def test_authenticate_disabled_verbose_logging(self, mock_config):
mock_config_instance = mock.Mock()
# False for disabled, True for verbose logging
mock_config_instance.getboolean.side_effect = [False, True]
mock_config.return_value = mock_config_instance
environ = {}
environ["wsgi.errors"] = mock.Mock()
auth_enabled_validation.authenticate(environ)
logged_str = 'Repo authentication is not enabled. Skipping all checks.'
environ["wsgi.errors"].write.assert_called_once_with(logged_str)
def test_authenticate_disabled_verbose_logging(self, mock_config):
mock_config_instance = mock.Mock()
# False for disabled, True for verbose logging
mock_config_instance.getboolean.side_effect = [False, True]
mock_config.return_value = mock_config_instance
environ = {}
environ["wsgi.errors"] = mock.Mock()
auth_enabled_validation.authenticate(environ)
logged_str = 'Repo authentication is not enabled. Skipping all checks.'
environ["wsgi.errors"].write.assert_called_once_with(logged_str)
def allow_access(environ, host):
"""
Hook into mod_wsgi to be invoked when a request is determining
authentication. If the authentication is successful, this method returns
True. If validation fails, False is returned.
:param environ: environ passed in from mod_wsgi
:type environ: dict of env vars
:param host: hostname passed from mod_wsgi (not used)
:type host: str
:return: True if the request is authorized or validation is disabled, otherwise False.
:rtype: Boolean
"""
# If auth is disabled, then let the request continue. Note that this returns
# True if auth is disabled.
if auth_enabled_validation.authenticate(environ):
return True
# find all of the authenticator methods we need to try
authenticators = {}
for ep in iter_entry_points(group=AUTH_ENTRY_POINT):
authenticators.update({ep.name: ep.load()})
# loop through authenticators. If any return False, kick the user out.
for auth_method in authenticators:
if not authenticators[auth_method](environ):
return False
# if we get this far then the user is authorized
return True
def test_authenticate_disabled(self, mock_config):
mock_config_instance = mock.Mock()
# False for disabled, False for verbose logging
mock_config_instance.getboolean.side_effect = [False, False]
mock_config.return_value = mock_config_instance
mock_environ = mock.Mock()
result = auth_enabled_validation.authenticate(mock_environ)
# NB: "True" means "disabled" since further checks are short-circuited.
self.assertEquals(result, True)
def test_authenticate_disabled(self, mock_config):
mock_config_instance = mock.Mock()
# False for disabled, False for verbose logging
mock_config_instance.getboolean.side_effect = [False, False]
mock_config.return_value = mock_config_instance
mock_environ = mock.Mock()
result = auth_enabled_validation.authenticate(mock_environ)
# NB: "True" means "disabled" since further checks are short-circuited.
self.assertEquals(result, True)
def test_authenticate_enabled(self, mock_config):
mock_config_instance = mock.Mock()
# True for enabled, False for verbose logging
mock_config_instance.getboolean.side_effect = [True, False]
mock_config.return_value = mock_config_instance
mock_environ = mock.Mock()
result = auth_enabled_validation.authenticate(mock_environ)
# NB: this is "False" which means Pulp will rely on the optional
# plugins further down the chain. False means enabled:)
self.assertEquals(result, False)
def test_authenticate_enabled(self, mock_config):
mock_config_instance = mock.Mock()
# True for enabled, False for verbose logging
mock_config_instance.getboolean.side_effect = [True, False]
mock_config.return_value = mock_config_instance
mock_environ = mock.Mock()
result = auth_enabled_validation.authenticate(mock_environ)
# NB: this is "False" which means Pulp will rely on the optional
# plugins further down the chain. False means enabled:)
self.assertEquals(result, False)
