Add test for permission linked to each apps

This commit is contained in:
Josué Tille 2019-05-28 20:40:11 +02:00
parent d97e917ef9
commit d589316244
No known key found for this signature in database
GPG key ID: D5E068C6DFA8681D
2 changed files with 28 additions and 2 deletions

View file

@ -14,7 +14,7 @@ from yunohost.backup import backup_create, backup_restore, backup_list, backup_i
from yunohost.domain import _get_maindomain
from yunohost.utils.error import YunohostError
from yunohost.user import user_permission_list
from yunohost.tests.test_permission import check_LDAP_db_integrity
from yunohost.tests.test_permission import check_LDAP_db_integrity, check_permission_for_apps
# Get main domain
maindomain = ""
@ -98,6 +98,12 @@ def check_LDAP_db_integrity_call():
yield
check_LDAP_db_integrity()
@pytest.fixture(autouse=True)
def check_permission_for_apps_call():
check_permission_for_apps()
yield
check_permission_for_apps()
#
# Helpers #
#

View file

@ -1,7 +1,7 @@
import pytest
from moulinette.core import init_authenticator, MoulinetteError
from yunohost.app import app_install, app_remove, app_change_url
from yunohost.app import app_install, app_remove, app_change_url, app_list
from yunohost.user import user_list, user_create, user_permission_list, user_delete, user_group_list, user_group_delete, user_permission_add, user_permission_remove, user_permission_clear
from yunohost.permission import permission_add, permission_update, permission_remove
from yunohost.domain import _get_maindomain
@ -136,6 +136,26 @@ def check_LDAP_db_integrity():
allowed_user_list = [m.split("=")[1].split(",")[0] for m in permission_map[permission]['inheritPermission']]
assert set(user_list) <= set(allowed_user_list)
def check_permission_for_apps():
# We check that the for each installed apps we have at last the "main" permission
# and we don't have any permission linked to no apps. The only exception who is not liked to an app
# is mail, metronome, and sftp
permission_search = auth.search('ou=permission,dc=yunohost,dc=org',
'(objectclass=permissionYnh)',
['cn', 'groupPermission', 'inheritPermission', 'memberUid'])
app_l = app_list(installed=True)['apps']
apps_list_set = set()
permission_list_set = set()
for permission in permission_search:
permission_list_set.add(permission['cn'][0].split(".")[1])
for app in app_l:
apps_list_set.add(app['id'])
extra_service_permission = set(['mail', 'metronome'])
if 'sftp' in permission_list_set:
extra_service_permission.add('sftp')
assert apps_list_set == permission_list_set - extra_service_permission
#
# List functions
#