def test_token(self):
self.grant_permission(self.user, 'Apps:Review')
res = self.client.post(self.url)
eq_(res.status_code, 200, res.content)
data = json.loads(res.content)
assert 'token' in data
# Check data in token.
assert Token.valid(data['token'], data={'app_id': self.app.id})
def test_token(self):
self.grant_permission(self.user, 'Apps:Review')
res = self.client.post(self.url)
eq_(res.status_code, 200, res.content)
data = json.loads(res.content)
assert 'token' in data
# Check data in token.
assert Token.valid(data['token'], data={'app_id': self.app.id})
def test_token(self):
self.grant_permission(self.user, "Apps:Review")
res = self.client.post(self.url)
eq_(res.status_code, 200, res.content)
data = json.loads(res.content)
assert "token" in data
# Check data in token.
assert Token.valid(data["token"], data={"app_id": self.app.id})
def wrapper(request, file_id, key, *args, **kw):
viewer = FileViewer(get_object_or_404(File, pk=file_id))
token = request.GET.get('token')
if not token:
log.error('Denying access to %s, no token.' % viewer.file.id)
raise PermissionDenied
if not Token.valid(token, [viewer.file.id, key]):
log.error('Denying access to %s, token invalid.' % viewer.file.id)
raise PermissionDenied
return func(request, viewer, key, *args, **kw)
