Fix ability to remove all roles from authority (#880)

2017-08-29 03:35:01 +03:00 · 2017-08-29 03:35:01 +03:00 · bb1c339655
parent aca6d6346f
commit bb1c339655
3 changed files with 34 additions and 4 deletions
--- a/lemur/authorities/service.py
+++ b/lemur/authorities/service.py
@ -16,7 +16,7 @@ from lemur.roles import service as role_service
 from lemur.certificates.service import upload


-def update(authority_id, description=None, owner=None, active=None, roles=None):
+def update(authority_id, description, owner, active, roles):
    """
    Update an authority with new values.

@ -26,12 +26,11 @@ def update(authority_id, description=None, owner=None, active=None, roles=None):
    """
    authority = get(authority_id)

-    if roles:
-        authority.roles = roles
-
+    authority.roles = roles
    authority.active = active
    authority.description = description
    authority.owner = owner
+
    return database.update(authority)


--- a/lemur/tests/factories.py
+++ b/lemur/tests/factories.py
@ -122,6 +122,7 @@ class AuthorityFactory(BaseFactory):
    name = Sequence(lambda n: 'authority{0}'.format(n))
    owner = 'joe@example.com'
    plugin = {'slug': 'test-issuer'}
+    description = FuzzyText(length=128)
    authority_certificate = SubFactory(CertificateFactory)

    class Meta:
--- a/lemur/tests/test_authorities.py
+++ b/lemur/tests/test_authorities.py
@ -1,7 +1,9 @@
+import json

 import pytest

 from lemur.authorities.views import *  # noqa
+from lemur.tests.factories import AuthorityFactory, RoleFactory
 from lemur.tests.vectors import VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN


@ -184,3 +186,31 @@ def test_certificate_authorities_delete(client, token, status):
 ])
 def test_certificate_authorities_patch(client, token, status):
    assert client.patch(api.url_for(AuthoritiesList), data={}, headers=token).status_code == status
+
+
+def test_authority_roles(client, session, issuer_plugin):
+    auth = AuthorityFactory()
+    role = RoleFactory()
+    session.flush()
+
+    data = {
+        'owner': auth.owner,
+        'name': auth.name,
+        'description': auth.description,
+        'active': True,
+        'roles': [
+            {'id': role.id},
+        ],
+    }
+
+    # Add role
+    resp = client.put(api.url_for(Authorities, authority_id=auth.id), data=json.dumps(data), headers=VALID_ADMIN_HEADER_TOKEN)
+    assert resp.status_code == 200
+    assert len(resp.json['roles']) == 1
+    assert set(auth.roles) == {role}
+
+    # Remove role
+    del data['roles'][0]
+    resp = client.put(api.url_for(Authorities, authority_id=auth.id), data=json.dumps(data), headers=VALID_ADMIN_HEADER_TOKEN)
+    assert resp.status_code == 200
+    assert len(resp.json['roles']) == 0