diff --git a/brewtils/models.py b/brewtils/models.py index c60c794a..9084218b 100644 --- a/brewtils/models.py +++ b/brewtils/models.py @@ -21,8 +21,6 @@ "Event", "Events", "Queue", - "Principal", - "LegacyRole", "RefreshToken", "Job", "RequestFile", @@ -37,6 +35,8 @@ "Garden", "Operation", "Resolvable", + "Role", + "User", ] @@ -1103,58 +1103,6 @@ def __repr__(self): return "" % (self.name, self.size) -class Principal(BaseModel): - schema = "PrincipalSchema" - - def __init__( - self, - id=None, # noqa # shadows built-in - username=None, - roles=None, - permissions=None, - preferences=None, - metadata=None, - ): - self.id = id - self.username = username - self.roles = roles - self.permissions = permissions - self.preferences = preferences - self.metadata = metadata - - def __str__(self): - return "%s" % self.username - - def __repr__(self): - return "" % ( - self.username, - self.roles, - self.permissions, - ) - - -class LegacyRole(BaseModel): - schema = "LegacyRoleSchema" - - def __init__( - self, - id=None, # noqa # shadows built-in - name=None, - description=None, - permissions=None, - ): - self.id = id - self.name = name - self.description = description - self.permissions = permissions - - def __str__(self): - return "%s" % self.name - - def __repr__(self): - return "" % (self.name, self.permissions) - - class RefreshToken(BaseModel): schema = "RefreshTokenSchema" @@ -1649,3 +1597,88 @@ def __repr__(self): self.storage, self.details, ) + + +class User(BaseModel): + schema = "UserSchema" + + def __init__( + self, + username, + password=None, + roles=None, + assigned_roles=None, + is_remote=False, + metadata=None, + ): + self.username = username + self.password = password + self.roles = roles or [] + self.assigned_roles = assigned_roles or [] + self.is_remote = is_remote + self.metadata = metadata + + def __str__(self): + return "%s: %s" % (self.username, self.roles) + + def __repr__(self): + return "" % ( + self.username, + self.roles, + ) + + +class Role(BaseModel): + schema = "RoleSchema" + + PERMISSION_TYPES = { + "ADMIN", + "OPERATOR", + "READ_ONLY", # Default value if not role is provided + } + + def __init__( + self, + name, + permission=None, + description=None, + id=None, + is_remote=False, + scope_gardens=None, + scope_namespaces=None, + scope_systems=None, + scope_instances=None, + scope_verisons=None, + scope_commands=None, + ): + self.permission = permission or "READ_ONLY" + self.description = description + self.id = id + self.name = name + self.is_remote = is_remote + self.scope_gardens = scope_gardens or [] + self.scope_namespaces = scope_namespaces or [] + self.scope_systems = scope_systems or [] + self.scope_instances = scope_instances or [] + self.scope_verisons = scope_verisons or [] + self.scope_commands = scope_commands or [] + + def __str__(self): + return "%s" % (self.name) + + def __repr__(self): + return ( + "" + ) % ( + self.id, + self.name, + self.permission, + self.is_remote, + self.scope_gardens, + self.scope_namespaces, + self.scope_systems, + self.scope_instances, + self.scope_verisons, + self.scope_commands, + ) diff --git a/brewtils/rest/easy_client.py b/brewtils/rest/easy_client.py index 575d728a..ba515916 100644 --- a/brewtils/rest/easy_client.py +++ b/brewtils/rest/easy_client.py @@ -1088,9 +1088,7 @@ def forward(self, operation, **kwargs): SchemaParser.serialize_operation(operation), **kwargs ) - @wrap_response( - parse_method="parse_principal", parse_many=False, default_exc=FetchError - ) + @wrap_response(parse_method="parse_user", parse_many=False, default_exc=FetchError) def get_user(self, user_identifier): """Find a user @@ -1098,7 +1096,7 @@ def get_user(self, user_identifier): user_identifier (str): User ID or username Returns: - Principal: The User + User: The User """ return self.client.get_user(user_identifier) @@ -1107,7 +1105,7 @@ def who_am_i(self): """Find user using the current set of credentials Returns: - Principal: The User + User: The User """ return self.get_user(self.client.username or "anonymous") diff --git a/brewtils/schema_parser.py b/brewtils/schema_parser.py index 98598ada..514ae696 100644 --- a/brewtils/schema_parser.py +++ b/brewtils/schema_parser.py @@ -37,7 +37,7 @@ class SchemaParser(object): "QueueSchema": brewtils.models.Queue, "ParameterSchema": brewtils.models.Parameter, "PatchSchema": brewtils.models.PatchOperation, - "PrincipalSchema": brewtils.models.Principal, + "UserSchema": brewtils.models.User, "RefreshTokenSchema": brewtils.models.RefreshToken, "RequestSchema": brewtils.models.Request, "RequestFileSchema": brewtils.models.RequestFile, @@ -45,11 +45,12 @@ class SchemaParser(object): "FileChunkSchema": brewtils.models.FileChunk, "FileStatusSchema": brewtils.models.FileStatus, "RequestTemplateSchema": brewtils.models.RequestTemplate, - "LegacyRoleSchema": brewtils.models.LegacyRole, "SystemSchema": brewtils.models.System, "OperationSchema": brewtils.models.Operation, "RunnerSchema": brewtils.models.Runner, "ResolvableSchema": brewtils.models.Resolvable, + "RoleSchema": brewtils.models.Role, + "UserSchema": brewtils.models.User, } logger = logging.getLogger(__name__) @@ -253,20 +254,18 @@ def parse_queue(cls, queue, from_string=False, **kwargs): ) @classmethod - def parse_principal(cls, principal, from_string=False, **kwargs): - """Convert raw JSON string or dictionary to a principal model object + def parse_user(cls, user, from_string=False, **kwargs): + """Convert raw JSON string or dictionary to a user model object Args: - principal: The raw input + user: The raw input from_string: True if input is a JSON string, False if a dictionary **kwargs: Additional parameters to be passed to the Schema (e.g. many=True) Returns: - A Principal object + A User object """ - return cls.parse( - principal, brewtils.models.Principal, from_string=from_string, **kwargs - ) + return cls.parse(user, brewtils.models.User, from_string=from_string, **kwargs) @classmethod def parse_role(cls, role, from_string=False, **kwargs): @@ -280,9 +279,7 @@ def parse_role(cls, role, from_string=False, **kwargs): Returns: A Role object """ - return cls.parse( - role, brewtils.models.LegacyRole, from_string=from_string, **kwargs - ) + return cls.parse(role, brewtils.models.Role, from_string=from_string, **kwargs) @classmethod def parse_refresh_token(cls, refresh_token, from_string=False, **kwargs): @@ -674,11 +671,11 @@ def serialize_queue(cls, queue, to_string=True, **kwargs): ) @classmethod - def serialize_principal(cls, principal, to_string=True, **kwargs): - """Convert a principal model into serialized form + def serialize_user(cls, user, to_string=True, **kwargs): + """Convert a user model into serialized form Args: - principal: The principal object(s) to be serialized + user: The user object(s) to be serialized to_string: True to generate a JSON-formatted string, False to generate a dictionary **kwargs: Additional parameters to be passed to the Schema (e.g. many=True) @@ -687,10 +684,7 @@ def serialize_principal(cls, principal, to_string=True, **kwargs): Serialized representation """ return cls.serialize( - principal, - to_string=to_string, - schema_name=brewtils.models.Principal.schema, - **kwargs + user, to_string=to_string, schema_name=brewtils.models.User.schema, **kwargs ) @classmethod @@ -707,10 +701,7 @@ def serialize_role(cls, role, to_string=True, **kwargs): Serialized representation """ return cls.serialize( - role, - to_string=to_string, - schema_name=brewtils.models.LegacyRole.schema, - **kwargs + role, to_string=to_string, schema_name=brewtils.models.Role.schema, **kwargs ) @classmethod diff --git a/brewtils/schemas.py b/brewtils/schemas.py index e734f13a..f038ec82 100644 --- a/brewtils/schemas.py +++ b/brewtils/schemas.py @@ -24,8 +24,6 @@ "LoggingConfigSchema", "EventSchema", "QueueSchema", - "PrincipalSchema", - "LegacyRoleSchema", "RefreshTokenSchema", "JobSchema", "JobExportSchema", @@ -42,8 +40,6 @@ "UserCreateSchema", "UserListSchema", "RoleSchema", - "RoleAssignmentSchema", - "RoleAssignmentDomainSchema", "GardenDomainIdentifierSchema", "SystemDomainIdentifierSchema", ] @@ -425,23 +421,6 @@ class QueueSchema(BaseSchema): size = fields.Integer(allow_none=True) -class PrincipalSchema(BaseSchema): - id = fields.Str(allow_none=True) - username = fields.Str(allow_none=True) - roles = fields.Nested("LegacyRoleSchema", many=True, allow_none=True) - permissions = fields.List(fields.Str(), allow_none=True) - preferences = fields.Dict(allow_none=True) - metadata = fields.Dict(allow_none=True) - - -class LegacyRoleSchema(BaseSchema): - id = fields.Str(allow_none=True) - name = fields.Str(allow_none=True) - description = fields.Str(allow_none=True) - roles = fields.Nested("self", many=True, allow_none=True) - permissions = fields.List(fields.Str(), allow_none=True) - - class RefreshTokenSchema(BaseSchema): id = fields.Str(allow_none=True) issued = DateTime(allow_none=True, format="epoch", example="1500065932000") @@ -604,40 +583,36 @@ class ResolvableSchema(BaseSchema): class RoleSchema(BaseSchema): - id = fields.Str() + id = fields.Str(allow_none=True) name = fields.Str() description = fields.Str(allow_none=True) - permissions = fields.List(fields.Str()) - - -class RoleAssignmentDomainSchema(BaseSchema): - scope = fields.Str() - identifiers = PolyField( - serialization_schema_selector=_domain_identifier_schema_selector, - deserialization_schema_selector=_domain_identifier_schema_selector, - required=False, - ) - - -class RoleAssignmentSchema(BaseSchema): - domain = fields.Nested(RoleAssignmentDomainSchema, required=True) - role = fields.Nested(RoleSchema()) + permission = fields.Str() + is_remote = fields.Boolean(allow_none=True) + scope_gardens = fields.List(fields.Str(), allow_none=True) + scope_namespaces = fields.List(fields.Str(), allow_none=True) + scope_systems = fields.List(fields.Str(), allow_none=True) + scope_instances = fields.List(fields.Str(), allow_none=True) + scope_verisons = fields.List(fields.Str(), allow_none=True) + scope_commands = fields.List(fields.Str(), allow_none=True) class UserSchema(BaseSchema): - id = fields.Str() + id = fields.Str(allow_none=True) username = fields.Str() - role_assignments = fields.List(fields.Nested(RoleAssignmentSchema())) - permissions = fields.Dict() + password = fields.Str() + roles = fields.List(fields.Str(), allow_none=True) + assigned_roles = fields.List(fields.Nested(RoleSchema())) + is_remote = fields.Boolean(allow_none=True) + metadata = fields.Dict(allow_none=True) -class UserCreateSchema(BaseSchema): - username = fields.Str(required=True) - password = fields.Str(required=True, load_only=True) +# class UserCreateSchema(BaseSchema): +# username = fields.Str(required=True) +# password = fields.Str(required=True, load_only=True) -class UserListSchema(BaseSchema): - users = fields.List(fields.Nested(UserSchema())) +# class UserListSchema(BaseSchema): +# users = fields.List(fields.Nested(UserSchema())) model_schema_map.update( @@ -658,7 +633,6 @@ class UserListSchema(BaseSchema): "Queue": QueueSchema, "Parameter": ParameterSchema, "PatchOperation": PatchSchema, - "Principal": PrincipalSchema, "RefreshToken": RefreshTokenSchema, "Request": RequestSchema, "RequestFile": RequestFileSchema, @@ -666,11 +640,12 @@ class UserListSchema(BaseSchema): "FileChunk": FileChunkSchema, "FileStatus": FileStatusSchema, "RequestTemplate": RequestTemplateSchema, - "LegacyRole": LegacyRoleSchema, "System": SystemSchema, "Operation": OperationSchema, "Runner": RunnerSchema, "Resolvable": ResolvableSchema, + "Role": RoleSchema, + "User": UserSchema, # Compatibility for the Job trigger types "interval": IntervalTriggerSchema, "date": DateTriggerSchema, diff --git a/brewtils/test/comparable.py b/brewtils/test/comparable.py index 2003a7c8..8b320c30 100644 --- a/brewtils/test/comparable.py +++ b/brewtils/test/comparable.py @@ -24,12 +24,12 @@ Instance, IntervalTrigger, Job, - LegacyRole, + Role, LoggingConfig, Operation, Parameter, PatchOperation, - Principal, + User, Queue, Request, RequestFile, @@ -50,7 +50,7 @@ "assert_trigger_equal", "assert_command_equal", "assert_parameter_equal", - "assert_principal_equal", + "assert_user_equal", "assert_request_equal", "assert_role_equal", "assert_system_equal", @@ -236,12 +236,12 @@ def assert_event_equal(obj1, obj2, do_raise=False): ) -def assert_principal_equal(obj1, obj2, do_raise=False): +def assert_user_equal(obj1, obj2, do_raise=False): return _assert_wrapper( obj1, obj2, - expected_type=Principal, - deep_fields={"roles": partial(assert_role_equal, do_raise=True)}, + expected_type=User, + deep_fields={"assigned_roles": partial(assert_role_equal, do_raise=True)}, do_raise=do_raise, ) @@ -298,8 +298,7 @@ def assert_role_equal(obj1, obj2, do_raise=False): return _assert_wrapper( obj1, obj2, - expected_type=LegacyRole, - deep_fields={"roles": partial(assert_role_equal, do_raise=True)}, + expected_type=Role, do_raise=do_raise, ) diff --git a/brewtils/test/fixtures.py b/brewtils/test/fixtures.py index cef700d8..d0c9c28f 100644 --- a/brewtils/test/fixtures.py +++ b/brewtils/test/fixtures.py @@ -17,12 +17,10 @@ Instance, IntervalTrigger, Job, - LegacyRole, LoggingConfig, Operation, Parameter, PatchOperation, - Principal, Queue, Request, RequestFile, @@ -30,6 +28,8 @@ Resolvable, Runner, System, + User, + Role, ) @@ -528,38 +528,44 @@ def bg_queue(queue_dict): @pytest.fixture -def principal_dict(legacy_role_dict): +def role_dict(): return { - "id": "58542eb571afd47ead90d24f", - "username": "admin", - "roles": [legacy_role_dict], - "permissions": ["bg-all"], - "preferences": {"theme": "dark"}, - "metadata": {"foo": "bar"}, + "permission": "ADMIN", + "description": "ADMIN ROLE", + "id": "1", + "name": "ADMIN_ROLE", + "is_remote": False, + "scope_gardens": ["FOO"], + "scope_namespaces": [], + "scope_systems": [], + "scope_instances": [], + "scope_verisons": [], + "scope_commands": [], } @pytest.fixture -def bg_principal(principal_dict, bg_role): - dict_copy = copy.deepcopy(principal_dict) - dict_copy["roles"] = [bg_role] - return Principal(**dict_copy) +def bg_role(role_dict): + return Role(**role_dict) @pytest.fixture -def legacy_role_dict(): +def user_dict(role_dict): return { - "id": "58542eb571afd47ead90d26f", - "name": "bg-admin", - "description": "The admin role", - "permissions": ["bg-all"], + "username": "USERNAME", + "password": "HASH", + "roles": ["ADMIN_ROLE"], + "assigned_roles": [role_dict], + "is_remote": False, + "metadata": {}, } @pytest.fixture -def bg_role(legacy_role_dict): - dict_copy = copy.deepcopy(legacy_role_dict) - return LegacyRole(**dict_copy) +def bg_user(user_dict, bg_role): + dict_copy = copy.deepcopy(user_dict) + dict_copy["assigned_roles"] = [bg_role] + return User(**dict_copy) @pytest.fixture diff --git a/test/models_test.py b/test/models_test.py index b64bafb1..64c22cb3 100644 --- a/test/models_test.py +++ b/test/models_test.py @@ -13,12 +13,12 @@ LoggingConfig, Parameter, PatchOperation, - Principal, + User, Queue, Request, RequestFile, RequestTemplate, - LegacyRole, + Role, ) from pytest_lazyfixture import lazy_fixture @@ -529,31 +529,36 @@ def test_repr(self, queue): assert repr(queue) == "" -class TestPrincipal(object): +class TestUser(object): @pytest.fixture - def principal(self): - return Principal(username="admin", roles=["bg-admin"], permissions=["bg-all"]) + def user(self): + return User( + username="admin", + roles=["bg-admin"], + assigned_roles=[Role(name="foo", permission="ADMIN")], + ) - def test_str(self, principal): - assert str(principal) == "admin" + def test_str(self, user): + assert str(user) == "admin: ['bg-admin']" - def test_repr(self, principal): - assert ( - repr(principal) - == "" - ) + def test_repr(self, user): + assert repr(user) == "" -class TestLegacyRole(object): +class TestRole(object): @pytest.fixture def role(self): - return LegacyRole(name="bg-admin", permissions=["bg-all"]) + return Role(name="bg-admin", permission="ADMIN") def test_str(self, role): assert str(role) == "bg-admin" def test_repr(self, role): - assert repr(role) == "" + assert repr(role) == ( + "" + ) class TestDateTrigger(object): diff --git a/test/rest/easy_client_test.py b/test/rest/easy_client_test.py index 488bb27c..9ccf8533 100644 --- a/test/rest/easy_client_test.py +++ b/test/rest/easy_client_test.py @@ -515,11 +515,11 @@ def test_forward(client, rest_client, success, bg_operation): assert rest_client.post_forward.called is True -def test_get_user(client, rest_client, success, bg_principal): +def test_get_user(client, rest_client, success, bg_user): rest_client.get_user.return_value = success - client.get_user(bg_principal.username) - rest_client.get_user.assert_called_once_with(bg_principal.username) + client.get_user(bg_user.username) + rest_client.get_user.assert_called_once_with(bg_user.username) class TestWhoAmI(object): diff --git a/test/schema_parser_test.py b/test/schema_parser_test.py index cbeee083..aea91843 100644 --- a/test/schema_parser_test.py +++ b/test/schema_parser_test.py @@ -21,7 +21,7 @@ assert_operation_equal, assert_parameter_equal, assert_patch_equal, - assert_principal_equal, + assert_user_equal, assert_queue_equal, assert_request_equal, assert_request_file_equal, @@ -121,14 +121,14 @@ def test_no_modify(self, system_dict): lazy_fixture("bg_queue"), ), ( - brewtils.models.Principal, - lazy_fixture("principal_dict"), - assert_principal_equal, - lazy_fixture("bg_principal"), + brewtils.models.User, + lazy_fixture("user_dict"), + assert_user_equal, + lazy_fixture("bg_user"), ), ( - brewtils.models.LegacyRole, - lazy_fixture("legacy_role_dict"), + brewtils.models.Role, + lazy_fixture("role_dict"), assert_role_equal, lazy_fixture("bg_role"), ), @@ -249,14 +249,14 @@ def test_single_from_string(self): lazy_fixture("bg_queue"), ), ( - "parse_principal", - lazy_fixture("principal_dict"), - assert_principal_equal, - lazy_fixture("bg_principal"), + "parse_user", + lazy_fixture("user_dict"), + assert_user_equal, + lazy_fixture("bg_user"), ), ( "parse_role", - lazy_fixture("legacy_role_dict"), + lazy_fixture("role_dict"), assert_role_equal, lazy_fixture("bg_role"), ), @@ -382,14 +382,14 @@ def test_single_specific_from_string(self): lazy_fixture("bg_queue"), ), ( - brewtils.models.Principal, - lazy_fixture("principal_dict"), - assert_principal_equal, - lazy_fixture("bg_principal"), + brewtils.models.User, + lazy_fixture("user_dict"), + assert_user_equal, + lazy_fixture("bg_user"), ), ( - brewtils.models.LegacyRole, - lazy_fixture("legacy_role_dict"), + brewtils.models.Role, + lazy_fixture("role_dict"), assert_role_equal, lazy_fixture("bg_role"), ), @@ -508,14 +508,14 @@ def test_many(self, model, data, assertion, expected): lazy_fixture("bg_queue"), ), ( - "parse_principal", - lazy_fixture("principal_dict"), - assert_principal_equal, - lazy_fixture("bg_principal"), + "parse_user", + lazy_fixture("user_dict"), + assert_user_equal, + lazy_fixture("bg_user"), ), ( "parse_role", - lazy_fixture("legacy_role_dict"), + lazy_fixture("role_dict"), assert_role_equal, lazy_fixture("bg_role"), ), @@ -605,8 +605,8 @@ class TestSerialize(object): (lazy_fixture("bg_logging_config"), lazy_fixture("logging_config_dict")), (lazy_fixture("bg_event"), lazy_fixture("event_dict")), (lazy_fixture("bg_queue"), lazy_fixture("queue_dict")), - (lazy_fixture("bg_principal"), lazy_fixture("principal_dict")), - (lazy_fixture("bg_role"), lazy_fixture("legacy_role_dict")), + (lazy_fixture("bg_user"), lazy_fixture("user_dict")), + (lazy_fixture("bg_role"), lazy_fixture("role_dict")), (lazy_fixture("bg_job"), lazy_fixture("job_dict")), (lazy_fixture("bg_cron_job"), lazy_fixture("cron_job_dict")), (lazy_fixture("bg_interval_job"), lazy_fixture("interval_job_dict")), @@ -665,14 +665,14 @@ def test_single(self, model, expected): ("serialize_event", lazy_fixture("bg_event"), lazy_fixture("event_dict")), ("serialize_queue", lazy_fixture("bg_queue"), lazy_fixture("queue_dict")), ( - "serialize_principal", - lazy_fixture("bg_principal"), - lazy_fixture("principal_dict"), + "serialize_user", + lazy_fixture("bg_user"), + lazy_fixture("user_dict"), ), ( "serialize_role", lazy_fixture("bg_role"), - lazy_fixture("legacy_role_dict"), + lazy_fixture("role_dict"), ), ("serialize_job", lazy_fixture("bg_job"), lazy_fixture("job_dict")), ( @@ -734,8 +734,8 @@ def test_single_specific(self, method, data, expected): (lazy_fixture("bg_logging_config"), lazy_fixture("logging_config_dict")), (lazy_fixture("bg_event"), lazy_fixture("event_dict")), (lazy_fixture("bg_queue"), lazy_fixture("queue_dict")), - (lazy_fixture("bg_principal"), lazy_fixture("principal_dict")), - (lazy_fixture("bg_role"), lazy_fixture("legacy_role_dict")), + (lazy_fixture("bg_user"), lazy_fixture("user_dict")), + (lazy_fixture("bg_role"), lazy_fixture("role_dict")), (lazy_fixture("bg_job"), lazy_fixture("job_dict")), (lazy_fixture("bg_cron_job"), lazy_fixture("cron_job_dict")), (lazy_fixture("bg_interval_job"), lazy_fixture("interval_job_dict")), @@ -811,11 +811,11 @@ class TestRoundTrip(object): (brewtils.models.Event, assert_event_equal, lazy_fixture("bg_event")), (brewtils.models.Queue, assert_queue_equal, lazy_fixture("bg_queue")), ( - brewtils.models.Principal, - assert_principal_equal, - lazy_fixture("bg_principal"), + brewtils.models.User, + assert_user_equal, + lazy_fixture("bg_user"), ), - (brewtils.models.LegacyRole, assert_role_equal, lazy_fixture("bg_role")), + (brewtils.models.Role, assert_role_equal, lazy_fixture("bg_role")), (brewtils.models.Job, assert_job_equal, lazy_fixture("bg_job")), (brewtils.models.Job, assert_job_equal, lazy_fixture("bg_cron_job")), (brewtils.models.Job, assert_job_equal, lazy_fixture("bg_interval_job")), @@ -853,8 +853,8 @@ def test_parsed_start(self, model, assertion, data): (brewtils.models.LoggingConfig, lazy_fixture("logging_config_dict")), (brewtils.models.Event, lazy_fixture("event_dict")), (brewtils.models.Queue, lazy_fixture("queue_dict")), - (brewtils.models.Principal, lazy_fixture("principal_dict")), - (brewtils.models.LegacyRole, lazy_fixture("legacy_role_dict")), + (brewtils.models.User, lazy_fixture("user_dict")), + (brewtils.models.Role, lazy_fixture("role_dict")), (brewtils.models.Job, lazy_fixture("job_dict")), (brewtils.models.Job, lazy_fixture("cron_job_dict")), (brewtils.models.Job, lazy_fixture("interval_job_dict")), diff --git a/test/schema_test.py b/test/schema_test.py index f032780b..da25bd61 100644 --- a/test/schema_test.py +++ b/test/schema_test.py @@ -9,7 +9,6 @@ from brewtils.schemas import ( BaseSchema, DateTime, - RoleAssignmentSchema, SystemSchema, _deserialize_model, _serialize_model, @@ -96,93 +95,3 @@ def test_deserialize_mapping(self): assert len(models) == len( SchemaParser._models ), "Missing mapped schema for deserialization" - - -class TestRoleAssignmentSchema(object): - @pytest.fixture - def schema(self): - yield RoleAssignmentSchema() - - @pytest.fixture - def role_assignment_garden_scope(self): - role = {"name": "myrole", "permissions": ["perm1"]} - domain = {"scope": "Garden", "identifiers": {"name": "mygarden"}} - role_assignment = {"role": role, "domain": domain} - - yield role_assignment - - @pytest.fixture - def role_assignment_system_scope(self): - role = {"name": "myrole", "permissions": ["perm1"]} - domain = { - "scope": "System", - "identifiers": {"name": "mysystem", "namespace": "mygarden"}, - } - role_assignment = {"role": role, "domain": domain} - - yield role_assignment - - @pytest.fixture - def role_assignment_global_scope(self): - role = {"name": "myrole", "permissions": ["perm1"]} - domain = {"scope": "Global"} - role_assignment = {"role": role, "domain": domain} - - yield role_assignment - - def test_role_assignment_domain_schema_can_deserialize_garden_scope( - self, schema, role_assignment_garden_scope - ): - assert ( - schema.load(role_assignment_garden_scope).data - == role_assignment_garden_scope - ) - - def test_role_assignment_domain_schema_can_deserialize_system_scope( - self, schema, role_assignment_system_scope - ): - assert ( - schema.load(role_assignment_system_scope).data - == role_assignment_system_scope - ) - - def test_role_assignment_domain_schema_can_deserialize_global_scope( - self, schema, role_assignment_global_scope - ): - assert ( - schema.load(role_assignment_global_scope).data - == role_assignment_global_scope - ) - - def test_role_assignment_domain_schema_can_serialize( - self, schema, role_assignment_garden_scope - ): - assert ( - schema.dump(role_assignment_garden_scope).data - == role_assignment_garden_scope - ) - - def test_role_assignment_domain_schema_can_serialize_global_scope( - self, schema, role_assignment_global_scope - ): - assert ( - schema.dump(role_assignment_global_scope).data - == role_assignment_global_scope - ) - - def test_role_assignment_domain_schema_validates_identifiers( - self, schema, role_assignment_system_scope - ): - # Remove one of the required identifier fields - del role_assignment_system_scope["domain"]["identifiers"]["namespace"] - - with pytest.raises(ValidationError): - schema.load(role_assignment_system_scope) - - def test_role_assignment_domain_schema_raises_error_on_invalid_scope( - self, schema, role_assignment_system_scope - ): - role_assignment_system_scope["domain"]["scope"] = "Unsupported" - - with pytest.raises(ValidationError): - schema.load(role_assignment_system_scope)