Skip to content

feat: Introduce integration testing #383

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
gtema merged 1 commit into from
Nov 25, 2025
Merged

feat: Introduce integration testing #383

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,9 @@ jobs:
- name: Run tests
run: cargo nextest run

- name: Run tests
run: cargo nextest run --test integration

- name: Run Doc tests
run: cargo test --doc

Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/functional.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,8 +104,8 @@ jobs:
curl http://localhost:8080/v3/auth/tokens -H "X-Auth-Token: ${TOKEN2}" -H "X-Subject-Token: ${TOKEN2}" | jq
curl http://localhost:5001/v3/auth/tokens -H "X-Auth-Token: ${TOKEN2}" -H "X-Subject-Token: ${TOKEN2}" | jq

- name: Run functional tests
run: cargo test --test functional
- name: Run api tests
run: cargo test --test api

- name: Run interop tests
run: cargo test --test interop
Expand Down
1 change: 1 addition & 0 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 7 additions & 3 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ hyper-util = { version = "0.1", features = ["tokio", "http1"] }
keycloak = { version = "26.4" }
mockall = { version = "0.14" }
reqwest = { version = "0.12", features = ["json", "multipart"] }
sea-orm = { version = "1.1", features = ["mock"]}
sea-orm = { version = "1.1", features = ["mock", "sqlx-sqlite" ]}
serde_urlencoded = { version = "0.7" }
tempfile = { version = "3.23" }
thirtyfour = "0.36"
Expand Down Expand Up @@ -111,10 +111,14 @@ name = "github"
path = "tests/github/main.rs"
test = false

[[test]]
name = "integration"
path = "tests/integration/main.rs"
test = false

[[test]]
name = "functional"
path = "tests/functional/main.rs"
name = "api"
path = "tests/api/main.rs"
test = false

[lints.rust]
Expand Down
62 changes: 0 additions & 62 deletions mp:w
View file
Open in desktop

This file was deleted.

32 changes: 20 additions & 12 deletions src/assignment/backend/sql/assignment/list.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,17 +58,20 @@ pub async fn list(
.filter(db_assignment::Column::Type.is_in([
DbAssignmentType::UserProject,
DbAssignmentType::GroupProject,
]));
]))
.filter(db_assignment::Column::Inherited.eq(false));
} else if let Some(val) = &params.domain_id {
select_assignment = select_assignment
.filter(db_assignment::Column::TargetId.eq(val))
.filter(
db_assignment::Column::Type
.is_in([DbAssignmentType::UserDomain, DbAssignmentType::GroupDomain]),
);
)
.filter(db_assignment::Column::Inherited.eq(false));
} else {
select_system_assignment =
select_system_assignment.filter(db_system_assignment::Column::TargetId.eq("system"));
select_system_assignment = select_system_assignment
.filter(db_system_assignment::Column::TargetId.eq("system"))
.filter(db_system_assignment::Column::Inherited.eq(false));
}

let results: Result<Vec<Assignment>, _> = if let Some(true) = &params.include_names {
Expand Down Expand Up @@ -254,8 +257,8 @@ mod tests {
),
Transaction::from_sql_and_values(
DatabaseBackend::Postgres,
r#"SELECT "system_assignment"."type", "system_assignment"."actor_id", "system_assignment"."target_id", "system_assignment"."role_id", "system_assignment"."inherited" FROM "system_assignment" WHERE "system_assignment"."target_id" = $1"#,
["system".into()]
r#"SELECT "system_assignment"."type", "system_assignment"."actor_id", "system_assignment"."target_id", "system_assignment"."role_id", "system_assignment"."inherited" FROM "system_assignment" WHERE "system_assignment"."target_id" = $1 AND "system_assignment"."inherited" = $2"#,
["system".into(), false.into()]
),
]
);
Expand Down Expand Up @@ -310,8 +313,8 @@ mod tests {
),
Transaction::from_sql_and_values(
DatabaseBackend::Postgres,
r#"SELECT "system_assignment"."type", "system_assignment"."actor_id", "system_assignment"."target_id", "system_assignment"."role_id", "system_assignment"."inherited" FROM "system_assignment" WHERE "system_assignment"."role_id" = $1 AND "system_assignment"."target_id" = $2"#,
["1".into(), "system".into()]
r#"SELECT "system_assignment"."type", "system_assignment"."actor_id", "system_assignment"."target_id", "system_assignment"."role_id", "system_assignment"."inherited" FROM "system_assignment" WHERE "system_assignment"."role_id" = $1 AND "system_assignment"."target_id" = $2 AND "system_assignment"."inherited" = $3"#,
["1".into(), "system".into(), false.into()]
),
]
);
Expand Down Expand Up @@ -349,8 +352,13 @@ mod tests {
db.into_transaction_log(),
[Transaction::from_sql_and_values(
DatabaseBackend::Postgres,
r#"SELECT CAST("assignment"."type" AS "text"), "assignment"."actor_id", "assignment"."target_id", "assignment"."role_id", "assignment"."inherited" FROM "assignment" WHERE "assignment"."target_id" = $1 AND "assignment"."type" IN (CAST($2 AS "type"), CAST($3 AS "type"))"#,
["target".into(), "UserProject".into(), "GroupProject".into()]
r#"SELECT CAST("assignment"."type" AS "text"), "assignment"."actor_id", "assignment"."target_id", "assignment"."role_id", "assignment"."inherited" FROM "assignment" WHERE "assignment"."target_id" = $1 AND "assignment"."type" IN (CAST($2 AS "type"), CAST($3 AS "type")) AND "assignment"."inherited" = $4"#,
[
"target".into(),
"UserProject".into(),
"GroupProject".into(),
false.into()
]
),]
);
}
Expand Down Expand Up @@ -404,8 +412,8 @@ mod tests {
),
Transaction::from_sql_and_values(
DatabaseBackend::Postgres,
r#"SELECT "system_assignment"."type" AS "A_type", "system_assignment"."actor_id" AS "A_actor_id", "system_assignment"."target_id" AS "A_target_id", "system_assignment"."role_id" AS "A_role_id", "system_assignment"."inherited" AS "A_inherited", "role"."id" AS "B_id", "role"."name" AS "B_name", "role"."extra" AS "B_extra", "role"."domain_id" AS "B_domain_id", "role"."description" AS "B_description" FROM "system_assignment" LEFT JOIN "role" ON "system_assignment"."role_id" = "role"."id" WHERE "system_assignment"."target_id" = $1"#,
["system".into()]
r#"SELECT "system_assignment"."type" AS "A_type", "system_assignment"."actor_id" AS "A_actor_id", "system_assignment"."target_id" AS "A_target_id", "system_assignment"."role_id" AS "A_role_id", "system_assignment"."inherited" AS "A_inherited", "role"."id" AS "B_id", "role"."name" AS "B_name", "role"."extra" AS "B_extra", "role"."domain_id" AS "B_domain_id", "role"."description" AS "B_description" FROM "system_assignment" LEFT JOIN "role" ON "system_assignment"."role_id" = "role"."id" WHERE "system_assignment"."target_id" = $1 AND "system_assignment"."inherited" = $2"#,
["system".into(), false.into()]
),
]
);
Expand Down
10 changes: 9 additions & 1 deletion src/assignment/error.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ use crate::assignment::backend::error::*;
use crate::assignment::types::assignment::RoleAssignmentListForMultipleActorTargetParametersBuilderError;
use crate::assignment::types::*;
use crate::identity::error::IdentityProviderError;
use crate::resource::error::ResourceProviderError;

#[derive(Error, Debug)]
pub enum AssignmentProviderError {
Expand All @@ -43,13 +44,20 @@ pub enum AssignmentProviderError {
#[error(transparent)]
AssignmentDatabaseError { source: AssignmentDatabaseError },

/// Identity provider error
/// Identity provider error.
#[error(transparent)]
IdentityProvider {
#[from]
source: IdentityProviderError,
},

/// Resource provider error.
#[error(transparent)]
ResourceProvider {
#[from]
source: ResourceProviderError,
},

/// Invalid assignment type.
#[error("{0}")]
InvalidAssignmentType(String),
Expand Down
79 changes: 47 additions & 32 deletions src/assignment/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ use crate::config::Config;
use crate::identity::IdentityApi;
use crate::keystone::ServiceState;
use crate::plugin_manager::PluginManager;
use crate::resource::ResourceApi;

#[cfg(test)]
pub use mock::MockAssignmentProvider;
Expand All @@ -51,9 +52,9 @@ impl AssignmentProvider {
} else {
match config.assignment.driver.as_str() {
"sql" => Box::new(SqlBackend::default()),
_ => {
other => {
return Err(AssignmentProviderError::UnsupportedDriver(
config.assignment.driver.clone(),
other.to_string(),
));
}
}
Expand Down Expand Up @@ -92,40 +93,54 @@ impl AssignmentApi for AssignmentProvider {
state: &ServiceState,
params: &RoleAssignmentListParameters,
) -> Result<impl IntoIterator<Item = Assignment>, AssignmentProviderError> {
if let Some(true) = &params.effective {
let mut request = RoleAssignmentListForMultipleActorTargetParametersBuilder::default();
let mut actors: Vec<String> = Vec::new();
let mut targets: Vec<RoleAssignmentTarget> = Vec::new();
if let Some(role_id) = &params.role_id {
request.role_id(role_id);
}
if let Some(uid) = &params.user_id {
actors.push(uid.into());
}
if let Some(true) = &params.effective
&& let Some(uid) = &params.user_id
let mut request = RoleAssignmentListForMultipleActorTargetParametersBuilder::default();
let mut actors: Vec<String> = Vec::new();
let mut targets: Vec<RoleAssignmentTarget> = Vec::new();
if let Some(role_id) = &params.role_id {
request.role_id(role_id);
}
if let Some(uid) = &params.user_id {
actors.push(uid.into());
}
if let Some(true) = &params.effective
&& let Some(uid) = &params.user_id
{
let users = state
.provider
.get_identity_provider()
.list_groups_of_user(state, uid)
.await?;
actors.extend(users.into_iter().map(|x| x.id));
};
if let Some(val) = &params.project_id {
targets.push(RoleAssignmentTarget {
target_id: val.clone(),
inherited: Some(false),
});
if let Some(parents) = state
.provider
.get_resource_provider()
.get_project_parents(state, val)
.await?
{
let users = state
.provider
.get_identity_provider()
.list_groups_of_user(state, uid)
.await?;
actors.extend(users.into_iter().map(|x| x.id));
};
if let Some(val) = &params.project_id {
targets.push(RoleAssignmentTarget {
target_id: val.clone(),
..Default::default()
parents.iter().for_each(|parent_project| {
targets.push(RoleAssignmentTarget {
target_id: parent_project.id.clone(),
inherited: Some(true),
});
});
}
request.targets(targets);
request.actors(actors);
self.backend_driver
.list_assignments_for_multiple_actors_and_targets(state, &request.build()?)
.await
} else {
self.backend_driver.list_assignments(state, params).await
} else if let Some(val) = &params.domain_id {
targets.push(RoleAssignmentTarget {
target_id: val.clone(),
inherited: Some(false),
});
}
request.targets(targets);
request.actors(actors);
self.backend_driver
.list_assignments_for_multiple_actors_and_targets(state, &request.build()?)
.await
}

/// Create assignment grant.
Expand Down
4 changes: 2 additions & 2 deletions src/assignment/types/assignment.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,9 +29,9 @@ pub struct Assignment {
pub actor_id: String,
/// The target id.
pub target_id: String,
/// The assignment type
/// The assignment type.
pub r#type: AssignmentType,
/// Inherited flag
/// Inherited flag.
pub inherited: bool,
}

Expand Down
Loading
Loading