authentik.rbac.tests.test_api_permissions_roles
Test RolePermissionViewSet api
1"""Test RolePermissionViewSet api""" 2 3from django.urls import reverse 4from guardian.models import RoleObjectPermission 5from rest_framework.test import APITestCase 6 7from authentik.core.models import Group 8from authentik.core.tests.utils import create_test_admin_user, create_test_user 9from authentik.lib.generators import generate_id 10from authentik.rbac.models import Role 11from authentik.stages.invitation.models import Invitation 12 13 14class TestRBACPermissionRoles(APITestCase): 15 """Test RolePermissionViewSet api""" 16 17 def setUp(self) -> None: 18 self.superuser = create_test_admin_user() 19 20 self.user = create_test_user() 21 self.role = Role.objects.create(name=generate_id()) 22 self.group = Group.objects.create(name=generate_id()) 23 self.group.roles.add(self.role) 24 self.group.users.add(self.user) 25 26 def test_list(self): 27 """Test list of all permissions""" 28 self.client.force_login(self.superuser) 29 inv = Invitation.objects.create( 30 name=generate_id(), 31 created_by=self.superuser, 32 ) 33 self.role.assign_perms("authentik_stages_invitation.view_invitation", obj=inv) 34 res = self.client.get(reverse("authentik_api:permissions-roles-list")) 35 self.assertEqual(res.status_code, 200) 36 37 def test_list_role(self): 38 """Test list of all permissions""" 39 self.client.force_login(self.superuser) 40 inv = Invitation.objects.create( 41 name=generate_id(), 42 created_by=self.superuser, 43 ) 44 self.role.assign_perms("authentik_stages_invitation.view_invitation", obj=inv) 45 res = self.client.get( 46 reverse("authentik_api:permissions-roles-list") + f"?uuid={self.role.pk}" 47 ) 48 self.assertEqual(res.status_code, 200) 49 self.assertJSONEqual( 50 res.content, 51 { 52 "pagination": { 53 "next": 0, 54 "previous": 0, 55 "count": 1, 56 "current": 1, 57 "total_pages": 1, 58 "start_index": 1, 59 "end_index": 1, 60 }, 61 "results": [ 62 { 63 "id": RoleObjectPermission.objects.filter(object_pk=inv.pk).first().pk, 64 "codename": "view_invitation", 65 "model": "invitation", 66 "app_label": "authentik_stages_invitation", 67 "object_pk": str(inv.pk), 68 "name": "Can view Invitation", 69 "app_label_verbose": "authentik Stages.Invitation", 70 "model_verbose": "Invitation", 71 "object_description": str(inv), 72 } 73 ], 74 }, 75 )
class
TestRBACPermissionRoles(rest_framework.test.APITestCase):
15class TestRBACPermissionRoles(APITestCase): 16 """Test RolePermissionViewSet api""" 17 18 def setUp(self) -> None: 19 self.superuser = create_test_admin_user() 20 21 self.user = create_test_user() 22 self.role = Role.objects.create(name=generate_id()) 23 self.group = Group.objects.create(name=generate_id()) 24 self.group.roles.add(self.role) 25 self.group.users.add(self.user) 26 27 def test_list(self): 28 """Test list of all permissions""" 29 self.client.force_login(self.superuser) 30 inv = Invitation.objects.create( 31 name=generate_id(), 32 created_by=self.superuser, 33 ) 34 self.role.assign_perms("authentik_stages_invitation.view_invitation", obj=inv) 35 res = self.client.get(reverse("authentik_api:permissions-roles-list")) 36 self.assertEqual(res.status_code, 200) 37 38 def test_list_role(self): 39 """Test list of all permissions""" 40 self.client.force_login(self.superuser) 41 inv = Invitation.objects.create( 42 name=generate_id(), 43 created_by=self.superuser, 44 ) 45 self.role.assign_perms("authentik_stages_invitation.view_invitation", obj=inv) 46 res = self.client.get( 47 reverse("authentik_api:permissions-roles-list") + f"?uuid={self.role.pk}" 48 ) 49 self.assertEqual(res.status_code, 200) 50 self.assertJSONEqual( 51 res.content, 52 { 53 "pagination": { 54 "next": 0, 55 "previous": 0, 56 "count": 1, 57 "current": 1, 58 "total_pages": 1, 59 "start_index": 1, 60 "end_index": 1, 61 }, 62 "results": [ 63 { 64 "id": RoleObjectPermission.objects.filter(object_pk=inv.pk).first().pk, 65 "codename": "view_invitation", 66 "model": "invitation", 67 "app_label": "authentik_stages_invitation", 68 "object_pk": str(inv.pk), 69 "name": "Can view Invitation", 70 "app_label_verbose": "authentik Stages.Invitation", 71 "model_verbose": "Invitation", 72 "object_description": str(inv), 73 } 74 ], 75 }, 76 )
Test RolePermissionViewSet api
def
setUp(self) -> None:
18 def setUp(self) -> None: 19 self.superuser = create_test_admin_user() 20 21 self.user = create_test_user() 22 self.role = Role.objects.create(name=generate_id()) 23 self.group = Group.objects.create(name=generate_id()) 24 self.group.roles.add(self.role) 25 self.group.users.add(self.user)
Hook method for setting up the test fixture before exercising it.
def
test_list(self):
27 def test_list(self): 28 """Test list of all permissions""" 29 self.client.force_login(self.superuser) 30 inv = Invitation.objects.create( 31 name=generate_id(), 32 created_by=self.superuser, 33 ) 34 self.role.assign_perms("authentik_stages_invitation.view_invitation", obj=inv) 35 res = self.client.get(reverse("authentik_api:permissions-roles-list")) 36 self.assertEqual(res.status_code, 200)
Test list of all permissions
def
test_list_role(self):
38 def test_list_role(self): 39 """Test list of all permissions""" 40 self.client.force_login(self.superuser) 41 inv = Invitation.objects.create( 42 name=generate_id(), 43 created_by=self.superuser, 44 ) 45 self.role.assign_perms("authentik_stages_invitation.view_invitation", obj=inv) 46 res = self.client.get( 47 reverse("authentik_api:permissions-roles-list") + f"?uuid={self.role.pk}" 48 ) 49 self.assertEqual(res.status_code, 200) 50 self.assertJSONEqual( 51 res.content, 52 { 53 "pagination": { 54 "next": 0, 55 "previous": 0, 56 "count": 1, 57 "current": 1, 58 "total_pages": 1, 59 "start_index": 1, 60 "end_index": 1, 61 }, 62 "results": [ 63 { 64 "id": RoleObjectPermission.objects.filter(object_pk=inv.pk).first().pk, 65 "codename": "view_invitation", 66 "model": "invitation", 67 "app_label": "authentik_stages_invitation", 68 "object_pk": str(inv.pk), 69 "name": "Can view Invitation", 70 "app_label_verbose": "authentik Stages.Invitation", 71 "model_verbose": "Invitation", 72 "object_description": str(inv), 73 } 74 ], 75 }, 76 )
Test list of all permissions