Mercurial > gemma
diff schema/auth_tests.sql @ 1904:931b15be6d7f
Complement authorisation tests for import management
author | Tom Gottfried <tom@intevation.de> |
---|---|
date | Fri, 18 Jan 2019 17:01:19 +0100 |
parents | 9f8f7d3fd655 |
children | f9f1babe52ae |
line wrap: on
line diff
--- a/schema/auth_tests.sql Fri Jan 18 16:11:08 2019 +0100 +++ b/schema/auth_tests.sql Fri Jan 18 17:01:19 2019 +0100 @@ -136,6 +136,21 @@ $$, 'Waterway admin can add import job and related data'); +SET SESSION AUTHORIZATION test_admin_at2; +SELECT bag_has($$ + SELECT username FROM users.list_users + $$, + $$ + WITH job AS ( + UPDATE waterway.imports SET state = 'accepted' + RETURNING id, username), + log AS ( + INSERT INTO waterway.import_logs (import_id, msg) + SELECT id, 'test continued' FROM job) + SELECT username FROM job + $$, + 'Waterway admin can edit import jobs from his country only'); + SELECT lives_ok($$ WITH config AS ( @@ -146,11 +161,54 @@ $$, 'Waterway admin can add import config and related data'); +SET SESSION AUTHORIZATION test_admin_at; +SELECT bag_has($$ + SELECT username FROM users.list_users + $$, + $$ + WITH config AS ( + UPDATE waterway.import_configuration SET send_email = true + RETURNING id, username), + attrib AS ( + INSERT INTO waterway.import_configuration_attributes + SELECT id, 'test continued', 'test value' FROM config), + attrib_upd AS ( + UPDATE waterway.import_configuration_attributes SET v = 'test v' + WHERE import_configuration_id = (SELECT id FROM config)) + SELECT username FROM config + $$, + 'Waterway admin can edit import config from his country only'); + SET SESSION AUTHORIZATION test_admin_ro; - SELECT throws_ok($$ INSERT INTO waterway.import_logs (import_id, msg) - VALUES (1, 'test') + VALUES (currval(pg_get_serial_sequence('waterway.imports', 'id')), + 'test') $$, 42501, NULL, 'Waterway admin cannot add log messages to other countries imports'); + +SELECT throws_ok($$ + DELETE FROM waterway.track_imports + WHERE import_id = currval( + pg_get_serial_sequence('waterway.imports', 'id')) + $$, + 42501, NULL, + 'Waterway admin cannot delete tracking data of other countries imports'); + +SELECT throws_ok($$ + INSERT INTO waterway.import_configuration_attributes + VALUES (currval(pg_get_serial_sequence( + 'waterway.import_configuration', 'id')), + 'test', 'test value') + $$, + 42501, NULL, + 'Waterway admin cannot add attributes to other countries import config'); + +SELECT throws_ok($$ + UPDATE waterway.import_configuration_attributes SET v = 'evil' + WHERE import_configuration_id = currval( + pg_get_serial_sequence('waterway.import_configuration', 'id')) + $$, + 42501, NULL, + 'Waterway admin cannot overwrite attributes of other countries config');