From 6e68db62fe229647414f9838cea253dfaf1c03cf Mon Sep 17 00:00:00 2001 From: Johannes Nussbaum <39048939+jnussbaum@users.noreply.github.com> Date: Thu, 12 Sep 2024 08:22:56 +0200 Subject: [PATCH 1/2] fix: maintain order of groups (#141) --- dsp_permissions_scripts/models/scope.py | 16 ++--- tests/test_doap_set.py | 2 +- tests/test_scope.py | 90 ++++++++++++------------- tests/test_scope_serialization.py | 16 ++--- 4 files changed, 62 insertions(+), 62 deletions(-) diff --git a/dsp_permissions_scripts/models/scope.py b/dsp_permissions_scripts/models/scope.py index 69798a17..9cc5db76 100644 --- a/dsp_permissions_scripts/models/scope.py +++ b/dsp_permissions_scripts/models/scope.py @@ -120,18 +120,18 @@ def remove( OPEN = PermissionScope.create( - CR={PROJECT_ADMIN}, - D={PROJECT_MEMBER}, - V={KNOWN_USER, UNKNOWN_USER}, + CR=[PROJECT_ADMIN], + D=[PROJECT_MEMBER], + V=[KNOWN_USER, UNKNOWN_USER], ) RESTRICTED_VIEW = PermissionScope.create( - CR={PROJECT_ADMIN}, - D={PROJECT_MEMBER}, - RV={KNOWN_USER, UNKNOWN_USER}, + CR=[PROJECT_ADMIN], + D=[PROJECT_MEMBER], + RV=[KNOWN_USER, UNKNOWN_USER], ) RESTRICTED = PermissionScope.create( - CR={PROJECT_ADMIN}, - D={PROJECT_MEMBER}, + CR=[PROJECT_ADMIN], + D=[PROJECT_MEMBER], ) diff --git a/tests/test_doap_set.py b/tests/test_doap_set.py index 50926097..3bd5385c 100644 --- a/tests/test_doap_set.py +++ b/tests/test_doap_set.py @@ -57,7 +57,7 @@ def test_create_new_doap_on_server( _ = create_new_doap_on_server( target=NewGroupDoapTarget(group=group.KNOWN_USER), shortcode="0000", - scope=PermissionScope.create(V={group.UNKNOWN_USER}), + scope=PermissionScope.create(V=[group.UNKNOWN_USER]), dsp_client=dsp_client, ) dsp_client.post.assert_called_once_with("/admin/permissions/doap", data=create_new_doap_request) diff --git a/tests/test_scope.py b/tests/test_scope.py index 88e7309b..e91810df 100644 --- a/tests/test_scope.py +++ b/tests/test_scope.py @@ -15,23 +15,23 @@ def test_valid_scope(self) -> None: M=frozenset({group.PROJECT_MEMBER, group.KNOWN_USER}), V=frozenset({group.UNKNOWN_USER}), ) - assert scope.CR == frozenset({group.SYSTEM_ADMIN}) - assert scope.D == frozenset({group.PROJECT_ADMIN}) - assert scope.M == frozenset({group.PROJECT_MEMBER, group.KNOWN_USER}) - assert scope.V == frozenset({group.UNKNOWN_USER}) + assert scope.CR == frozenset([group.SYSTEM_ADMIN]) + assert scope.D == frozenset([group.PROJECT_ADMIN]) + assert scope.M == frozenset([group.PROJECT_MEMBER, group.KNOWN_USER]) + assert scope.V == frozenset([group.UNKNOWN_USER]) assert scope.RV == frozenset() def test_valid_scope_create(self) -> None: scope = PermissionScope.create( - CR={group.SYSTEM_ADMIN}, - D={group.PROJECT_ADMIN}, - M={group.PROJECT_MEMBER, group.KNOWN_USER}, - V={group.UNKNOWN_USER}, + CR=[group.SYSTEM_ADMIN], + D=[group.PROJECT_ADMIN], + M=[group.PROJECT_MEMBER, group.KNOWN_USER], + V=[group.UNKNOWN_USER], ) - assert scope.CR == frozenset({group.SYSTEM_ADMIN}) - assert scope.D == frozenset({group.PROJECT_ADMIN}) - assert scope.M == frozenset({group.PROJECT_MEMBER, group.KNOWN_USER}) - assert scope.V == frozenset({group.UNKNOWN_USER}) + assert scope.CR == frozenset([group.SYSTEM_ADMIN]) + assert scope.D == frozenset([group.PROJECT_ADMIN]) + assert scope.M == frozenset([group.PROJECT_MEMBER, group.KNOWN_USER]) + assert scope.V == frozenset([group.UNKNOWN_USER]) assert scope.RV == frozenset() def test_valid_scope_from_dict(self) -> None: @@ -60,30 +60,30 @@ def test_create_empty_scope(self) -> None: def test_same_group_in_multiple_fields(self) -> None: with pytest.raises(ValueError, match=re.escape("must not occur in more than one field")): PermissionScope.create( - CR={group.PROJECT_ADMIN}, - D={group.PROJECT_ADMIN}, - V={group.UNKNOWN_USER, group.KNOWN_USER}, + CR=[group.PROJECT_ADMIN], + D=[group.PROJECT_ADMIN], + V=[group.UNKNOWN_USER, group.KNOWN_USER], ) class TestAdd: def test_add_to_scope(self) -> None: scope = PermissionScope.create( - D={group.SYSTEM_ADMIN}, - M={group.PROJECT_MEMBER, group.KNOWN_USER}, + D=[group.SYSTEM_ADMIN], + M=[group.PROJECT_MEMBER, group.KNOWN_USER], ) scope = scope.add("CR", group.PROJECT_ADMIN) scope_expected = PermissionScope.create( - CR={group.PROJECT_ADMIN}, - D={group.SYSTEM_ADMIN}, - M={group.PROJECT_MEMBER, group.KNOWN_USER}, + CR=[group.PROJECT_ADMIN], + D=[group.SYSTEM_ADMIN], + M=[group.PROJECT_MEMBER, group.KNOWN_USER], ) assert scope == scope_expected def test_add_same_group_to_same_permission(self) -> None: scope = PermissionScope.create( - CR={group.PROJECT_ADMIN}, - V={group.UNKNOWN_USER, group.KNOWN_USER}, + CR=[group.PROJECT_ADMIN], + V=[group.UNKNOWN_USER, group.KNOWN_USER], ) rgx = "Group 'val='knora-admin:ProjectAdmin'' is already in permission 'CR'" with pytest.raises(ValueError, match=re.escape(rgx)): @@ -91,8 +91,8 @@ def test_add_same_group_to_same_permission(self) -> None: def test_add_same_group_to_different_permission(self) -> None: scope = PermissionScope.create( - CR={group.PROJECT_ADMIN}, - V={group.UNKNOWN_USER, group.KNOWN_USER}, + CR=[group.PROJECT_ADMIN], + V=[group.UNKNOWN_USER, group.KNOWN_USER], ) with pytest.raises(ValueError, match=re.escape("must not occur in more than one field")): _ = scope.add("RV", group.PROJECT_ADMIN) @@ -101,29 +101,29 @@ def test_add_same_group_to_different_permission(self) -> None: class TestRemove: def test_remove_from_scope(self) -> None: scope = PermissionScope.create( - CR={group.PROJECT_ADMIN}, - D={group.SYSTEM_ADMIN}, - M={group.PROJECT_MEMBER, group.KNOWN_USER}, + CR=[group.PROJECT_ADMIN], + D=[group.SYSTEM_ADMIN], + M=[group.PROJECT_MEMBER, group.KNOWN_USER], ) scope = scope.remove("CR", group.PROJECT_ADMIN) scope_expected = PermissionScope.create( - D={group.SYSTEM_ADMIN}, - M={group.PROJECT_MEMBER, group.KNOWN_USER}, + D=[group.SYSTEM_ADMIN], + M=[group.PROJECT_MEMBER, group.KNOWN_USER], ) assert scope == scope_expected def test_remove_inexisting_group(self) -> None: scope = PermissionScope.create( - D={group.SYSTEM_ADMIN}, - M={group.PROJECT_MEMBER, group.KNOWN_USER}, + D=[group.SYSTEM_ADMIN], + M=[group.PROJECT_MEMBER, group.KNOWN_USER], ) with pytest.raises(ValueError, match=re.escape("is not in permission 'D'")): _ = scope.remove("D", group.UNKNOWN_USER) def test_remove_from_empty_perm(self) -> None: scope = PermissionScope.create( - D={group.PROJECT_ADMIN}, - V={group.PROJECT_MEMBER, group.UNKNOWN_USER}, + D=[group.PROJECT_ADMIN], + V=[group.PROJECT_MEMBER, group.UNKNOWN_USER], ) with pytest.raises(ValueError, match=re.escape("is not in permission 'CR'")): _ = scope.remove("CR", group.PROJECT_ADMIN) @@ -132,23 +132,23 @@ def test_remove_from_empty_perm(self) -> None: class TestGet: def test_get(self) -> None: scope = PermissionScope.create( - CR={group.PROJECT_ADMIN}, - D={group.SYSTEM_ADMIN}, - M={group.PROJECT_MEMBER, group.KNOWN_USER}, - V={group.UNKNOWN_USER}, + CR=[group.PROJECT_ADMIN], + D=[group.SYSTEM_ADMIN], + M=[group.PROJECT_MEMBER, group.KNOWN_USER], + V=[group.UNKNOWN_USER], ) - assert scope.get("CR") == frozenset({group.PROJECT_ADMIN}) - assert scope.get("D") == frozenset({group.SYSTEM_ADMIN}) - assert scope.get("M") == frozenset({group.PROJECT_MEMBER, group.KNOWN_USER}) - assert scope.get("V") == frozenset({group.UNKNOWN_USER}) + assert scope.get("CR") == frozenset([group.PROJECT_ADMIN]) + assert scope.get("D") == frozenset([group.SYSTEM_ADMIN]) + assert scope.get("M") == frozenset([group.PROJECT_MEMBER, group.KNOWN_USER]) + assert scope.get("V") == frozenset([group.UNKNOWN_USER]) assert scope.get("RV") == frozenset() def test_get_inexisting_perm(self) -> None: scope = PermissionScope.create( - CR={group.PROJECT_ADMIN}, - D={group.SYSTEM_ADMIN}, - M={group.PROJECT_MEMBER, group.KNOWN_USER}, - V={group.UNKNOWN_USER}, + CR=[group.PROJECT_ADMIN], + D=[group.SYSTEM_ADMIN], + M=[group.PROJECT_MEMBER, group.KNOWN_USER], + V=[group.UNKNOWN_USER], ) with pytest.raises(ValueError, match=re.escape("Permission 'foo' not in")): _ = scope.get("foo") diff --git a/tests/test_scope_serialization.py b/tests/test_scope_serialization.py index 1e611d2d..17b8f91f 100644 --- a/tests/test_scope_serialization.py +++ b/tests/test_scope_serialization.py @@ -53,18 +53,18 @@ class TestScopeSerialization: V=[group.Group(val="knora-admin:CustomGroup")], ), PermissionScope.create( - D={group.PROJECT_ADMIN}, - RV={group.PROJECT_MEMBER}, + D=[group.PROJECT_ADMIN], + RV=[group.PROJECT_MEMBER], ), PermissionScope.create( - M={group.PROJECT_ADMIN}, - V={group.CREATOR, group.KNOWN_USER}, - RV={group.UNKNOWN_USER}, + M=[group.PROJECT_ADMIN], + V=[group.CREATOR, group.KNOWN_USER], + RV=[group.UNKNOWN_USER], ), PermissionScope.create( - CR={group.SYSTEM_ADMIN, group.PROJECT_ADMIN}, - D={group.CREATOR}, - RV={group.UNKNOWN_USER}, + CR=[group.SYSTEM_ADMIN, group.PROJECT_ADMIN], + D=[group.CREATOR], + RV=[group.UNKNOWN_USER], ), ) From acc1df7de8f521821afcfc236bf5c852d2e14a0d Mon Sep 17 00:00:00 2001 From: Johannes Nussbaum <39048939+jnussbaum@users.noreply.github.com> Date: Wed, 18 Sep 2024 08:12:44 +0200 Subject: [PATCH 2/2] chore: improve logging of oap_set (#143) --- dsp_permissions_scripts/oap/oap_set.py | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/dsp_permissions_scripts/oap/oap_set.py b/dsp_permissions_scripts/oap/oap_set.py index 1990bc08..8aa1da0d 100644 --- a/dsp_permissions_scripts/oap/oap_set.py +++ b/dsp_permissions_scripts/oap/oap_set.py @@ -162,7 +162,12 @@ def apply_updated_oaps_on_server( server=dsp_client.server, filename=filename, ) - msg = f"ERROR: {len(failed_iris)} resources or values could not be updated. They were written to {filename}." + msg = ( + f"{len(failed_iris)} resources or values " + f"(out of the {res_oap_count} resource OAPs and {value_oap_count} value OAPs) " + f"could not be updated. They were written to {filename}." + ) logger.error(msg) - msg = f"Updated {res_oap_count} resource OAPs and {value_oap_count} value OAPs on {dsp_client.server}... *******" - logger.info(msg) + else: + msg = f"Updated {res_oap_count} resource OAPs and {value_oap_count} value OAPs on {dsp_client.server}." + logger.info(f"******* {msg} *******")