def test_authorize__no_bearer(self):
request = Mock(META={'HTTP_AUTHORIZATION': 'no_bearer token'})
with pytest.raises(EventFactory.AuthError) as e:
Authorizer([]).authorize(request)
assert e.value.data == {
'@event': 'COULD_NOT_FIND_AUTH_TOKEN',
'@type': 'error',
}
def get(self, request):
account = Authorizer([]).ui_authorize(request)
items = CatalogueItem.objects.filter(
Q(created_by=account) | Q(updated_by=account)
| Q(maintained_by=account)
| Q(researchers__id=account.id)).order_by('name')
return render(request, 'catalogue_item_collection.html', {
'items': items,
'name': 'catalogue',
'is_authenticated': True,
})
def test_authorize__access_denied(self):
a = ef.account(type=AccountType.RESEARCHER.value)
self.mocker.patch.object(AuthToken, 'decode').return_value = a
request = Mock(META={'HTTP_AUTHORIZATION': 'bearer token'})
with pytest.raises(EventFactory.AccessDenied) as e:
Authorizer([AccountType.ADMIN.value]).authorize(request)
assert e.value.data == {
'@event': 'ACCESS_DENIED',
'@type': 'error',
}
def test_authorize(self):
a = ef.account(type=AccountType.RESEARCHER.value)
self.mocker.patch.object(AuthToken, 'decode').return_value = a
request = Mock(META={'HTTP_AUTHORIZATION': 'bearer token'})
# -- raises nothing, just works fine
authorized = Authorizer([
AccountType.RESEARCHER.value,
AccountType.ADMIN.value,
]).authorize(request)
assert authorized == {'account': a}
def get(self, request, downalod_request_id):
account = Authorizer([]).ui_authorize(request)
req = DownloadRequest.objects.filter(id=downalod_request_id)
req = req.filter(
Q(created_by=account) |
Q(waiters__id=account.id)).distinct('id')
req = req.get()
return render(
request,
'download_request_element.html',
{'download_request': req})
def get(self, request, item_id):
account = Authorizer([]).ui_authorize(request)
item = CatalogueItem.objects.filter(id=item_id)
item = item.filter(
Q(created_by=account) | Q(updated_by=account)
| Q(maintained_by=account)
| Q(researchers__id=account.id)).distinct('id')
item = item.get()
return render(request, 'catalogue_item_element.html', {
'item': item,
'is_authenticated': True,
})
def get(self, request):
account = Authorizer([]).ui_authorize(request)
reqs = DownloadRequest.objects.filter(
Q(created_by=account) |
Q(waiters__id=account.id))
reqs = reqs.select_related('catalogue_item')
reqs = reqs.order_by('catalogue_item__name')
return render(
request,
'download_request_collection.html',
{
'name': 'downloads',
'is_authenticated': True,
'download_requests': reqs,
})
def get(self, request, item_id):
account = Authorizer([]).ui_authorize(request)
item = CatalogueItem.objects.filter(id=item_id)
item = item.filter(
Q(created_by=account) |
Q(updated_by=account) |
Q(maintained_by=account) |
Q(researchers__id=account.id)).distinct('id')
item = item.get()
return render(
request,
'download_request_create.html',
{
'name': item.name,
'columns': sorted([c['name'] for c in item.spec]),
'column_name_to_type': json.dumps({
c['name']: c['type'] for c in item.spec
}),
'filters': range(0, 5),
'catalogue_item_id': item.id,
'is_authenticated': True,
})