def test_using_user_with_Admin_membership(self):
self.inputs['dart_client_name'] = '*****@*****.**'
self.inputs['user_roles_service'] = self.create_fake_user_role_service(self.inputs['current_user'].email,
['Can_Edit'],
['Is_Member_Of_BA', 'Is_Member_Of_Admin'])
ret = prepare_inputs(**self.inputs)
self.assertTrue(isinstance(ret, dict))
def test_using_non_existing_user(self):
self.inputs['dart_client_name'] = '*****@*****.**'
self.inputs['user_roles_service'] = self.create_fake_user_role_service("*****@*****.**",
['Can_Edit'],
['Is_Member_Of_BA'])
ret = prepare_inputs(**self.inputs)
self.assertEqual(ret, "Authorization: [email protected] Current user's [email protected] is likely not in database.")
def test_using_user_with_Admin_membership(self):
self.inputs['dart_client_name'] = '*****@*****.**'
self.inputs['user_roles_service'] = self.create_fake_user_role_service(
self.inputs['current_user'].email, ['Can_Edit'],
['Is_Member_Of_BA', 'Is_Member_Of_Admin'])
ret = prepare_inputs(**self.inputs)
self.assertTrue(isinstance(ret, dict))
def wrapped_f(*args, **kwargs):
try:
inputs = prepare_inputs(current_user=current_user,
kwargs=kwargs,
user_roles_service=current_app.dart_context.get(UserRolesService),
get_known_entity=get_known_entity,
debug_uuid=uuid.uuid4().hex,
action_roles=action_roles,
dart_client_name=DART_CLIENT_NAME)
if isinstance(inputs, basestring):
_logger.error(inputs)
return make_response(inputs, 403)
# Else we assume inputs is a dictionary of params to authorization_decorator(...)
inputs['dart_client_name_'] = DART_CLIENT_NAME
inputs['action_roles_'] = action_roles
err = authorization_decorator(**inputs)
if err:
_logger.error(err)
return make_response(err, 403)
# To catch unexpected errors and return 500 error.
except Exception as err:
return make_response(str(err), 500)
# clear to run
return f(*args, **kwargs)
def wrapped_f(*args, **kwargs):
try:
inputs = prepare_inputs(
current_user=current_user,
kwargs=kwargs,
user_roles_service=current_app.dart_context.get(
UserRolesService),
get_known_entity=get_known_entity,
debug_uuid=uuid.uuid4().hex,
action_roles=action_roles,
dart_client_name=DART_CLIENT_NAME)
if isinstance(inputs, basestring):
_logger.error(inputs)
return make_response(inputs, 403)
# Else we assume inputs is a dictionary of params to authorization_decorator(...)
inputs['dart_client_name_'] = DART_CLIENT_NAME
inputs['action_roles_'] = action_roles
err = authorization_decorator(**inputs)
if err:
_logger.error(err)
return make_response(err, 403)
# To catch unexpected errors and return 500 error.
except Exception as err:
return make_response(str(err), 500)
# clear to run
return f(*args, **kwargs)
def test_using_non_existing_user(self):
self.inputs['dart_client_name'] = '*****@*****.**'
self.inputs['user_roles_service'] = self.create_fake_user_role_service(
"*****@*****.**", ['Can_Edit'], ['Is_Member_Of_BA'])
ret = prepare_inputs(**self.inputs)
self.assertEqual(
ret,
"Authorization: [email protected] Current user's [email protected] is likely not in database."
)
def test_using_user_with__non_Admin_membership(self):
self.inputs['dart_client_name'] = '*****@*****.**'
self.inputs['user_roles_service'] = self.create_fake_user_role_service(self.inputs['current_user'].email,
['Can_Edit'],
['Is_Member_Of_BA'])
FakeDatastoreId = namedtuple('FakeDatastoreId', 'datastore_id')
fakeDatastoreId = FakeDatastoreId(datastore_id=self.inputs['current_user'].email)
self.inputs['kwargs'] = self.create_fake_kwargs(data=fakeDatastoreId, type='workflow')
FakeUserId = namedtuple('FakeDatastoreId', 'user_id')
fakeUserId = FakeUserId(user_id=self.inputs['current_user'].email)
self.inputs['get_known_entity'] = self.create_fake_get_known_entity(data=fakeUserId)
ret = prepare_inputs(**self.inputs)
self.assertTrue(isinstance(ret, dict))
def test_template_action_with_no_datastore_id(self):
self.inputs['dart_client_name'] = '*****@*****.**'
self.inputs['user_roles_service'] = self.create_fake_user_role_service(self.inputs['current_user'].email,
['Can_Edit'],
['Is_Member_Of_BA'])
FakeUserIdWithEmptyDatastoreId = namedtuple('FakeUserIdWithEmptyDatastoreId', ['user_id', 'datastore_id'])
fakeUserIdWithEmptyDatastoreId = FakeUserIdWithEmptyDatastoreId(user_id=self.inputs['current_user'].email,
datastore_id=u'')
self.inputs['kwargs'] = self.create_fake_kwargs(data=fakeUserIdWithEmptyDatastoreId, type='action')
self.inputs['get_known_entity'] = self.create_fake_get_known_entity(data=fakeUserIdWithEmptyDatastoreId)
ret = prepare_inputs(**self.inputs)
self.assertTrue(isinstance(ret, dict))
def test_template_action_with_no_datastore_id(self):
self.inputs['dart_client_name'] = '*****@*****.**'
self.inputs['user_roles_service'] = self.create_fake_user_role_service(
self.inputs['current_user'].email, ['Can_Edit'],
['Is_Member_Of_BA'])
FakeUserIdWithEmptyDatastoreId = namedtuple(
'FakeUserIdWithEmptyDatastoreId', ['user_id', 'datastore_id'])
fakeUserIdWithEmptyDatastoreId = FakeUserIdWithEmptyDatastoreId(
user_id=self.inputs['current_user'].email, datastore_id=u'')
self.inputs['kwargs'] = self.create_fake_kwargs(
data=fakeUserIdWithEmptyDatastoreId, type='action')
self.inputs['get_known_entity'] = self.create_fake_get_known_entity(
data=fakeUserIdWithEmptyDatastoreId)
ret = prepare_inputs(**self.inputs)
self.assertTrue(isinstance(ret, dict))
def test_using_user_with__non_Admin_membership(self):
self.inputs['dart_client_name'] = '*****@*****.**'
self.inputs['user_roles_service'] = self.create_fake_user_role_service(
self.inputs['current_user'].email, ['Can_Edit'],
['Is_Member_Of_BA'])
FakeDatastoreId = namedtuple('FakeDatastoreId', 'datastore_id')
fakeDatastoreId = FakeDatastoreId(
datastore_id=self.inputs['current_user'].email)
self.inputs['kwargs'] = self.create_fake_kwargs(data=fakeDatastoreId,
type='workflow')
FakeUserId = namedtuple('FakeDatastoreId', 'user_id')
fakeUserId = FakeUserId(user_id=self.inputs['current_user'].email)
self.inputs['get_known_entity'] = self.create_fake_get_known_entity(
data=fakeUserId)
ret = prepare_inputs(**self.inputs)
self.assertTrue(isinstance(ret, dict))
def test_using_super_user(self):
self.inputs['dart_client_name'] = self.inputs['current_user'].email
ret = prepare_inputs(**self.inputs)
self.assertTrue(isinstance(ret, dict))
def test_wrong_action_roles(self):
self.inputs['action_roles'] = ['typo']
self.assertEqual(prepare_inputs(**self.inputs),
"Authorization: [email protected] Missing action_roles, not in ActionRoles ['Create', 'Edit', 'Run', 'Delete']. [email protected], action_roles=['typo']")
def test_no_user(self):
self.inputs['current_user'] = {}
self.assertEqual(prepare_inputs(**self.inputs),
"Authorization: Cannot authorize user without email. user={}, action_roles=['Edit']")
def test_using_super_user(self):
self.inputs['dart_client_name'] = self.inputs['current_user'].email
ret = prepare_inputs(**self.inputs)
self.assertTrue(isinstance(ret, dict))
def test_wrong_action_roles(self):
self.inputs['action_roles'] = ['typo']
self.assertEqual(
prepare_inputs(**self.inputs),
"Authorization: [email protected] Missing action_roles, not in ActionRoles ['Create', 'Edit', 'Run', 'Delete']. [email protected], action_roles=['typo']"
)
def test_no_user(self):
self.inputs['current_user'] = {}
self.assertEqual(
prepare_inputs(**self.inputs),
"Authorization: Cannot authorize user without email. user={}, action_roles=['Edit']"
)