Merged in [7549] from rcross@amsl.com:

fix tests to work with secauth middleware changes - Legacy-Id: 7570 Note: SVN reference [7549] has been migrated to Git commit 0b5fc98290
2014-04-06 14:41:44 +00:00 · 2014-04-06 14:41:44 +00:00 · 003691fd86
parent a83c139a43 0b5fc98290
commit 003691fd86
3 changed files with 27 additions and 31 deletions
--- a/ietf/secr/groups/tests.py
+++ b/ietf/secr/groups/tests.py
@ -77,7 +77,7 @@ class GroupsTest(TestCase):
        make_test_data()
        group = Group.objects.all()[0]
        url = reverse('groups_view', kwargs={'acronym':group.acronym})
-        response = self.client.get(url)
+        response = self.client.get(url, REMOTE_USER=SECR_USER)
        self.assertEqual(response.status_code, 200)

    # ------- Test Edit -------- #
--- a/ietf/secr/middleware/secauth.py
+++ b/ietf/secr/middleware/secauth.py
@ -1,21 +1,15 @@
 import re

 from django.conf import settings
-from django.shortcuts import render_to_response
+from django.contrib.auth.decorators import login_required
+from ietf.ietfauth.utils import has_role, role_required

-from ietf.ietfauth.utils import has_role
-            


 class SecAuthMiddleware(object):
    """
-    Middleware component that performs custom auth check for every
-    request except those excluded by SECR_AUTH_UNRESTRICTED_URLS.
-
-    Since authentication is performed externally at the apache level
-    REMOTE_USER should contain the name of the authenticated
-    user.  If the user is a secretariat than access is granted.  
-    Otherwise return a 401 error page.
+    Middleware component that performs custom auth check for secretariat
+    apps.  request except those excluded by SECR_AUTH_UNRESTRICTED_URLS.

    To use, add the class to MIDDLEWARE_CLASSES and define
    SECR_AUTH_UNRESTRICTED_URLS in your settings.py.
@ -28,30 +22,32 @@ class SecAuthMiddleware(object):

    Also sets custom request attributes:
    user_is_secretariat
-    user_is_chair
-    user_is_ad
-    )
-
    """
 
    def __init__(self):
        self.unrestricted = [re.compile(pattern) for pattern in
            settings.SECR_AUTH_UNRESTRICTED_URLS]

+    def is_unrestricted_url(self,path):
+        for pattern in self.unrestricted:
+            if pattern.match(path):
+                return True
+        return False
+        
    def process_view(self, request, view_func, view_args, view_kwargs):
-        # need to initialize user, it doesn't get set when running tests for example
-
        if request.path.startswith('/secr/'):
-            request.user_is_secretariat = False
-            
-            if request.user.is_anonymous():
-                return render_to_response('401.html')
-
-            # do custom check
+            # set custom request attribute
            if has_role(request.user, 'Secretariat'):
                request.user_is_secretariat = True
-                    
-            return None
+            else:
+                request.user_is_secretariat = False

-        return None
+            if request.path.startswith('/secr/announcement/'):
+                return login_required(view_func)(request,*view_args,**view_kwargs)
+            elif self.is_unrestricted_url(request.path):
+                return role_required('WG Chair','Secretariat')(view_func)(request,*view_args,**view_kwargs)
+            else:
+                return role_required('Secretariat')(view_func)(request,*view_args,**view_kwargs)
+        else:
+            return None
        
--- a/ietf/secr/sreq/tests.py
+++ b/ietf/secr/sreq/tests.py
@ -12,13 +12,13 @@ class SreqUrlTests(TestCase):
    def test_urls(self):
        draft = make_test_data()

-        r = self.client.get("/secr/")
+        r = self.client.get("/secr/",REMOTE_USER=SECR_USER)
        self.assertEqual(r.status_code, 200)

-        r = self.client.get("/secr/sreq/")
+        r = self.client.get("/secr/sreq/",REMOTE_USER=SECR_USER)
        self.assertEqual(r.status_code, 200)

-        r = self.client.get("/secr/sreq/%s/new/" % draft.group.acronym)
+        r = self.client.get("/secr/sreq/%s/new/" % draft.group.acronym, REMOTE_USER=SECR_USER)
        self.assertEqual(r.status_code, 200)

 class MainTestCase(TestCase):
@ -42,8 +42,8 @@ class SubmitRequestCase(TestCase):
                     'id_attendees':'10',
                     'id_conflict1':'',
                     'id_comments':'need projector'}
-        self.client.login(  REMOTE_USER=SECR_USER)
-        r = self.client.post(url,post_data)
+        self.client.login(REMOTE_USER=SECR_USER)
+        r = self.client.post(url,post_data,REMOTE_USER=SECR_USER)
        self.assertEqual(r.status_code, 200)
 """
        #assert False, self.client.session..__dict__