Ejemplo n.º 1
0
    def _validate_acl_update(self, req):
        """
        Validate the request has the necessary headers for a
        storlet ACL update

        :params req: swob.Request instance
        :return: the resulting acl string that hould be added
        :raises HTTPBadRequest: If a header is missing or mulformed
        """
        # Make sure we are not meddling with the storlet containers
        if self.container in self.storlet_containers:
            msg = b'storlet ACL update cannot be a storlet container'
            raise HTTPBadRequest(msg)

        # Make sure the expected headers are supplied
        user_name = req.headers.get("X-Storlet-Container-Read", None)
        storlet_name = req.headers.get("X-Storlet-Name", None)
        if not user_name or not storlet_name:
            msg = b'storlet ACL update request is missing a mandatory header'
            raise HTTPBadRequest(msg)

        # Make sure the resulting acl is valid
        acl_string = '.r:%s' % self._build_acl_string(user_name, storlet_name)
        try:
            clean_acl('X-Container-Read', acl_string)
        except ValueError as e:
            msg = ('storlet ACL update request has invalid values %s'
                   % e.message)
            raise HTTPBadRequest(msg.encode('utf8'))

        # Make sure the resulting acl permits a single entity
        if ',' in acl_string:
            msg = 'storlet ACL update request has ' \
                'mulformed storlet or user name'
            raise HTTPBadRequest(msg.encode('utf8'))

        # The request is valid. Keep the ACL string
        return acl_string
Ejemplo n.º 2
0
    def _validate_acl_update(self, req):
        """
        Validate the request has the necessary headers for a
        storlet ACL update

        :params req: swob.Request instance
        :return: the resulting acl string that hould be added
        :raises HTTPBadRequest: If a header is missing or mulformed
        """
        # Make sure we are not meddling with the storlet containers
        if self.container in self.storlet_containers:
            msg = "storlet ACL update cannot be a storlet container"
            raise HTTPBadRequest(msg)

        # Make sure the expected headers are supplied
        user_name = req.headers.get("X-Storlet-Container-Read", None)
        storlet_name = req.headers.get("X-Storlet-Name", None)
        if not user_name or not storlet_name:
            msg = "storlet ACL update request is missing a mandatory header"
            raise HTTPBadRequest(msg)

        # Make sure the resulting acl is valid
        acl_string = ".r:%s" % self._build_acl_string(user_name, storlet_name)
        try:
            clean_acl("X-Container-Read", acl_string)
        except ValueError as e:
            msg = "storlet ACL update request has invalid values %s" % e.message
            raise HTTPBadRequest(msg)

        # Make sure the resulting acl permits a single entity
        if "," in acl_string:
            msg = "storlet ACL update request has " "mulformed storlet or user name"
            raise HTTPBadRequest(msg)

        # The request is valid. Keep the ACL string
        return acl_string
Ejemplo n.º 3
0
 def test_clean_acl(self):
     value = acl.clean_acl('header', '.r:*')
     self.assertEquals(value, '.r:*')
     value = acl.clean_acl('header', '.r:specific.host')
     self.assertEquals(value, '.r:specific.host')
     value = acl.clean_acl('header', '.r:.ending.with')
     self.assertEquals(value, '.r:.ending.with')
     value = acl.clean_acl('header', '.r:*.ending.with')
     self.assertEquals(value, '.r:.ending.with')
     value = acl.clean_acl('header', '.r:-*.ending.with')
     self.assertEquals(value, '.r:-.ending.with')
     value = acl.clean_acl('header', '.r:one,.r:two')
     self.assertEquals(value, '.r:one,.r:two')
     value = acl.clean_acl('header', '.r:*,.r:-specific.host')
     self.assertEquals(value, '.r:*,.r:-specific.host')
     value = acl.clean_acl('header', '.r:*,.r:-.ending.with')
     self.assertEquals(value, '.r:*,.r:-.ending.with')
     value = acl.clean_acl('header', '.r:one,.r:-two')
     self.assertEquals(value, '.r:one,.r:-two')
     value = acl.clean_acl('header', '.r:one,.r:-two,account,account:user')
     self.assertEquals(value, '.r:one,.r:-two,account,account:user')
     value = acl.clean_acl('header', 'TEST_account')
     self.assertEquals(value, 'TEST_account')
     value = acl.clean_acl('header', '.ref:*')
     self.assertEquals(value, '.r:*')
     value = acl.clean_acl('header', '.referer:*')
     self.assertEquals(value, '.r:*')
     value = acl.clean_acl('header', '.referrer:*')
     self.assertEquals(value, '.r:*')
     value = acl.clean_acl('header',
                           ' .r : one , ,, .r:two , .r : - three ')
     self.assertEquals(value, '.r:one,.r:two,.r:-three')
     self.assertRaises(ValueError, acl.clean_acl, 'header', '.unknown:test')
     self.assertRaises(ValueError, acl.clean_acl, 'header', '.r:')
     self.assertRaises(ValueError, acl.clean_acl, 'header', '.r:*.')
     self.assertRaises(ValueError, acl.clean_acl, 'header', '.r : * . ')
     self.assertRaises(ValueError, acl.clean_acl, 'header', '.r:-*.')
     self.assertRaises(ValueError, acl.clean_acl, 'header', '.r : - * . ')
     self.assertRaises(ValueError, acl.clean_acl, 'header', ' .r : ')
     self.assertRaises(ValueError, acl.clean_acl, 'header', 'user , .r : ')
     self.assertRaises(ValueError, acl.clean_acl, 'header', '.r:-')
     self.assertRaises(ValueError, acl.clean_acl, 'header', ' .r : - ')
     self.assertRaises(ValueError, acl.clean_acl, 'header',
                       'user , .r : - ')
     self.assertRaises(ValueError, acl.clean_acl, 'write-header', '.r:r')
Ejemplo n.º 4
0
 def test_clean_acl(self):
     value = acl.clean_acl('header', '.r:*')
     self.assertEquals(value, '.r:*')
     value = acl.clean_acl('header', '.r:specific.host')
     self.assertEquals(value, '.r:specific.host')
     value = acl.clean_acl('header', '.r:.ending.with')
     self.assertEquals(value, '.r:.ending.with')
     value = acl.clean_acl('header', '.r:*.ending.with')
     self.assertEquals(value, '.r:.ending.with')
     value = acl.clean_acl('header', '.r:-*.ending.with')
     self.assertEquals(value, '.r:-.ending.with')
     value = acl.clean_acl('header', '.r:one,.r:two')
     self.assertEquals(value, '.r:one,.r:two')
     value = acl.clean_acl('header', '.r:*,.r:-specific.host')
     self.assertEquals(value, '.r:*,.r:-specific.host')
     value = acl.clean_acl('header', '.r:*,.r:-.ending.with')
     self.assertEquals(value, '.r:*,.r:-.ending.with')
     value = acl.clean_acl('header', '.r:one,.r:-two')
     self.assertEquals(value, '.r:one,.r:-two')
     value = acl.clean_acl('header', '.r:one,.r:-two,account,account:user')
     self.assertEquals(value, '.r:one,.r:-two,account,account:user')
     value = acl.clean_acl('header', 'TEST_account')
     self.assertEquals(value, 'TEST_account')
     value = acl.clean_acl('header', '.ref:*')
     self.assertEquals(value, '.r:*')
     value = acl.clean_acl('header', '.referer:*')
     self.assertEquals(value, '.r:*')
     value = acl.clean_acl('header', '.referrer:*')
     self.assertEquals(value, '.r:*')
     value = acl.clean_acl('header',
                           ' .r : one , ,, .r:two , .r : - three ')
     self.assertEquals(value, '.r:one,.r:two,.r:-three')
     self.assertRaises(ValueError, acl.clean_acl, 'header', '.unknown:test')
     self.assertRaises(ValueError, acl.clean_acl, 'header', '.r:')
     self.assertRaises(ValueError, acl.clean_acl, 'header', '.r:*.')
     self.assertRaises(ValueError, acl.clean_acl, 'header', '.r : * . ')
     self.assertRaises(ValueError, acl.clean_acl, 'header', '.r:-*.')
     self.assertRaises(ValueError, acl.clean_acl, 'header', '.r : - * . ')
     self.assertRaises(ValueError, acl.clean_acl, 'header', ' .r : ')
     self.assertRaises(ValueError, acl.clean_acl, 'header', 'user , .r : ')
     self.assertRaises(ValueError, acl.clean_acl, 'header', '.r:-')
     self.assertRaises(ValueError, acl.clean_acl, 'header', ' .r : - ')
     self.assertRaises(ValueError, acl.clean_acl, 'header',
                       'user , .r : - ')
     self.assertRaises(ValueError, acl.clean_acl, 'write-header', '.r:r')