def filterSecurityInterceptor(self): filter = FilterSecurityInterceptor() filter.auth_manager = self.authenticationManager() filter.access_decision_mgr = self.accessDecisionManager() filter.sessionStrategy = self.cherrypySessionStrategy() filter.obj_def_source = [("/vets.*", ["VET_ANY"]), ("/editOwner.*", ["VET_ANY", "OWNER"]), ("/.*", ["VET_ANY", "CUSTOMER_ANY"])] return filter
def filterSecurityInterceptor(self): """This is the collection of rules used to determine if logged in users have permission to access a page. It works top to bottom, until it finds a URI pattern match.""" filter = FilterSecurityInterceptor() filter.auth_manager = self.authenticationManager() filter.access_decision_mgr = self.accessDecisionManager() filter.sessionStrategy = self.cherrypySessionStrategy() filter.obj_def_source = [ ("/.*", ["ROLE_ANY"]) ] return filter
def testIteratingThroughASimpleFilterChain(self): filterChain = FilterChain() self.assertEquals(0, len(filterChain.chain)) httpSessionContextIntegrationFilter = HttpSessionContextIntegrationFilter( ) exceptionTranslationFilter = ExceptionTranslationFilter() authenticationProcessFilter = AuthenticationProcessingFilter() filterSecurityInterceptor = FilterSecurityInterceptor() filterChain.addFilter(httpSessionContextIntegrationFilter) filterChain.addFilter(exceptionTranslationFilter) filterChain.addFilter(authenticationProcessFilter) filterChain.addFilter(filterSecurityInterceptor) chain = filterChain.getFilterChain() self.assertEquals(httpSessionContextIntegrationFilter, chain.next()) self.assertEquals(exceptionTranslationFilter, chain.next()) self.assertEquals(authenticationProcessFilter, chain.next()) self.assertEquals(filterSecurityInterceptor, chain.next()) self.assertRaises(StopIteration, chain.next)