def test_get_item_returns_an_authclient(self, pyramid_request): authclient = AuthClient(name='test', authority='example.com') pyramid_request.db.add(authclient) pyramid_request.db.flush() factory = AuthClientRoot(pyramid_request) assert factory[authclient.id] == authclient
def test_getitem_doesnt_grant_non_admins_all_permissions_on_the_AuthClient( self, db_session, factories, permission, pyramid_request ): user = factories.User() auth_client = AuthClient(authority="hypothes.is") db_session.add(auth_client) db_session.flush() auth_policy = pyramid.authorization.ACLAuthorizationPolicy() auth_client = AuthClientRoot(pyramid_request)[auth_client.id] assert not auth_policy.permits( context=auth_client, # Simulate the principals that a real non-admin request would have: lots of # principals but not h.auth.role.Admin. principals=( pyramid.security.Everyone, pyramid.security.Authenticated, h.auth.role.Staff, "group:__world__", "authority:example.com", user.userid, ), permission=permission, )
def test_getitem_grants_admins_all_permissions_on_the_AuthClient( self, db_session, permission, pyramid_request): auth_client = AuthClient(authority="hypothes.is") db_session.add(auth_client) db_session.flush() auth_policy = pyramid.authorization.ACLAuthorizationPolicy() auth_client = AuthClientRoot(pyramid_request)[auth_client.id] assert auth_policy.permits(context=auth_client, principals=(h.auth.role.Admin, ), permission=permission)
def test_getitem_returns_KeyError_if_no_matching_AuthClient_in_DB( self, db_session, pyramid_request): # Add a couple of noise AuthClients to the DB. It should not return these. db_session.add( AuthClient(authority="elifesciences.org", id="c396be08-73bd-11e8-a791-e76551a909f6")) db_session.add( AuthClient(authority="localhost", id="cf482552-73bd-11e8-a791-c37e5c2510d8")) auth_client_root = AuthClientRoot(pyramid_request) with pytest.raises(KeyError): auth_client_root["1d5937d6-73be-11e8-9125-871084ad92cf"]
def test_getitem_returns_the_right_AuthClient(self, db_session, pyramid_request): # Add a couple of noise AuthClients to the DB. It should not return these. db_session.add(AuthClient(authority="elifesciences.org")) db_session.add(AuthClient(authority="localhost")) # The AuthClient that we do expect it to return. expected_auth_client = AuthClient(authority="hypothes.is") db_session.add(expected_auth_client) db_session.flush() auth_client = AuthClientRoot(pyramid_request)[expected_auth_client.id] assert auth_client == expected_auth_client
def test_getitem_returns_KeyError_if_client_id_is_invalid( self, pyramid_request): auth_client_root = AuthClientRoot(pyramid_request) with pytest.raises(KeyError): auth_client_root["this_is_not_a_valid_UUID"]
def test_getitem_returns_KeyError_if_no_AuthClients_in_DB( self, pyramid_request): auth_client_root = AuthClientRoot(pyramid_request) with pytest.raises(KeyError): auth_client_root["1d5937d6-73be-11e8-9125-871084ad92cf"]
def test_get_item_returns_keyerror_if_invalid(self, pyramid_request): factory = AuthClientRoot(pyramid_request) with pytest.raises(KeyError): factory['not-a-uuid']
def test_get_item_returns_keyerror_if_not_found(self, pyramid_request): factory = AuthClientRoot(pyramid_request) with pytest.raises(KeyError): factory['E19D247D-1F07-4E91-B40D-00DF22E693E4']