Merged in [7549] from rcross@amsl.com:
fix tests to work with secauth middleware changes
- Legacy-Id: 7570
Note: SVN reference [7549] has been migrated to Git commit 0b5fc98290
This commit is contained in:
Henrik Levkowetz
commit
003691fd86
|
|
@ -77,7 +77,7 @@ class GroupsTest(TestCase):
|
||||||
make_test_data()
|
make_test_data()
|
||||||
group = Group.objects.all()[0]
|
group = Group.objects.all()[0]
|
||||||
url = reverse('groups_view', kwargs={'acronym':group.acronym})
|
url = reverse('groups_view', kwargs={'acronym':group.acronym})
|
||||||
response = self.client.get(url)
|
response = self.client.get(url, REMOTE_USER=SECR_USER)
|
||||||
self.assertEqual(response.status_code, 200)
|
self.assertEqual(response.status_code, 200)
|
||||||
|
|
||||||
# ------- Test Edit -------- #
|
# ------- Test Edit -------- #
|
||||||
|
|
|
||||||
|
|
@ -1,21 +1,15 @@
|
||||||
import re
|
import re
|
||||||
|
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
from django.shortcuts import render_to_response
|
from django.contrib.auth.decorators import login_required
|
||||||
|
from ietf.ietfauth.utils import has_role, role_required
|
||||||
|
|
||||||
from ietf.ietfauth.utils import has_role
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
class SecAuthMiddleware(object):
|
class SecAuthMiddleware(object):
|
||||||
"""
|
"""
|
||||||
Middleware component that performs custom auth check for every
|
Middleware component that performs custom auth check for secretariat
|
||||||
request except those excluded by SECR_AUTH_UNRESTRICTED_URLS.
|
apps. request except those excluded by SECR_AUTH_UNRESTRICTED_URLS.
|
||||||
|
|
||||||
Since authentication is performed externally at the apache level
|
|
||||||
REMOTE_USER should contain the name of the authenticated
|
|
||||||
user. If the user is a secretariat than access is granted.
|
|
||||||
Otherwise return a 401 error page.
|
|
||||||
|
|
||||||
To use, add the class to MIDDLEWARE_CLASSES and define
|
To use, add the class to MIDDLEWARE_CLASSES and define
|
||||||
SECR_AUTH_UNRESTRICTED_URLS in your settings.py.
|
SECR_AUTH_UNRESTRICTED_URLS in your settings.py.
|
||||||
|
|
@ -28,30 +22,32 @@ class SecAuthMiddleware(object):
|
||||||
|
|
||||||
Also sets custom request attributes:
|
Also sets custom request attributes:
|
||||||
user_is_secretariat
|
user_is_secretariat
|
||||||
user_is_chair
|
|
||||||
user_is_ad
|
|
||||||
)
|
|
||||||
|
|
||||||
"""
|
"""
|
||||||
|
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
self.unrestricted = [re.compile(pattern) for pattern in
|
self.unrestricted = [re.compile(pattern) for pattern in
|
||||||
settings.SECR_AUTH_UNRESTRICTED_URLS]
|
settings.SECR_AUTH_UNRESTRICTED_URLS]
|
||||||
|
|
||||||
|
def is_unrestricted_url(self,path):
|
||||||
|
for pattern in self.unrestricted:
|
||||||
|
if pattern.match(path):
|
||||||
|
return True
|
||||||
|
return False
|
||||||
|
|
||||||
def process_view(self, request, view_func, view_args, view_kwargs):
|
def process_view(self, request, view_func, view_args, view_kwargs):
|
||||||
# need to initialize user, it doesn't get set when running tests for example
|
|
||||||
|
|
||||||
if request.path.startswith('/secr/'):
|
if request.path.startswith('/secr/'):
|
||||||
request.user_is_secretariat = False
|
# set custom request attribute
|
||||||
|
|
||||||
if request.user.is_anonymous():
|
|
||||||
return render_to_response('401.html')
|
|
||||||
|
|
||||||
# do custom check
|
|
||||||
if has_role(request.user, 'Secretariat'):
|
if has_role(request.user, 'Secretariat'):
|
||||||
request.user_is_secretariat = True
|
request.user_is_secretariat = True
|
||||||
|
else:
|
||||||
return None
|
request.user_is_secretariat = False
|
||||||
|
|
||||||
return None
|
if request.path.startswith('/secr/announcement/'):
|
||||||
|
return login_required(view_func)(request,*view_args,**view_kwargs)
|
||||||
|
elif self.is_unrestricted_url(request.path):
|
||||||
|
return role_required('WG Chair','Secretariat')(view_func)(request,*view_args,**view_kwargs)
|
||||||
|
else:
|
||||||
|
return role_required('Secretariat')(view_func)(request,*view_args,**view_kwargs)
|
||||||
|
else:
|
||||||
|
return None
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -12,13 +12,13 @@ class SreqUrlTests(TestCase):
|
||||||
def test_urls(self):
|
def test_urls(self):
|
||||||
draft = make_test_data()
|
draft = make_test_data()
|
||||||
|
|
||||||
r = self.client.get("/secr/")
|
r = self.client.get("/secr/",REMOTE_USER=SECR_USER)
|
||||||
self.assertEqual(r.status_code, 200)
|
self.assertEqual(r.status_code, 200)
|
||||||
|
|
||||||
r = self.client.get("/secr/sreq/")
|
r = self.client.get("/secr/sreq/",REMOTE_USER=SECR_USER)
|
||||||
self.assertEqual(r.status_code, 200)
|
self.assertEqual(r.status_code, 200)
|
||||||
|
|
||||||
r = self.client.get("/secr/sreq/%s/new/" % draft.group.acronym)
|
r = self.client.get("/secr/sreq/%s/new/" % draft.group.acronym, REMOTE_USER=SECR_USER)
|
||||||
self.assertEqual(r.status_code, 200)
|
self.assertEqual(r.status_code, 200)
|
||||||
|
|
||||||
class MainTestCase(TestCase):
|
class MainTestCase(TestCase):
|
||||||
|
|
@ -42,8 +42,8 @@ class SubmitRequestCase(TestCase):
|
||||||
'id_attendees':'10',
|
'id_attendees':'10',
|
||||||
'id_conflict1':'',
|
'id_conflict1':'',
|
||||||
'id_comments':'need projector'}
|
'id_comments':'need projector'}
|
||||||
self.client.login( REMOTE_USER=SECR_USER)
|
self.client.login(REMOTE_USER=SECR_USER)
|
||||||
r = self.client.post(url,post_data)
|
r = self.client.post(url,post_data,REMOTE_USER=SECR_USER)
|
||||||
self.assertEqual(r.status_code, 200)
|
self.assertEqual(r.status_code, 200)
|
||||||
"""
|
"""
|
||||||
#assert False, self.client.session..__dict__
|
#assert False, self.client.session..__dict__
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue