From fbc58de27adcc8c5d4dc0b19acd5e4b5c7816eaf Mon Sep 17 00:00:00 2001 From: "Dustin C. Hatch" Date: Tue, 27 Nov 2012 18:55:38 -0600 Subject: [PATCH] Started unit tests for the auth framework --- src/milla/tests/test_auth.py | 112 +++++++++++++++++++++++++++++++++++ 1 file changed, 112 insertions(+) create mode 100644 src/milla/tests/test_auth.py diff --git a/src/milla/tests/test_auth.py b/src/milla/tests/test_auth.py new file mode 100644 index 0000000..bc01cbf --- /dev/null +++ b/src/milla/tests/test_auth.py @@ -0,0 +1,112 @@ +'''Tests for the Authentication/Authorization framework + +:Created: Nov 27, 2012 +:Author: dustin +''' +import milla.auth +import nose.tools + + +def test_exception_callable(): + '''Ensure that NotAuthorizedException is a valid controller callable + ''' + + exc = milla.auth.NotAuthorized() + request = milla.Request.blank('/') + response = exc(request) + assert isinstance(response, milla.Response) + assert response.status.startswith('4') + +@nose.tools.raises(milla.auth.NotAuthorized) +def test_request_validator_nouser(): + '''Ensure ensure requests without a user attribute raise NotAuthorized + ''' + + validator = milla.auth.RequestValidator() + request = milla.Request.blank('/') + validator.validate(request) + +@nose.tools.raises(milla.auth.NotAuthorized) +def test_request_validator_emptyuser(): + '''Ensure requests with an empty user raise NotAuthorized + ''' + + validator = milla.auth.RequestValidator() + request = milla.Request.blank('/') + request.user = None + validator.validate(request) + +def test_request_validator_user_noperms(): + '''Ensure user permissions are not checked if no requirement is given + + If no ``requirement`` is given to + :py:meth:`milla.auth.RequestValidator.validate`, then the fact that the + request's ``user`` attribute doesn't have a ``permissions`` attribute + shouldn't matter. + ''' + + class User(object): + pass + + validator = milla.auth.RequestValidator() + request = milla.Request.blank('/') + request.user = User() + validator.validate(request) + +@nose.tools.raises(milla.auth.NotAuthorized) +def test_request_validator_missingperms(): + '''Ensure requests whose user has no permissions attribute are invalid + ''' + + class User(object): + pass + + validator = milla.auth.RequestValidator() + request = milla.Request.blank('/') + request.user = User() + requirement = milla.auth.permissions.Permission('foo') + validator.validate(request, requirement) + +@nose.tools.raises(milla.auth.NotAuthorized) +def test_request_validator_emptyperms(): + '''Ensure requests whose user has an empty set of permissions are invalid + ''' + + class User(object): + pass + + validator = milla.auth.RequestValidator() + request = milla.Request.blank('/') + request.user = User() + request.user.permissions = [] + requirement = milla.auth.permissions.Permission('foo') + validator.validate(request, requirement) + +@nose.tools.raises(milla.auth.NotAuthorized) +def test_request_validator_incorrectperms(): + '''Ensure requests whose user has incorrect permissions raise NotAuthorized + ''' + + class User(object): + pass + + validator = milla.auth.RequestValidator() + request = milla.Request.blank('/') + request.user = User() + request.user.permissions = ['bar'] + requirement = milla.auth.permissions.Permission('foo') + validator.validate(request, requirement) + +def test_request_validator_correctperms(): + '''Ensure requests from users with appropriate permissions are valid + ''' + + class User(object): + pass + + validator = milla.auth.RequestValidator() + request = milla.Request.blank('/') + request.user = User() + request.user.permissions = ['foo'] + requirement = milla.auth.permissions.Permission('foo') + validator.validate(request, requirement) \ No newline at end of file