icecheng/freeleaps-service-hub
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6b9bdfb205
freeleaps-service-hub/apps/authentication/tests/api_tests/role/test_update_role.py

234 lines
9.6 KiB
Python
Raw Blame History

import pytest
import random
from backend.models.permission.constants import DefaultRoleEnum
from tests.base.authentication_web import AuthenticationWeb
class TestUpdateRole:
@pytest.mark.asyncio
async def test_update_role_success(self, authentication_web: AuthenticationWeb):
"""Test updating a role successfully with valid and unique fields."""
suffix = str(random.randint(10000, 99999))
# create firstly
role_data = {
"role_key": f"update_role_key_{suffix}",
"role_name": f"Update Role {suffix}",
"role_description": "desc",
"role_level": 1
}
create_resp = await authentication_web.create_role(role_data)
role_id = create_resp.json()["id"]
# update
update_data = {
"role_id": role_id,
"role_key": f"update_role_key_{suffix}_new",
"role_name": f"Update Role {suffix} New",
"role_description": "desc new",
"role_level": 2
}
resp = await authentication_web.update_role(role_data=update_data)
assert resp.status_code == 200
json = resp.json()
assert json["role_key"] == update_data["role_key"]
assert json["role_name"] == update_data["role_name"]
assert json["role_description"] == update_data["role_description"]
assert json["role_level"] == update_data["role_level"]
@pytest.mark.asyncio
async def test_update_role_fail_not_found(self, authentication_web: AuthenticationWeb):
"""Test updating a role fails when role_id does not exist."""
suffix = str(random.randint(10000, 99999))
update_data = {
"role_id": "000000000000000000000000", # 不存在的ObjectId
"role_key": f"notfound_key_{suffix}",
"role_name": f"NotFound Role {suffix}",
"role_description": "desc",
"role_level": 1
}
resp = await authentication_web.update_role(role_data=update_data)
assert resp.status_code == 422 or resp.status_code == 400
@pytest.mark.asyncio
async def test_update_role_fail_duplicate_key(self, authentication_web: AuthenticationWeb):
"""Test updating a role fails when role_key is duplicated."""
suffix = str(random.randint(10000, 99999))
# create two roles
role1 = await authentication_web.create_role({
"role_key": f"dupkey1_{suffix}",
"role_name": f"dupkey1_{suffix}",
"role_description": "desc",
"role_level": 1
})
role2 = await authentication_web.create_role({
"role_key": f"dupkey2_{suffix}",
"role_name": f"dupkey2_{suffix}",
"role_description": "desc",
"role_level": 1
})
role2_id = role2.json()["id"]
# modify role_key
update_data = {
"role_id": role2_id,
"role_key": f"dupkey1_{suffix}",
"role_name": f"dupkey2_{suffix}_new",
"role_description": "desc",
"role_level": 2
}
resp = await authentication_web.update_role(role_data=update_data)
assert resp.status_code == 422 or resp.status_code == 400
@pytest.mark.asyncio
async def test_update_role_fail_duplicate_name(self, authentication_web: AuthenticationWeb):
"""Test updating a role fails when role_name is duplicated."""
suffix = str(random.randint(10000, 99999))
# create two roles
role1 = await authentication_web.create_role({
"role_key": f"dupname1_{suffix}",
"role_name": f"dupname1_{suffix}",
"role_description": "desc",
"role_level": 1
})
role2 = await authentication_web.create_role({
"role_key": f"dupname2_{suffix}",
"role_name": f"dupname2_{suffix}",
"role_description": "desc",
"role_level": 1
})
role2_id = role2.json()["id"]
# modify role name
update_data = {
"role_id": role2_id,
"role_key": f"dupname2_{suffix}_new",
"role_name": f"dupname1_{suffix}",
"role_description": "desc",
"role_level": 2
}
resp = await authentication_web.update_role(role_data=update_data)
assert resp.status_code == 422 or resp.status_code == 400
@pytest.mark.asyncio
async def test_update_role_fail_empty_key(self, authentication_web: AuthenticationWeb):
"""Test updating a role fails when role_key is empty."""
suffix = str(random.randint(10000, 99999))
role = await authentication_web.create_role({
"role_key": f"emptykey_{suffix}",
"role_name": f"emptykey_{suffix}",
"role_description": "desc",
"role_level": 1
})
role_id = role.json()["id"]
update_data = {
"role_id": role_id,
"role_key": "",
"role_name": f"emptykey_{suffix}_new",
"role_description": "desc",
"role_level": 2
}
resp = await authentication_web.update_role(role_data=update_data)
assert resp.status_code == 422 or resp.status_code == 400
@pytest.mark.asyncio
async def test_update_role_fail_empty_name(self, authentication_web: AuthenticationWeb):
"""Test updating a role fails when role_name is empty."""
suffix = str(random.randint(10000, 99999))
role = await authentication_web.create_role({
"role_key": f"emptyname_{suffix}",
"role_name": f"emptyname_{suffix}",
"role_description": "desc",
"role_level": 1
})
role_id = role.json()["id"]
update_data = {
"role_id": role_id,
"role_key": f"emptyname_{suffix}_new",
"role_name": "",
"role_description": "desc",
"role_level": 2
}
resp = await authentication_web.update_role(role_data=update_data)
assert resp.status_code == 422 or resp.status_code == 400
@pytest.mark.asyncio
async def test_update_default_role_fail(self, authentication_web: AuthenticationWeb):
"""Test updating a default role fails. Default role cannot be updated."""
suffix = str(random.randint(10000, 99999))
# Query a default role
resp = await authentication_web.query_roles(
params={"page": 1, "page_size": 2, "role_key": DefaultRoleEnum.ADMIN.value.role_key})
json = resp.json()
default_role = json["items"][0]
resp = await authentication_web.update_role(role_data={
"role_id": default_role["id"],
"role_key": f"{default_role['role_key']}_{suffix}_update",
"role_name": f"{default_role['role_name']}_{suffix}_update",
"role_description": "desc",
"role_level": 2
})
assert resp.status_code == 422 or resp.status_code == 400
@pytest.mark.asyncio
async def test_update_role_fail_by_non_admin(self, authentication_web: AuthenticationWeb, authentication_web_of_temp_user1: AuthenticationWeb):
"""Test updating a role fails by non-admin user (no permission)."""
# Create a role as admin
suffix = str(random.randint(10000, 99999))
role = await authentication_web.create_role({
"role_key": f"updaterole_nonadmin_{suffix}",
"role_name": f"updaterole_nonadmin_{suffix}",
"role_description": "desc",
"role_level": 1
})
role_id = role.json()["id"]
update_data = {
"role_id": role_id,
"role_key": f"updaterole_nonadmin_{suffix}_new",
"role_name": f"updaterole_nonadmin_{suffix}_new",
"role_description": "desc new",
"role_level": 2
}
resp = await authentication_web_of_temp_user1.update_role(role_data=update_data)
assert resp.status_code == 403 or resp.status_code == 401
@pytest.mark.asyncio
async def test_update_role_success_after_grant_admin(self, authentication_web: AuthenticationWeb):
"""Test updating a role succeeds after granting admin role to a temporary user and re-login."""
# Create a temp user
user = authentication_web.create_temporary_user()
temp_authentication_web = AuthenticationWeb(user_email=user["email"], password=user["password"])
temp_authentication_web.user_id = user["user_id"]
temp_authentication_web.login()
# Create a role as admin
suffix = str(random.randint(10000, 99999))
role = await authentication_web.create_role({
"role_key": f"updaterole_tempadmin_{suffix}",
"role_name": f"updaterole_tempadmin_{suffix}",
"role_description": "desc",
"role_level": 1
})
role_id = role.json()["id"]
# Grant admin role to temp user
resp = await authentication_web.query_roles({"role_key": "admin"})
admin_role_id = resp.json()["items"][0]["id"]
await authentication_web.assign_roles_to_user({
"user_id": temp_authentication_web.user_id,
"role_ids": [admin_role_id]
})
# Re-login as temp user
temp_authentication_web.login()
# Try to update as temp user
update_data = {
"role_id": role_id,
"role_key": f"updaterole_tempadmin_{suffix}_new",
"role_name": f"updaterole_tempadmin_{suffix}_new",
"role_description": "desc new",
"role_level": 2
}
resp = await temp_authentication_web.update_role(role_data=update_data)
assert resp.status_code == 200
if __name__ == '__main__':
pytest.main([__file__])
Reference in New Issue View Git Blame Copy Permalink