Exemple #1
0
 def test_compile_keys(self):
     regex_string = '.*'
     compiled_regex = re.compile(regex_string)
     test_compile_dict = {'some_regex': regex_string}
     cors = CORS()
     cors._compile_keys(test_compile_dict, ['some_regex'])
     self.assertEqual(compiled_regex, test_compile_dict['some_regex'])
Exemple #2
0
 def test_process_expose_headers(self):
     fake_req = mock.MagicMock()
     fake_resp = mock.MagicMock()
     cors = CORS(expose_headers_list=['test_header'])
     cors._process_expose_headers(fake_req, fake_resp)
     fake_resp.append_header.assert_called_once_with(
         'access-control-expose-headers', 'test_header')
Exemple #3
0
 def test_process_max_age(self):
     fake_req = mock.MagicMock()
     fake_resp = mock.MagicMock()
     cors = CORS(max_age=5)
     cors._process_max_age(fake_req, fake_resp)
     fake_resp.set_header.assert_called_once_with('access-control-max-age',
                                                  5)
Exemple #4
0
 def test_set_allowed_methods(self):
     fake_resp = mock.MagicMock()
     allowed_method_list = ['GET']
     cors = CORS()
     cors._set_allowed_methods(fake_resp, allowed_method_list)
     fake_resp.append_header.assert_called_once_with(
         'access-control-allow-methods', 'GET')
Exemple #5
0
 def test_cors_disabled(self):
     self.resource = mock.MagicMock()
     self.resource.cors_enabled = False
     cors = CORS()
     cors.process = mock.Mock()
     self.simulate_cors_api(cors, '/')
     self.simulate_post('/')
     self.assertEquals(cors.process.call_count, 0)
Exemple #6
0
 def test_process_origin_return(self):
     cors = CORS(allow_origins_list=['test.com'])
     cors._process_origin = mock.Mock(return_value=False)
     cors._process_credentials = mock.Mock()
     headers = {'origin': 'rackspace.com'}
     self.simulate_cors_request(cors, headers=headers, preflight=False)
     self.assertEqual(cors._process_origin.call_count, 1)
     self.assertEqual(cors._process_credentials.call_count, 0)
Exemple #7
0
 def test_process_origin_regex_none(self):
     fake_req = mock.MagicMock()
     fake_resp = mock.MagicMock()
     cors = CORS()
     cors._set_allow_origin = mock.Mock()
     self.assertEqual(
         cors._process_origin(fake_req, fake_resp, 'rackspace.com'), False)
     self.assertEqual(cors._set_allow_origin.call_count, 0)
Exemple #8
0
 def test_process_origin_allow_regex(self):
     fake_req = mock.MagicMock()
     fake_resp = mock.MagicMock()
     cors = CORS(allow_origins_regex='rack.*\.com')
     cors._set_allow_origin = mock.Mock()
     self.assertEqual(
         cors._process_origin(fake_req, fake_resp, 'rackspace.com'), True)
     cors._set_allow_origin.assert_called_once_with(fake_resp,
                                                    'rackspace.com')
Exemple #9
0
 def test_process_credentials_regex(self):
     fake_req = mock.MagicMock()
     fake_resp = mock.MagicMock()
     cors = CORS(allow_credentials_origins_regex='.*\.rackspace\..*')
     cors._set_allow_credentials = mock.Mock()
     self.assertEqual(
         cors._process_credentials(fake_req, fake_resp,
                                   'www.rackspace.com'), True)
     cors._set_allow_credentials.assert_called_once_with(fake_resp)
Exemple #10
0
 def test_vary_origins_called(self):
     cors = CORS(allow_all_origins=True,
                 allow_credentials_origins_list=['test.com'])
     cors._set_vary_origin = mock.Mock()
     origin = self.get_rand_str()
     headers = {'origin': origin}
     self.simulate_cors_request(cors, headers=headers, preflight=False)
     cors._set_vary_origin.assert_called_once_with(
         self.resource.captured_resp)
Exemple #11
0
 def test_process_allow_headers_list_camelcase(self):
     fake_req = mock.MagicMock()
     fake_resp = mock.MagicMock()
     cors = CORS(allow_headers_list=['Content-Type'])
     cors._set_allowed_headers = mock.Mock()
     self.assertEqual(
         cors._process_allow_headers(fake_req, fake_resp, ['Content-Type']),
         True)
     cors._set_allowed_headers.assert_called_once_with(
         fake_resp, ['Content-Type'])
Exemple #12
0
 def test_process_origin_deny(self):
     fake_req = mock.MagicMock()
     fake_resp = mock.MagicMock()
     cors = CORS(allow_origins_list=['rackspace.com'],
                 allow_origins_regex='rack.*\.com')
     cors._set_allow_origin = mock.Mock()
     self.assertEqual(
         cors._process_origin(fake_req, fake_resp, 'not_rackspace.com'),
         False)
     self.assertEqual(cors._set_allow_origin.call_count, 0)
Exemple #13
0
 def test_process_allow_headers_regex(self):
     fake_req = mock.MagicMock()
     fake_resp = mock.MagicMock()
     cors = CORS(allow_headers_regex='.*_header')
     cors._set_allowed_headers = mock.Mock()
     self.assertEqual(
         cors._process_allow_headers(fake_req, fake_resp, ['test_header']),
         True)
     cors._set_allowed_headers.assert_called_once_with(
         fake_resp, ['test_header'])
Exemple #14
0
 def test_process_credentials_disallow(self):
     fake_req = mock.MagicMock()
     fake_resp = mock.MagicMock()
     cors = CORS(allow_credentials_origins_list=['not_rackspace'],
                 allow_credentials_origins_regex='.*\.rackspace\..*')
     cors._set_allow_credentials = mock.Mock()
     self.assertEqual(
         cors._process_credentials(fake_req, fake_resp,
                                   'some_other_domain.lan'), False)
     self.assertEqual(cors._set_allow_credentials.call_count, 0)
Exemple #15
0
 def test_process_methods_not_requested(self):
     fake_req = mock.MagicMock()
     fake_resp = mock.MagicMock()
     fake_resource = mock.MagicMock()
     cors = CORS(allow_all_methods=True)
     cors._get_requested_method = mock.Mock(return_value=None)
     cors._set_allowed_methods = mock.Mock()
     self.assertEqual(
         cors._process_methods(fake_req, fake_resp, fake_resource), False)
     self.assertEqual(cors._set_allowed_methods.call_count, 0)
     cors._get_requested_method.assert_called_once_with(fake_req)
Exemple #16
0
 def test_no_requested_method(self):
     cors = CORS(allow_all_origins=True)
     cors._get_requested_headers = mock.Mock()
     cors._process_origin = mock.Mock(return_value=True)
     headers = {'origin': 'rackspace.com'}
     self.simulate_cors_request(cors,
                                headers=headers,
                                preflight=True,
                                add_request_method=False)
     self.assertEqual(cors._process_origin.call_count, 1)
     self.assertEqual(cors._get_requested_headers.call_count, 0)
Exemple #17
0
 def test_method_not_allowed(self):
     cors = CORS(allow_all_origins=True, allow_methods_list=['GET'])
     cors._get_requested_headers = mock.Mock(return_value=True)
     cors._process_allow_headers = mock.Mock()
     headers = {'origin': 'rackspace.com'}
     self.simulate_cors_request(cors,
                                headers=headers,
                                preflight=True,
                                preflight_method='POST')
     self.assertEqual(cors._get_requested_headers.call_count, 1)
     self.assertEqual(cors._process_allow_headers.call_count, 0)
Exemple #18
0
 def test_process_credentials_called(self):
     cors = CORS(allow_all_origins=True,
                 allow_all_methods=True,
                 allow_all_headers=True)
     cors._process_methods = mock.Mock(return_value=True)
     cors._process_credentials = mock.Mock()
     headers = {'origin': 'rackspace.com'}
     self.simulate_cors_request(cors, headers=headers, preflight=True)
     cors._process_credentials.assert_called_once_with(
         self.resource.captured_req, self.resource.captured_resp,
         'rackspace.com')
Exemple #19
0
 def test_process_allow_headers_disallow(self):
     fake_req = mock.MagicMock()
     fake_resp = mock.MagicMock()
     cors = CORS(allow_headers_list=['test_header'],
                 allow_headers_regex='.*_header')
     cors._set_allowed_headers = mock.Mock()
     self.assertEqual(
         cors._process_allow_headers(fake_req, fake_resp,
                                     ['test_header', 'header_not_allowed']),
         False)
     self.assertEqual(cors._set_allowed_headers.call_count, 0)
Exemple #20
0
 def test_header_not_allowed(self):
     cors = CORS(allow_all_origins=True,
                 allow_all_methods=True,
                 allow_headers_list=['test_header'])
     cors._process_methods = mock.Mock(return_value=True)
     cors._process_credentials = mock.Mock()
     headers = {
         'origin': 'rackspace.com',
         'access-control-request-headers': 'not_allowed_header'
     }
     self.simulate_cors_request(cors, headers=headers, preflight=True)
     self.assertEqual(cors._process_methods.call_count, 1)
     self.assertEqual(cors._process_credentials.call_count, 0)
Exemple #21
0
def create_app():
    cors = CORS(allow_all_origins=True, allow_all_headers=True, allow_all_methods=True)
    # cors = CORS(allow_all_origins=True, allow_origins_list=ALLOWED_ORIGINS, allow_all_headers=True, allow_all_methods=True)
    app = falcon.API(middleware=[cors.middleware, auth_middleware])
    
    app.add_route('/auth/login', LoginResource())
    app.add_route('/auth/logout', LogoutResource())
    app.add_route('/auth/refresh_token', RefreshTokenResource())
    app.add_route('/users/me', MeResource())
    
    ModelResource.register_endpoints('/epics', app, EpicResource())
    ModelResource.register_endpoints('/projects', app, ProjectResource())
    ModelResource.register_endpoints('/roles', app, RolesResource())
    ModelResource.register_endpoints('/tasks', app, TaskResource())
    ModelResource.register_endpoints('/users', app, UsersResource())
    ModelResource.register_endpoints('/user_settings', app, UserSettingResource())
    ModelResource.register_endpoints('/user_stories', app, UserStoryResource())

    sync_resource = SyncResource()
    app.add_route('/sync/changes', sync_resource, suffix='changes')
    app.add_route('/sync/doc/{obj_id}', sync_resource, suffix='doc')
    app.add_route('/sync/docs', sync_resource, suffix='docs')

    if DEBUG:
        app.add_static_route('/assets/i18n', I18N_ASSETS_PATH)

    return app
Exemple #22
0
 def simulate_all_origins(self, preflight=False):
     cors_config = CORS(allow_all_origins=True,
                        allow_methods_list=['PATCH'])
     origin = self.get_rand_str()
     headers = {'origin': origin}
     result = self.simulate_cors_request(cors_config,
                                         headers=headers,
                                         preflight=preflight)
     self.assertEqual(result.headers.get('access-control-allow-origin'),
                      '*')
     self.assertEqual(
         result.headers.get('access-control-allow-credentials'), None)
Exemple #23
0
 def test_all_origins_credentials(self, preflight=False):
     cors_config = CORS(allow_all_origins=True,
                        allow_credentials_all_origins=True,
                        allow_all_methods=True)
     origin = self.get_rand_str()
     headers = {'origin': origin}
     result = self.simulate_cors_request(cors_config,
                                         headers=headers,
                                         preflight=preflight)
     self.assertEqual(result.headers.get('access-control-allow-origin'),
                      origin)
     self.assertEqual(
         result.headers.get('access-control-allow-credentials'), 'true')
Exemple #24
0
 def test_process_origin_allow_all(self):
     fake_req = mock.MagicMock()
     fake_resp = mock.MagicMock()
     cors = CORS(allow_all_origins=True)
     cors._set_allow_origin = mock.Mock()
     self.assertEqual(
         cors._process_origin(fake_req, fake_resp, 'rackspace.com'), True)
     cors._set_allow_origin.assert_called_once_with(fake_resp, '*')
     cors._set_allow_origin = mock.Mock()
     cors.supports_credentials = True
     self.assertEqual(
         cors._process_origin(fake_req, fake_resp, 'rackspace.com'), True)
     cors._set_allow_origin.assert_called_once_with(fake_resp,
                                                    'rackspace.com')
Exemple #25
0
 def test_process_methods_resource(self):
     fake_req = mock.MagicMock()
     fake_resp = mock.MagicMock()
     fake_resource = mock.MagicMock()
     cors = CORS(allow_all_methods=True)
     cors._get_requested_method = mock.Mock(return_value='GET')
     cors._get_resource_methods = mock.Mock(return_value=['POST'])
     cors._set_allowed_methods = mock.Mock()
     self.assertEqual(
         cors._process_methods(fake_req, fake_resp, fake_resource), False)
     cors._set_allowed_methods.assert_called_once_with(fake_resp, ['POST'])
Exemple #26
0
 def test_static_route(self):
     cors_config = CORS(allow_all_origins=True,
                        allow_credentials_all_origins=True,
                        allow_all_methods=True)
     origin = self.get_rand_str()
     headers = {'origin': origin}
     self.resource = CORSResource()
     api = falcon.API(middleware=[cors_config.middleware])
     api.add_static_route("/static", "/var/www/static")
     result = testing.simulate_request(api,
                                       path="/static/image.png",
                                       method="GET",
                                       headers=headers)
     self.assertEqual(result.headers.get('access-control-allow-origin'),
                      origin)
     self.assertEqual(
         result.headers.get('access-control-allow-credentials'), 'true')
Exemple #27
0
 def test_process_methods_notfound(self):
     fake_req = mock.MagicMock()
     fake_resp = mock.MagicMock()
     fake_resource = mock.MagicMock()
     cors = CORS(allow_methods_list=['GET', 'POST', 'PUT', 'DELETE'])
     cors._set_allowed_methods = mock.Mock()
     cors._get_requested_method = mock.Mock(return_value='POST')
     cors._get_resource_methods = mock.Mock(return_value=['GET', 'PUT'])
     self.assertEqual(
         cors._process_methods(fake_req, fake_resp, fake_resource), False)
     cors._set_allowed_methods.assert_called_once_with(
         fake_resp, ['GET', 'PUT'])
Exemple #28
0
#Configuring the logging for the application
logging.config.fileConfig(const.LOGGING_CONFIG_FILENAME)

#Import mocked resources if MOCKED_SERVER is set
if const.MOCKED_SERVER:
    logging.debug("Importing mocked resources")
    from .tests.mock_tournaments import Tournaments
    from .tests.mock_scores import Scores
else:
    logging.debug("Importing real resources")
    from .resources.tournaments import Tournaments
    from .resources.scores import Scores
from .resources.player import Player

cors = CORS(allow_all_origins=True,
            allow_methods_list=['GET', 'PUT', 'POST'],
            allow_headers_list=['content-type'])

# this is my eth account address
address = const.PLAYER_OWN_ADD

api = falcon.API(middleware=[cors.middleware])
api.add_route('/api/tournaments', Tournaments(address))
api.add_route('/api/tournaments/{tournament_id}',
              Tournaments(address),
              suffix='single')
api.add_route('/api/tournaments/{tournament_id}/scores/my',
              Scores(address),
              suffix='my')
api.add_route('/api/tournaments/{tournament_id}/scores/{player_id}',
              Scores(address))
Exemple #29
0
 def test_set_very_origin(self):
     fake_resp = mock.MagicMock()
     cors = CORS()
     cors._set_vary_origin(fake_resp)
     fake_resp.append_header.assert_called_once_with('vary', 'origin')
Exemple #30
0
 def test_vary_origins_false(self):
     cors = CORS()
     self.assertFalse(cors.origins_vary)