예제 #1
0
    def test_most_specific_permission_takes_priority_when_true(self):
        c = dragonchain_sdk.create_client(auth_key=PERMISSION_TESTING_KEY, auth_key_id=PERMISSION_TESTING_KEY_ID)
        # Arbitrarily picked get_transaction for testing this generic behavior
        setup = self.client.update_api_key(
            PERMISSION_TESTING_KEY_ID, permissions_document={"version": "1", "default_allow": False, "permissions": {"allow_read": True}}
        )
        self.assertTrue(setup.get("ok"), setup)
        response = c.get_transaction("blah")
        self.assertNotEqual(response.get("status"), 403, response)

        setup = self.client.update_api_key(
            PERMISSION_TESTING_KEY_ID,
            permissions_document={"version": "1", "default_allow": False, "permissions": {"allow_read": False, "transactions": {"allow_read": True}}},
        )
        self.assertTrue(setup.get("ok"), setup)
        response = c.get_transaction("blah")
        self.assertNotEqual(response.get("status"), 403, response)

        setup = self.client.update_api_key(
            PERMISSION_TESTING_KEY_ID,
            permissions_document={
                "version": "1",
                "default_allow": False,
                "permissions": {"allow_read": False, "transactions": {"allow_read": False, "get_transaction": {"allowed": True}}},
            },
        )
        self.assertTrue(setup.get("ok"), setup)
        response = c.get_transaction("blah")
        self.assertNotEqual(response.get("status"), 403, response)
예제 #2
0
 def default_allow_true_allows_all_functions(self):
     setup = self.client.update_api_key(PERMISSION_TESTING_KEY_ID, permissions_document={"version": "1", "default_allow": True, "permissions": {}})
     self.assertTrue(setup.get("ok"), setup)
     c = dragonchain_sdk.create_client(auth_key=PERMISSION_TESTING_KEY, auth_key_id=PERMISSION_TESTING_KEY_ID)
     for method in all_client_functions:
         method = dict(method)
         response = getattr(c, method["fn"])(*method["params"])
         self.assertNotEqual(response.get("status"), 403, method)
예제 #3
0
 def test_individual_endpoints_allow_false_works_when_default_true(self):
     c = dragonchain_sdk.create_client(auth_key=PERMISSION_TESTING_KEY, auth_key_id=PERMISSION_TESTING_KEY_ID)
     for method in all_client_functions:
         method = dict(method)
         setup = self.client.update_api_key(
             PERMISSION_TESTING_KEY_ID,
             permissions_document={
                 "version": "1",
                 "default_allow": True,
                 "permissions": {method["permission_group"]: {method["permission_name"]: {"allowed": False}}},
             },
         )
         self.assertTrue(setup.get("ok"), setup)
         response = getattr(c, method["fn"])(*method["params"])
         self.assertEqual(response.get("status"), 403, method)
예제 #4
0
async def create_aio_client(*args: Any, **kwargs: Any) -> "dragonchain_client.Client":
    """Construct a new async ``Client`` object

    Args:
        Refer to dragonchain_sdk.create_client for arguments

    Returns:
        A new Dragonchain client which makes async requests.
    """
    client = dragonchain_sdk.create_client(*args, **kwargs)
    # Change out the client's request internals to become async-capable with aiohttp
    client.request.session = aiohttp.ClientSession(loop=asyncio.get_event_loop())
    client.request._make_request = types.MethodType(_make_request, client.request)  # type: ignore
    # Add close function to the client for aiohttp cleanup
    client.close = types.MethodType(client_close, client)  # type: ignore
    return client
예제 #5
0
 def global_allow_delete_works_with_all_delete_functions(self):
     c = dragonchain_sdk.create_client(auth_key=PERMISSION_TESTING_KEY, auth_key_id=PERMISSION_TESTING_KEY_ID)
     # Check default true, allow false
     setup = self.client.update_api_key(
         PERMISSION_TESTING_KEY_ID, permissions_document={"version": "1", "default_allow": True, "permissions": {"allow_delete": False}}
     )
     self.assertTrue(setup.get("ok"), setup)
     methods = get_permission_type_functions("delete")
     for method in methods:
         method = dict(method)
         response = getattr(c, method["fn"])(*method["params"])
         self.assertEqual(response.get("status"), 403, method)
     # Check default false, allow true
     setup = self.client.update_api_key(
         PERMISSION_TESTING_KEY_ID, permissions_document={"version": "1", "default_allow": False, "permissions": {"allow_delete": True}}
     )
     self.assertTrue(setup.get("ok"), setup)
     for method in methods:
         method = dict(method)
         response = getattr(c, method["fn"])(*method["params"])
         self.assertNotEqual(response.get("status"), 403, method)
예제 #6
0
 def test_custom_create_transaction_permissions(self):
     c = dragonchain_sdk.create_client(auth_key=PERMISSION_TESTING_KEY, auth_key_id=PERMISSION_TESTING_KEY_ID)
     # Test blacklist permissioning
     setup = self.client.update_api_key(
         PERMISSION_TESTING_KEY_ID,
         permissions_document={
             "version": "1",
             "default_allow": False,
             "permissions": {"transactions": {"create_transaction": {"allowed": True, "transaction_types": {"banana": False}}}},
         },
     )
     self.assertTrue(setup.get("ok"), setup)
     # Check with single not allowed transaction
     response = c.create_transaction("banana", "payload")
     self.assertEqual(response.get("status"), 403, response)
     # Check with single allowed transaction
     response = c.create_transaction("notbanana", "payload")
     self.assertNotEqual(response.get("status"), 403, response)
     # Check bulk with allowed/not allowed mix
     response = c.create_bulk_transaction(
         [{"transaction_type": "banana", "payload": "payload"}, {"transaction_type": "notbanana", "payload": "payload"}]
     )
     self.assertEqual(response.get("status"), 403, response)
     # Check bulk with only not allowed transactions
     response = c.create_bulk_transaction(
         [{"transaction_type": "banana", "payload": "payload"}, {"transaction_type": "banana", "payload": "payload"}]
     )
     self.assertEqual(response.get("status"), 403, response)
     # Check bulk with only allowed transactions
     response = c.create_bulk_transaction(
         [{"transaction_type": "notbanana", "payload": "payload"}, {"transaction_type": "notbanana", "payload": "payload"}]
     )
     self.assertNotEqual(response.get("status"), 403, response)
     # Test whitelist permissioning
     setup = self.client.update_api_key(
         PERMISSION_TESTING_KEY_ID,
         permissions_document={
             "version": "1",
             "default_allow": False,
             "permissions": {"transactions": {"create_transaction": {"allowed": False, "transaction_types": {"banana": True}}}},
         },
     )
     self.assertTrue(setup.get("ok"), setup)
     # Check with single allowed transaction
     response = c.create_transaction("banana", "payload")
     self.assertNotEqual(response.get("status"), 403, response)
     # Check with single not allowed transaction
     response = c.create_transaction("notbanana", "payload")
     self.assertEqual(response.get("status"), 403, response)
     # Check bulk with allowed/not allowed mix
     response = c.create_bulk_transaction(
         [{"transaction_type": "banana", "payload": "payload"}, {"transaction_type": "notbanana", "payload": "payload"}]
     )
     self.assertEqual(response.get("status"), 403, response)
     # Check bulk with only allowed transactions
     response = c.create_bulk_transaction(
         [{"transaction_type": "banana", "payload": "payload"}, {"transaction_type": "banana", "payload": "payload"}]
     )
     self.assertNotEqual(response.get("status"), 403, response)
     # Check bulk with only not allowed transactions
     response = c.create_bulk_transaction(
         [{"transaction_type": "notbanana", "payload": "payload"}, {"transaction_type": "notbanana", "payload": "payload"}]
     )
     self.assertEqual(response.get("status"), 403, response)
예제 #7
0
 def default_permissions_denies_create_update_delete_api_keys(self):
     c = dragonchain_sdk.create_client(auth_key=PERMISSION_TESTING_KEY, auth_key_id=PERMISSION_TESTING_KEY_ID)
     self.assertEqual(c.create_api_key(), default_action_forbidden_response("create_api_key"))
     self.assertEqual(c.update_api_key("whatever"), default_action_forbidden_response("update_api_key"))
     self.assertEqual(c.delete_api_key("whatever"), default_action_forbidden_response("delete_api_key"))
예제 #8
0
 def setUp(self):
     self.client = dragonchain_sdk.create_client()
예제 #9
0
 def setUp(self):
     self.client = dragonchain_sdk.create_client()
     self.maxDiff = None  # allows max display of diffs in test logs
예제 #10
0
 def setUp(self):
     self.client = dragonchain_sdk.create_client()
     self.maxDiff = 3000