def testContentTypeTokenGeneratorCreatesEquivalentAppTokens(self):
self.assertEqual(
len(
self.token_generator.generate(
scope.access_app("access_tokens"))),
len(
basic_token_generator.generate(
scope.access_app("access_tokens"))),
)
def testKitchenSink(self):
# Access specific models using a global read token.
self.assertScopeValid(
scope.access_obj(self.obj, "read") + scope.access_obj(self.obj2, "read"),
scope.access_all("read"),
)
# Then fail it by asking for a new permission.
self.assertScopeInvalid(
scope.access_obj(self.obj, "read", "write") + scope.access_obj(self.obj2, "read"),
scope.access_all("read"),
)
# Access specific objects using a specific read and write token.
self.assertScopeValid(
scope.access_obj(self.obj, "read", "write") + scope.access_obj(self.obj2, "read", "write"),
scope.access_model(TestModel, "read", "write") + scope.access_model(TestModel2, "read", "write"),
)
# Then fail it because access wasn't granted to the second model.
self.assertScopeInvalid(
scope.access_obj(self.obj, "read", "write") + scope.access_obj(self.obj2, "read", "write"),
scope.access_model(TestModel, "read", "write"),
)
# Then give it back with a token for the whole app.
self.assertScopeValid(
scope.access_obj(self.obj, "read", "write") + scope.access_obj(self.obj2, "read", "write"),
scope.access_model(TestModel, "read", "write") + scope.access_app("access_tokens", "read", "write"),
)
# Finally, give read access to everything, write access to a specific model, and it should work.
self.assertScopeValid(
scope.access_obj(self.obj, "read", "write"),
scope.access_model(self.obj, "write") + scope.access_all("read"),
)
def index(request):
_application = request.GET['app']
_scope = request.GET['scope']
# Generate an access token for a scope permission on a given app.
publish_app_token = tokens.generate(scope.access_app(_application,
_scope), )
return HttpResponse('Your token is:' + publish_app_token)
def generate_access_token(**kwargs):
try:
m = hashlib.md5()
m.update(json.dumps(kwargs, cls=ExtendedJsonEncoder).encode('utf-8'))
salt = m.hexdigest()
access_token = tokens.generate(scope.access_app(
"access_tokens", "publish"),
key=settings.SECRET_KEY,
salt=salt)
return base64.b64encode(
(salt + access_token).encode('ascii')).decode('ascii')
except:
raise BaseAPIException()
def verify_access_token(access_token):
try:
decode_access_token = base64.b64decode(access_token).decode('utf-8')
salt = decode_access_token[:32]
access_token = decode_access_token[32:]
is_valid = tokens.validate(
access_token,
scope.access_app("access_tokens", "publish"),
key=settings.SECRET_KEY,
salt=salt,
max_age=settings.ACCESS_TOKEN_EXPIRE_INTERVAL)
except:
is_valid = False
return is_valid
def findWifiPoints(request):
_key = request.GET['key']
_loc_lat = Decimal(request.GET['lat'])
_loc_long = Decimal(request.GET['long'])
# validate the key first
bValidated = tokens.validate(
_key,
scope.access_app(os.environ['APP_NAME'], os.environ['SCOPE']),
)
if bValidated == False:
# return an error response
result = dict(Reason='Permission denied!')
response = dict(Status='failure', Response=result)
return JsonResponse(response)
# validate the supplied params
latitudeCheck = StaticUtils.isLatitudeValid(_loc_lat)
if latitudeCheck == False:
# return an error response
result = dict(Reason='Lattitude is invalid!')
response = dict(Status='Failure', Response=result)
return JsonResponse(response)
longitudeCheck = StaticUtils.isLongitudeValid(_loc_long)
if longitudeCheck == False:
# return an error response
result = dict(Reason='Longitude is invalid!')
response = dict(Status='Failure', Response=result)
return JsonResponse(response)
# get the distance from the origin
_dest_to_orig = StaticUtils.getDistanceToOrigin(_loc_lat, _loc_long)
# get all of the nearby wifi data points
objs = StaticUtils.getWifiPointsNearLocation(_loc_lat, _loc_long,
_dest_to_orig)
# prepare the response
result = dict(Length=len(objs),
WifiPoints=list(
objs.values('wifiName', 'password', 'loc_lat',
'loc_long')))
response = dict(Staus='success', Response=result)
return JsonResponse(response)
def testKitchenSink(self):
# Access specific models using a global read token.
self.assertScopeValid(
scope.access_obj(self.obj, "read") +
scope.access_obj(self.obj2, "read"),
scope.access_all("read"),
)
# Then fail it by asking for a new permission.
self.assertScopeInvalid(
scope.access_obj(self.obj, "read", "write") +
scope.access_obj(self.obj2, "read"),
scope.access_all("read"),
)
# Access specific objects using a specific read and write token.
self.assertScopeValid(
scope.access_obj(self.obj, "read", "write") +
scope.access_obj(self.obj2, "read", "write"),
scope.access_model(TestModel, "read", "write") +
scope.access_model(TestModel2, "read", "write"),
)
# Then fail it because access wasn't granted to the second model.
self.assertScopeInvalid(
scope.access_obj(self.obj, "read", "write") +
scope.access_obj(self.obj2, "read", "write"),
scope.access_model(TestModel, "read", "write"),
)
# Then give it back with a token for the whole app.
self.assertScopeValid(
scope.access_obj(self.obj, "read", "write") +
scope.access_obj(self.obj2, "read", "write"),
scope.access_model(TestModel, "read", "write") +
scope.access_app("access_tokens", "read", "write"),
)
# Finally, give read access to everything, write access to a specific model, and it should work.
self.assertScopeValid(
scope.access_obj(self.obj, "read", "write"),
scope.access_model(self.obj, "write") + scope.access_all("read"),
)
def addNewWifi(request):
_key = request.GET['key']
_wifi_name = request.GET['name']
_password = request.GET['pwd']
_loc_lat = Decimal(request.GET['lat'])
_loc_long = Decimal(request.GET['long'])
# validate the key first
bValidated = tokens.validate(
_key,
scope.access_app(os.environ['APP_NAME'], os.environ['SCOPE']),
)
if bValidated == False:
# return an error response
result = dict(Reason='Permission denied!')
response = dict(Status='failure', Response=result)
return JsonResponse(response)
# validate the supplied params
latitudeCheck = StaticUtils.isLatitudeValid(_loc_lat)
if latitudeCheck == False:
# return an error response
result = dict(Reason='Lattitude is invalid!')
response = dict(Status='failure', Response=result)
return JsonResponse(response)
longitudeCheck = StaticUtils.isLongitudeValid(_loc_long)
if longitudeCheck == False:
# return an error response
result = dict(Reason='Longitude is invalid!')
response = dict(Status='failure', Response=result)
return JsonResponse(response)
# get the distance from the origin
_dest_to_orig = StaticUtils.getDistanceToOrigin(_loc_lat, _loc_long)
# get all of the nearby wifi data points
objs = StaticUtils.getWifiPointsNearLocation(_loc_lat, _loc_long,
_dest_to_orig)
# decide if a duplicate wifi point exists in the area
bWifiPointExists = False
if objs:
for wifiPoint in objs:
if (wifiPoint.wifiName == _wifi_name) and (wifiPoint.password
== _password):
bWifiPointExists = True
if bWifiPointExists == True:
result = dict(Reason='WifiPoint already exits!')
response = dict(Status='failure', Response=result)
#response = 'Wifi ' + _wifi_name + ' with password ' + _password + ' at location (' + str(_loc_lat) + ',' + str(_loc_long) + ') and dist ' + str(_dest_to_orig) + ' already exists!'
else:
obj = WifiPoint(wifiName=_wifi_name,
password=_password,
loc_lat=_loc_lat,
loc_long=_loc_long,
dest_to_orig=_dest_to_orig)
obj.save()
result = dict(Reason='WifiPoint added')
response = dict(Status='success', Response=result)
#response = 'Wifi ' + _wifi_name + ' with password ' + _password + ' at location (' + str(_loc_lat) + ',' + str(_loc_long) + ') and dist ' + str(_dest_to_orig) + ' was added!'
return JsonResponse(response)
def testContentTypeTokenGeneratorCreatesEquivalentAppTokens(self):
self.assertEqual(
len(self.token_generator.generate(scope.access_app("access_tokens"))),
len(basic_token_generator.generate(scope.access_app("access_tokens"))),
)
def testScopeModelGrants(self):
# Ask for no access.
self.assertScopeValid(
(),
scope.access_all("read"),
)
self.assertScopeValid(
(),
scope.access_app("access_tokens", "read"),
)
self.assertScopeValid(
(),
scope.access_model(TestModel, "read"),
)
self.assertScopeValid(
(),
scope.access_obj(self.obj, "read"),
)
self.assertScopeValid(
(),
(),
)
# Ask for access, but no permissions
self.assertScopeValid(
scope.access_all(),
scope.access_all("read"),
)
self.assertScopeValid(
scope.access_all(),
scope.access_app("access_tokens", "read"),
)
self.assertScopeValid(
scope.access_all(),
scope.access_model(TestModel, "read"),
)
self.assertScopeValid(
scope.access_all(),
scope.access_obj(self.obj, "read"),
)
self.assertScopeValid(
scope.access_all(),
(),
)
# Ask for obj access.
self.assertScopeValid(
scope.access_obj(self.obj, "read"),
scope.access_all("read"),
)
self.assertScopeValid(
scope.access_obj(self.obj, "read"),
scope.access_app("access_tokens", "read"),
)
self.assertScopeValid(
scope.access_obj(self.obj, "read"),
scope.access_model(TestModel, "read"),
)
self.assertScopeValid(
scope.access_obj(self.obj, "read"),
scope.access_obj(self.obj, "read"),
)
self.assertScopeInvalid(
scope.access_obj(self.obj, "read"),
(),
)
# Ask for model access.
self.assertScopeValid(
scope.access_model(TestModel, "read"),
scope.access_all("read"),
)
self.assertScopeValid(
scope.access_model(TestModel, "read"),
scope.access_app("access_tokens", "read"),
)
self.assertScopeValid(
scope.access_model(TestModel, "read"),
scope.access_model(TestModel, "read"),
)
self.assertScopeInvalid(
scope.access_model(TestModel, "read"),
scope.access_obj(self.obj, "read"),
)
self.assertScopeInvalid(
scope.access_model(TestModel, "read"),
(),
)
# Ask for app access.
self.assertScopeValid(
scope.access_app("access_tokens", "read"),
scope.access_all("read"),
)
self.assertScopeValid(
scope.access_app("access_tokens", "read"),
scope.access_app("access_tokens", "read"),
)
self.assertScopeInvalid(
scope.access_app("access_tokens", "read"),
scope.access_model(TestModel, "read"),
)
self.assertScopeInvalid(
scope.access_app("access_tokens", "read"),
scope.access_obj(self.obj, "read"),
)
self.assertScopeInvalid(
scope.access_app("access_tokens", "read"),
(),
)
# Ask for global access.
self.assertScopeValid(
scope.access_all("read"),
scope.access_all("read"),
)
self.assertScopeInvalid(
scope.access_all("read"),
scope.access_app("access_tokens", "read"),
)
self.assertScopeInvalid(
scope.access_all("read"),
scope.access_model(TestModel, "read"),
)
self.assertScopeInvalid(
scope.access_all("read"),
scope.access_obj(self.obj, "read"),
)
self.assertScopeInvalid(
scope.access_all("read"),
(),
)
def testScopeModelGrants(self):
# Ask for no access.
self.assertScopeValid(
(),
scope.access_all("read"),
)
self.assertScopeValid(
(),
scope.access_app("access_tokens", "read"),
)
self.assertScopeValid(
(),
scope.access_model(TestModel, "read"),
)
self.assertScopeValid(
(),
scope.access_obj(self.obj, "read"),
)
self.assertScopeValid(
(),
(),
)
# Ask for access, but no permissions
self.assertScopeValid(
scope.access_all(),
scope.access_all("read"),
)
self.assertScopeValid(
scope.access_all(),
scope.access_app("access_tokens", "read"),
)
self.assertScopeValid(
scope.access_all(),
scope.access_model(TestModel, "read"),
)
self.assertScopeValid(
scope.access_all(),
scope.access_obj(self.obj, "read"),
)
self.assertScopeValid(
scope.access_all(),
(),
)
# Ask for obj access.
self.assertScopeValid(
scope.access_obj(self.obj, "read"),
scope.access_all("read"),
)
self.assertScopeValid(
scope.access_obj(self.obj, "read"),
scope.access_app("access_tokens", "read"),
)
self.assertScopeValid(
scope.access_obj(self.obj, "read"),
scope.access_model(TestModel, "read"),
)
self.assertScopeValid(
scope.access_obj(self.obj, "read"),
scope.access_obj(self.obj, "read"),
)
self.assertScopeInvalid(
scope.access_obj(self.obj, "read"),
(),
)
# Ask for model access.
self.assertScopeValid(
scope.access_model(TestModel, "read"),
scope.access_all("read"),
)
self.assertScopeValid(
scope.access_model(TestModel, "read"),
scope.access_app("access_tokens", "read"),
)
self.assertScopeValid(
scope.access_model(TestModel, "read"),
scope.access_model(TestModel, "read"),
)
self.assertScopeInvalid(
scope.access_model(TestModel, "read"),
scope.access_obj(self.obj, "read"),
)
self.assertScopeInvalid(
scope.access_model(TestModel, "read"),
(),
)
# Ask for app access.
self.assertScopeValid(
scope.access_app("access_tokens", "read"),
scope.access_all("read"),
)
self.assertScopeValid(
scope.access_app("access_tokens", "read"),
scope.access_app("access_tokens", "read"),
)
self.assertScopeInvalid(
scope.access_app("access_tokens", "read"),
scope.access_model(TestModel, "read"),
)
self.assertScopeInvalid(
scope.access_app("access_tokens", "read"),
scope.access_obj(self.obj, "read"),
)
self.assertScopeInvalid(
scope.access_app("access_tokens", "read"),
(),
)
# Ask for global access.
self.assertScopeValid(
scope.access_all("read"),
scope.access_all("read"),
)
self.assertScopeInvalid(
scope.access_all("read"),
scope.access_app("access_tokens", "read"),
)
self.assertScopeInvalid(
scope.access_all("read"),
scope.access_model(TestModel, "read"),
)
self.assertScopeInvalid(
scope.access_all("read"),
scope.access_obj(self.obj, "read"),
)
self.assertScopeInvalid(
scope.access_all("read"),
(),
)