Ticket #24280 - Add support to authenticate with a login/password.

robblau · robblau · commit 607ec976d752 · 2014-02-06T11:41:08.000-08:00
diff --git a/.gitignore b/.gitignore
@@ -13,6 +13,7 @@
 tests/config
 .coverage
 .cache
+htmlcov
 
 # setup related
 build
diff --git a/shotgun_api3/shotgun.py b/shotgun_api3/shotgun.py
@@ -215,22 +215,26 @@ class Shotgun(object):
 
     def __init__(self,
                  base_url,
-                 script_name,
-                 api_key,
+                 script_name=None,
+                 api_key=None,
                  convert_datetimes_to_utc=True,
                  http_proxy=None,
                  ensure_ascii=True,
                  connect=True,
-				 ca_certs=None):
+				 ca_certs=None,
+                 login=None,
+                 password=None):
         """Initialises a new instance of the Shotgun client.
 
         :param base_url: http or https url to the shotgun server.
 
         :param script_name: name of the client script, used to authenticate
-        to the server.
+        to the server. If script_name is provided, then api_key must be as
+        well and neither login nor password can be provided.
 
         :param api_key: key assigned to the client script, used to
-        authenticate to the server.
+        authenticate to the server.  If api_key is provided, then script_name
+        must be as well and neither login nor password can be provided.
 
         :param convert_datetimes_to_utc: If True date time values are
         converted from local time to UTC time before been sent to the server.
@@ -245,11 +249,42 @@ def __init__(self,
 		
 		:param ca_certs: The path to the SSL certificate file. Useful for users
 		who would like to package their application into an executable.
+
+        :param login: The login to use to authenticate to the server. If login
+        is provided, then password must be as well and neither script_name nor
+        api_key can be provided.
+
+        :param password: The password for the login to use to authenticate to
+        the server. If password is provided, then login must be as well and
+        neither script_name nor api_key can be provided.
         """
 
+        # verify authentication arguments
+        if login is not None or password is not None:
+            if script_name is not None or api_key is not None:
+                raise ValueError("cannot provide both login/password "
+                                 "and script_name/api_key")
+            if login is None:
+                raise ValueError("password provided without login")
+            if password is None:
+                raise ValueError("login provided without password")
+
+        if script_name is not None or api_key is not None:
+            if script_name is None:
+                raise ValueError("api_key provided without script_name")
+            if api_key is None:
+                raise ValueError("script_name provided without api_key")
+
+        if all(v is None for v in [script_name, api_key, login, password]):
+            if connect:
+                raise ValueError("must provide either login/password "
+                                 "or script_name/api_key")
+
         self.config = _Config()
         self.config.api_key = api_key
         self.config.script_name = script_name
+        self.config.user_login = login
+        self.config.user_password = password
         self.config.convert_datetimes_to_utc = convert_datetimes_to_utc
         self.config.no_ssl_validation = NO_SSL_VALIDATION
         self._connection = None
@@ -350,7 +385,7 @@ def info(self):
 
         :returns: dict of the server meta data.
         """
-        return self._call_rpc("info", None, include_script_name=False)
+        return self._call_rpc("info", None, include_auth_params=False)
 
     def find_one(self, entity_type, filters, fields=None, order=None,
         filter_operator=None, retired_only=False):
@@ -1046,11 +1081,9 @@ def share_thumbnail(self, entities, thumbnail_path=None, source_entity=None,
             "entities" : ','.join(entities_str),
             "source_entity": "%s_%s" % (source_entity['type'], source_entity['id']),
             "filmstrip_thumbnail" : filmstrip_thumbnail,
-            "script_name" : self.config.script_name,
-            "script_key" : self.config.api_key,
         }
-        if self.config.session_uuid:
-            params["session_uuid"] = self.config.session_uuid
+
+        params.update(self._auth_params())
 
         # Create opener with extended form post support
         opener = self._build_opener(FormPostHandler)
@@ -1126,11 +1159,9 @@ def upload(self, entity_type, entity_id, path, field_name=None,
         params = {
             "entity_type" : entity_type,
             "entity_id" : entity_id,
-            "script_name" : self.config.script_name,
-            "script_key" : self.config.api_key,
         }
-        if self.config.session_uuid:
-            params["session_uuid"] = self.config.session_uuid
+
+        params.update(self._auth_params())
 
         if is_thumbnail:
             url = urlparse.urlunparse((self.config.scheme, self.config.server,
@@ -1331,25 +1362,28 @@ def authenticate_human_user(self, user_login, user_password):
 
         if not user_password:
             raise ValueError('Please supply a password for the user.')
-            
+
         # Override permissions on Config obj
+        original_login = self.config.user_login
+        original_password = self.config.user_password
+
         self.config.user_login = user_login
         self.config.user_password = user_password
 
         try:
             data = self.find_one('HumanUser', [['sg_status_list', 'is', 'act'], ['login', 'is', user_login]], ['id', 'login'], '', 'all')
             # Set back to default - There finally and except cannot be used together in python2.4
-            self.config.user_login = None
-            self.config.user_password = None
+            self.config.user_login = original_login
+            self.config.user_password = original_password
             return data
         except Fault:
             # Set back to default - There finally and except cannot be used together in python2.4
-            self.config.user_login = None
-            self.config.user_password = None
+            self.config.user_login = original_login
+            self.config.user_password = original_password
         except:
             # Set back to default - There finally and except cannot be used together in python2.4
-            self.config.user_login = None
-            self.config.user_password = None
+            self.config.user_login = original_login
+            self.config.user_password = original_password
             raise
 
 
@@ -1396,7 +1430,7 @@ def entity_types(self):
     # ========================================================================
     # RPC Functions
 
-    def _call_rpc(self, method, params, include_script_name=True, first=False):
+    def _call_rpc(self, method, params, include_auth_params=True, first=False):
         """Calls the specified method on the Shotgun Server sending the
         supplied payload.
 
@@ -1407,7 +1441,7 @@ def _call_rpc(self, method, params, include_script_name=True, first=False):
 
         params = self._transform_outbound(params)
         payload = self._build_payload(method, params,
-            include_script_name=include_script_name)
+            include_auth_params=include_auth_params)
         encoded_payload = self._encode_payload(payload)
 
         req_headers = {
@@ -1438,7 +1472,31 @@ def _call_rpc(self, method, params, include_script_name=True, first=False):
             return results[0]
         return results
 
-    def _build_payload(self, method, params, include_script_name=True):
+    def _auth_params(self):
+        """ return a dictionary of the authentication parameters being used. """
+        # Used to authenticate HumanUser credentials
+        if self.config.user_login and self.config.user_password:
+            auth_params = {
+                "user_login" : str(self.config.user_login),
+                "user_password" : str(self.config.user_password),
+            }
+
+        # Use script name instead
+        elif self.config.script_name and self.config.api_key:
+            auth_params = {
+                "script_name" : str(self.config.script_name),
+                "script_key" : str(self.config.api_key),
+            }
+
+        else:
+            raise ValueError("invalid auth params")
+
+        if self.config.session_uuid:
+            auth_params["session_uuid"] = self.config.session_uuid
+
+        return auth_params
+
+    def _build_payload(self, method, params, include_auth_params=True):
         """Builds the payload to be send to the rpc endpoint.
 
         """
@@ -1447,28 +1505,8 @@ def _build_payload(self, method, params, include_script_name=True):
 
         call_params = []
 
-        if include_script_name:
-            if not self.config.script_name:
-                raise ValueError("script_name is empty")
-            if not self.config.api_key:
-                raise ValueError("api_key is empty")
-
-            # Used to authenticate HumanUser credentials
-            if self.config.user_login and self.config.user_password:
-                auth_params = {
-                    "user_login" : str(self.config.user_login),
-                    "user_password" : str(self.config.user_password),
-                }
-
-            # Use script name instead
-            else:
-                auth_params = {
-                    "script_name" : str(self.config.script_name),
-                    "script_key" : str(self.config.api_key),
-                }
-
-            if self.config.session_uuid:
-                auth_params["session_uuid"] = self.config.session_uuid
+        if include_auth_params:
+            auth_params = self._auth_params()
             call_params.append(auth_params)
 
         if params:
diff --git a/tests/base.py b/tests/base.py
@@ -19,6 +19,7 @@ class TestBase(unittest.TestCase):
     '''Base class for tests.
 
     Sets up mocking and database test data.'''
+
     def __init__(self, *args, **kws):
         unittest.TestCase.__init__(self, *args, **kws)
         self.human_user     = None
@@ -35,22 +36,31 @@ def __init__(self, *args, **kws):
         self.connect        = False
 
 
-    def setUp(self):
+    def setUp(self, auth_mode='ApiUser'):
         self.config = SgTestConfig()
         self.config.read_config(CONFIG_PATH)
+        self.human_login    = self.config.human_login
         self.human_password = self.config.human_password
         self.server_url     = self.config.server_url
         self.script_name    = self.config.script_name
         self.api_key        = self.config.api_key
         self.http_proxy     = self.config.http_proxy
         self.session_uuid   = self.config.session_uuid
 
-
-        self.sg = api.Shotgun(self.config.server_url,
-                              self.config.script_name,
-                              self.config.api_key,
-                              http_proxy=self.config.http_proxy,
-                              connect=self.connect)
+        if auth_mode == 'ApiUser':
+            self.sg = api.Shotgun(self.config.server_url,
+                                  self.config.script_name,
+                                  self.config.api_key,
+                                  http_proxy=self.config.http_proxy,
+                                  connect=self.connect)
+        elif auth_mode == 'HumanUser':
+            self.sg = api.Shotgun(self.config.server_url,
+                                  login=self.human_login,
+                                  password=self.human_password,
+                                  http_proxy=self.config.http_proxy,
+                                  connect=self.connect)
+        else:
+            raise ValueError("Unknown value for auth_mode: %s" % auth_mode)
 
         if self.config.session_uuid:
             self.sg.set_session_uuid(self.config.session_uuid)
@@ -164,8 +174,8 @@ def _setup_mock_data(self):
 
 class LiveTestBase(TestBase):
     '''Test base for tests relying on connection to server.'''
-    def setUp(self):
-        super(LiveTestBase, self).setUp()
+    def setUp(self, auth_mode='ApiUser'):
+        super(LiveTestBase, self).setUp(auth_mode)
         self.sg_version = self.sg.info()['version'][:3]
         self._setup_db(self.config)
         if self.sg.server_caps.version and \
@@ -244,6 +254,15 @@ def _setup_db(self, config):
         self.local_storage = _find_or_create_entity(self.sg, 'LocalStorage', data, keys)
 
 
+class HumanUserAuthLiveTestBase(LiveTestBase):
+    '''
+    Test base for relying on a Shotgun connection authenticate through the
+    configured login/password pair.
+    '''
+    def setUp(self):
+        super(HumanUserAuthLiveTestBase, self).setUp('HumanUser')
+
+
 class SgTestConfig(object):
     '''Reads test config and holds values'''
     def __init__(self):
diff --git a/tests/test_api.py b/tests/test_api.py
