissions.json"), mocker)
response = client.get('/api/ros/v1/systems', headers={"x-rh-identity": auth_token})
assert response.status_code == 200
assert response.json["meta"]["count"] == 4


def test_systems_mock_rbac_returns_array_of_groups(
auth_token,
db_setup,
db_create_account,
db_create_system,
system_with_example_group,
system_with_test_group,
system_with_foo_group,
db_create_performance_profile,
create_performance_profiles,
mocker):
with app.test_client() as client:
mock_enable_rbac(mocker)
# This mocks example, test and foo groups returned in single array
mock_rbac(get_rbac_mock_file("mock_rbac_returns_array_of_groups.json"), mocker)
response = client.get('/api/ros/v1/systems', headers={"x-rh-identity": auth_token})
assert response.status_code == 200
assert response.json["meta"]["count"] == 4

0 comments on commit f88dd75

Please sign in to comment.