def test_most_specific_permission_takes_priority_when_true(self): c = dragonchain_sdk.create_client(auth_key=PERMISSION_TESTING_KEY, auth_key_id=PERMISSION_TESTING_KEY_ID) # Arbitrarily picked get_transaction for testing this generic behavior setup = self.client.update_api_key( PERMISSION_TESTING_KEY_ID, permissions_document={"version": "1", "default_allow": False, "permissions": {"allow_read": True}} ) self.assertTrue(setup.get("ok"), setup) response = c.get_transaction("blah") self.assertNotEqual(response.get("status"), 403, response) setup = self.client.update_api_key( PERMISSION_TESTING_KEY_ID, permissions_document={"version": "1", "default_allow": False, "permissions": {"allow_read": False, "transactions": {"allow_read": True}}}, ) self.assertTrue(setup.get("ok"), setup) response = c.get_transaction("blah") self.assertNotEqual(response.get("status"), 403, response) setup = self.client.update_api_key( PERMISSION_TESTING_KEY_ID, permissions_document={ "version": "1", "default_allow": False, "permissions": {"allow_read": False, "transactions": {"allow_read": False, "get_transaction": {"allowed": True}}}, }, ) self.assertTrue(setup.get("ok"), setup) response = c.get_transaction("blah") self.assertNotEqual(response.get("status"), 403, response)
def default_allow_true_allows_all_functions(self): setup = self.client.update_api_key(PERMISSION_TESTING_KEY_ID, permissions_document={"version": "1", "default_allow": True, "permissions": {}}) self.assertTrue(setup.get("ok"), setup) c = dragonchain_sdk.create_client(auth_key=PERMISSION_TESTING_KEY, auth_key_id=PERMISSION_TESTING_KEY_ID) for method in all_client_functions: method = dict(method) response = getattr(c, method["fn"])(*method["params"]) self.assertNotEqual(response.get("status"), 403, method)
def test_individual_endpoints_allow_false_works_when_default_true(self): c = dragonchain_sdk.create_client(auth_key=PERMISSION_TESTING_KEY, auth_key_id=PERMISSION_TESTING_KEY_ID) for method in all_client_functions: method = dict(method) setup = self.client.update_api_key( PERMISSION_TESTING_KEY_ID, permissions_document={ "version": "1", "default_allow": True, "permissions": {method["permission_group"]: {method["permission_name"]: {"allowed": False}}}, }, ) self.assertTrue(setup.get("ok"), setup) response = getattr(c, method["fn"])(*method["params"]) self.assertEqual(response.get("status"), 403, method)
async def create_aio_client(*args: Any, **kwargs: Any) -> "dragonchain_client.Client": """Construct a new async ``Client`` object Args: Refer to dragonchain_sdk.create_client for arguments Returns: A new Dragonchain client which makes async requests. """ client = dragonchain_sdk.create_client(*args, **kwargs) # Change out the client's request internals to become async-capable with aiohttp client.request.session = aiohttp.ClientSession(loop=asyncio.get_event_loop()) client.request._make_request = types.MethodType(_make_request, client.request) # type: ignore # Add close function to the client for aiohttp cleanup client.close = types.MethodType(client_close, client) # type: ignore return client
def global_allow_delete_works_with_all_delete_functions(self): c = dragonchain_sdk.create_client(auth_key=PERMISSION_TESTING_KEY, auth_key_id=PERMISSION_TESTING_KEY_ID) # Check default true, allow false setup = self.client.update_api_key( PERMISSION_TESTING_KEY_ID, permissions_document={"version": "1", "default_allow": True, "permissions": {"allow_delete": False}} ) self.assertTrue(setup.get("ok"), setup) methods = get_permission_type_functions("delete") for method in methods: method = dict(method) response = getattr(c, method["fn"])(*method["params"]) self.assertEqual(response.get("status"), 403, method) # Check default false, allow true setup = self.client.update_api_key( PERMISSION_TESTING_KEY_ID, permissions_document={"version": "1", "default_allow": False, "permissions": {"allow_delete": True}} ) self.assertTrue(setup.get("ok"), setup) for method in methods: method = dict(method) response = getattr(c, method["fn"])(*method["params"]) self.assertNotEqual(response.get("status"), 403, method)
def test_custom_create_transaction_permissions(self): c = dragonchain_sdk.create_client(auth_key=PERMISSION_TESTING_KEY, auth_key_id=PERMISSION_TESTING_KEY_ID) # Test blacklist permissioning setup = self.client.update_api_key( PERMISSION_TESTING_KEY_ID, permissions_document={ "version": "1", "default_allow": False, "permissions": {"transactions": {"create_transaction": {"allowed": True, "transaction_types": {"banana": False}}}}, }, ) self.assertTrue(setup.get("ok"), setup) # Check with single not allowed transaction response = c.create_transaction("banana", "payload") self.assertEqual(response.get("status"), 403, response) # Check with single allowed transaction response = c.create_transaction("notbanana", "payload") self.assertNotEqual(response.get("status"), 403, response) # Check bulk with allowed/not allowed mix response = c.create_bulk_transaction( [{"transaction_type": "banana", "payload": "payload"}, {"transaction_type": "notbanana", "payload": "payload"}] ) self.assertEqual(response.get("status"), 403, response) # Check bulk with only not allowed transactions response = c.create_bulk_transaction( [{"transaction_type": "banana", "payload": "payload"}, {"transaction_type": "banana", "payload": "payload"}] ) self.assertEqual(response.get("status"), 403, response) # Check bulk with only allowed transactions response = c.create_bulk_transaction( [{"transaction_type": "notbanana", "payload": "payload"}, {"transaction_type": "notbanana", "payload": "payload"}] ) self.assertNotEqual(response.get("status"), 403, response) # Test whitelist permissioning setup = self.client.update_api_key( PERMISSION_TESTING_KEY_ID, permissions_document={ "version": "1", "default_allow": False, "permissions": {"transactions": {"create_transaction": {"allowed": False, "transaction_types": {"banana": True}}}}, }, ) self.assertTrue(setup.get("ok"), setup) # Check with single allowed transaction response = c.create_transaction("banana", "payload") self.assertNotEqual(response.get("status"), 403, response) # Check with single not allowed transaction response = c.create_transaction("notbanana", "payload") self.assertEqual(response.get("status"), 403, response) # Check bulk with allowed/not allowed mix response = c.create_bulk_transaction( [{"transaction_type": "banana", "payload": "payload"}, {"transaction_type": "notbanana", "payload": "payload"}] ) self.assertEqual(response.get("status"), 403, response) # Check bulk with only allowed transactions response = c.create_bulk_transaction( [{"transaction_type": "banana", "payload": "payload"}, {"transaction_type": "banana", "payload": "payload"}] ) self.assertNotEqual(response.get("status"), 403, response) # Check bulk with only not allowed transactions response = c.create_bulk_transaction( [{"transaction_type": "notbanana", "payload": "payload"}, {"transaction_type": "notbanana", "payload": "payload"}] ) self.assertEqual(response.get("status"), 403, response)
def default_permissions_denies_create_update_delete_api_keys(self): c = dragonchain_sdk.create_client(auth_key=PERMISSION_TESTING_KEY, auth_key_id=PERMISSION_TESTING_KEY_ID) self.assertEqual(c.create_api_key(), default_action_forbidden_response("create_api_key")) self.assertEqual(c.update_api_key("whatever"), default_action_forbidden_response("update_api_key")) self.assertEqual(c.delete_api_key("whatever"), default_action_forbidden_response("delete_api_key"))
def setUp(self): self.client = dragonchain_sdk.create_client()
def setUp(self): self.client = dragonchain_sdk.create_client() self.maxDiff = None # allows max display of diffs in test logs
def setUp(self): self.client = dragonchain_sdk.create_client() self.maxDiff = 3000