def test_authorize__no_bearer(self): request = Mock(META={'HTTP_AUTHORIZATION': 'no_bearer token'}) with pytest.raises(EventFactory.AuthError) as e: Authorizer([]).authorize(request) assert e.value.data == { '@event': 'COULD_NOT_FIND_AUTH_TOKEN', '@type': 'error', }
def get(self, request): account = Authorizer([]).ui_authorize(request) items = CatalogueItem.objects.filter( Q(created_by=account) | Q(updated_by=account) | Q(maintained_by=account) | Q(researchers__id=account.id)).order_by('name') return render(request, 'catalogue_item_collection.html', { 'items': items, 'name': 'catalogue', 'is_authenticated': True, })
def test_authorize__access_denied(self): a = ef.account(type=AccountType.RESEARCHER.value) self.mocker.patch.object(AuthToken, 'decode').return_value = a request = Mock(META={'HTTP_AUTHORIZATION': 'bearer token'}) with pytest.raises(EventFactory.AccessDenied) as e: Authorizer([AccountType.ADMIN.value]).authorize(request) assert e.value.data == { '@event': 'ACCESS_DENIED', '@type': 'error', }
def test_authorize(self): a = ef.account(type=AccountType.RESEARCHER.value) self.mocker.patch.object(AuthToken, 'decode').return_value = a request = Mock(META={'HTTP_AUTHORIZATION': 'bearer token'}) # -- raises nothing, just works fine authorized = Authorizer([ AccountType.RESEARCHER.value, AccountType.ADMIN.value, ]).authorize(request) assert authorized == {'account': a}
def get(self, request, downalod_request_id): account = Authorizer([]).ui_authorize(request) req = DownloadRequest.objects.filter(id=downalod_request_id) req = req.filter( Q(created_by=account) | Q(waiters__id=account.id)).distinct('id') req = req.get() return render( request, 'download_request_element.html', {'download_request': req})
def get(self, request, item_id): account = Authorizer([]).ui_authorize(request) item = CatalogueItem.objects.filter(id=item_id) item = item.filter( Q(created_by=account) | Q(updated_by=account) | Q(maintained_by=account) | Q(researchers__id=account.id)).distinct('id') item = item.get() return render(request, 'catalogue_item_element.html', { 'item': item, 'is_authenticated': True, })
def get(self, request): account = Authorizer([]).ui_authorize(request) reqs = DownloadRequest.objects.filter( Q(created_by=account) | Q(waiters__id=account.id)) reqs = reqs.select_related('catalogue_item') reqs = reqs.order_by('catalogue_item__name') return render( request, 'download_request_collection.html', { 'name': 'downloads', 'is_authenticated': True, 'download_requests': reqs, })
def get(self, request, item_id): account = Authorizer([]).ui_authorize(request) item = CatalogueItem.objects.filter(id=item_id) item = item.filter( Q(created_by=account) | Q(updated_by=account) | Q(maintained_by=account) | Q(researchers__id=account.id)).distinct('id') item = item.get() return render( request, 'download_request_create.html', { 'name': item.name, 'columns': sorted([c['name'] for c in item.spec]), 'column_name_to_type': json.dumps({ c['name']: c['type'] for c in item.spec }), 'filters': range(0, 5), 'catalogue_item_id': item.id, 'is_authenticated': True, })