def setUp(self):
super(AuthTests, self).setUp()
self.security = Security(['/api/spec'])
self.security._get_token_from_request = MagicMock(
return_value=TEST_TOKEN)
self.security._is_admin = MagicMock(return_value=False)
self.security._uaa_public_key = 'fake_test_key'
self.request_context = self.app.test_request_context(
u'/fake_call_path')
class AuthTests(DataCatalogTestCase):
def setUp(self):
super(AuthTests, self).setUp()
self.security = Security(['/api/spec'])
self.security._get_token_from_request = MagicMock(
return_value=TEST_TOKEN)
self.security._is_admin = MagicMock(return_value=False)
self.security._uaa_public_key = 'fake_test_key'
self.request_context = self.app.test_request_context(
u'/fake_call_path')
@patch.object(Security,
'_parse_auth_token',
return_value=TEST_TOKEN_PAYLOAD)
@patch.object(_Authorization, 'get_user_scope', return_value=TEST_ORG_UUID)
def test_authenticate_userHasAccess_authenticateSuccessful(
self, mock_get_scope, mock_parse_token):
with self.request_context:
actual_result = self.security.authenticate()
self.assertEquals(actual_result, None)
self.security._get_token_from_request.assert_called_with()
mock_parse_token.assert_called_with(TEST_TOKEN)
mock_get_scope.assert_called_with(TEST_TOKEN, flask.request, False)
@patch.object(Security,
'_parse_auth_token',
side_effect=jwt.InvalidTokenError())
def test_authenticate_verifyTokenFails_return401(self, mock_parse_token):
with self.request_context:
self.assertRaises(Unauthorized, self.security.authenticate)
self.security._get_token_from_request.assert_called_with()
mock_parse_token.assert_called_with(TEST_TOKEN)
@patch.object(Security, '_parse_auth_token', return_value=TEST_USER_ID)
@patch.object(_Authorization,
'get_user_scope',
side_effect=_UserCantAccessOrg())
def test_authenticate_verifyAccessFails_return403(self, mock_get_scope,
mock_parse_token):
with self.request_context:
self.assertRaises(Forbidden, self.security.authenticate)
self.security._get_token_from_request.assert_called_with()
mock_parse_token.assert_called_with(TEST_TOKEN)
mock_get_scope.assert_called_with(TEST_TOKEN, flask.request, False)
def test_authenticate_requestFromSwagger_authenticationIgnored(self):
swagger_request_context = self.app.test_request_context(
"/api/spec/get_swagger_endpoints")
with swagger_request_context:
actual_result = self.security.authenticate()
self.assertEquals(actual_result, None)
def setUp(self):
super(AuthTests, self).setUp()
self.security = Security(['/api/spec'])
self.security._get_token_from_request = MagicMock(return_value=TEST_TOKEN)
self.security._is_admin = MagicMock(return_value=False)
self.security._uaa_public_key = 'fake_test_key'
self.request_context = self.app.test_request_context(u'/fake_call_path')
def _create_app(config):
app = Flask(__name__)
api = ExceptionHandlingApi(app)
api_doc_route = '/api-docs'
api_metrics_route = '/metrics'
health_route = '/health'
info_route = '/info'
api.add_resource(DataSetSearchResource, config.app_base_path)
api.add_resource(ApiDoc, api_doc_route)
api.add_resource(MetadataEntryResource,
config.app_base_path + '/<entry_id>')
api.add_resource(TableResource, config.app_base_path + '/<entry_id>/table')
api.add_resource(DataSetCountResource, config.app_base_path + '/count')
api.add_resource(ElasticSearchAdminResource,
config.app_base_path + '/admin/elastic')
app.route(api_metrics_route)(_get_metrics)
app.route(info_route, endpoint=info_route)(
lambda: jsonify(name=version.NAME, app_version=version.VERSION))
app.route(health_route,
endpoint=health_route)(lambda: jsonify(status="UP"))
security = Security(auth_exceptions=[
api_doc_route, api_metrics_route, health_route, info_route
])
app.before_request(security.authenticate)
return app
class AuthTests(DataCatalogTestCase):
def setUp(self):
super(AuthTests, self).setUp()
self.security = Security(['/api/spec'])
self.security._get_token_from_request = MagicMock(return_value=TEST_TOKEN)
self.security._is_admin = MagicMock(return_value=False)
self.security._uaa_public_key = 'fake_test_key'
self.request_context = self.app.test_request_context(u'/fake_call_path')
@patch.object(Security, '_parse_auth_token', return_value=TEST_TOKEN_PAYLOAD)
@patch.object(_Authorization, 'get_user_scope', return_value=TEST_ORG_UUID)
def test_authenticate_userHasAccess_authenticateSuccessful(self, mock_get_scope, mock_parse_token):
with self.request_context:
actual_result = self.security.authenticate()
self.assertEquals(actual_result, None)
self.security._get_token_from_request.assert_called_with()
mock_parse_token.assert_called_with(TEST_TOKEN)
mock_get_scope.assert_called_with(TEST_TOKEN, flask.request, False)
@patch.object(Security, '_parse_auth_token', side_effect=jwt.InvalidTokenError())
def test_authenticate_verifyTokenFails_return401(self, mock_parse_token):
with self.request_context:
self.assertRaises(Unauthorized, self.security.authenticate)
self.security._get_token_from_request.assert_called_with()
mock_parse_token.assert_called_with(TEST_TOKEN)
@patch.object(Security, '_parse_auth_token', return_value=TEST_USER_ID)
@patch.object(_Authorization, 'get_user_scope', side_effect=_UserCantAccessOrg())
def test_authenticate_verifyAccessFails_return403(self, mock_get_scope, mock_parse_token):
with self.request_context:
self.assertRaises(Forbidden, self.security.authenticate)
self.security._get_token_from_request.assert_called_with()
mock_parse_token.assert_called_with(TEST_TOKEN)
mock_get_scope.assert_called_with(TEST_TOKEN, flask.request, False)
def test_authenticate_requestFromSwagger_authenticationIgnored(self):
swagger_request_context = self.app.test_request_context("/api/spec/get_swagger_endpoints")
with swagger_request_context:
actual_result = self.security.authenticate()
self.assertEquals(actual_result, None)
def _create_app(config):
app = Flask(__name__)
api = ExceptionHandlingApi(app)
api_doc_route = '/api-docs'
api.add_resource(DataSetSearchResource, config.app_base_path)
api.add_resource(ApiDoc, api_doc_route)
api.add_resource(MetadataEntryResource,
config.app_base_path + '/<entry_id>')
api.add_resource(DataSetCountResource, config.app_base_path + '/count')
api.add_resource(ElasticSearchAdminResource,
config.app_base_path + '/admin/elastic')
security = Security(auth_exceptions=[api_doc_route])
app.before_request(security.authenticate)
return app
app = Flask(__name__)
# our RESTful API wrapped with Swagger documentation
api = swagger.docs(
ExceptionHandlingApi(app),
apiVersion=VERSION,
description='Data Catalog - enables search, retrieval and storage of metadata '
'describing data sets. ')
api.add_resource(DataSetSearchResource, _CONFIG.app_base_path)
api.add_resource(MetadataEntryResource, _CONFIG.app_base_path + '/<entry_id>')
api.add_resource(DataSetCountResource, _CONFIG.app_base_path + '/count')
api.add_resource(ElasticSearchAdminResource, _CONFIG.app_base_path + '/admin/elastic')
ignore_for_auth = ['/api/spec']
security = Security(ignore_for_auth)
app.before_request(security.authenticate)
def prepare_environment():
"""Prepares ElasticSearch index for work if it's not yet ready."""
elastic_search = Elasticsearch('{}:{}'.format(
_CONFIG.elastic.elastic_hostname,
_CONFIG.elastic.elastic_port))
try:
if not elastic_search.indices.exists(_CONFIG.elastic.elastic_index):
elastic_search.indices.create(
index=_CONFIG.elastic.elastic_index,
body=_CONFIG.elastic.metadata_index_setup)
except ConnectionError:
sys.exit("Can't start because of no connection to ElasticSearch.")
