本文整理汇总了Python中swift.common.middleware.tempauth.filter_factory函数的典型用法代码示例。如果您正苦于以下问题:Python filter_factory函数的具体用法?Python filter_factory怎么用?Python filter_factory使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了filter_factory函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_allowed_sync_hosts
def test_allowed_sync_hosts(self):
a = auth.filter_factory({'super_admin_key': 'supertest'})(FakeApp())
self.assertEquals(a.allowed_sync_hosts, ['127.0.0.1'])
a = auth.filter_factory({'super_admin_key': 'supertest',
'allowed_sync_hosts':
'1.1.1.1,2.1.1.1, 3.1.1.1 , 4.1.1.1,, , 5.1.1.1'})(FakeApp())
self.assertEquals(a.allowed_sync_hosts,
['1.1.1.1', '2.1.1.1', '3.1.1.1', '4.1.1.1', '5.1.1.1'])示例2: test_reseller_prefix_init
def test_reseller_prefix_init(self):
app = FakeApp()
ath = auth.filter_factory({})(app)
self.assertEquals(ath.reseller_prefix, "AUTH_")
ath = auth.filter_factory({"reseller_prefix": "TEST"})(app)
self.assertEquals(ath.reseller_prefix, "TEST_")
ath = auth.filter_factory({"reseller_prefix": "TEST_"})(app)
self.assertEquals(ath.reseller_prefix, "TEST_")示例3: test_auth_no_reseller_prefix_no_token
def test_auth_no_reseller_prefix_no_token(self):
# Check that normally we set up a call back to our authorize.
local_auth = auth.filter_factory({"reseller_prefix": ""})(FakeApp(iter([])))
req = self._make_request("/v1/account")
resp = req.get_response(local_auth)
self.assertEquals(resp.status_int, 401)
self.assertEquals(req.environ["swift.authorize"], local_auth.authorize)
# Now make sure we don't override an existing swift.authorize when we
# have no reseller prefix.
local_auth = auth.filter_factory({"reseller_prefix": ""})(FakeApp())
local_authorize = lambda req: Response("test")
req = self._make_request("/v1/account", environ={"swift.authorize": local_authorize})
resp = req.get_response(local_auth)
self.assertEquals(resp.status_int, 200)
self.assertEquals(req.environ["swift.authorize"], local_authorize)示例4: test_readwrite_privileges
def test_readwrite_privileges(self):
test_auth = auth.filter_factory({'user_rw_user': 'testing'})(
FakeApp(iter(NO_CONTENT_RESP * 15)))
for target in ('/v1/AUTH_otheracct',):
for method in ('GET', 'HEAD', 'OPTIONS'):
# Read-Write user can read account data
req = self._make_request(target, user_groups="AUTH_rw",
environ={'REQUEST_METHOD': method})
resp = req.get_response(test_auth)
self.assertEquals(resp.status_int, 204)
# swift_owner should NOT be set to True
self.assertFalse(req.environ.get('swift_owner'))
# RW user should NOT be able to PUT, POST, or DELETE to the account
for method in ('PUT', 'POST', 'DELETE'):
req = self._make_request(target, user_groups="AUTH_rw",
environ={'REQUEST_METHOD': method})
resp = req.get_response(test_auth)
self.assertEquals(resp.status_int, 403)
# RW user should be able to GET, PUT, POST, or DELETE to containers
# and objects
for target in ('/v1/AUTH_otheracct/c', '/v1/AUTH_otheracct/c/o'):
for method in ('GET', 'HEAD', 'OPTIONS', 'PUT', 'POST', 'DELETE'):
req = self._make_request(target, user_groups="AUTH_rw",
environ={'REQUEST_METHOD': method})
resp = req.get_response(test_auth)
self.assertEquals(resp.status_int, 204)示例5: test_account_delete_permissions
def test_account_delete_permissions(self):
self.test_auth = auth.filter_factory({})(
FakeApp(iter(NO_CONTENT_RESP * 4)))
req = self._make_request('/v1/AUTH_new',
environ={'REQUEST_METHOD': 'DELETE'})
req.remote_user = 'act:usr,act'
resp = self.test_auth.authorize(req)
self.assertEquals(resp.status_int, 403)
req = self._make_request('/v1/AUTH_new',
environ={'REQUEST_METHOD': 'DELETE'})
req.remote_user = 'act:usr,act,AUTH_other'
resp = self.test_auth.authorize(req)
self.assertEquals(resp.status_int, 403)
# Even DELETEs to your own account as account admin should fail
req = self._make_request('/v1/AUTH_old',
environ={'REQUEST_METHOD': 'DELETE'})
req.remote_user = 'act:usr,act,AUTH_old'
resp = self.test_auth.authorize(req)
self.assertEquals(resp.status_int, 403)
req = self._make_request('/v1/AUTH_new',
environ={'REQUEST_METHOD': 'DELETE'})
req.remote_user = 'act:usr,act,.reseller_admin'
resp = self.test_auth.authorize(req)
self.assertEquals(resp, None)
# .super_admin is not something the middleware should ever see or care
# about
req = self._make_request('/v1/AUTH_new',
environ={'REQUEST_METHOD': 'DELETE'})
req.remote_user = 'act:usr,act,.super_admin'
resp = self.test_auth.authorize(req)
self.assertEquals(resp.status_int, 403)示例6: test_authorize_acl_group_access
def test_authorize_acl_group_access(self):
self.test_auth = auth.filter_factory({})(
FakeApp(iter(NO_CONTENT_RESP * 3)))
req = self._make_request('/v1/AUTH_cfa')
req.remote_user = 'act:usr,act'
resp = self.test_auth.authorize(req)
self.assertEquals(resp.status_int, 403)
req = self._make_request('/v1/AUTH_cfa')
req.remote_user = 'act:usr,act'
req.acl = 'act'
self.assertEquals(self.test_auth.authorize(req), None)
req = self._make_request('/v1/AUTH_cfa')
req.remote_user = 'act:usr,act'
req.acl = 'act:usr'
self.assertEquals(self.test_auth.authorize(req), None)
req = self._make_request('/v1/AUTH_cfa')
req.remote_user = 'act:usr,act'
req.acl = 'act2'
resp = self.test_auth.authorize(req)
self.assertEquals(resp.status_int, 403)
req = self._make_request('/v1/AUTH_cfa')
req.remote_user = 'act:usr,act'
req.acl = 'act:usr2'
resp = self.test_auth.authorize(req)
self.assertEquals(resp.status_int, 403)示例7: test_override_asked_for_but_not_allowed
def test_override_asked_for_but_not_allowed(self):
self.test_auth = auth.filter_factory({"allow_overrides": "false"})(FakeApp())
req = self._make_request("/v1/AUTH_account", environ={"swift.authorize_override": True})
resp = req.get_response(self.test_auth)
self.assertEquals(resp.status_int, 401)
self.assertEquals(resp.headers.get("Www-Authenticate"), 'Swift realm="AUTH_account"')
self.assertEquals(req.environ["swift.authorize"], self.test_auth.authorize)示例8: test_override_asked_for_and_allowed
def test_override_asked_for_and_allowed(self):
self.test_auth = \
auth.filter_factory({'allow_overrides': 'true'})(FakeApp())
req = self._make_request('/v1/AUTH_account',
environ={'swift.authorize_override': True})
resp = req.get_response(self.test_auth)
self.assertEquals(resp.status_int, 404)
self.assertTrue('swift.authorize' not in resp.environ)示例9: test_auth_no_reseller_prefix_no_token
def test_auth_no_reseller_prefix_no_token(self):
# Check that normally we set up a call back to our authorize.
local_auth = \
auth.filter_factory({'reseller_prefix': ''})(FakeApp(iter([])))
resp = self._make_request('/v1/account').get_response(local_auth)
self.assertEquals(resp.status_int, 401)
self.assertEquals(resp.environ['swift.authorize'],
local_auth.authorize)
# Now make sure we don't override an existing swift.authorize when we
# have no reseller prefix.
local_auth = \
auth.filter_factory({'reseller_prefix': ''})(FakeApp())
local_authorize = lambda req: Response('test')
resp = self._make_request('/v1/account', environ={'swift.authorize':
local_authorize}).get_response(local_auth)
self.assertEquals(resp.status_int, 200)
self.assertEquals(resp.environ['swift.authorize'], local_authorize)示例10: test_storage_url_default
def test_storage_url_default(self):
self.test_auth = auth.filter_factory({"user_test_tester": "testing"})(FakeApp())
req = self._make_request("/auth/v1.0", headers={"X-Auth-User": "test:tester", "X-Auth-Key": "testing"})
del req.environ["HTTP_HOST"]
req.environ["SERVER_NAME"] = "bob"
req.environ["SERVER_PORT"] = "1234"
resp = req.get_response(self.test_auth)
self.assertEquals(resp.status_int, 200)
self.assertEquals(resp.headers["x-storage-url"], "http://bob:1234/v1/AUTH_test")示例11: test_storage_url_overriden_scheme
def test_storage_url_overriden_scheme(self):
self.test_auth = auth.filter_factory({"user_test_tester": "testing", "storage_url_scheme": "fake"})(FakeApp())
req = self._make_request("/auth/v1.0", headers={"X-Auth-User": "test:tester", "X-Auth-Key": "testing"})
req.environ["HTTP_HOST"] = "somehost:5678"
req.environ["SERVER_NAME"] = "bob"
req.environ["SERVER_PORT"] = "1234"
resp = req.get_response(self.test_auth)
self.assertEquals(resp.status_int, 200)
self.assertEquals(resp.headers["x-storage-url"], "fake://somehost:5678/v1/AUTH_test")示例12: test_object_name_containing_slash
def test_object_name_containing_slash(self):
test_auth = auth.filter_factory({'user_acct_user': 'testing'})(
FakeApp(iter(NO_CONTENT_RESP * 1)))
req = self._make_request('/v1/AUTH_acct/cont/obj/name/with/slash',
headers={'X-Auth-Token': 'AUTH_t'})
cache_key = 'AUTH_/token/AUTH_t'
cache_entry = (time() + 3600, 'AUTH_acct')
req.environ['swift.cache'].set(cache_key, cache_entry)
resp = req.get_response(test_auth)
self.assertEquals(resp.status_int, 204)示例13: test_account_acl_success
def test_account_acl_success(self):
test_auth = auth.filter_factory({'user_admin_user': 'testing'})(
FakeApp(iter(NO_CONTENT_RESP * 1)))
# admin (not a swift admin) wants to read from otheracct
req = self._make_request('/v1/AUTH_otheract', user_groups="AUTH_admin")
# The request returned by _make_request should be allowed
resp = req.get_response(test_auth)
self.assertEquals(resp.status_int, 204)示例14: test_get_user_group
def test_get_user_group(self):
app = FakeApp()
ath = auth.filter_factory({})(app)
ath.users = {"test:tester": {"groups": [".admin"]}}
groups = ath._get_user_groups("test", "test:tester", "AUTH_test")
self.assertEquals(groups, "test,test:tester,AUTH_test")
ath.users = {"test:tester": {"groups": []}}
groups = ath._get_user_groups("test", "test:tester", "AUTH_test")
self.assertEquals(groups, "test,test:tester")示例15: test_override_asked_for_but_not_allowed
def test_override_asked_for_but_not_allowed(self):
self.test_auth = \
auth.filter_factory({'allow_overrides': 'false'})(FakeApp())
req = self._make_request('/v1/AUTH_account',
environ={'swift.authorize_override': True})
resp = req.get_response(self.test_auth)
self.assertEquals(resp.status_int, 401)
self.assertEquals(resp.headers.get('Www-Authenticate'),
'Swift realm="AUTH_account"')
self.assertEquals(req.environ['swift.authorize'],
self.test_auth.authorize)