[feat] reuse the url mapper instead of creating it for every request

author: drebs <drebs@leap.se> 2016-12-18 14:21:54 -0200
committer: Kali Kaneko <kali@leap.se> 2017-02-09 17:41:34 +0100
commit: e73d36621052a69aae327200c063ac1689bcf9e0 (patch)
tree: c53a1d4ab94827147ee0f599e2d344621936cf63 /testing
parent: a39af0e003ba95c9b7ab554aa4a4c5ce316a43c7 (diff)
1 files changed, 114 insertions, 137 deletions
diff --git a/testing/tests/server/test_server.py b/testing/tests/server/test_server.py
index cae2e75c..09242736 100644
--- a/testing/tests/server/test_server.py
+++ b/testing/tests/server/test_server.py
@@ -45,7 +45,7 @@ from leap.soledad.client import _crypto
 from leap.soledad.client import Soledad
 from leap.soledad.server.config import load_configuration
 from leap.soledad.server.config import CONFIG_DEFAULTS
-from leap.soledad.server.auth import URLToAuthorization
+from leap.soledad.server.auth import URLMapper
 from leap.soledad.server.auth import SoledadTokenAuthMiddleware
 
 
@@ -116,175 +116,152 @@ class ServerAuthorizationTestCase(BaseSoledadTest):
             /user-db/sync-from/{source}   | GET, PUT, POST
         """
         uuid = uuid4().hex
-        authmap = URLToAuthorization(uuid,)
-        dbname = authmap._user_db_name
+        urlmap = URLMapper()
+        dbname = 'user-%s' % uuid
+
         # test global auth
-        self.assertTrue(
-            authmap.is_authorized(self._make_environ('/', 'GET')))
+        match = urlmap.match(self._make_environ('/', 'GET'))
+
         # test shared-db database resource auth
-        self.assertTrue(
-            authmap.is_authorized(
-                self._make_environ('/shared', 'GET')))
-        self.assertFalse(
-            authmap.is_authorized(
+        match = urlmap.match(
+            self._make_environ('/shared', 'GET'))
+        self.assertIsNotNone(match)
+
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/shared', 'PUT')))
-        self.assertFalse(
-            authmap.is_authorized(
+
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/shared', 'DELETE')))
-        self.assertFalse(
-            authmap.is_authorized(
+
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/shared', 'POST')))
+
         # test shared-db docs resource auth
-        self.assertFalse(
-            authmap.is_authorized(
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/shared/docs', 'GET')))
-        self.assertFalse(
-            authmap.is_authorized(
+
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/shared/docs', 'PUT')))
-        self.assertFalse(
-            authmap.is_authorized(
+
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/shared/docs', 'DELETE')))
-        self.assertFalse(
-            authmap.is_authorized(
+
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/shared/docs', 'POST')))
+
         # test shared-db doc resource auth
-        self.assertTrue(
-            authmap.is_authorized(
-                self._make_environ('/shared/doc/x', 'GET')))
-        self.assertTrue(
-            authmap.is_authorized(
-                self._make_environ('/shared/doc/x', 'PUT')))
-        self.assertTrue(
-            authmap.is_authorized(
-                self._make_environ('/shared/doc/x', 'DELETE')))
-        self.assertFalse(
-            authmap.is_authorized(
+        match = urlmap.match(
+            self._make_environ('/shared/doc/x', 'GET'))
+        self.assertIsNotNone(match)
+        self.assertEqual('x', match.get('id'))
+
+        match = urlmap.match(
+            self._make_environ('/shared/doc/x', 'PUT'))
+        self.assertIsNotNone(match)
+        self.assertEqual('x', match.get('id'))
+
+        match = urlmap.match(
+            self._make_environ('/shared/doc/x', 'DELETE'))
+        self.assertEqual('x', match.get('id'))
+
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/shared/doc/x', 'POST')))
+
         # test shared-db sync resource auth
-        self.assertFalse(
-            authmap.is_authorized(
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/shared/sync-from/x', 'GET')))
-        self.assertFalse(
-            authmap.is_authorized(
+
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/shared/sync-from/x', 'PUT')))
-        self.assertFalse(
-            authmap.is_authorized(
+
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/shared/sync-from/x', 'DELETE')))
-        self.assertFalse(
-            authmap.is_authorized(
+
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/shared/sync-from/x', 'POST')))
+
         # test user-db database resource auth
-        self.assertFalse(
-            authmap.is_authorized(
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/%s' % dbname, 'GET')))
-        self.assertFalse(
-            authmap.is_authorized(
+
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/%s' % dbname, 'PUT')))
-        self.assertFalse(
-            authmap.is_authorized(
+
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/%s' % dbname, 'DELETE')))
-        self.assertFalse(
-            authmap.is_authorized(
+
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/%s' % dbname, 'POST')))
+
         # test user-db docs resource auth
-        self.assertFalse(
-            authmap.is_authorized(
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/%s/docs' % dbname, 'GET')))
-        self.assertFalse(
-            authmap.is_authorized(
+
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/%s/docs' % dbname, 'PUT')))
-        self.assertFalse(
-            authmap.is_authorized(
+
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/%s/docs' % dbname, 'DELETE')))
-        self.assertFalse(
-            authmap.is_authorized(
+
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/%s/docs' % dbname, 'POST')))
+
         # test user-db doc resource auth
-        self.assertFalse(
-            authmap.is_authorized(
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/%s/doc/x' % dbname, 'GET')))
-        self.assertFalse(
-            authmap.is_authorized(
+
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/%s/doc/x' % dbname, 'PUT')))
-        self.assertFalse(
-            authmap.is_authorized(
+
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/%s/doc/x' % dbname, 'DELETE')))
-        self.assertFalse(
-            authmap.is_authorized(
+
+        self.assertIsNone(
+            urlmap.match(
                 self._make_environ('/%s/doc/x' % dbname, 'POST')))
+
         # test user-db sync resource auth
-        self.assertTrue(
-            authmap.is_authorized(
-                self._make_environ('/%s/sync-from/x' % dbname, 'GET')))
-        self.assertTrue(
-            authmap.is_authorized(
-                self._make_environ('/%s/sync-from/x' % dbname, 'PUT')))
-        self.assertFalse(
-            authmap.is_authorized(
-                self._make_environ('/%s/sync-from/x' % dbname, 'DELETE')))
-        self.assertTrue(
-            authmap.is_authorized(
-                self._make_environ('/%s/sync-from/x' % dbname, 'POST')))
-
-    def test_verify_action_with_wrong_dbnames(self):
-        """
-        Test if authorization fails for a wrong dbname.
-        """
-        uuid = uuid4().hex
-        authmap = URLToAuthorization(uuid)
-        dbname = 'somedb'
-        # test wrong-db database resource auth
-        self.assertFalse(
-            authmap.is_authorized(
-                self._make_environ('/%s' % dbname, 'GET')))
-        self.assertFalse(
-            authmap.is_authorized(
-                self._make_environ('/%s' % dbname, 'PUT')))
-        self.assertFalse(
-            authmap.is_authorized(
-                self._make_environ('/%s' % dbname, 'DELETE')))
-        self.assertFalse(
-            authmap.is_authorized(
-                self._make_environ('/%s' % dbname, 'POST')))
-        # test wrong-db docs resource auth
-        self.assertFalse(
-            authmap.is_authorized(
-                self._make_environ('/%s/docs' % dbname, 'GET')))
-        self.assertFalse(
-            authmap.is_authorized(
-                self._make_environ('/%s/docs' % dbname, 'PUT')))
-        self.assertFalse(
-            authmap.is_authorized(
-                self._make_environ('/%s/docs' % dbname, 'DELETE')))
-        self.assertFalse(
-            authmap.is_authorized(
-                self._make_environ('/%s/docs' % dbname, 'POST')))
-        # test wrong-db doc resource auth
-        self.assertFalse(
-            authmap.is_authorized(
-                self._make_environ('/%s/doc/x' % dbname, 'GET')))
-        self.assertFalse(
-            authmap.is_authorized(
-                self._make_environ('/%s/doc/x' % dbname, 'PUT')))
-        self.assertFalse(
-            authmap.is_authorized(
-                self._make_environ('/%s/doc/x' % dbname, 'DELETE')))
-        self.assertFalse(
-            authmap.is_authorized(
-                self._make_environ('/%s/doc/x' % dbname, 'POST')))
-        # test wrong-db sync resource auth
-        self.assertFalse(
-            authmap.is_authorized(
-                self._make_environ('/%s/sync-from/x' % dbname, 'GET')))
-        self.assertFalse(
-            authmap.is_authorized(
-                self._make_environ('/%s/sync-from/x' % dbname, 'PUT')))
-        self.assertFalse(
-            authmap.is_authorized(
-                self._make_environ('/%s/sync-from/x' % dbname, 'DELETE')))
-        self.assertFalse(
-            authmap.is_authorized(
-                self._make_environ('/%s/sync-from/x' % dbname, 'POST')))
+        match = urlmap.match(
+            self._make_environ('/%s/sync-from/x' % dbname, 'GET'))
+        self.assertEqual(uuid, match.get('uuid'))
+        self.assertEqual('x', match.get('source_replica_uid'))
+
+        match = urlmap.match(
+            self._make_environ('/%s/sync-from/x' % dbname, 'PUT'))
+        self.assertEqual(uuid, match.get('uuid'))
+        self.assertEqual('x', match.get('source_replica_uid'))
+
+        match = urlmap.match(
+            self._make_environ('/%s/sync-from/x' % dbname, 'DELETE'))
+        self.assertIsNone(match)
+
+        match = urlmap.match(
+            self._make_environ('/%s/sync-from/x' % dbname, 'POST'))
+        self.assertEqual(uuid, match.get('uuid'))
+        self.assertEqual('x', match.get('source_replica_uid'))
 
 
 @pytest.mark.usefixtures("method_tmpdir")
author	drebs <drebs@leap.se>	2016-12-18 14:21:54 -0200
committer	Kali Kaneko <kali@leap.se>	2017-02-09 17:41:34 +0100
commit	e73d36621052a69aae327200c063ac1689bcf9e0 (patch)
tree	c53a1d4ab94827147ee0f599e2d344621936cf63 /testing
parent	a39af0e003ba95c9b7ab554aa4a4c5ce316a43c7 (diff)