Fixes an issuer where a member of a role is not able to add new users to said role. (#445)

2016-10-11 17:24:15 -07:00
parent 35cfb50955
commit c05a49f8c9
6 changed files with 70 additions and 22 deletions
--- a/lemur/tests/test_roles.py
+++ b/lemur/tests/test_roles.py
@ -1,7 +1,8 @@
+import json
 import pytest

 from lemur.roles.views import *  # noqa
-from lemur.tests.factories import RoleFactory, AuthorityFactory, CertificateFactory
+from lemur.tests.factories import RoleFactory, AuthorityFactory, CertificateFactory, UserFactory


 from .vectors import VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
@ -65,6 +66,50 @@ def test_role_put(client, token, status):
    assert client.put(api.url_for(Roles, role_id=1), data={}, headers=token).status_code == status


+@pytest.mark.parametrize("token,status", [
+    (VALID_USER_HEADER_TOKEN, 403),
+    (VALID_ADMIN_HEADER_TOKEN, 200),
+    ('', 401)
+])
+def test_role_put_with_data(client, session, token, status):
+    user = UserFactory()
+    role = RoleFactory()
+    session.commit()
+
+    data = {
+        'users': [
+            {'id': user.id}
+        ],
+        'id': role.id,
+        'name': role.name
+    }
+
+    assert client.put(api.url_for(Roles, role_id=role.id), data=json.dumps(data), headers=token).status_code == status
+
+
+def test_role_put_with_data_and_user(client, session):
+    from lemur.auth.service import create_token
+    user = UserFactory()
+    role = RoleFactory(users=[user])
+    user1 = UserFactory()
+    session.commit()
+
+    headers = {
+        'Authorization': 'Basic ' + create_token(user),
+        'Content-Type': 'application/json'
+    }
+
+    data = {
+        'users': [
+            {'id': user1.id}
+        ],
+        'id': role.id,
+        'name': role.name
+    }
+
+    assert client.put(api.url_for(Roles, role_id=role.id), data=json.dumps(data), headers=headers).status_code == 200
+
+
@pytest.mark.parametrize("token,status", [
    (VALID_USER_HEADER_TOKEN, 403),
    (VALID_ADMIN_HEADER_TOKEN, 200),
--- a/lemur/tests/vectors.py
+++ b/lemur/tests/vectors.py
@ -1,11 +1,15 @@
 from lemur.common.utils import parse_certificate

 VALID_USER_HEADER_TOKEN = {
-    'Authorization': 'Basic ' + 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0MzUyMzMzNjksInN1YiI6MSwiZXhwIjoxNTIxNTQ2OTY5fQ.1qCi0Ip7mzKbjNh0tVd3_eJOrae3rNa_9MCVdA4WtQI'}
+    'Authorization': 'Basic ' + 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0MzUyMzMzNjksInN1YiI6MSwiZXhwIjoxNTIxNTQ2OTY5fQ.1qCi0Ip7mzKbjNh0tVd3_eJOrae3rNa_9MCVdA4WtQI',
+    'Content-Type': 'application/json'
+}


 VALID_ADMIN_HEADER_TOKEN = {
-    'Authorization': 'Basic ' + 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0MzUyNTAyMTgsInN1YiI6MiwiZXhwIjoxNTIxNTYzODE4fQ.6mbq4-Ro6K5MmuNiTJBB153RDhlM5LGJBjI7GBKkfqA'}
+    'Authorization': 'Basic ' + 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0MzUyNTAyMTgsInN1YiI6MiwiZXhwIjoxNTIxNTYzODE4fQ.6mbq4-Ro6K5MmuNiTJBB153RDhlM5LGJBjI7GBKkfqA',
+    'Content-Type': 'application/json'
+}


 INTERNAL_VALID_LONG_STR = b"""