def test_explicit_controls_exception_views(self): @pretend.call_recorder def view(context, request): pass info = pretend.stub(options={"require_methods": ["POST"]}) wrapped_view = csrf.require_method_view(view, info) context = pretend.stub() request = pretend.stub(method="GET") with pytest.raises(HTTPMethodNotAllowed): wrapped_view(context, request) assert view.calls == []
def test_allows_passing_other_methods(self): response = pretend.stub() @pretend.call_recorder def view(context, request): return response info = pretend.stub(options={"require_methods": ["POST"]}) wrapped_view = csrf.require_method_view(view, info) context = pretend.stub() request = pretend.stub(method="POST") assert wrapped_view(context, request) is response assert view.calls == [pretend.call(context, request)]
def test_allows_exception_views_by_default(self): response = pretend.stub() @pretend.call_recorder def view(context, request): return response info = pretend.stub(options={}) wrapped_view = csrf.require_method_view(view, info) context = pretend.stub() request = pretend.stub(method="POST", exception=pretend.stub()) assert wrapped_view(context, request) is response assert view.calls == [pretend.call(context, request)]
def test_disallows_unsafe_by_default(self, method): @pretend.call_recorder def view(context, request): pass info = pretend.stub(options={}) wrapped_view = csrf.require_method_view(view, info) context = pretend.stub() request = pretend.stub(method=method) with pytest.raises(HTTPMethodNotAllowed): wrapped_view(context, request) assert view.calls == []
def test_passes_through_on_falsey(self): view = pretend.stub() info = pretend.stub(options={"require_methods": False}) assert csrf.require_method_view(view, info) is view