about unit test on auth fail

Wed, 16 Mar 2011 17:37:35 -0700 

Hello all.

After I read this
http://docs.pylonsproject.org/projects/pyramid/1.0/narr/testing.html#using-the-configurator-and-pyramid-testing-apis-in-unit-tests
.

I try to unit test my auth policy, and my unit test about auth is
still fail (Forbidden not raised).

But I can get forbidden view when user is not login on the browser.

Is anyone who can tell me what I miss?

Thanks a lot!

This is the ACL.
__acl__ = [(Allow, Everyone, 'view'), (Allow, Authenticated, 'auth')]

======================================================================

----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/ytshen/proj/tests.py", line 104, in
test_upload_forbidden
    self.assertRaises(Forbidden, upload, context, request)
AssertionError: Forbidden not raised


The following is my unit test code:
=============================

    def test_upload_forbidden(self):
        from pyramid.exceptions import Forbidden
        from views import upload
        from pyramid_beaker import set_cache_regions_from_settings

        settings = set_cache_settings()
        set_cache_regions_from_settings(settings)
        self.config.testing_securitypolicy(permissive=False)
        request = testing.DummyRequest()
        context = testing.DummyResource()
        self.assertRaises(Forbidden, upload, context, request)

This is view
=============================
@view_config(context=proj.models.Root', name='upload',
             renderer='proj:templates/upload.pt',
             permission='auth')
@cache_region('default_term')
def upload(context, request):
    headerTPL = get_renderer('templates/header.pt').implementation()
    footerTPL = get_renderer('templates/footer.pt').implementation()
    session = request.session
    logged_in = authenticated_userid(request)

    return dict(
        headerTPL = headerTPL,
        footerTPL = footerTPL,
        session = session,
        logged_in = logged_in,
        url = request.application_url + '/upload'
    )

def forbidden_view(request):
    headerTPL = get_renderer('templates/header.pt').implementation()
    footerTPL = get_renderer('templates/footer.pt').implementation()
    message = 'Please login for this function'
    return dict(
        headerTPL = headerTPL,
        footerTPL = footerTPL,
        message = message,
        username = '',
        url = request.application_url + '/signin'
    )

-- 
You received this message because you are subscribed to the Google Groups 
"pylons-discuss" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to 
[email protected].
For more options, visit this group at 
http://groups.google.com/group/pylons-discuss?hl=en.

Reply via email to