Example #1
0
    def test_view_in_whitelisted_app(self):
        """Checks that a view from an app considered safe
        is considered safe itself"""

        rules = {
            'failclose': []
        }
        self.assertTrue(utils.is_safe(self.view, rules=rules))
Example #2
0
    def test_view_in_rules(self):
        """Checks that a view marked as safe in rules is
        confirmed safe"""

        rules = {
            'failclose': ['ugly']
        }
        self.assertTrue(utils.is_safe(self.view, rules=rules))
Example #3
0
    def process_view(self, request, view_func, view_args, view_kwargs):
        # if the view is marked as safe, we execute it
        if is_safe(view_func):
            return view_func(request, *view_args, **view_kwargs)

        if settings.FORBIDDEN_URL:
            return redirect(settings.FORBIDDEN_URL)
        else:
            return HttpResponseForbidden()
Example #4
0
    def test_view_namespaces(self):
        """Verifies that app namespaces are followed when checking
        view safety in rules"""

        # setting up the project used to check the view
        self.old_project_name = getattr(settings, 'PROJECT_NAME', None)
        settings.PROJECT_NAME = 'foobar'

        rules = {
            'foobar': ['ugly'],
        }
        self.assertFalse(utils.is_safe(self.view, rules=rules))

        # rolling back the settings
        if self.old_project_name is not None:
            settings.PROJECT_NAME = self.old_project_name
Example #5
0
    def test_decorated_view(self):
        """Checks that a decorated view is marked as safe"""

        self.decorated_view = utils.safe(self.view)
        self.assertTrue(utils.is_safe(self.decorated_view, rules={}))
Example #6
0
    def test_unsafe_view(self):
        """Checks that an unsafe view is marked as such"""

        self.assertFalse(utils.is_safe(self.view, rules={}))