def authenticate(self, collection_name, access_type, req): """ establish that this is a valid user and a valid collection return collection_entry if valid raise AccessUnauthorized(error_message) if invalid """ collection_row = self._collection_lookup.get(collection_name.lower()) if collection_row is None: error_message = "unknown collection {0}".format(collection_name) self._log.error(error_message) raise AccessUnauthorized(error_message) if access_type is not None: access_result = check_access_control(access_type, req, collection_row["access_control"]) if access_result == access_allowed: return collection_row if access_result == access_forbidden: raise AccessForbidden() assert access_result == access_requires_password_authentication customer_row = self._customer_lookup.get(collection_row["customer_id"]) if customer_row is None: error_message = "unknown customer {0}".format(collection_name) self._log.error(error_message) raise AccessUnauthorized(error_message) try: auth_type, auth_string = req.authorization except Exception, instance: error_message = "invalid req.authorization {0} {1}".format(instance, req.authorization) self._log.error(error_message) raise AccessUnauthorized(error_message)
def test_check_access_control(self): """ test various cases of using access control """ for index, test_case in enumerate(_check_test_cases): if test_case.access_control is None: access_control = None else: access_control = json.dumps(test_case.access_control) result = check_access_control(test_case.access_type, test_case.request, access_control) self.assertEqual( result, test_case.expected_result, "Test #{0} expected {1} received {2}".format( index + 1, test_case.expected_result, result))
def test_check_access_control(self): """ test various cases of using access control """ for index, test_case in enumerate(_check_test_cases): if test_case.access_control is None: access_control = None else: access_control = json.dumps(test_case.access_control) result = check_access_control(test_case.access_type, test_case.request, access_control) self.assertEqual(result, test_case.expected_result, "Test #{0} expected {1} received {2}".format( index+1, test_case.expected_result, result))
def authenticate(self, collection_name, access_type, req): """ establish that this is a valid user and a valid collection return collection_entry if valid raise AccessUnauthorized(error_message) if invalid """ collection_row = self._collection_lookup.get(collection_name.lower()) if collection_row is None: error_message = "unknown collection {0}".format(collection_name) self._log.error(error_message) raise AccessUnauthorized(error_message) if access_type is not None: access_result = \ check_access_control(access_type, req, collection_row["access_control"]) if access_result == access_allowed: return collection_row if access_result == access_forbidden: raise AccessForbidden() assert access_result == access_requires_password_authentication customer_row = self._customer_lookup.get(collection_row["customer_id"]) if customer_row is None: error_message = "unknown customer {0}".format(collection_name) self._log.error(error_message) raise AccessUnauthorized(error_message) try: auth_type, auth_string = req.authorization except Exception, instance: error_message = "invalid req.authorization {0} {1}".format( instance, req.authorization) self._log.error(error_message) raise AccessUnauthorized(error_message)