This repository has been archived by the owner on Dec 15, 2018. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 58
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
decorator to check for project admin
Summary: This diff implements a decorator that we can use for requiring project admins. It does NOT contain any user-facing change. Test Plan: unit tests Reviewers: anupc Reviewed By: anupc Subscribers: changesbot, kylec Differential Revision: https://tails.corp.dropbox.com/D221863
- Loading branch information
Naphat Sanguansin
committed
Aug 24, 2016
1 parent
04176df
commit 885ad0c
Showing
3 changed files
with
142 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,90 @@ | ||
import mock | ||
import pytest | ||
|
||
from changes.api.auth import ( | ||
ResourceNotFound, requires_project_admin, | ||
) | ||
from changes.testutils import TestCase | ||
|
||
|
||
class ProjectAdminTestCase(TestCase): | ||
|
||
_project_slug = 'other:project-a' | ||
|
||
class DidExecute(Exception): | ||
pass | ||
|
||
def _get_project_slug(self): | ||
return self._project_slug | ||
|
||
def _get_project_slug_error(self): | ||
raise ResourceNotFound | ||
|
||
@requires_project_admin(_get_project_slug) | ||
def _sample_function(self): | ||
raise self.DidExecute | ||
|
||
@requires_project_admin(_get_project_slug_error) | ||
def _sample_function_error(self): | ||
raise self.DidExecute | ||
|
||
respond = mock.MagicMock() | ||
|
||
def test_global_admin(self): | ||
user = self.create_user(email='user1@example.com', is_admin=True) | ||
with mock.patch('changes.api.auth.get_current_user') as mocked: | ||
mocked.return_value = user | ||
with pytest.raises(self.DidExecute): | ||
self._sample_function() | ||
|
||
def test_authenticated_exact(self): | ||
user = self.create_user(email='user1@example.com', project_permissions=['someproject', 'other:project-a', 'otherproject']) | ||
with mock.patch('changes.api.auth.get_current_user') as mocked: | ||
mocked.return_value = user | ||
with pytest.raises(self.DidExecute): | ||
self._sample_function() | ||
|
||
def test_authenticated_pattern_trailing(self): | ||
user = self.create_user(email='user1@example.com', project_permissions=['someproject', 'other:*', 'otherproject']) | ||
with mock.patch('changes.api.auth.get_current_user') as mocked: | ||
mocked.return_value = user | ||
with pytest.raises(self.DidExecute): | ||
self._sample_function() | ||
|
||
def test_authenticated_pattern_both(self): | ||
user = self.create_user(email='user1@example.com', project_permissions=['someproject', '*other:*', 'otherproject']) | ||
with mock.patch('changes.api.auth.get_current_user') as mocked: | ||
mocked.return_value = user | ||
with pytest.raises(self.DidExecute): | ||
self._sample_function() | ||
|
||
def test_not_authenticated_none(self): | ||
user = self.create_user(email='user1@example.com') | ||
with mock.patch('changes.api.auth.get_current_user') as mocked: | ||
mocked.return_value = user | ||
self._sample_function() | ||
_, kwargs = self.respond.call_args | ||
assert kwargs['status_code'] == 403 | ||
|
||
def test_not_authenticated_pattern(self): | ||
user = self.create_user(email='user1@example.com', project_permissions=['someproject*', 'otherproject']) | ||
with mock.patch('changes.api.auth.get_current_user') as mocked: | ||
mocked.return_value = user | ||
self._sample_function() | ||
_, kwargs = self.respond.call_args | ||
assert kwargs['status_code'] == 403 | ||
|
||
def test_no_user(self): | ||
with mock.patch('changes.api.auth.get_current_user') as mocked: | ||
mocked.return_value = None | ||
self._sample_function() | ||
_, kwargs = self.respond.call_args | ||
assert kwargs['status_code'] == 401 | ||
|
||
def test_resource_not_found(self): | ||
user = self.create_user(email='user1@example.com', project_permissions=['someproject', 'other:project-a', 'otherproject']) | ||
with mock.patch('changes.api.auth.get_current_user') as mocked: | ||
mocked.return_value = user | ||
status = self._sample_function_error() | ||
_, kwargs = self.respond.call_args | ||
assert kwargs['status_code'] == 404 |