Convert RepositoryUserTransitivePermission security tests to pytest

2017-08-01 11:34:31 -04:00 · 2017-08-01 11:34:31 -04:00 · 66dc093639
commit 66dc093639
parent 6528c1f3bc
2 changed files with 16 additions and 66 deletions
--- a/endpoints/api/test/test_security.py
+++ b/endpoints/api/test/test_security.py
@ -5,6 +5,7 @@ from flask_principal import AnonymousIdentity

 from endpoints.api import api
 from endpoints.api.repositorynotification import RepositoryNotification
+from endpoints.api.permission import RepositoryUserTransitivePermission
 from endpoints.api.team import OrganizationTeamSyncing
 from endpoints.api.test.shared import conduct_api_call
 from endpoints.api.repository import RepositoryTrust
@ -67,6 +68,21 @@ NOTIFICATION_PARAMS = {'namespace': 'devtable', 'repository': 'devtable/simple',
  (RepositoryTrust, 'POST', REPO_PARAMS, {'trust_enabled': True}, 'freshuser', 403),
  (RepositoryTrust, 'POST', REPO_PARAMS, {'trust_enabled': True}, 'reader', 403),
  (RepositoryTrust, 'POST', REPO_PARAMS, {'trust_enabled': True}, 'devtable', 404),
+  
+  (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'public/publicrepo'}, None, None, 401),
+  (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'public/publicrepo'}, None, 'freshuser', 403),
+  (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'public/publicrepo'}, None, 'reader', 403),
+  (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'public/publicrepo'}, None, 'devtable', 403),
+  (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'devtable/shared'}, None, None, 401),
+  (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'devtable/shared'}, None, 'freshuser', 403),
+  (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'devtable/shared'}, None, 'reader', 403),
+  (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'devtable/shared'}, None, 'devtable', 404),
+  (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'buynlarge/orgrepo'}, None, None, 401),
+  (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'buynlarge/orgrepo'}, None, 'freshuser', 403),
+  (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'buynlarge/orgrepo'}, None, 'reader', 403),
+  (RepositoryUserTransitivePermission, 'GET', {'username': 'A2O9','repository': 'buynlarge/orgrepo'}, None, 'devtable', 404),
+  (RepositoryUserTransitivePermission, 'GET', {'username': 'devtable','repository': 'devtable/shared'}, None, 'devtable', 200),
+  (RepositoryUserTransitivePermission, 'GET', {'username': 'devtable','repository': 'devtable/nope'}, None, 'devtable', 404),
 ])
 def test_api_security(resource, method, params, body, identity, expected, client):
  with client_with_identity(identity, client) as cl:
--- a/test/test_api_security.py
+++ b/test/test_api_security.py
@ -756,72 +756,6 @@ class TestTeamMemberListBuynlargeOwners(ApiTestCase):
    self._run_test('GET', 200, 'devtable', None)


-class TestRepositoryUserTransitivePermissionA2o9PublicPublicrepo(ApiTestCase):
-  def setUp(self):
-    ApiTestCase.setUp(self)
-    self._set_url(RepositoryUserTransitivePermission, username="A2O9", repository="public/publicrepo")
-
-  def test_get_anonymous(self):
-    self._run_test('GET', 401, None, None)
-
-  def test_get_freshuser(self):
-    self._run_test('GET', 403, 'freshuser', None)
-
-  def test_get_reader(self):
-    self._run_test('GET', 403, 'reader', None)
-
-  def test_get_devtable(self):
-    self._run_test('GET', 403, 'devtable', None)
-
-class TestRepositoryUserTransitivePermissionA2o9DevtableShared(ApiTestCase):
-  def setUp(self):
-    ApiTestCase.setUp(self)
-    self._set_url(RepositoryUserTransitivePermission, username="A2O9", repository="devtable/shared")
-
-  def test_get_anonymous(self):
-    self._run_test('GET', 401, None, None)
-
-  def test_get_freshuser(self):
-    self._run_test('GET', 403, 'freshuser', None)
-
-  def test_get_reader(self):
-    self._run_test('GET', 403, 'reader', None)
-
-  def test_get_devtable(self):
-    self._run_test('GET', 404, 'devtable', None)
-    
-    
-class TestRepositoryUserTransitivePermissionA2o9DevtableShared(ApiTestCase):
-  def setUp(self):
-    ApiTestCase.setUp(self)
-    self._set_url(RepositoryUserTransitivePermission, username="devtable", repository="devtable/shared")
-
-  def test_get_allowed(self):
-    self._run_test('GET', 200, 'devtable', None)
-
-  def test_get_allowed_no_repo(self):
-    self._set_url(RepositoryUserTransitivePermission, username="devtable", repository="devtable/nope")
-    self._run_test('GET', 404, 'devtable', None)
-    
-
-class TestRepositoryUserTransitivePermissionA2o9BuynlargeOrgrepo(ApiTestCase):
-  def setUp(self):
-    ApiTestCase.setUp(self)
-    self._set_url(RepositoryUserTransitivePermission, username="A2O9", repository="buynlarge/orgrepo")
-
-  def test_get_anonymous(self):
-    self._run_test('GET', 401, None, None)
-
-  def test_get_freshuser(self):
-    self._run_test('GET', 403, 'freshuser', None)
-
-  def test_get_reader(self):
-    self._run_test('GET', 403, 'reader', None)
-
-  def test_get_devtable(self):
-    self._run_test('GET', 404, 'devtable', None)
-
-
 class TestRepositoryUserPermissionA2o9PublicPublicrepo(ApiTestCase):
  def setUp(self):
    ApiTestCase.setUp(self)