def __init__(self):
user_folder = conan_expand_user("~")
server_config = migrate_and_get_server_config(user_folder)
authorizer = BasicAuthorizer(server_config.read_permissions,
server_config.write_permissions)
authenticator = BasicAuthenticator(dict(server_config.users))
credentials_manager = JWTCredentialsManager(
server_config.jwt_secret, server_config.jwt_expire_time)
updown_auth_manager = JWTUpDownAuthManager(
server_config.updown_secret, server_config.authorize_timeout)
file_manager = get_file_manager(
server_config, updown_auth_manager=updown_auth_manager)
search_adapter = DiskSearchAdapter()
search_manager = DiskSearchManager(
SimplePaths(server_config.disk_storage_path), search_adapter)
self.ra = ConanServer(server_config.port, server_config.ssl_enabled,
credentials_manager, updown_auth_manager,
authorizer, authenticator, file_manager,
search_manager, Version(SERVER_VERSION),
Version(MIN_CLIENT_COMPATIBLE_VERSION))
def setUp(self):
self.conan_reference = ConanFileReference.loads(
"openssl/2.0.3@lasote/testing")
self.package_reference = PackageReference(self.conan_reference,
"123123123")
self.tmp_dir = temp_folder()
read_perms = [("*/*@*/*", "*")]
write_perms = []
authorizer = BasicAuthorizer(read_perms, write_perms)
self.fake_url = "http://url"
updown_auth_manager = JWTUpDownAuthManager("secret",
timedelta(seconds=200))
adapter = DiskAdapter(self.fake_url, self.tmp_dir, updown_auth_manager)
self.paths = SimplePaths(self.tmp_dir)
self.file_manager = FileManager(self.paths, adapter)
self.service = ConanService(authorizer, self.file_manager, "lasote")
files = hello_source_files("test")
save_files(self.paths.export(self.conan_reference), files)
self.conan_digest = FileTreeManifest.create(
self.paths.export(self.conan_reference))
conan_digest_path = os.path.join(
self.paths.export(self.conan_reference), CONAN_MANIFEST)
save(conan_digest_path, str(self.conan_digest))
files = hello_source_files("package")
save_files(self.paths.package(self.package_reference), files)
def __init__(self):
user_folder = conan_expand_user("~")
server_folder = os.path.join(user_folder, '.conan_server')
server_config = migrate_and_get_server_config(user_folder)
custom_auth = server_config.custom_authenticator
if custom_auth:
authenticator = load_authentication_plugin(server_folder,
custom_auth)
else:
authenticator = BasicAuthenticator(dict(server_config.users))
authorizer = BasicAuthorizer(server_config.read_permissions,
server_config.write_permissions)
credentials_manager = JWTCredentialsManager(
server_config.jwt_secret, server_config.jwt_expire_time)
updown_auth_manager = JWTUpDownAuthManager(
server_config.updown_secret, server_config.authorize_timeout)
file_manager = get_file_manager(
server_config, updown_auth_manager=updown_auth_manager)
search_adapter = DiskSearchAdapter()
search_manager = DiskSearchManager(
SimplePaths(server_config.disk_storage_path), search_adapter)
server_capabilities = SERVER_CAPABILITIES
self.ra = ConanServer(server_config.port, credentials_manager,
updown_auth_manager, authorizer, authenticator,
file_manager, search_manager,
Version(SERVER_VERSION),
Version(MIN_CLIENT_COMPATIBLE_VERSION),
server_capabilities)
def __init__(self):
user_folder = conan_expand_user("~")
server_folder = os.path.join(user_folder, '.conan_server')
server_config = migrate_and_get_server_config(user_folder)
custom_auth = server_config.custom_authenticator
if custom_auth:
authenticator = load_authentication_plugin(server_folder, custom_auth)
else:
authenticator = BasicAuthenticator(dict(server_config.users))
authorizer = BasicAuthorizer(server_config.read_permissions,
server_config.write_permissions)
credentials_manager = JWTCredentialsManager(server_config.jwt_secret,
server_config.jwt_expire_time)
updown_auth_manager = JWTUpDownAuthManager(server_config.updown_secret,
server_config.authorize_timeout)
server_store = get_server_store(server_config.disk_storage_path,
server_config.public_url,
updown_auth_manager=updown_auth_manager)
server_capabilities = SERVER_CAPABILITIES
server_capabilities.append(REVISIONS)
self.ra = ConanServer(server_config.port, credentials_manager, updown_auth_manager,
authorizer, authenticator, server_store,
Version(SERVER_VERSION), Version(MIN_CLIENT_COMPATIBLE_VERSION),
server_capabilities, only_v1=False)
def setUp(self):
self.ref = ConanFileReference.loads("openssl/2.0.3@lasote/testing#%s" % DEFAULT_REVISION_V1)
self.pref = PackageReference(self.ref, "123123123", DEFAULT_REVISION_V1)
self.tmp_dir = temp_folder()
read_perms = [("*/*@*/*", "*")]
write_perms = []
authorizer = BasicAuthorizer(read_perms, write_perms)
self.fake_url = "http://url"
updown_auth_manager = JWTUpDownAuthManager("secret", timedelta(seconds=200))
adapter = ServerDiskAdapter(self.fake_url, self.tmp_dir, updown_auth_manager)
self.server_store = ServerStore(storage_adapter=adapter)
self.service = ConanService(authorizer, self.server_store, "lasote")
self.search_service = SearchService(authorizer, self.server_store, "lasote")
files = hello_source_files("test")
save_files(self.server_store.export(self.ref), files)
self.server_store.update_last_revision(self.ref)
self.conan_digest = FileTreeManifest.create(self.server_store.export(self.ref))
conan_digest_path = os.path.join(self.server_store.export(self.ref), CONAN_MANIFEST)
save(conan_digest_path, str(self.conan_digest))
files = hello_source_files("package")
save_files(self.server_store.package(self.pref), files)
def __init__(self, base_path=None, read_permissions=None,
write_permissions=None, users=None, base_url=None, plugins=None,
server_version=None,
min_client_compatible_version=None,
server_capabilities=None):
plugins = plugins or []
if not base_path:
base_path = temp_folder()
if server_capabilities is None:
server_capabilities = SERVER_CAPABILITIES # Default enabled
if not os.path.exists(base_path):
raise Exception("Base path not exist! %s")
# Define storage_folder, if not, it will be readed from conf file and pointed to real user home
self.storage_folder = os.path.join(base_path, ".conan_server", "data")
mkdir(self.storage_folder)
server_config = migrate_and_get_server_config(base_path, self.storage_folder)
if TestServerLauncher.port == 0:
TestServerLauncher.port = server_config.port
# Encode and Decode signature for Upload and Download service
updown_auth_manager = JWTUpDownAuthManager(server_config.updown_secret,
server_config.authorize_timeout)
self.file_manager = get_file_manager(server_config, public_url=base_url,
updown_auth_manager=updown_auth_manager)
self.search_manager = DiskSearchManager(SimplePaths(server_config.disk_storage_path))
# Prepare some test users
if not read_permissions:
read_permissions = server_config.read_permissions
read_permissions.append(("private_library/1.0.0@private_user/testing", "*"))
read_permissions.append(("*/*@*/*", "*"))
if not write_permissions:
write_permissions = server_config.write_permissions
if not users:
users = dict(server_config.users)
users[TESTING_REMOTE_PRIVATE_USER] = TESTING_REMOTE_PRIVATE_PASS
authorizer = BasicAuthorizer(read_permissions, write_permissions)
authenticator = BasicAuthenticator(users)
credentials_manager = JWTCredentialsManager(server_config.jwt_secret,
server_config.jwt_expire_time)
logger.debug("Storage path: %s" % self.storage_folder)
self.port = TestServerLauncher.port
self.ra = ConanServer(self.port, credentials_manager, updown_auth_manager,
authorizer, authenticator, self.file_manager, self.search_manager,
server_version, min_client_compatible_version,
server_capabilities)
for plugin in plugins:
self.ra.api_v1.install(plugin)
def __init__(self,
base_path=None,
read_permissions=None,
write_permissions=None,
users=None,
base_url=None,
plugins=None,
server_capabilities=None):
plugins = plugins or []
if not base_path:
base_path = temp_folder()
if not os.path.exists(base_path):
raise Exception("Base path not exist! %s")
self._base_path = base_path
server_config = migrate_and_get_server_config(base_path)
if server_capabilities is None:
server_capabilities = set(SERVER_CAPABILITIES)
if TestServerLauncher.port == 0:
TestServerLauncher.port = server_config.port
# Encode and Decode signature for Upload and Download service
updown_auth_manager = JWTUpDownAuthManager(
server_config.updown_secret, server_config.authorize_timeout)
base_url = base_url or server_config.public_url
self.server_store = get_server_store(server_config.disk_storage_path,
base_url, updown_auth_manager)
# Prepare some test users
if not read_permissions:
read_permissions = server_config.read_permissions
read_permissions.append(
("private_library/1.0.0@private_user/testing", "*"))
read_permissions.append(("*/*@*/*", "*"))
if not write_permissions:
write_permissions = server_config.write_permissions
if not users:
users = dict(server_config.users)
users[TESTING_REMOTE_PRIVATE_USER] = TESTING_REMOTE_PRIVATE_PASS
authorizer = BasicAuthorizer(read_permissions, write_permissions)
authenticator = BasicAuthenticator(users)
credentials_manager = JWTCredentialsManager(
server_config.jwt_secret, server_config.jwt_expire_time)
self.port = TestServerLauncher.port
self.ra = ConanServer(self.port, credentials_manager,
updown_auth_manager, authorizer, authenticator,
self.server_store, server_capabilities)
for plugin in plugins:
self.ra.api_v1.install(plugin)
self.ra.api_v2.install(plugin)
def invalid_rule_test(self):
"""Invalid rule input"""
read_perms = ["invalid_reference", "lasote", ("*/*@*/*", "")]
write_perms = []
authorizer = BasicAuthorizer(read_perms, write_perms)
self.assertRaises(InternalErrorException, authorizer.check_read_conan,
"pepe", self.openssl_ref)
def test_authenticated_user_wildcard_permissions(self):
"""Check that authenciated user wildcard permissions logic is ok"""
# Only authenticated users can read openssl
read_perms = [(str(self.openssl_ref), "?"), ("*/*@*/*", "*")]
# Authenticated users can write any
write_perms = [("*/*@*/*", "?")]
authorizer = BasicAuthorizer(read_perms, write_perms)
# READ PERMISSIONS
# Authenticated user can read conan
authorizer.check_read_conan("pepe", self.openssl_ref)
# Authenticated user can read package
authorizer.check_read_package("pepe", self.openssl_pref)
# Anonymous user can not read conan, they must authenticate
self.assertRaises(AuthenticationException, authorizer.check_read_conan,
None, self.openssl_ref)
# Anonymous user can not read package, they must authenticate
self.assertRaises(AuthenticationException,
authorizer.check_read_package, None,
self.openssl_pref)
# WRITE PERMISSIONS
# Authenticated user can write conan
authorizer.check_write_conan("pepe", self.openssl_ref)
# Authenticated user can write package
authorizer.check_write_package("pepe", self.openssl_pref)
# Anonymous user can not write conan, they must authenticate
self.assertRaises(AuthenticationException,
authorizer.check_write_conan, None, self.openssl_ref)
# Anonymous user can not write package, they must authenticate
self.assertRaises(AuthenticationException,
authorizer.check_write_package, None,
self.openssl_pref)
def test_users(self):
"""Check that lists of user names are parsed correctly"""
# Simple user list
read_perms = [("openssl/*@lasote/testing", "user1,user2,user3")]
authorizer = BasicAuthorizer(read_perms, [])
for u in ['user1', 'user2', 'user3']:
authorizer.check_read_conan(u, self.openssl_ref)
# Spaces bewteen user names should be ignored
read_perms = [("openssl/*@lasote/testing", "user1 , user2,\tuser3")]
authorizer = BasicAuthorizer(read_perms, [])
for u in ['user1', 'user2', 'user3']:
authorizer.check_read_conan(u, self.openssl_ref)
def authenticated_user_wildcard_permissions_test(self):
"""Check that authenciated user wildcard permissions logic is ok"""
# Only authenticated users can read openssl
read_perms = [(str(self.openssl_ref), "?"), ("*/*@*/*", "*")]
# Authenticated users can write any
write_perms = [("*/*@*/*", "?")]
authorizer = BasicAuthorizer(read_perms, write_perms)
# READ PERMISSIONS
# Authenticated user can read conan
authorizer.check_read_conan("pepe", self.openssl_ref)
# Authenticated user can read package
authorizer.check_read_package("pepe", self.package_reference)
# Anonymous user can not read conan, they must authenticate
self.assertRaises(AuthenticationException,
authorizer.check_read_conan, None, self.openssl_ref)
# Anonymous user can not read package, they must authenticate
self.assertRaises(AuthenticationException,
authorizer.check_read_package, None, self.package_reference)
# WRITE PERMISSIONS
# Authenticated user can write conan
authorizer.check_write_conan("pepe", self.openssl_ref)
# Authenticated user can write package
authorizer.check_write_package("pepe", self.package_reference)
# Anonymous user can not write conan, they must authenticate
self.assertRaises(AuthenticationException,
authorizer.check_write_conan, None, self.openssl_ref)
# Anonymous user can not write package, they must authenticate
self.assertRaises(AuthenticationException,
authorizer.check_write_package, None, self.package_reference)
def __init__(self, force_migration=False, server_dir=None):
if sys.version_info.major == 2:
raise Exception("The conan_server needs Python>=3 for running")
self.force_migration = force_migration
if server_dir:
user_folder = server_folder = server_dir
else:
user_folder = conan_expand_user("~")
server_folder = os.path.join(user_folder, '.conan_server')
server_config = migrate_and_get_server_config(user_folder,
self.force_migration,
server_dir is not None)
custom_auth = server_config.custom_authenticator
if custom_auth:
authenticator = load_authentication_plugin(server_folder,
custom_auth)
else:
authenticator = BasicAuthenticator(dict(server_config.users))
authorizer = BasicAuthorizer(server_config.read_permissions,
server_config.write_permissions)
credentials_manager = JWTCredentialsManager(
server_config.jwt_secret, server_config.jwt_expire_time)
updown_auth_manager = JWTUpDownAuthManager(
server_config.updown_secret, server_config.authorize_timeout)
server_store = get_server_store(
server_config.disk_storage_path,
server_config.public_url,
updown_auth_manager=updown_auth_manager)
server_capabilities = SERVER_CAPABILITIES
server_capabilities.append(REVISIONS)
self.server = ConanServer(server_config.port, credentials_manager,
updown_auth_manager, authorizer,
authenticator, server_store,
server_capabilities)
if not self.force_migration:
print("***********************")
print("Using config: %s" % server_config.config_filename)
print("Storage: %s" % server_config.disk_storage_path)
print("Public URL: %s" % server_config.public_url)
print("PORT: %s" % server_config.port)
print("***********************")
def __init__(self, force_migration=False):
self.force_migration = force_migration
user_folder = conan_expand_user("~")
server_folder = os.path.join(user_folder, '.conan_server')
server_config = migrate_and_get_server_config(user_folder, None,
self.force_migration)
custom_auth = server_config.custom_authenticator
if custom_auth:
authenticator = load_authentication_plugin(server_folder,
custom_auth)
else:
authenticator = BasicAuthenticator(dict(server_config.users))
authorizer = BasicAuthorizer(server_config.read_permissions,
server_config.write_permissions)
credentials_manager = JWTCredentialsManager(
server_config.jwt_secret, server_config.jwt_expire_time)
updown_auth_manager = JWTUpDownAuthManager(
server_config.updown_secret, server_config.authorize_timeout)
server_store = get_server_store(
server_config.disk_storage_path,
server_config.public_url,
updown_auth_manager=updown_auth_manager)
server_capabilities = SERVER_CAPABILITIES
server_capabilities.append(REVISIONS)
self.server = ConanServer(server_config.port, credentials_manager,
updown_auth_manager, authorizer,
authenticator, server_store,
Version(SERVER_VERSION),
Version(MIN_CLIENT_COMPATIBLE_VERSION),
server_capabilities)
if not self.force_migration:
print("***********************")
print("Using config: %s" % server_config.config_filename)
print("Storage: %s" % server_config.disk_storage_path)
print("Public URL: %s" % server_config.public_url)
print("PORT: %s" % server_config.port)
print("***********************")
def users_test(self):
"""Check that lists of user names are parsed correctly"""
# Simple user list
read_perms = [("openssl/*@lasote/testing", "user1,user2,user3")]
authorizer = BasicAuthorizer(read_perms, [])
for u in ['user1','user2','user3']:
authorizer.check_read_conan(u, self.openssl_ref)
# Spaces bewteen user names should be ignored
read_perms = [("openssl/*@lasote/testing", "user1 , user2,\tuser3")]
authorizer = BasicAuthorizer(read_perms, [])
for u in ['user1','user2','user3']:
authorizer.check_read_conan(u, self.openssl_ref)
def permissions_test(self):
"""Check that permissions logic is ok"""
# Only lasote can read it but other conans can be readed
read_perms = [(str(self.openssl_ref), "lasote"), ("*/*@*/*", "*")]
# Only pepe (and lasote because its owner) can write it and no more users can write
write_perms = [(str(self.openssl_ref), "pepe")]
authorizer = BasicAuthorizer(read_perms, write_perms)
# READ PERMISSIONS
# Pepe can't read conans
self.assertRaises(ForbiddenException,
authorizer.check_read_conan, "pepe", self.openssl_ref)
# Owner can read conans
authorizer.check_read_conan("lasote", self.openssl_ref)
# Pepe can read other conans
authorizer.check_read_conan("pepe", self.openssl_ref2)
# Pepe can't read package
self.assertRaises(ForbiddenException,
authorizer.check_read_package, "pepe", self.package_reference)
# Owner can read package
authorizer.check_read_package("lasote", self.package_reference)
# Pepe can read other package
authorizer.check_read_package("pepe", self.package_reference2)
# WRITE PERMISSIONS
# Pepe can write conans
authorizer.check_write_conan("pepe", self.openssl_ref)
# Juan can't write conans
self.assertRaises(ForbiddenException,
authorizer.check_write_conan, "juan", self.openssl_ref)
# Owner can write conans
authorizer.check_write_conan("lasote", self.openssl_ref)
# Pepe can't write other conans
self.assertRaises(ForbiddenException,
authorizer.check_write_conan, "pepe", self.openssl_ref2)
# Owner can write package
authorizer.check_write_package("lasote", self.package_reference)
# Pepe can write package
authorizer.check_write_package("pepe", self.package_reference)
# Pepe can't write other package
self.assertRaises(ForbiddenException,
authorizer.check_write_package, "pepe", self.package_reference2)
def check_wildcards_test(self):
# Only pepe can read openssl versions
read_perms = [("openssl/*@lasote/testing", "pepe"), ("*/*@*/*", "*")]
# Only pepe (and lasote because its owner) can write it and no more users can write
write_perms = [(str(self.openssl_ref), "pepe")]
authorizer = BasicAuthorizer(read_perms, write_perms)
# Pepe can read all openssl versions
authorizer.check_read_conan("pepe", self.openssl_ref)
authorizer.check_read_conan("pepe", self.openssl_ref2)
# Other user can't
self.assertRaises(ForbiddenException,
authorizer.check_read_conan, "juan", self.openssl_ref)
self.assertRaises(ForbiddenException,
authorizer.check_read_conan, "juan", self.openssl_ref2)
# Only pepe can read versions 2.0.1 of lasote/testing
read_perms = [("*/2.0.2@lasote/testing", "pepe"), ("*/*@*/*", "*")]
authorizer = BasicAuthorizer(read_perms, write_perms)
# Pepe can read openssl 2.0.1 version and 2.0.2 (only matches 2.0.2, so other is allowed)
authorizer.check_read_conan("pepe", self.openssl_ref2)
authorizer.check_read_conan("pepe", self.openssl_ref2)
# Other user can't read 2.0.2
authorizer.check_read_conan("juan", self.openssl_ref)
self.assertRaises(ForbiddenException,
authorizer.check_read_conan, "juan", self.openssl_ref2)
# Only pepe can read openssl version 2.0.1 from any owner
read_perms = [("openssl/2.0.1@*/testing", "pepe")]
# Only pepe (and lasote because its owner) can write it and no more users can write
write_perms = [(str(self.openssl_ref), "pepe")]
authorizer = BasicAuthorizer(read_perms, write_perms)
# Pepe can read any openssl/2.0.1
authorizer.check_read_conan("pepe", self.openssl_ref)
tmp_ref = ConanFileReference.loads("openssl/2.0.1@alfred/testing")
authorizer.check_read_conan("pepe", tmp_ref)
self.assertRaises(ForbiddenException,
authorizer.check_read_conan, "juan", self.openssl_ref)
self.assertRaises(ForbiddenException,
authorizer.check_read_conan, "juan", tmp_ref)
# Only pepe can read openssl version 2.0.1 from lasote/any channel
read_perms = [("openssl/2.0.1@lasote/*", "pepe")]
# Only pepe (and lasote because its owner) can write it and no more users can write
write_perms = [(str(self.openssl_ref), "pepe")]
authorizer = BasicAuthorizer(read_perms, write_perms)
# Pepe can read openssl/2.0.1 from any channel but only from lasote
authorizer.check_read_conan("pepe", self.openssl_ref)
tmp_ref = ConanFileReference.loads("openssl/2.0.1@alfred/testing")
self.assertRaises(ForbiddenException,
authorizer.check_read_conan, "pepe", tmp_ref)
tmp_ref = ConanFileReference.loads("openssl/2.0.1@lasote/otherchannel")
authorizer.check_read_conan("pepe", tmp_ref)
def permissions_test(self):
"""Check that permissions logic is ok"""
# Only lasote can read it but other conans can be readed
read_perms = [(str(self.openssl_ref), "lasote"), ("*/*@*/*", "*")]
# Only pepe (and lasote because its owner) can write it and no more users can write
write_perms = [(str(self.openssl_ref), "pepe")]
authorizer = BasicAuthorizer(read_perms, write_perms)
# READ PERMISSIONS
# Pepe can't read conans
self.assertRaises(ForbiddenException, authorizer.check_read_conan,
"pepe", self.openssl_ref)
# Owner can read conans
authorizer.check_read_conan("lasote", self.openssl_ref)
# Pepe can read other conans
authorizer.check_read_conan("pepe", self.openssl_ref2)
# Pepe can't read package
self.assertRaises(ForbiddenException, authorizer.check_read_package,
"pepe", self.package_reference)
# Owner can read package
authorizer.check_read_package("lasote", self.package_reference)
# Pepe can read other package
authorizer.check_read_package("pepe", self.package_reference2)
# WRITE PERMISSIONS
# Pepe can write conans
authorizer.check_write_conan("pepe", self.openssl_ref)
# Juan can't write conans
self.assertRaises(ForbiddenException, authorizer.check_write_conan,
"juan", self.openssl_ref)
# Owner can write conans
authorizer.check_write_conan("lasote", self.openssl_ref)
# Pepe can't write other conans
self.assertRaises(ForbiddenException, authorizer.check_write_conan,
"pepe", self.openssl_ref2)
# Owner can write package
authorizer.check_write_package("lasote", self.package_reference)
# Pepe can write package
authorizer.check_write_package("pepe", self.package_reference)
# Pepe can't write other package
self.assertRaises(ForbiddenException, authorizer.check_write_package,
"pepe", self.package_reference2)
def check_wildcards_test(self):
# Only pepe can read openssl versions
read_perms = [("openssl/*@lasote/testing", "pepe"), ("*/*@*/*", "*")]
# Only pepe (and lasote because its owner) can write it and no more users can write
write_perms = [(str(self.openssl_ref), "pepe")]
authorizer = BasicAuthorizer(read_perms, write_perms)
# Pepe can read all openssl versions
authorizer.check_read_conan("pepe", self.openssl_ref)
authorizer.check_read_conan("pepe", self.openssl_ref2)
# Other user can't
self.assertRaises(ForbiddenException, authorizer.check_read_conan,
"juan", self.openssl_ref)
self.assertRaises(ForbiddenException, authorizer.check_read_conan,
"juan", self.openssl_ref2)
# Only pepe can read versions 2.0.1 of lasote/testing
read_perms = [("*/2.0.2@lasote/testing", "pepe"), ("*/*@*/*", "*")]
authorizer = BasicAuthorizer(read_perms, write_perms)
# Pepe can read openssl 2.0.1 version and 2.0.2 (only matches 2.0.2, so other is allowed)
authorizer.check_read_conan("pepe", self.openssl_ref2)
authorizer.check_read_conan("pepe", self.openssl_ref2)
# Other user can't read 2.0.2
authorizer.check_read_conan("juan", self.openssl_ref)
self.assertRaises(ForbiddenException, authorizer.check_read_conan,
"juan", self.openssl_ref2)
# Only pepe can read openssl version 2.0.1 from any owner
read_perms = [("openssl/2.0.1@*/testing", "pepe")]
# Only pepe (and lasote because its owner) can write it and no more users can write
write_perms = [(str(self.openssl_ref), "pepe")]
authorizer = BasicAuthorizer(read_perms, write_perms)
# Pepe can read any openssl/2.0.1
authorizer.check_read_conan("pepe", self.openssl_ref)
tmp_ref = ConanFileReference.loads("openssl/2.0.1@alfred/testing")
authorizer.check_read_conan("pepe", tmp_ref)
self.assertRaises(ForbiddenException, authorizer.check_read_conan,
"juan", self.openssl_ref)
self.assertRaises(ForbiddenException, authorizer.check_read_conan,
"juan", tmp_ref)
# Only pepe can read openssl version 2.0.1 from lasote/any channel
read_perms = [("openssl/2.0.1@lasote/*", "pepe")]
# Only pepe (and lasote because its owner) can write it and no more users can write
write_perms = [(str(self.openssl_ref), "pepe")]
authorizer = BasicAuthorizer(read_perms, write_perms)
# Pepe can read openssl/2.0.1 from any channel but only from lasote
authorizer.check_read_conan("pepe", self.openssl_ref)
tmp_ref = ConanFileReference.loads("openssl/2.0.1@alfred/testing")
self.assertRaises(ForbiddenException, authorizer.check_read_conan,
"pepe", tmp_ref)
tmp_ref = ConanFileReference.loads("openssl/2.0.1@lasote/otherchannel")
authorizer.check_read_conan("pepe", tmp_ref)
