diff --git a/src/layman/authz/authz_test.py b/src/layman/authz/authz_test.py index 9a1096a88..6ee3acc0c 100644 --- a/src/layman/authz/authz_test.py +++ b/src/layman/authz/authz_test.py @@ -99,101 +99,81 @@ def test_authorize_decorator(liferay_mock): process.stop_process(layman_process) -def test_public_workspace_variable(liferay_mock): - def case_test_public_workspace_variable(create_public_workspace, - publish_in_public_workspace, - workspace_name, - layername, - authz_headers, - user_can_create, - anonymous_can_publish, - anonymous_can_create, - ): - def can_not_publish(workspace_name, - layername, - authz_headers=None, - ): - r = process_client.publish_layer(workspace_name, - layername, - headers=authz_headers, - assert_status=False) - assert r.status_code == 403 - details = json.loads(r.text) - assert details['code'] == 30 - assert details['message'] == "Unauthorized access" - - workspace_name2 = workspace_name + '2' - layername2 = layername + '2' - env_vars['GRANT_CREATE_PUBLIC_WORKSPACE'] = create_public_workspace - env_vars['GRANT_PUBLISH_IN_PUBLIC_WORKSPACE'] = publish_in_public_workspace - layman_process = process.start_layman(env_vars) - - if user_can_create: - process_client.publish_layer(workspace_name, layername, headers=authz_headers) - if anonymous_can_publish: - process_client.publish_layer(workspace_name, layername2) - process_client.delete_layer(workspace_name, layername2) - process_client.delete_layer(workspace_name, layername, headers=authz_headers) - else: - can_not_publish(workspace_name, layername, authz_headers) - - if anonymous_can_create: - process_client.publish_layer(workspace_name2, layername) - process_client.delete_layer(workspace_name2, layername) - else: - can_not_publish(workspace_name2, layername) - - process.stop_process(layman_process) - - layername = 'test_public_workspace_variable_layer' - username = 'test_public_workspace_variable_user' - workspace_name = 'test_public_workspace_variable_workspace' +publication_name = 'test_public_workspace_variable_publication' +username = 'test_public_workspace_variable_user' +workspace_name = 'test_public_workspace_variable_workspace' +user_authz_headers = process_client.get_authz_headers(username) - user_authz_headers = process_client.get_authz_headers(username) + +@pytest.fixture(scope="module") +def setup_test_public_workspace_variable(): env_vars = dict(process.AUTHN_SETTINGS) layman_process = process.start_layman(env_vars) process_client.reserve_username(username, headers=user_authz_headers) process.stop_process(layman_process) + yield + + +@pytest.mark.usefixtures('liferay_mock', 'setup_test_public_workspace_variable') +@pytest.mark.parametrize("create_public_workspace, publish_in_public_workspace, workspace_prefix, publication_name, authz_headers," + "user_can_create, anonymous_can_publish, anonymous_can_create,", + [('EVERYONE', 'EVERYONE', workspace_name + 'ee', publication_name, user_authz_headers, True, True, True, ), + (username, username, workspace_name + 'uu', publication_name, user_authz_headers, True, False, False, ), + ('', '', workspace_name + 'nn', publication_name, user_authz_headers, False, False, False, ), + (username, 'EVERYONE', workspace_name + 'ue', publication_name, user_authz_headers, True, True, False, ), + ]) +@pytest.mark.parametrize("publish_method, delete_method, workspace_suffix", + [(process_client.publish_layer, process_client.delete_layer, '_layer', ), + (process_client.publish_map, process_client.delete_map, '_map', ), + ]) +def test_public_workspace_variable(create_public_workspace, + publish_in_public_workspace, + workspace_prefix, + publication_name, + authz_headers, + user_can_create, + anonymous_can_publish, + anonymous_can_create, + publish_method, + delete_method, + workspace_suffix, + ): + def can_not_publish(workspace_name, + publication_name, + publish_method, + authz_headers=None, + ): + r = publish_method(workspace_name, + publication_name, + headers=authz_headers, + assert_status=False) + assert r.status_code == 403 + details = json.loads(r.text) + assert details['code'] == 30 + assert details['message'] == "Unauthorized access" + + workspace_name = workspace_prefix + workspace_suffix + workspace_name2 = workspace_name + '2' + layername2 = publication_name + '2' + env_vars = dict(process.AUTHN_SETTINGS) + env_vars['GRANT_CREATE_PUBLIC_WORKSPACE'] = create_public_workspace + env_vars['GRANT_PUBLISH_IN_PUBLIC_WORKSPACE'] = publish_in_public_workspace + layman_process = process.start_layman(env_vars) + + if user_can_create: + publish_method(workspace_name, publication_name, headers=authz_headers) + if anonymous_can_publish: + publish_method(workspace_name, layername2) + delete_method(workspace_name, layername2) + delete_method(workspace_name, publication_name, headers=authz_headers) + else: + can_not_publish(workspace_name, publication_name, publish_method, authz_headers) + + if anonymous_can_create: + publish_method(workspace_name2, publication_name) + delete_method(workspace_name2, publication_name) + else: + can_not_publish(workspace_name2, publication_name, publish_method) - ############################################ - # I have to have different workspace name each time, as I tested also creation of new workspace - case_test_public_workspace_variable('EVERYONE', - 'EVERYONE', - workspace_name + 'ee', - layername, - user_authz_headers, - True, - True, - True, - ) - - case_test_public_workspace_variable(username, - username, - workspace_name + 'uu', - layername, - user_authz_headers, - True, - False, - False, - ) - - case_test_public_workspace_variable('', - '', - workspace_name + 'xx', - layername, - user_authz_headers, - False, - False, - False, - ) - - case_test_public_workspace_variable(username, - 'EVERYONE', - workspace_name + 'ue', - layername, - user_authz_headers, - True, - True, - False, - ) + process.stop_process(layman_process) diff --git a/test/process_client.py b/test/process_client.py index 25cd2e2fe..062a71308 100644 --- a/test/process_client.py +++ b/test/process_client.py @@ -174,6 +174,7 @@ def publish_map(username, file_paths=None, headers=None, access_rights=None, + assert_status=True, ): headers = headers or {} file_paths = file_paths or ['sample/layman.map/full.json', ] @@ -195,14 +196,18 @@ def publish_map(username, files=files, data=data, headers=headers) - assert r.status_code == 200, r.text + if assert_status: + assert r.status_code == 200, r.text finally: for fp in files: fp[1][1].close() with app.app_context(): url = url_for('rest_map.get', username=username, mapname=mapname) - wait_for_rest(url, 30, 0.5, map_keys_to_check, headers=headers) + if assert_status: + wait_for_rest(url, 30, 0.5, map_keys_to_check, headers=headers) + else: + return r return mapname