Skip to content
Snippets Groups Projects

TMSS-278: add endpoints to get friend of project and current user roles in project plus tests

Merged TMSS-278: add endpoints to get friend of project and current user roles in project plus tests
TMSS-278 into master
All threads resolved!
Merged Jörn Künsemöller requested to merge TMSS-278 into master
All threads resolved!
Compare
and
Show latest version
1 file
+ 20
10
Compare changes
  • Side-by-side
  • Inline
SAS/TMSS/backend/test/t_permissions_project_roles.py
+ 20
10
@@ -54,6 +54,10 @@ from django.test import TestCase
from django.contrib.auth import get_user_model
User = get_user_model()
from django.conf import settings
import json
class ProjectPermissionTestCase(TestCase):
# This tests that the project permissions are enforced in light of the project roles that are externally provided
# for the user through the user admin. This test does not rely on the project permissions as defined in the system,
@@ -235,29 +239,35 @@ class ProjectPermissionTestCase(TestCase):
self.assertEqual(r.status_code, 403)
self.assertNotIn('Access-Control-Allow-Methods', r.headers)
# todo: add tests for other models with project permissions
def test_project_get_friend_returns_correct_user(self):
"""
Note: This test relies on real data from Keycloak.
"""
r = GET_and_assert_equal_expected_code(self, self.project_keycloak_url + '/friend/', 200)
self.assertEqual(len(r), 2)
for friend in r:
with requests.Session() as session:
session.verify = False
session.auth = (AUTH.username, AUTH.password)
r = session.get(self.project_keycloak_url + '/friend/')
if 'Invalid user credentials' in str(r.content) or \
'Service Unavailable' in str(r.content):
self.skipTest('skipping test_project_get_friend_returns_correct_user because the test environment has'
'no valid admin credentials configured, or Keycloak is not working correctly.')
self.assertEqual(r.status_code, 200)
content = json.loads(r.content.decode('utf-8'))
self.assertEqual(len(content), 2)
for friend in content:
# Todo: find a way to mock the Keycloak response so we can assert more strictly.
self.assertTrue(friend.endswith('@astron.nl')) # redacted expected full email due to GDPR
def test_project_get_friend_returns_403_if_no_permission_for_project(self):
r = GET_and_assert_equal_expected_code(self, self.project_forbidden_url + '/my_roles/', 403, auth=self.auth)
r = GET_and_assert_equal_expected_code(self, self.project_forbidden_url + '/friend/', 403, auth=self.auth)
self.assertIn('permission', str(r))
def test_project_get_my_roles_returns_correct_roles(self):
# r = GET_and_assert_equal_expected_code(self, self.project_shared_support_url + '/my_roles/', 200, auth=self.auth)
# expected_reply = ['shared_support']
# self.assertEqual(expected_reply, r)
r = GET_and_assert_equal_expected_code(self, self.project_shared_support_url + '/my_roles/', 200, auth=self.auth)
expected_reply = ['shared_support']
self.assertEqual(expected_reply, r)
r = GET_and_assert_equal_expected_code(self, self.project_friend_url + '/my_roles/', 200, auth=self.auth)
expected_reply = ['friend_of_project']