def personal_access_token_detail(auth, **kwargs):
"""Show detail for a single personal access token"""
_id = kwargs.get("_id")
# The ID must be an active and existing record, and the logged-in user must have permission to view it.
try:
record = ApiOAuth2PersonalToken.find_one(Q("_id", "eq", _id))
except NoResultsFound:
raise HTTPError(http.NOT_FOUND)
if record.owner != auth.user:
raise HTTPError(http.FORBIDDEN)
if record.is_active is False:
raise HTTPError(http.GONE)
token_detail_url = api_v2_url("tokens/{}/".format(_id)) # Send request to this URL
return {"token_list_url": "", "token_detail_url": token_detail_url, "scope_options": get_available_scopes()}
def personal_access_token_detail(auth, **kwargs):
"""Show detail for a single personal access token"""
_id = kwargs.get('_id')
# The ID must be an active and existing record, and the logged-in user must have permission to view it.
try:
record = ApiOAuth2PersonalToken.find_one(Q('_id', 'eq', _id))
except NoResultsFound:
raise HTTPError(http.NOT_FOUND)
if record.owner != auth.user:
raise HTTPError(http.FORBIDDEN)
if record.is_active is False:
raise HTTPError(http.GONE)
token_detail_url = api_v2_url('tokens/{}/'.format(_id)) # Send request to this URL
return {'token_list_url': '',
'token_detail_url': token_detail_url,
'scope_options': get_available_scopes()}
def get_queryset(self):
query = self.get_query_from_request()
return ApiOAuth2PersonalToken.find(query)
def tearDown(self):
super(TestTokenDetail, self).tearDown()
ApiOAuth2PersonalToken.remove()
User.remove()
def create(self, validated_data):
validate_requested_scopes(validated_data)
instance = ApiOAuth2PersonalToken(**validated_data)
instance.save()
return instance
