Ticket #1330 (closed enhancement: invalid)
Deprecate / Remove test_authz.py
| Reported by: | rgrp | Owned by: | |
|---|---|---|---|
| Priority: | awaiting triage | Milestone: | ckan-backlog |
| Component: | ckan | Keywords: | |
| Cc: | Repository: | ckan | |
| Theme: | none |
Description
test_authz.py appears to test in great detail some very specific additional authz (related to total site lock-down it seems -- introduced I think for hri project).
I think there are simpler ways to get total site lockdown (use external auth!) and this test is slow and delicate (e.g. depends on specific words in templates). Suggest removing. If we don't remove we should at least refactor tests for access to certain pages to use a proper method of testing (e.g. agreed html comments in each page) rather than being depending on the presence of absence of specific wording.
Change History
Note: See
TracTickets for help on using
tickets.
This is simply incorrect. test_authz.py (I assume you mean the one in ckan/tests/functional?) tests that authz works all across the Web UI and API in enough detail.
The 'total site lockdown' test - perhaps you mean the TestLockedDownViaRoles? class which makes up a small part of test_authz? It was a test added due to an untested use case implemented in IATI, DataGM etc. These are currently active so still need testing.
Regarding refactoring the tests to be "proper" then please open a new ticket, providing references to why it is not "proper" to test by searching for text in a web response.