Ticket #3924: 3924-anonymous-checkers-httpauthsessionwrapper.patch

File 3924-anonymous-checkers-httpauthsessionwrapper.patch, 5.7 KB (added by esteve, 7 years ago)
  • twisted/web/_auth/wrapper.py

    # Bazaar merge directive format 2 (Bazaar 0.90)
    # revision_id: esteve@fluidinfo.com-20090720181923-bjpis47kq4prtugw
    # target_branch: ../trunk/
    # testament_sha1: 671b6ccbb7d5a0465a6ebaafa0ea251fbd4b7b5e
    # timestamp: 2009-07-20 20:26:54 +0200
    # base_revision_id: svn-v4:bbbe8e31-12d6-0310-92fd-\
    #   ac37d47ddeeb:trunk:27161
    # 
    # Begin patch
    === modified file 'twisted/web/_auth/wrapper.py'
     
    1818from twisted.web.resource import IResource, ErrorPage
    1919from twisted.web import util
    2020from twisted.cred import error
    21 
     21from twisted.cred.credentials import Anonymous
    2222
    2323class UnauthorizedResource(object):
    2424    """
     
    105105        """
    106106        authheader = request.getHeader('authorization')
    107107        if not authheader:
    108             return UnauthorizedResource(self._credentialFactories)
     108            return util.DeferredResource(self._login(Anonymous()))
    109109
    110110        factory, respString = self._selectParseHeader(authheader)
    111111        if factory is None:
  • twisted/web/test/test_httpauth.py

    === modified file 'twisted/web/test/test_httpauth.py'
     
    1414from twisted.internet.address import IPv4Address
    1515
    1616from twisted.cred import error, portal
    17 from twisted.cred.checkers import InMemoryUsernamePasswordDatabaseDontUse
     17from twisted.cred.checkers import InMemoryUsernamePasswordDatabaseDontUse, \
     18    ANONYMOUS, AllowAnonymousAccess
    1819from twisted.cred.credentials import IUsernamePassword
    1920
    2021from twisted.web.iweb import ICredentialFactory
     
    350351        """
    351352        request = self.makeRequest([self.childName])
    352353        child = self.wrapper.getChildWithDefault(self.childName, request)
    353         self.assertIsInstance(child, UnauthorizedResource)
     354        d = request.notifyFinish()
     355        def cbFinished(result):
     356            self.assertEqual(request.responseCode, 401)
     357        d.addCallback(cbFinished)
     358        render(child, request)
     359        return d
    354360
    355361
    356362    def _invalidAuthorizationTest(self, response):
     
    545551        render(child, request)
    546552        self.assertEqual(request.responseCode, 500)
    547553        self.assertEqual(len(self.flushLoggedErrors(UnexpectedException)), 1)
     554
     555    def test_anonymousAccess(self):
     556        """
     557        Anonymous requests are allowed if a L{Portal} has an anonymous checker
     558        registered.
     559        """
     560        unprotectedContents = "contents of the unprotected child resource"
     561
     562        class UnprotectedResource(Resource):
     563
     564            def render_GET(self, request):
     565                return unprotectedContents
     566
     567        self.avatars[ANONYMOUS] = UnprotectedResource()
     568        self.portal.registerChecker(AllowAnonymousAccess())
     569        self.credentialFactories.append(BasicCredentialFactory('example.com'))
     570        request = self.makeRequest([self.childName])
     571        child = getChildForRequest(self.wrapper, request)
     572        d = request.notifyFinish()
     573        def cbFinished(ignored):
     574            self.assertEquals(request.written, [unprotectedContents])
     575        d.addCallback(cbFinished)
     576        render(child, request)
     577        return d