Ejemplo n.º 1
0
    def test_impersonation(self):
        role1 = 'role-1'
        role2 = 'role-2'
        role3 = 'role-3'
        role4 = 'role-4'

        # Simple test
        role_1_principal = DummyIdentity(role1)
        with ImpersonateAs(role_1_principal):
            self.assertEqual(context.identity, role_1_principal)
            self.assertTrue(context.identity.is_in_roles(role1))

            # Now we change the role
            role_2_principal = DummyIdentity(role2)
            with ImpersonateAs(role_2_principal):
                self.assertFalse(context.identity.is_in_roles(role1))
                self.assertTrue(context.identity.is_in_roles(role2))

        # Multiple roles
        role_3_4_principal = DummyIdentity(role3, role4)
        with ImpersonateAs(role_3_4_principal):
            self.assertTrue(context.identity.is_in_roles(role3))
            self.assertTrue(context.identity.is_in_roles(role4))

            self.assertFalse(context.identity.is_in_roles(role1))
            self.assertFalse(context.identity.is_in_roles(role2))
Ejemplo n.º 2
0
def test_impersonation():
    with Context({}) as ctx:
        role1 = 'role-1'
        role2 = 'role-2'
        role3 = 'role-3'
        role4 = 'role-4'

        # Simple test
        role_1_principal = DummyIdentity(role1)
        with ImpersonateAs(role_1_principal):
            assert context.identity == role_1_principal
            assert context.identity.is_in_roles(role1)

            # Now we change the role
            role_2_principal = DummyIdentity(role2)
            with ImpersonateAs(role_2_principal):
                assert not context.identity.is_in_roles(role1)
                assert context.identity.is_in_roles(role2)

        # Multiple roles
        role_3_4_principal = DummyIdentity(role3, role4)
        with ImpersonateAs(role_3_4_principal):
            assert context.identity.is_in_roles(role3)
            assert context.identity.is_in_roles(role4)

            assert not context.identity.is_in_roles(role1)
            assert not context.identity.is_in_roles(role2)
Ejemplo n.º 3
0
 def test_validation_filter(self):
     # Test `filter`
     # role -> All
     self.wsgi_app.jwt_token = DummyIdentity().dump().decode()
     result, ___ = self.request('All',
                                'POST',
                                '/validation',
                                doc=False,
                                params={
                                    'customParam': 'param',
                                    'filteredParamForAll': 'param',
                                    'filteredParamForClient': 'param',
                                    'filteredParamForAdmin': 'param',
                                })
     self.assertNotIn('customParam', result)
     self.assertNotIn('filteredParamForClient', result)
     self.assertNotIn('filteredParamForAdmin', result)
     self.assertIn('filteredParamForAll', result)
     # -----------------------------
     # role -> Client
     self.wsgi_app.jwt_token = DummyIdentity('client').dump().decode()
     result, ___ = self.request('Client',
                                'POST',
                                '/validation',
                                doc=False,
                                params={
                                    'customParam': 'param',
                                    'filteredParamForAll': 'param',
                                    'filteredParamForClient': 'param',
                                    'filteredParamForAdmin': 'param',
                                })
     self.assertNotIn('customParam', result)
     self.assertIn('filteredParamForClient', result)
     self.assertNotIn('filteredParamForAdmin', result)
     self.assertIn('filteredParamForAll', result)
     # -----------------------------
     # role -> Admin
     self.wsgi_app.jwt_token = DummyIdentity('admin').dump().decode()
     result, ___ = self.request('Admin',
                                'POST',
                                '/validation',
                                doc=False,
                                params={
                                    'customParam': 'param',
                                    'filteredParamForAll': 'param',
                                    'filteredParamForClient': 'param',
                                    'filteredParamForAdmin': 'param',
                                })
     self.assertNotIn('customParam', result)
     self.assertNotIn('filteredParamForClient', result)
     self.assertIn('filteredParamForAdmin', result)
     self.assertIn('filteredParamForAll', result)
Ejemplo n.º 4
0
    def test_validation_pattern(self):
        # Test `pattern`
        # role -> All
        self.wsgi_app.jwt_token = DummyIdentity().dump().decode()
        self.request('All',
                     'POST',
                     '/validation',
                     doc=False,
                     params={
                         'patternedParam1': '0123456789',
                         'patternedParam2': 'abcdeFGHIJ',
                         'patternedParam3': 'Exact'
                     })

        self.request('All',
                     'POST',
                     '/validation',
                     doc=False,
                     params={'patternedParam1': '12345'},
                     expected_status=400)

        # -----------------------------
        # role -> Client
        self.wsgi_app.jwt_token = DummyIdentity('client').dump().decode()
        self.request('Client',
                     'POST',
                     '/validation',
                     doc=False,
                     params={
                         'patternedParam1': '12345',
                         'patternedParam2': 'ABCDE',
                         'patternedParam3': 'Exact',
                         'patternedParam4': 'anything'
                     })

        self.request('Client',
                     'POST',
                     '/validation',
                     doc=False,
                     params={'patternedParam1': '1'},
                     expected_status=400)

        # -----------------------------
        # role -> Admin
        self.wsgi_app.jwt_token = DummyIdentity('admin').dump().decode()
        self.request('Admin',
                     'POST',
                     '/validation',
                     doc=False,
                     params={
                         'patternedParam1': '1',
                         'patternedParam2': 'ABCDEFGHIJ',
                         'patternedParam4': 'SuperAdmin'
                     })

        self.request('Admin',
                     'POST',
                     '/validation',
                     doc=False,
                     params={'patternedParam4': 'anything'},
                     expected_status=400)
Ejemplo n.º 5
0
    def test_validation_types(self):
        # Test `type`
        # role -> All
        self.wsgi_app.jwt_token = DummyIdentity().dump().decode()
        result, ___ = self.request(
            'All', 'POST', '/validation',
            doc=False,
            params={
                'typedParam1': '1',
                'typedParam2': '2',
                'typedParam3': '3',
                'typedParam4': '4'
            }
        )
        self.assertEqual(type(result['typedParam1']), float)
        self.assertEqual(type(result['typedParam2']), float)
        self.assertEqual(type(result['typedParam3']), float)
        self.assertEqual(type(result['typedParam4']), str)

        self.request(
            'All', 'POST', '/validation',
            doc=False,
            params={'typedParam1': 'not_convertible'},
            expected_status=400
        )

        # -----------------------------
        # role -> Client
        self.wsgi_app.jwt_token = DummyIdentity('client').dump().decode()
        result, ___ = self.request(
            'Client', 'POST', '/validation',
            doc=False,
            params={
                'typedParam1': '1',
                'typedParam2': '2',
                'typedParam3': '3',
                'typedParam4': '4'
            }
        )
        self.assertEqual(type(result['typedParam1']), int)
        self.assertEqual(type(result['typedParam2']), int)
        self.assertEqual(type(result['typedParam3']), float)
        self.assertEqual(type(result['typedParam4']), str)

        self.request(
            'Client', 'POST', '/validation',
            doc=False,
            params={'typedParam1': 'not_convertible'},
            expected_status=400
        )

        # -----------------------------
        # role -> Admin
        self.wsgi_app.jwt_token = DummyIdentity('admin').dump().decode()
        result, ___ = self.request(
            'Admin', 'POST', '/validation',
            doc=False,
            params={
                'typedParam1': '1',
                'typedParam2': '2',
                'typedParam3': '3',
                'typedParam4': '4'
            }
        )
        # type complex is dict
        self.assertEqual(type(result['typedParam1']), dict)
        self.assertEqual(type(result['typedParam2']), float)
        self.assertEqual(type(result['typedParam3']), float)
        self.assertEqual(type(result['typedParam4']), dict)

        self.request(
            'Admin', 'POST', '/validation',
            doc=False,
            params={'typedParam1': 'not_convertible'},
            expected_status=400
        )
Ejemplo n.º 6
0
    def test_validation_requires(self):
        # Test `requires`
        # role -> All
        self.wsgi_app.jwt_token = DummyIdentity().dump().decode()

        result, ___ = self.request('All', 'POST', '/validation', doc=False,
                                   params={'requiresParamForAll': 'param'})
        self.assertIn('requiresParamForAll', result)

        result, ___ = self.request(
            'All', 'POST', '/validation', doc=False,
            params={
                'customParam': 'param',
                'requiresParamForAll': 'param',
            }
        )
        self.assertIn('customParam', result)
        self.assertIn('requiresParamForAll', result)

        self.request('All', 'POST', '/validation', doc=False, expected_status=400)

        self.request('All', 'POST', '/validation', doc=False, params={'customParam': 'param'},
                     expected_status=400)

        self.request('All', 'POST', '/validation', doc=False, params={'requiresParamForClient': 'param'},
                     expected_status=400)

        # -----------------------------
        # role -> Client
        self.wsgi_app.jwt_token = DummyIdentity('client').dump().decode()
        result, ___ = self.request(
            'Client', 'POST', '/validation', doc=False,
            params={
                'requiresParamForAll': 'param',
                'requiresParamForClient': 'param',
            }
        )
        self.assertIn('requiresParamForAll', result)
        self.assertIn('requiresParamForClient', result)

        result, ___ = self.request(
            'Client', 'POST', '/validation', doc=False,
            params={
                'customParam': 'param',
                'requiresParamForAll': 'param',
                'requiresParamForClient': 'param',
            }
        )
        self.assertIn('customParam', result)
        self.assertIn('requiresParamForAll', result)
        self.assertIn('requiresParamForClient', result)

        self.request('Client', 'POST', '/validation', doc=False, expected_status=400)

        self.request('Client', 'POST', '/validation', doc=False, params={'customParam': 'param'},
                     expected_status=400)

        self.request('Client', 'POST', '/validation', doc=False, params={'requiresParamForAll': 'param'},
                     expected_status=400)

        self.request('Client', 'POST', '/validation', doc=False, params={
            'requiresParamForClient':
                'param',
        }, expected_status=400)
        # -----------------------------
        # role -> Admin
        self.wsgi_app.jwt_token = DummyIdentity('admin').dump().decode()
        result, ___ = self.request('Admin', 'POST', '/validation', doc=False, params={
            'requiresParamForAll': 'param',
            'requiresParamForAdmin': 'param',
        })
        self.assertIn('requiresParamForAll', result)
        self.assertIn('requiresParamForAdmin', result)
        result, ___ = self.request(
            'Admin', 'POST', '/validation', doc=False,
            params={
                'customParam': 'param',
                'requiresParamForAll': 'param',
                'requiresParamForAdmin': 'param',
            }
        )
        self.assertIn('customParam', result)
        self.assertIn('requiresParamForAll', result)
        self.assertIn('requiresParamForAdmin', result)

        self.request('Admin', 'POST', '/validation', doc=False, expected_status=400)

        self.request('Admin', 'POST', '/validation', doc=False, params={'customParam': 'param'},
                     expected_status=400)

        self.request(
            'Admin', 'POST', '/validation', doc=False,
            params={
                'requiresParamForAll': 'param',
                'requiresParamForClient': 'param',
            },
            expected_status=400
        )

        self.request('Admin', 'POST', '/validation', doc=False, params={'requiresParamForAdmin': 'param'},
                     expected_status=400)
Ejemplo n.º 7
0
    def test_validation_exact(self):
        # Test `exact`
        # role -> All
        self.wsgi_app.jwt_token = DummyIdentity().dump().decode()
        result, ___ = self.request('All',
                                   'POST',
                                   '/validation',
                                   doc=False,
                                   params={'exactParamForAll': 'param'})
        self.request('All',
                     'POST',
                     '/validation',
                     doc=False,
                     expected_status=400)
        self.request('All',
                     'POST',
                     '/validation',
                     doc=False,
                     params={
                         'exactParamForAll': 'param',
                         'exactParamForCustom': 'param',
                     },
                     expected_status=400)
        self.request('All',
                     'POST',
                     '/validation',
                     doc=False,
                     params={'exactParamForCustom': 'param'},
                     expected_status=400)
        self.assertIn('exactParamForAll', result)
        self.request('All',
                     'POST',
                     '/validation',
                     doc=False,
                     params={
                         'exactParamForAll': 'param',
                         'exactParamForClient': 'param',
                     },
                     expected_status=400)
        # -----------------------------
        # role -> Client
        self.wsgi_app.jwt_token = DummyIdentity('client').dump().decode()

        result, ___ = self.request('Client',
                                   'POST',
                                   '/validation',
                                   doc=False,
                                   params={
                                       'exactParamForAll': 'param',
                                       'exactParamForClient': 'param',
                                   })
        self.assertIn('exactParamForClient', result)
        self.assertIn('exactParamForAll', result)

        self.request('Client',
                     'POST',
                     '/validation',
                     doc=False,
                     params={
                         'exactParamForAll': 'param',
                         'exactParamForClient': 'param',
                         'exactParamForAdmin': 'param',
                     },
                     expected_status=400)

        # -----------------------------
        # role -> Admin
        self.wsgi_app.jwt_token = DummyIdentity('admin').dump().decode()

        result, ___ = self.request('Admin',
                                   'POST',
                                   '/validation',
                                   doc=False,
                                   params={
                                       'exactParamForAll': 'param',
                                       'exactParamForAdmin': 'param',
                                   })
        self.assertIn('exactParamForAdmin', result)
        self.assertIn('exactParamForAll', result)

        self.request('Admin',
                     'POST',
                     '/validation',
                     doc=False,
                     params={
                         'exactParamForAll': 'param',
                         'exactParamForClient': 'param',
                         'exactParamForAdmin': 'param',
                     },
                     expected_status=400)

        # ------------------------------------------------------------

        # Test query string
        self.wsgi_app.jwt_token = DummyIdentity('admin').dump().decode()
        result, ___ = self.request('Admin',
                                   'POST',
                                   '/validation',
                                   doc=False,
                                   query_string={
                                       'exactParamForAll': 'param',
                                   },
                                   params={
                                       'exactParamForAdmin': 'param',
                                   })
        self.assertIn('exactParamForAdmin', result)
        self.assertIn('exactParamForAll', result)

        self.request('Admin',
                     'POST',
                     '/validation',
                     doc=False,
                     query_string={
                         'exactParamForAll': 'param',
                         'exactParamForClient': 'param',
                     },
                     params={'exactParamForAdmin': 'param'},
                     expected_status=400)
Ejemplo n.º 8
0
 def test_validation_blacklist(self):
     # Test `blacklist`
     # role -> All
     self.wsgi_app.jwt_token = DummyIdentity().dump().decode()
     self.request('All', 'POST', '/validation', doc=False)
     self.request('All',
                  'POST',
                  '/validation',
                  doc=False,
                  params={'customParam': 'param'})
     self.request('All',
                  'POST',
                  '/validation',
                  doc=False,
                  params={'blacklistParamForAll': 'param'},
                  expected_status=400)
     self.request('All',
                  'POST',
                  '/validation',
                  doc=False,
                  params={'blacklistParamForClient': 'param'})
     self.request('All',
                  'POST',
                  '/validation',
                  doc=False,
                  params={'blacklistParamForAdmin': 'param'})
     # -----------------------------
     # role -> Client
     self.wsgi_app.jwt_token = DummyIdentity('client').dump().decode()
     self.request('Client', 'POST', '/validation', doc=False)
     self.request('Client',
                  'POST',
                  '/validation',
                  doc=False,
                  params={'customParam': 'param'})
     self.request('Client',
                  'POST',
                  '/validation',
                  doc=False,
                  params={'blacklistParamForAll': 'param'},
                  expected_status=400)
     self.request('Client',
                  'POST',
                  '/validation',
                  doc=False,
                  params={'blacklistParamForClient': 'param'},
                  expected_status=400)
     self.request('Client',
                  'POST',
                  '/validation',
                  doc=False,
                  params={'blacklistParamForAdmin': 'param'})
     # -----------------------------
     # role -> Admin
     self.wsgi_app.jwt_token = DummyIdentity('admin').dump().decode()
     self.request('Admin', 'POST', '/validation', doc=False)
     self.request('Admin',
                  'POST',
                  '/validation',
                  doc=False,
                  params={'customParam': 'param'})
     self.request('Admin',
                  'POST',
                  '/validation',
                  doc=False,
                  params={'blacklistParamForAll': 'param'},
                  expected_status=400)
     self.request('Admin',
                  'POST',
                  '/validation',
                  doc=False,
                  params={'blacklistParamForClient': 'param'})
     self.request('Admin',
                  'POST',
                  '/validation',
                  doc=False,
                  params={'blacklistParamForAdmin': 'param'},
                  expected_status=400)