-
Notifications
You must be signed in to change notification settings - Fork 74
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Putting dataset test results behind security flag (#5573)
- Loading branch information
1 parent
df1e0d7
commit ca48bae
Showing
8 changed files
with
119 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -208,6 +208,7 @@ def test_dataset_test_not_authenticated( | |
response = api_client.post(dataset_url + "/test", headers={}) | ||
assert response.status_code == 401 | ||
|
||
@pytest.mark.usefixtures("dsr_testing_tools_enabled") | ||
def test_dataset_test_wrong_scope( | ||
self, | ||
dataset_config, | ||
|
@@ -220,7 +221,6 @@ def test_dataset_test_wrong_scope( | |
response = api_client.post(dataset_url + "/test", headers=auth_header) | ||
assert response.status_code == 403 | ||
|
||
@pytest.mark.usefixtures("default_access_policy") | ||
@pytest.mark.parametrize( | ||
"auth_header,expected_status", | ||
[ | ||
|
@@ -231,6 +231,7 @@ def test_dataset_test_wrong_scope( | |
("approver_auth_header", HTTP_403_FORBIDDEN), | ||
], | ||
) | ||
@pytest.mark.usefixtures("default_access_policy", "dsr_testing_tools_enabled") | ||
def test_dataset_test_with_roles( | ||
self, | ||
dataset_config, | ||
|
@@ -249,6 +250,7 @@ def test_dataset_test_with_roles( | |
) | ||
assert response.status_code == expected_status | ||
|
||
@pytest.mark.usefixtures("dsr_testing_tools_enabled") | ||
def test_dataset_test_connection_does_not_exist( | ||
self, | ||
api_client: TestClient, | ||
|
@@ -263,6 +265,7 @@ def test_dataset_test_connection_does_not_exist( | |
) | ||
assert response.status_code == 404 | ||
|
||
@pytest.mark.usefixtures("dsr_testing_tools_enabled") | ||
def test_dataset_test_dataset_does_not_exist( | ||
self, | ||
connection_config, | ||
|
@@ -290,7 +293,7 @@ def test_dataset_test_dataset_does_not_exist( | |
), | ||
], | ||
) | ||
@pytest.mark.usefixtures("default_access_policy") | ||
@pytest.mark.usefixtures("default_access_policy", "dsr_testing_tools_enabled") | ||
def test_dataset_test_invalid_payloads( | ||
self, | ||
connection_config, | ||
|
@@ -310,7 +313,9 @@ def test_dataset_test_invalid_payloads( | |
assert response.status_code == HTTP_400_BAD_REQUEST | ||
assert response.json()["detail"] == expected_response | ||
|
||
@pytest.mark.usefixtures("default_access_policy", "postgres_integration_db") | ||
@pytest.mark.usefixtures( | ||
"default_access_policy", "postgres_integration_db", "dsr_testing_tools_enabled" | ||
) | ||
def test_dataset_test( | ||
self, | ||
connection_config, | ||
|
@@ -327,3 +332,23 @@ def test_dataset_test( | |
) | ||
assert response.status_code == HTTP_200_OK | ||
assert "privacy_request_id" in response.json().keys() | ||
|
||
@pytest.mark.usefixtures( | ||
"default_access_policy", "postgres_integration_db", "dsr_testing_tools_disabled" | ||
) | ||
def test_dataset_test_disabled( | ||
self, | ||
connection_config, | ||
dataset_config, | ||
api_client: TestClient, | ||
generate_auth_header, | ||
) -> None: | ||
dataset_url = get_connection_dataset_url(connection_config, dataset_config) | ||
auth_header = generate_auth_header(scopes=[DATASET_TEST]) | ||
response = api_client.post( | ||
dataset_url + "/test", | ||
headers=auth_header, | ||
json={"email": "[email protected]"}, | ||
) | ||
assert response.status_code == HTTP_403_FORBIDDEN | ||
assert response.json()["detail"] == "DSR testing tools are not enabled." |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -8392,7 +8392,7 @@ def test_filtered_results_wrong_scope( | |
response = api_client.get(url, headers=auth_header) | ||
assert response.status_code == 403 | ||
|
||
@pytest.mark.usefixtures("default_access_policy") | ||
@pytest.mark.usefixtures("default_access_policy", "dsr_testing_tools_enabled") | ||
@pytest.mark.parametrize( | ||
"auth_header,expected_status", | ||
[ | ||
|
@@ -8427,7 +8427,9 @@ def test_filtered_results_with_roles( | |
assert response.status_code == expected_status | ||
|
||
@pytest.mark.integration_postgres | ||
@pytest.mark.usefixtures("default_access_policy", "postgres_integration_db") | ||
@pytest.mark.usefixtures( | ||
"default_access_policy", "postgres_integration_db", "dsr_testing_tools_enabled" | ||
) | ||
def test_filtered_results_postgres( | ||
self, | ||
connection_config, | ||
|
@@ -8462,8 +8464,57 @@ def test_filtered_results_postgres( | |
"results", | ||
} | ||
|
||
@pytest.mark.integration_postgres | ||
@pytest.mark.usefixtures( | ||
"default_access_policy", | ||
"postgres_integration_db", | ||
"dsr_testing_tools_enabled", | ||
) | ||
def test_filtered_results_postgres_access_testing_disabled( | ||
self, | ||
connection_config, | ||
postgres_example_test_dataset_config, | ||
api_client: TestClient, | ||
generate_auth_header, | ||
) -> None: | ||
dataset_url = get_connection_dataset_url( | ||
connection_config, postgres_example_test_dataset_config | ||
) | ||
auth_header = generate_auth_header(scopes=[DATASET_TEST]) | ||
response = api_client.post( | ||
dataset_url + "/test", | ||
headers=auth_header, | ||
json={"email": "[email protected]"}, | ||
) | ||
assert response.status_code == HTTP_200_OK | ||
|
||
original_value = CONFIG.security.dsr_testing_tools_enabled | ||
CONFIG.security.dsr_testing_tools_enabled = False | ||
|
||
privacy_request_id = response.json()["privacy_request_id"] | ||
url = V1_URL_PREFIX + PRIVACY_REQUEST_FILTERED_RESULTS.format( | ||
privacy_request_id=privacy_request_id | ||
) | ||
auth_header = generate_auth_header(scopes=[PRIVACY_REQUEST_READ_ACCESS_RESULTS]) | ||
response = api_client.get( | ||
url, | ||
headers=auth_header, | ||
) | ||
assert response.status_code == HTTP_200_OK | ||
assert set(response.json().keys()) == { | ||
"privacy_request_id", | ||
"status", | ||
"results", | ||
} | ||
assert ( | ||
response.json()["results"] | ||
== "DSR testing tools are not enabled, results will not be shown." | ||
) | ||
|
||
CONFIG.security.dsr_testing_tools_enabled = original_value | ||
|
||
@pytest.mark.integration_mongo | ||
@pytest.mark.usefixtures("default_access_policy") | ||
@pytest.mark.usefixtures("default_access_policy", "dsr_testing_tools_enabled") | ||
def test_filtered_results_mongo( | ||
self, | ||
mongo_connection_config, | ||
|