PR#5416: Add api endpoints for adding/removing user to group - pagure

pagure

#5416 Add api endpoints for adding/removing user to group

Merged a year ago by ngompa. Opened 2 years ago by zlopez.

zlopez/pagure 5333 into master

Add api endpoints for adding/removing user to group

Michal Konecny • a year ago

1b7d305

pagure/api/__init__.py

file modified

+6 -1

		`@@ -613,7 +613,12 @@`
		`]`
		`sections.append(build_docs_section("users", users_methods))`

		`- groups_methods = [group.api_groups, group.api_view_group]`
		`+ groups_methods = [`
		`+ group.api_groups,`
		`+ group.api_view_group,`
		`+ group.api_group_add_member,`
		`+ group.api_group_remove_member,`
		`+ ]`
		`sections.append(build_docs_section("groups", groups_methods))`

		`plugins_methods = [`

pagure/api/group.py

file modified

+178

		`@@ -12,6 +12,7 @@`
		`from __future__ import absolute_import, unicode_literals`

		`import flask`
		`+ from sqlalchemy.exc import SQLAlchemyError`

		`import pagure`
		`import pagure.exceptions`
		`@@ -20,6 +21,7 @@`
		`API,`
		`APIERROR,`
		`api_login_optional,`
		`+ api_login_required,`
		`api_method,`
		`get_page,`
		`get_per_page,`
		`@@ -289,3 +291,179 @@`
		`jsonout = flask.jsonify(output)`
		`jsonout.status_code = 200`
		`return jsonout`
		`+`
		`+`
		`+ @API.route("/group/<group>/add", methods=["POST"])`
		`+ @api_login_required(acls=["group_modify"])`
		`+ @api_method`
		`+ def api_group_add_member(group):`
		`+ """`
		`+ Add member to group`
		`+ -------------------`
		`+ Add new member to group. To be able to add users to group the requester`
		`+ needs to have permissions to do that.`
		`+`
		`+ ::`
		`+`
		`+ POST /api/0/group/<group>/add`
		`+`
		`+ Input`
		`+ ^^^^^`
		`+`
		`+ +---------------------+--------+-------------+-----------------------------+`
		`+ \| Key \| Type \| Optionality \| Description \|`
		`+ +=====================+========+=============+=============================+`
		+ \| ``user`` \| string \| Mandatory \| \| User to add as member \|
		`+ \| \| \| \| of group \|`
		`+ +---------------------+--------+-------------+-----------------------------+`
		`+`
		`+ Sample response`
		`+ ^^^^^^^^^^^^^^^`
		`+`
		`+ ::`
		`+`
		`+ {`
		`+ "creator": {`
		`+ "default_email": "user1@example.com",`
		`+ "emails": [`
		`+ "user1@example.com"`
		`+ ],`
		`+ "fullname": "User1",`
		`+ "name": "user1"`
		`+ },`
		`+ "date_created": "1492011511",`
		`+ "description": "Some Group",`
		`+ "display_name": "Some Group",`
		`+ "group_type": "user",`
		`+ "members": [`
		`+ "user1",`
		`+ "user2"`
		`+ ],`
		`+ "name": "some_group_name"`
		`+ }`
		`+`
		`+ """ # noqa`
		`+`
		`+ group = pagure.lib.query.search_groups(flask.g.session, group_name=group)`
		`+ if not group:`
		`+ raise pagure.exceptions.APIError(404, error_code=APIERROR.ENOGROUP)`
		`+`
		`+ # Validate inputs`
		`+ form = pagure.forms.AddUserToGroupForm(meta={"csrf": False})`
		`+ if not form.validate_on_submit():`
		`+ raise pagure.exceptions.APIError(`
		`+ 400, error_code=APIERROR.EINVALIDREQ, errors=form.errors`
		`+ )`
		`+ else:`
		`+ # Add user to group`
		`+ try:`
		`+ pagure.lib.query.add_user_to_group(`
		`+ flask.g.session,`
		`+ username=form.user.data,`
		`+ group=group,`
		`+ user=flask.g.fas_user.username,`
		`+ is_admin=pagure.utils.is_admin(),`
		`+ )`
		`+ flask.g.session.commit()`
		`+ pagure.lib.git.generate_gitolite_acls(`
		`+ project=None, group=group.group_name`
		`+ )`
		`+ except (pagure.exceptions.PagureException, SQLAlchemyError) as err:`
		`+ flask.g.session.rollback()`
		`+ raise pagure.exceptions.APIError(`
		`+ 400, error_code=APIERROR.EDBERROR, errors=[str(err)]`
		`+ )`
		`+`
		`+ # Return the updated group`
		`+ output = group.to_json(public=(not pagure.utils.api_authenticated()))`
		`+ jsonout = flask.jsonify(output)`
		`+ jsonout.status_code = 200`
		`+ return jsonout`
		`+`
		`+`
		`+ @API.route("/group/<group>/remove", methods=["POST"])`
		`+ @api_login_required(acls=["group_modify"])`
		`+ @api_method`
		`+ def api_group_remove_member(group):`
		`+ """`
		`+ Remove member from group`
		`+ ------------------------`
		`+ Remove member from group. To be able to remove users from group the requester`
		`+ needs to have permissions to do that.`
		`+`
		`+ ::`
		`+`
		`+ POST /api/0/group/<group>/remove`
		`+`
		`+ Input`
		`+ ^^^^^`
		`+`
		`+ +---------------------+--------+-------------+-----------------------------+`
		`+ \| Key \| Type \| Optionality \| Description \|`
		`+ +=====================+========+=============+=============================+`
		+ \| ``user`` \| string \| Mandatory \| \| User to add as member \|
		`+ \| \| \| \| of group \|`
		`+ +---------------------+--------+-------------+-----------------------------+`
		`+`
		`+ Sample response`
		`+ ^^^^^^^^^^^^^^^`
		`+`
		`+ ::`
		`+`
		`+ {`
		`+ "creator": {`
		`+ "default_email": "user1@example.com",`
		`+ "emails": [`
		`+ "user1@example.com"`
		`+ ],`
		`+ "fullname": "User1",`
		`+ "name": "user1"`
		`+ },`
		`+ "date_created": "1492011511",`
		`+ "description": "Some Group",`
		`+ "display_name": "Some Group",`
		`+ "group_type": "user",`
		`+ "members": [`
		`+ "user1",`
		`+ "user2"`
		`+ ],`
		`+ "name": "some_group_name"`
		`+ }`
		`+`
		`+ """ # noqa`
		`+`
		`+ group = pagure.lib.query.search_groups(flask.g.session, group_name=group)`
		`+ if not group:`
		`+ raise pagure.exceptions.APIError(404, error_code=APIERROR.ENOGROUP)`
		`+`
		`+ # Validate inputs`
		`+ form = pagure.forms.AddUserToGroupForm(meta={"csrf": False})`
		`+ if not form.validate_on_submit():`
		`+ raise pagure.exceptions.APIError(`
		`+ 400, error_code=APIERROR.EINVALIDREQ, errors=form.errors`
		`+ )`
		`+ else:`
		`+ # Remove user to group`
		`+ try:`
		`+ pagure.lib.query.delete_user_of_group(`
		`+ flask.g.session,`
		`+ username=form.user.data,`
		`+ groupname=group.group_name,`
		`+ user=flask.g.fas_user.username,`
		`+ is_admin=pagure.utils.is_admin(),`
		`+ )`
		`+ flask.g.session.commit()`
		`+ pagure.lib.git.generate_gitolite_acls(`
		`+ project=None, group=group.group_name`
		`+ )`
		`+ except (pagure.exceptions.PagureException, SQLAlchemyError) as err:`
		`+ flask.g.session.rollback()`
		`+ raise pagure.exceptions.APIError(`
		`+ 400, error_code=APIERROR.EDBERROR, errors=[str(err)]`
		`+ )`
		`+`
		`+ # Return the updated group`
		`+ output = group.to_json(public=(not pagure.utils.api_authenticated()))`
		`+ jsonout = flask.jsonify(output)`
		`+ jsonout.status_code = 200`
		`+ return jsonout`

pagure/default_config.py

file modified

		`@@ -373,6 +373,7 @@`
		`"modify_git_alias": "Modify git aliases (create or delete)",`
		`"create_git_alias": "Create git aliases",`
		`"delete_git_alias": "Delete git aliases",`
		`+ "group_modify": "Add/Remove members from group",`
		`}`

		`# List of ACLs which a regular user is allowed to associate to an API token`
		`@@ -389,6 +390,7 @@`
		`"create_project",`
		`"fork_project",`
		`"modify_project",`
		`+ "group_modify",`
		`"update_watch_status",`
		`"pull_request_create",`
		`"commit",`
		`@@ -404,6 +406,7 @@`
		`"pull_request_comment",`
		`"pull_request_merge",`
		`"generate_acls_project",`
		`+ "group_modify",`
		`"commit_flag",`
		`"create_branch",`
		`"tag_project",`

tests/test_pagure_admin.py

file modified

		`@@ -2291,6 +2291,7 @@`
		`"delete_git_alias",`
		`"fork_project",`
		`"generate_acls_project",`
		`+ "group_modify",`
		`"internal_access",`
		`"issue_assign",`
		`"issue_change_status",`
		`@@ -2343,6 +2344,7 @@`
		`"dummy_acls",`
		`"fork_project",`
		`"generate_acls_project",`
		`+ "group_modify",`
		`"internal_access",`
		`"issue_assign",`
		`"issue_change_status",`

tests/test_pagure_flask_api_group.py

file modified

+385

		`@@ -15,6 +15,8 @@`
		`import sys`
		`import os`
		`import json`
		`+ from unittest.mock import patch`
		`+ from sqlalchemy.exc import SQLAlchemyError`

		`sys.path.insert(`
		`0, os.path.join(os.path.dirname(os.path.abspath(__file__)), "..")`
		`@@ -22,6 +24,7 @@`

		`import pagure.api`
		`import pagure.lib.query`
		`+ from pagure.exceptions import PagureException`
		`import tests`


		`@@ -773,6 +776,388 @@`
		`# a different order that was the order of requests`
		`assert projects == ["test", "test2"]`

		`+ def test_api_group_add_member_authenticated(self):`
		`+ """`
		`+ Test the api_group_add_member method of the flask api with an`
		`+ authenticated user.`
		`+ """`
		`+ tests.create_tokens(self.session)`
		`+ tests.create_tokens_acl(self.session)`
		`+`
		`+ headers = {"Authorization": "token aaabbbcccddd"}`
		`+ payload = {"user": "foo"}`
		`+ output = self.app.post(`
		`+ "/api/0/group/some_group/add", data=payload, headers=headers`
		`+ )`
		`+ self.assertEqual(output.status_code, 200)`
		`+ exp = {`
		`+ "display_name": "Some Group",`
		`+ "full_url": "http://localhost.localdomain/group/some_group",`
		`+ "description": None,`
		`+ "creator": {`
		`+ "fullname": "PY C",`
		`+ "full_url": "http://localhost.localdomain/user/pingou",`
		`+ "url_path": "user/pingou",`
		`+ "default_email": "bar@pingou.com",`
		`+ "emails": ["bar@pingou.com", "foo@pingou.com"],`
		`+ "name": "pingou",`
		`+ },`
		`+ "members": ["pingou", "foo"],`
		`+ "date_created": "1492020239",`
		`+ "group_type": "user",`
		`+ "name": "some_group",`
		`+ }`
		`+ data = json.loads(output.get_data(as_text=True))`
		`+ data["date_created"] = "1492020239"`
		`+ self.assertDictEqual(data, exp)`
		`+`
		`+ def test_api_group_add_member_unauthenticated(self):`
		`+ """`
		`+ Assert that api_group_add_member method will fail with`
		`+ unauthenticated user.`
		`+ """`
		`+ headers = {"Authorization": "token aaabbbcccddd"}`
		`+ payload = {"user": "foo"}`
		`+ output = self.app.post(`
		`+ "/api/0/group/some_group/add", data=payload, headers=headers`
		`+ )`
		`+ self.assertEqual(output.status_code, 401)`
		`+ exp = {`
		`+ "error": (`
		`+ "Invalid or expired token. "`
		`+ "Please visit "`
		`+ "http://localhost.localdomain/settings#nav-api-tab "`
		`+ "to get or renew your API token."`
		`+ ),`
		`+ "error_code": "EINVALIDTOK",`
		`+ "errors": "Invalid token",`
		`+ }`
		`+ data = json.loads(output.get_data(as_text=True))`
		`+ self.assertDictEqual(data, exp)`
		`+`
		`+ def test_api_group_add_member_no_permission(self):`
		`+ """`
		`+ Assert that api_group_add_member method will fail with`
		`+ user that don't have permissions to add member to group.`
		`+ """`
		`+ # Create tokens for foo user`
		`+ tests.create_tokens(self.session, user_id=2)`
		`+ tests.create_tokens_acl(self.session)`
		`+ headers = {"Authorization": "token aaabbbcccddd"}`
		`+ payload = {"user": "foo"}`
		`+ output = self.app.post(`
		`+ "/api/0/group/some_group/add", data=payload, headers=headers`
		`+ )`
		`+ self.assertEqual(output.status_code, 400)`
		`+ exp = {`
		`+ "error": (`
		`+ "An error occurred at the database level "`
		`+ "and prevent the action from reaching completion"`
		`+ ),`
		`+ "error_code": "EDBERROR",`
		`+ "errors": ["You are not allowed to add user to this group"],`
		`+ }`
		`+ data = json.loads(output.get_data(as_text=True))`
		`+ self.assertDictEqual(data, exp)`
		`+`
		`+ def test_api_group_add_member_no_group(self):`
		`+ """`
		`+ Assert that api_group_add_member method will fail when group doesn't`
		`+ exist.`
		`+ """`
		`+ tests.create_tokens(self.session)`
		`+ tests.create_tokens_acl(self.session)`
		`+`
		`+ headers = {"Authorization": "token aaabbbcccddd"}`
		`+ payload = {"user": "foo"}`
		`+ output = self.app.post(`
		`+ "/api/0/group/no_group/add", data=payload, headers=headers`
		`+ )`
		`+ self.assertEqual(output.status_code, 404)`
		`+ exp = {"error": "Group not found", "error_code": "ENOGROUP"}`
		`+ data = json.loads(output.get_data(as_text=True))`
		`+ self.assertDictEqual(data, exp)`
		`+`
		`+ def test_api_group_add_member_invalid_request(self):`
		`+ """`
		`+ Assert that api_group_add_member method will fail when request`
		`+ is invalid.`
		`+ """`
		`+ tests.create_tokens(self.session)`
		`+ tests.create_tokens_acl(self.session)`
		`+`
		`+ headers = {"Authorization": "token aaabbbcccddd"}`
		`+ payload = {"dummy": "foo"}`
		`+ output = self.app.post(`
		`+ "/api/0/group/some_group/add", data=payload, headers=headers`
		`+ )`
		`+ self.assertEqual(output.status_code, 400)`
		`+ exp = {`
		`+ "error": "Invalid or incomplete input submitted",`
		`+ "error_code": "EINVALIDREQ",`
		`+ "errors": {"user": ["This field is required."]},`
		`+ }`
		`+ data = json.loads(output.get_data(as_text=True))`
		`+ self.assertDictEqual(data, exp)`
		`+`
		`+ @patch("pagure.lib.query.add_user_to_group")`
		`+ def test_api_group_add_member_pagure_error(self, mock_add_user):`
		`+ """`
		`+ Assert that api_group_add_member method will fail when pagure`
		`+ throws exception.`
		`+ """`
		`+ tests.create_tokens(self.session)`
		`+ tests.create_tokens_acl(self.session)`
		`+ mock_add_user.side_effect = PagureException("Error")`
		`+`
		`+ headers = {"Authorization": "token aaabbbcccddd"}`
		`+ payload = {"user": "foo"}`
		`+ output = self.app.post(`
		`+ "/api/0/group/some_group/add", data=payload, headers=headers`
		`+ )`
		`+ self.assertEqual(output.status_code, 400)`
		`+ exp = {`
		`+ "error": (`
		`+ "An error occurred at the database level "`
		`+ "and prevent the action from reaching completion"`
		`+ ),`
		`+ "error_code": "EDBERROR",`
		`+ "errors": ["Error"],`
		`+ }`
		`+ data = json.loads(output.get_data(as_text=True))`
		`+ self.assertDictEqual(data, exp)`
		`+`
		`+ @patch("pagure.lib.query.add_user_to_group")`
		`+ def test_api_group_add_member_sqlalchemy_error(self, mock_add_user):`
		`+ """`
		`+ Assert that api_group_add_member method will fail when SQLAlchemy`
		`+ throws exception.`
		`+ """`
		`+ tests.create_tokens(self.session)`
		`+ tests.create_tokens_acl(self.session)`
		`+ mock_add_user.side_effect = SQLAlchemyError("Error")`
		`+`
		`+ headers = {"Authorization": "token aaabbbcccddd"}`
		`+ payload = {"user": "foo"}`
		`+ output = self.app.post(`
		`+ "/api/0/group/some_group/add", data=payload, headers=headers`
		`+ )`
		`+ self.assertEqual(output.status_code, 400)`
		`+ exp = {`
		`+ "error": (`
		`+ "An error occurred at the database level "`
		`+ "and prevent the action from reaching completion"`
		`+ ),`
		`+ "error_code": "EDBERROR",`
		`+ "errors": ["Error"],`
		`+ }`
		`+ data = json.loads(output.get_data(as_text=True))`
		`+ self.assertDictEqual(data, exp)`
		`+`
		`+ def test_api_group_remove_member_authenticated(self):`
		`+ """`
		`+ Test the api_group_remove_member method of the flask api with an`
		`+ authenticated user.`
		`+ """`
		`+ tests.create_tokens(self.session)`
		`+ tests.create_tokens_acl(self.session)`
		`+`
		`+ headers = {"Authorization": "token aaabbbcccddd"}`
		`+ payload = {"user": "foo"}`
		`+ # Add user first`
		`+ output = self.app.post(`
		`+ "/api/0/group/some_group/add", data=payload, headers=headers`
		`+ )`
		`+ exp = {`
		`+ "display_name": "Some Group",`
		`+ "full_url": "http://localhost.localdomain/group/some_group",`
		`+ "description": None,`
		`+ "creator": {`
		`+ "fullname": "PY C",`
		`+ "full_url": "http://localhost.localdomain/user/pingou",`
		`+ "url_path": "user/pingou",`
		`+ "default_email": "bar@pingou.com",`
		`+ "emails": ["bar@pingou.com", "foo@pingou.com"],`
		`+ "name": "pingou",`
		`+ },`
		`+ "members": ["pingou", "foo"],`
		`+ "date_created": "1492020239",`
		`+ "group_type": "user",`
		`+ "name": "some_group",`
		`+ }`
		`+ data = json.loads(output.get_data(as_text=True))`
		`+ data["date_created"] = "1492020239"`
		`+ self.assertDictEqual(data, exp)`
		`+`
		`+ # Then remove it`
		`+ output = self.app.post(`
		`+ "/api/0/group/some_group/remove", data=payload, headers=headers`
		`+ )`
		`+ self.assertEqual(output.status_code, 200)`
		`+ exp = {`
		`+ "display_name": "Some Group",`
		`+ "full_url": "http://localhost.localdomain/group/some_group",`
		`+ "description": None,`
		`+ "creator": {`
		`+ "fullname": "PY C",`
		`+ "full_url": "http://localhost.localdomain/user/pingou",`
		`+ "url_path": "user/pingou",`
		`+ "default_email": "bar@pingou.com",`
		`+ "emails": ["bar@pingou.com", "foo@pingou.com"],`
		`+ "name": "pingou",`
		`+ },`
		`+ "members": ["pingou"],`
		`+ "date_created": "1492020239",`
		`+ "group_type": "user",`
		`+ "name": "some_group",`
		`+ }`
		`+ data = json.loads(output.get_data(as_text=True))`
		`+ data["date_created"] = "1492020239"`
		`+ self.assertDictEqual(data, exp)`
		`+`
		`+ def test_api_group_remove_member_unauthenticated(self):`
		`+ """`
		`+ Assert that api_group_remove_member method will fail with`
		`+ unauthenticated user.`
		`+ """`
		`+ headers = {"Authorization": "token aaabbbcccddd"}`
		`+ payload = {"user": "foo"}`
		`+ output = self.app.post(`
		`+ "/api/0/group/some_group/remove", data=payload, headers=headers`
		`+ )`
		`+ self.assertEqual(output.status_code, 401)`
		`+ exp = {`
		`+ "error": (`
		`+ "Invalid or expired token. "`
		`+ "Please visit "`
		`+ "http://localhost.localdomain/settings#nav-api-tab "`
		`+ "to get or renew your API token."`
		`+ ),`
		`+ "error_code": "EINVALIDTOK",`
		`+ "errors": "Invalid token",`
		`+ }`
		`+ data = json.loads(output.get_data(as_text=True))`
		`+ self.assertDictEqual(data, exp)`
		`+`
		`+ def test_api_group_remove_member_no_permission(self):`
		`+ """`
		`+ Assert that api_group_remove_member method will fail with`
		`+ user that don't have permissions to remove member to group.`
		`+ """`
		`+ # Create tokens for foo user`
		`+ tests.create_tokens(self.session, user_id=2)`
		`+ tests.create_tokens_acl(self.session)`
		`+ headers = {"Authorization": "token aaabbbcccddd"}`
		`+ payload = {"user": "foo"}`
		`+ output = self.app.post(`
		`+ "/api/0/group/some_group/remove", data=payload, headers=headers`
		`+ )`
		`+ self.assertEqual(output.status_code, 400)`
		`+ exp = {`
		`+ "error": (`
		`+ "An error occurred at the database level "`
		`+ "and prevent the action from reaching completion"`
		`+ ),`
		`+ "error_code": "EDBERROR",`
		`+ "errors": ["You are not allowed to remove user from this group"],`
		`+ }`
		`+ data = json.loads(output.get_data(as_text=True))`
		`+ self.assertDictEqual(data, exp)`
		`+`
		`+ def test_api_group_remove_member_no_group(self):`
		`+ """`
		`+ Assert that api_group_remove_member method will fail when group doesn't`
		`+ exist.`
		`+ """`
		`+ tests.create_tokens(self.session)`
		`+ tests.create_tokens_acl(self.session)`
		`+`
		`+ headers = {"Authorization": "token aaabbbcccddd"}`
		`+ payload = {"user": "foo"}`
		`+ output = self.app.post(`
		`+ "/api/0/group/no_group/remove", data=payload, headers=headers`
		`+ )`
		`+ self.assertEqual(output.status_code, 404)`
		`+ exp = {"error": "Group not found", "error_code": "ENOGROUP"}`
		`+ data = json.loads(output.get_data(as_text=True))`
		`+ self.assertDictEqual(data, exp)`
		`+`
		`+ def test_api_group_remove_member_invalid_request(self):`
		`+ """`
		`+ Assert that api_group_remove_member method will fail when request`
		`+ is invalid.`
		`+ """`
		`+ tests.create_tokens(self.session)`
		`+ tests.create_tokens_acl(self.session)`
		`+`
		`+ headers = {"Authorization": "token aaabbbcccddd"}`
		`+ payload = {"dummy": "foo"}`
		`+ output = self.app.post(`
		`+ "/api/0/group/some_group/remove", data=payload, headers=headers`
		`+ )`
		`+ self.assertEqual(output.status_code, 400)`
		`+ exp = {`
		`+ "error": "Invalid or incomplete input submitted",`
		`+ "error_code": "EINVALIDREQ",`
		`+ "errors": {"user": ["This field is required."]},`
		`+ }`
		`+ data = json.loads(output.get_data(as_text=True))`
		`+ self.assertDictEqual(data, exp)`
		`+`
		`+ @patch("pagure.lib.query.delete_user_of_group")`
		`+ def test_api_group_remove_member_pagure_error(self, mock_remove_user):`
		`+ """`
		`+ Assert that api_group_remove_member method will fail when pagure`
		`+ throws exception.`
		`+ """`
		`+ tests.create_tokens(self.session)`
		`+ tests.create_tokens_acl(self.session)`
		`+ mock_remove_user.side_effect = PagureException("Error")`
		`+`
		`+ headers = {"Authorization": "token aaabbbcccddd"}`
		`+ payload = {"user": "foo"}`
		`+ output = self.app.post(`
		`+ "/api/0/group/some_group/remove", data=payload, headers=headers`
		`+ )`
		`+ self.assertEqual(output.status_code, 400)`
		`+ exp = {`
		`+ "error": (`
		`+ "An error occurred at the database level "`
		`+ "and prevent the action from reaching completion"`
		`+ ),`
		`+ "error_code": "EDBERROR",`
		`+ "errors": ["Error"],`
		`+ }`
		`+ data = json.loads(output.get_data(as_text=True))`
		`+ self.assertDictEqual(data, exp)`
		`+`
		`+ @patch("pagure.lib.query.delete_user_of_group")`
		`+ def test_api_group_remove_member_sqlalchemy_error(self, mock_remove_user):`
		`+ """`
		`+ Assert that api_group_remove_member method will fail when SQLAlchemy`
		`+ throws exception.`
		`+ """`
		`+ tests.create_tokens(self.session)`
		`+ tests.create_tokens_acl(self.session)`
		`+ mock_remove_user.side_effect = SQLAlchemyError("Error")`
		`+`
		`+ headers = {"Authorization": "token aaabbbcccddd"}`
		`+ payload = {"user": "foo"}`
		`+ output = self.app.post(`
		`+ "/api/0/group/some_group/remove", data=payload, headers=headers`
		`+ )`
		`+ self.assertEqual(output.status_code, 400)`
		`+ exp = {`
		`+ "error": (`
		`+ "An error occurred at the database level "`
		`+ "and prevent the action from reaching completion"`
		`+ ),`
		`+ "error_code": "EDBERROR",`
		`+ "errors": ["Error"],`
		`+ }`
		`+ data = json.loads(output.get_data(as_text=True))`
		`+ self.assertDictEqual(data, exp)`
		`+`

		`if __name__ == "__main__":`
		`unittest.main(verbosity=2)`

tests/test_pagure_lib.py

file modified

		`@@ -5668,6 +5668,7 @@`
		`"delete_git_alias",`
		`"fork_project",`
		`"generate_acls_project",`
		`+ "group_modify",`
		`"internal_access",`
		`"issue_assign",`
		`"issue_change_status",`

zlopez commented 2 years ago

This change will add new API endpoints that will allow users to add/remove new
members to group.

It also adds new ACL group_modify, which adds group add/remove ability to token.

Closes #5333

Signed-off-by: Michal Konecny mkonecny@redhat.com

zlopez commented 2 years ago

I tried to test the changes in vagrant, but I didn't saw the ACL for some reason and the API endpoints in /api/0 page. From what I know everything should be set up correctly, but it's possible I'm missing something.

rebased onto cdc78a8e77d84bced1e92d04d06876b0351dbd7f

2 years ago

ngompa commented 2 years ago

There are three failed tests, can you try to address them?

00:47:36  =========================== short test summary info ============================
00:47:36  FAILED tests/test_pagure_flask_api.py::PagureFlaskApitests::test_api_error_codes
00:47:36  FAILED tests/test_style.py::TestStyle::test_code_with_black - AssertionError:...
00:47:36  FAILED tests/test_style.py::TestStyle::test_code_with_flake8 - AssertionError...
00:47:36  ===== 3 failed, 1716 passed, 7 skipped, 4628 warnings in 978.06s (0:16:18) =====

zlopez commented 2 years ago

None of those errors are related to changes in this PR. I didn't add any new error code and the formatting changes are related to files that are not part of this PR.

05:47:36  stderr: 
05:47:36  would reformat /pagure/pagure/ui/oidc_login.py
05:47:36  would reformat /pagure/pagure/ui/groups.py
05:47:36  would reformat /pagure/pagure/api/project.py
05:47:36  would reformat /pagure/pagure/ui/app.py

Same for flake8

05:47:36  ----------------------------- Captured stdout call -----------------------------
05:47:36  (b"/pagure/pagure/default_config.py:68:81: E501 line too long (98 > 80 characters)\n/pagure/pagure/api/project.py:1454:81: E501 line too long (87 > 80 characters)\n/pagure/pagure/ui/app.py:1056:1: W293 blank line contains whitespace\n/pagure/pagure/ui/app.py:1057:81: E501 line too long (87 > 80 characters)\n/pagure/pagure/ui/app.py:1058:24: E231 missing whitespace after ','\n/pagure/pagure/ui/app.py:1058:81: E501 line too long (98 > 80 characters)\n/pagure/pagure/ui/app.py:1061:5: E303 too many blank lines (2)\n/pagure/pagure/ui/groups.py:357:81: E501 line too long (87 > 80 characters)\n/pagure/pagure/ui/groups.py:358:24: E231 missing whitespace after ','\n/pagure/pagure/ui/groups.py:358:81: E501 line too long (96 > 80 characters)\n/pagure/pagure/ui/oidc_login.py:63:81: E501 line too long (86 > 80 characters)\n/pagure/pagure/ui/oidc_login.py:68:81: E501 line too long (96 > 80 characters)\n", None)

It would be best to address the errors in separate PR.

zlopez commented 2 years ago

I can't even reproduce tests/test_pagure_flask_api_group.py failure by running run-tests-container.py locally. It just says ALL_TESTS_PASSED.

zlopez commented 2 years ago

I fixed the failing fedora tests in https://pagure.io/pagure/pull-request/5418, but there are still more than 600 tests failing on CentOS

rebased onto dcd24783e9fc1ac243448eef90e09289c9faee16

2 years ago

rebased onto 9add00931913c69438ff202fb7781a607451961b

a year ago

ngompa commented a year ago

@zlopez I think the reason you're not seeing it in the generated web documentation is because your new API endpoints are not referenced in pagure/api/__init__.py. groups_methods = [group.api_groups, group.api_view_group] needs to be extended to include your new endpoints.

rebased onto 4766e853b1eb074e0de4c277c4e0e206b9e6c3e9

a year ago

1 new commit added

Add new API group methods to index

a year ago

zlopez commented a year ago

@ngompa You were right. Adding the new endpoints to pagure/api/__init__.py. groups_methods enabled the method in api/0 and even allowed to create API tokens with the new ACL.

ngompa commented a year ago

There was a style test failure:

09:16:22  tests/test_style.py:122: AssertionError
09:16:22  ----------------------------- Captured stdout call -----------------------------
09:16:22  stdout: 
09:16:22  --- /pagure/pagure/api/__init__.py    2023-12-04 13:57:01.463774 +0000
09:16:22  +++ /pagure/pagure/api/__init__.py    2023-12-04 14:15:57.761543 +0000
09:16:22  @@ -615,11 +615,11 @@
09:16:22   
09:16:22       groups_methods = [
09:16:22           group.api_groups,
09:16:22           group.api_view_group,
09:16:22           group.api_group_add_member,
09:16:22  -        group.api_group_remove_member
09:16:22  +        group.api_group_remove_member,
09:16:22       ]
09:16:22       sections.append(build_docs_section("groups", groups_methods))
09:16:22   
09:16:22       plugins_methods = [
09:16:22           plugins.api_install_plugin,
09:16:22  
09:16:22  stderr: 
09:16:22  would reformat /pagure/pagure/api/__init__.py
09:16:22  
09:16:22  Oh no! 💥 💔 💥
09:16:22  1 file would be reformatted, 203 files would be left unchanged.

Could you fix this and squash the commits?

zlopez commented a year ago

I must have missed that

rebased onto 1b7d305

a year ago

ngompa commented a year ago

Looks good to me with the valid test suite run.

Pull-Request has been merged by ngompa

a year ago