def obj_delete(self, request, **kwargs):
obj = self.get_by_resource_or_404(request, **kwargs)
if not (AppOwnerAuthorization().is_authorized(request,
object=obj.addon)
or OwnerAuthorization().is_authorized(request, object=obj) or
PermissionAuthorization('Users', 'Edit').is_authorized(request)
or PermissionAuthorization('Addons',
'Edit').is_authorized(request)):
raise ImmediateHttpResponse(response=http.HttpForbidden())
log.info('Rating %s deleted from addon %s' % (obj.pk, obj.addon.pk))
return super(RatingResource, self).obj_delete(request, **kwargs)
class TestPermissionAuthorization(OwnerAuthorization):
def setUp(self):
super(TestPermissionAuthorization, self).setUp()
self.auth = PermissionAuthorization("Drinkers", "Beer")
self.app = app_factory()
def test_has_role(self):
self.grant_permission(self.profile, "Drinkers:Beer")
ok_(self.auth.is_authorized(self.request(self.profile), self.app))
def test_not_has_role(self):
self.grant_permission(self.profile, "Drinkers:Scotch")
ok_(not self.auth.is_authorized(self.request(self.profile), self.app))
class TestPermissionAuthorization(OwnerAuthorization):
def setUp(self):
super(TestPermissionAuthorization, self).setUp()
self.auth = PermissionAuthorization('Drinkers', 'Beer')
self.app = app_factory()
def test_has_role(self):
self.grant_permission(self.profile, 'Drinkers:Beer')
ok_(self.auth.is_authorized(self.request(self.profile), self.app))
def test_not_has_role(self):
self.grant_permission(self.profile, 'Drinkers:Scotch')
ok_(not self.auth.is_authorized(self.request(self.profile), self.app))
def obj_delete(self, request, **kwargs):
obj = self.get_by_resource_or_404(request, **kwargs)
if not (AppOwnerAuthorization().is_authorized(request,
object=obj.addon)
or OwnerAuthorization().is_authorized(request, object=obj) or
PermissionAuthorization('Users', 'Edit').is_authorized(request)
or PermissionAuthorization('Addons',
'Edit').is_authorized(request)):
raise http_error(
http.HttpForbidden,
'You do not have permission to delete this review.')
log.info('Rating %s deleted from addon %s' % (obj.pk, obj.addon.pk))
return super(RatingResource, self).obj_delete(request, **kwargs)
class Meta(SearchResource.Meta):
resource_name = 'search'
authorization = PermissionAuthorization('Apps', 'Review')
fields = [
'device_types', 'id', 'is_escalated', 'is_packaged',
'latest_version', 'name', 'premium_type', 'price', 'slug', 'status'
]
class Meta:
queryset = MonolithRecord.objects.all()
allowed_methods = ['get', 'delete']
resource_name = 'data'
filtering = {'recorded': ['exact', 'lt', 'lte', 'gt', 'gte'],
'key': ['exact', 'startswith'],
'id': ['lte', 'gte']}
authorization = PermissionAuthorization('Monolith', 'API')
authentication = OAuthAuthentication()
class Meta(MarketplaceResource.Meta):
authentication = OptionalOAuthAuthentication()
authorization = AnonymousReadOnlyAuthorization(
authorizer=PermissionAuthorization('ProductIcon', 'Create'))
detail_allowed_methods = ['get']
fields = ['ext_url', 'ext_size', 'size']
filtering = {
'ext_url': 'exact',
'ext_size': 'exact',
'size': 'exact',
}
list_allowed_methods = ['get', 'post']
queryset = ProductIcon.objects.filter()
resource_name = 'product/icon'
validation = CleanedDataFormValidation(form_class=ProductIconForm)
def setUp(self):
super(TestPermissionAuthorization, self).setUp()
self.auth = PermissionAuthorization('Drinkers', 'Beer')
self.app = app_factory()
class Meta:
authentication = OAuthAuthentication()
authorization = PermissionAuthorization('Transaction', 'NotifyFailure')
detail_allowed_methods = ['patch']
queryset = Contribution.objects.filter(uuid__isnull=False)
resource_name = 'failure'
def setUp(self):
super(TestPermissionAuthorization, self).setUp()
self.auth = PermissionAuthorization("Drinkers", "Beer")
self.app = app_factory()
class Meta(MarketplaceResource.Meta):
authentication = OAuthAuthentication()
authorization = PermissionAuthorization('Apps', 'Review')
list_allowed_methods = ['get']
resource_name = 'reviewing'
def setUp(self):
super(TestPermissionAuthorization, self).setUp()
self.auth = PermissionAuthorization('Drinkers', 'Beer')
self.app = app_factory()
