def test_optional(self):
"""Test page with no login requirement, and no cookie."""
url_map = appinfo.URLMap(url='/')
h = url_handler.UserConfiguredURLHandler(url_map, '/$')
def start_response(unused_status, unused_response_headers,
unused_exc_info=None):
# Successful authorization should not call start_response
self.fail('start_response was called')
r = h.handle_authorization(self.environ, start_response)
self.assertEqual(None, r)
def test_required_redirect_no_login(self):
"""Test page with login: required; redirect, and no cookie."""
url_map = appinfo.URLMap(url='/', login='******')
h = url_handler.UserConfiguredURLHandler(url_map, '/$')
expected_status = '302 Requires login'
expected_location = (
'https://localhost:1443/login?continue=http%3A//localhost%3A8080'
'/my/album/of/pictures%3Fwith%3Dsome%26query%3Dparameters')
expected_headers = {'Location': expected_location}
self.assertResponse(expected_status, expected_headers, '',
h.handle_authorization, self.environ)
def test_required_unauthorized_no_login(self):
"""Test page with login: required; unauthorized, and no cookie."""
url_map = appinfo.URLMap(url='/',
login='******',
auth_fail_action='unauthorized')
h = url_handler.UserConfiguredURLHandler(url_map, '/$')
expected_status = '401 Not authorized'
expected_headers = {'Content-Type': 'text/html',
'Cache-Control': 'no-cache'}
expected_content = 'Login required to view page.'
self.assertResponse(expected_status, expected_headers, expected_content,
h.handle_authorization, self.environ)
def test_login_required_no_login_fake_logged_in_header(self):
"""Test page with login: required with fake-login-required."""
url_map = appinfo.URLMap(url='/',
login='******')
h = url_handler.UserConfiguredURLHandler(url_map, '/$')
self.environ[constants.FAKE_LOGGED_IN_HEADER] = '1'
def start_response(unused_status, unused_response_headers,
unused_exc_info=None):
# Successful authorization should not call start_response
self.fail('start_response was called')
r = h.handle_authorization(self.environ, start_response)
self.assertEqual(None, r)
def test_admin_no_login_fake_is_admin_header(self):
"""Test page with login: admin, and no cookie, with fake-is-admin header."""
url_map = appinfo.URLMap(url='/',
login='******')
h = url_handler.UserConfiguredURLHandler(url_map, '/$')
self.environ[constants.FAKE_IS_ADMIN_HEADER] = '1'
def start_response(unused_status, unused_response_headers,
unused_exc_info=None):
# Successful authorization should not call start_response
self.fail('start_response was called')
r = h.handle_authorization(self.environ, start_response)
self.assertEqual(None, r)
def test_admin_succeed(self):
"""Test page with login: admin, and a valid admin cookie."""
url_map = appinfo.URLMap(url='/',
login='******')
h = url_handler.UserConfiguredURLHandler(url_map, '/$')
self.environ['HTTP_COOKIE'] = COOKIE_ADMIN
def start_response(unused_status, unused_response_headers,
unused_exc_info=None):
# Successful authorization should not call start_response
self.fail('start_response was called')
r = h.handle_authorization(self.environ, start_response)
self.assertEqual(None, r)
def test_admin_no_admin(self):
"""Test page with login: admin, and a non-admin cookie."""
url_map = appinfo.URLMap(url='/',
login='******')
h = url_handler.UserConfiguredURLHandler(url_map, '/$')
self.environ['HTTP_COOKIE'] = COOKIE
expected_status = '401 Not authorized'
expected_headers = {'Content-Type': 'text/html',
'Cache-Control': 'no-cache'}
expected_content = ('Current logged in user [email protected] is not '
'authorized to view this page.')
self.assertResponse(expected_status, expected_headers, expected_content,
h.handle_authorization, self.environ)
def test_admin_no_login_fake_logged_in(self):
"""Tests page with login: admin, no cookie with fake login header."""
# This should FAIL, because a fake login does not imply admin privileges.
url_map = appinfo.URLMap(url='/',
login='******')
h = url_handler.UserConfiguredURLHandler(url_map, '/$')
self.environ[constants.FAKE_LOGGED_IN_HEADER] = '1'
expected_status = '401 Not authorized'
expected_headers = {'Content-Type': 'text/html',
'Cache-Control': 'no-cache'}
expected_content = ('Current logged in user Fake User is not authorized '
'to view this page.')
self.assertResponse(expected_status, expected_headers, expected_content,
h.handle_authorization, self.environ)
def test_required_no_login_fake_is_admin(self):
"""Test page with login: required, no cookie, with fake-is-admin header."""
# This should FAIL, because fake-is-admin only applies to login: admin, not
# login: required.
url_map = appinfo.URLMap(url='/', login='******')
h = url_handler.UserConfiguredURLHandler(url_map, '/$')
self.environ[constants.FAKE_IS_ADMIN_HEADER] = '1'
expected_status = '302 Requires login'
expected_location = (
'https://localhost:1443/login?continue=http%3A//localhost%3A8080'
'/my/album/of/pictures%3Fwith%3Dsome%26query%3Dparameters')
expected_headers = {'Location': expected_location}
self.assertResponse(expected_status, expected_headers, '',
h.handle_authorization, self.environ)
