def test_optional(self): """Test page with no login requirement, and no cookie.""" url_map = appinfo.URLMap(url='/') h = url_handler.UserConfiguredURLHandler(url_map, '/$') def start_response(unused_status, unused_response_headers, unused_exc_info=None): # Successful authorization should not call start_response self.fail('start_response was called') r = h.handle_authorization(self.environ, start_response) self.assertEqual(None, r)
def test_required_redirect_no_login(self): """Test page with login: required; redirect, and no cookie.""" url_map = appinfo.URLMap(url='/', login='******') h = url_handler.UserConfiguredURLHandler(url_map, '/$') expected_status = '302 Requires login' expected_location = ( 'https://localhost:1443/login?continue=http%3A//localhost%3A8080' '/my/album/of/pictures%3Fwith%3Dsome%26query%3Dparameters') expected_headers = {'Location': expected_location} self.assertResponse(expected_status, expected_headers, '', h.handle_authorization, self.environ)
def test_required_unauthorized_no_login(self): """Test page with login: required; unauthorized, and no cookie.""" url_map = appinfo.URLMap(url='/', login='******', auth_fail_action='unauthorized') h = url_handler.UserConfiguredURLHandler(url_map, '/$') expected_status = '401 Not authorized' expected_headers = {'Content-Type': 'text/html', 'Cache-Control': 'no-cache'} expected_content = 'Login required to view page.' self.assertResponse(expected_status, expected_headers, expected_content, h.handle_authorization, self.environ)
def test_login_required_no_login_fake_logged_in_header(self): """Test page with login: required with fake-login-required.""" url_map = appinfo.URLMap(url='/', login='******') h = url_handler.UserConfiguredURLHandler(url_map, '/$') self.environ[constants.FAKE_LOGGED_IN_HEADER] = '1' def start_response(unused_status, unused_response_headers, unused_exc_info=None): # Successful authorization should not call start_response self.fail('start_response was called') r = h.handle_authorization(self.environ, start_response) self.assertEqual(None, r)
def test_admin_no_login_fake_is_admin_header(self): """Test page with login: admin, and no cookie, with fake-is-admin header.""" url_map = appinfo.URLMap(url='/', login='******') h = url_handler.UserConfiguredURLHandler(url_map, '/$') self.environ[constants.FAKE_IS_ADMIN_HEADER] = '1' def start_response(unused_status, unused_response_headers, unused_exc_info=None): # Successful authorization should not call start_response self.fail('start_response was called') r = h.handle_authorization(self.environ, start_response) self.assertEqual(None, r)
def test_admin_succeed(self): """Test page with login: admin, and a valid admin cookie.""" url_map = appinfo.URLMap(url='/', login='******') h = url_handler.UserConfiguredURLHandler(url_map, '/$') self.environ['HTTP_COOKIE'] = COOKIE_ADMIN def start_response(unused_status, unused_response_headers, unused_exc_info=None): # Successful authorization should not call start_response self.fail('start_response was called') r = h.handle_authorization(self.environ, start_response) self.assertEqual(None, r)
def test_admin_no_admin(self): """Test page with login: admin, and a non-admin cookie.""" url_map = appinfo.URLMap(url='/', login='******') h = url_handler.UserConfiguredURLHandler(url_map, '/$') self.environ['HTTP_COOKIE'] = COOKIE expected_status = '401 Not authorized' expected_headers = {'Content-Type': 'text/html', 'Cache-Control': 'no-cache'} expected_content = ('Current logged in user [email protected] is not ' 'authorized to view this page.') self.assertResponse(expected_status, expected_headers, expected_content, h.handle_authorization, self.environ)
def test_admin_no_login_fake_logged_in(self): """Tests page with login: admin, no cookie with fake login header.""" # This should FAIL, because a fake login does not imply admin privileges. url_map = appinfo.URLMap(url='/', login='******') h = url_handler.UserConfiguredURLHandler(url_map, '/$') self.environ[constants.FAKE_LOGGED_IN_HEADER] = '1' expected_status = '401 Not authorized' expected_headers = {'Content-Type': 'text/html', 'Cache-Control': 'no-cache'} expected_content = ('Current logged in user Fake User is not authorized ' 'to view this page.') self.assertResponse(expected_status, expected_headers, expected_content, h.handle_authorization, self.environ)
def test_required_no_login_fake_is_admin(self): """Test page with login: required, no cookie, with fake-is-admin header.""" # This should FAIL, because fake-is-admin only applies to login: admin, not # login: required. url_map = appinfo.URLMap(url='/', login='******') h = url_handler.UserConfiguredURLHandler(url_map, '/$') self.environ[constants.FAKE_IS_ADMIN_HEADER] = '1' expected_status = '302 Requires login' expected_location = ( 'https://localhost:1443/login?continue=http%3A//localhost%3A8080' '/my/album/of/pictures%3Fwith%3Dsome%26query%3Dparameters') expected_headers = {'Location': expected_location} self.assertResponse(expected_status, expected_headers, '', h.handle_authorization, self.environ)