def run(self):
while not self.found_error.isSet() and not self.stop:
# Create a new environ simulating the fresh environ each request gets
environ = {'repoze.what.credentials': self.credentials.copy()}
try:
check_authorization(self.shared_predicate, environ)
except NotAuthorizedError, exc:
if unicode(exc) != self.expected_error:
self.found_error.set()
def test_check_authorization(self):
logger = FakeLogger()
environ = make_environ('gustavo',
permissions=['watch-tv', 'party', 'eat'])
environ['repoze.who.logger'] = logger
p = has_any_permission('party', 'scream')
check_authorization(p, environ)
info = logger.messages['info']
assert "Authorization granted" == info[0]
def run(self):
while not self.found_error.isSet() and not self.stop:
# Create a new environ simulating the fresh environ each request gets
environ = {'repoze.what.credentials': self.credentials.copy()}
try:
check_authorization(self.shared_predicate, environ)
except NotAuthorizedError, exc:
if unicode(exc) != self.expected_error:
self.found_error.set()
def test_check_authorization(self):
logger = FakeLogger()
environ = make_environ('gustavo', permissions=['watch-tv', 'party',
'eat'])
environ['repoze.who.logger'] = logger
p = has_any_permission('party', 'scream')
check_authorization(p, environ)
info = logger.messages['info']
assert "Authorization granted" == info[0]
def test_check_authorization_granted_with_predicates_booleanized(self):
"""Authorization must be granted as usual."""
logger = FakeLogger()
environ = make_environ('gustavo',
permissions=['watch-tv', 'party', 'eat'])
environ['repoze.who.logger'] = logger
p = self._get_booleanized_has_permission('party', environ)
assert bool(p), "Predicate isn't booleanized"
check_authorization(p, environ)
info = logger.messages['info']
assert "Authorization granted" == info[0]
def test_check_authorization_granted_with_predicates_booleanized(self):
"""Authorization must be granted as usual."""
logger = FakeLogger()
environ = make_environ('gustavo', permissions=['watch-tv', 'party',
'eat'])
environ['repoze.who.logger'] = logger
p = self._get_booleanized_has_permission('party', environ)
assert bool(p), "Predicate isn't booleanized"
check_authorization(p, environ)
info = logger.messages['info']
assert "Authorization granted" == info[0]
def test_check_authorization_denies_with_predicates_booleanized(self):
"""Authorization must be denied as usual."""
logger = FakeLogger()
environ = make_environ('gustavo')
environ['repoze.who.logger'] = logger
p = self._get_booleanized_has_permission('party', environ)
assert not bool(p), "Predicate isn't booleanized"
try:
check_authorization(p, environ)
self.fail('Authorization must have been rejected')
except NotAuthorizedError, e:
error_msg = 'The user must have the "party" permission'
self.assertEqual(str(e), error_msg)
# Testing the logs:
info = logger.messages['info']
assert "Authorization denied: %s" % error_msg == info[0]
def test_check_authorization_denies_with_predicates_booleanized(self):
"""Authorization must be denied as usual."""
logger = FakeLogger()
environ = make_environ('gustavo')
environ['repoze.who.logger'] = logger
p = self._get_booleanized_has_permission('party', environ)
assert not bool(p), "Predicate isn't booleanized"
try:
check_authorization(p, environ)
self.fail('Authorization must have been rejected')
except NotAuthorizedError, e:
error_msg = 'The user must have the "party" permission'
self.assertEqual(str(e), error_msg)
# Testing the logs:
info = logger.messages['info']
assert "Authorization denied: %s" % error_msg == info[0]
def check_predicates(predicates):
"""
Using the current WSGI environment run a list of predicates.
This can only be used when inside a WSGI request
:return: False is any one is False
:return: True if they are all True
"""
from pylons import request
if(not(isinstance(predicates, list) or isinstance(predicates, tuple))):
predicates = (predicates,)
for p in predicates:
try:
check_authorization(p, request.environ)
except NotAuthorizedError, e:
return False
def check_predicates(predicates):
"""
Using the current WSGI environment run a list of predicates.
This can only be used when inside a WSGI request
:return: False is any one is False
:return: True if they are all True
"""
from pylons import request
if(not(isinstance(predicates, list) or isinstance(predicates, tuple))):
predicates = (predicates,)
for p in predicates:
try:
check_authorization(p, request.environ)
except NotAuthorizedError, e:
return False
