summaryrefslogtreecommitdiff
path: root/testing
diff options
context:
space:
mode:
authordrebs <drebs@leap.se>2016-12-18 12:56:21 -0200
committerKali Kaneko <kali@leap.se>2017-02-09 17:41:33 +0100
commita39af0e003ba95c9b7ab554aa4a4c5ce316a43c7 (patch)
tree1f7bb3b42724f3646af6ebe77509a70a924a5963 /testing
parentdb7607768310c9f9993d771cf1951d396be2554b (diff)
[bug] disallow all requests to "user-{uuid}/"
Diffstat (limited to 'testing')
-rw-r--r--testing/tests/server/test_server.py8
1 files changed, 4 insertions, 4 deletions
diff --git a/testing/tests/server/test_server.py b/testing/tests/server/test_server.py
index 6710caaf..cae2e75c 100644
--- a/testing/tests/server/test_server.py
+++ b/testing/tests/server/test_server.py
@@ -110,7 +110,7 @@ class ServerAuthorizationTestCase(BaseSoledadTest):
/shared-db/docs | -
/shared-db/doc/{id} | GET, PUT, DELETE
/shared-db/sync-from/{source} | -
- /user-db | GET, PUT, DELETE
+ /user-db | -
/user-db/docs | -
/user-db/doc/{id} | -
/user-db/sync-from/{source} | GET, PUT, POST
@@ -174,13 +174,13 @@ class ServerAuthorizationTestCase(BaseSoledadTest):
authmap.is_authorized(
self._make_environ('/shared/sync-from/x', 'POST')))
# test user-db database resource auth
- self.assertTrue(
+ self.assertFalse(
authmap.is_authorized(
self._make_environ('/%s' % dbname, 'GET')))
- self.assertTrue(
+ self.assertFalse(
authmap.is_authorized(
self._make_environ('/%s' % dbname, 'PUT')))
- self.assertTrue(
+ self.assertFalse(
authmap.is_authorized(
self._make_environ('/%s' % dbname, 'DELETE')))
self.assertFalse(