Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / google-api-python-client / 0fd1853b95bf3d79253f771053ddeb347ac2563b^! / . / tests
commit0fd1853b95bf3d79253f771053ddeb347ac2563b[log] [tgz]
authorJoe Gregorio <jcgregorio@google.com>Fri Aug 24 15:54:40 2012 -0400
committerJoe Gregorio <jcgregorio@google.com>Fri Aug 24 15:54:40 2012 -0400
tree66fc4ab65e5799e1824b97e4c6b6cf3fd8206f4f
parent1b425aab261532e775551125c8f7aca3562de144 [diff]
Do not allow credentials files to be symlinks.
Reviewed in https://codereview.appspot.com/6476062/.

diff --git a/tests/test_oauth2client_file.py b/tests/test_oauth2client_file.py
index 596a4b6..7c65677 100644
--- a/tests/test_oauth2client_file.py
+++ b/tests/test_oauth2client_file.py

@@ -32,12 +32,13 @@
 import unittest
 
 from apiclient.http import HttpMockSequence
+from oauth2client import file
+from oauth2client import locked_file
 from oauth2client import multistore_file
 from oauth2client.anyjson import simplejson
 from oauth2client.client import AccessTokenCredentials
 from oauth2client.client import AssertionCredentials
 from oauth2client.client import OAuth2Credentials
-from oauth2client.file import Storage
 
 
 FILENAME = tempfile.mktemp('oauth2client_test.data')
@@ -58,10 +59,23 @@
       pass
 
   def test_non_existent_file_storage(self):
-    s = Storage(FILENAME)
+    s = file.Storage(FILENAME)
     credentials = s.get()
     self.assertEquals(None, credentials)
 
+  def test_no_sym_link_credentials(self):
+    if hasattr(os, 'symlink'):
+      SYMFILENAME = FILENAME + '.sym'
+      os.symlink(FILENAME, SYMFILENAME)
+      s = file.Storage(SYMFILENAME)
+      try:
+        s.get()
+        self.fail('Should have raised an exception.')
+      except file.CredentialsFileSymbolicLinkError:
+        pass
+      finally:
+        os.unlink(SYMFILENAME)
+
   def test_pickle_and_json_interop(self):
     # Write a file with a pickled OAuth2Credentials.
     access_token = 'foo'
@@ -83,13 +97,13 @@
 
     # Storage should be not be able to read that object, as the capability to
     # read and write credentials as pickled objects has been removed.
-    s = Storage(FILENAME)
+    s = file.Storage(FILENAME)
     read_credentials = s.get()
     self.assertEquals(None, read_credentials)
 
     # Now write it back out and confirm it has been rewritten as JSON
     s.put(credentials)
-    f = file(FILENAME)
+    f = open(FILENAME)
     data = simplejson.load(f)
     f.close()
 
@@ -111,7 +125,7 @@
         refresh_token, token_expiry, token_uri,
         user_agent)
 
-    s = Storage(FILENAME)
+    s = file.Storage(FILENAME)
     s.put(credentials)
     credentials = s.get()
     new_cred = copy.copy(credentials)
@@ -135,7 +149,7 @@
         refresh_token, token_expiry, token_uri,
         user_agent)
 
-    s = Storage(FILENAME)
+    s = file.Storage(FILENAME)
     s.put(credentials)
     credentials = s.get()
     self.assertNotEquals(None, credentials)
@@ -149,7 +163,7 @@
 
     credentials = AccessTokenCredentials(access_token, user_agent)
 
-    s = Storage(FILENAME)
+    s = file.Storage(FILENAME)
     credentials = s.put(credentials)
     credentials = s.get()
 
@@ -188,6 +202,22 @@
       self.assertTrue(store._multistore._read_only)
     os.chmod(FILENAME, 0600)
 
+  def test_multistore_no_symbolic_link_files(self):
+    if hasattr(os, 'symlink'):
+      SYMFILENAME = FILENAME + 'sym'
+      os.symlink(FILENAME, SYMFILENAME)
+      store = multistore_file.get_credential_storage(
+          SYMFILENAME,
+          'some_client_id',
+          'user-agent/1.0',
+          ['some-scope', 'some-other-scope'])
+      try:
+        store.get()
+        self.fail('Should have raised an exception.')
+      except locked_file.CredentialsFileSymbolicLinkError:
+        pass
+      finally:
+        os.unlink(SYMFILENAME)
 
   def test_multistore_non_existent_file(self):
     store = multistore_file.get_credential_storage(