def test_registerView_with_permission_denying2(self):
from pyramid import testing
from pyramid.security import view_execution_permitted
def view(context, request):
""" """
view = testing.registerView('moo.html', view=view, permission='bar')
testing.registerDummySecurityPolicy(permissive=False)
import types
self.failUnless(isinstance(view, types.FunctionType))
result = view_execution_permitted(None, None, 'moo.html')
self.assertEqual(result, False)
def test_registerView_with_permission_denying2(self):
from pyramid import testing
from pyramid.security import view_execution_permitted
def view(context, request):
""" """
view = testing.registerView('moo.html', view=view, permission='bar')
testing.registerDummySecurityPolicy(permissive=False)
import types
self.assertTrue(isinstance(view, types.FunctionType))
result = view_execution_permitted(None, None, 'moo.html')
self.assertEqual(result, False)
def test_registerDummySecurityPolicy(self):
from pyramid import testing
testing.registerDummySecurityPolicy('user', ('group1', 'group2'),
permissive=False)
from pyramid.interfaces import IAuthenticationPolicy
from pyramid.interfaces import IAuthorizationPolicy
ut = self.registry.getUtility(IAuthenticationPolicy)
from pyramid.testing import DummySecurityPolicy
self.failUnless(isinstance(ut, DummySecurityPolicy))
ut = self.registry.getUtility(IAuthorizationPolicy)
self.assertEqual(ut.userid, 'user')
self.assertEqual(ut.groupids, ('group1', 'group2'))
self.assertEqual(ut.permissive, False)
def test_registerDummySecurityPolicy(self):
from pyramid import testing
testing.registerDummySecurityPolicy('user', ('group1', 'group2'),
permissive=False)
from pyramid.interfaces import IAuthenticationPolicy
from pyramid.interfaces import IAuthorizationPolicy
ut = self.registry.getUtility(IAuthenticationPolicy)
from pyramid.testing import DummySecurityPolicy
self.failUnless(isinstance(ut, DummySecurityPolicy))
ut = self.registry.getUtility(IAuthorizationPolicy)
self.assertEqual(ut.userid, 'user')
self.assertEqual(ut.groupids, ('group1', 'group2'))
self.assertEqual(ut.permissive, False)
def test_invalid_noprofile(self):
from pyramid.exceptions import Forbidden
testing.registerDummySecurityPolicy(userid='testuser')
context = testing.DummyModel()
context['profiles'] = testing.DummyModel()
request = testing.DummyRequest(
params={'external_url': 'http://example.com'})
try:
response = self._callFUT(context, request)
except Forbidden, exception:
self.assertEqual(str(exception),
'No profile found for user testuser')
def test_registerView_with_permission_allowing(self):
from pyramid import testing
def view(context, request):
from webob import Response
return Response('123')
view = testing.registerView('moo.html', view=view, permission='bar')
testing.registerDummySecurityPolicy(permissive=True)
import types
self.failUnless(isinstance(view, types.FunctionType))
from pyramid.view import render_view_to_response
request = DummyRequest()
request.registry = self.registry
result = render_view_to_response(None, request, 'moo.html')
self.assertEqual(result.app_iter, ['123'])
def test_registerView_with_permission_denying(self):
from pyramid import testing
from pyramid.exceptions import Forbidden
def view(context, request):
""" """
view = testing.registerView('moo.html', view=view, permission='bar')
testing.registerDummySecurityPolicy(permissive=False)
import types
self.failUnless(isinstance(view, types.FunctionType))
from pyramid.view import render_view_to_response
request = DummyRequest()
request.registry = self.registry
self.assertRaises(Forbidden, render_view_to_response,
None, request, 'moo.html')
def test_registerView_with_permission_allowing(self):
from pyramid import testing
def view(context, request):
from webob import Response
return Response('123')
view = testing.registerView('moo.html', view=view, permission='bar')
testing.registerDummySecurityPolicy(permissive=True)
import types
self.assertTrue(isinstance(view, types.FunctionType))
from pyramid.view import render_view_to_response
request = DummyRequest()
request.registry = self.registry
result = render_view_to_response(None, request, 'moo.html')
self.assertEqual(result.app_iter, ['123'])
def test_registerView_with_permission_denying(self):
from pyramid import testing
from pyramid.exceptions import Forbidden
def view(context, request):
""" """
view = testing.registerView('moo.html', view=view, permission='bar')
testing.registerDummySecurityPolicy(permissive=False)
import types
self.assertTrue(isinstance(view, types.FunctionType))
from pyramid.view import render_view_to_response
request = DummyRequest()
request.registry = self.registry
self.assertRaises(Forbidden, render_view_to_response,
None, request, 'moo.html')
def test_valid_no_get_args(self):
testing.registerDummySecurityPolicy(userid='testuser')
context = testing.DummyModel()
context['profiles'] = testing.DummyModel()
profile = testing.DummyModel()
profile.firstname = 'Firstname'
profile.lastname = 'Lastname'
profile.email = '*****@*****.**'
context['profiles']['testuser'] = profile
request = testing.DummyRequest(
params={'external_url': 'http://example.com'})
response = self._callFUT(context, request)
location_parts = response.location.split('?')
self.assertEqual(location_parts[0], 'http://example.com')
self.assertEqual(location_parts[1][:27],
'karl_authentication_ticket=')
self.assertEqual(len(location_parts[1][27:]), 32)
def test_it_with_nondefault_permission(self):
from pyramid import testing
from pyramid.exceptions import Forbidden
testing.registerDummySecurityPolicy(permissive=False)
from pyramid.threadlocal import get_current_registry
from zope.interface import implementedBy
from pyramid.static import StaticURLInfo
from pyramid.interfaces import IView
from pyramid.interfaces import IViewClassifier
from pyramid.interfaces import IRouteRequest
from pyramid.interfaces import IRoutesMapper
context = DummyContext()
self._callFUT(context, 'name', 'fixtures/static', permission='aperm')
actions = context.actions
self.assertEqual(len(actions), 2)
reg = get_current_registry()
route_action = actions[0]
discriminator = route_action['discriminator']
self.assertEqual(discriminator, ('static', 'name'))
route_action['callable'](*route_action['args'], **route_action['kw'])
mapper = reg.getUtility(IRoutesMapper)
routes = mapper.get_routes()
self.assertEqual(len(routes), 1)
self.assertEqual(routes[0].pattern, 'name/*subpath')
self.assertEqual(routes[0].name, 'name/')
view_action = actions[1]
discriminator = view_action['discriminator']
self.assertEqual(discriminator[:3], ('view', StaticURLInfo, ''))
self.assertEqual(discriminator[4], IView)
iface = implementedBy(StaticURLInfo)
request_type = reg.getUtility(IRouteRequest, 'name/')
view = reg.adapters.lookup(
(IViewClassifier, request_type, iface), IView, name='')
request = DummyRequest()
self.assertRaises(Forbidden, view, None, request)
def test_it_with_slash(self):
from pyramid import testing
testing.registerDummySecurityPolicy(permissive=False)
from pyramid.static import PackageURLParser
from zope.interface import implementedBy
from pyramid.static import StaticURLInfo
from pyramid.interfaces import IView
from pyramid.interfaces import IViewClassifier
from pyramid.interfaces import IRouteRequest
from pyramid.interfaces import IRoutesMapper
reg = self.config.registry
context = DummyContext()
context.registry = reg
self._callFUT(context, 'name', 'fixtures/static')
actions = context.actions
self.assertEqual(len(actions), 2)
route_action = actions[0]
discriminator = route_action['discriminator']
self.assertEqual(discriminator, ('static', 'name'))
route_action['callable'](*route_action['args'], **route_action['kw'])
mapper = reg.getUtility(IRoutesMapper)
routes = mapper.get_routes()
self.assertEqual(len(routes), 1)
self.assertEqual(routes[0].pattern, 'name/*subpath')
self.assertEqual(routes[0].name, 'name/')
view_action = actions[1]
discriminator = view_action['discriminator']
self.assertEqual(discriminator[:3], ('view', StaticURLInfo, ''))
self.assertEqual(discriminator[4], IView)
iface = implementedBy(StaticURLInfo)
request_type = reg.getUtility(IRouteRequest, 'name/')
view = reg.adapters.lookup(
(IViewClassifier, request_type, iface), IView, name='')
request = DummyRequest()
self.assertEqual(view(None, request).__class__, PackageURLParser)
