def test_read_user(self):
"""
Read a user that was created earlier. Expects a unique uid that points to an existing user.
"""
print_test_name()
try:
out_user = review_mgr.read_user(User(uid='foo1'))
print_user(out_user)
except FortressError as e:
print_exception(e)
self.fail()
def test_add_user(self):
"""
To add a user in py-fortress, the uid must be supplied. All other attributes are optional but to be able to authenticate a password must be present of course.
"""
print_test_name()
try:
admin_mgr.add_user(User(uid='foo1', password='******'))
print_test_msg('success')
except FortressError as e:
print_exception(e)
self.fail()
def test_search_users(self):
"""
Search for users that match the characters passed into with wildcard appended. Will return zero or more records, one for each user in result set.
"""
print_test_name()
try:
users = review_mgr.find_users(User(uid='foo*'))
for user in users:
print_user(user)
except FortressError as e:
print_exception(e)
self.fail()
def test_assign_user(self):
"""
Assign a user to a role passing req's attrs for user (uid) and role (name). Throws exception if either are not found, or already assigned.
"""
print_test_name()
try:
admin_mgr.assign(User(uid='foo1'), Role(name='Customer'))
print_test_msg('success')
except FortressError as e:
print_exception(e)
self.fail()
def test_user_perms(self):
"""
Search for perms that have been authorized to a particular user based on their role assignments. Will return zero or more records, of type permission, one for each perm authorized for user.
"""
print_test_name()
try:
perms = review_mgr.user_perms(User(uid='foo1'))
for perm in perms:
print_perm(perm)
except FortressError as e:
print_exception(e)
self.fail()
def test_assigned_roles(self):
"""
Return the list of roles that have been assigned a particular user. Will return zero or more records, of type constraint, one for each role assigned to user.
"""
print_test_name()
try:
constraints = review_mgr.assigned_roles(User(uid='foo1'))
for constraint in constraints:
print_test_msg('role name=' + constraint.name)
except FortressError as e:
print_exception(e)
self.fail()
def test_delete_user(self):
"""
The delete expects the uid passed in to match one record only and will throw an exception if not found, or otherwise if error occurs.
"""
print_test_name()
try:
admin_mgr.delete_user(User(uid='foo1'))
print_test_msg('success')
except FortressError as e:
if e.id == global_ids.USER_NOT_FOUND:
print_test_msg('not found')
pass
else:
print_exception(e)
self.fail()
def test_create_session(self):
"""
Called when beginning an RBAC session. Requires uid and password if trusted is False, in which case it will authenticate in addition to activating roles into session.
Throws exception if user is not found, or if authentication fails.
"""
print_test_name()
try:
session = access_mgr.create_session(
User(uid='foo1', password='******'), False)
if not session:
print_test_msg('fail')
self.fail()
else:
print_test_msg('sucess')
pass
except FortressError as e:
print_exception(e)
self.fail()
def test_session_perms(self):
"""
Return all permission authorized for user per their set of activated roles in the session. Note this means that set could be a subset of assigned permissions, if any assigned roles are not activated.
"""
print_test_name()
try:
session = access_mgr.create_session(
User(uid='foo1', password='******'), False)
perms = access_mgr.session_perms(session)
if not perms:
print_test_msg('failed')
self.fail()
for perm in perms:
print_perm(perm)
pass
except FortressError as e:
print_exception(e)
self.fail()
def test_check_access(self):
"""
Called to perform an RBAC permmission check. Requires a valid session (returned from create_session) and a permission with required attrs obj_name, op_name, and optional obj_id.
Returns true if user is allowed to perform the specified operation on object.
"""
print_test_name()
try:
session = access_mgr.create_session(
User(uid='foo1', password='******'), False)
result = access_mgr.check_access(
session, Perm(obj_name='ShoppingCart', op_name='add'))
if not result:
print_test_msg('fail')
self.fail()
else:
print_test_msg('success')
pass
except FortressError as e:
print_exception(e)
self.fail()