def guardResource(resource, checkers, callback=parentRedirect, errback=None,
nonauthenticated=None):
myPortal = portal.Portal(MarkingRealm(resource, nonauthenticated))
for checker in checkers+[checkerslib.AllowAnonymousAccess()]:
myPortal.registerChecker(checker)
un = guard.UsernamePasswordWrapper(myPortal,
callback=callback, errback=errback)
return guard.SessionWrapper(un)
def adminWrapper(data):
"""Ties it together"""
p = Portal(AdminRealm(data)) # found in twisted.cred.Portal
p.registerChecker(AllowAnonymousAccess(), IAnonymous)
p.registerChecker(data.players, IUsernamePassword)
upw = guard.UsernamePasswordWrapper(p, callback=dumbRedirect)
r = guard.SessionWrapper(upw)
r.sessionLifetime = 12 * 3600
return r
def testSessionInit(self):
sessWrapped = static.Data("you should never see this", "text/plain")
swChild = static.Data("NO", "text/plain")
sessWrapped.putChild("yyy", swChild)
swrap = guard.SessionWrapper(sessWrapped)
da = static.Data("b", "text/plain")
da.putChild("xxx", swrap)
st = FakeSite(da)
chan = FakeHTTPChannel()
chan.site = st
# first we're going to make sure that the session doesn't get set by
# accident when browsing without first explicitly initializing the
# session
req = FakeHTTPRequest(chan, queued=0)
req.requestReceived("GET", "/xxx/yyy", "1.0")
assert len(req._cookieCache.values()) == 0, req._cookieCache.values()
self.assertEquals(req.getSession(), None)
# now we're going to make sure that the redirect and cookie are properly set
req = FakeHTTPRequest(chan, queued=0)
req.requestReceived("GET", "/xxx/" + guard.INIT_SESSION, "1.0")
ccv = req._cookieCache.values()
self.assertEquals(len(ccv), 1)
cookie = ccv[0]
# redirect set?
self.failUnless(req.headers.has_key('location'))
# redirect matches cookie?
self.assertEquals(req.headers['location'].split('/')[-1],
guard.SESSION_KEY + cookie)
# URL is correct?
self.assertEquals(req.headers['location'],
'http://fake.com/xxx/' + guard.SESSION_KEY + cookie)
oldreq = req
# now let's try with a request for the session-cookie URL that has a cookie set
url = "/" + (oldreq.headers['location'].split('http://fake.com/',
1))[1]
req = chan.makeFakeRequest(url)
self.assertEquals(req.headers['location'].split('?')[0],
'http://fake.com/xxx/')
for sz in swrap.sessions.values():
sz.expire()
def testPerspectiveInit(self):
# TODO: this is an awful lot of crap to have to import / do in order to
# create a functional authentication system. Cut down on it.
from twisted.internet.app import MultiService
ms = MultiService("hello")
from twisted.cred.authorizer import DefaultAuthorizer
auth = DefaultAuthorizer(ms)
from twisted.cred.service import Service
svc = Service("test_service", ms, auth)
myp = svc.createPerspective("test")
myp.makeIdentity("test")
sessWrapped = static.Data("you should never see this", "text/plain")
swChild = static.Data("NO", "text/plain")
sessWrapped.putChild("yyy",swChild)
da = static.Data("b","text/plain")
q = static.Data("you should never see this either", "text/plain")
q.putChild("yyy", static.Data("YES", "text/plain"))
authFactory = lambda p, q=q: q
pwrap = guard.PerspectiveWrapper(svc, sessWrapped, authFactory)
swrap = guard.SessionWrapper(pwrap)
da.putChild("xxx", swrap)
st = FakeSite(da)
chan = FakeHTTPChannel()
chan.site = st
req = chan.makeFakeRequest("/xxx/"+guard.INIT_SESSION+"/yyy")
req = chan.makeFakeRequest("/xxx/yyy")
self.assertEquals(req.written.getvalue(),"NO")
req = chan.makeFakeRequest("/xxx/"+guard.INIT_PERSPECTIVE+
"?identity=test&password=tenxt")
assert not req.session.services.values()
req = chan.makeFakeRequest("/xxx/"+guard.INIT_PERSPECTIVE+
"?identity=test&password=test")
self.assertEquals(req.session.services.values()[0][0], myp)
# print req.written.getvalue()
req = chan.makeFakeRequest("/xxx/yyy")
self.assertEquals(req.written.getvalue(), "YES")
# print req.session.services
for sz in swrap.sessions.values():
sz.expire()
