def testOtherUserAccessDenied(self):
"""Tests that access is denied for a user who is not defined in URL."""
self.data.kwargs['user'] = '******'
access_checker = access.IsUrlUserAccessChecker()
with self.assertRaises(exception.UserError) as context:
access_checker.checkAccess(self.data, None)
self.assertEqual(context.exception.status, httplib.FORBIDDEN)
def testNonLoggedInUserAccessDenied(self):
"""Tests that exception is raised for a non logged-in user."""
data = request_data.RequestData(None, None, {})
data._gae_user = None
data.kwargs['user'] = '******'
access_checker = access.IsUrlUserAccessChecker()
with self.assertRaises(exception.LoginRequired):
access_checker.checkAccess(data, None)
def testNonUserAccessDenied(self):
"""Tests that access is denied for a user with no User entity."""
self.data.kwargs['user'] = self.data._ndb_user.user_id
self.data._ndb_user = None
access_checker = access.IsUrlUserAccessChecker()
with self.assertRaises(exception.UserError) as context:
access_checker.checkAccess(self.data, None)
self.assertEqual(context.exception.status, httplib.FORBIDDEN)
def testSameUserAccessGranted(self):
"""Tests that access is granted for a user who is defined in URL."""
self.data.kwargs['user'] = self.data._ndb_user.user_id
access_checker = access.IsUrlUserAccessChecker()
access_checker.checkAccess(self.data, None)
def testForMissingUserData(self):
"""Tests for URL data that does not contain any user data."""
access_checker = access.IsUrlUserAccessChecker()
with self.assertRaises(exception.UserError) as context:
access_checker.checkAccess(self.data, None)
self.assertEqual(context.exception.status, httplib.BAD_REQUEST)