hass-core/tests/auth/test_models.py

"""Tests for the auth models."""

from homeassistant.auth import models, permissions


def test_owner_fetching_owner_permissions() -> None:
    """Test we fetch the owner permissions for an owner user."""
    group = models.Group(name="Test Group", policy={})
    owner = models.User(
        name="Test User", perm_lookup=None, groups=[group], is_owner=True
    )
    assert owner.permissions is permissions.OwnerPermissions


def test_permissions_merged() -> None:
    """Test we merge the groups permissions."""
    group = models.Group(
        name="Test Group", policy={"entities": {"domains": {"switch": True}}}
    )
    group2 = models.Group(
        name="Test Group", policy={"entities": {"entity_ids": {"light.kitchen": True}}}
    )
    user = models.User(name="Test User", perm_lookup=None, groups=[group, group2])
    # Make sure we cache instance
    assert user.permissions is user.permissions

    assert user.permissions.check_entity("switch.bla", "read") is True
    assert user.permissions.check_entity("light.kitchen", "read") is True
    assert user.permissions.check_entity("light.not_kitchen", "read") is False


def test_cache_cleared_on_group_change() -> None:
    """Test we clear the cache when a group changes."""
    group = models.Group(
        name="Test Group", policy={"entities": {"domains": {"switch": True}}}
    )
    admin_group = models.Group(
        name="Admin group", id=models.GROUP_ID_ADMIN, policy={"entities": {}}
    )
    user = models.User(
        name="Test User", perm_lookup=None, groups=[group], is_active=True
    )
    # Make sure we cache instance
    assert user.permissions is user.permissions

    # Make sure we cache is_admin
    assert user.is_admin is user.is_admin
    assert user.is_active is True

    user.groups = []
    assert user.groups == []
    assert user.is_admin is False

    user.is_owner = True
    assert user.is_admin is True
    user.is_owner = False

    assert user.is_admin is False
    user.groups = [admin_group]
    assert user.is_admin is True

    user.is_active = False
    assert user.is_admin is False
Add permissions foundation (#16890) * Add permission foundation * Address comments * typing * False > True * Convert more lambdas * Use constants * Remove support for False * Fix only allow True 2018-10-11 19:24:25 +02:00			`"""Tests for the auth models."""`
Add empty line after module docstring [helpers + other] (#112707) 2024-03-08 16:36:11 +01:00
Add permissions foundation (#16890) * Add permission foundation * Address comments * typing * False > True * Convert more lambdas * Use constants * Remove support for False * Fix only allow True 2018-10-11 19:24:25 +02:00			`from homeassistant.auth import models, permissions`


Add return type to tests without arguments (#87613) * Add return type to tests without arguments * Black * Cancel fixture amends 2023-02-07 14:20:06 +01:00			`def test_owner_fetching_owner_permissions() -> None:`
Add permissions foundation (#16890) * Add permission foundation * Address comments * typing * False > True * Convert more lambdas * Use constants * Remove support for False * Fix only allow True 2018-10-11 19:24:25 +02:00			`"""Test we fetch the owner permissions for an owner user."""`
			`group = models.Group(name="Test Group", policy={})`
Allow checking entity permissions based on devices (#19007) * Allow checking entity permissions based on devices * Fix tests 2018-12-05 11:41:00 +01:00			`owner = models.User(`
			`name="Test User", perm_lookup=None, groups=[group], is_owner=True`
			`)`
Add permissions foundation (#16890) * Add permission foundation * Address comments * typing * False > True * Convert more lambdas * Use constants * Remove support for False * Fix only allow True 2018-10-11 19:24:25 +02:00			`assert owner.permissions is permissions.OwnerPermissions`


Add return type to tests without arguments (#87613) * Add return type to tests without arguments * Black * Cancel fixture amends 2023-02-07 14:20:06 +01:00			`def test_permissions_merged() -> None:`
Add permissions foundation (#16890) * Add permission foundation * Address comments * typing * False > True * Convert more lambdas * Use constants * Remove support for False * Fix only allow True 2018-10-11 19:24:25 +02:00			`"""Test we merge the groups permissions."""`
			`group = models.Group(`
			`name="Test Group", policy={"entities": {"domains": {"switch": True}}}`
Allow checking entity permissions based on devices (#19007) * Allow checking entity permissions based on devices * Fix tests 2018-12-05 11:41:00 +01:00			`)`
Add permissions foundation (#16890) * Add permission foundation * Address comments * typing * False > True * Convert more lambdas * Use constants * Remove support for False * Fix only allow True 2018-10-11 19:24:25 +02:00			`group2 = models.Group(`
			`name="Test Group", policy={"entities": {"entity_ids": {"light.kitchen": True}}}`
Black 2019-07-31 12:25:30 -07:00			`)`
Add permissions foundation (#16890) * Add permission foundation * Address comments * typing * False > True * Convert more lambdas * Use constants * Remove support for False * Fix only allow True 2018-10-11 19:24:25 +02:00			`user = models.User(name="Test User", perm_lookup=None, groups=[group, group2])`
			`# Make sure we cache instance`
			`assert user.permissions is user.permissions`

Permissions improv (#17811) * Break up permissions file. * Granular entity permissions * Add "all" entity permission * Lint * Fix types 2018-10-29 11:28:04 +01:00			`assert user.permissions.check_entity("switch.bla", "read") is True`
			`assert user.permissions.check_entity("light.kitchen", "read") is True`
			`assert user.permissions.check_entity("light.not_kitchen", "read") is False`
Refactor User attribute caching to be safer and more efficient (#96723) * Cache construction of is_admin This has to be checked for a lot of api calls and the websocket every time the call is made * Cache construction of is_admin This has to be checked for a lot of api calls and the websocket every time the call is made * Cache construction of is_admin This has to be checked for a lot of api calls and the websocket every time the call is made * modernize * coverage * coverage * verify caching * verify caching * fix type * fix mocking 2024-01-13 10:10:50 -10:00

			`def test_cache_cleared_on_group_change() -> None:`
			`"""Test we clear the cache when a group changes."""`
			`group = models.Group(`
			`name="Test Group", policy={"entities": {"domains": {"switch": True}}}`
			`)`
			`admin_group = models.Group(`
			`name="Admin group", id=models.GROUP_ID_ADMIN, policy={"entities": {}}`
			`)`
			`user = models.User(`
			`name="Test User", perm_lookup=None, groups=[group], is_active=True`
			`)`
			`# Make sure we cache instance`
			`assert user.permissions is user.permissions`

			`# Make sure we cache is_admin`
			`assert user.is_admin is user.is_admin`
			`assert user.is_active is True`

			`user.groups = []`
			`assert user.groups == []`
			`assert user.is_admin is False`

			`user.is_owner = True`
			`assert user.is_admin is True`
			`user.is_owner = False`

			`assert user.is_admin is False`
			`user.groups = [admin_group]`
			`assert user.is_admin is True`

			`user.is_active = False`
			`assert user.is_admin is False`