summaryrefslogtreecommitdiffstats
path: root/utils/test/testapi/opnfv_testapi/common
diff options
context:
space:
mode:
Diffstat (limited to 'utils/test/testapi/opnfv_testapi/common')
-rw-r--r--utils/test/testapi/opnfv_testapi/common/check.py24
-rw-r--r--utils/test/testapi/opnfv_testapi/common/message.py8
2 files changed, 27 insertions, 5 deletions
diff --git a/utils/test/testapi/opnfv_testapi/common/check.py b/utils/test/testapi/opnfv_testapi/common/check.py
index acd331784..e80b1c6b7 100644
--- a/utils/test/testapi/opnfv_testapi/common/check.py
+++ b/utils/test/testapi/opnfv_testapi/common/check.py
@@ -10,19 +10,33 @@ import functools
import re
from tornado import gen
-from tornado import web
+from opnfv_testapi.common import constants
from opnfv_testapi.common import message
from opnfv_testapi.common import raises
from opnfv_testapi.db import api as dbapi
-def authenticate(method):
- @web.asynchronous
- @gen.coroutine
+def is_authorized(method):
@functools.wraps(method)
def wrapper(self, *args, **kwargs):
- if self.auth:
+ if self.table in ['pods']:
+ testapi_id = self.get_secure_cookie(constants.TESTAPI_ID)
+ if not testapi_id:
+ raises.Unauthorized(message.not_login())
+ user_info = yield dbapi.db_find_one('users', {'user': testapi_id})
+ if not user_info:
+ raises.Unauthorized(message.not_lfid())
+ kwargs['owner'] = testapi_id
+ ret = yield gen.coroutine(method)(self, *args, **kwargs)
+ raise gen.Return(ret)
+ return wrapper
+
+
+def valid_token(method):
+ @functools.wraps(method)
+ def wrapper(self, *args, **kwargs):
+ if self.auth and self.table == 'results':
try:
token = self.request.headers['X-Auth-Token']
except KeyError:
diff --git a/utils/test/testapi/opnfv_testapi/common/message.py b/utils/test/testapi/opnfv_testapi/common/message.py
index 951cbaf9c..8b5c3fb7a 100644
--- a/utils/test/testapi/opnfv_testapi/common/message.py
+++ b/utils/test/testapi/opnfv_testapi/common/message.py
@@ -42,6 +42,14 @@ def invalid_token():
return 'Invalid Token'
+def not_login():
+ return 'TestAPI id is not provided'
+
+
+def not_lfid():
+ return 'Not a valid Linux Foundation Account'
+
+
def no_update():
return 'Nothing to update'