Yash2412 commented on code in PR #33924:
URL: https://github.com/apache/superset/pull/33924#discussion_r2751105537
##########
tests/integration_tests/security_tests.py:
##########
@@ -2078,6 +2078,170 @@ def test_get_guest_user(self):
assert guest_user is not None
assert "test_guest" == guest_user.username
+ def create_guest_token_with_attributes(self):
+ user = {
+ "username": "test_guest_with_attrs",
+ "first_name": "Test",
+ "last_name": "Guest",
+ "attributes": {
+ "department": "Engineering",
+ "region": "US",
+ "role": "developer",
+ "team": "data-platform",
+ },
+ }
+ resources = [{"some": "resource"}]
+ rls = [{"dataset": 1, "clause": "access = 1"}]
+ return security_manager.create_guest_access_token(user, resources, rls)
+
+ def test_create_guest_access_token_with_attributes(self):
+ """Test creating guest access token with user attributes."""
+ user_with_attributes = {
+ "username": "test_guest_attrs",
+ "first_name": "Test",
+ "last_name": "Guest",
+ "attributes": {
+ "department": "Engineering",
+ "region": "US",
+ "clearance_level": "standard",
+ "projects": ["analytics", "ml-platform"],
+ "team_lead": True,
+ },
+ }
+ resources = [{"type": "dashboard", "id": "test-dashboard"}]
+ rls = [{"dataset": 1, "clause": "id = 1"}]
+
+ token = security_manager.create_guest_access_token(
+ user_with_attributes, resources, rls
+ )
+
+ # Decode and verify the token contains attributes
+ aud = get_url_host()
+ decoded_token = jwt.decode(
+ token,
+ self.app.config["GUEST_TOKEN_JWT_SECRET"],
+ algorithms=[self.app.config["GUEST_TOKEN_JWT_ALGO"]],
+ audience=aud,
+ )
+
+ assert "user" in decoded_token
+ user = decoded_token["user"]
+ assert "attributes" in user
+ assert user["attributes"]["department"] == "Engineering"
+ assert user["attributes"]["region"] == "US"
+ assert user["attributes"]["clearance_level"] == "standard"
+ assert user["attributes"]["projects"] == ["analytics", "ml-platform"]
+ assert user["attributes"]["team_lead"] is True
+
+ def test_get_guest_user_with_attributes(self):
+ """Test that guest user properly retains attributes from token."""
+ token = self.create_guest_token_with_attributes()
+ fake_request = FakeRequest()
+ fake_request.headers[current_app.config["GUEST_TOKEN_HEADER_NAME"]] =
token
+
+ guest_user = security_manager.get_guest_user_from_request(fake_request)
+
+ assert guest_user is not None
+ assert "test_guest_with_attrs" == guest_user.username
+
+ # Verify attributes are accessible through guest_token
+ assert hasattr(guest_user, "guest_token")
+ token_user = guest_user.guest_token["user"]
Review Comment:
Its a test case file and test cases are working fine.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
