| commit | author | age | ||
| 2466f6 | 1 | import unittest |
| CM | 2 | |
| 072a2c | 3 | from pyramid import testing |
| 86ed40 | 4 | |
| 0c29cf | 5 | |
| 226b49 | 6 | class TestAllPermissionsList(unittest.TestCase): |
| CM | 7 | def setUp(self): |
| 072a2c | 8 | testing.setUp() |
| 226b49 | 9 | |
| CM | 10 | def tearDown(self): |
| 072a2c | 11 | testing.tearDown() |
| 226b49 | 12 | |
| CM | 13 | def _getTargetClass(self): |
| b60bdb | 14 | from pyramid.security import AllPermissionsList |
| 0c29cf | 15 | |
| 226b49 | 16 | return AllPermissionsList |
| CM | 17 | |
| 18 | def _makeOne(self): | |
| 19 | return self._getTargetClass()() | |
| 20 | ||
| 1814cd | 21 | def test_equality_w_self(self): |
| 226b49 | 22 | thing = self._makeOne() |
| a1d395 | 23 | self.assertTrue(thing.__eq__(thing)) |
| 1814cd | 24 | |
| TS | 25 | def test_equality_w_other_instances_of_class(self): |
| 26 | thing = self._makeOne() | |
| 27 | other = self._makeOne() | |
| 28 | self.assertTrue(thing.__eq__(other)) | |
| 29 | ||
| 30 | def test_equality_miss(self): | |
| 31 | thing = self._makeOne() | |
| 32 | other = object() | |
| 33 | self.assertFalse(thing.__eq__(other)) | |
| 34 | ||
| 35 | def test_contains_w_string(self): | |
| 36 | thing = self._makeOne() | |
| a1d395 | 37 | self.assertTrue('anything' in thing) |
| 226b49 | 38 | |
| 1814cd | 39 | def test_contains_w_object(self): |
| TS | 40 | thing = self._makeOne() |
| 41 | self.assertTrue(object() in thing) | |
| 42 | ||
| 43 | def test_iterable(self): | |
| 44 | thing = self._makeOne() | |
| 45 | self.assertEqual(list(thing), []) | |
| 46 | ||
| 226b49 | 47 | def test_singleton(self): |
| b60bdb | 48 | from pyramid.security import ALL_PERMISSIONS |
| 0c29cf | 49 | |
| 226b49 | 50 | self.assertEqual(ALL_PERMISSIONS.__class__, self._getTargetClass()) |
| 0c29cf | 51 | |
| 226b49 | 52 | |
| 17ce57 | 53 | class TestAllowed(unittest.TestCase): |
| CM | 54 | def _getTargetClass(self): |
| b60bdb | 55 | from pyramid.security import Allowed |
| 0c29cf | 56 | |
| 17ce57 | 57 | return Allowed |
| 0c29cf | 58 | |
| 17ce57 | 59 | def _makeOne(self, *arg, **kw): |
| CM | 60 | klass = self._getTargetClass() |
| 61 | return klass(*arg, **kw) | |
| 62 | ||
| 63 | def test_it(self): | |
| 64 | allowed = self._makeOne('hello') | |
| 65 | self.assertEqual(allowed.msg, 'hello') | |
| 66 | self.assertEqual(allowed, True) | |
| a1d395 | 67 | self.assertTrue(allowed) |
| 17ce57 | 68 | self.assertEqual(str(allowed), 'hello') |
| a1d395 | 69 | self.assertTrue('<Allowed instance at ' in repr(allowed)) |
| CM | 70 | self.assertTrue("with msg 'hello'>" in repr(allowed)) |
| 17ce57 | 71 | |
| 0c29cf | 72 | |
| 17ce57 | 73 | class TestDenied(unittest.TestCase): |
| CM | 74 | def _getTargetClass(self): |
| b60bdb | 75 | from pyramid.security import Denied |
| 0c29cf | 76 | |
| 17ce57 | 77 | return Denied |
| 0c29cf | 78 | |
| 17ce57 | 79 | def _makeOne(self, *arg, **kw): |
| CM | 80 | klass = self._getTargetClass() |
| 81 | return klass(*arg, **kw) | |
| 82 | ||
| 83 | def test_it(self): | |
| 84 | denied = self._makeOne('hello') | |
| 85 | self.assertEqual(denied.msg, 'hello') | |
| 86 | self.assertEqual(denied, False) | |
| a1d395 | 87 | self.assertFalse(denied) |
| 17ce57 | 88 | self.assertEqual(str(denied), 'hello') |
| a1d395 | 89 | self.assertTrue('<Denied instance at ' in repr(denied)) |
| CM | 90 | self.assertTrue("with msg 'hello'>" in repr(denied)) |
| 17ce57 | 91 | |
| 0c29cf | 92 | |
| 17ce57 | 93 | class TestACLAllowed(unittest.TestCase): |
| CM | 94 | def _getTargetClass(self): |
| b60bdb | 95 | from pyramid.security import ACLAllowed |
| 0c29cf | 96 | |
| 17ce57 | 97 | return ACLAllowed |
| 0c29cf | 98 | |
| 17ce57 | 99 | def _makeOne(self, *arg, **kw): |
| CM | 100 | klass = self._getTargetClass() |
| 101 | return klass(*arg, **kw) | |
| 102 | ||
| 103 | def test_it(self): | |
| 213001 | 104 | from pyramid.security import Allowed |
| 0c29cf | 105 | |
| MM | 106 | msg = ( |
| 107 | "ACLAllowed permission 'permission' via ACE 'ace' in ACL 'acl' " | |
| 108 | "on context 'ctx' for principals 'principals'" | |
| 109 | ) | |
| 110 | allowed = self._makeOne( | |
| 111 | 'ace', 'acl', 'permission', 'principals', 'ctx' | |
| 112 | ) | |
| 213001 | 113 | self.assertIsInstance(allowed, Allowed) |
| a1d395 | 114 | self.assertTrue(msg in allowed.msg) |
| 17ce57 | 115 | self.assertEqual(allowed, True) |
| a1d395 | 116 | self.assertTrue(allowed) |
| 17ce57 | 117 | self.assertEqual(str(allowed), msg) |
| a1d395 | 118 | self.assertTrue('<ACLAllowed instance at ' in repr(allowed)) |
| CM | 119 | self.assertTrue("with msg %r>" % msg in repr(allowed)) |
| 17ce57 | 120 | |
| 0c29cf | 121 | |
| 17ce57 | 122 | class TestACLDenied(unittest.TestCase): |
| CM | 123 | def _getTargetClass(self): |
| b60bdb | 124 | from pyramid.security import ACLDenied |
| 0c29cf | 125 | |
| 17ce57 | 126 | return ACLDenied |
| 0c29cf | 127 | |
| 17ce57 | 128 | def _makeOne(self, *arg, **kw): |
| CM | 129 | klass = self._getTargetClass() |
| 130 | return klass(*arg, **kw) | |
| 131 | ||
| 132 | def test_it(self): | |
| 213001 | 133 | from pyramid.security import Denied |
| 0c29cf | 134 | |
| MM | 135 | msg = ( |
| 136 | "ACLDenied permission 'permission' via ACE 'ace' in ACL 'acl' " | |
| 137 | "on context 'ctx' for principals 'principals'" | |
| 138 | ) | |
| 17ce57 | 139 | denied = self._makeOne('ace', 'acl', 'permission', 'principals', 'ctx') |
| 213001 | 140 | self.assertIsInstance(denied, Denied) |
| a1d395 | 141 | self.assertTrue(msg in denied.msg) |
| 17ce57 | 142 | self.assertEqual(denied, False) |
| a1d395 | 143 | self.assertFalse(denied) |
| 17ce57 | 144 | self.assertEqual(str(denied), msg) |
| a1d395 | 145 | self.assertTrue('<ACLDenied instance at ' in repr(denied)) |
| CM | 146 | self.assertTrue("with msg %r>" % msg in repr(denied)) |
| 0c29cf | 147 | |
| c8cab3 | 148 | |
| 3c2f95 | 149 | class TestPrincipalsAllowedByPermission(unittest.TestCase): |
| a1a9fb | 150 | def setUp(self): |
| 072a2c | 151 | testing.setUp() |
| a1a9fb | 152 | |
| CM | 153 | def tearDown(self): |
| 072a2c | 154 | testing.tearDown() |
| a1a9fb | 155 | |
| 3c2f95 | 156 | def _callFUT(self, *arg): |
| MR | 157 | from pyramid.security import principals_allowed_by_permission |
| 0c29cf | 158 | |
| 3c2f95 | 159 | return principals_allowed_by_permission(*arg) |
| MR | 160 | |
| 161 | def test_no_authorization_policy(self): | |
| 162 | from pyramid.security import Everyone | |
| 0c29cf | 163 | |
| 3c2f95 | 164 | context = DummyContext() |
| MR | 165 | result = self._callFUT(context, 'view') |
| 166 | self.assertEqual(result, [Everyone]) | |
| 167 | ||
| 168 | def test_with_authorization_policy(self): | |
| 169 | from pyramid.threadlocal import get_current_registry | |
| 0c29cf | 170 | |
| 3c2f95 | 171 | registry = get_current_registry() |
| MR | 172 | _registerAuthorizationPolicy(registry, 'yo') |
| 173 | context = DummyContext() | |
| 174 | result = self._callFUT(context, 'view') | |
| 175 | self.assertEqual(result, 'yo') | |
| 176 | ||
| 0c29cf | 177 | |
| 0dcd56 | 178 | class TestRemember(unittest.TestCase): |
| CM | 179 | def setUp(self): |
| 180 | testing.setUp() | |
| 0c29cf | 181 | |
| 0dcd56 | 182 | def tearDown(self): |
| CM | 183 | testing.tearDown() |
| 184 | ||
| 7a2b72 | 185 | def _callFUT(self, *arg, **kwarg): |
| 0dcd56 | 186 | from pyramid.security import remember |
| 0c29cf | 187 | |
| 7a2b72 | 188 | return remember(*arg, **kwarg) |
| 0dcd56 | 189 | |
| CM | 190 | def test_no_authentication_policy(self): |
| 191 | request = _makeRequest() | |
| 192 | result = self._callFUT(request, 'me') | |
| 193 | self.assertEqual(result, []) | |
| 194 | ||
| 195 | def test_with_authentication_policy(self): | |
| 196 | request = _makeRequest() | |
| 197 | registry = request.registry | |
| 198 | _registerAuthenticationPolicy(registry, 'yo') | |
| 199 | result = self._callFUT(request, 'me') | |
| 200 | self.assertEqual(result, [('X-Pyramid-Test', 'me')]) | |
| 201 | ||
| 202 | def test_with_authentication_policy_no_reg_on_request(self): | |
| 203 | from pyramid.threadlocal import get_current_registry | |
| 0c29cf | 204 | |
| 0dcd56 | 205 | registry = get_current_registry() |
| CM | 206 | request = _makeRequest() |
| 207 | del request.registry | |
| 208 | _registerAuthenticationPolicy(registry, 'yo') | |
| 209 | result = self._callFUT(request, 'me') | |
| 210 | self.assertEqual(result, [('X-Pyramid-Test', 'me')]) | |
| 211 | ||
| 7a2b72 | 212 | def test_with_missing_arg(self): |
| MM | 213 | request = _makeRequest() |
| 214 | registry = request.registry | |
| 215 | _registerAuthenticationPolicy(registry, 'yo') | |
| 216 | self.assertRaises(TypeError, lambda: self._callFUT(request)) | |
| 217 | ||
| 0c29cf | 218 | |
| 0dcd56 | 219 | class TestForget(unittest.TestCase): |
| CM | 220 | def setUp(self): |
| 221 | testing.setUp() | |
| 0c29cf | 222 | |
| 0dcd56 | 223 | def tearDown(self): |
| CM | 224 | testing.tearDown() |
| 225 | ||
| 226 | def _callFUT(self, *arg): | |
| 227 | from pyramid.security import forget | |
| 0c29cf | 228 | |
| 0dcd56 | 229 | return forget(*arg) |
| CM | 230 | |
| 231 | def test_no_authentication_policy(self): | |
| 232 | request = _makeRequest() | |
| 233 | result = self._callFUT(request) | |
| 234 | self.assertEqual(result, []) | |
| 235 | ||
| 236 | def test_with_authentication_policy(self): | |
| 237 | request = _makeRequest() | |
| 238 | _registerAuthenticationPolicy(request.registry, 'yo') | |
| 239 | result = self._callFUT(request) | |
| 240 | self.assertEqual(result, [('X-Pyramid-Test', 'logout')]) | |
| 241 | ||
| 242 | def test_with_authentication_policy_no_reg_on_request(self): | |
| 243 | from pyramid.threadlocal import get_current_registry | |
| 0c29cf | 244 | |
| 0dcd56 | 245 | registry = get_current_registry() |
| CM | 246 | request = _makeRequest() |
| 247 | del request.registry | |
| 248 | _registerAuthenticationPolicy(registry, 'yo') | |
| 249 | result = self._callFUT(request) | |
| 250 | self.assertEqual(result, [('X-Pyramid-Test', 'logout')]) | |
| 0c29cf | 251 | |
| MM | 252 | |
| 3c2f95 | 253 | class TestViewExecutionPermitted(unittest.TestCase): |
| MR | 254 | def setUp(self): |
| 072a2c | 255 | testing.setUp() |
| 3c2f95 | 256 | |
| MR | 257 | def tearDown(self): |
| 072a2c | 258 | testing.tearDown() |
| 0c29cf | 259 | |
| a1a9fb | 260 | def _callFUT(self, *arg, **kw): |
| b60bdb | 261 | from pyramid.security import view_execution_permitted |
| 0c29cf | 262 | |
| a1a9fb | 263 | return view_execution_permitted(*arg, **kw) |
| CM | 264 | |
| d66bfb | 265 | def _registerSecuredView(self, view_name, allow=True): |
| b60bdb | 266 | from pyramid.threadlocal import get_current_registry |
| a1a9fb | 267 | from zope.interface import Interface |
| b60bdb | 268 | from pyramid.interfaces import ISecuredView |
| CM | 269 | from pyramid.interfaces import IViewClassifier |
| 0c29cf | 270 | |
| a1a9fb | 271 | class Checker(object): |
| d66bfb | 272 | def __permitted__(self, context, request): |
| a1a9fb | 273 | self.context = context |
| CM | 274 | self.request = request |
| 275 | return allow | |
| 0c29cf | 276 | |
| a1a9fb | 277 | checker = Checker() |
| b41a3e | 278 | reg = get_current_registry() |
| 0c29cf | 279 | reg.registerAdapter( |
| MM | 280 | checker, |
| 281 | (IViewClassifier, Interface, Interface), | |
| 282 | ISecuredView, | |
| 283 | view_name, | |
| 284 | ) | |
| a1a9fb | 285 | return checker |
| CM | 286 | |
| 287 | def test_no_permission(self): | |
| 4b552e | 288 | from zope.interface import Interface |
| MM | 289 | from pyramid.threadlocal import get_current_registry |
| 290 | from pyramid.interfaces import ISettings | |
| 291 | from pyramid.interfaces import IView | |
| 292 | from pyramid.interfaces import IViewClassifier | |
| 0c29cf | 293 | |
| 4b552e | 294 | settings = dict(debug_authorization=True) |
| MM | 295 | reg = get_current_registry() |
| 296 | reg.registerUtility(settings, ISettings) | |
| 297 | context = DummyContext() | |
| 072a2c | 298 | request = testing.DummyRequest({}) |
| 0c29cf | 299 | |
| 4b552e | 300 | class DummyView(object): |
| MM | 301 | pass |
| 0c29cf | 302 | |
| 4b552e | 303 | view = DummyView() |
| 0c29cf | 304 | reg.registerAdapter( |
| MM | 305 | view, (IViewClassifier, Interface, Interface), IView, '' |
| 306 | ) | |
| 4b552e | 307 | result = self._callFUT(context, request, '') |
| MM | 308 | msg = result.msg |
| 309 | self.assertTrue("Allowed: view name '' in context" in msg) | |
| 310 | self.assertTrue('(no permission defined)' in msg) | |
| 311 | self.assertEqual(result, True) | |
| 312 | ||
| 313 | def test_no_view_registered(self): | |
| b60bdb | 314 | from pyramid.threadlocal import get_current_registry |
| CM | 315 | from pyramid.interfaces import ISettings |
| 0c29cf | 316 | |
| 567709 | 317 | settings = dict(debug_authorization=True) |
| b41a3e | 318 | reg = get_current_registry() |
| CM | 319 | reg.registerUtility(settings, ISettings) |
| a1a9fb | 320 | context = DummyContext() |
| 072a2c | 321 | request = testing.DummyRequest({}) |
| 4b552e | 322 | self.assertRaises(TypeError, self._callFUT, context, request, '') |
| a1a9fb | 323 | |
| CM | 324 | def test_with_permission(self): |
| 325 | from zope.interface import Interface | |
| 326 | from zope.interface import directlyProvides | |
| b60bdb | 327 | from pyramid.interfaces import IRequest |
| 0c29cf | 328 | |
| a1a9fb | 329 | class IContext(Interface): |
| CM | 330 | pass |
| 0c29cf | 331 | |
| a1a9fb | 332 | context = DummyContext() |
| CM | 333 | directlyProvides(context, IContext) |
| 9a038d | 334 | self._registerSecuredView('', True) |
| 072a2c | 335 | request = testing.DummyRequest({}) |
| a1a9fb | 336 | directlyProvides(request, IRequest) |
| CM | 337 | result = self._callFUT(context, request, '') |
| 3c2f95 | 338 | self.assertTrue(result) |
| a1a9fb | 339 | |
| 0c29cf | 340 | |
| 072a2c | 341 | class TestAuthenticatedUserId(unittest.TestCase): |
| 3c2f95 | 342 | def setUp(self): |
| 072a2c | 343 | testing.setUp() |
| 3c2f95 | 344 | |
| MR | 345 | def tearDown(self): |
| 072a2c | 346 | testing.tearDown() |
| 0c29cf | 347 | |
| 3c2f95 | 348 | def test_backward_compat_delegates_to_mixin(self): |
| 0184b5 | 349 | from zope.deprecation import __show__ |
| 0c29cf | 350 | |
| 0184b5 | 351 | try: |
| CM | 352 | __show__.off() |
| 072a2c | 353 | request = _makeFakeRequest() |
| 0184b5 | 354 | from pyramid.security import authenticated_userid |
| 0c29cf | 355 | |
| 0184b5 | 356 | self.assertEqual( |
| 0c29cf | 357 | authenticated_userid(request), 'authenticated_userid' |
| MM | 358 | ) |
| 0184b5 | 359 | finally: |
| CM | 360 | __show__.on() |
| 3c2f95 | 361 | |
| MR | 362 | def test_no_authentication_policy(self): |
| 072a2c | 363 | request = _makeRequest() |
| 3c2f95 | 364 | self.assertEqual(request.authenticated_userid, None) |
| MR | 365 | |
| 366 | def test_with_authentication_policy(self): | |
| 072a2c | 367 | request = _makeRequest() |
| 3c2f95 | 368 | _registerAuthenticationPolicy(request.registry, 'yo') |
| MR | 369 | self.assertEqual(request.authenticated_userid, 'yo') |
| 370 | ||
| 371 | def test_with_authentication_policy_no_reg_on_request(self): | |
| 372 | from pyramid.threadlocal import get_current_registry | |
| 0c29cf | 373 | |
| 3c2f95 | 374 | registry = get_current_registry() |
| 072a2c | 375 | request = _makeRequest() |
| 3c2f95 | 376 | del request.registry |
| MR | 377 | _registerAuthenticationPolicy(registry, 'yo') |
| 378 | self.assertEqual(request.authenticated_userid, 'yo') | |
| 0c29cf | 379 | |
| 3c2f95 | 380 | |
| 072a2c | 381 | class TestUnAuthenticatedUserId(unittest.TestCase): |
| CM | 382 | def setUp(self): |
| 383 | testing.setUp() | |
| 384 | ||
| 385 | def tearDown(self): | |
| 386 | testing.tearDown() | |
| 0c29cf | 387 | |
| 3c2f95 | 388 | def test_backward_compat_delegates_to_mixin(self): |
| 0184b5 | 389 | from zope.deprecation import __show__ |
| 0c29cf | 390 | |
| 0184b5 | 391 | try: |
| CM | 392 | __show__.off() |
| 072a2c | 393 | request = _makeFakeRequest() |
| 0184b5 | 394 | from pyramid.security import unauthenticated_userid |
| 0c29cf | 395 | |
| 0184b5 | 396 | self.assertEqual( |
| 0c29cf | 397 | unauthenticated_userid(request), 'unauthenticated_userid' |
| MM | 398 | ) |
| 0184b5 | 399 | finally: |
| CM | 400 | __show__.on() |
| 3c2f95 | 401 | |
| MR | 402 | def test_no_authentication_policy(self): |
| 072a2c | 403 | request = _makeRequest() |
| 3c2f95 | 404 | self.assertEqual(request.unauthenticated_userid, None) |
| MR | 405 | |
| 406 | def test_with_authentication_policy(self): | |
| 072a2c | 407 | request = _makeRequest() |
| 3c2f95 | 408 | _registerAuthenticationPolicy(request.registry, 'yo') |
| MR | 409 | self.assertEqual(request.unauthenticated_userid, 'yo') |
| 410 | ||
| 411 | def test_with_authentication_policy_no_reg_on_request(self): | |
| 412 | from pyramid.threadlocal import get_current_registry | |
| 0c29cf | 413 | |
| 3c2f95 | 414 | registry = get_current_registry() |
| 072a2c | 415 | request = _makeRequest() |
| 3c2f95 | 416 | del request.registry |
| MR | 417 | _registerAuthenticationPolicy(registry, 'yo') |
| 418 | self.assertEqual(request.unauthenticated_userid, 'yo') | |
| 0c29cf | 419 | |
| 3c2f95 | 420 | |
| 072a2c | 421 | class TestEffectivePrincipals(unittest.TestCase): |
| CM | 422 | def setUp(self): |
| 423 | testing.setUp() | |
| 424 | ||
| 425 | def tearDown(self): | |
| 426 | testing.tearDown() | |
| 0c29cf | 427 | |
| 3c2f95 | 428 | def test_backward_compat_delegates_to_mixin(self): |
| 072a2c | 429 | request = _makeFakeRequest() |
| 0184b5 | 430 | from zope.deprecation import __show__ |
| 0c29cf | 431 | |
| 0184b5 | 432 | try: |
| CM | 433 | __show__.off() |
| 434 | from pyramid.security import effective_principals | |
| 0c29cf | 435 | |
| 0184b5 | 436 | self.assertEqual( |
| 0c29cf | 437 | effective_principals(request), 'effective_principals' |
| MM | 438 | ) |
| 0184b5 | 439 | finally: |
| CM | 440 | __show__.on() |
| 3c2f95 | 441 | |
| MR | 442 | def test_no_authentication_policy(self): |
| 443 | from pyramid.security import Everyone | |
| 0c29cf | 444 | |
| 072a2c | 445 | request = _makeRequest() |
| 3c2f95 | 446 | self.assertEqual(request.effective_principals, [Everyone]) |
| MR | 447 | |
| 448 | def test_with_authentication_policy(self): | |
| 072a2c | 449 | request = _makeRequest() |
| 3c2f95 | 450 | _registerAuthenticationPolicy(request.registry, 'yo') |
| MR | 451 | self.assertEqual(request.effective_principals, 'yo') |
| 452 | ||
| 453 | def test_with_authentication_policy_no_reg_on_request(self): | |
| 454 | from pyramid.threadlocal import get_current_registry | |
| 0c29cf | 455 | |
| 3c2f95 | 456 | registry = get_current_registry() |
| 072a2c | 457 | request = _makeRequest() |
| 3c2f95 | 458 | del request.registry |
| MR | 459 | _registerAuthenticationPolicy(registry, 'yo') |
| 460 | self.assertEqual(request.effective_principals, 'yo') | |
| 461 | ||
| 0c29cf | 462 | |
| a1a9fb | 463 | class TestHasPermission(unittest.TestCase): |
| CM | 464 | def setUp(self): |
| 072a2c | 465 | testing.setUp() |
| 0c29cf | 466 | |
| a1a9fb | 467 | def tearDown(self): |
| 072a2c | 468 | testing.tearDown() |
| a1a9fb | 469 | |
| 3c2f95 | 470 | def _makeOne(self): |
| MR | 471 | from pyramid.security import AuthorizationAPIMixin |
| 472 | from pyramid.registry import Registry | |
| 0c29cf | 473 | |
| 3c2f95 | 474 | mixin = AuthorizationAPIMixin() |
| MR | 475 | mixin.registry = Registry() |
| 476 | mixin.context = object() | |
| 477 | return mixin | |
| 478 | ||
| 479 | def test_delegates_to_mixin(self): | |
| 0184b5 | 480 | from zope.deprecation import __show__ |
| 0c29cf | 481 | |
| 0184b5 | 482 | try: |
| CM | 483 | __show__.off() |
| 484 | mixin = self._makeOne() | |
| 485 | from pyramid.security import has_permission | |
| 0c29cf | 486 | |
| 0184b5 | 487 | self.called_has_permission = False |
| 3c2f95 | 488 | |
| 0184b5 | 489 | def mocked_has_permission(*args, **kw): |
| CM | 490 | self.called_has_permission = True |
| 3c2f95 | 491 | |
| 0184b5 | 492 | mixin.has_permission = mocked_has_permission |
| CM | 493 | has_permission('view', object(), mixin) |
| 494 | self.assertTrue(self.called_has_permission) | |
| 495 | finally: | |
| 496 | __show__.on() | |
| a1a9fb | 497 | |
| CM | 498 | def test_no_authentication_policy(self): |
| 3c2f95 | 499 | request = self._makeOne() |
| MR | 500 | result = request.has_permission('view') |
| 501 | self.assertTrue(result) | |
| a1a9fb | 502 | self.assertEqual(result.msg, 'No authentication policy in use.') |
| CM | 503 | |
| 3c2f95 | 504 | def test_with_no_authorization_policy(self): |
| MR | 505 | request = self._makeOne() |
| 506 | _registerAuthenticationPolicy(request.registry, None) | |
| 0c29cf | 507 | self.assertRaises( |
| MM | 508 | ValueError, request.has_permission, 'view', context=None |
| 509 | ) | |
| 3c2f95 | 510 | |
| MR | 511 | def test_with_authn_and_authz_policies_registered(self): |
| 512 | request = self._makeOne() | |
| 41723e | 513 | _registerAuthenticationPolicy(request.registry, None) |
| CM | 514 | _registerAuthorizationPolicy(request.registry, 'yo') |
| 3c2f95 | 515 | self.assertEqual(request.has_permission('view', context=None), 'yo') |
| 41723e | 516 | |
| 3c2f95 | 517 | def test_with_no_reg_on_request(self): |
| b60bdb | 518 | from pyramid.threadlocal import get_current_registry |
| 0c29cf | 519 | |
| 41723e | 520 | registry = get_current_registry() |
| 3c2f95 | 521 | request = self._makeOne() |
| MR | 522 | del request.registry |
| 41723e | 523 | _registerAuthenticationPolicy(registry, None) |
| CM | 524 | _registerAuthorizationPolicy(registry, 'yo') |
| 3c2f95 | 525 | self.assertEqual(request.has_permission('view'), 'yo') |
| a1a9fb | 526 | |
| 3c2f95 | 527 | def test_with_no_context_passed(self): |
| MR | 528 | request = self._makeOne() |
| 529 | self.assertTrue(request.has_permission('view')) | |
| a1a9fb | 530 | |
| 3c2f95 | 531 | def test_with_no_context_passed_or_on_request(self): |
| MR | 532 | request = self._makeOne() |
| 533 | del request.context | |
| 534 | self.assertRaises(AttributeError, request.has_permission, 'view') | |
| a1a9fb | 535 | |
| 0c29cf | 536 | |
| 072a2c | 537 | _TEST_HEADER = 'X-Pyramid-Test' |
| 0c29cf | 538 | |
| 072a2c | 539 | |
| 2466f6 | 540 | class DummyContext: |
| 226b49 | 541 | def __init__(self, *arg, **kw): |
| CM | 542 | self.__dict__.update(kw) |
| 0c29cf | 543 | |
| 2466f6 | 544 | |
| a1a9fb | 545 | class DummyAuthenticationPolicy: |
| 2466f6 | 546 | def __init__(self, result): |
| CM | 547 | self.result = result |
| 548 | ||
| 7ec9e7 | 549 | def effective_principals(self, request): |
| 2466f6 | 550 | return self.result |
| CM | 551 | |
| 2526d8 | 552 | def unauthenticated_userid(self, request): |
| CM | 553 | return self.result |
| 554 | ||
| 7ec9e7 | 555 | def authenticated_userid(self, request): |
| a1a9fb | 556 | return self.result |
| b54cdb | 557 | |
| c7afe4 | 558 | def remember(self, request, userid, **kw): |
| KOP | 559 | headers = [(_TEST_HEADER, userid)] |
| 3c2f95 | 560 | self._header_remembered = headers[0] |
| MR | 561 | return headers |
| a1a9fb | 562 | |
| 7ec9e7 | 563 | def forget(self, request): |
| 0dcd56 | 564 | headers = [(_TEST_HEADER, 'logout')] |
| 072a2c | 565 | self._header_forgotten = headers[0] |
| CM | 566 | return headers |
| a1a9fb | 567 | |
| 0c29cf | 568 | |
| a1a9fb | 569 | class DummyAuthorizationPolicy: |
| CM | 570 | def __init__(self, result): |
| 571 | self.result = result | |
| 572 | ||
| 573 | def permits(self, context, principals, permission): | |
| 574 | return self.result | |
| b54cdb | 575 | |
| 64ea2e | 576 | def principals_allowed_by_permission(self, context, permission): |
| a1a9fb | 577 | return self.result |
| 226b49 | 578 | |
| 0c29cf | 579 | |
| 41723e | 580 | def _registerAuthenticationPolicy(reg, result): |
| b60bdb | 581 | from pyramid.interfaces import IAuthenticationPolicy |
| 0c29cf | 582 | |
| 41723e | 583 | policy = DummyAuthenticationPolicy(result) |
| CM | 584 | reg.registerUtility(policy, IAuthenticationPolicy) |
| 585 | return policy | |
| 586 | ||
| 0c29cf | 587 | |
| 41723e | 588 | def _registerAuthorizationPolicy(reg, result): |
| b60bdb | 589 | from pyramid.interfaces import IAuthorizationPolicy |
| 0c29cf | 590 | |
| 41723e | 591 | policy = DummyAuthorizationPolicy(result) |
| CM | 592 | reg.registerUtility(policy, IAuthorizationPolicy) |
| 593 | return policy | |
| 072a2c | 594 | |
| 0c29cf | 595 | |
| 072a2c | 596 | def _makeRequest(): |
| CM | 597 | from pyramid.registry import Registry |
| 0c29cf | 598 | |
| 072a2c | 599 | request = testing.DummyRequest(environ={}) |
| CM | 600 | request.registry = Registry() |
| 601 | request.context = object() | |
| 602 | return request | |
| 0c29cf | 603 | |
| 072a2c | 604 | |
| CM | 605 | def _makeFakeRequest(): |
| 606 | class FakeRequest(testing.DummyRequest): | |
| 607 | @property | |
| 608 | def authenticated_userid(req): | |
| 609 | return 'authenticated_userid' | |
| 610 | ||
| 611 | @property | |
| 612 | def unauthenticated_userid(req): | |
| 613 | return 'unauthenticated_userid' | |
| 614 | ||
| 615 | @property | |
| 616 | def effective_principals(req): | |
| 617 | return 'effective_principals' | |
| 618 | ||
| 619 | return FakeRequest({}) | |
