Merge pull request #131 from pehala/rhsso_user

Add User RHSSO object
Kuadrant · Oct 19, 2022 · 0a4ae62 · 0a4ae62
2 parents de34f4c + 91721e6
commit 0a4ae62
Show file tree

Hide file tree

Showing 4 changed files with 37 additions and 17 deletions.
diff --git a/testsuite/oidc/rhsso/__init__.py b/testsuite/oidc/rhsso/__init__.py
@@ -6,7 +6,7 @@
 
 from testsuite.oidc import OIDCProvider, Token
 from testsuite.objects import LifecycleObject
-from .objects import Realm, Client
+from .objects import Realm, Client, User
 
 
 # pylint: disable=too-many-instance-attributes

diff --git a/testsuite/oidc/rhsso/objects.py b/testsuite/oidc/rhsso/objects.py
@@ -38,7 +38,7 @@ def create_user(self, username, password, **kwargs):
         user_id = self.admin.get_user_id(username)
         self.admin.set_user_password(user_id, password, temporary=False)
         self.admin.update_user(user_id, {"emailVerified": True})
-        return user_id
+        return User(self, user_id, username, password)
 
     def create_realm_role(self, role_name: str):
         """Creates realm role
@@ -49,15 +49,6 @@ def create_realm_role(self, role_name: str):
         role_id = self.admin.get_realm_role(role_name)["id"]
         return {"name": role_name, "id": role_id}
 
-    def assign_realm_role(self, role, user_id: str):
-        """Assigns realm role to user
-        :param role: Dictionary with two keys "name" and "id" of role to assign
-        :param user_id: Id of user to assign role to
-        :returns: Keycloak server response
-        """
-        return self.admin.assign_realm_roles(user_id=user_id,
-                                             roles=role)
-
     def oidc_client(self, client_id, client_secret):
         """Create OIDC client for this realm"""
         return KeycloakOpenID(server_url=self.admin.server_url,
@@ -87,3 +78,32 @@ def oidc_client(self):
         client_id = self.admin.get_client(self.client_id)["clientId"]
         secret = self.admin.get_client_secrets(self.client_id)["value"]
         return self.realm.oidc_client(client_id, secret)
+
+
+class User:
+    """Wrapper object for User object in RHSSO"""
+
+    def __init__(self, realm: Realm, user_id, username, password) -> None:
+        super().__init__()
+        self.admin = realm.admin
+        self.realm = realm
+        self.user_id = user_id
+        self.username = username
+        self.password = password
+
+    def update_user(self, **properties):
+        """Updates user"""
+        self.admin.update_user(self.user_id, properties)
+
+    def assign_realm_role(self, role):
+        """Assigns realm role to user
+        :param role: Dictionary with two keys "name" and "id" of role to assign
+        :returns: Keycloak server response
+        """
+        return self.admin.assign_realm_roles(user_id=self.user_id,
+                                             roles=role)
+
+    @property
+    def properties(self):
+        """Returns User information in a dict"""
+        return self.admin.get_user(self.user_id)
diff --git a/testsuite/tests/kuadrant/authorino/identity/rhsso/test_rhsso_context.py b/testsuite/tests/kuadrant/authorino/identity/rhsso/test_rhsso_context.py
@@ -17,7 +17,7 @@ def authorization(authorization):
 @pytest.fixture(scope="module")
 def realm_role(rhsso, realm_role):
     """Add realm role to rhsso user"""
-    rhsso.realm.assign_realm_role(realm_role, rhsso.user)
+    rhsso.user.assign_realm_role(realm_role)
     return realm_role
 
 
@@ -38,4 +38,4 @@ def tests_rhsso_context(client, auth, rhsso, realm_role):
     assert float(identity["iat"]) <= now
     assert auth_json["context"] == f"Bearer {auth.token.access_token}"
     assert realm_role["name"] in identity["realm_access"]["roles"]
-    assert identity['email'] == rhsso.client.admin.get_user(rhsso.user)["email"]
+    assert identity['email'] == rhsso.user.properties["email"]
diff --git a/testsuite/tests/kuadrant/authorino/identity/rhsso/test_rhsso_roles.py b/testsuite/tests/kuadrant/authorino/identity/rhsso/test_rhsso_roles.py
@@ -8,9 +8,9 @@ def user_with_role(rhsso, realm_role, blame):
     """Creates new user and adds him into realm_role"""
     username = blame("someuser")
     password = blame("password")
-    user_id = rhsso.realm.create_user(username, password)
-    rhsso.realm.assign_realm_role(realm_role, user_id)
-    return {"id": user_id, "username": username, "password": password}
+    user = rhsso.realm.create_user(username, password)
+    user.assign_realm_role(realm_role)
+    return user
 
 
 @pytest.fixture(scope="module")
@@ -22,7 +22,7 @@ def authorization(authorization, realm_role, blame):
 
 def test_user_with_role(client, user_with_role, rhsso):
     """Test request when user does have required role using new user with assigned role"""
-    auth = HttpxOidcClientAuth(rhsso.get_token(user_with_role["username"], user_with_role["password"]),
+    auth = HttpxOidcClientAuth(rhsso.get_token(user_with_role.username, user_with_role.password),
                                "authorization")
     response = client.get("/get", auth=auth)
     assert response.status_code == 200