def test_using_user_with_Admin_membership(self): self.inputs['dart_client_name'] = '*****@*****.**' self.inputs['user_roles_service'] = self.create_fake_user_role_service(self.inputs['current_user'].email, ['Can_Edit'], ['Is_Member_Of_BA', 'Is_Member_Of_Admin']) ret = prepare_inputs(**self.inputs) self.assertTrue(isinstance(ret, dict))
def test_using_non_existing_user(self): self.inputs['dart_client_name'] = '*****@*****.**' self.inputs['user_roles_service'] = self.create_fake_user_role_service("*****@*****.**", ['Can_Edit'], ['Is_Member_Of_BA']) ret = prepare_inputs(**self.inputs) self.assertEqual(ret, "Authorization: [email protected] Current user's [email protected] is likely not in database.")
def test_using_user_with_Admin_membership(self): self.inputs['dart_client_name'] = '*****@*****.**' self.inputs['user_roles_service'] = self.create_fake_user_role_service( self.inputs['current_user'].email, ['Can_Edit'], ['Is_Member_Of_BA', 'Is_Member_Of_Admin']) ret = prepare_inputs(**self.inputs) self.assertTrue(isinstance(ret, dict))
def wrapped_f(*args, **kwargs): try: inputs = prepare_inputs(current_user=current_user, kwargs=kwargs, user_roles_service=current_app.dart_context.get(UserRolesService), get_known_entity=get_known_entity, debug_uuid=uuid.uuid4().hex, action_roles=action_roles, dart_client_name=DART_CLIENT_NAME) if isinstance(inputs, basestring): _logger.error(inputs) return make_response(inputs, 403) # Else we assume inputs is a dictionary of params to authorization_decorator(...) inputs['dart_client_name_'] = DART_CLIENT_NAME inputs['action_roles_'] = action_roles err = authorization_decorator(**inputs) if err: _logger.error(err) return make_response(err, 403) # To catch unexpected errors and return 500 error. except Exception as err: return make_response(str(err), 500) # clear to run return f(*args, **kwargs)
def wrapped_f(*args, **kwargs): try: inputs = prepare_inputs( current_user=current_user, kwargs=kwargs, user_roles_service=current_app.dart_context.get( UserRolesService), get_known_entity=get_known_entity, debug_uuid=uuid.uuid4().hex, action_roles=action_roles, dart_client_name=DART_CLIENT_NAME) if isinstance(inputs, basestring): _logger.error(inputs) return make_response(inputs, 403) # Else we assume inputs is a dictionary of params to authorization_decorator(...) inputs['dart_client_name_'] = DART_CLIENT_NAME inputs['action_roles_'] = action_roles err = authorization_decorator(**inputs) if err: _logger.error(err) return make_response(err, 403) # To catch unexpected errors and return 500 error. except Exception as err: return make_response(str(err), 500) # clear to run return f(*args, **kwargs)
def test_using_non_existing_user(self): self.inputs['dart_client_name'] = '*****@*****.**' self.inputs['user_roles_service'] = self.create_fake_user_role_service( "*****@*****.**", ['Can_Edit'], ['Is_Member_Of_BA']) ret = prepare_inputs(**self.inputs) self.assertEqual( ret, "Authorization: [email protected] Current user's [email protected] is likely not in database." )
def test_using_user_with__non_Admin_membership(self): self.inputs['dart_client_name'] = '*****@*****.**' self.inputs['user_roles_service'] = self.create_fake_user_role_service(self.inputs['current_user'].email, ['Can_Edit'], ['Is_Member_Of_BA']) FakeDatastoreId = namedtuple('FakeDatastoreId', 'datastore_id') fakeDatastoreId = FakeDatastoreId(datastore_id=self.inputs['current_user'].email) self.inputs['kwargs'] = self.create_fake_kwargs(data=fakeDatastoreId, type='workflow') FakeUserId = namedtuple('FakeDatastoreId', 'user_id') fakeUserId = FakeUserId(user_id=self.inputs['current_user'].email) self.inputs['get_known_entity'] = self.create_fake_get_known_entity(data=fakeUserId) ret = prepare_inputs(**self.inputs) self.assertTrue(isinstance(ret, dict))
def test_template_action_with_no_datastore_id(self): self.inputs['dart_client_name'] = '*****@*****.**' self.inputs['user_roles_service'] = self.create_fake_user_role_service(self.inputs['current_user'].email, ['Can_Edit'], ['Is_Member_Of_BA']) FakeUserIdWithEmptyDatastoreId = namedtuple('FakeUserIdWithEmptyDatastoreId', ['user_id', 'datastore_id']) fakeUserIdWithEmptyDatastoreId = FakeUserIdWithEmptyDatastoreId(user_id=self.inputs['current_user'].email, datastore_id=u'') self.inputs['kwargs'] = self.create_fake_kwargs(data=fakeUserIdWithEmptyDatastoreId, type='action') self.inputs['get_known_entity'] = self.create_fake_get_known_entity(data=fakeUserIdWithEmptyDatastoreId) ret = prepare_inputs(**self.inputs) self.assertTrue(isinstance(ret, dict))
def test_template_action_with_no_datastore_id(self): self.inputs['dart_client_name'] = '*****@*****.**' self.inputs['user_roles_service'] = self.create_fake_user_role_service( self.inputs['current_user'].email, ['Can_Edit'], ['Is_Member_Of_BA']) FakeUserIdWithEmptyDatastoreId = namedtuple( 'FakeUserIdWithEmptyDatastoreId', ['user_id', 'datastore_id']) fakeUserIdWithEmptyDatastoreId = FakeUserIdWithEmptyDatastoreId( user_id=self.inputs['current_user'].email, datastore_id=u'') self.inputs['kwargs'] = self.create_fake_kwargs( data=fakeUserIdWithEmptyDatastoreId, type='action') self.inputs['get_known_entity'] = self.create_fake_get_known_entity( data=fakeUserIdWithEmptyDatastoreId) ret = prepare_inputs(**self.inputs) self.assertTrue(isinstance(ret, dict))
def test_using_user_with__non_Admin_membership(self): self.inputs['dart_client_name'] = '*****@*****.**' self.inputs['user_roles_service'] = self.create_fake_user_role_service( self.inputs['current_user'].email, ['Can_Edit'], ['Is_Member_Of_BA']) FakeDatastoreId = namedtuple('FakeDatastoreId', 'datastore_id') fakeDatastoreId = FakeDatastoreId( datastore_id=self.inputs['current_user'].email) self.inputs['kwargs'] = self.create_fake_kwargs(data=fakeDatastoreId, type='workflow') FakeUserId = namedtuple('FakeDatastoreId', 'user_id') fakeUserId = FakeUserId(user_id=self.inputs['current_user'].email) self.inputs['get_known_entity'] = self.create_fake_get_known_entity( data=fakeUserId) ret = prepare_inputs(**self.inputs) self.assertTrue(isinstance(ret, dict))
def test_using_super_user(self): self.inputs['dart_client_name'] = self.inputs['current_user'].email ret = prepare_inputs(**self.inputs) self.assertTrue(isinstance(ret, dict))
def test_wrong_action_roles(self): self.inputs['action_roles'] = ['typo'] self.assertEqual(prepare_inputs(**self.inputs), "Authorization: [email protected] Missing action_roles, not in ActionRoles ['Create', 'Edit', 'Run', 'Delete']. [email protected], action_roles=['typo']")
def test_no_user(self): self.inputs['current_user'] = {} self.assertEqual(prepare_inputs(**self.inputs), "Authorization: Cannot authorize user without email. user={}, action_roles=['Edit']")
def test_wrong_action_roles(self): self.inputs['action_roles'] = ['typo'] self.assertEqual( prepare_inputs(**self.inputs), "Authorization: [email protected] Missing action_roles, not in ActionRoles ['Create', 'Edit', 'Run', 'Delete']. [email protected], action_roles=['typo']" )
def test_no_user(self): self.inputs['current_user'] = {} self.assertEqual( prepare_inputs(**self.inputs), "Authorization: Cannot authorize user without email. user={}, action_roles=['Edit']" )