Commits

Andriy Kornatskyy  committed 23acff3

Refactoring authorization module tests.

  • Participants
  • Parent commits d374b37

Comments (0)

Files changed (3)

File src/wheezy/security/authorization.py

 
         ``roles`` - a list of authorized roles.
 
-        >>> from wheezy.security.principal import Principal
-        >>> class Context(object):
-        ...     principal = None
-        ...
-        ...     @authorized
-        ...     def op_a(self):
-        ...         return True
-        ...
-        ...     @authorized(roles=('operator',))
-        ...     def op_b(self):
-        ...         return True
-        >>> c = Context()
-        >>> c.op_a() # doctest: +ELLIPSIS +IGNORE_EXCEPTION_DETAIL
-        Traceback (most recent call last):
-            ...
-        SecurityError: ...
-        >>> c.principal = Principal()
-        >>> c.op_a()
-        True
-        >>> c.principal = None
-        >>> c.op_b() # doctest: +ELLIPSIS +IGNORE_EXCEPTION_DETAIL
-        Traceback (most recent call last):
-            ...
-        SecurityError: ...
-        >>> c.op_b() # doctest: +ELLIPSIS +IGNORE_EXCEPTION_DETAIL
-        Traceback (most recent call last):
-            ...
-        SecurityError: ...
-        >>> c.principal = Principal(roles=('user',))
-        >>> c.op_b() # doctest: +ELLIPSIS +IGNORE_EXCEPTION_DETAIL
-        Traceback (most recent call last):
-            ...
-        SecurityError: ...
-        >>> c.principal = Principal(roles=('user', 'operator'))
-        >>> c.op_b()
-        True
+        Here is an example::
+
+            from wheezy.security.principal import Principal
+
+            class Context(object):
+                principal = None
+
+                @authorized
+                def op_a(self):
+                    return True
+
+                @authorized(roles=('operator',))
+                def op_b(self):
+                    return True
     """
     def decorate(func):
         if roles:

File src/wheezy/security/errors.py

 
     def __init__(self, message):
         self.message = message
-
-    def __str__(self):
-        return self.message

File src/wheezy/security/tests/test_authorization.py

+
+""" Unit tests for ``wheezy.security.authorization``.
+"""
+
+import unittest
+
+
+from wheezy.security.authorization import authorized
+from wheezy.security.principal import Principal
+
+
+class MyService(object):
+    principal = None
+
+    @authorized
+    def op_a(self):
+        return True
+
+    @authorized(roles=('operator',))
+    def op_b(self):
+        return True
+
+
+class AuthorizedTestCase(unittest.TestCase):
+
+    def test_access_by_anonymous(self):
+        """ Ensure anonymous has no access.
+        """
+        from wheezy.security.errors import SecurityError
+        s = MyService()
+
+        self.assertRaises(SecurityError, lambda: s.op_a())
+        self.assertRaises(SecurityError, lambda: s.op_b())
+
+    def test_access_by_authenticated(self):
+        """ Ensure authenticated principal has access to `op_a` but
+            not to `op_b`.
+        """
+        from wheezy.security.errors import SecurityError
+        s = MyService()
+
+        s.principal = Principal()
+        assert s.op_a()
+        self.assertRaises(SecurityError, lambda: s.op_b())
+
+    def test_access_by_authorized(self):
+        """ Ensure principal with role `operator` has access to `op_b`.
+        """
+        s = MyService()
+
+        s.principal = Principal(roles=('user', 'operator'))
+        assert s.op_a()
+        assert s.op_b()