コード例 #1
0
def check_permissions(app_conf, token_to_validate, lcp_id):
    logger.debug("Check permissions...start")
    try:
        if _is_authorization_enabled(app_conf):
            if token_to_validate is not None and lcp_id is not None and str(
                    token_to_validate).strip() != '' and str(
                        lcp_id).strip() != '':
                token_conf = _get_token_conf(app_conf)
                logger.debug(
                    "Authorization: validating token=[{}] on lcp_id=[{}]".
                    format(token_to_validate, lcp_id))
                is_permitted = tokens.is_token_valid(token_to_validate, lcp_id,
                                                     token_conf)
                logger.debug(
                    "Authorization: The token=[{}] on lcp_id=[{}] is [{}]".
                    format(token_to_validate, lcp_id,
                           "valid" if is_permitted else "invalid"))
            else:
                raise Exception(
                    "Token=[{}] and/or Region=[{}] are empty/none.".format(
                        token_to_validate, lcp_id))
        else:
            logger.debug(
                "The authentication service is disabled. No authentication is needed."
            )
            is_permitted = True
    except Exception as e:
        msg = "Fail to validate request. due to {}.".format(e.message)
        logger.error(msg)
        logger.exception(e)
        is_permitted = False
    logger.debug("Check permissions...end")
    return is_permitted
コード例 #2
0
def check_permissions(token_to_validate, lcp_id):
    logger.debug("Check permissions...start")
    try:
        if _is_authorization_enabled():
            token_conf = _get_token_conf()
            logger.debug(
                "Authorization: validating token=[{}] on lcp_id=[{}]".format(
                    token_to_validate, lcp_id))
            is_permitted = tokens.is_token_valid(token_to_validate, lcp_id,
                                                 token_conf)
            logger.debug(
                "Authorization: The token=[{}] on lcp_id=[{}] is [{}]".format(
                    token_to_validate, lcp_id,
                    "valid" if is_permitted else "invalid"))
        else:
            logger.debug(
                "The authentication service is disabled. No authentication is needed."
            )
            is_permitted = True
    except Exception as e:
        msg = "Fail to validate request. due to {}.".format(e.message)
        logger.error(msg)
        logger.exception(e)
        is_permitted = False
    logger.debug("Check permissions...end")
    return is_permitted
コード例 #3
0
ファイル: test_tokens.py プロジェクト: RaigaX9/ranger 
 def test_is_token_valid_token_not_found(self, mock_get):
     client_backup = tokens.v3_client.Client
     tokens.v3_client.Client = mock.MagicMock(return_value=MyClient())
     self.assertFalse(
         tokens.is_token_valid('a', 'b',
                               tokens.TokenConf('a', 'b', 'c', 'd', '3')))
     tokens.v3_client.Client = client_backup
コード例 #4
0
ファイル: test_tokens.py プロジェクト: RaigaX9/ranger 
 def test_is_token_valid_sanity_role_required(self, mock_get, mock_client):
     user = {'user': {'id': 'test_id', 'domain': {'id': 'test'}}}
     mock_client.tokens.validate = mock.MagicMock(return_value=user)
     self.assertTrue(
         tokens.is_token_valid('a', 'b',
                               tokens.TokenConf('a', 'b', 'c', 'd', '3'),
                               'test', {'domain': 'test'}))
コード例 #5
0
ファイル: test_tokens.py プロジェクト: RaigaX9/ranger 
 def test_is_token_valid_keystone_v2(self, mock_get):
     client_backup = tokens.v2_client.Client
     tokens.v2_client.Client = mock.MagicMock()
     self.assertFalse(
         tokens.is_token_valid('a', 'b',
                               tokens.TokenConf('a', 'b', 'c', 'd', '2.0'),
                               'test', {'tenant': 'test'}))
     tokens.v2_client.Client = client_backup
コード例 #6
0
ファイル: test_tokens.py プロジェクト: RaigaX9/ranger 
 def test_is_token_valid_sanity(self, mock_get, mock_client):
     self.assertTrue(
         tokens.is_token_valid('a', 'b',
                               tokens.TokenConf('a', 'b', 'c', 'd', '3')))