class TestAnonymousReadOnlyAuthorization(TestCase): fixtures = fixture("user_2519") def setUp(self): self.get = RequestFactory().get("/") self.post = RequestFactory().post("/") self.auth = AnonymousReadOnlyAuthorization() self.anon = AnonymousUser() self.user = User.objects.get(pk=2519) def test_get_anonymous(self): self.get.user = self.anon eq_(self.auth.is_authorized(self.get), True) def test_get_authenticated(self): self.get.user = self.user eq_(self.auth.is_authorized(self.get), True) def test_post_anonymous(self): self.post.user = self.anon eq_(self.auth.is_authorized(self.post), False) def test_post_authenticated(self): self.post.user = self.user eq_(self.auth.is_authorized(self.post), True) def test_with_authorizer(self): class LockedOut: def is_authorized(self, request, object=None): return False self.auth = AnonymousReadOnlyAuthorization(authorizer=LockedOut()) self.post.user = self.user eq_(self.auth.is_authorized(self.post), False)
class TestAnonymousReadOnlyAuthorization(TestCase): fixtures = fixture('user_2519') def setUp(self): self.get = RequestFactory().get('/') self.post = RequestFactory().post('/') self.auth = AnonymousReadOnlyAuthorization() self.anon = AnonymousUser() self.user = User.objects.get(pk=2519) def test_get_anonymous(self): self.get.user = self.anon eq_(self.auth.is_authorized(self.get), True) def test_get_authenticated(self): self.get.user = self.user eq_(self.auth.is_authorized(self.get), True) def test_post_anonymous(self): self.post.user = self.anon eq_(self.auth.is_authorized(self.post), False) def test_post_authenticated(self): self.post.user = self.user eq_(self.auth.is_authorized(self.post), True)
def test_with_authorizer(self): class LockedOut: def is_authorized(self, request, object=None): return False self.auth = AnonymousReadOnlyAuthorization(authorizer=LockedOut()) self.post.user = self.user eq_(self.auth.is_authorized(self.post), False)
class Meta(MarketplaceResource.Meta): authentication = OptionalOAuthAuthentication() authorization = AnonymousReadOnlyAuthorization( authorizer=PermissionAuthorization('ProductIcon', 'Create')) detail_allowed_methods = ['get'] fields = ['ext_url', 'ext_size', 'size'] filtering = { 'ext_url': 'exact', 'ext_size': 'exact', 'size': 'exact', } list_allowed_methods = ['get', 'post'] queryset = ProductIcon.objects.filter() resource_name = 'product/icon' validation = CleanedDataFormValidation(form_class=ProductIconForm)
class Meta: # Unfortunately, the model class name for ratings is "Review". queryset = Review.objects.valid() resource_name = 'rating' list_allowed_methods = ['get', 'post'] detail_allowed_methods = ['get', 'put', 'delete'] always_return_data = True authentication = (SharedSecretAuthentication(), OptionalOAuthAuthentication()) authorization = AnonymousReadOnlyAuthorization() fields = ['rating', 'body'] filtering = { 'app': ('exact', ), 'user': ('exact', ), 'pk': ('exact', ), } ordering = ['created']
def setUp(self): self.get = RequestFactory().get('/') self.post = RequestFactory().post('/') self.auth = AnonymousReadOnlyAuthorization() self.anon = AnonymousUser() self.user = User.objects.get(pk=2519)