diff options
| author | Fabian Mastenbroek <mail.fabianm@gmail.com> | 2021-05-14 16:50:23 +0200 |
|---|---|---|
| committer | Fabian Mastenbroek <mail.fabianm@gmail.com> | 2021-05-17 17:06:51 +0200 |
| commit | 05d2318538eba71ac0555dc5ec146499d9cb0592 (patch) | |
| tree | 6163e6429879109e322a4c0883fab168031aa109 /opendc-web/opendc-web-api/opendc/api/v2/scenarios | |
| parent | 0c6ccca5fac44ab40671627fd3181e9b138672fa (diff) | |
api: Remove user handling from OpenDC API server
This change removes any of the user handling and endpoints from the
OpenDC API server. The API server does not need to store user
information other than an identifier in the database.
Diffstat (limited to 'opendc-web/opendc-web-api/opendc/api/v2/scenarios')
| -rw-r--r-- | opendc-web/opendc-web-api/opendc/api/v2/scenarios/scenarioId/test_endpoint.py | 90 |
1 files changed, 28 insertions, 62 deletions
diff --git a/opendc-web/opendc-web-api/opendc/api/v2/scenarios/scenarioId/test_endpoint.py b/opendc-web/opendc-web-api/opendc/api/v2/scenarios/scenarioId/test_endpoint.py index cd4bcdf8..24b38671 100644 --- a/opendc-web/opendc-web-api/opendc/api/v2/scenarios/scenarioId/test_endpoint.py +++ b/opendc-web/opendc-web-api/opendc/api/v2/scenarios/scenarioId/test_endpoint.py @@ -10,26 +10,9 @@ def test_get_scenario_non_existing(client, mocker): def test_get_scenario_no_authorizations(client, mocker): - mocker.patch.object(DB, 'fetch_one', return_value={ - 'portfolioId': '1', - 'authorizations': [] - }) - res = client.get(f'/v2/scenarios/{test_id}') - assert '403' in res.status - - -def test_get_scenario_not_authorized(client, mocker): - mocker.patch.object(DB, - 'fetch_one', - return_value={ - 'projectId': test_id, - 'portfolioId': test_id, - '_id': test_id, - 'authorizations': [{ - 'projectId': test_id_2, - 'authorizationLevel': 'OWN' - }] - }) + m = mocker.MagicMock() + m.side_effect = ({'portfolioId': test_id}, {'projectId': test_id}, {'authorizations': []}) + mocker.patch.object(DB, 'fetch_one', m) res = client.get(f'/v2/scenarios/{test_id}') assert '403' in res.status @@ -37,15 +20,12 @@ def test_get_scenario_not_authorized(client, mocker): def test_get_scenario(client, mocker): mocker.patch.object(DB, 'fetch_one', - return_value={ - 'projectId': test_id, - 'portfolioId': test_id, - '_id': test_id, - 'authorizations': [{ - 'projectId': test_id, - 'authorizationLevel': 'EDIT' - }] - }) + side_effect=[ + {'portfolioId': test_id}, + {'projectId': test_id}, + {'authorizations': + [{'userId': 'test', 'authorizationLevel': 'OWN'}] + }]) res = client.get(f'/v2/scenarios/{test_id}') assert '200' in res.status @@ -66,15 +46,12 @@ def test_update_scenario_non_existing(client, mocker): def test_update_scenario_not_authorized(client, mocker): mocker.patch.object(DB, 'fetch_one', - return_value={ - '_id': test_id, - 'projectId': test_id, - 'portfolioId': test_id, - 'authorizations': [{ - 'projectId': test_id, - 'authorizationLevel': 'VIEW' - }] - }) + side_effect=[ + {'portfolioId': test_id}, + {'projectId': test_id}, + {'authorizations': + [{'userId': 'test', 'authorizationLevel': 'VIEW'}] + }]) mocker.patch.object(DB, 'update', return_value={}) assert '403' in client.put(f'/v2/scenarios/{test_id}', json={ 'scenario': { @@ -86,19 +63,12 @@ def test_update_scenario_not_authorized(client, mocker): def test_update_scenario(client, mocker): mocker.patch.object(DB, 'fetch_one', - return_value={ - '_id': test_id, - 'projectId': test_id, - 'portfolioId': test_id, - 'authorizations': [{ - 'projectId': test_id, - 'authorizationLevel': 'OWN' - }], - 'targets': { - 'enabledMetrics': [], - 'repeatsPerScenario': 1 - } - }) + side_effect=[ + {'_id': test_id, 'portfolioId': test_id}, + {'projectId': test_id}, + {'authorizations': + [{'userId': 'test', 'authorizationLevel': 'OWN'}] + }]) mocker.patch.object(DB, 'update', return_value={}) res = client.put(f'/v2/scenarios/{test_id}', json={'scenario': { @@ -115,16 +85,12 @@ def test_delete_project_non_existing(client, mocker): def test_delete_project_different_user(client, mocker): mocker.patch.object(DB, 'fetch_one', - return_value={ - '_id': test_id, - 'projectId': test_id, - 'portfolioId': test_id, - 'googleId': 'other_test', - 'authorizations': [{ - 'projectId': test_id, - 'authorizationLevel': 'VIEW' - }] - }) + side_effect=[ + {'_id': test_id, 'portfolioId': test_id}, + {'projectId': test_id}, + {'authorizations': + [{'userId': 'test', 'authorizationLevel': 'VIEW'}] + }]) mocker.patch.object(DB, 'delete_one', return_value=None) assert '403' in client.delete(f'/v2/scenarios/{test_id}').status @@ -139,7 +105,7 @@ def test_delete_project(client, mocker): 'googleId': 'test', 'scenarioIds': [test_id], 'authorizations': [{ - 'projectId': test_id, + 'userId': 'test', 'authorizationLevel': 'OWN' }] }) |