Skip to content

Commit efa71bb

Browse files
git-hyagiclaude
andauthored
fix(tests): fix lightwell readonly group permission tests (#1315)
Use GroupsUsersApi to explicitly add users to the read-only group instead of passing groups during UsersApi creation (which is silently ignored by pulpcore's UserSerializer). Use DomainsApi bindings for domain listing instead of a manually-constructed URL that 404s when DOMAIN_ENABLED=True. Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1 parent 0e17f73 commit efa71bb

2 files changed

Lines changed: 13 additions & 8 deletions

File tree

pulp_service/pulp_service/tests/functional/constants.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -43,7 +43,7 @@
4343
# "lightwell" domain's PyPI views. These are real staging Features Service accounts.
4444
LIGHTWELL_NETWORK_FEATURE = "lightwell-network"
4545
LIGHTWELL_ENTITLED_ORG_ID = "20368420" # has the lightwell-network feature
46-
LIGHTWELL_NOT_ENTITLED_ORG_ID = "1979710" # does not have the lightwell-network feature
46+
LIGHTWELL_NOT_ENTITLED_ORG_ID = "11111111" # does not have the lightwell-network feature
4747

4848
# VULNERABILITY REPORT CONSTANTS
4949
# NPM

pulp_service/pulp_service/tests/functional/test_lightwell_readonly_group_permission.py

Lines changed: 12 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -133,7 +133,12 @@ def _gen_member(username_suffix):
133133
combined_username = _combined_username(GROUP_MEMBER_ORG_ID, username)
134134
gen_object_with_cleanup(
135135
pulpcore_bindings.UsersApi,
136-
{"username": combined_username, "groups": [lightwell_readonly_group.pulp_href]},
136+
{"username": combined_username},
137+
)
138+
gen_object_with_cleanup(
139+
pulpcore_bindings.GroupsUsersApi,
140+
group_href=lightwell_readonly_group.pulp_href,
141+
group_user={"username": combined_username},
137142
)
138143
return _identity_header(GROUP_MEMBER_ORG_ID, username)
139144

@@ -219,16 +224,16 @@ def test_readonly_group_member_denied_on_other_domains(
219224

220225

221226
def test_readonly_group_member_sees_lightwell_domain_in_listing(
222-
configure_lightwell_domain, gen_readonly_group_member, bindings_cfg
227+
configure_lightwell_domain, gen_readonly_group_member, pulpcore_bindings, anonymous_user
223228
):
224229
"""The lightwell domain shows up in GET /domains/ for read-only group members, via
225230
DomainBasedPermission.scope_queryset()."""
226231
del configure_lightwell_domain # ensure the "lightwell" domain exists
227-
headers = {"x-rh-identity": gen_readonly_group_member("domain-list")}
228-
domains_url = urljoin(bindings_cfg.host, "/api/pulp/api/v3/domains/")
232+
member_header = gen_readonly_group_member("domain-list")
229233

230-
response = requests.get(domains_url, headers=headers, timeout=30)
234+
with anonymous_user:
235+
pulpcore_bindings.DomainsApi.api_client.default_headers["x-rh-identity"] = member_header
236+
response = pulpcore_bindings.DomainsApi.list()
231237

232-
assert response.status_code == 200
233-
domain_names = {domain["name"] for domain in response.json()["results"]}
238+
domain_names = {domain.name for domain in response.results}
234239
assert LIGHTWELL_DOMAIN_NAME in domain_names

0 commit comments

Comments
 (0)