Changeset View
Changeset View
Standalone View
Standalone View
swh/auth/tests/django/test_utils.py
Show First 20 Lines • Show All 57 Lines • ▼ Show 20 Lines | def _check_user(user, is_staff=False, permissions=set()): | ||||
} | } | ||||
def test_oidc_user_from_decoded_token(): | def test_oidc_user_from_decoded_token(): | ||||
user = oidc_user_from_decoded_token(DECODED_TOKEN) | user = oidc_user_from_decoded_token(DECODED_TOKEN) | ||||
_check_user(user) | _check_user(user) | ||||
def test_oidc_user_from_decoded_token2(): | def test_oidc_user_with_permissions_from_decoded_token(): | ||||
decoded_token = copy(DECODED_TOKEN) | decoded_token = copy(DECODED_TOKEN) | ||||
decoded_token["groups"] = ["/staff", "api"] | decoded_token["groups"] = ["/staff", "api"] | ||||
decoded_token["realm_access"] = {"roles": ["swh.ambassador"]} | |||||
decoded_token["resource_access"] = {CLIENT_ID: {"roles": ["read-api"]}} | decoded_token["resource_access"] = {CLIENT_ID: {"roles": ["read-api"]}} | ||||
user = oidc_user_from_decoded_token(decoded_token, client_id=CLIENT_ID) | user = oidc_user_from_decoded_token(decoded_token, client_id=CLIENT_ID) | ||||
_check_user(user, is_staff=True, permissions={"read-api"}) | _check_user(user, is_staff=True, permissions={"swh.ambassador", "read-api"}) | ||||
@pytest.mark.parametrize( | @pytest.mark.parametrize( | ||||
"key,mapped_key", | "key,mapped_key", | ||||
[ | [ | ||||
("preferred_username", "username"), | ("preferred_username", "username"), | ||||
("given_name", "first_name"), | ("given_name", "first_name"), | ||||
("family_name", "last_name"), | ("family_name", "last_name"), | ||||
Show All 39 Lines |