Mirror
/
python-keycloak
mirror of https://github.com/marcospereirampj/python-keycloak.git
1
0
Fork 1
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
549 Commits
16 Branches
111 Tags
19 MiB
Tree: 8dafb4ec30
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8dafb4ec30'
${ noResults }
python-keycloak/tests/test_uma_permissions.py

143 lines
4.4 KiB
Raw Normal View History

feat: added UMA-permission request functionality
3 years ago
  1. # -*- coding: utf-8 -*-
  2. #
  3. # Copyright (C) 2017 Marcos Pereira <marcospereira.mpj@gmail.com>
  4. #
  5. # This program is free software: you can redistribute it and/or modify
  6. # it under the terms of the GNU Lesser General Public License as published by
  7. # the Free Software Foundation, either version 3 of the License, or
  8. # (at your option) any later version.
  9. #
  10. # This program is distributed in the hope that it will be useful,
  11. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  12. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13. # GNU Lesser General Public License for more details.
  14. #
  15. # You should have received a copy of the GNU Lesser General Public License
  16. # along with this program. If not, see <http://www.gnu.org/licenses/>.
  17. import pytest
  18. import re
  19. from keycloak.exceptions import KeycloakPermissionFormatError, PermissionDefinitionError
  20. from keycloak.uma_permissions import build_permission_param, Resource, Scope
  24. def test_resource_with_scope_obj():
  25. r = Resource("Resource1")
  26. s = Scope("Scope1")
  27. assert r(s) == "Resource1#Scope1"
  30. def test_scope_with_resource_obj():
  31. r = Resource("Resource1")
  32. s = Scope("Scope1")
  33. assert s(r) == "Resource1#Scope1"
  36. def test_resource_scope_str():
  37. r = Resource("Resource1")
  38. s = "Scope1"
  39. assert r(scope=s) == "Resource1#Scope1"
  42. def test_scope_resource_str():
  43. r = "Resource1"
  44. s = Scope("Scope1")
  45. assert s(resource=r) == "Resource1#Scope1"
  48. def test_resource_scope_dict():
  49. r = Resource("Resource1")
  50. s = {"scope": "Scope1"}
  51. assert r(**s) == "Resource1#Scope1"
  54. def test_scope_resource_dict():
  55. r = {"resource": "Resource1"}
  56. s = Scope("Scope1")
  57. assert s(**r) == "Resource1#Scope1"
  60. def test_resource_scope_list():
  61. r = Resource("Resource1")
  62. s = ["Scope1"]
  63. with pytest.raises(PermissionDefinitionError) as err:
  64. r(*s)
  65. assert err.match("can't determine if 'Scope1' is a resource or scope")
  68. def test_build_permission_none():
  69. assert build_permission_param(None) == set()
  72. def test_build_permission_empty_str():
  73. assert build_permission_param("") == set()
  76. def test_build_permission_empty_list():
  77. assert build_permission_param([]) == set()
  80. def test_build_permission_empty_tuple():
  81. assert build_permission_param(()) == set()
  84. def test_build_permission_empty_set():
  85. assert build_permission_param(set()) == set()
  88. def test_build_permission_empty_dict():
  89. assert build_permission_param({}) == set()
  92. def test_build_permission_str():
  93. assert build_permission_param("resource1") == {"resource1"}
  96. def test_build_permission_list_str():
  97. assert build_permission_param(["res1#scope1", "res1#scope2"]) == {"res1#scope1", "res1#scope2"}
  100. def test_build_permission_tuple_str():
  101. assert build_permission_param(("res1#scope1", "res1#scope2")) == {"res1#scope1", "res1#scope2"}
  104. def test_build_permission_set_str():
  105. assert build_permission_param({"res1#scope1", "res1#scope2"}) == {"res1#scope1", "res1#scope2"}
  108. def test_build_permission_tuple_dict_str_str():
  109. assert build_permission_param({"res1": "scope1"}) == {"res1#scope1"}
  112. def test_build_permission_tuple_dict_str_list_str():
  113. assert build_permission_param({"res1": ["scope1", "scope2"]}) == {"res1#scope1", "res1#scope2"}
  116. def test_build_permission_tuple_dict_str_list_str2():
  117. assert build_permission_param(
  118. {"res1": ["scope1", "scope2"], "res2": ["scope2", "scope3"]}
  119. ) == {"res1#scope1", "res1#scope2", "res2#scope2", "res2#scope3"}
  122. def test_build_permission_misbuilt_dict_str_list_list_str():
  123. with pytest.raises(KeycloakPermissionFormatError) as err:
  124. build_permission_param({"res1": [["scope1", "scope2"]]})
  125. assert err.match(re.escape("misbuilt permission {'res1': [['scope1', 'scope2']]}"))
  128. def test_build_permission_misbuilt_list_list_str():
  129. with pytest.raises(KeycloakPermissionFormatError) as err:
  130. build_permission_param([["scope1", "scope2"]])
  131. assert err.match(re.escape("misbuilt permission [['scope1', 'scope2']]"))
  134. def test_build_permission_misbuilt_list_set_str():
  135. with pytest.raises(KeycloakPermissionFormatError) as err:
  136. build_permission_param([{"scope1", "scope2"}])
  137. assert err.match(re.escape("misbuilt permission [{'scope1', 'scope2'}]"))
  140. def test_build_permission_misbuilt_set_set_str():
  141. with pytest.raises(KeycloakPermissionFormatError) as err:
  142. build_permission_param([{"scope1"}])
  143. assert err.match(re.escape("misbuilt permission [{'scope1'}]"))