def test_general(self): requester = User.objects.create_user('ownow', '*****@*****.**', 'mypassword') request = toolbox.add_request('abc', requester=requester) token = toolbox.create_general_token(request) data = toolbox.get_default_signer().load(token) self.assertEquals(data.get('id'), '%s' % request.id) self.assertFalse('requester' in data) # Now with additional data additional_data = {'abc': 123, 'z': ['y', 'z', 1]} token = toolbox.create_general_token(request, data=additional_data) data = toolbox.get_default_signer().load(token) additional_data['id'] = '%s' % request.id self.assertDictEqual(data, additional_data)
def test_other_user_with_general_token(self): other_user = User.objects.create_user('oho', '*****@*****.**', 'nono') with override_settings(MEDIA_ROOT=self.tempdir, MEDIA_URL='/'): request = toolbox.add_request('abc', requester=self.user) toolbox.attach_file(request, ContentFile(b'abc')) token = toolbox.create_general_token(request) http_request = self.factory.get('/something') http_request.user = other_user # With no verification and no requester required response = serve_file(http_request, token, require_requester=False, verify_requester=False) self.assertEqual(response.status_code, 200) # Now try with simply not requiring the requester http_request.user = other_user self.assertRaises(UserIsNotRequester, serve_file, http_request, token, require_requester=False) # Now try with requiring the requester but not verifying http_request.user = other_user self.assertRaises(SuspiciousToken, serve_file, http_request, token, verify_requester=False)
def test_requester_required_but_not_present(self): request = toolbox.add_request('abc') token = toolbox.create_general_token(request) request.delete() self.assertRaises(BadSignature, toolbox.decode, token, require_requester=True)
def test_general(self): request = toolbox.add_request('abc') token = toolbox.create_general_token(request) request.delete() self.assertRaises(FileRequest.DoesNotExist, toolbox.decode, token, require_requester=False)
def test_general_does_not_require_requester(self): request = toolbox.add_request('abc') toolbox.create_general_token(request)