85 lines
4.1 KiB
Python
85 lines
4.1 KiB
Python
import pytest
|
|
import random
|
|
|
|
from backend.models.permission.constants import DefaultPermissionEnum
|
|
from tests.base.authentication_web import AuthenticationWeb
|
|
|
|
|
|
class TestDeletePermission:
|
|
@pytest.mark.asyncio
|
|
async def test_delete_permission_success(self, authentication_web: AuthenticationWeb):
|
|
"""Test deleting a permission successfully."""
|
|
suffix = str(random.randint(10000, 99999))
|
|
perm = await authentication_web.create_permission({
|
|
"permission_key": f"delperm_{suffix}",
|
|
"permission_name": f"delperm_{suffix}",
|
|
"description": "desc"
|
|
})
|
|
perm_id = perm.json()["id"]
|
|
resp = await authentication_web.delete_permission({"permission_id": perm_id})
|
|
assert resp.status_code == 200
|
|
assert resp.json()["success"] is True
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_delete_permission_fail_not_found(self, authentication_web: AuthenticationWeb):
|
|
"""Test deleting a permission fails when permission_id does not exist."""
|
|
resp = await authentication_web.delete_permission({"permission_id": "000000000000000000000000"})
|
|
assert resp.status_code == 422 or resp.status_code == 400
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_delete_default_permission_fail(self, authentication_web: AuthenticationWeb):
|
|
"""Test deleting a default permission fails. Default permission cannot be deleted."""
|
|
# Query a default role
|
|
resp = await authentication_web.query_permissions(
|
|
params={"page": 1, "page_size": 2, "permission_key": DefaultPermissionEnum.CHANGE_PERMISSIONS.value.permission_key})
|
|
json = resp.json()
|
|
default_permission_id = json["items"][0]["id"]
|
|
resp = await authentication_web.delete_permission(perm_data={"permission_id": default_permission_id})
|
|
assert resp.status_code == 422 or resp.status_code == 400
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_delete_permission_fail_by_non_admin(self, authentication_web: AuthenticationWeb, authentication_web_of_temp_user1: AuthenticationWeb):
|
|
"""Test deleting a permission fails by non-admin user (no permission)."""
|
|
# Create a permission as admin
|
|
suffix = str(random.randint(10000, 99999))
|
|
perm = await authentication_web.create_permission({
|
|
"permission_key": f"delperm_nonadmin_{suffix}",
|
|
"permission_name": f"delperm_nonadmin_{suffix}",
|
|
"description": "desc"
|
|
})
|
|
perm_id = perm.json()["id"]
|
|
# Try to delete as temp user
|
|
resp = await authentication_web_of_temp_user1.delete_permission({"permission_id": perm_id})
|
|
assert resp.status_code == 403 or resp.status_code == 401
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_delete_permission_success_after_grant_admin(self, authentication_web: AuthenticationWeb):
|
|
"""Test deleting a permission succeeds after granting admin role to a new temporary user and re-login."""
|
|
# Create a new temp user
|
|
user = authentication_web.create_temporary_user()
|
|
temp_authentication_web = AuthenticationWeb(user_email=user["email"], password=user["password"])
|
|
temp_authentication_web.user_id = user["user_id"]
|
|
temp_authentication_web.login()
|
|
# Create a permission as admin
|
|
suffix = str(random.randint(10000, 99999))
|
|
perm = await authentication_web.create_permission({
|
|
"permission_key": f"delperm_tempadmin_{suffix}",
|
|
"permission_name": f"delperm_tempadmin_{suffix}",
|
|
"description": "desc"
|
|
})
|
|
perm_id = perm.json()["id"]
|
|
# Grant admin role to temp user
|
|
resp = await authentication_web.query_roles({"role_key": "admin"})
|
|
admin_role_id = resp.json()["items"][0]["id"]
|
|
await authentication_web.assign_roles_to_user({
|
|
"user_id": temp_authentication_web.user_id,
|
|
"role_ids": [admin_role_id]
|
|
})
|
|
# Re-login as temp user
|
|
temp_authentication_web.login()
|
|
# Try to delete as temp user
|
|
resp = await temp_authentication_web.delete_permission({"permission_id": perm_id})
|
|
assert resp.status_code == 200
|
|
|
|
if __name__ == '__main__':
|
|
pytest.main([__file__]) |