Updating tests.

:wq
GSA-TTS · Nov 1, 2024 · ab68fa0 · ab68fa0
1 parent fc614dd
commit ab68fa0
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 3 deletions.
diff --git a/backend/dissemination/sql/fac-snapshot-db/post/800_permissions.sql b/backend/dissemination/sql/fac-snapshot-db/post/800_permissions.sql
@@ -10,7 +10,9 @@
 GRANT USAGE ON SCHEMA api_v1_1_0_functions TO api_fac_gov;
 GRANT USAGE ON SCHEMA api_v1_1_0 TO api_fac_gov;
 GRANT SELECT ON ALL TABLES IN SCHEMA api_v1_1_0 TO api_fac_gov;
--- GRANT SELECT ON ALL TABLES IN SCHEMA dissem_copy to api_fac_gov;
+-- Need these for tribal access checks -- functions and tables
+GRANT SELECT ON ALL TABLES IN SCHEMA dissem_copy to api_fac_gov;
+GRANT USAGE ON SCHEMA dissem_copy to api_fac_gov;
 
 -- There are no sequences currently on api_v1_1_0
 -- GRANT SELECT, USAGE ON ALL SEQUENCES IN SCHEMA api_v1_1_0 TO api_fac_gov;

diff --git a/backend/dissemination/sql/test_api.py b/backend/dissemination/sql/test_api.py
@@ -2,6 +2,17 @@
 # Execute as a pytest.
 # pytest -s --env local test_api.py
 #
+# set environment variable
+#
+#  CAN_READ_SUPPRESSED=0
+#
+# if you are testing with a key that *should* be rejected for
+# suppressed audits, and
+#
+#  CAN_READ_SUPPRESSED=1
+#
+# if you have a key that should be able to read suppressed audits.
+# The default is 0.
 
 import os
 import requests
@@ -14,6 +25,11 @@ class EnvVars:
     FAC_API_KEY_ID = os.getenv("CYPRESS_API_GOV_USER_ID")
     FAC_AUTH_BEARER = os.getenv("CYPRESS_API_GOV_JWT")
     RECORDS_REQUESTED = 5
+    CAN_READ_SUPPRESSED = (
+        str(os.getenv("CAN_READ_SUPPRESSED"))
+        if os.getenv("CAN_READ_SUPPRESSED") != None
+        else "0"
+    )
 
 
 def url(env):
@@ -143,7 +159,8 @@ def test_suppressed_not_accessible_with_bad_key(env):
         try:
             thunk()
         except:
-            failed_count += 1
+            if EnvVars.CAN_READ_SUPPRESSED == "0":
+                failed_count += 1
     assert failed_count == 3
     # Restore it in case we need it in later tests.
     EnvVars.FAC_API_KEY_ID = TEMP_FAC_API_KEY_ID
@@ -167,5 +184,6 @@ def test_suppressed_accessible_with_good_key(env):
         try:
             thunk()
         except:
-            failed_count += 1
+            if EnvVars.CAN_READ_SUPPRESSED == "1":
+                failed_count += 1
     assert failed_count == 0