diff --git a/keyosk/database/domain_access_list.py b/keyosk/database/domain_access_list.py index 34d757a..1a9d345 100644 --- a/keyosk/database/domain_access_list.py +++ b/keyosk/database/domain_access_list.py @@ -11,4 +11,4 @@ class KeyoskDomainAccessList(KeyoskBaseModel): domain = peewee.ForeignKeyField( KeyoskDomain, null=False, on_delete="CASCADE", backref="access_lists" ) - name = peewee.CharField(null=False) + name = peewee.CharField(null=False, unique=True) diff --git a/tests/fixtures.py b/tests/fixtures.py index 183d6b0..f660577 100644 --- a/tests/fixtures.py +++ b/tests/fixtures.py @@ -7,11 +7,11 @@ import pytest from keyosk import config from keyosk import database -from keyosk.database import Account -from keyosk.database import AccountACLEntry -from keyosk.database import Domain -from keyosk.database import DomainAccessList -from keyosk.database import DomainPermission +from keyosk.database import KeyoskAccount +from keyosk.database import KeyoskAccountScope +from keyosk.database import KeyoskDomain +from keyosk.database import KeyoskDomainAccessList +from keyosk.database import KeyoskDomainPermission @contextlib.contextmanager @@ -42,7 +42,7 @@ def demo_database(request, tmp_path_factory): tmp_path = _pytest.tmpdir._mk_tmp(request, tmp_path_factory) accounts = [ - Account( + KeyoskAccount( username="lskywalker", encrypted_client_set_secret=passlib.hash.pbkdf2_sha512.hash( "xWingLuvr4evA" @@ -55,7 +55,7 @@ def demo_database(request, tmp_path_factory): "jedi": True, }, ), - Account( + KeyoskAccount( username="dvader", encrypted_client_set_secret=passlib.hash.pbkdf2_sha512.hash( "nobodyKnowsIKilledAllTheYounglings" @@ -68,14 +68,14 @@ def demo_database(request, tmp_path_factory): "jedi": False, }, ), - Account( + KeyoskAccount( username="hsolo", encrypted_client_set_secret=passlib.hash.pbkdf2_sha512.hash("landosux"), encrypted_server_set_secret=passlib.hash.pbkdf2_sha512.hash("12ab34cd"), enabled=True, extras={"full-name": "Han Solo", "homeworld": "Corellia", "jedi": False,}, ), - Account( + KeyoskAccount( username="deusexmachina", encrypted_client_set_secret=passlib.hash.pbkdf2_sha512.hash( "whenyouneedsomethingtosavetheday:whoyagonnacall" @@ -90,14 +90,14 @@ def demo_database(request, tmp_path_factory): "species": None, }, ), - Account( + KeyoskAccount( username="jack.oneill@airforce.gov", encrypted_client_set_secret=passlib.hash.pbkdf2_sha512.hash("topgun"), encrypted_server_set_secret=passlib.hash.pbkdf2_sha512.hash("987654321"), enabled=True, extras={"rank": "colonel", "species": "human",}, ), - Account( + KeyoskAccount( username="tealc@airforce.gov", encrypted_client_set_secret=passlib.hash.pbkdf2_sha512.hash( "yourloginpassword" @@ -106,7 +106,7 @@ def demo_database(request, tmp_path_factory): enabled=True, extras={"rank": None, "species": "jaffa"}, ), - Account( + KeyoskAccount( username="jonas.quinn@airforce.gov", encrypted_client_set_secret=passlib.hash.pbkdf2_sha512.hash( "d7409ed1dd0a485b8e09f7147ad0e3ab" @@ -118,7 +118,7 @@ def demo_database(request, tmp_path_factory): ] domains = [ - Domain( + KeyoskDomain( name="star-wars", audience="stwr", title="Star Wars (by Disney)", @@ -131,7 +131,7 @@ def demo_database(request, tmp_path_factory): lifespan_access=datetime.timedelta(minutes=30), lifespan_refresh=datetime.timedelta(days=30), ), - Domain( + KeyoskDomain( name="stargate", audience="sg1", title="Stargate SG-1", @@ -148,132 +148,136 @@ def demo_database(request, tmp_path_factory): with sqlite_database(tmp_path): with database.interface.atomic(): - Account.bulk_create(accounts) - Domain.bulk_create(domains) + KeyoskAccount.bulk_create(accounts) + KeyoskDomain.bulk_create(domains) - starwars = Domain.get(Domain.name == "star-wars") - stargate = Domain.get(Domain.name == "stargate") + starwars = KeyoskDomain.get(KeyoskDomain.name == "star-wars") + stargate = KeyoskDomain.get(KeyoskDomain.name == "stargate") access_lists = [ - DomainAccessList(name="imperial-star-destroyer", domain=starwars), - DomainAccessList(name="millenium-falcon", domain=starwars), - DomainAccessList(name="x-wing", domain=starwars), - DomainAccessList(name="nebulon-b", domain=starwars), - DomainAccessList(name="p90", domain=stargate), - DomainAccessList(name="staff-weapon", domain=stargate), - DomainAccessList(name="zatniktel", domain=stargate), + KeyoskDomainAccessList(name="imperial-star-destroyer", domain=starwars), + KeyoskDomainAccessList(name="millenium-falcon", domain=starwars), + KeyoskDomainAccessList(name="x-wing", domain=starwars), + KeyoskDomainAccessList(name="nebulon-b", domain=starwars), + KeyoskDomainAccessList(name="p90", domain=stargate), + KeyoskDomainAccessList(name="staff-weapon", domain=stargate), + KeyoskDomainAccessList(name="zatniktel", domain=stargate), ] permissions = [ - DomainPermission(name="access", bitindex=0, domain=starwars), - DomainPermission(name="fly", bitindex=1, domain=starwars), - DomainPermission(name="attack", bitindex=2, domain=starwars), - DomainPermission(name="own", bitindex=0, domain=stargate), - DomainPermission(name="fire", bitindex=1, domain=stargate), - DomainPermission(name="reload", bitindex=2, domain=stargate), - DomainPermission(name="repair", bitindex=3, domain=stargate), + KeyoskDomainPermission(name="access", bitindex=0, domain=starwars), + KeyoskDomainPermission(name="fly", bitindex=1, domain=starwars), + KeyoskDomainPermission(name="attack", bitindex=2, domain=starwars), + KeyoskDomainPermission(name="own", bitindex=0, domain=stargate), + KeyoskDomainPermission(name="fire", bitindex=1, domain=stargate), + KeyoskDomainPermission(name="reload", bitindex=2, domain=stargate), + KeyoskDomainPermission(name="repair", bitindex=3, domain=stargate), ] with database.interface.atomic(): - DomainAccessList.bulk_create(access_lists) - DomainPermission.bulk_create(permissions) + KeyoskDomainAccessList.bulk_create(access_lists) + KeyoskDomainPermission.bulk_create(permissions) - deusexmachina = Account.get(Account.username == "deusexmachina") - lskywalker = Account.get(Account.username == "lskywalker") - jackoneill = Account.get(Account.username == "jack.oneill@airforce.gov") - - sw_isd = DomainAccessList.get( - DomainAccessList.name == "imperial-star-destroyer" + deusexmachina = KeyoskAccount.get(KeyoskAccount.username == "deusexmachina") + lskywalker = KeyoskAccount.get(KeyoskAccount.username == "lskywalker") + jackoneill = KeyoskAccount.get( + KeyoskAccount.username == "jack.oneill@airforce.gov" ) - sg_zatniktel = DomainAccessList.get(DomainAccessList.name == "zatniktel") - sw_access = DomainPermission.get(DomainPermission.name == "access") - sw_fly = DomainPermission.get(DomainPermission.name == "fly") - sw_attack = DomainPermission.get(DomainPermission.name == "attack") - sg_own = DomainPermission.get(DomainPermission.name == "own") - sg_fire = DomainPermission.get(DomainPermission.name == "fire") - sg_reload = DomainPermission.get(DomainPermission.name == "reload") - sg_repair = DomainPermission.get(DomainPermission.name == "repair") + sw_isd = KeyoskDomainAccessList.get( + KeyoskDomainAccessList.name == "imperial-star-destroyer" + ) + sg_zatniktel = KeyoskDomainAccessList.get( + KeyoskDomainAccessList.name == "zatniktel" + ) + + sw_access = KeyoskDomainPermission.get(KeyoskDomainPermission.name == "access") + sw_fly = KeyoskDomainPermission.get(KeyoskDomainPermission.name == "fly") + sw_attack = KeyoskDomainPermission.get(KeyoskDomainPermission.name == "attack") + sg_own = KeyoskDomainPermission.get(KeyoskDomainPermission.name == "own") + sg_fire = KeyoskDomainPermission.get(KeyoskDomainPermission.name == "fire") + sg_reload = KeyoskDomainPermission.get(KeyoskDomainPermission.name == "reload") + sg_repair = KeyoskDomainPermission.get(KeyoskDomainPermission.name == "repair") acls = [ - AccountACLEntry( + KeyoskAccountScope( account=deusexmachina, access_list=sw_isd, permission=sw_access, with_server_secret=True, with_client_secret=False, ), - AccountACLEntry( + KeyoskAccountScope( account=deusexmachina, access_list=sw_isd, permission=sw_fly, with_server_secret=True, with_client_secret=False, ), - AccountACLEntry( + KeyoskAccountScope( account=deusexmachina, access_list=sw_isd, permission=sw_attack, with_server_secret=True, with_client_secret=False, ), - AccountACLEntry( + KeyoskAccountScope( account=deusexmachina, access_list=sg_zatniktel, permission=sg_own, with_server_secret=True, with_client_secret=False, ), - AccountACLEntry( + KeyoskAccountScope( account=deusexmachina, access_list=sg_zatniktel, permission=sg_fire, with_server_secret=True, with_client_secret=False, ), - AccountACLEntry( + KeyoskAccountScope( account=deusexmachina, access_list=sg_zatniktel, permission=sg_reload, with_server_secret=True, with_client_secret=False, ), - AccountACLEntry( + KeyoskAccountScope( account=deusexmachina, access_list=sg_zatniktel, permission=sg_repair, with_server_secret=True, with_client_secret=False, ), - AccountACLEntry( + KeyoskAccountScope( account=lskywalker, access_list=sw_isd, permission=sw_attack, with_server_secret=True, with_client_secret=True, ), - AccountACLEntry( + KeyoskAccountScope( account=lskywalker, access_list=sw_isd, permission=sw_access, with_server_secret=True, with_client_secret=False, ), - AccountACLEntry( + KeyoskAccountScope( account=jackoneill, access_list=sg_zatniktel, permission=sg_fire, with_server_secret=True, with_client_secret=True, ), - AccountACLEntry( + KeyoskAccountScope( account=jackoneill, access_list=sg_zatniktel, permission=sg_reload, with_server_secret=True, with_client_secret=True, ), - AccountACLEntry( + KeyoskAccountScope( account=jackoneill, access_list=sg_zatniktel, permission=sg_repair, @@ -283,6 +287,6 @@ def demo_database(request, tmp_path_factory): ] with database.interface.atomic(): - AccountACLEntry.bulk_create(acls) + KeyoskAccountScope.bulk_create(acls) yield diff --git a/tests/test_database_account.py b/tests/test_database_account.py index cad0220..a27f34f 100644 --- a/tests/test_database_account.py +++ b/tests/test_database_account.py @@ -8,31 +8,16 @@ from fixtures import demo_database from keyosk import database -def test_meta(): - for key in database.Account.dict_keys(): - assert hasattr(database.Account, key) - attr = getattr(database.Account, key) - - if key in database.Account.foreign_ref(): - assert isinstance(attr, peewee.ForeignKeyField) - else: - assert not isinstance(attr, peewee.ForeignKeyField) - - if key in database.Account.foreign_backref(): - assert isinstance(attr, peewee.BackrefAccessor) - else: - assert not isinstance(attr, peewee.BackrefAccessor) - - def test_formatting(demo_database): - for account in database.Account.select(): - assert list(dict(account).keys()) == database.Account.dict_keys() + for account in database.KeyoskAccount.select(): assert str(account.uuid) in str(account) assert account.username in str(account) def test_extras(demo_database): - account = database.Account.get(database.Account.username == "lskywalker") + account = database.KeyoskAccount.get( + database.KeyoskAccount.username == "lskywalker" + ) new_extras = {"foo": "bar", "fizz": "buzz", "baz": False, "blop": 1234.567} @@ -40,34 +25,14 @@ def test_extras(demo_database): with database.interface.atomic(): account.save() - account = database.Account.get(database.Account.username == "lskywalker") + account = database.KeyoskAccount.get( + database.KeyoskAccount.username == "lskywalker" + ) assert account.extras == new_extras -def test_crypto(demo_database): - account = database.Account.get( - database.Account.username == "jack.oneill@airforce.gov" - ) - - account.update_client_set_secret("oneillWithTwoLs") - with database.interface.atomic(): - account.save() - account = database.Account.get( - database.Account.username == "jack.oneill@airforce.gov" - ) - assert account.verify_client_set_secret("oneillWithTwoLs") - - new_autopass = account.update_server_set_secret() - with database.interface.atomic(): - account.save() - account = database.Account.get( - database.Account.username == "jack.oneill@airforce.gov" - ) - assert account.verify_server_set_secret(new_autopass) - - def test_unique(demo_database): - new_base = database.Account( + new_base = database.KeyoskAccount( username="garbage", encrypted_client_set_secret=passlib.hash.pbkdf2_sha512.hash("garbage"), encrypted_server_set_secret=passlib.hash.pbkdf2_sha512.hash("garbage"), @@ -75,7 +40,7 @@ def test_unique(demo_database): extras={"gar": "bage"}, ) - vader = database.Account.get(database.Account.username == "dvader") + vader = database.KeyoskAccount.get(database.KeyoskAccount.username == "dvader") unique = ["username"] nonunique = ["extras"] @@ -91,13 +56,13 @@ def test_unique(demo_database): # create gives me that integrity error I'm after with pytest.raises(peewee.IntegrityError): with database.interface.atomic(): - database.Account.bulk_create([new]) + database.KeyoskAccount.bulk_create([new]) for item in nonunique: new = copy.deepcopy(new_base) setattr(new, item, getattr(vader, item)) with database.interface.atomic(): - database.Account.bulk_create([new]) + database.KeyoskAccount.bulk_create([new]) with database.interface.atomic(): new.delete_instance() diff --git a/tests/test_database_account_acl.py b/tests/test_database_account_acl.py deleted file mode 100644 index 85b8364..0000000 --- a/tests/test_database_account_acl.py +++ /dev/null @@ -1,12 +0,0 @@ -import json - -import peewee -from fixtures import demo_database - -from keyosk import database - - -def test_formatting(demo_database): - for acl in database.AccountACLEntry.select(): - assert dict(acl) == json.loads(json.dumps(dict(acl))) - assert str(acl.uuid) not in str(acl) diff --git a/tests/test_database_domain.py b/tests/test_database_domain.py index 16e1902..d4889d0 100644 --- a/tests/test_database_domain.py +++ b/tests/test_database_domain.py @@ -8,41 +8,14 @@ from fixtures import demo_database from keyosk import database -def test_meta(): - models = [database.Domain, database.DomainAccessList, database.DomainPermission] - for model in models: - for key in model.dict_keys(): - assert hasattr(model, key) - attr = getattr(model, key) - - if key in model.foreign_ref(): - assert isinstance(attr, peewee.ForeignKeyField) - else: - assert not isinstance(attr, peewee.ForeignKeyField) - - if key in model.foreign_backref(): - assert isinstance(attr, peewee.BackrefAccessor) - else: - assert not isinstance(attr, peewee.BackrefAccessor) - - def test_formatting(demo_database): - for domain in database.Domain.select(): - assert list(dict(domain).keys()) == database.Domain.dict_keys() + for domain in database.KeyoskDomain.select(): assert str(domain.uuid) in str(domain) assert domain.name in str(domain) - for permission in database.DomainPermission.select(): - assert list(dict(permission).keys()) == database.DomainPermission.dict_keys() - assert str(permission.uuid) not in str(permission) - - for access_list in database.DomainAccessList.select(): - assert list(dict(access_list).keys()) == database.DomainAccessList.dict_keys() - assert str(access_list.uuid) not in str(access_list) - def test_unique(demo_database): - new_base = database.Domain( + new_base = database.KeyoskDomain( name="garbage", audience="garbage", title="garbage", @@ -56,7 +29,7 @@ def test_unique(demo_database): lifespan_refresh=datetime.timedelta(days=30), ) - starwars = database.Domain.get(database.Domain.name == "star-wars") + starwars = database.KeyoskDomain.get(database.KeyoskDomain.name == "star-wars") unique = ["name", "audience"] nonunique = ["title", "description", "contact"] @@ -66,26 +39,26 @@ def test_unique(demo_database): setattr(new, item, getattr(starwars, item)) with pytest.raises(peewee.IntegrityError): with database.interface.atomic(): - database.Domain.bulk_create([new]) + database.KeyoskDomain.bulk_create([new]) for item in nonunique: new = copy.deepcopy(new_base) setattr(new, item, getattr(starwars, item)) with database.interface.atomic(): - database.Domain.bulk_create([new]) + database.KeyoskDomain.bulk_create([new]) with database.interface.atomic(): new.delete_instance() def test_unique_access_lists(demo_database): - new_base = database.DomainAccessList( + new_base = database.KeyoskDomainAccessList( name="imperial-star-destroyer", - domain=database.Domain.get(database.Domain.name == "star-wars"), + domain=database.KeyoskDomain.get(database.KeyoskDomain.name == "star-wars"), ) - isd = database.DomainAccessList.get( - database.DomainAccessList.name == "imperial-star-destroyer" + isd = database.KeyoskDomainAccessList.get( + database.KeyoskDomainAccessList.name == "imperial-star-destroyer" ) unique = ["name"] @@ -95,4 +68,4 @@ def test_unique_access_lists(demo_database): setattr(new, item, getattr(isd, item)) with pytest.raises(peewee.IntegrityError): with database.interface.atomic(): - database.DomainAccessList.bulk_create([new]) + database.KeyoskDomainAccessList.bulk_create([new])