cvat-ai · nmanovic · Feb 16, 2022 · Feb 8, 2022 · Feb 9, 2022 · Feb 16, 2022
@@ -75,11 +75,11 @@ jobs:
         env:
           API_ABOUT_PAGE: "localhost:8080/api/server/about"
         run: |
-          docker-compose -f docker-compose.yml -f docker-compose.dev.yml -f components/serverless/docker-compose.serverless.yml up -d
+          docker-compose -f docker-compose.yml -f docker-compose.dev.yml -f components/serverless/docker-compose.serverless.yml -f components/analytics/docker-compose.analytics.yml up -d
           /bin/bash -c 'while [[ "$(curl -s -o /dev/null -w ''%{http_code}'' ${API_ABOUT_PAGE})" != "401" ]]; do sleep 5; done'
           pip3 install --user -r tests/rest_api/requirements.txt
           pytest tests/rest_api/
-          docker-compose -f docker-compose.yml -f docker-compose.dev.yml -f components/serverless/docker-compose.serverless.yml down -v
+          docker-compose -f docker-compose.yml -f docker-compose.dev.yml -f components/serverless/docker-compose.serverless.yml -f components/analytics/docker-compose.analytics.yml down -v
       - name: Running unit tests
         env:
           HOST_COVERAGE_DATA_DIR: ${{ github.workspace }}

@@ -13,6 +13,10 @@ http:
     analytics-auth:
       forwardauth:
         address: http://cvat:8080/analytics
+        authRequestHeaders:
+          - "Cookie"
+          - "Authorization"
+
     strip-prefix:
       stripprefix:
         prefixes:

@@ -0,0 +1,31 @@
+# Copyright (C) 2022 Intel Corporation
+#
+# SPDX-License-Identifier: MIT
+
+import pytest
+from http import HTTPStatus
+from .utils.config import server_get
+
+class TestGetAnalytics:
+    endpoint = 'analytics/app/kibana'
+    def _test_can_see(self, user):
+        response = server_get(user, self.endpoint)
+
+        assert response.status_code == HTTPStatus.OK
+
+    def _test_cannot_see(self, user):
+        response = server_get(user, self.endpoint)
+
+        assert response.status_code == HTTPStatus.FORBIDDEN
+
+    @pytest.mark.parametrize('privilege, is_allow', [
+        ('admin', True), ('business', True),
+        ('worker', False), ('user', False)
+    ])
+    def test_can_see(self, privilege, is_allow, find_users):
+        user = find_users(privilege=privilege)[0]['username']
+
+        if is_allow:
+            self._test_can_see(user)
+        else:
+            self._test_cannot_see(user)
@@ -9,10 +9,17 @@
 ASSETS_DIR = osp.abspath(osp.join(ROOT_DIR, '..', 'assets'))
 # Suppress the warning from Bandit about hardcoded passwords
 USER_PASS = '!Q@W#E$R' # nosec
-BASE_URL = 'http://localhost:8080/api/'
+BASE_URL = 'http://localhost:8080/'
+API_URL = BASE_URL + 'api/'
+
+def _to_query_params(**kwargs):
+    return '&'.join([f'{k}={v}' for k,v in kwargs.items()])
+
+def get_server_url(endpoint, **kwargs):
+    return BASE_URL + endpoint + '?' + _to_query_params(**kwargs)
 
 def get_api_url(endpoint, **kwargs):
-    return BASE_URL + endpoint + '?' + '&'.join([f'{k}={v}' for k,v in kwargs.items()])
+    return API_URL + endpoint + '?' + _to_query_params(**kwargs)
 
 def get_method(username, endpoint, **kwargs):
     return requests.get(get_api_url(endpoint, **kwargs), auth=(username, USER_PASS))
@@ -24,4 +31,7 @@ def patch_method(username, endpoint, data, **kwargs):
     return requests.patch(get_api_url(endpoint, **kwargs), json=data, auth=(username, USER_PASS))
 
 def post_method(username, endpoint, data, **kwargs):
-    return requests.post(get_api_url(endpoint, **kwargs), json=data, auth=(username, USER_PASS))
+    return requests.post(get_api_url(endpoint, **kwargs), json=data, auth=(username, USER_PASS))
+
+def server_get(username, endpoint, **kwargs):
+    return requests.get(get_server_url(endpoint, **kwargs), auth=(username, USER_PASS))