def authenticate(self, collection_name, access_type, req):
        """
        establish that this is a valid user and a valid collection
        return collection_entry if valid
        raise AccessUnauthorized(error_message) if invalid
        """
        collection_row = self._collection_lookup.get(collection_name.lower())
        if collection_row is None:
            error_message = "unknown collection {0}".format(collection_name)
            self._log.error(error_message)
            raise AccessUnauthorized(error_message)

        if access_type is not None:
            access_result = check_access_control(access_type, req, collection_row["access_control"])
            if access_result == access_allowed:
                return collection_row
            if access_result == access_forbidden:
                raise AccessForbidden()
            assert access_result == access_requires_password_authentication

        customer_row = self._customer_lookup.get(collection_row["customer_id"])
        if customer_row is None:
            error_message = "unknown customer {0}".format(collection_name)
            self._log.error(error_message)
            raise AccessUnauthorized(error_message)

        try:
            auth_type, auth_string = req.authorization
        except Exception, instance:
            error_message = "invalid req.authorization {0} {1}".format(instance, req.authorization)
            self._log.error(error_message)
            raise AccessUnauthorized(error_message)
Пример #2
0
 def test_check_access_control(self):
     """
     test various cases of using access control
     """
     for index, test_case in enumerate(_check_test_cases):
         if test_case.access_control is None:
             access_control = None
         else:
             access_control = json.dumps(test_case.access_control)
         result = check_access_control(test_case.access_type,
                                       test_case.request, access_control)
         self.assertEqual(
             result, test_case.expected_result,
             "Test #{0} expected {1} received {2}".format(
                 index + 1, test_case.expected_result, result))
 def test_check_access_control(self):
     """
     test various cases of using access control
     """
     for index, test_case in enumerate(_check_test_cases):
         if test_case.access_control is None:
             access_control = None
         else:
             access_control = json.dumps(test_case.access_control)
         result = check_access_control(test_case.access_type, 
                                       test_case.request,
                                       access_control)
         self.assertEqual(result, 
                          test_case.expected_result, 
                          "Test #{0} expected {1} received {2}".format(
                             index+1, test_case.expected_result, result))
Пример #4
0
    def authenticate(self, collection_name, access_type, req):
        """
        establish that this is a valid user and a valid collection
        return collection_entry if valid
        raise AccessUnauthorized(error_message) if invalid
        """
        collection_row = self._collection_lookup.get(collection_name.lower()) 
        if collection_row is None:
            error_message = "unknown collection {0}".format(collection_name)
            self._log.error(error_message)
            raise AccessUnauthorized(error_message)

        if access_type is not None:
            access_result = \
                check_access_control(access_type, 
                                     req, 
                                     collection_row["access_control"])
            if access_result == access_allowed:
                return collection_row
            if access_result == access_forbidden:
                raise AccessForbidden()
            assert access_result == access_requires_password_authentication

        customer_row = self._customer_lookup.get(collection_row["customer_id"]) 
        if customer_row is None:
            error_message = "unknown customer {0}".format(collection_name)
            self._log.error(error_message)
            raise AccessUnauthorized(error_message)

        try:
            auth_type, auth_string = req.authorization
        except Exception, instance:
            error_message = "invalid req.authorization {0} {1}".format(
                instance, 
                req.authorization)
            self._log.error(error_message)
            raise AccessUnauthorized(error_message)