def test_ACL(self): acl = gear.ACL() acl.add(gear.ACLEntry('worker', register='foo.*')) acl.add(gear.ACLEntry('client', invoke='foo.*')) acl.add(gear.ACLEntry('manager', grant=True)) self.assertEqual(len(acl.getEntries()), 3) self.assertTrue(acl.canRegister('worker', 'foo-bar')) self.assertTrue(acl.canRegister('worker', 'foo')) self.assertFalse(acl.canRegister('worker', 'bar-foo')) self.assertFalse(acl.canRegister('worker', 'bar')) self.assertFalse(acl.canInvoke('worker', 'foo')) self.assertFalse(acl.canGrant('worker')) self.assertTrue(acl.canInvoke('client', 'foo-bar')) self.assertTrue(acl.canInvoke('client', 'foo')) self.assertFalse(acl.canInvoke('client', 'bar-foo')) self.assertFalse(acl.canInvoke('client', 'bar')) self.assertFalse(acl.canRegister('client', 'foo')) self.assertFalse(acl.canGrant('client')) self.assertFalse(acl.canInvoke('manager', 'bar')) self.assertFalse(acl.canRegister('manager', 'foo')) self.assertTrue(acl.canGrant('manager')) acl.remove('worker') acl.remove('client') acl.remove('manager') self.assertFalse(acl.canRegister('worker', 'foo')) self.assertFalse(acl.canInvoke('client', 'foo')) self.assertFalse(acl.canGrant('manager')) self.assertEqual(len(acl.getEntries()), 0)
def main(self): self.setup_logging() statsd_host = os.environ.get('STATSD_HOST') statsd_port = int(os.environ.get('STATSD_PORT', 8125)) statsd_prefix = os.environ.get('STATSD_PREFIX') acl = None if self.args.acl: aclf = ConfigParser.RawConfigParser() aclf.read(self.args.acl) acl = gear.ACL() for section in aclf.sections(): if aclf.has_option(section, 'register'): register = aclf.get(section, 'register') else: register = None if aclf.has_option(section, 'invoke'): invoke = aclf.get(section, 'invoke') else: invoke = None if aclf.has_option(section, 'grant'): grant = aclf.getboolean(section, 'grant') else: grant = None entry = gear.ACLEntry(section, register, invoke, grant) acl.add(entry) self.server = gear.Server(self.args.port, self.args.ssl_key, self.args.ssl_cert, self.args.ssl_ca, statsd_host, statsd_port, statsd_prefix, acl=acl) signal.pause()
def test_ACL_register(self): acl = gear.ACL() acl.grantRegister('worker', 'bar.*') self.assertTrue(acl.canRegister('worker', 'bar')) acl.revokeRegister('worker') self.assertFalse(acl.canRegister('worker', 'bar'))
def test_ACL_grant(self): acl = gear.ACL() acl.grantGrant('manager') self.assertTrue(acl.canGrant('manager')) acl.revokeGrant('manager') self.assertFalse(acl.canGrant('manager'))
def test_ACL_invoke(self): acl = gear.ACL() acl.grantInvoke('client', 'bar.*') self.assertTrue(acl.canInvoke('client', 'bar')) acl.revokeInvoke('client') self.assertFalse(acl.canInvoke('client', 'bar'))