def test_authenticate_disabled_verbose_logging(self, mock_config): mock_config_instance = mock.Mock() # False for disabled, True for verbose logging mock_config_instance.getboolean.side_effect = [False, True] mock_config.return_value = mock_config_instance environ = {} environ["wsgi.errors"] = mock.Mock() auth_enabled_validation.authenticate(environ) logged_str = 'Repo authentication is not enabled. Skipping all checks.' environ["wsgi.errors"].write.assert_called_once_with(logged_str)
def allow_access(environ, host): """ Hook into mod_wsgi to be invoked when a request is determining authentication. If the authentication is successful, this method returns True. If validation fails, False is returned. :param environ: environ passed in from mod_wsgi :type environ: dict of env vars :param host: hostname passed from mod_wsgi (not used) :type host: str :return: True if the request is authorized or validation is disabled, otherwise False. :rtype: Boolean """ # If auth is disabled, then let the request continue. Note that this returns # True if auth is disabled. if auth_enabled_validation.authenticate(environ): return True # find all of the authenticator methods we need to try authenticators = {} for ep in iter_entry_points(group=AUTH_ENTRY_POINT): authenticators.update({ep.name: ep.load()}) # loop through authenticators. If any return False, kick the user out. for auth_method in authenticators: if not authenticators[auth_method](environ): return False # if we get this far then the user is authorized return True
def test_authenticate_disabled(self, mock_config): mock_config_instance = mock.Mock() # False for disabled, False for verbose logging mock_config_instance.getboolean.side_effect = [False, False] mock_config.return_value = mock_config_instance mock_environ = mock.Mock() result = auth_enabled_validation.authenticate(mock_environ) # NB: "True" means "disabled" since further checks are short-circuited. self.assertEquals(result, True)
def test_authenticate_enabled(self, mock_config): mock_config_instance = mock.Mock() # True for enabled, False for verbose logging mock_config_instance.getboolean.side_effect = [True, False] mock_config.return_value = mock_config_instance mock_environ = mock.Mock() result = auth_enabled_validation.authenticate(mock_environ) # NB: this is "False" which means Pulp will rely on the optional # plugins further down the chain. False means enabled:) self.assertEquals(result, False)