def test_ruleset_empty(self):
permissions = []
role = RouterRoleStaticAuth(None, "testrole", permissions)
actions = ['call', 'register', 'publish', 'subscribe']
uris = ['com.example.1', 'myuri', '']
for uri in uris:
for action in actions:
self.assertFalse(role.authorize(None, uri, action))
def test_ruleset_empty(self):
permissions = []
role = RouterRoleStaticAuth(None, "testrole", permissions)
actions = ['call', 'register', 'publish', 'subscribe']
uris = ['com.example.1', 'myuri', '']
for uri in uris:
for action in actions:
self.assertFalse(role.authorize(None, uri, action))
def test_ruleset_empty(self):
permissions = []
role = RouterRoleStaticAuth(None, u'testrole', permissions)
actions = [u'call', u'register', u'publish', u'subscribe']
uris = [u'com.example.1', u'myuri', u'']
for uri in uris:
for action in actions:
authorization = role.authorize(None, uri, action, {})
self.assertFalse(authorization[u'allow'])
def test_ruleset_empty(self):
permissions = []
role = RouterRoleStaticAuth(None, u'testrole', permissions)
actions = [u'call', u'register', u'publish', u'subscribe']
uris = [u'com.example.1', u'myuri', u'']
for uri in uris:
for action in actions:
authorization = role.authorize(None, uri, action, {})
self.assertFalse(authorization[u'allow'])
def test_ruleset_2(self):
permissions = [{'uri': '*', 'allow': {'call': True, 'register': True, 'publish': True, 'subscribe': True}}]
role = RouterRoleStaticAuth(None, 'testrole', permissions)
actions = ['call', 'register', 'publish', 'subscribe']
uris = [('com.example.1', True), ('myuri', True), ('', True)]
for uri, allow in uris:
for action in actions:
authorization = role.authorize(None, uri, action, {})
self.assertEqual(authorization['allow'], allow)
def test_ruleset_2(self):
permissions = [{u"uri": u"*", u"call": True, u"register": True, u"publish": True, u"subscribe": True}]
role = RouterRoleStaticAuth(None, u"testrole", permissions)
actions = [u"call", u"register", u"publish", u"subscribe"]
uris = [(u"com.example.1", True), (u"myuri", True), (u"", True)]
for uri, allow in uris:
for action in actions:
authorization = role.authorize(None, uri, action)
self.assertEqual(authorization[u"allow"], allow)
def test_ruleset_empty(self):
permissions = []
role = RouterRoleStaticAuth(None, u"testrole", permissions)
actions = [u"call", u"register", u"publish", u"subscribe"]
uris = [u"com.example.1", u"myuri", u""]
for uri in uris:
for action in actions:
authorization = role.authorize(None, uri, action)
self.assertFalse(authorization[u"allow"])
class TestRouterRoleStaticAuthWild(unittest.TestCase):
def setUp(self):
permissions = [{
'uri': 'com..private',
'match': 'wildcard',
'allow': {
'call': True,
'register': False,
'publish': False,
'subscribe': False,
}
}, {
'uri': 'com.something_specific.private',
'match': 'exact',
'allow': {
'call': False,
'register': True,
'publish': False,
'subscribe': False
}
}, {
'uri': 'com.',
'match': 'prefix',
'allow': {
'call': False,
'register': False,
'publish': True,
'subscribe': False
}
}]
self.role = RouterRoleStaticAuth(None, 'testrole', permissions)
def test_exact_before_wildcard(self):
# exact matches should always be preferred over wildcards
self.assertEqual(False, self.role.authorize(None, 'com.something_specific.private', 'call', {})['allow'])
self.assertEqual(True, self.role.authorize(None, 'com.something_specific.private', 'register', {})['allow'])
def test_wildcard_before_prefix(self):
# wildcards should be preferred over prefix
self.assertEqual(True, self.role.authorize(None, 'com.foo.private', 'call', {})['allow'])
self.assertEqual(False, self.role.authorize(None, 'com.foo.private', 'register', {})['allow'])
self.assertEqual(False, self.role.authorize(None, 'com.foo.private', 'publish', {})['allow'])
def test_prefix(self):
# wildcards should be preferred over prefix
self.assertEqual(False, self.role.authorize(None, 'com.whatever', 'call', {})['allow'])
self.assertEqual(False, self.role.authorize(None, 'com.whatever', 'register', {})['allow'])
self.assertEqual(True, self.role.authorize(None, 'com.whatever', 'publish', {})['allow'])
def test_ruleset_1(self):
permissions = [{
'uri': 'com.example.*',
'call': True,
'register': True,
'publish': True,
'subscribe': True
}]
role = RouterRoleStaticAuth(None, "testrole", permissions)
actions = ['call', 'register', 'publish', 'subscribe']
uris = [('com.example.1', True), ('myuri', False), ('', False)]
for uri, allow in uris:
for action in actions:
self.assertEqual(role.authorize(None, uri, action), allow)
def test_ruleset_2(self):
permissions = [
{
'uri': '*',
'call': True,
'register': True,
'publish': True,
'subscribe': True
}
]
role = RouterRoleStaticAuth(None, "testrole", permissions)
actions = ['call', 'register', 'publish', 'subscribe']
uris = [('com.example.1', True), ('myuri', True), ('', True)]
for uri, allow in uris:
for action in actions:
self.assertEqual(role.authorize(None, uri, action), allow)
def test_ruleset_1(self):
permissions = [{
u'uri': u'com.example.*',
u'allow': {
u'call': True,
u'register': True,
u'publish': True,
u'subscribe': True
}
}]
role = RouterRoleStaticAuth(None, u'testrole', permissions)
actions = [u'call', u'register', u'publish', u'subscribe']
uris = [(u'com.example.1', True), (u'myuri', False), (u'', False)]
for uri, allow in uris:
for action in actions:
authorization = role.authorize(None, uri, action, {})
self.assertEqual(authorization[u'allow'], allow)
def test_ruleset_2(self):
permissions = [
{
u'uri': u'*',
u'allow': {
u'call': True,
u'register': True,
u'publish': True,
u'subscribe': True
}
}
]
role = RouterRoleStaticAuth(None, u'testrole', permissions)
actions = [u'call', u'register', u'publish', u'subscribe']
uris = [(u'com.example.1', True), (u'myuri', True), (u'', True)]
for uri, allow in uris:
for action in actions:
authorization = role.authorize(None, uri, action, {})
self.assertEqual(authorization[u'allow'], allow)
class TestRouterRoleStaticAuthWild(unittest.TestCase):
def setUp(self):
permissions = [
{
u'uri': u'com..private',
u'match': 'wildcard',
u'allow': {
u'call': True,
u'register': False,
u'publish': False,
u'subscribe': False,
}
},
{
u'uri': u'com.something_specific.private',
u'match': 'exact',
u'allow': {
u'call': False,
u'register': True,
u'publish': False,
u'subscribe': False
}
},
{
u'uri': u'com.',
u'match': 'prefix',
u'allow': {
u'call': False,
u'register': False,
u'publish': True,
u'subscribe': False
}
}
]
self.role = RouterRoleStaticAuth(None, u'testrole', permissions)
def test_exact_before_wildcard(self):
# exact matches should always be preferred over wildcards
self.assertEqual(
False,
self.role.authorize(None, u'com.something_specific.private', 'call', {})[u'allow']
)
self.assertEqual(
True,
self.role.authorize(None, u'com.something_specific.private', 'register', {})[u'allow']
)
def test_wildcard_before_prefix(self):
# wildcards should be preferred over prefix
self.assertEqual(
True,
self.role.authorize(None, u'com.foo.private', 'call', {})[u'allow']
)
self.assertEqual(
False,
self.role.authorize(None, u'com.foo.private', 'register', {})[u'allow']
)
self.assertEqual(
False,
self.role.authorize(None, u'com.foo.private', 'publish', {})[u'allow']
)
def test_prefix(self):
# wildcards should be preferred over prefix
self.assertEqual(
False,
self.role.authorize(None, u'com.whatever', 'call', {})[u'allow']
)
self.assertEqual(
False,
self.role.authorize(None, u'com.whatever', 'register', {})[u'allow']
)
self.assertEqual(
True,
self.role.authorize(None, u'com.whatever', 'publish', {})[u'allow']
)
