IAM tech spec: Auth and access management current state and proposed

changes. Support for separate workspaces Addition of workspace CLI support for test purposes
2026-06-29 16:39:37 +02:00 · 2026-04-18 23:07:26 +01:00 · 2026-04-18 23:07:26 +01:00 · db05427d0e
commit db05427d0e
parent 48da6c5f8b
219 changed files with 4875 additions and 2616 deletions
--- a/tests/integration/test_rows_cassandra_integration.py
+++ b/tests/integration/test_rows_cassandra_integration.py
@ -14,6 +14,17 @@ from trustgraph.storage.rows.cassandra.write import Processor
 from trustgraph.schema import ExtractedObject, Metadata, RowSchema, Field


+
+
+class _MockFlowDefault:
+    """Mock Flow with default workspace for testing."""
+    workspace = "default"
+    name = "default"
+    id = "test-processor"
+
+
+mock_flow_default = _MockFlowDefault()
+
@pytest.mark.integration
 class TestRowsCassandraIntegration:
    """Integration tests for Cassandra row storage with unified table"""
@ -125,8 +136,8 @@ class TestRowsCassandraIntegration:
                }
            }

-            await processor.on_schema_config(config, version=1)
-            assert "customer_records" in processor.schemas
+            await processor.on_schema_config("default", config, version=1)
+            assert "customer_records" in processor.schemas["default"]

            # Step 2: Process an ExtractedObject
            test_obj = ExtractedObject(
@ -149,7 +160,7 @@ class TestRowsCassandraIntegration:
            msg = MagicMock()
            msg.value.return_value = test_obj

-            await processor.on_object(msg, None, None)
+            await processor.on_object(msg, None, mock_flow_default)

            # Verify Cassandra interactions
            assert mock_cluster.connect.called
@ -209,8 +220,8 @@ class TestRowsCassandraIntegration:
                }
            }

-            await processor.on_schema_config(config, version=1)
-            assert len(processor.schemas) == 2
+            await processor.on_schema_config("default", config, version=1)
+            assert len(processor.schemas["default"]) == 2

            # Process objects for different schemas
            product_obj = ExtractedObject(
@ -233,7 +244,7 @@ class TestRowsCassandraIntegration:
            for obj in [product_obj, order_obj]:
                msg = MagicMock()
                msg.value.return_value = obj
-                await processor.on_object(msg, None, None)
+                await processor.on_object(msg, None, mock_flow_default)

            # All data goes into the same unified rows table
            table_calls = [call for call in mock_session.execute.call_args_list
@ -256,15 +267,17 @@ class TestRowsCassandraIntegration:

        with patch('trustgraph.storage.rows.cassandra.write.Cluster', return_value=mock_cluster):
            # Schema with multiple indexed fields
-            processor.schemas["indexed_data"] = RowSchema(
-                name="indexed_data",
-                fields=[
-                    Field(name="id", type="string", size=50, primary=True),
-                    Field(name="category", type="string", size=50, indexed=True),
-                    Field(name="status", type="string", size=50, indexed=True),
-                    Field(name="description", type="string", size=200)  # Not indexed
-                ]
-            )
+            processor.schemas["default"] = {
+                "indexed_data": RowSchema(
+                    name="indexed_data",
+                    fields=[
+                        Field(name="id", type="string", size=50, primary=True),
+                        Field(name="category", type="string", size=50, indexed=True),
+                        Field(name="status", type="string", size=50, indexed=True),
+                        Field(name="description", type="string", size=200)  # Not indexed
+                    ]
+                )
+            }

            test_obj = ExtractedObject(
                metadata=Metadata(id="t1", user="test", collection="test"),
@ -282,7 +295,7 @@ class TestRowsCassandraIntegration:
            msg = MagicMock()
            msg.value.return_value = test_obj

-            await processor.on_object(msg, None, None)
+            await processor.on_object(msg, None, mock_flow_default)

            # Should have 3 data inserts (one per indexed field: id, category, status)
            rows_insert_calls = [call for call in mock_session.execute.call_args_list
@ -342,7 +355,7 @@ class TestRowsCassandraIntegration:
                }
            }

-            await processor.on_schema_config(config, version=1)
+            await processor.on_schema_config("default", config, version=1)

            # Process batch object with multiple values
            batch_obj = ExtractedObject(
@ -376,7 +389,7 @@ class TestRowsCassandraIntegration:
            msg = MagicMock()
            msg.value.return_value = batch_obj

-            await processor.on_object(msg, None, None)
+            await processor.on_object(msg, None, mock_flow_default)

            # Verify unified table creation
            table_calls = [call for call in mock_session.execute.call_args_list
@ -396,10 +409,12 @@ class TestRowsCassandraIntegration:
        processor, mock_cluster, mock_session = processor_with_mocks

        with patch('trustgraph.storage.rows.cassandra.write.Cluster', return_value=mock_cluster):
-            processor.schemas["empty_test"] = RowSchema(
-                name="empty_test",
-                fields=[Field(name="id", type="string", size=50, primary=True)]
-            )
+            processor.schemas["default"] = {
+                "empty_test": RowSchema(
+                    name="empty_test",
+                    fields=[Field(name="id", type="string", size=50, primary=True)]
+                )
+            }

            # Process empty batch object
            empty_obj = ExtractedObject(
@ -413,7 +428,7 @@ class TestRowsCassandraIntegration:
            msg = MagicMock()
            msg.value.return_value = empty_obj

-            await processor.on_object(msg, None, None)
+            await processor.on_object(msg, None, mock_flow_default)

            # Should not create any data insert statements for empty batch
            # (partition registration may still happen)
@ -428,14 +443,16 @@ class TestRowsCassandraIntegration:
        processor, mock_cluster, mock_session = processor_with_mocks

        with patch('trustgraph.storage.rows.cassandra.write.Cluster', return_value=mock_cluster):
-            processor.schemas["map_test"] = RowSchema(
-                name="map_test",
-                fields=[
-                    Field(name="id", type="string", size=50, primary=True),
-                    Field(name="name", type="string", size=100),
-                    Field(name="count", type="integer", size=0)
-                ]
-            )
+            processor.schemas["default"] = {
+                "map_test": RowSchema(
+                    name="map_test",
+                    fields=[
+                        Field(name="id", type="string", size=50, primary=True),
+                        Field(name="name", type="string", size=100),
+                        Field(name="count", type="integer", size=0)
+                    ]
+                )
+            }

            test_obj = ExtractedObject(
                metadata=Metadata(id="t1", user="test", collection="test"),
@ -448,7 +465,7 @@ class TestRowsCassandraIntegration:
            msg = MagicMock()
            msg.value.return_value = test_obj

-            await processor.on_object(msg, None, None)
+            await processor.on_object(msg, None, mock_flow_default)

            # Verify insert uses map for data
            rows_insert_calls = [call for call in mock_session.execute.call_args_list
@ -473,13 +490,15 @@ class TestRowsCassandraIntegration:
        processor, mock_cluster, mock_session = processor_with_mocks

        with patch('trustgraph.storage.rows.cassandra.write.Cluster', return_value=mock_cluster):
-            processor.schemas["partition_test"] = RowSchema(
-                name="partition_test",
-                fields=[
-                    Field(name="id", type="string", size=50, primary=True),
-                    Field(name="category", type="string", size=50, indexed=True)
-                ]
-            )
+            processor.schemas["default"] = {
+                "partition_test": RowSchema(
+                    name="partition_test",
+                    fields=[
+                        Field(name="id", type="string", size=50, primary=True),
+                        Field(name="category", type="string", size=50, indexed=True)
+                    ]
+                )
+            }

            test_obj = ExtractedObject(
                metadata=Metadata(id="t1", user="test", collection="my_collection"),
@ -492,7 +511,7 @@ class TestRowsCassandraIntegration:
            msg = MagicMock()
            msg.value.return_value = test_obj

-            await processor.on_object(msg, None, None)
+            await processor.on_object(msg, None, mock_flow_default)

            # Verify partition registration
            partition_inserts = [call for call in mock_session.execute.call_args_list