def authenticate(self, collection_name, access_type, req):
"""
establish that this is a valid user and a valid collection
return collection_entry if valid
raise AccessUnauthorized(error_message) if invalid
"""
collection_row = self._collection_lookup.get(collection_name.lower())
if collection_row is None:
error_message = "unknown collection {0}".format(collection_name)
self._log.error(error_message)
raise AccessUnauthorized(error_message)
if access_type is not None:
access_result = check_access_control(access_type, req, collection_row["access_control"])
if access_result == access_allowed:
return collection_row
if access_result == access_forbidden:
raise AccessForbidden()
assert access_result == access_requires_password_authentication
customer_row = self._customer_lookup.get(collection_row["customer_id"])
if customer_row is None:
error_message = "unknown customer {0}".format(collection_name)
self._log.error(error_message)
raise AccessUnauthorized(error_message)
try:
auth_type, auth_string = req.authorization
except Exception, instance:
error_message = "invalid req.authorization {0} {1}".format(instance, req.authorization)
self._log.error(error_message)
raise AccessUnauthorized(error_message)
def test_check_access_control(self):
"""
test various cases of using access control
"""
for index, test_case in enumerate(_check_test_cases):
if test_case.access_control is None:
access_control = None
else:
access_control = json.dumps(test_case.access_control)
result = check_access_control(test_case.access_type,
test_case.request, access_control)
self.assertEqual(
result, test_case.expected_result,
"Test #{0} expected {1} received {2}".format(
index + 1, test_case.expected_result, result))
def test_check_access_control(self):
"""
test various cases of using access control
"""
for index, test_case in enumerate(_check_test_cases):
if test_case.access_control is None:
access_control = None
else:
access_control = json.dumps(test_case.access_control)
result = check_access_control(test_case.access_type,
test_case.request,
access_control)
self.assertEqual(result,
test_case.expected_result,
"Test #{0} expected {1} received {2}".format(
index+1, test_case.expected_result, result))
def authenticate(self, collection_name, access_type, req):
"""
establish that this is a valid user and a valid collection
return collection_entry if valid
raise AccessUnauthorized(error_message) if invalid
"""
collection_row = self._collection_lookup.get(collection_name.lower())
if collection_row is None:
error_message = "unknown collection {0}".format(collection_name)
self._log.error(error_message)
raise AccessUnauthorized(error_message)
if access_type is not None:
access_result = \
check_access_control(access_type,
req,
collection_row["access_control"])
if access_result == access_allowed:
return collection_row
if access_result == access_forbidden:
raise AccessForbidden()
assert access_result == access_requires_password_authentication
customer_row = self._customer_lookup.get(collection_row["customer_id"])
if customer_row is None:
error_message = "unknown customer {0}".format(collection_name)
self._log.error(error_message)
raise AccessUnauthorized(error_message)
try:
auth_type, auth_string = req.authorization
except Exception, instance:
error_message = "invalid req.authorization {0} {1}".format(
instance,
req.authorization)
self._log.error(error_message)
raise AccessUnauthorized(error_message)
