class MandrillWebhookView(View):
permission = AllowAny()
def head(self, *args, **kwargs):
return HttpResponse()
def post(self, request, *args, **kwargs):
try:
data = json.loads(request.POST.get('mandrill_events'))
except TypeError:
return HttpResponse(status=400)
for event in data:
try:
self.process_event(event)
except Exception as ex: # pylint: disable=W0703
logger.exception(ex)
return HttpResponse()
def process_event(self, event_dict):
message_id = event_dict.get('_id', None)
if message_id:
message = get_object_or_none(
EmailMessage,
extra_sender_data__contains='"_id":"{}"'.format(message_id))
if message:
message.change_and_save(last_webhook_received_at=now())
class MandrillWebhookView(View):
permission = AllowAny()
def head(self, *args, **kwargs):
return HttpResponse()
def post(self, request, *args, **kwargs):
try:
data = json.loads(request.POST.get('mandrill_events'))
except TypeError:
return HttpResponse(status=400)
for event in data:
try:
self.process_event(event)
except Exception as ex: # pylint: disable=W0703
logger.exception(ex)
return HttpResponse()
def process_event(self, event_dict):
message_id = event_dict.get('_id', None)
if message_id:
message = EmailMessage.objects.filter(
external_id=message_id).first()
if message:
message.change_and_save(last_webhook_received_at=now())
class InlineView(ContextMixin):
template_name = None
permission = AllowAny()
def __init__(self, request, parent_view, parent_instance):
self.request = request
self.parent_view = parent_view
self.parent_instance = parent_instance
assert self.permission, 'Permissions must be set'
def can_render(self):
return self.permission.has_permission('read', self.request, self)
def render(self, context, title):
assert self.can_render(), 'Inline view cannot be rendered'
template = self.template_name
context.update(self.get_context_data(title=title))
return render_to_string(template, context.flatten())
def __copy__(self):
return self
def __deepcopy__(self, memo):
return self
def test_fields_list_permission_sould_return_right_readonly_fields(self):
field_list_permission = FieldsListPermission(permission=PermissionsSet(
read=AllowAny(), edit=ObjIsNotNonePermission()),
fields=('a', 'b', 'c'))
assert_equal(
field_list_permission.get_readonly_fields(None, None, None),
{'a', 'b', 'c'})
assert_equal(field_list_permission.get_readonly_fields(None, None, ''),
set())
class AuthResource(RESTResource):
permission = AllowAny()
csrf_exempt = True
allowed_methods = ('post', 'delete')
form_class = TokenAuthenticationSmartForm
allowed_cookie = False
allowed_header = True
def _sucessful_login(self, request):
pass
def _login(self, user, expiration, form):
login(self.request, user, expiration, allowed_cookie=self.allowed_cookie, allowed_header=self.allowed_header)
def _unsucessful_login(self, request):
pass
def get_form_kwargs(self):
return {'data': self.get_dict_data(), 'request': self.request}
def get_form_class(self):
return self.form_class
def post(self):
if not self.request.data:
raise RESTException(ugettext('Missing data'))
form = self.get_form_class()(**self.get_form_kwargs())
errors = form.is_invalid()
if errors:
self._unsucessful_login(self.request)
return RESTErrorResponse(errors)
self._sucessful_login(self.request)
self._login(form.get_user(), not form.is_permanent(), form)
return {'token': self.request.token.key, 'user': form.get_user()}
def delete(self):
if self.request.user.is_authenticated:
logout(self.request)
return RESTNoContentResponse()
@classmethod
def __init_core__(cls, core, pattern):
cls.core = core
cls.pattern = pattern
def has_delete_permission(self, **kwargs):
return (
self.request.user.is_authenticated and super().has_delete_permission(**kwargs)
)
def test_fields_set_permission_sould_return_right_disallowed_fields(self):
field_set_permission = FieldsSetPermission(
FieldsListPermission(
permission=PermissionsSet(read=ObjIsNotNonePermission()),
fields=('a', 'b', 'c')),
FieldsListPermission(permission=PermissionsSet(
read=AllowAny(), edit=ObjIsNotNonePermission()),
fields=('a', 'b', 'd')),
FieldsListPermission(
permission=PermissionsSet(read=ObjIsNotNonePermission()),
fields=('e', )),
)
assert_equal(
field_set_permission.get_disallowed_fields(None, None, None),
{'a', 'b', 'c', 'e'})
assert_equal(
field_set_permission.get_disallowed_fields(None, None, ''), set())
class EntryPointResource(RESTResource):
allowed_methods = ('get', 'head', 'options')
permission = AllowAny()
def get(self):
out = {}
for pattern_name, pattern in patterns.items():
if isinstance(pattern, RESTPattern):
try:
url = pattern.get_url_string(self.request)
allowed_methods = pattern.get_allowed_methods(self.request, None)
if allowed_methods:
out[pattern_name] = {'url': url, 'methods': allowed_methods}
except NoReverseMatch:
pass
return out