Tomas Kracmar
b2f4cabef4
All checks were successful
CI / lint-and-test (push) Successful in 25s
- Add PRIVACY_SERVICES and PRIVACY_SERVICE_ROLES config variables
- Add user_can_access_privacy_services(claims) helper in auth.py
- /api/events filters out privacy services for users without required roles
- /api/filter-options excludes privacy services from dropdown options
- /api/ask excludes privacy services from NLQ queries
- /api/events/{id}/explain returns 403 for privacy events if unauthorized
- Teams added to default noisy service exclusion (frontend + backend)
- Update .env.example with privacy config documentation
- Add tests for event filtering, filter-options exclusion, and explain 403
52 lines
2.2 KiB
Python
52 lines
2.2 KiB
Python
import mongomock
|
|
import pytest
|
|
from fastapi.testclient import TestClient
|
|
|
|
|
|
@pytest.fixture(scope="function")
|
|
def mock_events_collection():
|
|
client = mongomock.MongoClient()
|
|
db = client["micro_soc"]
|
|
coll = db["events"]
|
|
return coll
|
|
|
|
|
|
@pytest.fixture(scope="function")
|
|
def mock_watermarks_collection():
|
|
client = mongomock.MongoClient()
|
|
db = client["micro_soc"]
|
|
coll = db["watermarks"]
|
|
return coll
|
|
|
|
|
|
@pytest.fixture(scope="function")
|
|
def client(mock_events_collection, mock_watermarks_collection, monkeypatch):
|
|
monkeypatch.setattr("database.events_collection", mock_events_collection)
|
|
monkeypatch.setattr("database.saved_searches_collection", mock_events_collection)
|
|
monkeypatch.setattr("routes.fetch.events_collection", mock_events_collection)
|
|
monkeypatch.setattr("routes.events.events_collection", mock_events_collection)
|
|
monkeypatch.setattr("routes.ask.events_collection", mock_events_collection)
|
|
monkeypatch.setattr("routes.saved_searches.saved_searches_collection", mock_events_collection)
|
|
monkeypatch.setattr("watermark.watermarks_collection", mock_watermarks_collection)
|
|
monkeypatch.setattr("routes.health.watermarks_collection", mock_watermarks_collection)
|
|
monkeypatch.setattr("routes.fetch.get_watermark", lambda source: None)
|
|
monkeypatch.setattr("routes.fetch.set_watermark", lambda source, ts: None)
|
|
monkeypatch.setattr("auth.AUTH_ENABLED", False)
|
|
monkeypatch.setattr("routes.mcp.AUTH_ENABLED", False)
|
|
monkeypatch.setattr("config.PRIVACY_SERVICES", set())
|
|
monkeypatch.setattr("routes.events.PRIVACY_SERVICES", set())
|
|
monkeypatch.setattr("routes.ask.PRIVACY_SERVICES", set())
|
|
monkeypatch.setattr("database.db.command", lambda cmd: {"ok": 1} if cmd == "ping" else {})
|
|
|
|
# Mock audit trail and rules collections so tests don't wait on real MongoDB
|
|
audit_client = mongomock.MongoClient()
|
|
audit_db = audit_client["micro_soc"]
|
|
monkeypatch.setattr("audit_trail.audit_collection", audit_db["aoc_audit"])
|
|
monkeypatch.setattr("rules.alerts_collection", audit_db["alerts"])
|
|
monkeypatch.setattr("rules.rules_collection", audit_db["alert_rules"])
|
|
monkeypatch.setattr("routes.rules.rules_collection", audit_db["alert_rules"])
|
|
|
|
from main import app
|
|
|
|
return TestClient(app)
|