def test_redirect_for_login(default_fxa_login_url):
login_url = 'https://example.com/login'
default_fxa_login_url.return_value = login_url
request = mock.MagicMock()
response = utils.redirect_for_login(request)
default_fxa_login_url.assert_called_with(request)
assert response['location'] == login_url
def test_redirect_for_login_migration_over(login_link):
login_url = 'https://example.com/login'
login_link.return_value = login_url
request = mock.MagicMock()
response = utils.redirect_for_login(request)
login_link.assert_called_with(request)
assert response['location'] == login_url
def test_redirect_for_login(default_fxa_login_url):
login_url = 'https://example.com/login'
default_fxa_login_url.return_value = login_url
request = mock.MagicMock()
response = utils.redirect_for_login(request)
default_fxa_login_url.assert_called_with(request)
assert response['location'] == login_url
def login(request):
# If someone is already auth'd then they're getting directed to login()
# because they don't have sufficient permissions.
if request.user.is_authenticated:
raise PermissionDenied
else:
return redirect_for_login(request)
def login(request):
# If someone is already auth'd then they're getting directed to login()
# because they don't have sufficient permissions.
if request.user.is_authenticated:
raise PermissionDenied
else:
return redirect_for_login(request)
def collection_detail(request, username, slug):
collection = get_collection(request, username, slug)
if not collection.listed:
if not request.user.is_authenticated:
return redirect_for_login(request)
if not acl.check_collection_ownership(request, collection):
raise PermissionDenied
base = Addon.objects.valid() & collection.addons.all()
filter = CollectionAddonFilter(request, base,
key='sort', default='popular')
notes = get_notes(collection)
# Go directly to CollectionAddon for the count to avoid joins.
count = CollectionAddon.objects.filter(
Addon.objects.all().valid_q(
amo.VALID_ADDON_STATUSES, prefix='addon__'),
collection=collection.id)
addons = paginate(request, filter.qs, per_page=15, count=count.count())
# `perms` is defined in django.contrib.auth.context_processors. Gotcha!
user_perms = {
'view_stats': acl.check_ownership(
request, collection, require_owner=False),
}
tags = Tag.objects.filter(
id__in=collection.top_tags) if collection.top_tags else []
return render_cat(request, 'bandwagon/collection_detail.html',
{'collection': collection, 'filter': filter,
'addons': addons, 'notes': notes,
'tags': tags, 'user_perms': user_perms})
def collection_detail(request, username, slug):
collection = get_collection(request, username, slug)
if not collection.listed:
if not request.user.is_authenticated():
return redirect_for_login(request)
if not acl.check_collection_ownership(request, collection):
raise PermissionDenied
base = Addon.objects.valid() & collection.addons.all()
filter = CollectionAddonFilter(request, base,
key='sort', default='popular')
notes = get_notes(collection)
# Go directly to CollectionAddon for the count to avoid joins.
count = CollectionAddon.objects.filter(
Addon.objects.all().valid_q(
amo.VALID_ADDON_STATUSES, prefix='addon__'),
collection=collection.id)
addons = paginate(request, filter.qs, per_page=15, count=count.count())
# `perms` is defined in django.contrib.auth.context_processors. Gotcha!
user_perms = {
'view_stats': acl.check_ownership(
request, collection, require_owner=False),
}
tags = Tag.objects.filter(
id__in=collection.top_tags) if collection.top_tags else []
return render_cat(request, 'bandwagon/collection_detail.html',
{'collection': collection, 'filter': filter,
'addons': addons, 'notes': notes,
'tags': tags, 'user_perms': user_perms})
def test_redirect_for_login_migration_over(login_link):
login_url = 'https://example.com/login'
login_link.return_value = login_url
request = mock.MagicMock()
response = utils.redirect_for_login(request)
login_link.assert_called_with(request)
assert response['location'] == login_url
def wrapper(request, *args, **kw):
if request.user.is_authenticated():
return func(request, *args, **kw)
else:
if redirect:
return redirect_for_login(request)
else:
return http.HttpResponse(status=401)
def wrapper(request, *args, **kw):
if request.user.is_authenticated():
return func(request, *args, **kw)
else:
if redirect:
return redirect_for_login(request)
else:
return http.HttpResponse(status=401)
def login(request):
# if the user has permission, just send them to the index page
if request.method == 'GET' and admin.site.has_permission(request):
return redirect('admin:index')
# otherwise, they're logged in but don't have permission return a 403.
elif request.user.is_authenticated:
raise PermissionDenied
else:
return redirect_for_login(request)
def wrapper(request, username, *args, **kw):
"""
If the author is `mine` then show the current user's collection
(or something).
"""
if username == 'mine':
if not request.user.is_authenticated():
return redirect_for_login(request)
username = request.user.username
return f(request, username, *args, **kw)
def test_redirect_for_login():
request = RequestFactory().get('/somewhere')
request.session = {'fxa_state': 'fake-state'}
response = utils.redirect_for_login(request)
assert response['location'] == utils.fxa_login_url(
config=FXA_CONFIG['default'],
state=request.session['fxa_state'],
next_path='/somewhere',
action='signin',
)
def wrapper(request, *args, **kw):
# Prevent circular ref in accounts.utils
from olympia.accounts.utils import redirect_for_login
if request.user.is_authenticated():
return func(request, *args, **kw)
else:
if redirect:
return redirect_for_login(request)
else:
return http.HttpResponse(status=401)
def wrapper(request, *args, **kw):
# Prevent circular ref in accounts.utils
from olympia.accounts.utils import redirect_for_login
if request.user.is_authenticated:
return func(request, *args, **kw)
else:
if redirect:
return redirect_for_login(request)
else:
return http.HttpResponse(status=401)
def wrapper(request, username, *args, **kw):
"""
If the author is `mine` then show the current user's collection
(or something).
"""
if username == 'mine':
if not request.user.is_authenticated():
return redirect_for_login(request)
username = request.user.username
return f(request, username, *args, **kw)
def wrapper(request, user_id, *args, **kw):
"""
If the author is `mine` then show the current user's collection
(or something).
"""
# Prevent circular ref in accounts.utils
from olympia.accounts.utils import redirect_for_login
if user_id == 'mine':
if not request.user.is_authenticated:
return redirect_for_login(request)
user_id = request.user.id
return f(request, user_id, *args, **kw)
def wrapper(request, username, *args, **kw):
"""
If the author is `mine` then show the current user's collection
(or something).
"""
# Prevent circular ref in accounts.utils
from olympia.accounts.utils import redirect_for_login
if username == 'mine':
if not request.user.is_authenticated():
return redirect_for_login(request)
username = request.user.username
return f(request, username, *args, **kw)
def collection_detail(request, username, slug):
collection = get_collection(request, username, slug)
if not collection.listed:
if not request.user.is_authenticated():
return redirect_for_login(request)
if not acl.check_collection_ownership(request, collection):
raise PermissionDenied
if request.GET.get('format') == 'rss':
return http.HttpResponsePermanentRedirect(collection.feed_url())
base = Addon.objects.valid() & collection.addons.all()
filter = CollectionAddonFilter(request,
base,
key='sort',
default='popular')
notes = get_notes(collection)
# Go directly to CollectionAddon for the count to avoid joins.
count = CollectionAddon.objects.filter(Addon.objects.all().valid_q(
amo.VALID_ADDON_STATUSES, prefix='addon__'),
collection=collection.id)
addons = paginate(request, filter.qs, per_page=15, count=count.count())
# The add-on query is not related to the collection, so we need to manually
# hook them up for invalidation. Bonus: count invalidation.
keys = [addons.object_list.flush_key(), count.flush_key()]
caching.invalidator.add_to_flush_list({collection.flush_key(): keys})
if collection.author_id:
qs = Collection.objects.listed().filter(author=collection.author)
others = amo.utils.randslice(qs, limit=4, exclude=collection.id)
else:
others = []
# `perms` is defined in django.contrib.auth.context_processors. Gotcha!
user_perms = {
'view_stats':
acl.check_ownership(request, collection, require_owner=False),
}
tags = Tag.objects.filter(
id__in=collection.top_tags) if collection.top_tags else []
return render_cat(
request, 'bandwagon/collection_detail.html', {
'collection': collection,
'filter': filter,
'addons': addons,
'notes': notes,
'author_collections': others,
'tags': tags,
'user_perms': user_perms
})
def __call__(self, request):
# API requests are validated in SessionIDAuthentication
if not getattr(request, 'is_api', False):
if SESSION_KEY not in request.session:
# Without SESSION_KEY the session is definately anonymous so assume that
request.user = AnonymousUser()
else:
try:
check_and_update_fxa_access_token(request)
except IdentificationError:
log.info(
f'Failed refreshing access_token for {request.user.id}'
)
return redirect_for_login(request)
return self.get_response(request)
def collection_detail(request, username, slug):
collection = get_collection(request, username, slug)
if not collection.listed:
if not request.user.is_authenticated():
return redirect_for_login(request)
if not acl.check_collection_ownership(request, collection):
raise PermissionDenied
if request.GET.get('format') == 'rss':
return http.HttpResponsePermanentRedirect(collection.feed_url())
base = Addon.objects.valid() & collection.addons.all()
filter = CollectionAddonFilter(request, base,
key='sort', default='popular')
notes = get_notes(collection)
# Go directly to CollectionAddon for the count to avoid joins.
count = CollectionAddon.objects.filter(
Addon.objects.all().valid_q(
amo.VALID_ADDON_STATUSES, prefix='addon__'),
collection=collection.id)
addons = paginate(request, filter.qs, per_page=15, count=count.count())
# The add-on query is not related to the collection, so we need to manually
# hook them up for invalidation. Bonus: count invalidation.
keys = [addons.object_list.flush_key(), count.flush_key()]
caching.invalidator.add_to_flush_list({collection.flush_key(): keys})
if collection.author_id:
qs = Collection.objects.listed().filter(author=collection.author)
others = amo.utils.randslice(qs, limit=4, exclude=collection.id)
else:
others = []
# `perms` is defined in django.contrib.auth.context_processors. Gotcha!
user_perms = {
'view_stats': acl.check_ownership(
request, collection, require_owner=False),
}
tags = Tag.objects.filter(
id__in=collection.top_tags) if collection.top_tags else []
return render_cat(request, 'bandwagon/collection_detail.html',
{'collection': collection, 'filter': filter,
'addons': addons, 'notes': notes,
'author_collections': others, 'tags': tags,
'user_perms': user_perms})
