def test_can_multiple_actions_multiple_contexts(self):
_, _, auth = self.get_basic_permission_params()
action_set = ['actionOne', 'actionTwo', 'actionThree']
context_set = ['contextOne', 'contextTwo', 'contextThree']
pycan.can(action_set, context_set, auth)
for context in context_set:
self.assert_mutiple_actions_were_stored(action_set, context, auth)
def test_authorize_asterisk_action(self):
_, context, auth = self.get_basic_permission_params()
pycan.can('*', context, auth)
app_context = self.get_basic_context()
try:
pycan.authorize('foo', context, app_context)
except Exception:
self.fail("authorize raised UnauthorizedResourceError")
def test_authorize_fail(self):
action, context, _, get_auth_resource, load_after = self.get_full_permission_params(
)
auth = lambda user, context, resource: user == 'gandalf' and context[
'location'] == 'middle earth'
pycan.can(action, context, auth, get_auth_resource, load_after)
self.assertRaises(pycan.exceptions.UnauthorizedResourceError,
pycan.authorize, action, context, 'elrond',
self.get_basic_context())
def test_authorize_sucess(self):
action, context, _, get_auth_resource, load_after = self.get_full_permission_params(
)
auth = lambda user, context, resource: user == 'gandalf' and context[
'location'] == 'middle earth'
pycan.can(action, context, auth, get_auth_resource, load_after)
auth_resource, resource = pycan.authorize(action, context, 'gandalf',
self.get_basic_context())
self.assertTrue(auth_resource)
self.assertTrue(resource)
def test_revoke(self):
pycan.can('a', 'b', pycan.allow_to_all)
try:
auth_resource, _ = pycan.authorize('a', 'b', 'gandalf',
self.get_basic_context())
except Exception:
self.fail("authorize raised UnauthorizedResourceError")
pycan.revoke('a', 'b')
self.assertRaises(pycan.exceptions.UnauthorizedResourceError,
pycan.authorize, 'a', 'b', 'elrond',
self.get_basic_context())
def test_custom_exception_per_method_is_thrown(self):
class CustomException(Exception):
def __init__(self, **kwargs):
pass
def custom_auth(u, c, r):
raise CustomException()
action, context, _ = self.get_basic_permission_params()
pycan.can(action, context, custom_auth)
self.assertRaises(CustomException, pycan.authorize, action, context,
'gandalf', self.get_basic_context())
def test_authorize_custom_exception_action(self):
class CustomException(Exception):
def __init__(self, **kwargs):
pass
action, context, _ = self.get_basic_permission_params()
pycan.can(action,
context,
lambda u, r, c: False,
exception=CustomException)
self.assertRaises(CustomException, pycan.authorize, action, context,
'gandalf', self.get_basic_context())
def test_can_asterisk_action_in_context_with_asterisk(self):
action, context, auth = self.get_basic_permission_params()
pycan.can('*', context, auth)
self.assertRaises(pycan.exceptions.ContextAlreadyHasAsteriskError,
pycan.can, action, context, auth)
def test_can_multiple_actions_single_context(self):
_, context, auth = self.get_basic_permission_params()
action_set = ['actionOne', 'actionTwo', 'actionThree']
pycan.can(action_set, context, auth)
self.assert_mutiple_actions_were_stored(action_set, context, auth)
def test_can_single_action_multiple_contexts(self):
action, _, auth = self.get_basic_permission_params()
context_set = ['contextOne', 'contextTwo', 'contextThree']
pycan.can(action, context_set, auth)
for context in context_set:
self.assert_action_was_stored(action, context, auth)
def test_can_single_action_single_context(self):
action, context, auth = self.get_basic_permission_params()
pycan.can(action, context, auth)
self.assert_action_was_stored(action, context, auth)
def test_can_repeated_multiple_action(self):
action, context, auth = self.get_basic_permission_params()
action_set = [action, 'actionA', 'actionB']
pycan.can(action_set, context, auth)
self.assertRaises(pycan.exceptions.ActionAlreadyExistsError, pycan.can,
action, context, auth)
def test_can_repeated_single_action(self):
action, context, auth = self.get_basic_permission_params()
pycan.can(action, context, auth)
self.assertRaises(pycan.exceptions.ActionAlreadyExistsError, pycan.can,
action, context, auth)
def test_authorize_with_missing_action(self):
action, context, auth = self.get_basic_permission_params()
pycan.can(action, context, auth)
self.assertRaises(pycan.exceptions.UnauthorizedResourceError,
pycan.authorize, 'no_action', context, 'gandalf',
self.get_basic_context())