Skip to content

Commit

Permalink
Add docstring to check_auth_request
Browse files Browse the repository at this point in the history 
Add test coverage for `get_permissions` and `ClientPermissions`
  • Loading branch information
@NeonDaniel
NeonDaniel committed Apr 24, 2024
1 parent 7a3d27d commit 7847c30
Show file tree
Hide file tree
Showing 2 changed files with 65 additions and 3 deletions.
11 changes: 10 additions & 1 deletion neon_hana/auth/client_manager.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,16 @@ def get_permissions(self, client_id: str) -> ClientPermissions:

def check_auth_request(self, client_id: str, username: str,
password: Optional[str] = None,
origin_ip: str = "127.0.0.1"):
origin_ip: str = "127.0.0.1") -> dict:
"""
Authenticate and Authorize a new client connection with the specified
username, password, and origin IP address.
@param client_id: Client ID of the connection to auth
@param username: Supplied username to authenticate
@param password: Supplied password to authenticate
@param origin_ip: Origin IP address of request
@return: response tokens, permissions, and other metadata
"""
if client_id in self.authorized_clients:
print(f"Using cached client: {self.authorized_clients[client_id]}")
return self.authorized_clients[client_id]
Expand Down
57 changes: 55 additions & 2 deletions tests/test_auth.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -147,5 +147,58 @@ def test_check_refresh_request(self):
self.client_manager._refresh_token_lifetime = real_refresh

def test_get_permissions(self):
# TODO: Test with auth enabled/disabled, node/non-node user
pass
from neon_hana.auth.permissions import ClientPermissions

node_user = "node_test"
rest_user = "rest_user"
self.client_manager._node_username = node_user
self.client_manager._node_password = node_user

rest_resp = self.client_manager.check_auth_request(rest_user, rest_user)
node_resp = self.client_manager.check_auth_request(node_user, node_user,
node_user)
node_fail = self.client_manager.check_auth_request("node_fail",
node_user, rest_user)

rest_cid = rest_resp['client_id']
node_cid = node_resp['client_id']
fail_cid = node_fail['client_id']

permissive = ClientPermissions(True, True, True)
no_node = ClientPermissions(True, True, False)
no_perms = ClientPermissions(False, False, False)

# Auth disabled, returns all True
self.client_manager._disable_auth = True
self.assertEqual(self.client_manager.get_permissions(rest_cid),
permissive)
self.assertEqual(self.client_manager.get_permissions(node_cid),
permissive)
self.assertEqual(self.client_manager.get_permissions(rest_cid),
permissive)
self.assertEqual(self.client_manager.get_permissions(fail_cid),
permissive)
self.assertEqual(self.client_manager.get_permissions("fake_user"),
permissive)

# Auth enabled
self.client_manager._disable_auth = False
self.assertEqual(self.client_manager.get_permissions(rest_cid), no_node)
self.assertEqual(self.client_manager.get_permissions(node_cid),
permissive)
self.assertEqual(self.client_manager.get_permissions(fail_cid), no_node)
self.assertEqual(self.client_manager.get_permissions("fake_user"),
no_perms)

def test_client_permissions(self):
from neon_hana.auth.permissions import ClientPermissions
default_perms = ClientPermissions()
restricted_perms = ClientPermissions(False, False, False)
permissive_perms = ClientPermissions(True, True, True)
self.assertIsInstance(default_perms.as_dict(), dict)
for v in default_perms.as_dict().values():
self.assertIsInstance(v, bool)
self.assertIsInstance(restricted_perms.as_dict(), dict)
self.assertFalse(any([v for v in restricted_perms.as_dict().values()]))
self.assertIsInstance(permissive_perms.as_dict(), dict)
self.assertTrue(all([v for v in permissive_perms.as_dict().values()]))

0 comments on commit 7847c30

Please sign in to comment.