cornflow 1.2.3a4__py3-none-any.whl → 1.2.4__py3-none-any.whl

cornflow/app.py

@@ -4,6 +4,8 @@ Main file with the creation of the app logic
 
 # Full imports
 import os
+from logging.config import dictConfig
+
 import click
 
 # Partial imports
@@ -13,9 +15,8 @@ from flask_apispec.extension import FlaskApiSpec
 from flask_cors import CORS
 from flask_migrate import Migrate
 from flask_restful import Api
-from logging.config import dictConfig
-from werkzeug.middleware.dispatcher import DispatcherMiddleware
 from werkzeug.exceptions import NotFound
+from werkzeug.middleware.dispatcher import DispatcherMiddleware
 
 # Module imports
 from cornflow.commands import (
@@ -36,7 +37,14 @@ from cornflow.endpoints.login import LoginEndpoint, LoginOpenAuthEndpoint
 from cornflow.endpoints.signup import SignUpEndpoint
 from cornflow.shared import db, bcrypt
 from cornflow.shared.compress import init_compress
-from cornflow.shared.const import AUTH_DB, AUTH_LDAP, AUTH_OID
+from cornflow.shared.const import (
+    AUTH_DB,
+    AUTH_LDAP,
+    AUTH_OID,
+    CONDITIONAL_ENDPOINTS,
+    SIGNUP_WITH_AUTH,
+    SIGNUP_WITH_NO_AUTH,
+)
 from cornflow.shared.exceptions import initialize_errorhandlers, ConfigurationError
 from cornflow.shared.log_config import log_config
 
@@ -95,13 +103,21 @@ def create_app(env_name="development", dataconn=None):
 
     if auth_type == AUTH_DB:
         signup_activated = int(app.config["SIGNUP_ACTIVATED"])
-        if signup_activated == 1:
-            api.add_resource(SignUpEndpoint, "/signup/", endpoint="signup")
-        api.add_resource(LoginEndpoint, "/login/", endpoint="login")
+        if signup_activated in [SIGNUP_WITH_AUTH, SIGNUP_WITH_NO_AUTH]:
+            api.add_resource(
+                SignUpEndpoint, CONDITIONAL_ENDPOINTS["signup"], endpoint="signup"
+            )
+        api.add_resource(
+            LoginEndpoint, CONDITIONAL_ENDPOINTS["login"], endpoint="login"
+        )
     elif auth_type == AUTH_LDAP:
-        api.add_resource(LoginEndpoint, "/login/", endpoint="login")
+        api.add_resource(
+            LoginEndpoint, CONDITIONAL_ENDPOINTS["login"], endpoint="login"
+        )
     elif auth_type == AUTH_OID:
-        api.add_resource(LoginOpenAuthEndpoint, "/login/", endpoint="login")
+        api.add_resource(
+            LoginOpenAuthEndpoint, CONDITIONAL_ENDPOINTS["login"], endpoint="login"
+        )
     else:
         raise ConfigurationError(
             error="Invalid authentication type",

cornflow/cli/service.py

@@ -36,6 +36,7 @@ from cornflow.shared.const import (
     ADMIN_ROLE,
     SERVICE_ROLE,
     PLANNER_ROLE,
+    SIGNUP_WITH_AUTH,
 )
 from cornflow.shared import db
 from cryptography.fernet import Fernet
@@ -171,7 +172,7 @@ def _setup_environment_variables():
     os.environ["CORNFLOW_LOGGING"] = cornflow_logging
     open_deployment = os.getenv("OPEN_DEPLOYMENT", 1)
     os.environ["OPEN_DEPLOYMENT"] = str(open_deployment)
-    signup_activated = os.getenv("SIGNUP_ACTIVATED", 1)
+    signup_activated = os.getenv("SIGNUP_ACTIVATED", SIGNUP_WITH_AUTH)
     os.environ["SIGNUP_ACTIVATED"] = str(signup_activated)
     user_access_all_objects = os.getenv("USER_ACCESS_ALL_OBJECTS", 0)
     os.environ["USER_ACCESS_ALL_OBJECTS"] = str(user_access_all_objects)

cornflow/commands/auxiliar.py

@@ -3,7 +3,7 @@ from importlib import import_module
 
 from flask import current_app
 
-from cornflow.endpoints import resources, alarms_resources
+from cornflow.endpoints import alarms_resources, get_resources
 from cornflow.models import RoleModel
 from cornflow.shared.const import (
     EXTRA_PERMISSION_ASSIGNATION,
@@ -14,12 +14,16 @@ from cornflow.shared.const import ROLES_MAP
 
 def get_all_external(external_app):
     """
-    Get all resources and extra permissions.
+    Get all resources, extra permissions, and custom roles actions.
     external_app: If provided, it will get the resources and extra permissions for the external app.
     """
+    # We get base and conditional resources
+    resources = get_resources()
+
     if external_app is None:
         resources_to_register = resources
         extra_permissions = EXTRA_PERMISSION_ASSIGNATION
+        custom_roles_actions = {}
         if current_app.config["ALARMS_ENDPOINTS"]:
             resources_to_register = resources + alarms_resources
     else:
@@ -33,13 +37,18 @@ def get_all_external(external_app):
         except AttributeError:
             extra_permissions = EXTRA_PERMISSION_ASSIGNATION
 
+        try:
+            custom_roles_actions = external_module.shared.const.CUSTOM_ROLES_ACTIONS
+        except AttributeError:
+            custom_roles_actions = {}
+
         if current_app.config["ALARMS_ENDPOINTS"]:
             resources_to_register = (
                 external_module.endpoints.resources + resources + alarms_resources
             )
         else:
             resources_to_register = external_module.endpoints.resources + resources
-    return resources_to_register, extra_permissions
+    return resources_to_register, extra_permissions, custom_roles_actions
 
 
 def get_all_resources(resources_to_register):

cornflow/commands/permissions.py

@@ -19,15 +19,22 @@ def register_base_permissions_command(external_app: str = None, verbose: bool =
     external_app: If provided, it will register the permissions for the external app.
     verbose: If True, it will print the permissions that are being registered.
     """
-    # Get all resources and extra permissions
-    resources_to_register, extra_permissions = get_all_external(external_app)
+    # Get all resources, extra permissions, and custom roles actions
+    resources_to_register, extra_permissions, custom_roles_actions = get_all_external(
+        external_app
+    )
+
     # Get all views in the database
     views_in_db = {view.name: view.id for view in ViewModel.get_all_objects()}
     permissions_in_db, permissions_in_db_keys = get_db_permissions()
+
     # Get all resources and roles with access
     resources_roles_with_access = get_all_resources(resources_to_register)
+
     # Get the new roles and base permissions assignation
-    base_permissions_assignation = get_base_permissions(resources_roles_with_access)
+    base_permissions_assignation = get_base_permissions(
+        resources_roles_with_access, custom_roles_actions
+    )
     # Get the permissions to register and delete
     permissions_tuples = get_permissions_in_code_as_tuples(
         resources_to_register,
@@ -46,12 +53,14 @@ def register_base_permissions_command(external_app: str = None, verbose: bool =
     save_and_delete_permissions(permissions_to_register, permissions_to_delete)
 
     if len(permissions_to_register) > 0:
-        current_app.logger.info(f"Permissions registered: {permissions_to_register}")
+        current_app.logger.info(
+            f"Permissions registered: {len(permissions_to_register)}"
+        )
     else:
         current_app.logger.info("No new permissions to register")
 
     if len(permissions_to_delete) > 0:
-        current_app.logger.info(f"Permissions deleted: {permissions_to_delete}")
+        current_app.logger.info(f"Permissions deleted: {len(permissions_to_delete)}")
     else:
         current_app.logger.info("No permissions to delete")
 
@@ -165,11 +174,11 @@ def get_permissions_in_code_as_tuples(
     return permissions_tuples
 
 
-def get_base_permissions(resources_roles_with_access):
+def get_base_permissions(resources_roles_with_access, custom_roles_actions):
     """
     Get the new roles and base permissions assignation.
-    new_roles_to_add: List of new roles to add.
     resources_roles_with_access: Dictionary of resources and roles with access.
+    custom_roles_actions: Dictionary mapping custom roles to their allowed actions.
     """
     # Get all custom roles (both new and existing) that appear in ROLES_WITH_ACCESS
     all_custom_roles_in_access = set(
@@ -181,12 +190,24 @@ def get_base_permissions(resources_roles_with_access):
         ]
     )
 
+    # Validate that all custom roles are defined in custom_roles_actions
+    undefined_roles = all_custom_roles_in_access - set(custom_roles_actions.keys())
+    if undefined_roles:
+        raise ValueError(
+            f"The following custom roles are used in code but not defined in CUSTOM_ROLES_ACTIONS: {undefined_roles}. "
+            f"Please define their allowed actions in the CUSTOM_ROLES_ACTIONS dictionary in shared/const.py."
+        )
+
     # Create extended permission assignation including all custom roles
-    # For custom roles (not in ALL_DEFAULT_ROLES), only grant GET access
-    base_permissions_assignation = BASE_PERMISSION_ASSIGNATION + [
-        (custom_role, GET_ACTION) for custom_role in all_custom_roles_in_access
+    # For custom roles, use the actions defined in custom_roles_actions
+    custom_permissions = [
+        (custom_role, action)
+        for custom_role in all_custom_roles_in_access
+        for action in custom_roles_actions[custom_role]
     ]
 
+    base_permissions_assignation = BASE_PERMISSION_ASSIGNATION + custom_permissions
+
     return base_permissions_assignation
 
 
@@ -277,7 +298,7 @@ def register_dag_permissions_command(
 
     if verbose:
         if len(permissions) > 1:
-            current_app.logger.info(f"DAG permissions registered: {permissions}")
+            current_app.logger.info(f"DAG permissions registered: {len(permissions)}")
         else:
             current_app.logger.info("No new DAG permissions")
 

cornflow/commands/roles.py

@@ -10,7 +10,7 @@ def register_roles_command(external_app: str = None, verbose: bool = True):
         get_new_roles_to_add,
     )
 
-    resources_to_register, extra_permissions = get_all_external(external_app)
+    resources_to_register, extra_permissions, _ = get_all_external(external_app)
     resources_roles_with_access = get_all_resources(resources_to_register)
     new_roles_to_add = get_new_roles_to_add(
         extra_permissions, resources_roles_with_access

cornflow/commands/views.py

@@ -7,6 +7,8 @@ from sqlalchemy.exc import DBAPIError, IntegrityError
 
 from cornflow.endpoints import resources, alarms_resources
 
+from cornflow.endpoints import alarms_resources, get_resources
+
 # Imports from internal libraries
 from cornflow.models import ViewModel
 from cornflow.shared import db
@@ -182,6 +184,7 @@ def get_database_view():
 
 
 def get_resources_to_register(external_app):
+    resources = get_resources()
     if external_app is None:
         resources_to_register = resources
         if current_app.config["ALARMS_ENDPOINTS"]:

cornflow/config.py

@@ -1,5 +1,5 @@
 import os
-from .shared.const import AUTH_DB, PLANNER_ROLE, AUTH_OID
+from .shared.const import AUTH_DB, PLANNER_ROLE, AUTH_OID, SIGNUP_WITH_AUTH, SIGNUP_WITH_NO_AUTH
 from apispec import APISpec
 from apispec.ext.marshmallow import MarshmallowPlugin
 
@@ -25,7 +25,7 @@ class DefaultConfig(object):
     DEBUG = True
     TESTING = True
     LOG_LEVEL = int(os.getenv("LOG_LEVEL", 20))
-    SIGNUP_ACTIVATED = int(os.getenv("SIGNUP_ACTIVATED", 1))
+    SIGNUP_ACTIVATED = int(os.getenv("SIGNUP_ACTIVATED", SIGNUP_WITH_AUTH))
     CORNFLOW_SERVICE_USER = os.getenv("CORNFLOW_SERVICE_USER", "service_user")
 
     # If service user is allowed to log with username and password
@@ -119,7 +119,7 @@ class Testing(DefaultConfig):
     AIRFLOW_PWD = os.getenv("AIRFLOW_PWD", "admin")
     OPEN_DEPLOYMENT = 1
     LOG_LEVEL = int(os.getenv("LOG_LEVEL", 10))
-
+    SIGNUP_ACTIVATED = SIGNUP_WITH_NO_AUTH
 
 class TestingOpenAuth(Testing):
     """
@@ -157,5 +157,5 @@ app_config = {
     "testing": Testing,
     "production": Production,
     "testing-oauth": TestingOpenAuth,
-    "testing-root": TestingApplicationRoot
+    "testing-root": TestingApplicationRoot,
 }

cornflow/endpoints/__init__.py

@@ -4,6 +4,8 @@ All references to endpoints should be imported from here
 The login resource gets created on app startup as it depends on configuration
 """
 
+from flask import current_app
+from cornflow.shared.const import CONDITIONAL_ENDPOINTS
 from .action import ActionListEndpoint
 from .alarms import AlarmsEndpoint, AlarmDetailEndpoint
 from .apiview import ApiViewListEndpoint
@@ -237,3 +239,28 @@ alarms_resources = [
         endpoint="main-alarms",
     ),
 ]
+
+
+def get_resources():
+    """
+    Get the resources based on the configuration
+
+    :return: The resources based on the configuration
+    :rtype: list
+    """
+    base_resources = resources.copy()
+    registered_resources = current_app.view_functions.keys()
+    for resource in registered_resources:
+        if resource in CONDITIONAL_ENDPOINTS.keys():
+            # Check if the resource already exists
+            if resource not in [
+                present_resource["endpoint"] for present_resource in base_resources
+            ]:
+                base_resources.append(
+                    dict(
+                        resource=current_app.view_functions[resource].view_class,
+                        urls=CONDITIONAL_ENDPOINTS[resource],
+                        endpoint=resource,
+                    )
+                )
+    return base_resources

cornflow/endpoints/permission.py

@@ -1,6 +1,5 @@
-"""
+""" """
 
-"""
 # Import from libraries
 from flask_apispec import doc, marshal_with, use_kwargs
 from flask import current_app

cornflow/endpoints/signup.py

@@ -1,6 +1,7 @@
 """
 External endpoint for the user to signup
 """
+
 # Import from libraries
 from flask import current_app
 from flask_apispec import use_kwargs, doc
@@ -9,8 +10,8 @@ from flask_apispec import use_kwargs, doc
 from cornflow.endpoints.meta_resource import BaseMetaResource
 from cornflow.models import PermissionsDAG, UserRoleModel, UserModel
 from cornflow.schemas.user import SignupRequest
-from cornflow.shared.authentication import Auth
-from cornflow.shared.const import AUTH_LDAP, AUTH_OID
+from cornflow.shared.authentication import Auth, authenticate
+from cornflow.shared.const import AUTH_LDAP, AUTH_OID, ADMIN_ROLE, SIGNUP_WITH_NO_AUTH
 from cornflow.shared.exceptions import (
     EndpointNotImplemented,
     InvalidCredentials,
@@ -23,6 +24,8 @@ class SignUpEndpoint(BaseMetaResource):
     Endpoint used to sign up to the cornflow web server.
     """
 
+    ROLES_WITH_ACCESS = [ADMIN_ROLE]
+
     def __init__(self):
         super().__init__()
         self.data_model = UserModel
@@ -30,6 +33,11 @@ class SignUpEndpoint(BaseMetaResource):
         self.user_role_association = UserRoleModel
 
     @doc(description="Sign up", tags=["Users"])
+    @authenticate(
+        auth_class=Auth(),
+        optional_auth="SIGNUP_ACTIVATED",
+        no_auth_list=[SIGNUP_WITH_NO_AUTH],
+    )
     @use_kwargs(SignupRequest, location="json")
     def post(self, **kwargs):
         """
@@ -57,14 +65,12 @@ class SignUpEndpoint(BaseMetaResource):
         if auth_type == AUTH_LDAP:
             err = "The user has to sign up on the active directory"
             raise EndpointNotImplemented(
-                err,
-                log_txt="Error while user tries to sign up. " + err
+                err, log_txt="Error while user tries to sign up. " + err
             )
         elif auth_type == AUTH_OID:
             err = "The user has to sign up with the OpenID protocol"
             raise EndpointNotImplemented(
-                err,
-                log_txt="Error while user tries to sign up. " + err
+                err, log_txt="Error while user tries to sign up. " + err
             )
 
         user = self.data_model(kwargs)
@@ -72,14 +78,13 @@ class SignUpEndpoint(BaseMetaResource):
         if user.check_username_in_use():
             raise InvalidCredentials(
                 error="Username already in use, please supply another username",
-                log_txt="Error while user tries to sign up. Username already in use."
-
+                log_txt="Error while user tries to sign up. Username already in use.",
             )
 
         if user.check_email_in_use():
             raise InvalidCredentials(
                 error="Email already in use, please supply another email address",
-                log_txt="Error while user tries to sign up. Email already in use."
+                log_txt="Error while user tries to sign up. Email already in use.",
             )
 
         user.save()
@@ -94,8 +99,9 @@ class SignUpEndpoint(BaseMetaResource):
             token = self.auth_class.generate_token(user.id)
         except Exception as e:
             raise InvalidUsage(
-                error="Error in generating user token: " + str(e), status_code=400,
-                log_txt="Error while user tries to sign up. Unable to generate token."
+                error="Error in generating user token: " + str(e),
+                status_code=400,
+                log_txt="Error while user tries to sign up. Unable to generate token.",
             )
         current_app.logger.info(f"New user created: {user}")
         return {"token": token, "id": user.id}, 201

cornflow/shared/authentication/decorators.py

@@ -1,17 +1,24 @@
 """
 This file contains the decorator used for the authentication
 """
+
 from functools import wraps
 from .auth import Auth
 from cornflow.shared.exceptions import InvalidCredentials
+from flask import current_app
+import os
 
 
-def authenticate(auth_class: Auth):
+def authenticate(
+    auth_class: Auth, optional_auth: str = None, no_auth_list: list = None
+):
     """
     This is the decorator used for the authentication
 
     :param auth_class: the class used for the authentication. It should be `BaseAuth` or a class that inherits from it
     and that has a authenticate method.
+    :param optional_auth: the env variable that indicates if authentication should be deactivated
+    :param no_auth_list: the list of the values that indicates if authentication should be deactivated
     :type auth_class: `BaseAuth`
     :return: the wrapped function
     """
@@ -32,11 +39,35 @@ def authenticate(auth_class: Auth):
             :param kwargs: the original kwargs sent to the decorated function
             :return: the result of the call to the function
             """
+            if endpoint_qualified_for_no_auth(no_auth_list, optional_auth):
+                # Authentication is deactivated for this value
+                return func(*args, **kwargs)
+
             if auth_class.authenticate():
                 return func(*args, **kwargs)
             else:
                 raise InvalidCredentials("Unable to authenticate the user")
-
         return wrapper
 
     return decorator
+
+def endpoint_qualified_for_no_auth(no_auth_list, optional_auth):
+    """
+    This function is used to check if the endpoint is qualified for no authentication.
+
+    :param no_auth_list: the list of the values that indicates if authentication should be deactivated
+    :param optional_auth: the env variable that indicates if authentication should be deactivated
+    :type no_auth_list: list
+    :type optional_auth: str
+    :return: True if the endpoint is qualified for no authentication, False otherwise
+    """
+    if optional_auth is None:
+        return False
+    if no_auth_list is None:
+        raise InvalidCredentials(
+            "The list of the values that indicates if authentication should be deactivated is not defined"
+        )
+    env_variable = current_app.config[optional_auth]
+    if env_variable in no_auth_list:
+        return True
+    return False

cornflow/shared/const.py

@@ -1,7 +1,8 @@
 """
 In this file we import the values for different constants on cornflow server
 """
-CORNFLOW_VERSION = "1.2.3.a4"
+
+CORNFLOW_VERSION = "1.2.4"
 INTERNAL_TOKEN_ISSUER = "cornflow"
 
 # endpoints responses for health check
@@ -44,6 +45,13 @@ AIRFLOW_TO_STATE_MAP = dict(
     failed=EXEC_STATE_ERROR,
     queued=EXEC_STATE_QUEUED,
 )
+# SIGNUP OPTIONS
+# NO_SIGNUP: no signup endpoint
+# SIGNUP_WITH_NO_AUTH: signup endpoint with no auth
+# SIGNUP_WITH_AUTH: signup endpoint with auth
+NO_SIGNUP = 0
+SIGNUP_WITH_NO_AUTH = 1
+SIGNUP_WITH_AUTH = 2
 
 # These codes and names are inherited from flask app builder in order to have the same names and values
 # as this library that is the base of airflow
@@ -121,3 +129,9 @@ AIRFLOW_NOT_REACHABLE_MSG = "Airflow is not reachable"
 DAG_PAUSED_MSG = "The dag exists but it is paused in airflow"
 AIRFLOW_ERROR_MSG = "Airflow responded with an error:"
 DATA_DOES_NOT_EXIST_MSG = "The data entity does not exist on the database"
+
+# Conditional endpoints
+CONDITIONAL_ENDPOINTS = {
+    "signup": "/signup/",
+    "login": "/login/",
+}

cornflow/tests/unit/test_apiview.py

@@ -13,7 +13,7 @@ TestApiViewListEndpoint
 """
 
 # Import from internal modules
-from cornflow.endpoints import ApiViewListEndpoint, resources, alarms_resources
+from cornflow.endpoints import ApiViewListEndpoint, alarms_resources, get_resources
 from cornflow.models import ViewModel
 from cornflow.shared.const import ROLES_MAP
 from cornflow.tests.const import APIVIEW_URL
@@ -42,6 +42,8 @@ class TestApiViewListEndpoint(CustomTestCase):
         """
         super().setUp()
         self.roles_with_access = ApiViewListEndpoint.ROLES_WITH_ACCESS
+        # Get resources within application context
+        resources = get_resources()
         self.payload = [
             {
                 "name": view["endpoint"],
@@ -127,6 +129,8 @@ class TestApiViewModel(CustomTestCase):
         """
         super().setUp()
         self.roles_with_access = ApiViewListEndpoint.ROLES_WITH_ACCESS
+        # Get resources within application context
+        resources = get_resources()
         self.payload = [
             {
                 "name": view["endpoint"],
@@ -141,6 +145,8 @@ class TestApiViewModel(CustomTestCase):
         """
         Test that the get_all_objects method works properly
         """
+        # Get resources within application context
+        resources = get_resources()
         expected_count = len(resources) + len(alarms_resources)
         # Test getting all objects
         all_instances = ViewModel.get_all_objects().all()

cornflow/tests/unit/test_cli.py

@@ -33,7 +33,7 @@ from cornflow.models import (
 from cornflow.models import UserModel
 from cornflow.shared import db
 from cornflow.shared.exceptions import NoPermission, ObjectDoesNotExist
-from cornflow.endpoints import resources, alarms_resources
+from cornflow.endpoints import alarms_resources, get_resources
 
 
 class CLITests(TestCase):
@@ -278,6 +278,7 @@ class CLITests(TestCase):
         - Correct number of views created
         - Database state after initialization
         """
+        resources = get_resources()
         runner = CliRunner()
         result = runner.invoke(cli, ["views", "init", "-v"])
         self.assertEqual(result.exit_code, 0)
@@ -315,6 +316,7 @@ class CLITests(TestCase):
         - Correct number of actions, roles, views, and permissions
         - Database state after initialization
         """
+        resources = get_resources()
         runner = CliRunner()
         result = runner.invoke(cli, ["permissions", "init", "-v"])
         self.assertEqual(result.exit_code, 0)
@@ -325,7 +327,7 @@ class CLITests(TestCase):
         self.assertEqual(len(actions), 5)
         self.assertEqual(len(roles), 4)
         self.assertEqual(len(views), (len(resources) + len(alarms_resources)))
-        self.assertEqual(len(permissions), 562)
+        self.assertEqual(len(permissions), 583)
 
     def test_permissions_base_command(self):
         """
@@ -337,6 +339,7 @@ class CLITests(TestCase):
         - Correct setup of all permission components
         - Database state consistency
         """
+        resources = get_resources()
         runner = CliRunner()
         runner.invoke(cli, ["actions", "init", "-v"])
         runner.invoke(cli, ["roles", "init", "-v"])
@@ -350,7 +353,7 @@ class CLITests(TestCase):
         self.assertEqual(len(actions), 5)
         self.assertEqual(len(roles), 4)
         self.assertEqual(len(views), (len(resources) + len(alarms_resources)))
-        self.assertEqual(len(permissions), 562)
+        self.assertEqual(len(permissions), 583)
 
     def test_service_entrypoint(self):
         """

cornflow/tests/unit/test_commands.py

@@ -31,7 +31,7 @@ from cornflow.app import (
     register_views,
 )
 from cornflow.commands.dag import register_deployed_dags_command_test
-from cornflow.endpoints import resources, alarms_resources
+from cornflow.endpoints import alarms_resources, get_resources
 from cornflow.models import (
     ActionModel,
     PermissionViewRoleModel,
@@ -98,6 +98,7 @@ class TestCommands(TestCase):
             "email": "testemail@test.org",
             "password": "Testpassword1!",
         }
+        resources = get_resources()
         self.resources = resources + alarms_resources
         self.runner = self.create_app().test_cli_runner()
         self.runner.invoke(register_roles, ["-v"])