diff options
| -rw-r--r-- | src/pyramid/config/security.py | 11 | ||||
| -rw-r--r-- | tests/test_config/test_security.py | 23 |
2 files changed, 34 insertions, 0 deletions
diff --git a/src/pyramid/config/security.py b/src/pyramid/config/security.py index b023917aa..42554db97 100644 --- a/src/pyramid/config/security.py +++ b/src/pyramid/config/security.py @@ -14,6 +14,7 @@ from pyramid.interfaces import ( from pyramid.csrf import LegacySessionCSRFStoragePolicy from pyramid.exceptions import ConfigurationError from pyramid.util import as_sorted_tuple +from pyramid.security import LegacySecurityPolicy from pyramid.config.actions import action_method @@ -77,6 +78,7 @@ class SecurityConfiguratorMixin(object): 'also configuring an authorization policy ' '(use the set_authorization_policy method)' ) + self._set_legacy_policy() intr = self.introspectable( 'authentication policy', @@ -97,6 +99,15 @@ class SecurityConfiguratorMixin(object): policy = self.maybe_dotted(policy) self.registry.registerUtility(policy, IAuthenticationPolicy) + def _set_legacy_policy(self): + if self.registry.queryUtility(ISecurityPolicy) is not None: + raise ConfigurationError( + 'Cannot configure an authentication and authorization policy ' + 'with a configured security policy.' + ) + policy = LegacySecurityPolicy() + self.registry.registerUtility(policy, ISecurityPolicy) + @action_method def set_authorization_policy(self, policy): """ Override the :app:`Pyramid` :term:`authorization policy` in the diff --git a/tests/test_config/test_security.py b/tests/test_config/test_security.py index 3062ea154..f2b4ba8e5 100644 --- a/tests/test_config/test_security.py +++ b/tests/test_config/test_security.py @@ -20,6 +20,19 @@ class ConfiguratorSecurityMethodsTests(unittest.TestCase): config.commit() self.assertEqual(config.registry.getUtility(ISecurityPolicy), policy) + def test_set_authentication_policy_with_security_policy(self): + from pyramid.interfaces import IAuthorizationPolicy + from pyramid.interfaces import ISecurityPolicy + + config = self._makeOne() + security_policy = object() + authn_policy = object() + authz_policy = object() + config.registry.registerUtility(security_policy, ISecurityPolicy) + config.registry.registerUtility(authz_policy, IAuthorizationPolicy) + config.set_authentication_policy(authn_policy) + self.assertRaises(ConfigurationError, config.commit) + def test_set_authentication_policy_no_authz_policy(self): config = self._makeOne() policy = object() @@ -36,6 +49,8 @@ class ConfiguratorSecurityMethodsTests(unittest.TestCase): def test_set_authentication_policy_with_authz_policy(self): from pyramid.interfaces import IAuthenticationPolicy from pyramid.interfaces import IAuthorizationPolicy + from pyramid.interfaces import ISecurityPolicy + from pyramid.security import LegacySecurityPolicy config = self._makeOne() authn_policy = object() @@ -46,10 +61,15 @@ class ConfiguratorSecurityMethodsTests(unittest.TestCase): self.assertEqual( config.registry.getUtility(IAuthenticationPolicy), authn_policy ) + self.assertIsInstance( + config.registry.getUtility(ISecurityPolicy), LegacySecurityPolicy + ) def test_set_authentication_policy_with_authz_policy_autocommit(self): from pyramid.interfaces import IAuthenticationPolicy from pyramid.interfaces import IAuthorizationPolicy + from pyramid.interfaces import ISecurityPolicy + from pyramid.security import LegacySecurityPolicy config = self._makeOne(autocommit=True) authn_policy = object() @@ -60,6 +80,9 @@ class ConfiguratorSecurityMethodsTests(unittest.TestCase): self.assertEqual( config.registry.getUtility(IAuthenticationPolicy), authn_policy ) + self.assertIsInstance( + config.registry.getUtility(ISecurityPolicy), LegacySecurityPolicy + ) def test_set_authorization_policy_no_authn_policy(self): config = self._makeOne() |