如何在python的金字塔框架中设置request.authenticated_userid的值
当我试图将authenticated_userid的属性设置为请求参数时,出现了一个错误。这实际上是我用来模拟请求并查看响应的鼻子测试如何在python的金字塔框架中设置request.authenticated_userid的值,python,pyramid,Python,Pyramid,当我试图将authenticated_userid的属性设置为请求参数时,出现了一个错误。这实际上是我用来模拟请求并查看响应的鼻子测试 Traceback (most recent call last): File "/web/core/pulse/wapi/tests/testWapiUtilities_integration.py", line 652, in setUp setattr(self.request, 'authenticated_userid', self.dat
Traceback (most recent call last):
File "/web/core/pulse/wapi/tests/testWapiUtilities_integration.py", line 652, in setUp
setattr(self.request, 'authenticated_userid', self.data['user'].id)
AttributeError: can't set attribute
代码如下
@attr(can_split=False)
class logSuspiciousRequestAndRaiseHTTPError(IntegrationTestCase):
def setUp(self):
super(logSuspiciousRequestAndRaiseHTTPError, self).setUp()
from pyramid.request import Request
from pyramid.threadlocal import get_current_registry
request = Request({
'SERVER_PROTOCOL': 'testprotocol',
'SERVER_NAME': 'test server name',
'SERVER_PORT': '80',
})
request.context = TestContext()
request.root = request.context
request.subpath = ['path']
request.traversed = ['traversed']
request.view_name = 'test view name'
request.path_info = 'test info'
request.scheme = 'https'
request.host = 'test.com'
request.registry = get_current_registry()
self.request = request
self.data = {}
self.createDefaultData()
self.request.userAccount = self.data['user'].userAccount
# @unittest.skip('Pre-Demo skip. Need to mock userAccountModel')
@mock.patch('pulse.wapi.wapiUtilities.pyramid.threadlocal.get_current_request')
@mock.patch('pulse.wapi.wapiUtilities.securityLog')
def testHasRequest_raises400AndLogsError(
self, securityLog, get_current_request):
# Arrange
get_current_request.return_value = self.request
with self.assertRaises(exception.HTTPBadRequest):
from pulse.wapi.wapiUtilities import logSuspiciousRequestAndRaiseHTTPError
logSuspiciousRequestAndRaiseHTTPError()
self.assertTrue(securityLog.called)
self.assertTrue(securityLog.return_value.info.called)
我正在创建一个虚拟请求,并向请求添加属性
当调用此方法log猜疑请求和RaiseHttPeror()
时,该方法将解析请求以获取用户帐户
userAccountID=authenticated_userid(self.request)
这将返回None
,因为请求没有属性self.request.authenticated\u userid
如果您需要任何其他信息,请告诉我。
authenticated\u userid
是身份验证框架设置的具体化属性
看
请提供更多代码,说明您是如何设置请求的,因为在当前形式下,问题没有给出准确答案的详细信息。最终我得到了解决方案 我添加了
self.config=testing.setUp()
添加userAccountId作为测试安全策略的模拟值
@attr(can_split=False)
class logSuspiciousRequestAndRaiseHTTPError(IntegrationTestCase):
def setUp(self):
super(logSuspiciousRequestAndRaiseHTTPError, self).setUp()
from pyramid.request import Request
from pyramid.threadlocal import get_current_registry
self.config = testing.setUp()
request = Request({
'SERVER_PROTOCOL': 'testprotocol',
'SERVER_NAME': 'test server name',
'SERVER_PORT': '80',
})
request.context = TestContext()
request.root = request.context
request.subpath = ['path']
request.traversed = ['traversed']
request.view_name = 'test view name'
request.path_info = 'test info'
request.scheme = 'https'
request.host = 'test.com'
request.registry = get_current_registry()
self.request = request
self.data = {}
self.createDefaultData()
self.request.userAccount = self.data['user'].userAccount
@mock.patch('pulse.wapi.wapiUtilities.pyramid.threadlocal.get_current_request')
@mock.patch('pulse.wapi.wapiUtilities.securityLog')
def testHasRequest_raises400AndLogsError(
self, securityLog, get_current_request):
# Arrange
get_current_request.return_value = self.request
self.loggedInUser = self.data['user']
self.config.testing_securitypolicy(
userid=self.data['user'].userAccount.id, permissive=True
)
with self.assertRaises(exception.HTTPBadRequest):
from pulse.wapi.wapiUtilities import logSuspiciousRequestAndRaiseHTTPError
logSuspiciousRequestAndRaiseHTTPError()
self.assertTrue(securityLog.called)
self.assertTrue(securityLog.return_value.info.called)
由于
authenticated\u userid
是来自底层身份验证策略的具体化属性,因此在执行测试时不能在DummyRequest
中直接设置它。这意味着以下两个都不起作用:
# Will NOT work
dummy_request = DummyRequest(authenticated_userid='mock_user')
# Also will NOT work
dummy_request = DummyRequest()
dummy_request.authenticated_userid = 'mock_user'
相反,如果我们希望能够控制测试的authenticated\u userid
(或者验证策略的其他方面),我们需要更改正在运行的测试的底层金字塔配置。为此,您需要了解一下pyramid.testing.setUp
()。这将返回一个config对象,它可以做很多事情,但对我们来说重要的是testing\u securitypolicy
方法()
testing\u securitypolicy
允许我们从auth的角度对请求进行精确的控制。查看其文档了解详细信息,但通过它,我们可以为请求设置已验证的\u userid
,使其忽略权限要求,等等
下面是一个在测试中使用的示例:
from pyramid.testing import (setUp, tearDown, DummyRequest)
def test_some_view():
config = setUp()
config.testing_securitypolicy(userid='mock_user') # Sets authenticated_userid
dummy_request = DummyRequest()
print(dummy_request.authenticated_userid) # Prints 'mock_user'
# Now ready to test something that uses request.authenticated_userid
from mypyramidapp.views.secure import some_auth_view
result = some_auth_view(dummy_request)
expected = 'Hello mock_user!'
assert result == expected
# Finally, to avoid security changes leaking to other tests, use tearDown
tearDown() # Undo the effects of pyramid.testing.setUp()
from pyramid.testing import (setUp, tearDown, DummyRequest)
def test_some_view():
config = setUp()
config.testing_securitypolicy(userid='mock_user') # Sets authenticated_userid
dummy_request = DummyRequest()
print(dummy_request.authenticated_userid) # Prints 'mock_user'
# Now ready to test something that uses request.authenticated_userid
from mypyramidapp.views.secure import some_auth_view
result = some_auth_view(dummy_request)
expected = 'Hello mock_user!'
assert result == expected
# Finally, to avoid security changes leaking to other tests, use tearDown
tearDown() # Undo the effects of pyramid.testing.setUp()