~tribaal/txaws/xss-hardening

« back to all changes in this revision

Viewing changes to txaws/s3/tests/test_acls.py

  • Committer: Duncan McGreggor
  • Date: 2009-11-22 02:20:42 UTC
  • mto: (44.3.2 484858-s3-scripts)
  • mto: This revision was merged to the branch mainline in revision 52.
  • Revision ID: duncan@canonical.com-20091122022042-4zi231hxni1z53xd
* Updated the LICENSE file with copyright information.
* Updated the README with license information.

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
 
from twisted.trial.unittest import TestCase
2
 
 
3
 
from txaws.testing import payload
4
 
from txaws.s3 import acls
5
 
 
6
 
 
7
 
class ACLTestCase(TestCase):
8
 
 
9
 
    def test_owner_to_xml(self):
10
 
        owner = acls.Owner(id='8a6925ce4adf588a4f21c32aa379004fef',
11
 
                           display_name='BucketOwnersEmail@amazon.com')
12
 
        xml_bytes = owner.to_xml()
13
 
        self.assertEquals(xml_bytes, """\
14
 
<Owner>
15
 
  <ID>8a6925ce4adf588a4f21c32aa379004fef</ID>
16
 
  <DisplayName>BucketOwnersEmail@amazon.com</DisplayName>
17
 
</Owner>
18
 
""")
19
 
 
20
 
    def test_grantee_canonical_missing_parameter(self):
21
 
        self.assertRaises(
22
 
            ValueError, acls.Grantee,
23
 
            {'id': '8a6925ce4adf588a4f21c32aa379004fef'})
24
 
        self.assertRaises(
25
 
            ValueError, acls.Grantee,
26
 
            {'display_name': 'BucketOwnersEmail@amazon.com'})
27
 
 
28
 
    def test_grantee_canonical_to_xml(self):
29
 
        grantee = acls.Grantee(id='8a6925ce4adf588a4f21c32aa379004fef',
30
 
                               display_name='BucketOwnersEmail@amazon.com')
31
 
        xml_bytes = grantee.to_xml()
32
 
        self.assertEquals(xml_bytes, """\
33
 
<Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"\
34
 
 xsi:type="CanonicalUser">
35
 
  <ID>8a6925ce4adf588a4f21c32aa379004fef</ID>
36
 
  <DisplayName>BucketOwnersEmail@amazon.com</DisplayName>
37
 
</Grantee>
38
 
""")
39
 
 
40
 
    def test_grantee_email_to_xml(self):
41
 
        grantee = acls.Grantee(email_address="BucketOwnersEmail@amazon.com")
42
 
        xml_bytes = grantee.to_xml()
43
 
        self.assertEquals(xml_bytes, """\
44
 
<Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"\
45
 
 xsi:type="AmazonCustomerByEmail">
46
 
  <EmailAddress>BucketOwnersEmail@amazon.com</EmailAddress>
47
 
</Grantee>
48
 
""")
49
 
 
50
 
    def test_grantee_uri_to_xml(self):
51
 
        grantee = acls.Grantee(
52
 
            uri='http://acs.amazonaws.com/groups/global/AuthenticatedUsers')
53
 
        xml_bytes = grantee.to_xml()
54
 
        self.assertEquals(xml_bytes, """\
55
 
<Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"\
56
 
 xsi:type="Group">
57
 
  <URI>http://acs.amazonaws.com/groups/global/AuthenticatedUsers</URI>
58
 
</Grantee>
59
 
""")
60
 
 
61
 
    def test_grant_to_xml(self):
62
 
        grantee = acls.Grantee(id='8a6925ce4adf588a4f21c32aa379004fef',
63
 
                               display_name='BucketOwnersEmail@amazon.com')
64
 
        grant = acls.Grant(grantee, 'FULL_CONTROL')
65
 
        xml_bytes = grant.to_xml()
66
 
        self.assertEquals(xml_bytes, """\
67
 
<Grant>
68
 
  <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"\
69
 
 xsi:type="CanonicalUser">
70
 
    <ID>8a6925ce4adf588a4f21c32aa379004fef</ID>
71
 
    <DisplayName>BucketOwnersEmail@amazon.com</DisplayName>
72
 
  </Grantee>
73
 
  <Permission>FULL_CONTROL</Permission>
74
 
</Grant>
75
 
""")
76
 
 
77
 
    def test_access_control_policy_to_xml(self):
78
 
        grantee = acls.Grantee(id='8a6925ce4adf588a4f21c32aa379004fef',
79
 
                               display_name='foo@example.net')
80
 
        grant1 = acls.Grant(grantee, 'FULL_CONTROL')
81
 
        grantee = acls.Grantee(id='8a6925ce4adf588a4f21c32aa37900feed',
82
 
                               display_name='bar@example.net')
83
 
        grant2 = acls.Grant(grantee, 'READ')
84
 
        owner = acls.Owner(id='8a6925ce4adf588a4f21c32aa37900beef',
85
 
                           display_name='baz@example.net')
86
 
        acp = acls.AccessControlPolicy(owner=owner,
87
 
                                       access_control_list=[grant1, grant2])
88
 
        xml_bytes = acp.to_xml()
89
 
        self.assertEquals(xml_bytes,
90
 
                          payload.sample_access_control_policy_result)
91
 
 
92
 
    def test_permission_enum(self):
93
 
        grantee = acls.Grantee(id='8a6925ce4adf588a4f21c32aa379004fef',
94
 
                               display_name='BucketOwnersEmail@amazon.com')
95
 
        acls.Grant(grantee, 'FULL_CONTROL')
96
 
        acls.Grant(grantee, 'WRITE')
97
 
        acls.Grant(grantee, 'WRITE_ACP')
98
 
        acls.Grant(grantee, 'READ')
99
 
        acls.Grant(grantee, 'READ_ACP')
100
 
        self.assertRaises(ValueError, acls.Grant, grantee, 'GO_HOG_WILD')
101
 
 
102
 
    def test_from_xml(self):
103
 
        policy = acls.AccessControlPolicy.from_xml(
104
 
            payload.sample_access_control_policy_result)
105
 
        self.assertEquals(policy.owner.id,
106
 
                          '8a6925ce4adf588a4f21c32aa37900beef')
107
 
        self.assertEquals(policy.owner.display_name, 'baz@example.net')
108
 
        self.assertEquals(len(policy.access_control_list), 2)
109
 
        grant1 = policy.access_control_list[0]
110
 
        self.assertEquals(grant1.grantee.id,
111
 
                          '8a6925ce4adf588a4f21c32aa379004fef')
112
 
        self.assertEquals(grant1.grantee.display_name, 'foo@example.net')
113
 
        self.assertEquals(grant1.permission, 'FULL_CONTROL')
114
 
        grant2 = policy.access_control_list[1]
115
 
        self.assertEquals(grant2.grantee.id,
116
 
                          '8a6925ce4adf588a4f21c32aa37900feed')
117
 
        self.assertEquals(grant2.grantee.display_name, 'bar@example.net')
118
 
        self.assertEquals(grant2.permission, 'READ')