def test_impersonation(self):
role1 = 'role-1'
role2 = 'role-2'
role3 = 'role-3'
role4 = 'role-4'
# Simple test
role_1_principal = DummyIdentity(role1)
with ImpersonateAs(role_1_principal):
self.assertEqual(context.identity, role_1_principal)
self.assertTrue(context.identity.is_in_roles(role1))
# Now we change the role
role_2_principal = DummyIdentity(role2)
with ImpersonateAs(role_2_principal):
self.assertFalse(context.identity.is_in_roles(role1))
self.assertTrue(context.identity.is_in_roles(role2))
# Multiple roles
role_3_4_principal = DummyIdentity(role3, role4)
with ImpersonateAs(role_3_4_principal):
self.assertTrue(context.identity.is_in_roles(role3))
self.assertTrue(context.identity.is_in_roles(role4))
self.assertFalse(context.identity.is_in_roles(role1))
self.assertFalse(context.identity.is_in_roles(role2))
def test_impersonation():
with Context({}) as ctx:
role1 = 'role-1'
role2 = 'role-2'
role3 = 'role-3'
role4 = 'role-4'
# Simple test
role_1_principal = DummyIdentity(role1)
with ImpersonateAs(role_1_principal):
assert context.identity == role_1_principal
assert context.identity.is_in_roles(role1)
# Now we change the role
role_2_principal = DummyIdentity(role2)
with ImpersonateAs(role_2_principal):
assert not context.identity.is_in_roles(role1)
assert context.identity.is_in_roles(role2)
# Multiple roles
role_3_4_principal = DummyIdentity(role3, role4)
with ImpersonateAs(role_3_4_principal):
assert context.identity.is_in_roles(role3)
assert context.identity.is_in_roles(role4)
assert not context.identity.is_in_roles(role1)
assert not context.identity.is_in_roles(role2)
def test_validation_filter(self):
# Test `filter`
# role -> All
self.wsgi_app.jwt_token = DummyIdentity().dump().decode()
result, ___ = self.request('All',
'POST',
'/validation',
doc=False,
params={
'customParam': 'param',
'filteredParamForAll': 'param',
'filteredParamForClient': 'param',
'filteredParamForAdmin': 'param',
})
self.assertNotIn('customParam', result)
self.assertNotIn('filteredParamForClient', result)
self.assertNotIn('filteredParamForAdmin', result)
self.assertIn('filteredParamForAll', result)
# -----------------------------
# role -> Client
self.wsgi_app.jwt_token = DummyIdentity('client').dump().decode()
result, ___ = self.request('Client',
'POST',
'/validation',
doc=False,
params={
'customParam': 'param',
'filteredParamForAll': 'param',
'filteredParamForClient': 'param',
'filteredParamForAdmin': 'param',
})
self.assertNotIn('customParam', result)
self.assertIn('filteredParamForClient', result)
self.assertNotIn('filteredParamForAdmin', result)
self.assertIn('filteredParamForAll', result)
# -----------------------------
# role -> Admin
self.wsgi_app.jwt_token = DummyIdentity('admin').dump().decode()
result, ___ = self.request('Admin',
'POST',
'/validation',
doc=False,
params={
'customParam': 'param',
'filteredParamForAll': 'param',
'filteredParamForClient': 'param',
'filteredParamForAdmin': 'param',
})
self.assertNotIn('customParam', result)
self.assertNotIn('filteredParamForClient', result)
self.assertIn('filteredParamForAdmin', result)
self.assertIn('filteredParamForAll', result)
def test_validation_pattern(self):
# Test `pattern`
# role -> All
self.wsgi_app.jwt_token = DummyIdentity().dump().decode()
self.request('All',
'POST',
'/validation',
doc=False,
params={
'patternedParam1': '0123456789',
'patternedParam2': 'abcdeFGHIJ',
'patternedParam3': 'Exact'
})
self.request('All',
'POST',
'/validation',
doc=False,
params={'patternedParam1': '12345'},
expected_status=400)
# -----------------------------
# role -> Client
self.wsgi_app.jwt_token = DummyIdentity('client').dump().decode()
self.request('Client',
'POST',
'/validation',
doc=False,
params={
'patternedParam1': '12345',
'patternedParam2': 'ABCDE',
'patternedParam3': 'Exact',
'patternedParam4': 'anything'
})
self.request('Client',
'POST',
'/validation',
doc=False,
params={'patternedParam1': '1'},
expected_status=400)
# -----------------------------
# role -> Admin
self.wsgi_app.jwt_token = DummyIdentity('admin').dump().decode()
self.request('Admin',
'POST',
'/validation',
doc=False,
params={
'patternedParam1': '1',
'patternedParam2': 'ABCDEFGHIJ',
'patternedParam4': 'SuperAdmin'
})
self.request('Admin',
'POST',
'/validation',
doc=False,
params={'patternedParam4': 'anything'},
expected_status=400)
def test_validation_types(self):
# Test `type`
# role -> All
self.wsgi_app.jwt_token = DummyIdentity().dump().decode()
result, ___ = self.request(
'All', 'POST', '/validation',
doc=False,
params={
'typedParam1': '1',
'typedParam2': '2',
'typedParam3': '3',
'typedParam4': '4'
}
)
self.assertEqual(type(result['typedParam1']), float)
self.assertEqual(type(result['typedParam2']), float)
self.assertEqual(type(result['typedParam3']), float)
self.assertEqual(type(result['typedParam4']), str)
self.request(
'All', 'POST', '/validation',
doc=False,
params={'typedParam1': 'not_convertible'},
expected_status=400
)
# -----------------------------
# role -> Client
self.wsgi_app.jwt_token = DummyIdentity('client').dump().decode()
result, ___ = self.request(
'Client', 'POST', '/validation',
doc=False,
params={
'typedParam1': '1',
'typedParam2': '2',
'typedParam3': '3',
'typedParam4': '4'
}
)
self.assertEqual(type(result['typedParam1']), int)
self.assertEqual(type(result['typedParam2']), int)
self.assertEqual(type(result['typedParam3']), float)
self.assertEqual(type(result['typedParam4']), str)
self.request(
'Client', 'POST', '/validation',
doc=False,
params={'typedParam1': 'not_convertible'},
expected_status=400
)
# -----------------------------
# role -> Admin
self.wsgi_app.jwt_token = DummyIdentity('admin').dump().decode()
result, ___ = self.request(
'Admin', 'POST', '/validation',
doc=False,
params={
'typedParam1': '1',
'typedParam2': '2',
'typedParam3': '3',
'typedParam4': '4'
}
)
# type complex is dict
self.assertEqual(type(result['typedParam1']), dict)
self.assertEqual(type(result['typedParam2']), float)
self.assertEqual(type(result['typedParam3']), float)
self.assertEqual(type(result['typedParam4']), dict)
self.request(
'Admin', 'POST', '/validation',
doc=False,
params={'typedParam1': 'not_convertible'},
expected_status=400
)
def test_validation_requires(self):
# Test `requires`
# role -> All
self.wsgi_app.jwt_token = DummyIdentity().dump().decode()
result, ___ = self.request('All', 'POST', '/validation', doc=False,
params={'requiresParamForAll': 'param'})
self.assertIn('requiresParamForAll', result)
result, ___ = self.request(
'All', 'POST', '/validation', doc=False,
params={
'customParam': 'param',
'requiresParamForAll': 'param',
}
)
self.assertIn('customParam', result)
self.assertIn('requiresParamForAll', result)
self.request('All', 'POST', '/validation', doc=False, expected_status=400)
self.request('All', 'POST', '/validation', doc=False, params={'customParam': 'param'},
expected_status=400)
self.request('All', 'POST', '/validation', doc=False, params={'requiresParamForClient': 'param'},
expected_status=400)
# -----------------------------
# role -> Client
self.wsgi_app.jwt_token = DummyIdentity('client').dump().decode()
result, ___ = self.request(
'Client', 'POST', '/validation', doc=False,
params={
'requiresParamForAll': 'param',
'requiresParamForClient': 'param',
}
)
self.assertIn('requiresParamForAll', result)
self.assertIn('requiresParamForClient', result)
result, ___ = self.request(
'Client', 'POST', '/validation', doc=False,
params={
'customParam': 'param',
'requiresParamForAll': 'param',
'requiresParamForClient': 'param',
}
)
self.assertIn('customParam', result)
self.assertIn('requiresParamForAll', result)
self.assertIn('requiresParamForClient', result)
self.request('Client', 'POST', '/validation', doc=False, expected_status=400)
self.request('Client', 'POST', '/validation', doc=False, params={'customParam': 'param'},
expected_status=400)
self.request('Client', 'POST', '/validation', doc=False, params={'requiresParamForAll': 'param'},
expected_status=400)
self.request('Client', 'POST', '/validation', doc=False, params={
'requiresParamForClient':
'param',
}, expected_status=400)
# -----------------------------
# role -> Admin
self.wsgi_app.jwt_token = DummyIdentity('admin').dump().decode()
result, ___ = self.request('Admin', 'POST', '/validation', doc=False, params={
'requiresParamForAll': 'param',
'requiresParamForAdmin': 'param',
})
self.assertIn('requiresParamForAll', result)
self.assertIn('requiresParamForAdmin', result)
result, ___ = self.request(
'Admin', 'POST', '/validation', doc=False,
params={
'customParam': 'param',
'requiresParamForAll': 'param',
'requiresParamForAdmin': 'param',
}
)
self.assertIn('customParam', result)
self.assertIn('requiresParamForAll', result)
self.assertIn('requiresParamForAdmin', result)
self.request('Admin', 'POST', '/validation', doc=False, expected_status=400)
self.request('Admin', 'POST', '/validation', doc=False, params={'customParam': 'param'},
expected_status=400)
self.request(
'Admin', 'POST', '/validation', doc=False,
params={
'requiresParamForAll': 'param',
'requiresParamForClient': 'param',
},
expected_status=400
)
self.request('Admin', 'POST', '/validation', doc=False, params={'requiresParamForAdmin': 'param'},
expected_status=400)
def test_validation_exact(self):
# Test `exact`
# role -> All
self.wsgi_app.jwt_token = DummyIdentity().dump().decode()
result, ___ = self.request('All',
'POST',
'/validation',
doc=False,
params={'exactParamForAll': 'param'})
self.request('All',
'POST',
'/validation',
doc=False,
expected_status=400)
self.request('All',
'POST',
'/validation',
doc=False,
params={
'exactParamForAll': 'param',
'exactParamForCustom': 'param',
},
expected_status=400)
self.request('All',
'POST',
'/validation',
doc=False,
params={'exactParamForCustom': 'param'},
expected_status=400)
self.assertIn('exactParamForAll', result)
self.request('All',
'POST',
'/validation',
doc=False,
params={
'exactParamForAll': 'param',
'exactParamForClient': 'param',
},
expected_status=400)
# -----------------------------
# role -> Client
self.wsgi_app.jwt_token = DummyIdentity('client').dump().decode()
result, ___ = self.request('Client',
'POST',
'/validation',
doc=False,
params={
'exactParamForAll': 'param',
'exactParamForClient': 'param',
})
self.assertIn('exactParamForClient', result)
self.assertIn('exactParamForAll', result)
self.request('Client',
'POST',
'/validation',
doc=False,
params={
'exactParamForAll': 'param',
'exactParamForClient': 'param',
'exactParamForAdmin': 'param',
},
expected_status=400)
# -----------------------------
# role -> Admin
self.wsgi_app.jwt_token = DummyIdentity('admin').dump().decode()
result, ___ = self.request('Admin',
'POST',
'/validation',
doc=False,
params={
'exactParamForAll': 'param',
'exactParamForAdmin': 'param',
})
self.assertIn('exactParamForAdmin', result)
self.assertIn('exactParamForAll', result)
self.request('Admin',
'POST',
'/validation',
doc=False,
params={
'exactParamForAll': 'param',
'exactParamForClient': 'param',
'exactParamForAdmin': 'param',
},
expected_status=400)
# ------------------------------------------------------------
# Test query string
self.wsgi_app.jwt_token = DummyIdentity('admin').dump().decode()
result, ___ = self.request('Admin',
'POST',
'/validation',
doc=False,
query_string={
'exactParamForAll': 'param',
},
params={
'exactParamForAdmin': 'param',
})
self.assertIn('exactParamForAdmin', result)
self.assertIn('exactParamForAll', result)
self.request('Admin',
'POST',
'/validation',
doc=False,
query_string={
'exactParamForAll': 'param',
'exactParamForClient': 'param',
},
params={'exactParamForAdmin': 'param'},
expected_status=400)
def test_validation_blacklist(self):
# Test `blacklist`
# role -> All
self.wsgi_app.jwt_token = DummyIdentity().dump().decode()
self.request('All', 'POST', '/validation', doc=False)
self.request('All',
'POST',
'/validation',
doc=False,
params={'customParam': 'param'})
self.request('All',
'POST',
'/validation',
doc=False,
params={'blacklistParamForAll': 'param'},
expected_status=400)
self.request('All',
'POST',
'/validation',
doc=False,
params={'blacklistParamForClient': 'param'})
self.request('All',
'POST',
'/validation',
doc=False,
params={'blacklistParamForAdmin': 'param'})
# -----------------------------
# role -> Client
self.wsgi_app.jwt_token = DummyIdentity('client').dump().decode()
self.request('Client', 'POST', '/validation', doc=False)
self.request('Client',
'POST',
'/validation',
doc=False,
params={'customParam': 'param'})
self.request('Client',
'POST',
'/validation',
doc=False,
params={'blacklistParamForAll': 'param'},
expected_status=400)
self.request('Client',
'POST',
'/validation',
doc=False,
params={'blacklistParamForClient': 'param'},
expected_status=400)
self.request('Client',
'POST',
'/validation',
doc=False,
params={'blacklistParamForAdmin': 'param'})
# -----------------------------
# role -> Admin
self.wsgi_app.jwt_token = DummyIdentity('admin').dump().decode()
self.request('Admin', 'POST', '/validation', doc=False)
self.request('Admin',
'POST',
'/validation',
doc=False,
params={'customParam': 'param'})
self.request('Admin',
'POST',
'/validation',
doc=False,
params={'blacklistParamForAll': 'param'},
expected_status=400)
self.request('Admin',
'POST',
'/validation',
doc=False,
params={'blacklistParamForClient': 'param'})
self.request('Admin',
'POST',
'/validation',
doc=False,
params={'blacklistParamForAdmin': 'param'},
expected_status=400)