mirror of
https://github.com/ansible/awx.git
synced 2026-02-03 02:28:12 -03:30
217 lines
8.4 KiB
Python
217 lines
8.4 KiB
Python
import pytest
|
|
from unittest import mock
|
|
|
|
from rest_framework.exceptions import ValidationError
|
|
|
|
from awx.sso.fields import SAMLOrgAttrField, SAMLTeamAttrField, SAMLUserFlagsAttrField, LDAPGroupTypeParamsField, LDAPServerURIField
|
|
|
|
|
|
class TestSAMLOrgAttrField:
|
|
@pytest.mark.parametrize(
|
|
"data, expected",
|
|
[
|
|
({}, {}),
|
|
({'remove': True, 'saml_attr': 'foobar'}, {'remove': True, 'saml_attr': 'foobar'}),
|
|
({'remove': True, 'saml_attr': 1234}, {'remove': True, 'saml_attr': '1234'}),
|
|
({'remove': True, 'saml_attr': 3.14}, {'remove': True, 'saml_attr': '3.14'}),
|
|
({'saml_attr': 'foobar'}, {'saml_attr': 'foobar'}),
|
|
({'remove': True}, {'remove': True}),
|
|
({'remove': True, 'saml_admin_attr': 'foobar'}, {'remove': True, 'saml_admin_attr': 'foobar'}),
|
|
({'saml_admin_attr': 'foobar'}, {'saml_admin_attr': 'foobar'}),
|
|
({'remove_admins': True, 'saml_admin_attr': 'foobar'}, {'remove_admins': True, 'saml_admin_attr': 'foobar'}),
|
|
(
|
|
{'remove': True, 'saml_attr': 'foo', 'remove_admins': True, 'saml_admin_attr': 'bar'},
|
|
{'remove': True, 'saml_attr': 'foo', 'remove_admins': True, 'saml_admin_attr': 'bar'},
|
|
),
|
|
],
|
|
)
|
|
def test_internal_value_valid(self, data, expected):
|
|
field = SAMLOrgAttrField()
|
|
res = field.to_internal_value(data)
|
|
assert res == expected
|
|
|
|
@pytest.mark.parametrize(
|
|
"data, expected",
|
|
[
|
|
({'remove': 'blah', 'saml_attr': 'foobar'}, {'remove': ['Must be a valid boolean.']}),
|
|
({'remove': True, 'saml_attr': False}, {'saml_attr': ['Not a valid string.']}),
|
|
(
|
|
{'remove': True, 'saml_attr': False, 'foo': 'bar', 'gig': 'ity'},
|
|
{'saml_attr': ['Not a valid string.'], 'foo': ['Invalid field.'], 'gig': ['Invalid field.']},
|
|
),
|
|
({'remove_admins': True, 'saml_admin_attr': False}, {'saml_admin_attr': ['Not a valid string.']}),
|
|
({'remove_admins': 'blah', 'saml_admin_attr': 'foobar'}, {'remove_admins': ['Must be a valid boolean.']}),
|
|
],
|
|
)
|
|
def test_internal_value_invalid(self, data, expected):
|
|
field = SAMLOrgAttrField()
|
|
with pytest.raises(ValidationError) as e:
|
|
field.to_internal_value(data)
|
|
assert e.value.detail == expected
|
|
|
|
|
|
class TestSAMLTeamAttrField:
|
|
@pytest.mark.parametrize(
|
|
"data",
|
|
[
|
|
{},
|
|
{'remove': True, 'saml_attr': 'foobar', 'team_org_map': []},
|
|
{'remove': True, 'saml_attr': 'foobar', 'team_org_map': [{'team': 'Engineering', 'organization': 'Ansible'}]},
|
|
{
|
|
'remove': True,
|
|
'saml_attr': 'foobar',
|
|
'team_org_map': [
|
|
{'team': 'Engineering', 'organization': 'Ansible'},
|
|
{'team': 'Engineering', 'organization': 'Ansible2'},
|
|
{'team': 'Engineering2', 'organization': 'Ansible'},
|
|
],
|
|
},
|
|
{
|
|
'remove': True,
|
|
'saml_attr': 'foobar',
|
|
'team_org_map': [
|
|
{'team': 'Engineering', 'organization': 'Ansible'},
|
|
{'team': 'Engineering', 'organization': 'Ansible2'},
|
|
{'team': 'Engineering2', 'organization': 'Ansible'},
|
|
],
|
|
},
|
|
{
|
|
'remove': True,
|
|
'saml_attr': 'foobar',
|
|
'team_org_map': [
|
|
{'team': 'Engineering', 'team_alias': 'Engineering Team', 'organization': 'Ansible'},
|
|
{'team': 'Engineering', 'organization': 'Ansible2'},
|
|
{'team': 'Engineering2', 'organization': 'Ansible'},
|
|
],
|
|
},
|
|
],
|
|
)
|
|
def test_internal_value_valid(self, data):
|
|
field = SAMLTeamAttrField()
|
|
res = field.to_internal_value(data)
|
|
assert res == data
|
|
|
|
@pytest.mark.parametrize(
|
|
"data, expected",
|
|
[
|
|
(
|
|
{'remove': True, 'saml_attr': 'foobar', 'team_org_map': [{'team': 'foobar', 'not_a_valid_key': 'blah', 'organization': 'Ansible'}]},
|
|
{'team_org_map': {0: {'not_a_valid_key': ['Invalid field.']}}},
|
|
),
|
|
(
|
|
{'remove': False, 'saml_attr': 'foobar', 'team_org_map': [{'organization': 'Ansible'}]},
|
|
{'team_org_map': {0: {'team': ['This field is required.']}}},
|
|
),
|
|
(
|
|
{'remove': False, 'saml_attr': 'foobar', 'team_org_map': [{}]},
|
|
{'team_org_map': {0: {'organization': ['This field is required.'], 'team': ['This field is required.']}}},
|
|
),
|
|
],
|
|
)
|
|
def test_internal_value_invalid(self, data, expected):
|
|
field = SAMLTeamAttrField()
|
|
with pytest.raises(ValidationError) as e:
|
|
field.to_internal_value(data)
|
|
assert e.value.detail == expected
|
|
|
|
|
|
class TestSAMLUserFlagsAttrField:
|
|
@pytest.mark.parametrize(
|
|
"data",
|
|
[
|
|
{},
|
|
{'is_superuser_attr': 'something'},
|
|
{'is_superuser_value': 'value'},
|
|
{'is_superuser_role': 'my_peeps'},
|
|
{'is_system_auditor_attr': 'something_else'},
|
|
{'is_system_auditor_value': 'value2'},
|
|
{'is_system_auditor_role': 'other_peeps'},
|
|
],
|
|
)
|
|
def test_internal_value_valid(self, data):
|
|
field = SAMLUserFlagsAttrField()
|
|
res = field.to_internal_value(data)
|
|
assert res == data
|
|
|
|
@pytest.mark.parametrize(
|
|
"data, expected",
|
|
[
|
|
(
|
|
{
|
|
'junk': 'something',
|
|
'is_superuser_value': 'value',
|
|
'is_superuser_role': 'my_peeps',
|
|
'is_system_auditor_attr': 'else',
|
|
'is_system_auditor_value': 'value2',
|
|
'is_system_auditor_role': 'other_peeps',
|
|
},
|
|
{'junk': ['Invalid field.']},
|
|
),
|
|
(
|
|
{
|
|
'junk': 'something',
|
|
},
|
|
{
|
|
'junk': ['Invalid field.'],
|
|
},
|
|
),
|
|
(
|
|
{
|
|
'junk': 'something',
|
|
'junk2': 'else',
|
|
},
|
|
{
|
|
'junk': ['Invalid field.'],
|
|
'junk2': ['Invalid field.'],
|
|
},
|
|
),
|
|
],
|
|
)
|
|
def test_internal_value_invalid(self, data, expected):
|
|
field = SAMLUserFlagsAttrField()
|
|
with pytest.raises(ValidationError) as e:
|
|
field.to_internal_value(data)
|
|
print(e.value.detail)
|
|
assert e.value.detail == expected
|
|
|
|
|
|
class TestLDAPGroupTypeParamsField:
|
|
@pytest.mark.parametrize(
|
|
"group_type, data, expected",
|
|
[
|
|
('LDAPGroupType', {'name_attr': 'user', 'bob': ['a', 'b'], 'scooter': 'hello'}, ['Invalid key(s): "bob", "scooter".']),
|
|
('MemberDNGroupType', {'name_attr': 'user', 'member_attr': 'west', 'bob': ['a', 'b'], 'scooter': 'hello'}, ['Invalid key(s): "bob", "scooter".']),
|
|
(
|
|
'PosixUIDGroupType',
|
|
{'name_attr': 'user', 'member_attr': 'west', 'ldap_group_user_attr': 'legacyThing', 'bob': ['a', 'b'], 'scooter': 'hello'},
|
|
['Invalid key(s): "bob", "member_attr", "scooter".'],
|
|
),
|
|
],
|
|
)
|
|
def test_internal_value_invalid(self, group_type, data, expected):
|
|
field = LDAPGroupTypeParamsField()
|
|
field.get_depends_on = mock.MagicMock(return_value=group_type)
|
|
|
|
with pytest.raises(ValidationError) as e:
|
|
field.to_internal_value(data)
|
|
assert e.value.detail == expected
|
|
|
|
|
|
class TestLDAPServerURIField:
|
|
@pytest.mark.parametrize(
|
|
"ldap_uri, exception, expected",
|
|
[
|
|
(r'ldap://servername.com:444', None, r'ldap://servername.com:444'),
|
|
(r'ldap://servername.so3:444', None, r'ldap://servername.so3:444'),
|
|
(r'ldaps://servername3.s300:344', None, r'ldaps://servername3.s300:344'),
|
|
(r'ldap://servername.-so3:444', ValidationError, None),
|
|
],
|
|
)
|
|
def test_run_validators_valid(self, ldap_uri, exception, expected):
|
|
field = LDAPServerURIField()
|
|
if exception is None:
|
|
assert field.run_validators(ldap_uri) == expected
|
|
else:
|
|
with pytest.raises(exception):
|
|
field.run_validators(ldap_uri)
|