def get_access(need_privileged_access=False, job_type=None, fuzzer_name=None):
"""Return 'allowed', 'redirected', or 'failed'."""
if auth.is_current_user_admin():
return UserAccess.Allowed
user = auth.get_current_user()
if not user:
return UserAccess.Redirected
email = user.email
if _is_blacklisted_user(email):
return UserAccess.Denied
if _is_privileged_user(email):
return UserAccess.Allowed
if job_type and external_users.is_job_allowed_for_user(email, job_type):
return UserAccess.Allowed
if (fuzzer_name
and external_users.is_fuzzer_allowed_for_user(email, fuzzer_name)):
return UserAccess.Allowed
if not need_privileged_access and _is_domain_allowed(email):
return UserAccess.Allowed
return UserAccess.Denied
def test_is_job_allowed_for_user(self):
"""is_job_allowed_for_user tests."""
self.assertTrue(
external_users.is_job_allowed_for_user('*****@*****.**', 'job'))
self.assertTrue(
external_users.is_job_allowed_for_user('*****@*****.**', 'job'))
self.assertTrue(
external_users.is_job_allowed_for_user('*****@*****.**', 'job'))
self.assertFalse(
external_users.is_job_allowed_for_user('*****@*****.**', 'job'))
self.assertTrue(
external_users.is_job_allowed_for_user('*****@*****.**',
'job2'))
self.assertTrue(
external_users.is_job_allowed_for_user('*****@*****.**',
'job2'))
self.assertFalse(
external_users.is_job_allowed_for_user('*****@*****.**', 'job2'))
def test_is_job_allowed_for_user(self):
"""is_job_allowed_for_user tests."""
self.assertTrue(
external_users.is_job_allowed_for_user("*****@*****.**", "job"))
self.assertTrue(
external_users.is_job_allowed_for_user("*****@*****.**", "job"))
self.assertTrue(
external_users.is_job_allowed_for_user("*****@*****.**", "job"))
self.assertFalse(
external_users.is_job_allowed_for_user("*****@*****.**", "job"))
self.assertTrue(
external_users.is_job_allowed_for_user("*****@*****.**",
"job2"))
self.assertTrue(
external_users.is_job_allowed_for_user("*****@*****.**",
"job2"))
self.assertFalse(
external_users.is_job_allowed_for_user("*****@*****.**", "job2"))