1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
|
import unittest
from pyramid.exceptions import ConfigurationExecutionError
from pyramid.exceptions import ConfigurationError
class ConfiguratorSecurityMethodsTests(unittest.TestCase):
def _makeOne(self, *arg, **kw):
from pyramid.config import Configurator
config = Configurator(*arg, **kw)
return config
def test_set_authentication_policy_no_authz_policy(self):
config = self._makeOne()
policy = object()
config.set_authentication_policy(policy)
self.assertRaises(ConfigurationExecutionError, config.commit)
def test_set_authentication_policy_no_authz_policy_autocommit(self):
config = self._makeOne(autocommit=True)
policy = object()
self.assertRaises(
ConfigurationError, config.set_authentication_policy, policy
)
def test_set_authentication_policy_with_authz_policy(self):
from pyramid.interfaces import IAuthenticationPolicy
from pyramid.interfaces import IAuthorizationPolicy
config = self._makeOne()
authn_policy = object()
authz_policy = object()
config.registry.registerUtility(authz_policy, IAuthorizationPolicy)
config.set_authentication_policy(authn_policy)
config.commit()
self.assertEqual(
config.registry.getUtility(IAuthenticationPolicy), authn_policy
)
def test_set_authentication_policy_with_authz_policy_autocommit(self):
from pyramid.interfaces import IAuthenticationPolicy
from pyramid.interfaces import IAuthorizationPolicy
config = self._makeOne(autocommit=True)
authn_policy = object()
authz_policy = object()
config.registry.registerUtility(authz_policy, IAuthorizationPolicy)
config.set_authentication_policy(authn_policy)
config.commit()
self.assertEqual(
config.registry.getUtility(IAuthenticationPolicy), authn_policy
)
def test_set_authorization_policy_no_authn_policy(self):
config = self._makeOne()
policy = object()
config.set_authorization_policy(policy)
self.assertRaises(ConfigurationExecutionError, config.commit)
def test_set_authorization_policy_no_authn_policy_autocommit(self):
from pyramid.interfaces import IAuthorizationPolicy
config = self._makeOne(autocommit=True)
policy = object()
config.set_authorization_policy(policy)
self.assertEqual(
config.registry.getUtility(IAuthorizationPolicy), policy
)
def test_set_authorization_policy_with_authn_policy(self):
from pyramid.interfaces import IAuthorizationPolicy
from pyramid.interfaces import IAuthenticationPolicy
config = self._makeOne()
authn_policy = object()
authz_policy = object()
config.registry.registerUtility(authn_policy, IAuthenticationPolicy)
config.set_authorization_policy(authz_policy)
config.commit()
self.assertEqual(
config.registry.getUtility(IAuthorizationPolicy), authz_policy
)
def test_set_authorization_policy_with_authn_policy_autocommit(self):
from pyramid.interfaces import IAuthorizationPolicy
from pyramid.interfaces import IAuthenticationPolicy
config = self._makeOne(autocommit=True)
authn_policy = object()
authz_policy = object()
config.registry.registerUtility(authn_policy, IAuthenticationPolicy)
config.set_authorization_policy(authz_policy)
self.assertEqual(
config.registry.getUtility(IAuthorizationPolicy), authz_policy
)
def test_set_default_permission(self):
from pyramid.interfaces import IDefaultPermission
config = self._makeOne(autocommit=True)
config.set_default_permission('view')
self.assertEqual(
config.registry.getUtility(IDefaultPermission), 'view'
)
def test_add_permission(self):
config = self._makeOne(autocommit=True)
config.add_permission('perm')
cat = config.registry.introspector.get_category('permissions')
self.assertEqual(len(cat), 1)
D = cat[0]
intr = D['introspectable']
self.assertEqual(intr['value'], 'perm')
def test_set_default_csrf_options(self):
from pyramid.interfaces import IDefaultCSRFOptions
config = self._makeOne(autocommit=True)
config.set_default_csrf_options()
result = config.registry.getUtility(IDefaultCSRFOptions)
self.assertEqual(result.require_csrf, True)
self.assertEqual(result.token, 'csrf_token')
self.assertEqual(result.header, 'X-CSRF-Token')
self.assertEqual(
list(sorted(result.safe_methods)),
['GET', 'HEAD', 'OPTIONS', 'TRACE'],
)
self.assertTrue(result.callback is None)
def test_changing_set_default_csrf_options(self):
from pyramid.interfaces import IDefaultCSRFOptions
config = self._makeOne(autocommit=True)
def callback(request): # pragma: no cover
return True
config.set_default_csrf_options(
require_csrf=False,
token='DUMMY',
header=None,
safe_methods=('PUT',),
callback=callback,
)
result = config.registry.getUtility(IDefaultCSRFOptions)
self.assertEqual(result.require_csrf, False)
self.assertEqual(result.token, 'DUMMY')
self.assertEqual(result.header, None)
self.assertEqual(list(sorted(result.safe_methods)), ['PUT'])
self.assertTrue(result.callback is callback)
|
