def add_permitted_methods_for_home(resource, request, response):
"""Add link methods to home endpoint with an on_post_GET hook.
The home endpoint doesn't call any database hooks and no on_pre_GET hook.
Therefore authentication needs to be done manually so we can check
permissions.
"""
if resource is None:
authenticate()
data = _get_data(response)
try:
links = data['_links']['child']
except KeyError:
# Other endpoints like `schemaendpoint` might end u here, but don't
# have the same 'link' layout as home, so we can just ignore them
pass
else:
# Add links for home
for res_link in links:
res_name = res_link['title'] # title equals resource
if isinstance(resource_auth(res_name), AmivTokenAuth):
check_if_admin(res_name)
res_link['methods'] = _get_resource_methods(res_name)
_set_data(response, data)
def test_admin_rights_for_root(self):
"""Test that login with root sets `g.resource_admin` to True.
Login with root means that the token is the root password.
"""
root_pw = self.app.config['ROOT_PASSWORD']
with self._init_context(current_token=root_pw):
check_if_admin('some_resource')
self.assertTrue(g.resource_admin)
def test_admin_rights_for_root(self):
"""Test that login with root sets `g.resource_admin` to True.
Login with root means that the token is the root password.
"""
root_pw = self.app.config['ROOT_PASSWORD']
with self._init_context(current_token=root_pw):
check_if_admin('some_resource')
self.assertTrue(g.resource_admin)
def test_auth_hook(self):
"""Assert that a auth hook is called and can set admin."""
def test_hook(resource):
if resource == "admin_resource":
g.resource_admin = True
else:
g.resource_admin = False
self.app.after_auth += test_hook
with self.app.app_context():
check_if_admin('something')
self.assertFalse(g.resource_admin)
check_if_admin('admin_resource')
self.assertTrue(g.resource_admin)
def test_auth_hook(self):
"""Assert that a auth hook is called and can set admin."""
def test_hook(resource):
if resource == "admin_resource":
g.resource_admin = True
else:
g.resource_admin = False
self.app.after_auth += test_hook
with self.app.app_context():
check_if_admin('something')
self.assertFalse(g.resource_admin)
check_if_admin('admin_resource')
self.assertTrue(g.resource_admin)
def test_authentication_defaults(self):
"""Make sure authenticate sets defaults for all auth values."""
expect_none = 'current_token', 'current_user', 'current_session'
expect_false = 'resource_admin', 'resource_admin_readonly'
with self.app.test_request_context():
# Nothing there before
for item in expect_none + expect_false:
with self.assertRaises(AttributeError):
getattr(g, item)
authenticate()
for item in expect_none:
self.assertIsNone(getattr(g, item))
check_if_admin('someresource')
for item in expect_false:
self.assertFalse(getattr(g, item))
def test_authentication_defaults(self):
"""Make sure authenticate sets defaults for all auth values."""
expect_none = 'current_token', 'current_user', 'current_session'
expect_false = 'resource_admin', 'resource_admin_readonly'
with self.app.test_request_context():
# Nothing there before
for item in expect_none + expect_false:
with self.assertRaises(AttributeError):
getattr(g, item)
authenticate()
for item in expect_none:
self.assertIsNone(getattr(g, item))
check_if_admin('someresource')
for item in expect_false:
self.assertFalse(getattr(g, item))
def add_permitted_methods_for_home(resource, request, response, payload):
"""Add link methods to home endpoint with an on_post_GET hook.
The home endpoint doesn't call any database hooks and no on_pre_GET hook.
Therefore authentication needs to be done manually so we can check
permissions.
"""
if resource is None:
authenticate()
try:
links = payload['_links']['child']
except KeyError:
# Other endpoints like `schemaendpoint` end up here, but don't
# have the same 'link' layout as home, so we can just ignore them
pass
else:
# Add links for home
for res_link in links:
res_name = res_link['href'] # href equals resource
if isinstance(resource_auth(res_name), AmivTokenAuth):
check_if_admin(res_name)
res_link['methods'] = _get_resource_methods(res_name)