entrouvert
/
authentic
16
0
Fork 0
Code Issues Pull Requests 35 Releases Activity

tests: update test_check_and_repair_managers_of_roles (#48372)

This commit is contained in:
Benjamin Dauvergne 2020-12-04 17:45:01 +01:00
parent 95b4528228
commit ea62c3f8ca
1 changed files with 21 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
tests/test_commands.py
View File

@ -25,7 +25,7 @@ from django.utils import six
from django.utils.timezone import now
import py
from authentic2.a2_rbac.models import MANAGE_MEMBERS_OP
from authentic2.a2_rbac.models import MANAGE_MEMBERS_OP, VIEW_OP
from authentic2.a2_rbac.utils import get_default_ou
from authentic2.models import UserExternalId
from authentic2_auth_oidc.models import OIDCProvider, OIDCAccount
@ -314,12 +314,27 @@ def test_check_and_repair_managers_of_roles(db, capsys):
captured = capsys.readouterr()
assert '"Managers of Role 1": no admin scope' in captured.out
assert 'Managers of Role 1" wrong ou, should be "Default organizational unit"' in captured.out
assert 'invalid permission "Management / role / Role 1 (scope "Default organizational unit")": not manage_members operation' in captured.out
assert 'invalid permission "Management / role / Role 1 (scope "Default organizational unit")": not admin_scope' in captured.out
assert 'invalid permission "Management / role / Role 1 (scope "Default organizational unit")": wrong ou' in captured.out
assert 'invalid permission "Management / role / Role 1": not manage_members operation' in captured.out
assert (
'invalid permission "Management / role / Role 1": '
'not admin_scope and not self manage permission'
) in captured.out
assert (
'invalid admin role "Managers of Role 1" '
'wrong ou, should be "Default organizational unit" is "None"'
) in captured.out
perm1.refresh_from_db()
assert perm1.ou is None
manager_role1 = role1.get_admin_role()
assert manager_role1.ou == get_default_ou()
assert manager_role1.permissions.count() == 3
assert manager_role1.permissions.get(operation=get_operation(MANAGE_MEMBERS_OP), target_id=manager_role1.id)
assert manager_role1.permissions.get(operation=get_operation(MANAGE_MEMBERS_OP), target_id=role1.id)
assert manager_role1.permissions.get(operation=get_operation(VIEW_OP),
target_ct=ContentType.objects.get_for_model(ContentType),
target_id=ContentType.objects.get_for_model(User).pk)
perm1 = Permission.objects.get(operation=admin_op, target_id=role1.id)
assert perm1.ou == default_ou
manage_members_op = get_operation(MANAGE_MEMBERS_OP)
perm1.op = manage_members_op
perm1.save()