def test_check_request_allowed_describeprocess(self): store_mock = mock.Mock(spec=["fetch_by_token"]) store_mock.fetch_by_token.return_value = None security = OWSSecurity(tokenstore=store_mock, service_registry=self.registry_mock) params = dict(request="DescribeProcess", service="WPS", version="1.0.0") request = DummyRequest(params=params, path='/ows/proxy/emu') security.check_request(request)
def test_check_request_public_access(self): registry_mock = mock.Mock(spec=["is_public"]) registry_mock.is_public.return_value = True security = OWSSecurity(tokenstore=self.store_mock, service_registry=registry_mock) params = dict(request="Execute", service="WPS", version="1.0.0") request = DummyRequest(params=params, path='/ows/proxy/emu') security.check_request(request)
def test_check_request_invalid(self): store_mock = mock.Mock(spec=["fetch_by_token"]) store_mock.fetch_by_token.return_value = None security = OWSSecurity(tokenstore=store_mock, service_registry=self.registry_mock) params = dict(request="Execute", service="WPS", version="1.0.0", access_token="xyz") request = DummyRequest(params=params, path='/ows/proxy/emu') with pytest.raises(OWSAccessForbidden) as e_info: security.check_request(request)
def test_check_request_allowed_describeprocess(self): security = OWSSecurity(tokenstore=self.empty_tokenstore, servicestore=self.servicestore) params = dict(request="DescribeProcess", service="WPS", version="1.0.0") request = DummyRequest(params=params, path='/ows/proxy/emu') request.registry = Registry() request.registry.settings = { 'twitcher.ows_prox_protected_path': '/ows' } security.check_request(request)
def test_check_request_invalid(self): security = OWSSecurity(tokenstore=self.empty_tokenstore, servicestore=self.servicestore) params = dict(request="Execute", service="WPS", version="1.0.0", token="xyz") request = DummyRequest(params=params, path='/ows/proxy/emu') request.registry = Registry() request.registry.settings = { 'twitcher.ows_prox_protected_path': '/ows' } with pytest.raises(OWSAccessForbidden): security.check_request(request)
def setUp(self): self.access_token = AccessToken(token="cdefg", expires_at=expires_at(hours=1)) self.tokenstore = MemoryTokenStore() self.tokenstore.save_token(self.access_token) self.empty_tokenstore = MemoryTokenStore() self.service = Service(url='http://nowhere/wps', name='test_wps', public=False) self.servicestore = MemoryServiceStore() self.servicestore.save_service(self.service) self.security = OWSSecurity(tokenstore=self.tokenstore, servicestore=self.servicestore)
def test_check_request_public_access(self): servicestore = MemoryServiceStore() servicestore.save_service( Service(url='http://nowhere/wps', name='test_wps', public=True)) security = OWSSecurity(tokenstore=self.tokenstore, servicestore=servicestore) params = dict(request="Execute", service="WPS", version="1.0.0", token="cdefg") request = DummyRequest(params=params, path='/ows/proxy/emu') request.registry = Registry() request.registry.settings = { 'twitcher.ows_prox_protected_path': '/ows' } security.check_request(request)
def setUp(self): self.access_token = AccessToken(token="cdefg", expires_at=expires_at(hours=1)) self.store_mock = mock.Mock(spec=["fetch_by_token"]) self.store_mock.fetch_by_token.return_value = self.access_token self.registry_mock = mock.Mock(spec=["is_public"]) self.registry_mock.is_public.return_value = False self.security = OWSSecurity(tokenstore=self.store_mock, service_registry=self.registry_mock)
class OWSSecurityTestCase(unittest.TestCase): def setUp(self): self.access_token = AccessToken(token="cdefg", expires_at=expires_at(hours=1)) self.store_mock = mock.Mock(spec=["fetch_by_token"]) self.store_mock.fetch_by_token.return_value = self.access_token self.registry_mock = mock.Mock(spec=["is_public"]) self.registry_mock.is_public.return_value = False self.security = OWSSecurity(tokenstore=self.store_mock, service_registry=self.registry_mock) def test_get_token_by_param(self): params = dict(request="Execute", service="WPS", access_token="abcdef") request = DummyRequest(params=params) token = self.security.get_token_param(request) assert token == "abcdef" def test_get_token_by_path(self): params = dict(request="Execute", service="WPS") request = DummyRequest(params=params, path="/ows/proxy/emu/12345") token = self.security.get_token_param(request) assert token == "12345" def test_get_token_by_header(self): params = dict(request="Execute", service="WPS") headers = {'Access-Token': '54321'} request = DummyRequest(params=params, headers=headers) token = self.security.get_token_param(request) assert token == "54321" def test_check_request(self): params = dict(request="Execute", service="WPS", version="1.0.0", access_token="cdefg") request = DummyRequest(params=params, path='/ows/proxy/emu') self.security.check_request(request) def test_check_request_invalid(self): store_mock = mock.Mock(spec=["fetch_by_token"]) store_mock.fetch_by_token.return_value = None security = OWSSecurity(tokenstore=store_mock, service_registry=self.registry_mock) params = dict(request="Execute", service="WPS", version="1.0.0", access_token="xyz") request = DummyRequest(params=params, path='/ows/proxy/emu') with pytest.raises(OWSAccessForbidden) as e_info: security.check_request(request) def test_check_request_allowed_caps(self): store_mock = mock.Mock(spec=["fetch_by_token"]) store_mock.fetch_by_token.return_value = None security = OWSSecurity(tokenstore=store_mock, service_registry=self.registry_mock) params = dict(request="GetCapabilities", service="WPS", version="1.0.0") request = DummyRequest(params=params, path='/ows/proxy/emu') security.check_request(request) def test_check_request_allowed_describeprocess(self): store_mock = mock.Mock(spec=["fetch_by_token"]) store_mock.fetch_by_token.return_value = None security = OWSSecurity(tokenstore=store_mock, service_registry=self.registry_mock) params = dict(request="DescribeProcess", service="WPS", version="1.0.0") request = DummyRequest(params=params, path='/ows/proxy/emu') security.check_request(request) def test_check_request_public_access(self): registry_mock = mock.Mock(spec=["is_public"]) registry_mock.is_public.return_value = True security = OWSSecurity(tokenstore=self.store_mock, service_registry=registry_mock) params = dict(request="Execute", service="WPS", version="1.0.0") request = DummyRequest(params=params, path='/ows/proxy/emu') security.check_request(request)
class OWSSecurityTestCase(unittest.TestCase): def setUp(self): self.access_token = AccessToken(token="cdefg", expires_at=expires_at(hours=1)) self.tokenstore = MemoryTokenStore() self.tokenstore.save_token(self.access_token) self.empty_tokenstore = MemoryTokenStore() self.service = Service(url='http://nowhere/wps', name='test_wps', public=False) self.servicestore = MemoryServiceStore() self.servicestore.save_service(self.service) self.security = OWSSecurity(tokenstore=self.tokenstore, servicestore=self.servicestore) def test_get_token_by_param(self): params = dict(request="Execute", service="WPS", access_token="abcdef") request = DummyRequest(params=params) token = self.security.get_token_param(request) assert token == "abcdef" def test_get_token_by_path(self): params = dict(request="Execute", service="WPS") request = DummyRequest(params=params, path="/ows/proxy/emu/12345") token = self.security.get_token_param(request) assert token == "12345" def test_get_token_by_header(self): params = dict(request="Execute", service="WPS") headers = {'Access-Token': '54321'} request = DummyRequest(params=params, headers=headers) token = self.security.get_token_param(request) assert token == "54321" def test_check_request(self): params = dict(request="Execute", service="WPS", version="1.0.0", token="cdefg") request = DummyRequest(params=params, path='/ows/proxy/emu') request.registry = Registry() request.registry.settings = { 'twitcher.ows_prox_protected_path': '/ows' } self.security.check_request(request) def test_check_request_invalid(self): security = OWSSecurity(tokenstore=self.empty_tokenstore, servicestore=self.servicestore) params = dict(request="Execute", service="WPS", version="1.0.0", token="xyz") request = DummyRequest(params=params, path='/ows/proxy/emu') request.registry = Registry() request.registry.settings = { 'twitcher.ows_prox_protected_path': '/ows' } with pytest.raises(OWSAccessForbidden): security.check_request(request) def test_check_request_allowed_caps(self): security = OWSSecurity(tokenstore=self.empty_tokenstore, servicestore=self.servicestore) params = dict(request="GetCapabilities", service="WPS", version="1.0.0") request = DummyRequest(params=params, path='/ows/proxy/emu') request.registry = Registry() request.registry.settings = { 'twitcher.ows_prox_protected_path': '/ows' } security.check_request(request) def test_check_request_allowed_describeprocess(self): security = OWSSecurity(tokenstore=self.empty_tokenstore, servicestore=self.servicestore) params = dict(request="DescribeProcess", service="WPS", version="1.0.0") request = DummyRequest(params=params, path='/ows/proxy/emu') request.registry = Registry() request.registry.settings = { 'twitcher.ows_prox_protected_path': '/ows' } security.check_request(request) def test_check_request_public_access(self): servicestore = MemoryServiceStore() servicestore.save_service( Service(url='http://nowhere/wps', name='test_wps', public=True)) security = OWSSecurity(tokenstore=self.tokenstore, servicestore=servicestore) params = dict(request="Execute", service="WPS", version="1.0.0", token="cdefg") request = DummyRequest(params=params, path='/ows/proxy/emu') request.registry = Registry() request.registry.settings = { 'twitcher.ows_prox_protected_path': '/ows' } security.check_request(request)
def owssecurity_factory(self): return OWSSecurity()