fix(tests): Removes duplicate policies tests & makes DataHub user configurable (#5365)

pedro93 · web-flow · commit 6e07ec59242a · 2022-07-15T19:14:19.000+05:30
diff --git a/smoke-test/test_e2e.py b/smoke-test/test_e2e.py
@@ -606,210 +606,6 @@ def test_ingest_without_system_metadata():
     response.raise_for_status()
 
 
-@pytest.mark.dependency(depends=["test_healthchecks", "test_run_ingestion"])
-def test_frontend_list_policies(frontend_session):
-
-    json = {
-        "query": """query listPolicies($input: ListPoliciesInput!) {\n
-            listPolicies(input: $input) {\n
-                start\n
-                count\n
-                total\n
-                policies {\n
-                    urn\n
-                    type\n
-                    name\n
-                    description\n
-                    state\n
-                    resources {\n
-                      type\n
-                      allResources\n
-                      resources\n
-                    }\n
-                    privileges\n
-                    actors {\n
-                      users\n
-                      groups\n
-                      allUsers\n
-                      allGroups\n
-                      resourceOwners\n
-                    }\n
-                    editable\n
-                }\n
-            }\n
-        }""",
-        "variables": {
-            "input": {
-                "start": "0",
-                "count": "20",
-            }
-        },
-    }
-    response = frontend_session.post(f"{get_frontend_url()}/api/v2/graphql", json=json)
-    response.raise_for_status()
-    res_data = response.json()
-
-    assert res_data
-    assert res_data["data"]
-    assert res_data["data"]["listPolicies"]
-    assert res_data["data"]["listPolicies"]["start"] == 0
-    assert res_data["data"]["listPolicies"]["count"] > 0
-    assert len(res_data["data"]["listPolicies"]["policies"]) > 0
-
-
-@pytest.mark.dependency(
-    depends=[
-        "test_healthchecks",
-        "test_run_ingestion",
-        "test_frontend_list_policies",
-    ]
-)
-def test_frontend_create_update_delete_policy(frontend_session):
-
-    # Policy tests are not idempotent. If you rerun this test it will be wrong.
-    json = {
-        "query": """mutation createPolicy($input: PolicyUpdateInput!) {\n
-            createPolicy(input: $input) }""",
-        "variables": {
-            "input": {
-                "type": "METADATA",
-                "name": "Test Metadata Policy",
-                "description": "My Metadaata Policy",
-                "state": "ACTIVE",
-                "resources": {"type": "dataset", "allResources": True},
-                "privileges": ["EDIT_ENTITY_TAGS"],
-                "actors": {
-                    "users": ["urn:li:corpuser:datahub"],
-                    "resourceOwners": False,
-                    "allUsers": False,
-                    "allGroups": False,
-                },
-            }
-        },
-    }
-
-    response = frontend_session.post(f"{get_frontend_url()}/api/v2/graphql", json=json)
-    response.raise_for_status()
-    res_data = response.json()
-
-    assert res_data
-    assert res_data["data"]
-    assert res_data["data"]["createPolicy"]
-
-    new_urn = res_data["data"]["createPolicy"]
-
-    # Sleep for eventual consistency
-    time.sleep(3)
-
-    # Now verify the policy has been added.
-    json = {
-        "query": """query listPolicies($input: ListPoliciesInput!) {\n
-            listPolicies(input: $input) {\n
-                start\n
-                count\n
-                total\n
-                policies {\n
-                    urn\n
-                }\n
-            }\n
-        }""",
-        "variables": {
-            "input": {
-                "start": "0",
-                "count": "20",
-            }
-        },
-    }
-    response = frontend_session.post(f"{get_frontend_url()}/api/v2/graphql", json=json)
-    response.raise_for_status()
-    res_data = response.json()
-
-    assert res_data
-    assert res_data["data"]
-    assert res_data["data"]["listPolicies"]
-
-    # Verify that the URN appears in the list
-    result = filter(
-        lambda x: x["urn"] == new_urn, res_data["data"]["listPolicies"]["policies"]
-    )
-    assert len(list(result)) == 1
-
-    # update policy
-    json = {
-        "query": """mutation updatePolicy($urn: String!, $input: PolicyUpdateInput!) {\n
-            updatePolicy(urn: $urn, input: $input) }""",
-        "variables": {
-            "urn": new_urn,
-            "input": {
-                "type": "PLATFORM",
-                "state": "INACTIVE",
-                "name": "Updated Platform Policy",
-                "description": "My Metadaata Policy",
-                "privileges": ["MANAGE_POLICIES"],
-                "actors": {
-                    "users": ["urn:li:corpuser:datahub"],
-                    "resourceOwners": False,
-                    "allUsers": False,
-                    "allGroups": False,
-                },
-            },
-        },
-    }
-
-    response = frontend_session.post(f"{get_frontend_url()}/api/v2/graphql", json=json)
-    response.raise_for_status()
-    res_data = response.json()
-
-    assert res_data
-    assert res_data["data"]
-    assert res_data["data"]["updatePolicy"]
-    assert res_data["data"]["updatePolicy"] == new_urn
-
-    # Remove policy
-    json = {
-        "query": """mutation deletePolicy($urn: String!) {\n
-            deletePolicy(urn: $urn) }""",
-        "variables": {"urn": new_urn},
-    }
-    response = frontend_session.post(f"{get_frontend_url()}/api/v2/graphql", json=json)
-    response.raise_for_status()
-    res_data = response.json()
-
-    # Now verify the policy has been removed.
-    json = {
-        "query": """query listPolicies($input: ListPoliciesInput!) {\n
-            listPolicies(input: $input) {\n
-                start\n
-                count\n
-                total\n
-                policies {\n
-                    urn\n
-                }\n
-            }\n
-        }""",
-        "variables": {
-            "input": {
-                "start": "0",
-                "count": "20",
-            }
-        },
-    }
-    response = frontend_session.post(f"{get_frontend_url()}/api/v2/graphql", json=json)
-    response.raise_for_status()
-    res_data = response.json()
-
-    assert res_data
-    assert res_data["data"]
-    assert res_data["data"]["listPolicies"]
-
-    # Verify that the URN is no longer in the list
-    result = filter(
-        lambda x: x["urn"] == new_urn,
-        res_data["data"]["listPolicies"]["policies"],
-    )
-    assert len(list(result)) == 0
-
-
 @pytest.mark.dependency(depends=["test_healthchecks", "test_run_ingestion"])
 def test_frontend_app_config(frontend_session):
 
diff --git a/smoke-test/tests/policies/test_policies.py b/smoke-test/tests/policies/test_policies.py
@@ -1,7 +1,7 @@
 import time
 import pytest
 import requests
-from tests.utils import get_frontend_url, wait_for_healthcheck_util
+from tests.utils import get_frontend_url, wait_for_healthcheck_util, get_admin_credentials
 
 TEST_POLICY_NAME = "Updated Platform Policy"
 
@@ -25,7 +25,8 @@ def frontend_session(wait_for_healthchecks):
     headers = {
         "Content-Type": "application/json",
     }
-    data = '{"username":"datahub", "password":"datahub"}'
+    (admin_user, admin_pass) = get_admin_credentials()
+    data = '{"username":"' + admin_user + '", "password":"' + admin_pass + '"}'
     response = session.post(f"{get_frontend_url()}/logIn", headers=headers, data=data)
     response.raise_for_status()
 
diff --git a/smoke-test/tests/tokens/revokable_access_token_test.py b/smoke-test/tests/tokens/revokable_access_token_test.py
@@ -3,11 +3,13 @@
 import requests
 from time import sleep
 
-from tests.utils import get_frontend_url, wait_for_healthcheck_util
+from tests.utils import get_frontend_url, wait_for_healthcheck_util, get_admin_credentials
+from datahub.cli.ingest_cli import get_session_and_host
 
 # Disable telemetry
 os.putenv("DATAHUB_TELEMETRY_ENABLED", "false")
 
+(admin_user, admin_pass) = get_admin_credentials()
 
 @pytest.fixture(scope="session")
 def wait_for_healthchecks():
@@ -23,7 +25,7 @@ def test_healthchecks(wait_for_healthchecks):
 @pytest.fixture(scope='class', autouse=True)
 def custom_user_setup():
   """Fixture to execute setup before and tear down after all tests are run"""
-  admin_session = loginAs("datahub", "datahub")
+  admin_session = loginAs(admin_user, admin_pass)
 
   res_data = removeUser(admin_session, "urn:li:corpuser:user")
   assert res_data
@@ -66,7 +68,7 @@ def custom_user_setup():
 
   # signUp will override the session cookie to the new user to be signed up.
   admin_session.cookies.clear()
-  admin_session = loginAs("datahub", "datahub")
+  admin_session = loginAs(admin_user, admin_pass)
 
   # Make user created user is there.
   res_data = listUsers(admin_session)
@@ -94,7 +96,7 @@ def custom_user_setup():
 @pytest.fixture(autouse=True)
 def access_token_setup():
     """Fixture to execute asserts before and after a test is run"""
-    admin_session = loginAs("datahub", "datahub")
+    admin_session = loginAs(admin_user, admin_pass)
 
     res_data = listAccessTokens(admin_session)
     assert res_data
@@ -114,7 +116,7 @@ def access_token_setup():
 
 @pytest.mark.dependency(depends=["test_healthchecks"])
 def test_admin_can_create_list_and_revoke_tokens(wait_for_healthchecks):
-    admin_session = loginAs("datahub", "datahub")
+    admin_session = loginAs(admin_user, admin_pass)
 
     # Using a super account, there should be no tokens
     res_data = listAccessTokens(admin_session)
@@ -124,12 +126,12 @@ def test_admin_can_create_list_and_revoke_tokens(wait_for_healthchecks):
     assert len(res_data["data"]["listAccessTokens"]["tokens"]) == 0
 
     # Using a super account, generate a token for itself.
-    res_data = generateAccessToken_v2(admin_session, "urn:li:corpuser:datahub")
+    res_data = generateAccessToken_v2(admin_session, f"urn:li:corpuser:{admin_user}")
     assert res_data
     assert res_data["data"]
     assert res_data["data"]["createAccessToken"]
     assert res_data["data"]["createAccessToken"]["accessToken"]
-    assert res_data["data"]["createAccessToken"]["metadata"]["actorUrn"] == "urn:li:corpuser:datahub"
+    assert res_data["data"]["createAccessToken"]["metadata"]["actorUrn"] == f"urn:li:corpuser:{admin_user}"
     admin_tokenId = res_data["data"]["createAccessToken"]["metadata"]["id"]
     # Sleep for eventual consistency
     sleep(3)
@@ -140,8 +142,8 @@ def test_admin_can_create_list_and_revoke_tokens(wait_for_healthchecks):
     assert res_data["data"]
     assert res_data["data"]["listAccessTokens"]["total"] is not None
     assert len(res_data["data"]["listAccessTokens"]["tokens"]) == 1
-    assert res_data["data"]["listAccessTokens"]["tokens"][0]["actorUrn"] == "urn:li:corpuser:datahub"
-    assert res_data["data"]["listAccessTokens"]["tokens"][0]["ownerUrn"] == "urn:li:corpuser:datahub"
+    assert res_data["data"]["listAccessTokens"]["tokens"][0]["actorUrn"] == f"urn:li:corpuser:{admin_user}"
+    assert res_data["data"]["listAccessTokens"]["tokens"][0]["ownerUrn"] == f"urn:li:corpuser:{admin_user}"
 
     # Check that the super account can revoke tokens that it created
     res_data = revokeAccessToken(admin_session, admin_tokenId)
@@ -161,7 +163,7 @@ def test_admin_can_create_list_and_revoke_tokens(wait_for_healthchecks):
 
 @pytest.mark.dependency(depends=["test_healthchecks"])
 def test_admin_can_create_and_revoke_tokens_for_other_user(wait_for_healthchecks):
-    admin_session = loginAs("datahub", "datahub")
+    admin_session = loginAs(admin_user, admin_pass)
 
     # Using a super account, there should be no tokens
     res_data = listAccessTokens(admin_session)
@@ -188,7 +190,7 @@ def test_admin_can_create_and_revoke_tokens_for_other_user(wait_for_healthchecks
     assert res_data["data"]["listAccessTokens"]["total"] is not None
     assert len(res_data["data"]["listAccessTokens"]["tokens"]) == 1
     assert res_data["data"]["listAccessTokens"]["tokens"][0]["actorUrn"] == "urn:li:corpuser:user"
-    assert res_data["data"]["listAccessTokens"]["tokens"][0]["ownerUrn"] == "urn:li:corpuser:datahub"
+    assert res_data["data"]["listAccessTokens"]["tokens"][0]["ownerUrn"] == f"urn:li:corpuser:{admin_user}"
 
     # Check that the super account can revoke tokens that it created for another user
     res_data = revokeAccessToken(admin_session, user_tokenId)
@@ -249,7 +251,7 @@ def test_non_admin_can_create_list_revoke_tokens(wait_for_healthchecks):
 
 @pytest.mark.dependency(depends=["test_healthchecks"])
 def test_admin_can_manage_tokens_generated_by_other_user(wait_for_healthchecks):
-    admin_session = loginAs("datahub", "datahub")
+    admin_session = loginAs(admin_user, admin_pass)
 
     # Using a super account, there should be no tokens
     res_data = listAccessTokens(admin_session)
@@ -273,7 +275,7 @@ def test_admin_can_manage_tokens_generated_by_other_user(wait_for_healthchecks):
 
     # Admin should be able to list other tokens
     user_session.cookies.clear()
-    admin_session = loginAs("datahub", "datahub")
+    admin_session = loginAs(admin_user, admin_pass)
     res_data = listAccessTokens(admin_session, [{"field": "ownerUrn","value": "urn:li:corpuser:user"}])
     assert res_data
     assert res_data["data"]
@@ -285,7 +287,7 @@ def test_admin_can_manage_tokens_generated_by_other_user(wait_for_healthchecks):
 
     # Admin can delete token created by someone else.
     admin_session.cookies.clear()
-    admin_session = loginAs("datahub", "datahub")
+    admin_session = loginAs(admin_user, admin_pass)
     res_data = revokeAccessToken(admin_session, user_tokenId)
     assert res_data
     assert res_data["data"]
@@ -304,7 +306,7 @@ def test_admin_can_manage_tokens_generated_by_other_user(wait_for_healthchecks):
     assert len(res_data["data"]["listAccessTokens"]["tokens"]) == 0
 
     # Using the super account, check that all tokens where removed.
-    admin_session = loginAs("datahub", "datahub")
+    admin_session = loginAs(admin_user, admin_pass)
     res_data = listAccessTokens(admin_session, [{"field": "ownerUrn","value": "urn:li:corpuser:user"}])
     assert res_data
     assert res_data["data"]
@@ -315,7 +317,7 @@ def test_admin_can_manage_tokens_generated_by_other_user(wait_for_healthchecks):
 def test_non_admin_can_not_generate_tokens_for_others(wait_for_healthchecks):
     user_session = loginAs("user", "user")
     # Normal user should not be able to generate token for another user
-    res_data = generateAccessToken_v2(user_session, "urn:li:corpuser:datahub")
+    res_data = generateAccessToken_v2(user_session, f"urn:li:corpuser:{admin_user}")
     assert res_data
     assert res_data["errors"]
     assert res_data["errors"][0]["message"] == "Unauthorized to perform this action. Please contact your DataHub administrator."
diff --git a/smoke-test/tests/utils.py b/smoke-test/tests/utils.py
@@ -7,6 +7,8 @@
 from datahub.ingestion.run.pipeline import Pipeline
 from datahub.cli.docker import check_local_docker_containers
 
+def get_admin_credentials():
+  return ("datahub", "datahub")
 
 def get_gms_url():
     return os.getenv("DATAHUB_GMS_URL") or "http://localhost:8080"
