Table Of Contents

Previous topic

10.2. LDAPServer data injection

Next topic

11. Plugin base functions

10.3. UserList data injection

To inject user defined User List policies database into the UserList API when testing outside the SPS box.

Patch/overwrite the safeguard.sessions.plugin_impl.user_list.user_lists with your own database. The user_lists is a dictionary where the key is the name of the User List policy to define, and the value is itself a dictionary with keys “allow” and “except” that define the default mode and exceptions for the User List - like on the Web interface.

10.3.1. Example usage

from safeguard.sessions.plugin import UserList
from safeguard.sessions.plugin import PluginConfiguration as PluginConfig
from safeguard.sessions.plugin_impl.user_list import user_lists

# Data injection of a list called user_whitelist
user_lists["user_whitelist"] = {"allow": "no_user", "except": ["user1"]}

# Test the injected data
pc = PluginConfig('''
[user_list]
name=user_whitelist
''')

ul = UserList.from_config(pc)

assert ul.check_user('user1') is True
assert ul.check_user('other_user') is False

10.3.2. Example usage with pytest and monkeypatch

from safeguard.sessions.plugin import UserList
from safeguard.sessions.plugin import PluginConfiguration as PluginConfig
from safeguard.sessions.plugin_impl.user_list import user_lists

def test_user_list(monkeypatch):
    # Data injection
    testdb = {
        "allow": "no_user", "except": ["user1"]
    }
    monkeypatch.setitem(user_lists, 'user_whitelist', testdb)

    # Test the injected data
    pc = PluginConfig('''
    [user_list]
    name=user_whitelist
    ''')

    ul = UserList.from_config(pc)

    assert ul.check_user('user1') is True
    assert ul.check_user('other_user') is False