Web   ·   Wiki   ·   Activities   ·   Blog   ·   Lists   ·   Chat   ·   Meeting   ·   Bugs   ·   Git   ·   Translate   ·   Archive   ·   People   ·   Donate
summaryrefslogtreecommitdiffstats
path: root/tests/units/auth.py
diff options
context:
space:
mode:
Diffstat (limited to 'tests/units/auth.py')
-rwxr-xr-xtests/units/auth.py70
1 files changed, 70 insertions, 0 deletions
diff --git a/tests/units/auth.py b/tests/units/auth.py
new file mode 100755
index 0000000..e499f35
--- /dev/null
+++ b/tests/units/auth.py
@@ -0,0 +1,70 @@
+#!/usr/bin/env python
+# sugar-lint: disable
+
+from __init__ import tests
+
+import active_document as ad
+from sugar_network.node import auth
+from sugar_network import IPCClient, Client
+from sugar_network.resources.volume import Request
+from active_toolkit import enforce
+
+
+class AuthTest(tests.Test):
+
+ def test_Config(self):
+ self.touch(('authorization.conf', [
+ '[user_1]',
+ 'role_1 = True',
+ '[user_2]',
+ 'role_2 = False',
+ ]))
+
+ request = Request()
+ request.principal = 'user_1'
+ self.assertEqual(True, auth.try_validate(request, 'role_1'))
+ auth.validate(request, 'role_1')
+
+ request.principal = 'user_2'
+ self.assertEqual(False, auth.try_validate(request, 'role_2'))
+ self.assertRaises(ad.Forbidden, auth.validate, request, 'role_2')
+
+ request.principal = 'user_3'
+ self.assertEqual(False, auth.try_validate(request, 'role_1'))
+ self.assertEqual(False, auth.try_validate(request, 'role_2'))
+ self.assertRaises(ad.Forbidden, auth.validate, request, 'role_1')
+ self.assertRaises(ad.Forbidden, auth.validate, request, 'role_2')
+
+ def test_FullWriteForRoot(self):
+ client = Client()
+
+ self.start_master()
+ client.post(['context'], {
+ 'implement': 'guid',
+ 'type': 'package',
+ 'title': 'title',
+ 'summary': 'summary',
+ 'description': 'description',
+ })
+ self.assertNotEqual('probe', client.get(['context', 'guid', 'title']))
+ self.stop_servers()
+
+ self.touch((
+ 'master/context/gu/guid/user',
+ '{"seqno": 1, "value": ["fake"]}',
+ ))
+
+ self.start_master()
+ self.assertRaises(RuntimeError, client.put, ['context', 'guid'], {'title': 'probe'})
+
+ self.touch(('authorization.conf', [
+ '[%s]' % tests.UID,
+ 'root = True',
+ ]))
+ auth._config = None
+ client.put(['context', 'guid'], {'title': 'probe'})
+ self.assertEqual('probe', client.get(['context', 'guid', 'title']))
+
+
+if __name__ == '__main__':
+ tests.main()
generated by cgit v0.9.1 at 2024-05-21 12:10:49 (GMT)