SwissDataScienceCenter / renku-data-services / 25005512838
86%

DEFAULT BRANCH: main
Ran
Jobs 2
Files 365
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 86.346%. First build
25005512838

push

github

web-flow 
Feat: ResourcePool Authorization via Authzed/SpiceDB (#1266)

* Feat: move resource pools check to authz (#1248)

* feat: update schema for authzed

* feat(authz): add ResourcePool as a supported authorization resource

* feat(authz): add member and prohibited relationship types

* feat(db): add ResourcePool authz schema migration, copy membership

* chore(authz): update schema tests for resource pools

* feat(authz): add the USE Scope

* chore(tests): update the authorization tests for resource pools

* squashme: copy-paste artifact

* squashme: format

* refactor: use vars instead of magic strings

* fix: move migration head

* feat: add test for migration

* refactor: harmonize nomenclature

* Feat: authz resource pools feature parity (#1256)

* feat: add ResourcePool and membership types

* feat: add ResourcePool as a supported authorization resource

* feat: add member and prohibited relationships

* refactor: authz_change decorator for multiple APIUser args

* fix: session commit responsibility to session creator

* refactor: move authorization logic to authz schema

* feat: wire Authz into dependency graphs

* feat: update blueprint func for single rp

* fix: use proper non admin user in visibility tests

* feat: visibility toggle test for rp

* feat: update test utils setup for rp_repo with authz

* refactor: update functions for authz usage

* feat: new authorization tests

* fix: use NonCachingAuthz in nb_config for tests

* squashme: remove debug print

* squashme: fix comments

* fix: edge case for noop visibility change

* refactor: authz consistency

* fix: call spicedb only on authz updates

* chore: fix error message

* refactor: DRY some stuff

* squashme: remove commented out code

* fix: await resource pool creation with authz

* feat: support PROHIBITED role with bidirectional Relation mapping

* refactor: allow Member to represent non-group resources

* refactor: unify resource pool membership under single ResourceType

* refactor... (continued)

302 of 333 new or added lines in 11 files covered. (90.69%)

25827 of 29911 relevant lines covered (86.35%)

1.5 hits per line

Uncovered Changes

Lines Coverage File
14
86.51
 components/renku_data_services/crc/db.py
10
90.74
 components/renku_data_services/authz/authz.py
7
90.0
 components/renku_data_services/migrations/versions/cd424c01676e_add_resource_pool_authorization_schema.py
Jobs
ID Job ID Ran Files Coverage
1 run-main-tests - 25005512838.1 365
85.26
 GitHub Action Run
2 run-schemathesis-tests - 25005512838.2 365
64.91
 GitHub Action Run
Source Files on build 25005512838