commit | author | age
|
2466f6
|
1 |
import unittest |
CM |
2 |
|
072a2c
|
3 |
from pyramid import testing |
86ed40
|
4 |
|
0c29cf
|
5 |
|
226b49
|
6 |
class TestAllPermissionsList(unittest.TestCase): |
CM |
7 |
def setUp(self): |
072a2c
|
8 |
testing.setUp() |
226b49
|
9 |
|
CM |
10 |
def tearDown(self): |
072a2c
|
11 |
testing.tearDown() |
226b49
|
12 |
|
CM |
13 |
def _getTargetClass(self): |
b60bdb
|
14 |
from pyramid.security import AllPermissionsList |
0c29cf
|
15 |
|
226b49
|
16 |
return AllPermissionsList |
CM |
17 |
|
|
18 |
def _makeOne(self): |
|
19 |
return self._getTargetClass()() |
|
20 |
|
1814cd
|
21 |
def test_equality_w_self(self): |
226b49
|
22 |
thing = self._makeOne() |
a1d395
|
23 |
self.assertTrue(thing.__eq__(thing)) |
1814cd
|
24 |
|
TS |
25 |
def test_equality_w_other_instances_of_class(self): |
|
26 |
thing = self._makeOne() |
|
27 |
other = self._makeOne() |
|
28 |
self.assertTrue(thing.__eq__(other)) |
|
29 |
|
|
30 |
def test_equality_miss(self): |
|
31 |
thing = self._makeOne() |
|
32 |
other = object() |
|
33 |
self.assertFalse(thing.__eq__(other)) |
|
34 |
|
|
35 |
def test_contains_w_string(self): |
|
36 |
thing = self._makeOne() |
a1d395
|
37 |
self.assertTrue('anything' in thing) |
226b49
|
38 |
|
1814cd
|
39 |
def test_contains_w_object(self): |
TS |
40 |
thing = self._makeOne() |
|
41 |
self.assertTrue(object() in thing) |
|
42 |
|
|
43 |
def test_iterable(self): |
|
44 |
thing = self._makeOne() |
|
45 |
self.assertEqual(list(thing), []) |
|
46 |
|
226b49
|
47 |
def test_singleton(self): |
b60bdb
|
48 |
from pyramid.security import ALL_PERMISSIONS |
0c29cf
|
49 |
|
226b49
|
50 |
self.assertEqual(ALL_PERMISSIONS.__class__, self._getTargetClass()) |
0c29cf
|
51 |
|
226b49
|
52 |
|
17ce57
|
53 |
class TestAllowed(unittest.TestCase): |
CM |
54 |
def _getTargetClass(self): |
b60bdb
|
55 |
from pyramid.security import Allowed |
0c29cf
|
56 |
|
17ce57
|
57 |
return Allowed |
0c29cf
|
58 |
|
17ce57
|
59 |
def _makeOne(self, *arg, **kw): |
CM |
60 |
klass = self._getTargetClass() |
|
61 |
return klass(*arg, **kw) |
|
62 |
|
|
63 |
def test_it(self): |
|
64 |
allowed = self._makeOne('hello') |
|
65 |
self.assertEqual(allowed.msg, 'hello') |
|
66 |
self.assertEqual(allowed, True) |
a1d395
|
67 |
self.assertTrue(allowed) |
17ce57
|
68 |
self.assertEqual(str(allowed), 'hello') |
a1d395
|
69 |
self.assertTrue('<Allowed instance at ' in repr(allowed)) |
CM |
70 |
self.assertTrue("with msg 'hello'>" in repr(allowed)) |
17ce57
|
71 |
|
0c29cf
|
72 |
|
17ce57
|
73 |
class TestDenied(unittest.TestCase): |
CM |
74 |
def _getTargetClass(self): |
b60bdb
|
75 |
from pyramid.security import Denied |
0c29cf
|
76 |
|
17ce57
|
77 |
return Denied |
0c29cf
|
78 |
|
17ce57
|
79 |
def _makeOne(self, *arg, **kw): |
CM |
80 |
klass = self._getTargetClass() |
|
81 |
return klass(*arg, **kw) |
|
82 |
|
|
83 |
def test_it(self): |
|
84 |
denied = self._makeOne('hello') |
|
85 |
self.assertEqual(denied.msg, 'hello') |
|
86 |
self.assertEqual(denied, False) |
a1d395
|
87 |
self.assertFalse(denied) |
17ce57
|
88 |
self.assertEqual(str(denied), 'hello') |
a1d395
|
89 |
self.assertTrue('<Denied instance at ' in repr(denied)) |
CM |
90 |
self.assertTrue("with msg 'hello'>" in repr(denied)) |
17ce57
|
91 |
|
0c29cf
|
92 |
|
17ce57
|
93 |
class TestACLAllowed(unittest.TestCase): |
CM |
94 |
def _getTargetClass(self): |
b60bdb
|
95 |
from pyramid.security import ACLAllowed |
0c29cf
|
96 |
|
17ce57
|
97 |
return ACLAllowed |
0c29cf
|
98 |
|
17ce57
|
99 |
def _makeOne(self, *arg, **kw): |
CM |
100 |
klass = self._getTargetClass() |
|
101 |
return klass(*arg, **kw) |
|
102 |
|
|
103 |
def test_it(self): |
213001
|
104 |
from pyramid.security import Allowed |
0c29cf
|
105 |
|
MM |
106 |
msg = ( |
|
107 |
"ACLAllowed permission 'permission' via ACE 'ace' in ACL 'acl' " |
|
108 |
"on context 'ctx' for principals 'principals'" |
|
109 |
) |
|
110 |
allowed = self._makeOne( |
|
111 |
'ace', 'acl', 'permission', 'principals', 'ctx' |
|
112 |
) |
213001
|
113 |
self.assertIsInstance(allowed, Allowed) |
a1d395
|
114 |
self.assertTrue(msg in allowed.msg) |
17ce57
|
115 |
self.assertEqual(allowed, True) |
a1d395
|
116 |
self.assertTrue(allowed) |
17ce57
|
117 |
self.assertEqual(str(allowed), msg) |
a1d395
|
118 |
self.assertTrue('<ACLAllowed instance at ' in repr(allowed)) |
CM |
119 |
self.assertTrue("with msg %r>" % msg in repr(allowed)) |
17ce57
|
120 |
|
0c29cf
|
121 |
|
17ce57
|
122 |
class TestACLDenied(unittest.TestCase): |
CM |
123 |
def _getTargetClass(self): |
b60bdb
|
124 |
from pyramid.security import ACLDenied |
0c29cf
|
125 |
|
17ce57
|
126 |
return ACLDenied |
0c29cf
|
127 |
|
17ce57
|
128 |
def _makeOne(self, *arg, **kw): |
CM |
129 |
klass = self._getTargetClass() |
|
130 |
return klass(*arg, **kw) |
|
131 |
|
|
132 |
def test_it(self): |
213001
|
133 |
from pyramid.security import Denied |
0c29cf
|
134 |
|
MM |
135 |
msg = ( |
|
136 |
"ACLDenied permission 'permission' via ACE 'ace' in ACL 'acl' " |
|
137 |
"on context 'ctx' for principals 'principals'" |
|
138 |
) |
17ce57
|
139 |
denied = self._makeOne('ace', 'acl', 'permission', 'principals', 'ctx') |
213001
|
140 |
self.assertIsInstance(denied, Denied) |
a1d395
|
141 |
self.assertTrue(msg in denied.msg) |
17ce57
|
142 |
self.assertEqual(denied, False) |
a1d395
|
143 |
self.assertFalse(denied) |
17ce57
|
144 |
self.assertEqual(str(denied), msg) |
a1d395
|
145 |
self.assertTrue('<ACLDenied instance at ' in repr(denied)) |
CM |
146 |
self.assertTrue("with msg %r>" % msg in repr(denied)) |
0c29cf
|
147 |
|
c8cab3
|
148 |
|
3c2f95
|
149 |
class TestPrincipalsAllowedByPermission(unittest.TestCase): |
a1a9fb
|
150 |
def setUp(self): |
072a2c
|
151 |
testing.setUp() |
a1a9fb
|
152 |
|
CM |
153 |
def tearDown(self): |
072a2c
|
154 |
testing.tearDown() |
a1a9fb
|
155 |
|
3c2f95
|
156 |
def _callFUT(self, *arg): |
MR |
157 |
from pyramid.security import principals_allowed_by_permission |
0c29cf
|
158 |
|
3c2f95
|
159 |
return principals_allowed_by_permission(*arg) |
MR |
160 |
|
|
161 |
def test_no_authorization_policy(self): |
|
162 |
from pyramid.security import Everyone |
0c29cf
|
163 |
|
3c2f95
|
164 |
context = DummyContext() |
MR |
165 |
result = self._callFUT(context, 'view') |
|
166 |
self.assertEqual(result, [Everyone]) |
|
167 |
|
|
168 |
def test_with_authorization_policy(self): |
|
169 |
from pyramid.threadlocal import get_current_registry |
0c29cf
|
170 |
|
3c2f95
|
171 |
registry = get_current_registry() |
MR |
172 |
_registerAuthorizationPolicy(registry, 'yo') |
|
173 |
context = DummyContext() |
|
174 |
result = self._callFUT(context, 'view') |
|
175 |
self.assertEqual(result, 'yo') |
|
176 |
|
0c29cf
|
177 |
|
0dcd56
|
178 |
class TestRemember(unittest.TestCase): |
CM |
179 |
def setUp(self): |
|
180 |
testing.setUp() |
0c29cf
|
181 |
|
0dcd56
|
182 |
def tearDown(self): |
CM |
183 |
testing.tearDown() |
|
184 |
|
7a2b72
|
185 |
def _callFUT(self, *arg, **kwarg): |
0dcd56
|
186 |
from pyramid.security import remember |
0c29cf
|
187 |
|
7a2b72
|
188 |
return remember(*arg, **kwarg) |
0dcd56
|
189 |
|
CM |
190 |
def test_no_authentication_policy(self): |
|
191 |
request = _makeRequest() |
|
192 |
result = self._callFUT(request, 'me') |
|
193 |
self.assertEqual(result, []) |
|
194 |
|
|
195 |
def test_with_authentication_policy(self): |
|
196 |
request = _makeRequest() |
|
197 |
registry = request.registry |
|
198 |
_registerAuthenticationPolicy(registry, 'yo') |
|
199 |
result = self._callFUT(request, 'me') |
|
200 |
self.assertEqual(result, [('X-Pyramid-Test', 'me')]) |
|
201 |
|
|
202 |
def test_with_authentication_policy_no_reg_on_request(self): |
|
203 |
from pyramid.threadlocal import get_current_registry |
0c29cf
|
204 |
|
0dcd56
|
205 |
registry = get_current_registry() |
CM |
206 |
request = _makeRequest() |
|
207 |
del request.registry |
|
208 |
_registerAuthenticationPolicy(registry, 'yo') |
|
209 |
result = self._callFUT(request, 'me') |
|
210 |
self.assertEqual(result, [('X-Pyramid-Test', 'me')]) |
|
211 |
|
7a2b72
|
212 |
def test_with_missing_arg(self): |
MM |
213 |
request = _makeRequest() |
|
214 |
registry = request.registry |
|
215 |
_registerAuthenticationPolicy(registry, 'yo') |
|
216 |
self.assertRaises(TypeError, lambda: self._callFUT(request)) |
|
217 |
|
0c29cf
|
218 |
|
0dcd56
|
219 |
class TestForget(unittest.TestCase): |
CM |
220 |
def setUp(self): |
|
221 |
testing.setUp() |
0c29cf
|
222 |
|
0dcd56
|
223 |
def tearDown(self): |
CM |
224 |
testing.tearDown() |
|
225 |
|
|
226 |
def _callFUT(self, *arg): |
|
227 |
from pyramid.security import forget |
0c29cf
|
228 |
|
0dcd56
|
229 |
return forget(*arg) |
CM |
230 |
|
|
231 |
def test_no_authentication_policy(self): |
|
232 |
request = _makeRequest() |
|
233 |
result = self._callFUT(request) |
|
234 |
self.assertEqual(result, []) |
|
235 |
|
|
236 |
def test_with_authentication_policy(self): |
|
237 |
request = _makeRequest() |
|
238 |
_registerAuthenticationPolicy(request.registry, 'yo') |
|
239 |
result = self._callFUT(request) |
|
240 |
self.assertEqual(result, [('X-Pyramid-Test', 'logout')]) |
|
241 |
|
|
242 |
def test_with_authentication_policy_no_reg_on_request(self): |
|
243 |
from pyramid.threadlocal import get_current_registry |
0c29cf
|
244 |
|
0dcd56
|
245 |
registry = get_current_registry() |
CM |
246 |
request = _makeRequest() |
|
247 |
del request.registry |
|
248 |
_registerAuthenticationPolicy(registry, 'yo') |
|
249 |
result = self._callFUT(request) |
|
250 |
self.assertEqual(result, [('X-Pyramid-Test', 'logout')]) |
0c29cf
|
251 |
|
MM |
252 |
|
3c2f95
|
253 |
class TestViewExecutionPermitted(unittest.TestCase): |
MR |
254 |
def setUp(self): |
072a2c
|
255 |
testing.setUp() |
3c2f95
|
256 |
|
MR |
257 |
def tearDown(self): |
072a2c
|
258 |
testing.tearDown() |
0c29cf
|
259 |
|
a1a9fb
|
260 |
def _callFUT(self, *arg, **kw): |
b60bdb
|
261 |
from pyramid.security import view_execution_permitted |
0c29cf
|
262 |
|
a1a9fb
|
263 |
return view_execution_permitted(*arg, **kw) |
CM |
264 |
|
d66bfb
|
265 |
def _registerSecuredView(self, view_name, allow=True): |
b60bdb
|
266 |
from pyramid.threadlocal import get_current_registry |
a1a9fb
|
267 |
from zope.interface import Interface |
b60bdb
|
268 |
from pyramid.interfaces import ISecuredView |
CM |
269 |
from pyramid.interfaces import IViewClassifier |
0c29cf
|
270 |
|
a1a9fb
|
271 |
class Checker(object): |
d66bfb
|
272 |
def __permitted__(self, context, request): |
a1a9fb
|
273 |
self.context = context |
CM |
274 |
self.request = request |
|
275 |
return allow |
0c29cf
|
276 |
|
a1a9fb
|
277 |
checker = Checker() |
b41a3e
|
278 |
reg = get_current_registry() |
0c29cf
|
279 |
reg.registerAdapter( |
MM |
280 |
checker, |
|
281 |
(IViewClassifier, Interface, Interface), |
|
282 |
ISecuredView, |
|
283 |
view_name, |
|
284 |
) |
a1a9fb
|
285 |
return checker |
CM |
286 |
|
|
287 |
def test_no_permission(self): |
4b552e
|
288 |
from zope.interface import Interface |
MM |
289 |
from pyramid.threadlocal import get_current_registry |
|
290 |
from pyramid.interfaces import ISettings |
|
291 |
from pyramid.interfaces import IView |
|
292 |
from pyramid.interfaces import IViewClassifier |
0c29cf
|
293 |
|
4b552e
|
294 |
settings = dict(debug_authorization=True) |
MM |
295 |
reg = get_current_registry() |
|
296 |
reg.registerUtility(settings, ISettings) |
|
297 |
context = DummyContext() |
072a2c
|
298 |
request = testing.DummyRequest({}) |
0c29cf
|
299 |
|
4b552e
|
300 |
class DummyView(object): |
MM |
301 |
pass |
0c29cf
|
302 |
|
4b552e
|
303 |
view = DummyView() |
0c29cf
|
304 |
reg.registerAdapter( |
MM |
305 |
view, (IViewClassifier, Interface, Interface), IView, '' |
|
306 |
) |
4b552e
|
307 |
result = self._callFUT(context, request, '') |
MM |
308 |
msg = result.msg |
|
309 |
self.assertTrue("Allowed: view name '' in context" in msg) |
|
310 |
self.assertTrue('(no permission defined)' in msg) |
|
311 |
self.assertEqual(result, True) |
|
312 |
|
|
313 |
def test_no_view_registered(self): |
b60bdb
|
314 |
from pyramid.threadlocal import get_current_registry |
CM |
315 |
from pyramid.interfaces import ISettings |
0c29cf
|
316 |
|
567709
|
317 |
settings = dict(debug_authorization=True) |
b41a3e
|
318 |
reg = get_current_registry() |
CM |
319 |
reg.registerUtility(settings, ISettings) |
a1a9fb
|
320 |
context = DummyContext() |
072a2c
|
321 |
request = testing.DummyRequest({}) |
4b552e
|
322 |
self.assertRaises(TypeError, self._callFUT, context, request, '') |
a1a9fb
|
323 |
|
CM |
324 |
def test_with_permission(self): |
|
325 |
from zope.interface import Interface |
|
326 |
from zope.interface import directlyProvides |
b60bdb
|
327 |
from pyramid.interfaces import IRequest |
0c29cf
|
328 |
|
a1a9fb
|
329 |
class IContext(Interface): |
CM |
330 |
pass |
0c29cf
|
331 |
|
a1a9fb
|
332 |
context = DummyContext() |
CM |
333 |
directlyProvides(context, IContext) |
9a038d
|
334 |
self._registerSecuredView('', True) |
072a2c
|
335 |
request = testing.DummyRequest({}) |
a1a9fb
|
336 |
directlyProvides(request, IRequest) |
CM |
337 |
result = self._callFUT(context, request, '') |
3c2f95
|
338 |
self.assertTrue(result) |
a1a9fb
|
339 |
|
0c29cf
|
340 |
|
072a2c
|
341 |
class TestAuthenticatedUserId(unittest.TestCase): |
3c2f95
|
342 |
def setUp(self): |
072a2c
|
343 |
testing.setUp() |
3c2f95
|
344 |
|
MR |
345 |
def tearDown(self): |
072a2c
|
346 |
testing.tearDown() |
0c29cf
|
347 |
|
3c2f95
|
348 |
def test_backward_compat_delegates_to_mixin(self): |
0184b5
|
349 |
from zope.deprecation import __show__ |
0c29cf
|
350 |
|
0184b5
|
351 |
try: |
CM |
352 |
__show__.off() |
072a2c
|
353 |
request = _makeFakeRequest() |
0184b5
|
354 |
from pyramid.security import authenticated_userid |
0c29cf
|
355 |
|
0184b5
|
356 |
self.assertEqual( |
0c29cf
|
357 |
authenticated_userid(request), 'authenticated_userid' |
MM |
358 |
) |
0184b5
|
359 |
finally: |
CM |
360 |
__show__.on() |
3c2f95
|
361 |
|
MR |
362 |
def test_no_authentication_policy(self): |
072a2c
|
363 |
request = _makeRequest() |
3c2f95
|
364 |
self.assertEqual(request.authenticated_userid, None) |
MR |
365 |
|
|
366 |
def test_with_authentication_policy(self): |
072a2c
|
367 |
request = _makeRequest() |
3c2f95
|
368 |
_registerAuthenticationPolicy(request.registry, 'yo') |
MR |
369 |
self.assertEqual(request.authenticated_userid, 'yo') |
|
370 |
|
|
371 |
def test_with_authentication_policy_no_reg_on_request(self): |
|
372 |
from pyramid.threadlocal import get_current_registry |
0c29cf
|
373 |
|
3c2f95
|
374 |
registry = get_current_registry() |
072a2c
|
375 |
request = _makeRequest() |
3c2f95
|
376 |
del request.registry |
MR |
377 |
_registerAuthenticationPolicy(registry, 'yo') |
|
378 |
self.assertEqual(request.authenticated_userid, 'yo') |
0c29cf
|
379 |
|
3c2f95
|
380 |
|
072a2c
|
381 |
class TestUnAuthenticatedUserId(unittest.TestCase): |
CM |
382 |
def setUp(self): |
|
383 |
testing.setUp() |
|
384 |
|
|
385 |
def tearDown(self): |
|
386 |
testing.tearDown() |
0c29cf
|
387 |
|
3c2f95
|
388 |
def test_backward_compat_delegates_to_mixin(self): |
0184b5
|
389 |
from zope.deprecation import __show__ |
0c29cf
|
390 |
|
0184b5
|
391 |
try: |
CM |
392 |
__show__.off() |
072a2c
|
393 |
request = _makeFakeRequest() |
0184b5
|
394 |
from pyramid.security import unauthenticated_userid |
0c29cf
|
395 |
|
0184b5
|
396 |
self.assertEqual( |
0c29cf
|
397 |
unauthenticated_userid(request), 'unauthenticated_userid' |
MM |
398 |
) |
0184b5
|
399 |
finally: |
CM |
400 |
__show__.on() |
3c2f95
|
401 |
|
MR |
402 |
def test_no_authentication_policy(self): |
072a2c
|
403 |
request = _makeRequest() |
3c2f95
|
404 |
self.assertEqual(request.unauthenticated_userid, None) |
MR |
405 |
|
|
406 |
def test_with_authentication_policy(self): |
072a2c
|
407 |
request = _makeRequest() |
3c2f95
|
408 |
_registerAuthenticationPolicy(request.registry, 'yo') |
MR |
409 |
self.assertEqual(request.unauthenticated_userid, 'yo') |
|
410 |
|
|
411 |
def test_with_authentication_policy_no_reg_on_request(self): |
|
412 |
from pyramid.threadlocal import get_current_registry |
0c29cf
|
413 |
|
3c2f95
|
414 |
registry = get_current_registry() |
072a2c
|
415 |
request = _makeRequest() |
3c2f95
|
416 |
del request.registry |
MR |
417 |
_registerAuthenticationPolicy(registry, 'yo') |
|
418 |
self.assertEqual(request.unauthenticated_userid, 'yo') |
0c29cf
|
419 |
|
3c2f95
|
420 |
|
072a2c
|
421 |
class TestEffectivePrincipals(unittest.TestCase): |
CM |
422 |
def setUp(self): |
|
423 |
testing.setUp() |
|
424 |
|
|
425 |
def tearDown(self): |
|
426 |
testing.tearDown() |
0c29cf
|
427 |
|
3c2f95
|
428 |
def test_backward_compat_delegates_to_mixin(self): |
072a2c
|
429 |
request = _makeFakeRequest() |
0184b5
|
430 |
from zope.deprecation import __show__ |
0c29cf
|
431 |
|
0184b5
|
432 |
try: |
CM |
433 |
__show__.off() |
|
434 |
from pyramid.security import effective_principals |
0c29cf
|
435 |
|
0184b5
|
436 |
self.assertEqual( |
0c29cf
|
437 |
effective_principals(request), 'effective_principals' |
MM |
438 |
) |
0184b5
|
439 |
finally: |
CM |
440 |
__show__.on() |
3c2f95
|
441 |
|
MR |
442 |
def test_no_authentication_policy(self): |
|
443 |
from pyramid.security import Everyone |
0c29cf
|
444 |
|
072a2c
|
445 |
request = _makeRequest() |
3c2f95
|
446 |
self.assertEqual(request.effective_principals, [Everyone]) |
MR |
447 |
|
|
448 |
def test_with_authentication_policy(self): |
072a2c
|
449 |
request = _makeRequest() |
3c2f95
|
450 |
_registerAuthenticationPolicy(request.registry, 'yo') |
MR |
451 |
self.assertEqual(request.effective_principals, 'yo') |
|
452 |
|
|
453 |
def test_with_authentication_policy_no_reg_on_request(self): |
|
454 |
from pyramid.threadlocal import get_current_registry |
0c29cf
|
455 |
|
3c2f95
|
456 |
registry = get_current_registry() |
072a2c
|
457 |
request = _makeRequest() |
3c2f95
|
458 |
del request.registry |
MR |
459 |
_registerAuthenticationPolicy(registry, 'yo') |
|
460 |
self.assertEqual(request.effective_principals, 'yo') |
|
461 |
|
0c29cf
|
462 |
|
a1a9fb
|
463 |
class TestHasPermission(unittest.TestCase): |
CM |
464 |
def setUp(self): |
072a2c
|
465 |
testing.setUp() |
0c29cf
|
466 |
|
a1a9fb
|
467 |
def tearDown(self): |
072a2c
|
468 |
testing.tearDown() |
a1a9fb
|
469 |
|
3c2f95
|
470 |
def _makeOne(self): |
MR |
471 |
from pyramid.security import AuthorizationAPIMixin |
|
472 |
from pyramid.registry import Registry |
0c29cf
|
473 |
|
3c2f95
|
474 |
mixin = AuthorizationAPIMixin() |
MR |
475 |
mixin.registry = Registry() |
|
476 |
mixin.context = object() |
|
477 |
return mixin |
|
478 |
|
|
479 |
def test_delegates_to_mixin(self): |
0184b5
|
480 |
from zope.deprecation import __show__ |
0c29cf
|
481 |
|
0184b5
|
482 |
try: |
CM |
483 |
__show__.off() |
|
484 |
mixin = self._makeOne() |
|
485 |
from pyramid.security import has_permission |
0c29cf
|
486 |
|
0184b5
|
487 |
self.called_has_permission = False |
3c2f95
|
488 |
|
0184b5
|
489 |
def mocked_has_permission(*args, **kw): |
CM |
490 |
self.called_has_permission = True |
3c2f95
|
491 |
|
0184b5
|
492 |
mixin.has_permission = mocked_has_permission |
CM |
493 |
has_permission('view', object(), mixin) |
|
494 |
self.assertTrue(self.called_has_permission) |
|
495 |
finally: |
|
496 |
__show__.on() |
a1a9fb
|
497 |
|
CM |
498 |
def test_no_authentication_policy(self): |
3c2f95
|
499 |
request = self._makeOne() |
MR |
500 |
result = request.has_permission('view') |
|
501 |
self.assertTrue(result) |
a1a9fb
|
502 |
self.assertEqual(result.msg, 'No authentication policy in use.') |
CM |
503 |
|
3c2f95
|
504 |
def test_with_no_authorization_policy(self): |
MR |
505 |
request = self._makeOne() |
|
506 |
_registerAuthenticationPolicy(request.registry, None) |
0c29cf
|
507 |
self.assertRaises( |
MM |
508 |
ValueError, request.has_permission, 'view', context=None |
|
509 |
) |
3c2f95
|
510 |
|
MR |
511 |
def test_with_authn_and_authz_policies_registered(self): |
|
512 |
request = self._makeOne() |
41723e
|
513 |
_registerAuthenticationPolicy(request.registry, None) |
CM |
514 |
_registerAuthorizationPolicy(request.registry, 'yo') |
3c2f95
|
515 |
self.assertEqual(request.has_permission('view', context=None), 'yo') |
41723e
|
516 |
|
3c2f95
|
517 |
def test_with_no_reg_on_request(self): |
b60bdb
|
518 |
from pyramid.threadlocal import get_current_registry |
0c29cf
|
519 |
|
41723e
|
520 |
registry = get_current_registry() |
3c2f95
|
521 |
request = self._makeOne() |
MR |
522 |
del request.registry |
41723e
|
523 |
_registerAuthenticationPolicy(registry, None) |
CM |
524 |
_registerAuthorizationPolicy(registry, 'yo') |
3c2f95
|
525 |
self.assertEqual(request.has_permission('view'), 'yo') |
a1a9fb
|
526 |
|
3c2f95
|
527 |
def test_with_no_context_passed(self): |
MR |
528 |
request = self._makeOne() |
|
529 |
self.assertTrue(request.has_permission('view')) |
a1a9fb
|
530 |
|
3c2f95
|
531 |
def test_with_no_context_passed_or_on_request(self): |
MR |
532 |
request = self._makeOne() |
|
533 |
del request.context |
|
534 |
self.assertRaises(AttributeError, request.has_permission, 'view') |
a1a9fb
|
535 |
|
0c29cf
|
536 |
|
072a2c
|
537 |
_TEST_HEADER = 'X-Pyramid-Test' |
0c29cf
|
538 |
|
072a2c
|
539 |
|
2466f6
|
540 |
class DummyContext: |
226b49
|
541 |
def __init__(self, *arg, **kw): |
CM |
542 |
self.__dict__.update(kw) |
0c29cf
|
543 |
|
2466f6
|
544 |
|
a1a9fb
|
545 |
class DummyAuthenticationPolicy: |
2466f6
|
546 |
def __init__(self, result): |
CM |
547 |
self.result = result |
|
548 |
|
7ec9e7
|
549 |
def effective_principals(self, request): |
2466f6
|
550 |
return self.result |
CM |
551 |
|
2526d8
|
552 |
def unauthenticated_userid(self, request): |
CM |
553 |
return self.result |
|
554 |
|
7ec9e7
|
555 |
def authenticated_userid(self, request): |
a1a9fb
|
556 |
return self.result |
b54cdb
|
557 |
|
c7afe4
|
558 |
def remember(self, request, userid, **kw): |
KOP |
559 |
headers = [(_TEST_HEADER, userid)] |
3c2f95
|
560 |
self._header_remembered = headers[0] |
MR |
561 |
return headers |
a1a9fb
|
562 |
|
7ec9e7
|
563 |
def forget(self, request): |
0dcd56
|
564 |
headers = [(_TEST_HEADER, 'logout')] |
072a2c
|
565 |
self._header_forgotten = headers[0] |
CM |
566 |
return headers |
a1a9fb
|
567 |
|
0c29cf
|
568 |
|
a1a9fb
|
569 |
class DummyAuthorizationPolicy: |
CM |
570 |
def __init__(self, result): |
|
571 |
self.result = result |
|
572 |
|
|
573 |
def permits(self, context, principals, permission): |
|
574 |
return self.result |
b54cdb
|
575 |
|
64ea2e
|
576 |
def principals_allowed_by_permission(self, context, permission): |
a1a9fb
|
577 |
return self.result |
226b49
|
578 |
|
0c29cf
|
579 |
|
41723e
|
580 |
def _registerAuthenticationPolicy(reg, result): |
b60bdb
|
581 |
from pyramid.interfaces import IAuthenticationPolicy |
0c29cf
|
582 |
|
41723e
|
583 |
policy = DummyAuthenticationPolicy(result) |
CM |
584 |
reg.registerUtility(policy, IAuthenticationPolicy) |
|
585 |
return policy |
|
586 |
|
0c29cf
|
587 |
|
41723e
|
588 |
def _registerAuthorizationPolicy(reg, result): |
b60bdb
|
589 |
from pyramid.interfaces import IAuthorizationPolicy |
0c29cf
|
590 |
|
41723e
|
591 |
policy = DummyAuthorizationPolicy(result) |
CM |
592 |
reg.registerUtility(policy, IAuthorizationPolicy) |
|
593 |
return policy |
072a2c
|
594 |
|
0c29cf
|
595 |
|
072a2c
|
596 |
def _makeRequest(): |
CM |
597 |
from pyramid.registry import Registry |
0c29cf
|
598 |
|
072a2c
|
599 |
request = testing.DummyRequest(environ={}) |
CM |
600 |
request.registry = Registry() |
|
601 |
request.context = object() |
|
602 |
return request |
0c29cf
|
603 |
|
072a2c
|
604 |
|
CM |
605 |
def _makeFakeRequest(): |
|
606 |
class FakeRequest(testing.DummyRequest): |
|
607 |
@property |
|
608 |
def authenticated_userid(req): |
|
609 |
return 'authenticated_userid' |
|
610 |
|
|
611 |
@property |
|
612 |
def unauthenticated_userid(req): |
|
613 |
return 'unauthenticated_userid' |
|
614 |
|
|
615 |
@property |
|
616 |
def effective_principals(req): |
|
617 |
return 'effective_principals' |
|
618 |
|
|
619 |
return FakeRequest({}) |