def test_overwritten_get():
app = Flask("overwritten")
bouncer = Bouncer(app)
OverwrittenView.register(app)
# Which classy views do you want to lock down, you can pass multiple
bouncer.monitor(OverwrittenView)
@bouncer.authorization_method
def define_authorization(user, abilities):
if user.is_admin:
# self.can_manage(ALL)
abilities.append(MANAGE, ALL)
else:
abilities.append([READ, CREATE], Article)
abilities.append(EDIT, Article, author_id=user.id)
client = app.test_client()
jonathan = User(name='jonathan', admin=True)
nancy = User(name='nancy', admin=False)
# admins should be able to view
with user_set(app, jonathan):
resp = client.get("/overwritten/1234")
eq_(b"Get 1234", resp.data)
# Non admins not be able to do this
with user_set(app, nancy):
resp = client.get("/overwritten/1234")
eq_(resp.status_code, 401)
def test_overwritten_get():
app = Flask("overwritten")
bouncer = Bouncer(app)
OverwrittenView.register(app)
# Which classy views do you want to lock down, you can pass multiple
bouncer.monitor(OverwrittenView)
@bouncer.authorization_method
def define_authorization(user, abilities):
if user.is_admin:
# self.can_manage(ALL)
abilities.append(MANAGE, ALL)
else:
abilities.append([READ, CREATE], Article)
abilities.append(EDIT, Article, author_id=user.id)
client = app.test_client()
jonathan = User(name='jonathan', admin=True)
nancy = User(name='nancy', admin=False)
# admins should be able to view
with user_set(app, jonathan):
resp = client.get("/overwritten/1234")
eq_(b"Get 1234", resp.data)
# Non admins not be able to do this
with user_set(app, nancy):
resp = client.get("/overwritten/1234")
eq_(resp.status_code, 401)
def test_lock_it_down_raise_exception():
app = Flask("test_lock_it_down_raise_exception")
app.debug = True
bouncer = Bouncer(app, ensure_authorization=True)
@bouncer.authorization_method
def define_authorization(user, they):
they.can('browse', Article)
# Non decorated route -- should raise an Unauthorized
@app.route("/articles")
def articles_index():
return "A bunch of articles"
client = app.test_client()
jonathan = User(name='jonathan', admin=False)
with user_set(app, jonathan):
resp = client.get('/articles')
def test_non_standard_names():
app = Flask("advanced")
app.debug = True
bouncer = Bouncer(app)
@bouncer.authorization_method
def define_authorization(user, they):
they.can('browse', Article)
@app.route("/articles")
@requires('browse', Article)
def articles_index():
return "A bunch of articles"
client = app.test_client()
jonathan = User(name='jonathan', admin=False)
with user_set(app, jonathan):
resp = client.get('/articles')
eq_(b"A bunch of articles", resp.data)
def test_ensure_and_requires_while_locked_down():
app = Flask("test_ensure_and_requires_while_locked_down")
app.debug = True
bouncer = Bouncer(app, ensure_authorization=True)
@bouncer.authorization_method
def define_authorization(user, they):
they.can(READ, Article)
they.can(EDIT, Article, author_id=user.id)
@app.route("/articles")
@requires(READ, Article)
def articles_index():
return "A bunch of articles"
@app.route("/article/<int:post_id>", methods=['POST'])
def edit_post(post_id):
# Find an article form a db -- faking for testing
jonathan = User(name='jonathan', admin=False, id=1)
article = Article(author_id=jonathan.id)
# bounce them out if they do not have access
ensure(EDIT, article)
# edit the post
return "successfully edited post"
client = app.test_client()
jonathan = User(name='jonathan', admin=False, id=1)
with user_set(app, jonathan):
resp = client.get('/articles')
eq_(b"A bunch of articles", resp.data)
resp = client.post('/article/1')
eq_(b"successfully edited post", resp.data)
def test_blueprints():
app = Flask("blueprints")
app.debug = True
bouncer = Bouncer(app)
@bouncer.authorization_method
def define_authorization(user, they):
they.can('browse', Article)
bp = Blueprint('bptest', 'bptest')
@bp.route("/articles")
@requires('browse', Article)
def articles_index():
return "A bunch of articles"
app.register_blueprint(bp)
client = app.test_client()
jonathan = User(name='jonathan', admin=False)
with user_set(app, jonathan):
resp = client.get('/articles')
eq_(b"A bunch of articles", resp.data)
from celery import Celery
from flask_mail import Mail
import string
import random
from flask_login import LoginManager, user_logged_in
from flask_sqlalchemy import SQLAlchemy
from .configuration import config
from .impersonation import Impersonation
# initialize database
db = SQLAlchemy(session_options={'expire_on_commit': False})
# initialize Flask-Bouncer
bouncer = Bouncer()
# initialize Flask-Login
login_manager = LoginManager()
# initialize impersonation
impersonation = Impersonation()
# initialize celery
celery = Celery(
backend=config.get("CELERY_RESULT_BACKEND"),
broker=config.get("CELERY_BROKER_URL"),
result_expires=(30 * 60), # 30 minutes
)
# initialize Flask-Mail
def test_base_registration():
app = Flask(__name__)
bouncer = Bouncer(app)
eq_(bouncer.get_app(), app)
def test_delayed_init():
app = Flask(__name__)
bouncer = Bouncer()
bouncer.init_app(app)
eq_(bouncer.get_app(), app)
from flask import Flask , render_template , request, redirect, url_for
from flask_bouncer import requires, ensure, Bouncer
import csv
# from repos.api import get_user
# from repos.exceptions import GitHubApiException
app = Flask(__name__)
bouncer = Bouncer(app)
selected_users = ['aaman123']
@bouncer.authorization_method
def define_authorization(user, they):
if user.is_admin:
they.can(MANAGE, ALL)
else:
they.can(login, ('Article', 'BlogPost'))
@app.route("/" , methods = ['GET', 'POST'])
def index():
return render_template("register.html")
@app.route("/login" , methods = ['GET', 'POST'])
def login():
return render_template("login.html")
from flask import Flask, url_for
from flask_bouncer import Bouncer, bounce
from test_flask_bouncer.models import Article, User
from test_flask_bouncer.helpers import user_set
from bouncer.constants import *
from .view_classes import ArticleView, OverwrittenView
from nose.tools import *
app = Flask("classy")
bouncer = Bouncer(app)
ArticleView.register(app)
# Which classy views do you want to lock down, you can pass multiple
bouncer.monitor(ArticleView)
@bouncer.authorization_method
def define_authorization(user, abilities):
if user.is_admin:
# self.can_manage(ALL)
abilities.append(MANAGE, ALL)
else:
abilities.append([READ, CREATE], Article)
abilities.append(EDIT, Article, author_id=user.id)
client = app.test_client()
jonathan = User(name='jonathan', admin=True)
nancy = User(name='nancy', admin=False)
from flask import Flask, url_for
from flask_bouncer import Bouncer, bounce
from test_flask_bouncer.models import Article, User
from test_flask_bouncer.helpers import user_set
from bouncer.constants import *
from .view_classes import ArticleView, OverwrittenView
from nose.tools import *
app = Flask("classy")
bouncer = Bouncer(app)
ArticleView.register(app)
# Which classy views do you want to lock down, you can pass multiple
bouncer.monitor(ArticleView)
@bouncer.authorization_method
def define_authorization(user, abilities):
if user.is_admin:
# self.can_manage(ALL)
abilities.append(MANAGE, ALL)
else:
abilities.append([READ, CREATE], Article)
abilities.append(EDIT, Article, author_id=user.id)
client = app.test_client()
jonathan = User(name='jonathan', admin=True)
