def run(self): while not self.found_error.isSet() and not self.stop: # Create a new environ simulating the fresh environ each request gets environ = {'repoze.what.credentials': self.credentials.copy()} try: check_authorization(self.shared_predicate, environ) except NotAuthorizedError, exc: if unicode(exc) != self.expected_error: self.found_error.set()
def test_check_authorization(self): logger = FakeLogger() environ = make_environ('gustavo', permissions=['watch-tv', 'party', 'eat']) environ['repoze.who.logger'] = logger p = has_any_permission('party', 'scream') check_authorization(p, environ) info = logger.messages['info'] assert "Authorization granted" == info[0]
def test_check_authorization_granted_with_predicates_booleanized(self): """Authorization must be granted as usual.""" logger = FakeLogger() environ = make_environ('gustavo', permissions=['watch-tv', 'party', 'eat']) environ['repoze.who.logger'] = logger p = self._get_booleanized_has_permission('party', environ) assert bool(p), "Predicate isn't booleanized" check_authorization(p, environ) info = logger.messages['info'] assert "Authorization granted" == info[0]
def test_check_authorization_denies_with_predicates_booleanized(self): """Authorization must be denied as usual.""" logger = FakeLogger() environ = make_environ('gustavo') environ['repoze.who.logger'] = logger p = self._get_booleanized_has_permission('party', environ) assert not bool(p), "Predicate isn't booleanized" try: check_authorization(p, environ) self.fail('Authorization must have been rejected') except NotAuthorizedError, e: error_msg = 'The user must have the "party" permission' self.assertEqual(str(e), error_msg) # Testing the logs: info = logger.messages['info'] assert "Authorization denied: %s" % error_msg == info[0]
def check_predicates(predicates): """ Using the current WSGI environment run a list of predicates. This can only be used when inside a WSGI request :return: False is any one is False :return: True if they are all True """ from pylons import request if(not(isinstance(predicates, list) or isinstance(predicates, tuple))): predicates = (predicates,) for p in predicates: try: check_authorization(p, request.environ) except NotAuthorizedError, e: return False