def test_has_permission_false(self, limited_access_auth_header,
sample_resoruce_with_authorization) -> None:
res_instance = sample_resoruce_with_authorization(
Event("/garbage",
"GET",
headers={"authorization": limited_access_auth_header}))
assert not has_permission(res_instance, "garbage")
def test_root_permissions_success(self, sample_resoruce_with_authorization,
full_access_auth_header) -> None:
res_instance = sample_resoruce_with_authorization(
Event("/",
"GET",
headers={"authorization": full_access_auth_header}))
assert res_instance().status_code == HTTPStatus.OK
def test_limited_permissions_failed(
self, limited_access_auth_header,
sample_resoruce_with_authorization) -> None:
res_instance = sample_resoruce_with_authorization(
Event("/garbage",
"GET",
headers={"authorization": limited_access_auth_header}))
assert res_instance().status_code == HTTPStatus.FORBIDDEN
def sample_event() -> Event:
return Event(
resource_path="/",
method="GET",
headers={},
path_params={},
query_params={},
body={},
)
def test_check_permission_raises(
self, limited_access_auth_header,
sample_resoruce_with_authorization) -> None:
res_instance = sample_resoruce_with_authorization(
Event("/",
"GET",
headers={"authorization": limited_access_auth_header}))
with pytest.raises(PermissionDenied):
check_permission(res_instance, "garbage")
def test_check_permission(self, limited_access_auth_header,
sample_resoruce_with_authorization) -> None:
res_instance = sample_resoruce_with_authorization(
Event("/",
"GET",
headers={"authorization": limited_access_auth_header}))
assert check_permission(res_instance, "perm-name") == {
"allow": "*",
"deny": None
}
def handle_request(self) -> None:
"""
Main method for handling all incoming requests.
"""
try:
if self.path == "/favicon.ico":
return
self.done = False
request_size = int(self.headers.get("Content-Length", 0))
if request_size:
request_body = self.rfile.read(request_size).decode(
encoding="utf_8", errors="strict")
request_obj = json.loads(request_body)
else:
request_obj = {}
parsed_url = urllib.parse.urlparse(self.path)
query_params = urllib.parse.parse_qs(parsed_url.query,
keep_blank_values=True)
route, params = self._get_route_params(self.path)
if route is None:
self._error(666, "Path not Found")
return
resource = self.cls( # pylint: disable=not-callable
Event(
resource_path=route,
method=self.command,
headers=self.headers, # type: ignore
path_params=params,
query_params=query_params,
body=request_obj,
))
response = resource()
code = response.status_code
response_as_dict = response.to_dict()
resp_headers = response_as_dict.get("headers", {})
if body := response_as_dict.get("body"):
response_as_dict = json.loads(body)
else:
def test_inharitance_success(self, full_access_auth_header) -> None:
res_instance = GuestResource(
Event("/garbage2",
"GET",
headers={"authorization": full_access_auth_header}))
assert res_instance().status_code == HTTPStatus.OK
def test_limited_permissions_failed(self) -> None:
res_instance = GuestResource(Event("/garbage2", "GET"))
assert res_instance().status_code == HTTPStatus.FORBIDDEN
def test_get_success(self) -> None:
res_instance = GuestResource(Event("/", "GET"))
assert res_instance().status_code == HTTPStatus.OK
req = Request(
body="",
headers=CIMultiDict({"Content-Type": "application/json"}),
uri_params={},
method="GET", # pylint issue #214
query_params=None,
context={},
stage_vars={},
is_base64_encoded=False,
user=None,
)
event = Event(
resource_path="/",
method="GET",
body=req, # pylint issue #214
headers={},
path_params={},
query_params={},
)
event_wrong_uri = Event(
resource_path="/xxxs/asdasd/xxx",
method="GET",
headers={},
path_params={},
query_params={},
body=req,
)
class TestResource: