def test_authentication_with_data_denied_srai(self): yaml = YamlConfigurationFile() self.assertIsNotNone(yaml) yaml.load_from_text( """ brain: security: authentication: classname: programy.security.authenticate.passthrough.PassThroughAuthenticationService denied_srai: AUTHENTICATION_FAILED """, ConsoleConfiguration(), ".") brain_config = yaml.get_section("brain") self.assertIsNotNone(brain_config) services_config = yaml.get_section("security", brain_config) self.assertIsNotNone(services_config) service_config = BrainSecurityConfiguration("authentication") service_config.load_config_section(yaml, services_config, ".") self.assertEqual( "programy.security.authenticate.passthrough.PassThroughAuthenticationService", service_config.classname) self.assertEqual("AUTHENTICATION_FAILED", service_config.denied_srai) self.assertEqual(BrainSecurityConfiguration.DEFAULT_ACCESS_DENIED, service_config.denied_text)
def test_authorisation_with_data_denied_text(self): yaml = YamlConfigurationFile() self.assertIsNotNone(yaml) yaml.load_from_text( """ brain: security: authorisation: classname: programy.security.authorise.passthrough.PassThroughAuthorisationService denied_text: Authorisation Failed """, ConsoleConfiguration(), ".") brain_config = yaml.get_section("brain") self.assertIsNotNone(brain_config) services_config = yaml.get_section("security", brain_config) self.assertIsNotNone(services_config) service_config = BrainSecurityConfiguration("authorisation") service_config.load_config_section(yaml, services_config, ".") self.assertEqual( "programy.security.authorise.passthrough.PassThroughAuthorisationService", service_config.classname) self.assertEqual("Authorisation Failed", service_config.denied_text) self.assertIsNone(service_config.denied_srai)
class BrainSecuritiesConfiguration(BaseSectionConfigurationData): def __init__(self): BaseSectionConfigurationData.__init__(self, "security") self._authorisation = None self._authentication = None @property def authorisation(self): return self._authorisation @property def authentication(self): return self._authentication def load_config_section(self, configuration_file, configuration, bot_root): securities = configuration_file.get_section(self.section_name, configuration) if securities is not None: self._authentication = BrainSecurityConfiguration("authentication") self._authentication.load_config_section(configuration_file, securities, bot_root) self._authorisation = BrainSecurityConfiguration("authorisation") self._authorisation.load_config_section(configuration_file, securities, bot_root)
def load_config_section(self, configuration_file, configuration, bot_root): securities = configuration_file.get_section(self.section_name, configuration) if securities is not None: self._authentication = BrainSecurityConfiguration("authentication") self._authentication.load_config_section(configuration_file, securities, bot_root) self._authorisation = BrainSecurityConfiguration("authorisation") self._authorisation.load_config_section(configuration_file, securities, bot_root)
def test_usersgroups(self): service_config = BrainSecurityConfiguration("authorisation") service_config._usergroups = os.path.dirname( __file__) + os.sep + "test_usergroups.yaml" service = BasicUserGroupAuthorisationService(service_config) self.assertIsNotNone(service) self.assertTrue(service.authorise("console", "root")) self.assertFalse(service.authorise("console", "uber")) with self.assertRaises(AuthorisationException): service.authorise("anyone", "root")
def test_init(self): service = ClientIdAuthenticationService(BrainSecurityConfiguration("authentication")) self.assertIsNotNone(service) self._client_context._userid = "console" self.assertTrue(service.authenticate(self._client_context)) self._client_context._userid = "anyone" self.assertFalse(service.authenticate(self._client_context))
def get_brain_config(self): brain_config = BrainConfiguration() brain_config.security._authorisation = BrainSecurityConfiguration( "authorisation") brain_config.security.authorisation._classname = "programy.security.authorise.usergroupsauthorisor.BasicUserGroupAuthorisationService" brain_config.security.authorisation._denied_srai = "ACCESS_DENIED" brain_config.security.authorisation._usergroups = "$BOT_ROOT/usergroups.yaml" return brain_config
def test_authorise_success(self): service = MockClientIdAuthenticationService(BrainSecurityConfiguration("authentication")) service.should_authorised = True self.assertTrue("console" in service.authorised) self._client_context._userid = "console" self.assertTrue(service.authenticate(self._client_context)) self.assertFalse("unknown" in service.authorised) self._client_context._userid = "unknown" self.assertTrue(service.authenticate(self._client_context)) self.assertTrue("unknown" in service.authorised)
def test_authenticator_with_empty_config(self): client_context = ClientContext(TestClient(), "console") client_context.bot = Bot(BotConfiguration()) client_context.bot.configuration.conversations._max_histories = 3 client_context.brain = client_context.bot.brain service = Authenticator(BrainSecurityConfiguration("authentication")) self.assertIsNotNone(service) self.assertIsNotNone(service.configuration) self.assertIsNone(service.get_default_denied_srai()) self.assertFalse(service.authenticate(client_context))
def load_configuration(self, arguments): super(AuthoriseTestClient, self).load_configuration(arguments) self.configuration.client_configuration.configurations[ 0].configurations[0].files.aiml_files._files = [ os.path.dirname(__file__) ] self.configuration.client_configuration.configurations[ 0].configurations[ 0].security._authorisation = BrainSecurityConfiguration( "authorisation") self.configuration.client_configuration.configurations[0].configurations[ 0].security.authorisation._classname = "programy.security.authorise.usergroupsauthorisor.BasicUserGroupAuthorisationService" self.configuration.client_configuration.configurations[ 0].configurations[ 0].security.authorisation._denied_srai = "ACCESS_DENIED" self.configuration.client_configuration.configurations[ 0].configurations[ 0].security.authorisation._usergroups = os.path.dirname( __file__) + os.sep + "usergroups.yaml"
def test_authoriser(self): authoriser = Authoriser(BrainSecurityConfiguration("authorisation")) self.assertIsNotNone(authoriser) self.assertFalse(authoriser.authorise("console", "sysadmin"))
def load_configuration(self, arguments): super(AuthenticateTestClient, self).load_configuration(arguments) self.configuration.client_configuration.configurations[0].configurations[0].files.aiml_files._files = [os.path.dirname(__file__)] self.configuration.client_configuration.configurations[0].configurations[0].security._authentication = BrainSecurityConfiguration("authentication") self.configuration.client_configuration.configurations[0].configurations[0].security.authentication._classname = "programytest.aiml_tests.authenticate_tests.test_authenticate_aiml.MockAuthenticationService" self.configuration.client_configuration.configurations[0].configurations[0].security.authentication._denied_srai = "AUTHENTICATED_FAILED"
def test_authorise_exception(self): service = MockClientIdAuthenticationService(BrainSecurityConfiguration("authentication")) service.should_authorised = True service.raise_exception = True self.assertFalse(service.authenticate(self._client_context._userid))
def test_authorise_failure(self): service = MockClientIdAuthenticationService(BrainSecurityConfiguration("authentication")) service.should_authorised = False self.assertFalse("unknown" in service.authorised) self.assertFalse(service.authenticate(self._client_context))