def test_request_context_admin_uppercase(self):
req = request.Request(
testing.create_environ(path='/',
headers={
'X_USER_ID': '1111',
'X_PROJECT_ID': '2222',
'X_ROLES': 'Admin,bob'
}))
self.assertTrue(req.is_admin)
def test_check_is_admin_from_request(self):
req = request.Request(
testing.create_environ(path='/',
headers={
'X_USER_ID': '2222',
'X_PROJECT_ID': '3333',
'X_ROLES': 'admin,burger'
}), )
self.assertTrue(req.is_admin)
def test_authorize_bad_action_no_exception(self):
action = "example:denied"
ctx = request.Request(
testing.create_environ(path="/",
headers={
"X_USER_ID": "fake",
"X_PROJECT_ID": "fake",
"X_ROLES": "member"
}))
result = policy.authorize(ctx.context, action, {}, False)
self.assertFalse(result)
def test_authorize_bad_action_throws(self):
action = "example:denied"
ctx = request.Request(
testing.create_environ(path="/",
headers={
"X_USER_ID": "fake",
"X_PROJECT_ID": "fake",
"X_ROLES": "member"
}))
self.assertRaises(os_policy.PolicyNotAuthorized, policy.authorize,
ctx.context, action, {})
def test_use_context_from_request(self):
req = request.Request(
testing.create_environ(path='/',
headers={
'X_AUTH_TOKEN': '1111',
'X_USER_ID': '2222',
'X_PROJECT_ID': '3333',
'X_ROLES': 'goku,vegeta'
}))
self.assertEqual('1111', req.context.auth_token)
self.assertEqual('2222', req.context.user_id)
self.assertEqual('3333', req.context.project_id)
self.assertItemsEqual(['goku', 'vegeta'], req.context.roles)
def test_ignore_case_role_check(self):
lowercase_action = "example:lowercase_admin"
uppercase_action = "example:uppercase_admin"
admin_context = request.Request(
testing.create_environ(path="/",
headers={
"X_USER_ID": "admin",
"X_PROJECT_ID": "fake",
"X_ROLES": "AdMiN"
}))
self.assertTrue(
policy.authorize(admin_context.context, lowercase_action, {}))
self.assertTrue(
policy.authorize(admin_context.context, uppercase_action, {}))