Adding role tests

lemur/certificates/views.py

@@ -90,7 +90,7 @@ def private_key_str(value, name):
     :return: :raise ValueError:
     """
     try:
-        serialization.load_pem_private_key(str(value), backend=default_backend())
+        serialization.load_pem_private_key(str(value), None, backend=default_backend())
     except Exception as e:
         raise ValueError("The parameter '{0}' needs to be a valid RSA private key".format(name))
     return value

lemur/tests/conftest.py

@@ -35,6 +35,7 @@ def app():
     """
     app = create_app()
     app.config['TESTING'] = True
+    app.config['LEMUR_ENCRYPTION_KEY'] = 'test'
 
     ctx = app.app_context()
     ctx.push()
@@ -52,10 +53,12 @@ def db(app, request):
 
     _db.app = app
 
+    user = user_service.create('user', 'test', 'user@example.com', True, None, [])
+    admin_role = role_service.create('admin')
+    admin = user_service.create('admin', 'admin', 'admin@example.com', True, None, [admin_role])
+    _db.session.commit()
     yield _db
 
-    _db.drop_all()
-
 
 @pytest.yield_fixture(scope="function")
 def session(db, request):
@@ -68,21 +71,8 @@ def session(db, request):
     db.session.rollback()
 
 
-@pytest.yield_fixture(scope="session")
-def default_user(db):
-    user = user_service.create('user', 'test', 'user@example.com', True, None, [])
-    yield user
-
-
-@pytest.yield_fixture(scope="session")
-def admin_user(db):
-    admin_role = role_service.create('admin')
-    admin = user_service.create('admin', 'admin', 'admin@example.com', True, None, [admin_role])
-    yield admin
-
-
 @pytest.yield_fixture(scope="function")
-def client(app):
+def client(app, session):
     with app.test_client() as client:
         yield client
 

lemur/tests/test_accounts.py

@@ -40,46 +40,46 @@ def test_account_patch(client):
 VALID_USER_HEADER_TOKEN = {
     'Authorization': 'Basic ' + 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0MzUyMzMzNjksInN1YiI6MSwiZXhwIjoxNTIxNTQ2OTY5fQ.1qCi0Ip7mzKbjNh0tVd3_eJOrae3rNa_9MCVdA4WtQI'}
 
-def test_auth_account_get(client, default_user):
+def test_auth_account_get(client):
     assert client.get(api.url_for(Accounts, account_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 200
 
 
-def test_auth_account_post_(client, default_user):
+def test_auth_account_post_(client):
     assert client.post(api.url_for(Accounts, account_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
 
 
-def test_auth_account_put(client, default_user):
+def test_auth_account_put(client):
     assert client.put(api.url_for(Accounts, account_id=1), data={}, headers=VALID_USER_HEADER_TOKEN).status_code == 403
 
 
-def test_auth_account_delete(client, default_user):
+def test_auth_account_delete(client):
     assert client.delete(api.url_for(Accounts, account_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 403
 
 
-def test_auth_account_patch(client, default_user):
+def test_auth_account_patch(client):
     assert client.patch(api.url_for(Accounts, account_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
 
 
 VALID_ADMIN_HEADER_TOKEN = {
     'Authorization': 'Basic ' + 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0MzUyNTAyMTgsInN1YiI6MiwiZXhwIjoxNTIxNTYzODE4fQ.6mbq4-Ro6K5MmuNiTJBB153RDhlM5LGJBjI7GBKkfqA'}
 
-def test_admin_account_get(client, admin_user):
+def test_admin_account_get(client):
     assert client.get(api.url_for(Accounts, account_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 200
 
 
-def test_admin_account_post(client, admin_user):
+def test_admin_account_post(client):
     assert client.post(api.url_for(Accounts, account_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
 
 
-def test_admin_account_put(client, admin_user):
+def test_admin_account_put(client):
     assert client.put(api.url_for(Accounts, account_id=1), data={}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 400
 
 
-def test_admin_account_delete(client, admin_user):
+def test_admin_account_delete(client):
     assert client.delete(api.url_for(Accounts, account_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 500
 
 
-def test_admin_account_patch(client, admin_user):
+def test_admin_account_patch(client):
     assert client.patch(api.url_for(Accounts, account_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
 
 
@@ -103,21 +103,21 @@ def test_accounts_patch(client):
     assert client.patch(api.url_for(AccountsList), {}).status_code == 405
 
 
-def test_auth_accounts_get(client, default_user):
+def test_auth_accounts_get(client):
     assert client.get(api.url_for(AccountsList), headers=VALID_USER_HEADER_TOKEN).status_code == 200
 
 
-def test_auth_accounts_post(client, default_user):
+def test_auth_accounts_post(client):
     assert client.post(api.url_for(AccountsList), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 403
 
 
-def test_admin_accounts_get(client, admin_user):
+def test_admin_accounts_get(client):
     resp = client.get(api.url_for(AccountsList), headers=VALID_ADMIN_HEADER_TOKEN)
     assert resp.status_code == 200
     assert resp.json == {'items': [], 'total': 0}
 
 
-def test_admin_accounts_crud(client, admin_user):
+def test_admin_accounts_crud(client):
     assert client.post(api.url_for(AccountsList), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 400
     data = {'accountNumber': 111, 'label': 'test', 'comments': 'test'}
     resp = client.post(api.url_for(AccountsList), data=dumps(data), content_type='application/json',  headers=VALID_ADMIN_HEADER_TOKEN)

lemur/tests/test_domains.py

@@ -23,46 +23,46 @@ def test_domain_patch(client):
 VALID_USER_HEADER_TOKEN = {
     'Authorization': 'Basic ' + 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0MzUyMzMzNjksInN1YiI6MSwiZXhwIjoxNTIxNTQ2OTY5fQ.1qCi0Ip7mzKbjNh0tVd3_eJOrae3rNa_9MCVdA4WtQI'}
 
-def test_auth_domain_get(client, default_user):
+def test_auth_domain_get(client):
     assert client.get(api.url_for(Domains, domain_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 200
 
 
-def test_auth_domain_post_(client, default_user):
+def test_auth_domain_post_(client):
     assert client.post(api.url_for(Domains, domain_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
 
 
-def test_auth_domain_put(client, default_user):
+def test_auth_domain_put(client):
     assert client.put(api.url_for(Domains, domain_id=1), data={}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
 
 
-def test_auth_domain_delete(client, default_user):
+def test_auth_domain_delete(client):
     assert client.delete(api.url_for(Domains, domain_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 405
 
 
-def test_auth_domain_patch(client, default_user):
+def test_auth_domain_patch(client):
     assert client.patch(api.url_for(Domains, domain_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
 
 
 VALID_ADMIN_HEADER_TOKEN = {
     'Authorization': 'Basic ' + 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0MzUyNTAyMTgsInN1YiI6MiwiZXhwIjoxNTIxNTYzODE4fQ.6mbq4-Ro6K5MmuNiTJBB153RDhlM5LGJBjI7GBKkfqA'}
 
-def test_admin_domain_get(client, admin_user):
+def test_admin_domain_get(client):
     assert client.get(api.url_for(Domains, domain_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 200
 
 
-def test_admin_domain_post(client, admin_user):
+def test_admin_domain_post(client):
     assert client.post(api.url_for(Domains, domain_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
 
 
-def test_admin_domain_put(client, admin_user):
+def test_admin_domain_put(client):
     assert client.put(api.url_for(Domains, domain_id=1), data={}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
 
 
-def test_admin_domain_delete(client, admin_user):
+def test_admin_domain_delete(client):
     assert client.delete(api.url_for(Domains, domain_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
 
 
-def test_admin_domain_patch(client, admin_user):
+def test_admin_domain_patch(client):
     assert client.patch(api.url_for(Domains, domain_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
 
 
@@ -86,11 +86,11 @@ def test_domains_patch(client):
     assert client.patch(api.url_for(DomainsList), {}).status_code == 405
 
 
-def test_auth_domains_get(client, default_user):
+def test_auth_domains_get(client):
     assert client.get(api.url_for(DomainsList), headers=VALID_USER_HEADER_TOKEN).status_code == 200
 
 
-def test_admin_domains_get(client, admin_user):
+def test_admin_domains_get(client):
     resp = client.get(api.url_for(DomainsList), headers=VALID_ADMIN_HEADER_TOKEN)
     assert resp.status_code == 200
     assert resp.json == {'items': [], 'total': 0}
@@ -116,8 +116,8 @@ def test_certificate_domains_patch(client):
     assert client.patch(api.url_for(CertificateDomains, certificate_id=1), {}).status_code == 405
 
 
-def test_auth_certificate_domains_get(client, default_user):
+def test_auth_certificate_domains_get(client):
     assert client.get(api.url_for(CertificateDomains, certificate_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 200
 
-def test_admin_certificate_domains_get(client, admin_user):
+def test_admin_certificate_domains_get(client):
     assert client.get(api.url_for(CertificateDomains, certificate_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 200

lemur/tests/test_roles.py

@@ -0,0 +1,311 @@
+from json import dumps
+from lemur.roles.service import *
+from lemur.roles.views import *
+
+
+def test_crud(session):
+    role = create('role1')
+    assert role.id > 0
+
+    role = update(role.id, 'role_new', None, [])
+    assert role.name == 'role_new'
+    delete(role.id)
+    assert get(role.id) == None
+
+
+def test_role_get(client):
+    assert client.get(api.url_for(Roles, role_id=1)).status_code == 401
+
+
+def test_role_post(client):
+    assert client.post(api.url_for(Roles, role_id=1), {}).status_code == 405
+
+
+def test_role_put(client):
+    assert client.put(api.url_for(Roles, role_id=1), {}).status_code == 401
+
+
+def test_role_delete(client):
+    assert client.delete(api.url_for(Roles, role_id=1)).status_code == 401
+
+
+def test_role_patch(client):
+    assert client.patch(api.url_for(Roles, role_id=1), {}).status_code == 405
+
+
+def test_roles_get(client):
+    assert client.get(api.url_for(RolesList)).status_code == 401
+
+
+def test_roles_post(client):
+    assert client.post(api.url_for(RolesList), {}).status_code == 401
+
+
+def test_roles_put(client):
+    assert client.put(api.url_for(RolesList), {}).status_code == 405
+
+
+def test_roles_delete(client):
+    assert client.delete(api.url_for(RolesList)).status_code == 405
+
+
+def test_roles_patch(client):
+    assert client.patch(api.url_for(RolesList), {}).status_code == 405
+
+
+def test_role_credentials_get(client):
+    assert client.get(api.url_for(RoleViewCredentials, role_id=1)).status_code == 401
+
+
+def test_role_credentials_post(client):
+    assert client.post(api.url_for(RoleViewCredentials, role_id=1), {}).status_code == 405
+
+
+def test_role_credentials_put(client):
+    assert client.put(api.url_for(RoleViewCredentials, role_id=1), {}).status_code == 405
+
+
+def test_role_credentials_delete(client):
+    assert client.delete(api.url_for(RoleViewCredentials, role_id=1)).status_code == 405
+
+
+def test_role_credentials_patch(client):
+    assert client.patch(api.url_for(RoleViewCredentials, role_id=1), {}).status_code == 405
+
+
+def test_user_roles_get(client):
+    assert client.get(api.url_for(UserRolesList, user_id=1)).status_code == 401
+
+
+def test_user_roles_post(client):
+    assert client.post(api.url_for(UserRolesList, user_id=1), {}).status_code == 405
+
+
+def test_user_roles_put(client):
+    assert client.put(api.url_for(UserRolesList, user_id=1), {}).status_code == 405
+
+
+def test_user_roles_delete(client):
+    assert client.delete(api.url_for(UserRolesList, user_id=1)).status_code == 405
+
+
+def test_user_roles_patch(client):
+    assert client.patch(api.url_for(UserRolesList, user_id=1), {}).status_code == 405
+
+
+def test_authority_roles_get(client):
+    assert client.get(api.url_for(AuthorityRolesList, authority_id=1)).status_code == 401
+
+
+def test_authority_roles_post(client):
+    assert client.post(api.url_for(AuthorityRolesList, authority_id=1), {}).status_code == 405
+
+
+def test_authority_roles_put(client):
+    assert client.put(api.url_for(AuthorityRolesList, authority_id=1), {}).status_code == 405
+
+
+def test_authority_roles_delete(client):
+    assert client.delete(api.url_for(AuthorityRolesList, authority_id=1)).status_code == 405
+
+
+def test_authority_roles_patch(client):
+    assert client.patch(api.url_for(AuthorityRolesList, authority_id=1), {}).status_code == 405
+
+
+VALID_USER_HEADER_TOKEN = {
+    'Authorization': 'Basic ' + 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0MzUyMzMzNjksInN1YiI6MSwiZXhwIjoxNTIxNTQ2OTY5fQ.1qCi0Ip7mzKbjNh0tVd3_eJOrae3rNa_9MCVdA4WtQI'}
+
+
+def test_auth_role_get(client):
+    assert client.get(api.url_for(Roles, role_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 400
+
+
+def test_auth_role_post_(client):
+    assert client.post(api.url_for(Roles, role_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_role_put(client):
+    assert client.put(api.url_for(Roles, role_id=1), data={}, headers=VALID_USER_HEADER_TOKEN).status_code == 400
+
+
+def test_auth_role_delete(client):
+    assert client.delete(api.url_for(Roles, role_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 403
+
+
+def test_auth_role_patch(client):
+    assert client.patch(api.url_for(Roles, role_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_roles_get(client):
+    assert client.get(api.url_for(RolesList), headers=VALID_USER_HEADER_TOKEN).status_code == 200
+
+
+def test_auth_roles_post(client):
+    assert client.post(api.url_for(RolesList), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 403
+
+
+def test_auth_role_credentials_get(client):
+    assert client.get(api.url_for(RoleViewCredentials, role_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 403
+
+
+def test_auth_role_credentials_post(client):
+    assert client.post(api.url_for(RoleViewCredentials, role_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_role_credentials_put(client):
+    assert client.put(api.url_for(RoleViewCredentials, role_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_role_credentials_delete(client):
+    assert client.delete(api.url_for(RoleViewCredentials, role_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_role_credentials_patch(client):
+    assert client.patch(api.url_for(RoleViewCredentials, role_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_user_roles_get(client):
+    assert client.get(api.url_for(UserRolesList, user_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 200
+
+
+def test_auth_user_roles_post(client):
+    assert client.post(api.url_for(UserRolesList, user_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_user_roles_put(client):
+    assert client.put(api.url_for(UserRolesList, user_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_user_roles_delete(client):
+    assert client.delete(api.url_for(UserRolesList, user_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_user_roles_patch(client):
+    assert client.patch(api.url_for(UserRolesList, user_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_authority_roles_get(client):
+    assert client.get(api.url_for(AuthorityRolesList, authority_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 200
+
+
+def test_auth_authority_roles_post(client):
+    assert client.post(api.url_for(AuthorityRolesList, authority_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_authority_roles_put(client):
+    assert client.put(api.url_for(AuthorityRolesList, authority_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_authority_roles_delete(client):
+    assert client.delete(api.url_for(AuthorityRolesList, authority_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_authority_roles_patch(client):
+    assert client.patch(api.url_for(AuthorityRolesList, authority_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+VALID_ADMIN_HEADER_TOKEN = {
+    'Authorization': 'Basic ' + 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0MzUyNTAyMTgsInN1YiI6MiwiZXhwIjoxNTIxNTYzODE4fQ.6mbq4-Ro6K5MmuNiTJBB153RDhlM5LGJBjI7GBKkfqA'}
+
+
+def test_admin_role_get(client):
+    assert client.get(api.url_for(Roles, role_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 200
+
+
+def test_admin_role_post(client):
+    assert client.post(api.url_for(Roles, role_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
+
+
+def test_admin_role_put(client):
+    assert client.put(api.url_for(Roles, role_id=1), data={}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 400
+
+
+def test_admin_role_delete(client):
+    assert client.delete(api.url_for(Roles, role_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 200
+
+
+def test_admin_role_patch(client):
+    assert client.patch(api.url_for(Roles, role_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
+
+
+def test_admin_roles_get(client):
+    resp = client.get(api.url_for(RolesList), headers=VALID_ADMIN_HEADER_TOKEN)
+    assert resp.status_code == 200
+    assert resp.json['total'] > 0
+
+
+def test_admin_role_credentials_get(client):
+    assert client.get(api.url_for(RolesList), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 200
+
+
+def test_admin_role_credentials_post(client):
+    assert client.post(api.url_for(RolesList), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 400
+
+
+def test_admin_role_credentials_put(client):
+    assert client.put(api.url_for(RolesList), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
+
+
+def test_admin_role_credentials_delete(client):
+    assert client.delete(api.url_for(RolesList), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
+
+
+def test_admin_role_credentials_patch(client):
+    assert client.patch(api.url_for(RolesList), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
+
+
+def test_admin_user_roles_get(client):
+    assert client.get(api.url_for(UserRolesList, user_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 200
+
+
+def test_admin_user_roles_post(client):
+    assert client.post(api.url_for(UserRolesList, user_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
+
+
+def test_admin_user_roles_put(client):
+    assert client.put(api.url_for(UserRolesList, user_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
+
+
+def test_admin_user_roles_delete(client):
+    assert client.delete(api.url_for(UserRolesList, user_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
+
+
+def test_admin_user_roles_patch(client):
+    assert client.patch(api.url_for(UserRolesList, user_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
+
+
+def test_admin_authority_roles_get(client):
+    assert client.get(api.url_for(AuthorityRolesList, authority_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 200
+
+
+def test_admin_authority_roles_post(client):
+    assert client.post(api.url_for(AuthorityRolesList, authority_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
+
+
+def test_admin_authority_roles_put(client):
+    assert client.put(api.url_for(AuthorityRolesList, authority_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
+
+
+def test_admin_authority_roles_delete(client):
+    assert client.delete(api.url_for(AuthorityRolesList, authority_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
+
+
+def test_admin_authority_roles_patch(client):
+    assert client.patch(api.url_for(AuthorityRolesList, authority_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
+
+
+def test_admin_roles_crud(client):
+    assert client.post(api.url_for(RolesList), data={}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 400
+    data = {'name': 'role', 'description': 'test'}
+    resp = client.post(api.url_for(RolesList), data=dumps(data), content_type='application/json', headers=VALID_ADMIN_HEADER_TOKEN)
+    assert resp.status_code == 200
+    role_id = resp.json['id']
+    assert client.get(api.url_for(Roles, role_id=role_id), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 200
+    resp = client.get(api.url_for(RolesList), headers=VALID_ADMIN_HEADER_TOKEN)
+    assert resp.status_code == 200
+    assert resp.json['total'] == 2
+    assert client.delete(api.url_for(Roles, role_id=role_id), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 200
+    resp = client.get(api.url_for(RolesList), headers=VALID_ADMIN_HEADER_TOKEN)
+    assert resp.status_code == 200
+    assert resp.json['total'] == 1