def test_on_permissions_everyone(app):
user = auth.HumanUser('jimmy')
permissions = set()
lg = ldap_group_authz.LdapGroupsAuthz(app)
lg.get_user_groups = lambda mail: []
lg.on_permissions_stale('sender', user, permissions)
eq_(permissions, set([p.test_lga.bar]))
def test_on_permissions_stale_groups_unknown_groups(app):
user = auth.HumanUser('jimmy')
permissions = set()
lg = ldap_group_authz.LdapGroupsAuthz(app)
lg.get_user_groups = lambda mail: ['group3', 'nosuch']
lg.on_permissions_stale('sender', user, permissions)
eq_(permissions, set([p.test_lga.bar]))
def call(self, app, mail, exp_groups):
lg = ldap_group_authz.LdapGroupsAuthz(app)
def sorted_or_none(x):
return x if x is None else sorted(x)
eq_(sorted_or_none(lg.get_user_groups(mail)),
sorted_or_none(exp_groups))
def test_login_fail(self, app):
hdlr = logging.handlers.BufferingHandler(100)
logging.getLogger(ldap_group_authz.__name__).addHandler(hdlr)
try:
lg = ldap_group_authz.LdapGroupsAuthz(app)
eq_(lg.get_user_groups('x@y'), None)
# make sure the error was logged
for rec in hdlr.buffer:
if rec.msg.startswith('While connecting to the LDAP server'):
break
else:
self.fail("login exception not logged")
finally:
logging.getLogger(ldap_group_authz.__name__).removeHandler(hdlr)
def test_get_user_permissions_with_groups(app):
lg = ldap_group_authz.LdapGroupsAuthz(app)
lg.get_user_groups = fake_get_user_groups
eq_(lg.get_user_permissions('*****@*****.**'),
set([p.test_lga.foo, p.test_lga.bar]))
def test_get_user_permissions_no_groups(app):
lg = ldap_group_authz.LdapGroupsAuthz(app)
lg.get_user_groups = fake_get_user_groups
eq_(lg.get_user_permissions('lonely'), set([]))
def test_get_user_permissions_no_such(app):
lg = ldap_group_authz.LdapGroupsAuthz(app)
lg.get_user_groups = fake_get_user_groups
eq_(lg.get_user_permissions('*****@*****.**'), None)
def test_on_permissions_stale_not_user(app):
user = auth.HumanUser('jimmy')
permissions = set()
lg = ldap_group_authz.LdapGroupsAuthz(app)
lg.on_permissions_stale('sender', user, permissions)
eq_(permissions, set())