Ejemplo n.º 1
0
 class Meta:
     queryset = User.objects.all()
     resource_name = 'users'
     excludes = [
         'email', 'password', 'is_active', 'is_staff', 'is_superuser'
     ]
     authentication = OAuthAuthentication()
     authorization = DjangoAuthorization()
Ejemplo n.º 2
0
    def test_check_active_true(self):
        auth = OAuthAuthentication()

        # No username/api_key details should fail.
        self.request.REQUEST = self.request.GET = {
            'oauth_consumer_key': '123',
            'oauth_nonce': 'abc',
            'oauth_signature': '&',
            'oauth_signature_method': 'PLAINTEXT',
            'oauth_timestamp': str(int(time.time())),
            'oauth_token': 'bar',
        }
        self.request.META['Authorization'] = 'OAuth ' + ','.join([key+'='+value for key, value in self.request.REQUEST.items()])
        resp = auth.is_authenticated(self.request)
        self.assertFalse(resp)
Ejemplo n.º 3
0
    def test_is_authenticated(self):
        from oauth_provider.models import Consumer, Token, Resource
        auth = OAuthAuthentication()
        request = HttpRequest()
        request.META['SERVER_NAME'] = 'testsuite'
        request.META['SERVER_PORT'] = '8080'
        request.REQUEST = request.GET = {}
        request.method = "GET"

        # Invalid request.
        resp = auth.is_authenticated(request)
        self.assertEqual(resp.status_code, 401)

        # No username/api_key details should fail.
        request.REQUEST = request.GET = {
            'oauth_consumer_key': '123',
            'oauth_nonce': 'abc',
            'oauth_signature': '&',
            'oauth_signature_method': 'PLAINTEXT',
            'oauth_timestamp': str(int(time.time())),
            'oauth_token': 'foo',
        }
        user = User.objects.create_user('daniel', '*****@*****.**',
                                        'password')
        request.META['Authorization'] = 'OAuth ' + ','.join(
            [key + '=' + value for key, value in request.REQUEST.items()])
        resource, _ = Resource.objects.get_or_create(
            url='test', defaults={'name': 'Test Resource'})
        consumer, _ = Consumer.objects.get_or_create(key='123',
                                                     defaults={
                                                         'name':
                                                         'Test',
                                                         'description':
                                                         'Testing...'
                                                     })
        token, _ = Token.objects.get_or_create(key='foo',
                                               token_type=Token.ACCESS,
                                               defaults={
                                                   'consumer': consumer,
                                                   'resource': resource,
                                                   'secret': '',
                                                   'user': user,
                                               })
        resp = auth.is_authenticated(request)
        self.assertEqual(resp, True)
        self.assertEqual(request.user.pk, user.pk)
Ejemplo n.º 4
0
    def test_is_authenticated(self):
        auth = OAuthAuthentication()

        # Invalid request.
        resp = auth.is_authenticated(self.request)
        self.assertEqual(resp.status_code, 401)

        # No username/api_key details should fail.
        self.request.REQUEST = self.request.GET = {
            'oauth_consumer_key': '123',
            'oauth_nonce': 'abc',
            'oauth_signature': '&',
            'oauth_signature_method': 'PLAINTEXT',
            'oauth_timestamp': str(int(time.time())),
            'oauth_token': 'foo',
        }
        self.request.META['Authorization'] = 'OAuth ' + ','.join([key+'='+value for key, value in self.request.REQUEST.items()])
        resp = auth.is_authenticated(self.request)
        self.assertEqual(resp, True)
        self.assertEqual(self.request.user.pk, self.user.pk)
Ejemplo n.º 5
0
 class Meta:
     queryset        = Submission.objects.all()
     resource_name   = 'submission'
     excludes        = ['feedback']
     allowed_methods = ['get']
     include_absolute_url = True
     
     # Rules that enable filtering based on exercise, grader, submitter and grade.
     filtering = {
         "exercise": ('exact',),
         "grader": ('exact',),
         "submitters": ('exact',),
         "grade": ALL,
         "id": ALL
     }
     
     # In this version only superusers are allowed to access
     # submissions after being authenticated with OAuth
     authentication  = OAuthAuthentication()
     authorization   = SuperuserAuthorization()
Ejemplo n.º 6
0
 class Meta:
     queryset = Task.objects.all()
     resource_name = 'tasks'
     authentication = OAuthAuthentication()
     authorization = DjangoAuthorization()