Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

no test coverage of POST /org/:shortname/user with active_roles ? #1216

Open
ElectricNroff opened this issue Mar 19, 2024 · 0 comments
Open

Comments

@ElectricNroff
Copy link
Contributor

def post_new_org_user(org_short_name, user_name):
""" create a user for the organization defined by its short name """
return requests.post(
f'{env.AWG_BASE_URL}{ORG_URL}/{org_short_name}/user',
headers=utils.BASE_HEADERS,
json={'username': user_name}
)

tests creating a user without the authority property but I couldn't find a test case in which authority is used during POST.

There should be tests for data of the form:

{"username": "user@example.com", "authority": {"active_roles": ["ADMIN"]}}
This is a common case implemented by clients in the past.

{"username": "user@example.com", "authority": {"active_roles": []}}
This pattern is being added to a client. The server behavior needs to be equivalent to omitting the authority property.

{"username": "user@example.com", "authority": {"active_roles": ["NOT_A_ROLE"]}}
This must fail because NOT_A_ROLE is not in the enum.

This data passes through custom middleware and the behavior needs to stay the same even if the middleware implementation is changed:

body(['authority.active_roles']).optional()
.custom(mw.isFlatStringArray)
.bail()
.customSanitizer(toUpperCaseArray)
.custom(isUserRole),

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Status: Needs Triage
Development

No branches or pull requests

2 participants