def _test_core_authorizer_throws_exception_if_policy_fails( self, rule, authorize): target = {'project_id': '1234', 'user_id': '5678'} self.mox.StubOutWithMock(patron.policy, 'enforce') patron.policy.enforce(self.fake_context, rule, target).AndRaise( exception.PolicyNotAuthorized(action=rule)) self.mox.ReplayAll() self.assertRaises(exception.PolicyNotAuthorized, authorize, self.fake_context, target=target)
def test_unlock_not_authorized(self): self.mox.StubOutWithMock(self.compute_api, 'unlock') instance = self._stub_instance_get() self.compute_api.unlock(self.context, instance).AndRaise( exception.PolicyNotAuthorized(action='unlock')) self.mox.ReplayAll() body = {} self.assertRaises(self.authorization_error, self.controller._unlock, self.req, instance.uuid, body)
def test_non_admin_cannot_fetch_used_limits_for_any_other_project(self): project_id = "123456" user_id = "A1234" tenant_id = "abcd" self.fake_context.project_id = project_id self.fake_context.user_id = user_id obj = { "limits": { "rate": [], "absolute": {}, }, } target = {"project_id": tenant_id, "user_id": user_id} fake_req = FakeRequest(self.fake_context) fake_req.GET = {'tenant_id': tenant_id} if self.ext_mgr is not None: self.ext_mgr.is_loaded('os-used-limits-for-admin').AndReturn(True) self.authorize(self.fake_context, target=target). \ AndRaise(exception.PolicyNotAuthorized( action=self.used_limit_extension)) self.mox.ReplayAll() res = wsgi.ResponseObject(obj) self.assertRaises(exception.PolicyNotAuthorized, self.controller.index, fake_req, res)
def fake_func(): raise exception.PolicyNotAuthorized(action="foo")
def test_network_create_exception_policy_failed(self): ex = exception.PolicyNotAuthorized(action='dummy') expex = webob.exc.HTTPForbidden self._test_network_create_exception(ex, expex)