'''Provide a way to configure PGWUI.
'''
+from ast import literal_eval
from pyramid.config import Configurator
# Constants
'dry_run',
'route_prefix',
'routes',
+ 'validate_hmac',
])
+# Required length of HMAC value
+HMAC_LEN = 40
+
# Exceptions
class Error(Exception):
super().__init__('Unknown PGWUI setting: {}'.format(key))
+class BadHMACError(Error):
+ pass
+
+
+class NoHMACError(BadHMACError):
+ def __init__(self):
+ super().__init__('Missing session.secret configuration')
+
+
+class HMACLengthError(BadHMACError):
+ def __init__(self):
+ super().__init__(
+ 'The session.secret value is not {} characters in length'
+ .format(HMAC_LEN))
+
+
# Functions
def abort_on_bad_setting(key):
raise UnknownSettingKeyError(key)
+def do_validate_hmac(settings):
+ '''True unless the user has specificly rejected hmac validation
+ '''
+ return ('pgwui.validate_hmac' not in settings
+ or literal_eval(settings['pgwui.validate_hmac']))
+
+
+def validate_hmac(settings):
+ '''Unless otherwise requested, validate the session.secret setting'''
+ if not do_validate_hmac(settings):
+ return
+
+ if 'session.secret' not in settings:
+ raise NoHMACError()
+
+ if len(settings['session.secret']) != HMAC_LEN:
+ raise HMACLengthError()
+
+
def validate_settings(settings):
'''Be sure all settings validate
'''
for key in settings.keys():
abort_on_bad_setting(key)
+ validate_hmac(settings)
def parse_assignments(lines):
import pgwui_server.__init__ as pgwui_server_init
+# Constants
+
+TEST_SETTINGS = {
+ 'pgwui.validate_hmac': 'False',
+}
+
+
# Use contextlib.AbstractContextManager for Python >= 3.6
class MockConfigurator():
def __init__(self, **kwargs):
pgwui_server_init.abort_on_bad_setting('pgwui.pg_host')
+# do_validate_hmac()
+
+def test_do_validate_hmac_none():
+ '''pgwui.validate_hmac defaults to True'''
+ assert pgwui_server_init.do_validate_hmac({}) is True
+
+
+def test_do_validate_hmac_True():
+ '''Require hmac validation when pgwui.validate_hmac is True'''
+ result = pgwui_server_init.do_validate_hmac(
+ {'pgwui.validate_hmac': 'True'})
+ assert result is True
+
+
+def test_do_validate_hmac_False():
+ '''No hmac validation when pgwui.validate_hmac is False'''
+ result = pgwui_server_init.do_validate_hmac(
+ {'pgwui.validate_hmac': 'False'})
+ assert result is False
+
+
+# validate_hmac()
+
+def test_validate_hmac_unvalidated(monkeypatch):
+ '''No error is raised when hmac validation is off'''
+ monkeypatch.setattr(pgwui_server_init, 'do_validate_hmac',
+ lambda *args: False)
+ pgwui_server_init.validate_hmac({})
+
+
+def test_validate_hmac_success(monkeypatch):
+ '''No error is raised when hmac is validated an the right length'''
+ monkeypatch.setattr(pgwui_server_init, 'do_validate_hmac',
+ lambda *args: True)
+ pgwui_server_init.validate_hmac(
+ {'session.secret': 'x' * pgwui_server_init.HMAC_LEN})
+
+
+def test_validate_hmac_missing(monkeypatch):
+ '''Raise error when hmac is validated and missing'''
+ monkeypatch.setattr(pgwui_server_init, 'do_validate_hmac',
+ lambda *args: True)
+ with pytest.raises(pgwui_server_init.NoHMACError):
+ pgwui_server_init.validate_hmac({})
+
+
+def test_validate_hmac_length(monkeypatch):
+ '''Raise error when hmac is validated and the wrong length'''
+ monkeypatch.setattr(pgwui_server_init, 'do_validate_hmac',
+ lambda *args: True)
+ with pytest.raises(pgwui_server_init.HMACLengthError):
+ pgwui_server_init.validate_hmac({'session.secret': ''})
+
+
# validate_settings()
def test_validate_settings(monkeypatch):
monkeypatch.setattr(pgwui_server_init, 'abort_on_bad_setting',
mock_abort_on_bad_setting)
+ monkeypatch.setattr(pgwui_server_init, 'validate_hmac',
+ lambda *args: None)
settings = {'key1': 'value1',
'key2': 'value2'}
# Integration tests
def test_main_integrated():
'''Does not raise errors or warnings'''
- pgwui_server_init.main({})
+ pgwui_server_init.main({}, **TEST_SETTINGS)
# Functional tests
projects / pgwui_server / commitdiff