commit
b85fc5bed6
@ -388,7 +388,7 @@ class Application:
|
|||||||
self.logger.info("%s refused" % (user or "Anonymous user"))
|
self.logger.info("%s refused" % (user or "Anonymous user"))
|
||||||
status = client.UNAUTHORIZED
|
status = client.UNAUTHORIZED
|
||||||
realm = self.configuration.get("server", "realm")
|
realm = self.configuration.get("server", "realm")
|
||||||
headers = headers.copy()
|
headers = dict(headers)
|
||||||
headers.update ({
|
headers.update ({
|
||||||
"WWW-Authenticate":
|
"WWW-Authenticate":
|
||||||
"Basic realm=\"%s\"" % realm})
|
"Basic realm=\"%s\"" % realm})
|
||||||
|
@ -134,10 +134,12 @@ class Rights(BaseRights):
|
|||||||
self.logger.debug(
|
self.logger.debug(
|
||||||
"Test if '%s:%s' matches against '%s:%s' from section '%s'",
|
"Test if '%s:%s' matches against '%s:%s' from section '%s'",
|
||||||
user, sane_path, re_user, re_collection, section)
|
user, sane_path, re_user, re_collection, section)
|
||||||
user_match = re.fullmatch(re_user, user)
|
# Emulate fullmatch
|
||||||
|
user_match = re.match(r"(?:%s)\Z" % re_user, user)
|
||||||
if user_match:
|
if user_match:
|
||||||
re_collection = re_collection.format(*user_match.groups())
|
re_collection = re_collection.format(*user_match.groups())
|
||||||
if re.fullmatch(re_collection, sane_path):
|
# Emulate fullmatch
|
||||||
|
if re.match(r"(?:%s)\Z" % re_collection, sane_path):
|
||||||
self.logger.debug("Section '%s' matches", section)
|
self.logger.debug("Section '%s' matches", section)
|
||||||
return permission in regex.get(section, "permission")
|
return permission in regex.get(section, "permission")
|
||||||
else:
|
else:
|
||||||
|
@ -766,6 +766,14 @@ class BaseRequestsMixIn:
|
|||||||
assert status == 207
|
assert status == 207
|
||||||
assert "href>/user/<" in answer
|
assert "href>/user/<" in answer
|
||||||
|
|
||||||
|
def test_authentication(self):
|
||||||
|
"""Test if server sends authentication request."""
|
||||||
|
self.configuration.set("rights", "type", "owner_only")
|
||||||
|
self.application = Application(self.configuration, self.logger)
|
||||||
|
status, headers, answer = self.request("MKCOL", "/user/")
|
||||||
|
assert status in (401, 403)
|
||||||
|
assert headers.get("WWW-Authenticate")
|
||||||
|
|
||||||
def test_principal_collection_creation(self):
|
def test_principal_collection_creation(self):
|
||||||
"""Verify existence of the principal collection."""
|
"""Verify existence of the principal collection."""
|
||||||
status, headers, answer = self.request(
|
status, headers, answer = self.request(
|
||||||
|
Loading…
Reference in New Issue
Block a user