735 sharing tab bugs (#736)

* fixing typo * when removing this should be update * reverting earlier changes (i do not think they were correct) 'allow' should not be sent in to remove dataset role, it is the wrong boolean * need to send in elasticsearch before username * putting 'allow' back in (no reason to remove) fixing the user role update the same way. elasticsearch needed to be passed in before other arguments, indexing was failing. * adding a change role test for groups this would catch similar bugs in the future * new tests for sharing and changing roles, for users and groups * formatting
clowder-framework · Sep 19, 2023 · 2f110ca · 2f110ca
1 parent e8ee5bd
commit 2f110ca
Show file tree

Hide file tree

Showing 3 changed files with 46 additions and 4 deletions.
diff --git a/backend/app/routers/authorization.py b/backend/app/routers/authorization.py
@@ -151,15 +151,15 @@ async def set_dataset_group_role(
     if (dataset := await DatasetDB.get(dataset_id)) is not None:
         if (group := await GroupDB.get(group_id)) is not None:
             # First, remove any existing role the group has on the dataset
-            await remove_dataset_group_role(dataset_id, group_id, user_id, allow)
+            await remove_dataset_group_role(dataset_id, group_id, es, user_id, allow)
             if (
                 auth_db := await AuthorizationDB.find_one(
                     AuthorizationDB.dataset_id == PyObjectId(dataset_id),
                     AuthorizationDB.role == role,
                 )
             ) is not None:
                 if group_id not in auth_db.group_ids:
-                    auth_db.group_ids.append(Ogroup_id)
+                    auth_db.group_ids.append(group_id)
                     for u in group.users:
                         auth_db.user_ids.append(u.user.email)
                     await auth_db.replace()
@@ -203,7 +203,7 @@ async def set_dataset_user_role(
     if (dataset := await DatasetDB.get(PydanticObjectId(dataset_id))) is not None:
         if (await UserDB.find_one(UserDB.email == username)) is not None:
             # First, remove any existing role the user has on the dataset
-            await remove_dataset_user_role(dataset_id, username, user_id, allow)
+            await remove_dataset_user_role(dataset_id, username, es, user_id, allow)
             auth_db = await AuthorizationDB.find_one(
                 AuthorizationDB.dataset_id == PyObjectId(dataset_id),
                 AuthorizationDB.role == role,

diff --git a/backend/app/tests/test_datasets.py b/backend/app/tests/test_datasets.py
@@ -3,7 +3,13 @@
 from fastapi.testclient import TestClient
 
 from app.config import settings
-from app.tests.utils import create_dataset, generate_png
+from app.tests.utils import (
+    create_dataset,
+    create_user,
+    generate_png,
+    user_example,
+    user_alt,
+)
 
 
 def test_create(client: TestClient, headers: dict):
@@ -95,3 +101,31 @@ def test_add_thumbnail(client: TestClient, headers: dict):
 
     result = resp.json()
     assert result["thumbnail_id"] == thumbnail_id
+
+
+def test_share_dataset(client: TestClient, headers: dict):
+    dataset_id = create_dataset(client, headers).get("id")
+    response = client.get(
+        f"{settings.API_V2_STR}/datasets/{dataset_id}", headers=headers
+    )
+    assert response.status_code == 200
+    dataset_id = response.json().get("id")
+
+    # add a user with a role
+    user_alt_email = user_alt["email"]
+    # create user if not exists
+    response = client.post(f"{settings.API_V2_STR}/users", json=user_alt)
+    assert response.status_code == 200 or response.status_code == 409  # 409 = u
+    # share the dataset with the user
+    resp = client.post(
+        f"{settings.API_V2_STR}/authorizations/datasets/{dataset_id}/user_role/{user_alt_email}/viewer",
+        headers=headers,
+    )
+    assert resp.status_code == 200
+
+    # change the role
+    resp = client.post(
+        f"{settings.API_V2_STR}/authorizations/datasets/{dataset_id}/user_role/{user_alt_email}/uploader",
+        headers=headers,
+    )
+    assert resp.status_code == 200
diff --git a/backend/app/tests/test_groups.py b/backend/app/tests/test_groups.py
@@ -132,3 +132,11 @@ def test_member_permissions(client: TestClient, headers: dict):
         headers=u_headers,
     )
     assert response.status_code == 404
+
+    # Change the group role
+    response = client.post(
+        f"{settings.API_V2_STR}/authorizations/datasets/{dataset_id}/group_role/{group_id}/uploader",
+        headers=headers,
+    )
+    assert response.status_code == 200
+    assert response.json().get("id") is not None