import pytest import random from typing import List from backend.models.permission.constants import DefaultRoleEnum, DefaultPermissionEnum from tests.base.authentication_web import AuthenticationWeb class TestAssignPermissionsToRole: @pytest.mark.asyncio async def test_assign_permissions_success(self, authentication_web: AuthenticationWeb): """Test assigning permissions to a role successfully.""" # Create a role suffix = str(random.randint(10000, 99999)) role_resp = await authentication_web.create_role({ "role_key": f"assignperm_role_{suffix}", "role_name": f"AssignPerm Role {suffix}", "role_description": "desc", "role_level": 1 }) role_id = role_resp.json()["id"] # Create two permissions perm1 = await authentication_web.create_permission({ "permission_key": f"assignperm_key1_{suffix}", "permission_name": f"AssignPerm Permission1 {suffix}", "description": "desc" }) perm2 = await authentication_web.create_permission({ "permission_key": f"assignperm_key2_{suffix}", "permission_name": f"AssignPerm Permission2 {suffix}", "description": "desc" }) perm_ids = [perm1.json()["id"], perm2.json()["id"]] # Assign permissions resp = await authentication_web.assign_permissions_to_role({ "role_id": role_id, "permission_ids": perm_ids }) assert resp.status_code == 200 json = resp.json() assert set(json["permission_ids"]) == set(perm_ids) @pytest.mark.asyncio async def test_assign_permissions_fail_role_not_found(self, authentication_web: AuthenticationWeb): """Test assigning permissions fails when role_id does not exist.""" # Create a permission suffix = str(random.randint(10000, 99999)) perm = await authentication_web.create_permission({ "permission_key": f"assignperm_key_nf_{suffix}", "permission_name": f"AssignPerm PermissionNF {suffix}", "description": "desc" }) perm_id = perm.json()["id"] resp = await authentication_web.assign_permissions_to_role({ "role_id": "000000000000000000000000", "permission_ids": [perm_id] }) assert resp.status_code == 422 or resp.status_code == 400 @pytest.mark.asyncio async def test_assign_permissions_fail_permission_not_found(self, authentication_web: AuthenticationWeb): """Test assigning permissions fails when a permission_id does not exist.""" # Create a role suffix = str(random.randint(10000, 99999)) role_resp = await authentication_web.create_role({ "role_key": f"assignperm_role_nf_{suffix}", "role_name": f"AssignPerm RoleNF {suffix}", "role_description": "desc", "role_level": 1 }) role_id = role_resp.json()["id"] resp = await authentication_web.assign_permissions_to_role({ "role_id": role_id, "permission_ids": ["000000000000000000000000"] }) assert resp.status_code == 422 or resp.status_code == 400 @pytest.mark.asyncio async def test_assign_permissions_fail_empty_permission_ids(self, authentication_web: AuthenticationWeb): """Test assigning permissions fails when permission_ids is empty.""" # Create a role suffix = str(random.randint(10000, 99999)) role_resp = await authentication_web.create_role({ "role_key": f"assignperm_role_empty_{suffix}", "role_name": f"AssignPerm RoleEmpty {suffix}", "role_description": "desc", "role_level": 1 }) role_id = role_resp.json()["id"] resp = await authentication_web.assign_permissions_to_role({ "role_id": role_id, "permission_ids": [] }) assert resp.status_code == 422 or resp.status_code == 400 @pytest.mark.asyncio async def test_assign_permissions_fail_empty_role_id(self, authentication_web: AuthenticationWeb): """Test assigning permissions fails when role_id is empty.""" # Create a permission suffix = str(random.randint(10000, 99999)) perm = await authentication_web.create_permission({ "permission_key": f"assignperm_key_emptyrole_{suffix}", "permission_name": f"AssignPerm PermissionEmptyRole {suffix}", "description": "desc" }) perm_id = perm.json()["id"] resp = await authentication_web.assign_permissions_to_role({ "role_id": "", "permission_ids": [perm_id] }) assert resp.status_code == 422 or resp.status_code == 400 or resp.status_code == 500 @pytest.mark.asyncio async def test_assign_permissions_remove_duplicates(self, authentication_web: AuthenticationWeb): """Test assigning permissions with duplicate permission_ids removes duplicates.""" # Create a role suffix = str(random.randint(10000, 99999)) role_resp = await authentication_web.create_role({ "role_key": f"assignperm_role_dup_{suffix}", "role_name": f"AssignPerm RoleDup {suffix}", "role_description": "desc", "role_level": 1 }) role_id = role_resp.json()["id"] # Create a permission perm = await authentication_web.create_permission({ "permission_key": f"assignperm_key_dup_{suffix}", "permission_name": f"AssignPerm PermissionDup {suffix}", "description": "desc" }) perm_id = perm.json()["id"] # Assign duplicate permission_ids resp = await authentication_web.assign_permissions_to_role({ "role_id": role_id, "permission_ids": [perm_id, perm_id, perm_id] }) assert resp.status_code == 200 json = resp.json() assert json["permission_ids"] == [perm_id] @pytest.mark.asyncio async def test_assign_permissions_to_default_role(self, authentication_web: AuthenticationWeb): """Test assigning permissions to a default role (should succeed if not restricted).""" # Query default admin role resp = await authentication_web.query_roles({"role_key": DefaultRoleEnum.ADMIN.value.role_key}) json = resp.json() default_role_id = json["items"][0]["id"] # Create a permission suffix = str(random.randint(10000, 99999)) perm = await authentication_web.create_permission({ "permission_key": f"assignperm_key_default_{suffix}", "permission_name": f"AssignPerm PermissionDefault {suffix}", "description": "desc" }) perm_id = perm.json()["id"] # Try to assign permission to default role resp = await authentication_web.assign_permissions_to_role({ "role_id": default_role_id, "permission_ids": [perm_id, *json["items"][0]["permission_ids"]] }) assert resp.status_code in [200] if __name__ == '__main__': pytest.main([__file__])