diff --git a/orm/services/customer_manager/scripts/db_scripts/ranger_cms_create_db.sql b/orm/services/customer_manager/scripts/db_scripts/ranger_cms_create_db.sql index b9914033..ca8f99fd 100755 --- a/orm/services/customer_manager/scripts/db_scripts/ranger_cms_create_db.sql +++ b/orm/services/customer_manager/scripts/db_scripts/ranger_cms_create_db.sql @@ -159,7 +159,7 @@ create table if not exists groups_customer_role primary key (group_id, customer_id, region_id, role_id), foreign key (`group_id`) references `groups` (`uuid`) ON DELETE CASCADE ON UPDATE NO ACTION, foreign key (`customer_id`) references `customer` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION, - foreign key (`role_id`) references `groups_role` (`role_id`) ON DELETE CASCADE ON UPDATE NO ACTION, + foreign key (`group_id`, `role_id`) references `groups_role` (`group_id`, `role_id`) ON DELETE CASCADE ON UPDATE NO ACTION, foreign key (`region_id`) references `cms_region` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION, index customer_id_idx (customer_id), index role_id_idx (role_id)); @@ -173,6 +173,6 @@ create table if not exists groups_domain_role primary key (group_id, domain_name, region_id, role_id), foreign key (`group_id`) references `groups` (`uuid`) ON DELETE CASCADE ON UPDATE NO ACTION, foreign key (`domain_name`) references `cms_domain` (`name`) ON DELETE CASCADE ON UPDATE NO ACTION, - foreign key (`role_id`) references `groups_role` (`role_id`) ON DELETE CASCADE ON UPDATE NO ACTION, + foreign key (`group_id`, `role_id`) references `groups_role` (`group_id`, `role_id`) ON DELETE CASCADE ON UPDATE NO ACTION, foreign key (`region_id`) references `cms_region` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION, index role_id_idx (role_id)); diff --git a/orm/tests/unit/cms/test_group_logic.py b/orm/tests/unit/cms/test_group_logic.py index 21aa2b7b..b61f4b61 100644 --- a/orm/tests/unit/cms/test_group_logic.py +++ b/orm/tests/unit/cms/test_group_logic.py @@ -209,6 +209,22 @@ class TestGroupLogic(FunctionalTest): assert record_mock.read_group_by_uuid.called assert record_mock.get_regions_for_group.called + def test_assign_roles_to_group_region_on_customer_success(self): + roles_assginments = [models.RoleAssignment( + roles=['a_role'], customer='customer')] + + logic = group_logic.GroupLogic() + logic.assign_roles( + 'group_uuid', roles_assginments, 'some_trans_id', region='local') + + assert data_manager_mock.add_groups_role_on_customer.called + assert data_manager_mock.get_customer_id_by_uuid.called + assert data_manager_mock.commit.called + assert data_manager_mock.get_role_id_by_name.called + assert not data_manager_mock.rollback.called + assert record_mock.read_group_by_uuid.called + assert record_mock.get_region_by_keys.called + def test_assign_roles_to_group_on_domain_error(self): global mock_returns_error mock_returns_error = True @@ -220,6 +236,7 @@ class TestGroupLogic(FunctionalTest): self.assertRaises(SystemError, logic.assign_roles, 'group_uuid', roles_assginments, 'some_trans_id') + assert data_manager_mock.add_groups_role_on_domain.called assert data_manager_mock.rollback.called def test_assign_roles_to_group_on_customer_error(self): @@ -233,6 +250,41 @@ class TestGroupLogic(FunctionalTest): self.assertRaises(SystemError, logic.assign_roles, 'group_uuid', roles_assginments, 'some_trans_id') + assert data_manager_mock.add_groups_role_on_customer.called + assert data_manager_mock.rollback.called + + def test_assign_roles_to_group_region_error(self): + global mock_returns_error + global flow_type + mock_returns_error = True + flow_type = 1 + + roles_assginments = [models.RoleAssignment( + roles=['a_role'], customer='customer')] + + logic = group_logic.GroupLogic() + self.assertRaises(SystemError, logic.assign_roles, 'group_uuid', + roles_assginments, 'some_trans_id') + + assert record_mock.get_regions_for_group.called + assert not data_manager_mock.add_groups_role_on_customer.called + assert data_manager_mock.rollback.called + + def test_assign_roles_to_group_region_region_error(self): + global mock_returns_error + global flow_type + mock_returns_error = True + flow_type = 1 + + roles_assginments = [models.RoleAssignment( + roles=['a_role'], customer='customer')] + + logic = group_logic.GroupLogic() + self.assertRaises(SystemError, logic.assign_roles, 'group_uuid', + roles_assginments, 'some_trans_id', region='local') + + assert record_mock.get_region_by_keys.called + assert not data_manager_mock.add_groups_role_on_customer.called assert data_manager_mock.rollback.called def test_unassign_roles_from_group_on_domain_success(self): @@ -388,6 +440,8 @@ def get_mock_datamanager(): record_mock.read_group_by_uuid.return_value = sql_group record_mock.get_regions_for_group.return_value = [ sql_models.GroupsRegion(region_id=1, group_id="group_id")] + record_mock.get_region_by_keys.return_value = \ + sql_models.GroupsRegion(region_id=1, group_id="group_id") record_mock.remove_customer_role_from_group.return_value = result_mock record_mock.remove_domain_role_from_group.return_value = result_mock record_mock.check_groups_customer_role_exist.return_value = False @@ -418,5 +472,9 @@ def get_mock_datamanager(): record_mock.remove_domain_role_from_group.side_effect = SystemError() record_mock.remove_customer_role_from_group.side_effect = SystemError() + if flow_type == 1: + record_mock.get_regions_for_group.side_effect = SystemError() + record_mock.get_region_by_keys.side_effect = SystemError() + data_manager_mock.get_record.return_value = record_mock return data_manager_mock diff --git a/orm/tests/unit/cms/test_groups_region_role.py b/orm/tests/unit/cms/test_groups_region_role.py new file mode 100644 index 00000000..b5a48eb0 --- /dev/null +++ b/orm/tests/unit/cms/test_groups_region_role.py @@ -0,0 +1,110 @@ +import mock +import requests + +from orm.services.customer_manager.cms_rest.controllers.v1.orm.group\ + import region_roles +from orm.services.customer_manager.cms_rest.logic.error_base import ErrorStatus +from orm.services.customer_manager.cms_rest.model import GroupModels +from orm.tests.unit.cms import FunctionalTest +from wsme.exc import ClientSideError + +group_logic_mock = None + + +class TestGroupsRegionRoleController(FunctionalTest): + def setUp(self): + FunctionalTest.setUp(self) + + region_roles.authentication = mock.MagicMock() + region_roles.GroupLogic = get_mock_group_logic + + region_roles.GroupLogic.return_error = 0 + region_roles.utils = mock.MagicMock() + region_roles.utils.audit_trail.return_value = None + region_roles.err_utils = mock.MagicMock() + + def tearDown(self): + FunctionalTest.tearDown(self) + + def test_assign_roles_to_group_region(self): + # given + requests.post = mock.MagicMock(return_value=ResponseMock(200)) + + # when + response = self.app.post_json( + '/v1/orm/groups/{groups id}/regions/{region id}/roles/', + GROUPS_ROLE_JSON) + + # assert + assert response.status_int == 200 + assert region_roles.utils.audit_trail.called + assert group_logic_mock.assign_roles_called + + def test_assign_roles_to_group_region_fail(self): + # given + requests.post = mock.MagicMock() + + region_roles.GroupLogic.return_error = 1 + + region_roles.err_utils.get_error = mock.MagicMock( + return_value=ClientSideError("blabla", 500)) + # when + response = self.app.post_json( + '/v1/orm/groups/{groups id}/regions/{region id}/roles/', + GROUPS_ROLE_JSON, expect_errors=True) + # assert + self.assertEqual(response.status_int, 500) + + def test_assign_roles_to_group_region_bad_request(self): + # given + requests.post = mock.MagicMock() + + region_roles.GroupLogic.return_error = 2 + region_roles.err_utils.get_error = mock.MagicMock( + return_value=ClientSideError("blabla", 404)) + + # when + response = self.app.post_json( + '/v1/orm/groups/{groups_id}/regions/{region id}/roles/', + GROUPS_ROLE_JSON, expect_errors=True) + + # assert + self.assertEqual(response.status_int, 404) + + +def get_mock_group_logic(): + global group_logic_mock + group_logic_mock = mock.MagicMock() + + if region_roles.GroupLogic.return_error == 0: + res = GroupModels.RoleResultWrapper(transaction_id='1', + roles=[], + links={}, + created='1') + + group_logic_mock.assign_roles.return_value = res + + elif region_roles.GroupLogic.return_error == 1: + group_logic_mock.assign_roles.side_effect = SystemError() + + elif region_roles.GroupLogic.return_error == 2: + group_logic_mock.assign_roles.side_effect = ErrorStatus( + status_code=404) + + return group_logic_mock + + +class ResponseMock: + def __init__(self, status_code=200): + self.status_code = status_code + + +GROUPS_ROLE_JSON = [ + { + "customer": "customer-id", + "roles": [ + "role1", + "role2" + ] + } +] diff --git a/orm/tests/unit/ormcli/test_cmscli.py b/orm/tests/unit/ormcli/test_cmscli.py index a9e565f4..a3047fb8 100755 --- a/orm/tests/unit/ormcli/test_cmscli.py +++ b/orm/tests/unit/ormcli/test_cmscli.py @@ -119,7 +119,10 @@ class CmsTests(TestCase): args.userdomain,)), 'assign_group_roles': ( - requests.post, 'groups/%s/roles' % args.groupid,) + requests.post, 'groups/%s/roles' % args.groupid,), + 'assign_group_region_roles': ( + requests.post, 'groups/%s/regions/%s/roles' % (args.groupid, + args.regionid)) } # Assert that each subcommand returns the expected details