def test_initialization_with_set(flask_app, oso, simple_policy, app_ctx, user):
"""Test that setting oso works correctly."""
# Establish that an improperly initalized flask oso throws an exception.
flask_oso = FlaskOso()
flask_oso.set_get_actor(lambda: user)
with pytest.raises(AttributeError):
flask_oso.authorize(action="read", resource="resource")
# Works after set oso.
flask_oso.set_oso(oso)
flask_oso.authorize(action="read", resource="resource")
def init_oso(app):
base_oso = Oso()
oso = FlaskOso(base_oso)
register_models(base_oso, Base)
set_get_session(base_oso, lambda: g.session)
base_oso.load_file("app/authorization.polar")
app.oso = oso
def test_no_oso_error(flask_app, oso):
"""Test that using authorize without init app throws an error."""
flask_oso = FlaskOso(oso=oso)
with pytest.raises(OsoError, match="Application context"):
@authorize(resource="test")
def orm_function():
return "model"
orm_function()
with flask_app.app_context():
with pytest.raises(OsoError, match="init_app"):
@flask_app.route("/")
@authorize(resource="test")
def route():
return "test"
flask_app.testing = True
with flask_app.test_client() as c:
c.get("/").status_code
def test_initialization_with_init(flask_app, oso, simple_policy, app_ctx,
user):
# Works with oso init.
flask_oso = FlaskOso(oso=oso)
flask_oso.set_get_actor(lambda: user)
flask_oso.authorize(action="read", resource="resource")
def flask_oso(flask_app, oso, user):
fo = FlaskOso(oso=oso, app=flask_app)
fo.set_get_actor(lambda: user)
return fo
from flask import Flask
import oso
from flask_oso import FlaskOso, skip_authorization
app = Flask(__name__)
base_oso = oso.Oso()
oso_extension = FlaskOso(oso=base_oso)
base_oso.load_str("""allow("anyone","can_visit","index");""")
oso_extension.init_app(app)
@app.route("/")
def index_route():
oso_extension.authorize(actor="anyone",
action="can_visit",
resource="index")
return "hello world"
@app.route("/unvisitable")
def unpermissable_route():
oso_extension.authorize(actor="noone",
action="can_visit",
resource="this route")