# (c) cavaliba.com - test_iam.py

import yaml
from django.test import TestCase

import app_home.cache as cache
from app_data.loader import load_broker
from app_user.models import SirenePermission


class IAMPermissionTest(TestCase):
    def setUp(self):
        cache.clear()

    def test_existing_perms(self):
        perms = SirenePermission.objects.all()
        self.assertGreaterEqual(len(perms), 120)

    def test_permission_create_allow(self):
        datalist = yaml.safe_load("""
            - classname: _permission
              keyname: permission99
              _action: create
            """)
        aaa = {"perms": ["p_permission_create"]}
        _ = load_broker(datalist=datalist, aaa=aaa)

        classobj = SirenePermission.objects.filter(keyname="permission99").first()
        self.assertIsNotNone(classobj)

    def test_permission_create_deny(self):
        datalist = yaml.safe_load("""
            - classname: _permission
              keyname: permission99
              _action: create
            """)
        aaa = {"perms": ["p_iam_access"]}
        _ = load_broker(datalist=datalist, aaa=aaa)

        classobj = SirenePermission.objects.filter(keyname="permission99").first()
        self.assertIsNone(classobj)

    def test_permission_delete_allow(self):
        SirenePermission(keyname="p_unittest").save()

        datalist = yaml.safe_load("""
            - classname: _permission
              keyname: p_unittest
              _action: delete
            """)
        aaa = {"perms": ["p_permission_delete"]}
        _ = load_broker(datalist=datalist, aaa=aaa)

        classobj = SirenePermission.objects.filter(keyname="p_unittest").first()
        self.assertIsNone(classobj)

    def test_permission_delete_deny(self):
        SirenePermission(keyname="p_unittest").save()

        datalist = yaml.safe_load("""
            - classname: _permission
              keyname: p_unittest
              _action: delete
            """)
        aaa = {"perms": ["p_iam_access"]}
        _ = load_broker(datalist=datalist, aaa=aaa)

        classobj = SirenePermission.objects.filter(keyname="p_unittest").first()
        self.assertIsNotNone(classobj)

    def test_permission_update_allow(self):
        classobj = SirenePermission.objects.filter(keyname="p_log_view").first()
        self.assertEqual(classobj.displayname, "p_log_view")

        datalist = yaml.safe_load("""
            - classname: _permission
              keyname: p_log_view
              _action: update
              displayname: testnew
            """)
        aaa = {"perms": ["p_permission_update"]}
        _ = load_broker(datalist=datalist, aaa=aaa)

        classobj = SirenePermission.objects.filter(keyname="p_log_view").first()
        self.assertEqual(classobj.displayname, "testnew")

    def test_permission_update_deny(self):
        classobj = SirenePermission.objects.filter(keyname="p_log_view").first()
        self.assertEqual(classobj.displayname, "p_log_view")

        datalist = yaml.safe_load("""
            - classname: _permission
              keyname: p_log_view
              _action: update
              displayname: testnew
            """)
        aaa = {"perms": ["p_iam_access"]}
        _ = load_broker(datalist=datalist, aaa=aaa)

        classobj = SirenePermission.objects.filter(keyname="p_log_view").first()
        self.assertNotEqual(classobj.displayname, "testnew")