diff options
| author | Michael Merickel <michael@merickel.org> | 2019-09-30 22:23:02 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-09-30 22:23:02 -0500 |
| commit | 849463d3c2f5ad2c89b3d10a2abce63e4892082d (patch) | |
| tree | 5bc507d427d8d2000c59ad7837cc03099decf1b5 /tests/test_integration.py | |
| parent | ada0a977d9190520c21ffaf9500860db2f3a1b3e (diff) | |
| parent | cdb26610782176955cd8cfb0b3c3e242ca819f74 (diff) | |
| download | pyramid-849463d3c2f5ad2c89b3d10a2abce63e4892082d.tar.gz pyramid-849463d3c2f5ad2c89b3d10a2abce63e4892082d.tar.bz2 pyramid-849463d3c2f5ad2c89b3d10a2abce63e4892082d.zip | |
Merge pull request #3465 from luhn/security-policy
Security policy implementation
Diffstat (limited to 'tests/test_integration.py')
| -rw-r--r-- | tests/test_integration.py | 50 |
1 files changed, 47 insertions, 3 deletions
diff --git a/tests/test_integration.py b/tests/test_integration.py index e6dccbb5b..331542d7d 100644 --- a/tests/test_integration.py +++ b/tests/test_integration.py @@ -521,6 +521,48 @@ class TestExceptionViewsApp(IntegrationBase, unittest.TestCase): self.assertTrue(b'caught' in res.body) +class TestSecurityApp(IntegrationBase, unittest.TestCase): + package = 'tests.pkgs.securityapp' + + def test_public(self): + res = self.testapp.get('/public', status=200) + self.assertEqual(res.body, b'Hello') + + def test_private_denied(self): + self.testapp.get('/private', status=403) + + def test_private_allowed(self): + self.testapp.extra_environ = {'REMOTE_USER': 'bob'} + res = self.testapp.get('/private', status=200) + self.assertEqual(res.body, b'Secret') + + def test_inaccessible(self): + self.testapp.get('/inaccessible', status=403) + self.testapp.extra_environ = {'REMOTE_USER': 'bob'} + self.testapp.get('/inaccessible', status=403) + + +class TestLegacySecurityApp(IntegrationBase, unittest.TestCase): + package = 'tests.pkgs.legacysecurityapp' + + def test_public(self): + res = self.testapp.get('/public', status=200) + self.assertEqual(res.body, b'Hello') + + def test_private_denied(self): + self.testapp.get('/private', status=403) + + def test_private_allowed(self): + self.testapp.extra_environ = {'REMOTE_USER': 'bob'} + res = self.testapp.get('/private', status=200) + self.assertEqual(res.body, b'Secret') + + def test_inaccessible(self): + self.testapp.get('/inaccessible', status=403) + self.testapp.extra_environ = {'REMOTE_USER': 'bob'} + self.testapp.get('/inaccessible', status=403) + + class TestConflictApp(unittest.TestCase): package = 'tests.pkgs.conflictapp' @@ -581,10 +623,12 @@ class TestConflictApp(unittest.TestCase): def test_overridden_authorization_policy(self): config = self._makeConfig() config.include(self.package) - from pyramid.testing import DummySecurityPolicy - config.set_authorization_policy(DummySecurityPolicy('fred')) - config.set_authentication_policy(DummySecurityPolicy(permissive=True)) + class DummySecurityPolicy: + def permits(self, context, principals, permission): + return True + + config.set_authorization_policy(DummySecurityPolicy()) app = config.make_wsgi_app() self.testapp = TestApp(app) res = self.testapp.get('/protected', status=200) |