1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
import unittest
from pyramid.exceptions import ConfigurationExecutionError
from pyramid.exceptions import ConfigurationError
class ConfiguratorSecurityMethodsTests(unittest.TestCase):
def _makeOne(self, *arg, **kw):
from pyramid.config import Configurator
config = Configurator(*arg, **kw)
return config
def test_set_authentication_policy_no_authz_policy(self):
config = self._makeOne()
policy = object()
config.set_authentication_policy(policy)
self.assertRaises(ConfigurationExecutionError, config.commit)
def test_set_authentication_policy_no_authz_policy_autocommit(self):
config = self._makeOne(autocommit=True)
policy = object()
self.assertRaises(ConfigurationError,
config.set_authentication_policy, policy)
def test_set_authentication_policy_with_authz_policy(self):
from pyramid.interfaces import IAuthenticationPolicy
from pyramid.interfaces import IAuthorizationPolicy
config = self._makeOne()
authn_policy = object()
authz_policy = object()
config.registry.registerUtility(authz_policy, IAuthorizationPolicy)
config.set_authentication_policy(authn_policy)
config.commit()
self.assertEqual(
config.registry.getUtility(IAuthenticationPolicy), authn_policy)
def test_set_authentication_policy_with_authz_policy_autocommit(self):
from pyramid.interfaces import IAuthenticationPolicy
from pyramid.interfaces import IAuthorizationPolicy
config = self._makeOne(autocommit=True)
authn_policy = object()
authz_policy = object()
config.registry.registerUtility(authz_policy, IAuthorizationPolicy)
config.set_authentication_policy(authn_policy)
config.commit()
self.assertEqual(
config.registry.getUtility(IAuthenticationPolicy), authn_policy)
def test_set_authorization_policy_no_authn_policy(self):
config = self._makeOne()
policy = object()
config.set_authorization_policy(policy)
self.assertRaises(ConfigurationExecutionError, config.commit)
def test_set_authorization_policy_no_authn_policy_autocommit(self):
from pyramid.interfaces import IAuthorizationPolicy
config = self._makeOne(autocommit=True)
policy = object()
config.set_authorization_policy(policy)
self.assertEqual(
config.registry.getUtility(IAuthorizationPolicy), policy)
def test_set_authorization_policy_with_authn_policy(self):
from pyramid.interfaces import IAuthorizationPolicy
from pyramid.interfaces import IAuthenticationPolicy
config = self._makeOne()
authn_policy = object()
authz_policy = object()
config.registry.registerUtility(authn_policy, IAuthenticationPolicy)
config.set_authorization_policy(authz_policy)
config.commit()
self.assertEqual(
config.registry.getUtility(IAuthorizationPolicy), authz_policy)
def test_set_authorization_policy_with_authn_policy_autocommit(self):
from pyramid.interfaces import IAuthorizationPolicy
from pyramid.interfaces import IAuthenticationPolicy
config = self._makeOne(autocommit=True)
authn_policy = object()
authz_policy = object()
config.registry.registerUtility(authn_policy, IAuthenticationPolicy)
config.set_authorization_policy(authz_policy)
self.assertEqual(
config.registry.getUtility(IAuthorizationPolicy), authz_policy)
def test_set_default_permission(self):
from pyramid.interfaces import IDefaultPermission
config = self._makeOne(autocommit=True)
config.set_default_permission('view')
self.assertEqual(config.registry.getUtility(IDefaultPermission),
'view')
def test_add_permission(self):
config = self._makeOne(autocommit=True)
config.add_permission('perm')
cat = config.registry.introspector.get_category('permissions')
self.assertEqual(len(cat), 1)
D = cat[0]
intr = D['introspectable']
self.assertEqual(intr['value'], 'perm')
def test_set_default_csrf_options(self):
from pyramid.interfaces import IDefaultCSRFOptions
config = self._makeOne(autocommit=True)
config.set_default_csrf_options()
result = config.registry.getUtility(IDefaultCSRFOptions)
self.assertEqual(result.require_csrf, True)
self.assertEqual(result.token, 'csrf_token')
self.assertEqual(result.header, 'X-CSRF-Token')
self.assertEqual(list(sorted(result.safe_methods)),
['GET', 'HEAD', 'OPTIONS', 'TRACE'])
self.assertTrue(result.callback is None)
def test_changing_set_default_csrf_options(self):
from pyramid.interfaces import IDefaultCSRFOptions
config = self._makeOne(autocommit=True)
def callback(request): return True
config.set_default_csrf_options(
require_csrf=False, token='DUMMY', header=None,
safe_methods=('PUT',), callback=callback)
result = config.registry.getUtility(IDefaultCSRFOptions)
self.assertEqual(result.require_csrf, False)
self.assertEqual(result.token, 'DUMMY')
self.assertEqual(result.header, None)
self.assertEqual(list(sorted(result.safe_methods)), ['PUT'])
self.assertTrue(result.callback is callback)
|
