fix(upsert): upsert policies (#699)

* fix(upsert): upsert policies * fix(upsert): bump gen3authz * fix(mocks): mock refactored gen3authz * fix(mocks): fix mocks in test_data
uc-cdis · Sep 23, 2019 · 025a81c · 025a81c
1 parent 79ca3cf
commit 025a81c
Show file tree

Hide file tree

Showing 4 changed files with 34 additions and 46 deletions.
diff --git a/fence/sync/sync_users.py b/fence/sync/sync_users.py
@@ -1074,8 +1074,8 @@ def _update_arborist(self, session, user_yaml):
         policies = user_yaml.rbac.get("policies", [])
         for policy in policies:
             try:
-                response = self.arborist_client.create_policy(
-                    policy, skip_if_exists=True
+                response = self.arborist_client.update_policy(
+                    policy["id"], policy, create_if_not_exist=True
                 )
                 if response:
                     self._created_policies.add(policy["id"])
@@ -1190,14 +1190,15 @@ def _update_authz_in_arborist(self, session, user_projects, user_yaml=None):
                         policy_id = _format_policy_id(path, permission)
                         if policy_id not in self._created_policies:
                             try:
-                                self.arborist_client.create_policy(
+                                self.arborist_client.update_policy(
+                                    policy_id,
                                     {
                                         "id": policy_id,
                                         "description": "policy created by fence sync",
                                         "role_ids": [permission],
                                         "resource_paths": [path],
                                     },
-                                    skip_if_exists=True,
+                                    create_if_not_exist=True,
                                 )
                             except ArboristError as e:
                                 self.logger.info(

diff --git a/requirements.txt b/requirements.txt
@@ -15,7 +15,7 @@ Flask-CORS==3.0.3
 Flask_OAuthlib==0.9.4
 flask-restful==0.3.6
 Flask_SQLAlchemy_Session==1.1
-gen3authz==0.2.1
+gen3authz==0.2.2
 gen3config==0.1.7
 gen3cirrus==1.1.1
 gen3users

diff --git a/tests/conftest.py b/tests/conftest.py
@@ -194,44 +194,31 @@ def do_patch(urls_to_responses=None):
         defaults.update(urls_to_responses)
         urls_to_responses = defaults
 
-        def make_mock_response(method):
-            def response(url, *args, **kwargs):
-                mocked_response = MagicMock(requests.Response)
-                if url not in urls_to_responses:
-                    mocked_response.status_code = 404
-                    return mocked_response
-                if method not in urls_to_responses[url]:
-                    mocked_response.status_code = 405
-                    return mocked_response
+        def response_for(method, url, *args, **kwargs):
+            method = method.upper()
+            mocked_response = MagicMock(requests.Response)
+            if url not in urls_to_responses:
+                mocked_response.status_code = 404
+                mocked_response.text = "NOT FOUND"
+            elif method not in urls_to_responses[url]:
+                mocked_response.status_code = 405
+                mocked_response.text = "METHOD NOT ALLOWED"
+            else:
                 content, code = urls_to_responses[url][method]
                 mocked_response.status_code = code
                 if isinstance(content, dict):
                     mocked_response.json.return_value = content
-                return mocked_response
-
-            return response
-
-        mocked_get = MagicMock(side_effect=make_mock_response("GET"))
-        mocked_post = MagicMock(side_effect=make_mock_response("POST"))
-        mocked_delete = MagicMock(side_effect=make_mock_response("DELETE"))
+                else:
+                    mocked_response.text = content
+            return mocked_response
 
-        patch_get = mock.patch(
-            "gen3authz.client.arborist.client.requests.get", mocked_get
+        mocked_method = MagicMock(side_effect=response_for)
+        patch_method = mock.patch(
+            "gen3authz.client.arborist.client.requests.request", mocked_method
         )
-        patch_post = mock.patch(
-            "gen3authz.client.arborist.client.requests.post", mocked_post
-        )
-        patch_delete = mock.patch(
-            "gen3authz.client.arborist.client.requests.delete", mocked_delete
-        )
-
-        patch_get.start()
-        patch_post.start()
-        patch_delete.start()
 
-        request.addfinalizer(patch_get.stop)
-        request.addfinalizer(patch_post.stop)
-        request.addfinalizer(patch_delete.stop)
+        patch_method.start()
+        request.addfinalizer(patch_method.stop)
 
     return do_patch
 

diff --git a/tests/data/test_data.py b/tests/data/test_data.py
@@ -493,8 +493,8 @@ def json(self):
             }
         )
         data_requests.post.return_value.status_code = 200
-        arborist_requests.post.return_value = MockResponse({"auth": True})
-        arborist_requests.post.return_value.status_code = 200
+        arborist_requests.request.return_value = MockResponse({"auth": True})
+        arborist_requests.request.return_value.status_code = 200
         headers = {
             "Authorization": "Bearer " + encoded_creds_jwt.jwt,
             "Content-Type": "application/json",
@@ -755,8 +755,8 @@ def json(self):
     )
     with data_requests_mocker as data_requests, arborist_requests_mocker as arborist_requests:
         # pretend arborist says "no"
-        arborist_requests.post.return_value = MockResponse({"auth": False})
-        arborist_requests.post.return_value.status_code = 200
+        arborist_requests.request.return_value = MockResponse({"auth": False})
+        arborist_requests.request.return_value.status_code = 200
         headers = {
             "Authorization": "Bearer " + encoded_creds_jwt.jwt,
             "Content-Type": "application/json",
@@ -843,8 +843,8 @@ def json(self):
             }
         )
         data_requests.post.return_value.status_code = 200
-        arborist_requests.post.return_value = MockResponse({"auth": True})
-        arborist_requests.post.return_value.status_code = 200
+        arborist_requests.request.return_value = MockResponse({"auth": True})
+        arborist_requests.request.return_value.status_code = 200
         fence.blueprints.data.indexd.BlankIndex.init_multipart_upload.return_value = (
             "test_uploadId"
         )
@@ -898,8 +898,8 @@ def json(self):
             }
         )
         data_requests.post.return_value.status_code = 200
-        arborist_requests.post.return_value = MockResponse({"auth": True})
-        arborist_requests.post.return_value.status_code = 200
+        arborist_requests.request.return_value = MockResponse({"auth": True})
+        arborist_requests.request.return_value.status_code = 200
         fence.blueprints.data.indexd.BlankIndex.generate_aws_presigned_url_for_part.return_value = (
             "test_presigned"
         )
@@ -945,8 +945,8 @@ def json(self):
             }
         )
         data_requests.post.return_value.status_code = 200
-        arborist_requests.post.return_value = MockResponse({"auth": True})
-        arborist_requests.post.return_value.status_code = 200
+        arborist_requests.request.return_value = MockResponse({"auth": True})
+        arborist_requests.request.return_value.status_code = 200
         fence.blueprints.data.indexd.BlankIndex.generate_aws_presigned_url_for_part.return_value = (
             "test_presigned"
         )