137 lines
5.6 KiB
Python
137 lines
5.6 KiB
Python
from __future__ import annotations
|
|
|
|
import unittest
|
|
from types import SimpleNamespace
|
|
|
|
from govoplan_access.backend.manifest import get_manifest as get_access_manifest
|
|
from govoplan_core.core.modules import DocumentationCondition
|
|
from govoplan_core.core.registry import PlatformRegistry
|
|
from govoplan_tenancy.backend.manifest import get_manifest as get_tenancy_manifest
|
|
from govoplan_docs.backend.api.v1.routes import (
|
|
_classify_documentation,
|
|
_condition_visibility,
|
|
_documentation_topic_anchor,
|
|
_documentation_topic_groups,
|
|
)
|
|
from govoplan_docs.backend.manifest import get_manifest as get_docs_manifest
|
|
|
|
|
|
class FakePrincipal:
|
|
tenant_id = "tenant-1"
|
|
user = SimpleNamespace(id="user-1")
|
|
|
|
def __init__(self, scopes: set[str]) -> None:
|
|
self.scopes = frozenset(scopes)
|
|
|
|
def has(self, required_scope: str) -> bool:
|
|
return required_scope in self.scopes
|
|
|
|
|
|
class DocsContextTests(unittest.TestCase):
|
|
def test_topic_groups_preserve_layer_classification(self) -> None:
|
|
registry = PlatformRegistry()
|
|
registry.register(get_tenancy_manifest())
|
|
registry.register(get_access_manifest())
|
|
registry.register(get_docs_manifest())
|
|
principal = FakePrincipal({"admin:users:read", "admin:groups:read", "docs:documentation:read"})
|
|
|
|
layers = _classify_documentation(
|
|
registry,
|
|
principal,
|
|
settings=None,
|
|
session=None,
|
|
documentation_type="admin",
|
|
locale="en",
|
|
)
|
|
groups = _documentation_topic_groups(layers)
|
|
|
|
workflow_ids = {topic["id"] for topic in groups["workflow"]}
|
|
reference_ids = {topic["id"] for topic in groups["reference"]}
|
|
pattern_ids = {topic["id"] for topic in groups["pattern"]}
|
|
system_ids = {topic["id"] for topic in groups["system"]}
|
|
|
|
self.assertIn("access.workflow.grant-user-access", workflow_ids)
|
|
self.assertIn("access.reference.admin-access-fields", reference_ids)
|
|
self.assertIn("docs.pattern.field-help", pattern_ids)
|
|
self.assertIn("docs.configured-system-documentation", system_ids)
|
|
|
|
configured_ids = {topic["id"] for topic in layers["configured"]}
|
|
always_ids = {topic["id"] for topic in layers["always"]}
|
|
self.assertIn("access.workflow.grant-user-access", configured_ids)
|
|
self.assertIn("docs.pattern.field-help", always_ids)
|
|
|
|
def test_unavailable_topic_still_appears_in_kind_group(self) -> None:
|
|
registry = PlatformRegistry()
|
|
registry.register(get_tenancy_manifest())
|
|
registry.register(get_access_manifest())
|
|
registry.register(get_docs_manifest())
|
|
principal = FakePrincipal({"docs:documentation:read"})
|
|
|
|
layers = _classify_documentation(
|
|
registry,
|
|
principal,
|
|
settings=None,
|
|
session=None,
|
|
documentation_type="user",
|
|
locale="en",
|
|
)
|
|
groups = _documentation_topic_groups(layers)
|
|
workflows = {topic["id"]: topic for topic in groups["workflow"]}
|
|
|
|
self.assertIn("access.workflow.grant-user-access", workflows)
|
|
self.assertFalse(workflows["access.workflow.grant-user-access"]["active"])
|
|
self.assertIn("access.workflow.grant-user-access", {topic["id"] for topic in layers["available"]})
|
|
|
|
def test_topic_anchor_is_stable(self) -> None:
|
|
self.assertEqual(
|
|
_documentation_topic_anchor("access", "access.workflow.grant-user-access"),
|
|
"docs-topic-access-access-workflow-grant-user-access",
|
|
)
|
|
|
|
def test_condition_visibility_reports_module_capability_and_scope_blockers(self) -> None:
|
|
registry = PlatformRegistry()
|
|
condition = DocumentationCondition(
|
|
required_modules=("mail",),
|
|
any_modules=("files", "campaigns"),
|
|
missing_modules=("legacy",),
|
|
required_capabilities=("mail.delivery",),
|
|
required_scopes=("docs:documentation:read",),
|
|
any_scopes=("mail:profile:read", "admin:policies:read"),
|
|
)
|
|
principal = FakePrincipal({"docs:documentation:read"})
|
|
|
|
active, reason, blockers = _condition_visibility(condition, {"legacy"}, registry, principal)
|
|
|
|
self.assertFalse(active)
|
|
self.assertEqual(
|
|
reason,
|
|
"missing modules: mail; "
|
|
"requires one installed module from: files, campaigns; "
|
|
"not active when installed: legacy; "
|
|
"missing capabilities: mail.delivery; "
|
|
"requires one scope from: mail:profile:read, admin:policies:read",
|
|
)
|
|
self.assertEqual(blockers["modules"], ["mail", "files", "campaigns", "legacy"])
|
|
self.assertEqual(blockers["capabilities"], ["mail.delivery"])
|
|
self.assertEqual(blockers["scopes"], ["mail:profile:read", "admin:policies:read"])
|
|
|
|
def test_condition_visibility_accepts_any_module_scope_and_capability(self) -> None:
|
|
registry = PlatformRegistry()
|
|
registry.register_capability_factory("mail", "mail.delivery", lambda context: object())
|
|
condition = DocumentationCondition(
|
|
any_modules=("files", "campaigns"),
|
|
required_capabilities=("mail.delivery",),
|
|
any_scopes=("mail:profile:read", "admin:policies:read"),
|
|
)
|
|
principal = FakePrincipal({"admin:policies:read"})
|
|
|
|
active, reason, blockers = _condition_visibility(condition, {"campaigns"}, registry, principal)
|
|
|
|
self.assertTrue(active)
|
|
self.assertEqual(reason, "conditions satisfied")
|
|
self.assertEqual(blockers, {"modules": [], "capabilities": [], "scopes": []})
|
|
|
|
|
|
if __name__ == "__main__":
|
|
unittest.main()
|