| |
@@ -6,6 +6,10 @@
|
| |
import mock
|
| |
import ldap
|
| |
import pytest
|
| |
+ from click.testing import CliRunner
|
| |
+ from textwrap import dedent
|
| |
+ from werkzeug.exceptions import Unauthorized
|
| |
+ from waiverdb.cli import cli as waiverdb_cli
|
| |
|
| |
|
| |
@pytest.mark.usefixtures('enable_permission_mapping')
|
| |
@@ -154,3 +158,57 @@
|
| |
assert res_data['waived'] is True
|
| |
assert res_data['comment'] == 'it broke'
|
| |
assert res_data['proxied_by'] == 'bodhi'
|
| |
+
|
| |
+ @pytest.mark.usefixtures('enable_ldap_host')
|
| |
+ @pytest.mark.usefixtures('enable_ldap_base')
|
| |
+ @mock.patch('waiverdb.auth.get_user', return_value=('bodhi', {}))
|
| |
+ @mock.patch('requests.request',
|
| |
+ side_effect=Unauthorized('You are not authorized to submit a waiver for the test '
|
| |
+ 'case testcase3'))
|
| |
+ def test_proxied_by_with_no_permission_cli(self, mock_request, mock_get_user, client, session,
|
| |
+ tmpdir):
|
| |
+ p = tmpdir.join('client.conf')
|
| |
+ p.write(dedent("""
|
| |
+ [waiverdb]
|
| |
+ auth_method=Kerberos
|
| |
+ api_url=http://localhost:5004/api/v1.0
|
| |
+ """))
|
| |
+ self.data['testcase'] = 'testcase3'
|
| |
+ self.data['username'] = 'foo'
|
| |
+ runner = CliRunner()
|
| |
+ args = ['-C', p.strpath, '-s', '{"type": "koji_build", "item": "glibc-2.26-27.fc27"}',
|
| |
+ '-t', 'testcase3', '-c', 'This is fine', '-p', 'fool-1', '-u', 'foo']
|
| |
+ result = runner.invoke(waiverdb_cli, args, catch_exceptions=True)
|
| |
+ assert result.exception.description == ("You are not authorized to submit a waiver "
|
| |
+ "for the test case testcase3")
|
| |
+
|
| |
+ @pytest.mark.usefixtures('enable_ldap_host')
|
| |
+ @pytest.mark.usefixtures('enable_ldap_base')
|
| |
+ @mock.patch('waiverdb.auth.get_user', return_value=('bodhi', {}))
|
| |
+ def test_proxied_by_has_permission_cli(self, mock_get_user, client, session, tmpdir):
|
| |
+ with mock.patch('requests.request') as mock_request:
|
| |
+ mock_rv = mock.Mock()
|
| |
+ mock_rv.json.return_value = [{
|
| |
+ "comment": "it broke",
|
| |
+ "data": {"item": ["glibc-2.26-27.fc27"], "type": ["koji_build"]},
|
| |
+ "id": 15,
|
| |
+ "product_version": "fool-1",
|
| |
+ "testcase": "testcase2",
|
| |
+ "timestamp": "2017-010-16T17:42:04.209638",
|
| |
+ "username": "foo",
|
| |
+ "proxied_by": "bodhi",
|
| |
+ "waived": True
|
| |
+ }]
|
| |
+ mock_request.return_value = mock_rv
|
| |
+ p = tmpdir.join('client.conf')
|
| |
+ p.write(dedent("""
|
| |
+ [waiverdb]
|
| |
+ auth_method=Kerberos
|
| |
+ api_url=http://localhost:5004/api/v1.0
|
| |
+ """))
|
| |
+ runner = CliRunner()
|
| |
+ args = ['-C', p.strpath, '-p', 'fool-1', '-r', '123',
|
| |
+ '-c', "This is fine", '-u', 'foo']
|
| |
+ result = runner.invoke(waiverdb_cli, args)
|
| |
+ mock_request.assert_called_once()
|
| |
+ assert result.output.startswith('Created waiver 15 for result with id 123\n')
|
| |
In the API is possible to define a username on whose behalf the
caller is proxying the submittion of a waiver.
This change provides this possibility also in the CLI. This is
updated also to reflect the recent changes regarding the access
control.