From ff8ecf06da753eee95566c1bbd8b93b98be0a3a1 Mon Sep 17 00:00:00 2001 From: Andrew Svetlov Date: Tue, 4 Aug 2015 21:19:01 +0300 Subject: [PATCH] Return authenticated anonymous if library was not setted up --- aiohttp_security/api.py | 12 ++++-- tests/test_no_auth.py | 82 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 90 insertions(+), 4 deletions(-) create mode 100644 tests/test_no_auth.py diff --git a/aiohttp_security/api.py b/aiohttp_security/api.py index cfbe35e..58497a3 100644 --- a/aiohttp_security/api.py +++ b/aiohttp_security/api.py @@ -20,8 +20,10 @@ def forget(request, response): @asyncio.coroutine def authorized_userid(request): - identity_policy = request.app[IDENTITY_KEY] - autz_policy = request.app[AUTZ_KEY] + identity_policy = request.app.get(IDENTITY_KEY) + autz_policy = request.app.get(AUTZ_KEY) + if identity_policy is None or autz_policy is None: + return None identity = yield from identity_policy.identify(request) user_id = yield from autz_policy.authorized_userid(identity) return user_id @@ -29,8 +31,10 @@ def authorized_userid(request): @asyncio.coroutine def permits(request, permission, context=None): - identity_policy = request.app[IDENTITY_KEY] - autz_policy = request.app[AUTZ_KEY] + identity_policy = request.app.get(IDENTITY_KEY) + autz_policy = request.app.get(AUTZ_KEY) + if identity_policy is None or autz_policy is None: + return True identity = yield from identity_policy.identify(request) access = yield from autz_policy.permits(identity, permission, context) return access diff --git a/tests/test_no_auth.py b/tests/test_no_auth.py new file mode 100644 index 0000000..ca3c04a --- /dev/null +++ b/tests/test_no_auth.py @@ -0,0 +1,82 @@ +import asyncio +import socket +import unittest + +import aiohttp +from aiohttp import web +from aiohttp_security import (authorized_userid, permits) + + +class TestNoAuth(unittest.TestCase): + + def setUp(self): + self.loop = asyncio.new_event_loop() + asyncio.set_event_loop(None) + self.client = aiohttp.ClientSession(loop=self.loop) + + def tearDown(self): + self.client.close() + self.loop.run_until_complete(self.handler.finish_connections()) + self.srv.close() + self.loop.run_until_complete(self.srv.wait_closed()) + self.loop.close() + + def find_unused_port(self): + s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + s.bind(('127.0.0.1', 0)) + port = s.getsockname()[1] + s.close() + return port + + @asyncio.coroutine + def create_server(self): + app = web.Application(loop=self.loop) + + port = self.find_unused_port() + self.handler = app.make_handler( + debug=False, keep_alive_on=False) + srv = yield from self.loop.create_server( + self.handler, '127.0.0.1', port) + url = "http://127.0.0.1:{}/".format(port) + self.srv = srv + return app, srv, url + + def test_authorized_userid(self): + + @asyncio.coroutine + def check(request): + userid = yield from authorized_userid(request) + self.assertIsNone(userid) + return web.Response() + + @asyncio.coroutine + def go(): + app, srv, url = yield from self.create_server() + app.router.add_route('GET', '/', check) + resp = yield from self.client.get(url) + self.assertEqual(200, resp.status) + yield from resp.release() + + self.loop.run_until_complete(go()) + + def test_permits(self): + + @asyncio.coroutine + def check(request): + ret = yield from permits(request, 'read') + self.assertTrue(ret) + ret = yield from permits(request, 'write') + self.assertTrue(ret) + ret = yield from permits(request, 'unknown') + self.assertTrue(ret) + return web.Response() + + @asyncio.coroutine + def go(): + app, srv, url = yield from self.create_server() + app.router.add_route('GET', '/', check) + resp = yield from self.client.get(url) + self.assertEqual(200, resp.status) + yield from resp.release() + + self.loop.run_until_complete(go())