def setUp(self):
self._folder = mkdtemp()
self._auth = AzureAuth(storage=AzureTextStorage(
account=self._folder,
key='key',
container='auth',
provider='LOCAL',
))
def setUp(self):
self._folder = mkdtemp()
self._storage = AzureObjectStorage(
account=self._folder,
key='key',
container='auth',
provider='LOCAL',
)
self._auth = AzureAuth(storage=self._storage, sudo_scope='sudo')
def get_auth() -> AzureAuth:
return AzureAuth(storage=AzureTextStorage(
account=config.TABLES_ACCOUNT,
key=config.TABLES_KEY,
host=config.TABLES_HOST,
secure=config.TABLES_SECURE,
container=constants.TABLE_AUTH,
provider=config.STORAGE_PROVIDER,
))
def get_auth() -> Auth:
return AzureAuth(
storage=AzureObjectStorage(
account=config.TABLES_ACCOUNT,
key=config.TABLES_KEY,
host=config.TABLES_HOST,
secure=config.TABLES_SECURE,
container=config.CONTAINER_AUTH,
provider=config.STORAGE_PROVIDER,
),
sudo_scope=config.REGISTRATION_SUDO_TEAM,
)
class AzureAuthTests(TestCase):
def setUp(self):
self._folder = mkdtemp()
self._auth = AzureAuth(storage=AzureTextStorage(
account=self._folder,
key='key',
container='auth',
provider='LOCAL',
))
def tearDown(self):
rmtree(self._folder)
def test_inserts_and_retrieves_client(self):
self._auth.insert('client', 'domain')
self.assertEqual(self._auth.domain_for('client'), 'domain')
self.assertEqual(self._auth.client_id_for('domain'), 'client')
self.assertIsNone(self._auth.domain_for('unknown-client'))
self.assertIsNone(self._auth.client_id_for('unknown-client'))
from typing import Tuple
from opwen_email_server import azure_constants as constants
from opwen_email_server import config
from opwen_email_server.services.auth import AzureAuth
from opwen_email_server.services.queue import AzureQueue
from opwen_email_server.utils.log import LogMixin
QUEUE = AzureQueue(namespace=config.QUEUES_NAMESPACE,
sas_key=config.QUEUES_SAS_KEY,
sas_name=config.QUEUES_SAS_NAME,
name=constants.QUEUE_CLIENT_PACKAGE)
CLIENTS = AzureAuth(account=config.TABLES_ACCOUNT, key=config.TABLES_KEY,
table=constants.TABLE_AUTH)
class _Uploader(LogMixin):
def __call__(self, client_id: str, upload_info: dict) -> Tuple[str, int]:
domain = CLIENTS.domain_for(client_id)
if not domain:
return 'client is not registered', 403
resource_type = upload_info.get('resource_type')
resource_id = upload_info.get('resource_id')
resource_container = upload_info.get('resource_container')
QUEUE.enqueue({
'_version': '0.1',
'_type': 'lokole_emails_received',
'_resource_type': resource_type,
class AzureAuthTests(TestCase):
def setUp(self):
self._folder = mkdtemp()
self._storage = AzureObjectStorage(
account=self._folder,
key='key',
container='auth',
provider='LOCAL',
)
self._auth = AzureAuth(storage=self._storage, sudo_scope='sudo')
def tearDown(self):
rmtree(self._folder)
def test_inserts_and_retrieves_client(self):
self._auth.insert('client', 'domain', {'name': 'owner'})
self.assertEqual(self._auth.domain_for('client'), 'domain')
self.assertEqual(self._auth.client_id_for('domain'), 'client')
self.assertIsNone(self._auth.domain_for('unknown-client'))
self.assertIsNone(self._auth.client_id_for('unknown-client'))
self.assertTrue(self._auth.is_owner('domain', {'name': 'owner'}))
self.assertFalse(
self._auth.is_owner('domain', {'name': 'unknown-user'}))
self.assertFalse(
self._auth.is_owner('unknown-domain', {'name': 'owner'}))
def test_lists_domains(self):
self._auth.insert('client1', 'domain1', {'name': 'owner1'})
self._auth.insert('client2', 'domain2', {'name': 'owner2'})
self.assertEqual(sorted(self._auth.domains()),
sorted(['domain1', 'domain2']))
def test_deletes_client(self):
self._auth.insert('client', 'domain', {'name': 'owner'})
self.assertIsNotNone(self._auth.domain_for('client'))
self._auth.delete('client', 'domain')
self.assertIsNone(self._auth.domain_for('client'))
def test_is_owner_with_sudo(self):
self._auth.insert('client', 'domain', {'name': 'owner'})
self.assertFalse(self._auth.is_owner('domain', {'name': 'user'}))
self.assertTrue(self._auth.is_owner('domain', {'name': 'owner'}))
self.assertTrue(
self._auth.is_owner('domain', {
'name': 'sudo',
'scopes': ['sudo']
}))
#!/usr/bin/env python3
from argparse import ArgumentParser
from opwen_email_server import azure_constants as constants
from opwen_email_server import config
from opwen_email_server.services.auth import AzureAuth
from opwen_email_server.services.storage import AzureObjectStorage
parser = ArgumentParser()
parser.add_argument('--tables_account', default=config.TABLES_ACCOUNT)
parser.add_argument('--tables_key', default=config.TABLES_KEY)
parser.add_argument('--client_account', default=config.CLIENT_STORAGE_ACCOUNT)
parser.add_argument('--client_key', default=config.CLIENT_STORAGE_KEY)
parser.add_argument('--table', default=constants.TABLE_AUTH)
parser.add_argument('--container', default=constants.CONTAINER_CLIENT_PACKAGES)
parser.add_argument('--client', required=True)
parser.add_argument('--domain', required=True)
args = parser.parse_args()
auth = AzureAuth(account=args.tables_account,
key=args.tables_key,
table=args.table)
auth.insert(client_id=args.client, domain=args.domain)
# noinspection PyStatementEffect,PyProtectedMember
# hack to ensure that the container gets created before the client accesses it
storage = AzureObjectStorage(account=args.client_account,
key=args.client_key,
container=args.container)._file_storage._client