Additional tests for containers with 0 or >1 items

Those tests are needed to cover use cases when syntatcticly as standalone objects the metadata classes and their helper classes defined in tuf/api/metadata.py are valid even if they cannot be verified. An example where an object is valid, but cannot be verified is if we have a Role instance with an empty list of "keyids". This instance is valid and can be created, but cannot be verified because there is a requirement that threshold should be above 1, meaning that there should be at least 1 element inside the "keyids" list to complete succesfull threshold verification. The situation is the same for the rest of tests I am adding in this commit: - Root object without keys - Root object without roles - DelegationRole object with empty keyids - DelegationRole object with an empty list of "paths" - DelegationRole object with an empty list of "path_hash_prefixes" all of these objects can be instatied, but cannot complete succesfull threshold verification. Signed-off-by: Martin Vrachev <[email protected]>
theupdateframework · Aug 19, 2021 · 66ea522 · 66ea522
1 parent ee2a6bc
commit 66ea522
Showing 1 changed file with 12 additions and 0 deletions.
diff --git a/tests/test_metadata_serialization.py b/tests/test_metadata_serialization.py
@@ -142,6 +142,7 @@ def test_invalid_role_serialization(self, test_case_data: Dict[str, str]):
     valid_roles: DataSet = {
         "all": '{"keyids": ["keyid"], "threshold": 3}',
         "many keyids": '{"keyids": ["a", "b", "c", "d", "e"], "threshold": 1}',
+        "empty keyids": '{"keyids": [], "threshold": 1}',
         "unrecognized field": '{"keyids": ["keyid"], "threshold": 3, "foo": "bar"}',
     }
 
@@ -167,6 +168,11 @@ def test_role_serialization(self, test_case_data: str):
             "keys": {"keyid" : {"keytype": "rsa", "scheme": "rsassa-pss-sha256", "keyval": {"public": "foo"} }}, \
             "roles": { "targets": {"keyids": ["keyid"], "threshold": 3} } \
             }',
+        "empty keys and roles": '{"_type": "root", "spec_version": "1.0.0", "version": 1, \
+            "expires": "2030-01-01T00:00:00Z", "consistent_snapshot": false, \
+            "keys": {}, \
+            "roles": {} \
+            }',
         "unrecognized field": '{"_type": "root", "spec_version": "1.0.0", "version": 1, \
             "expires": "2030-01-01T00:00:00Z", "consistent_snapshot": false, \
             "keys": {"keyid" : {"keytype": "rsa", "scheme": "rsassa-pss-sha256", "keyval": {"public": "foo"}}}, \
@@ -262,12 +268,17 @@ def test_snapshot_serialization(self, test_case_data: str):
 
 
     valid_delegated_roles: DataSet = {
+        # DelegatedRole inherits Role and some use cases can be found in the valid_roles.
         "no hash prefix attribute":
             '{"keyids": ["keyid"], "name": "a", "paths": ["fn1", "fn2"], \
             "terminating": false, "threshold": 1}',
         "no path attribute":
             '{"keyids": ["keyid"], "name": "a", "terminating": false, \
             "path_hash_prefixes": ["h1", "h2"], "threshold": 99}',
+        "empty paths": '{"keyids": ["keyid"], "name": "a", "paths": [], \
+            "terminating": false, "threshold": 1}',
+        "empty path_hash_prefixes": '{"keyids": ["keyid"], "name": "a", "terminating": false, \
+            "path_hash_prefixes": [], "threshold": 99}',
         "unrecognized field":
             '{"keyids": ["keyid"], "name": "a", "terminating": true, "paths": ["fn1"], "threshold": 3, "foo": "bar"}',
         "many keyids":
@@ -283,6 +294,7 @@ def test_delegated_role_serialization(self, test_case_data: str):
 
 
     invalid_delegated_roles: DataSet = {
+        # DelegatedRole inherits Role and some use cases can be found in the invalid_roles.
         "missing hash prefixes and paths":
             '{"name": "a", "keyids": ["keyid"], "threshold": 1, "terminating": false}',
         "both hash prefixes and paths":