def test_overwritten_get():
app = Flask("overwritten")
bouncer = Bouncer(app)
OverwrittenView.register(app)
# Which classy views do you want to lock down, you can pass multiple
bouncer.monitor(OverwrittenView)
@bouncer.authorization_method
def define_authorization(user, abilities):
if user.is_admin:
# self.can_manage(ALL)
abilities.append(MANAGE, ALL)
else:
abilities.append([READ, CREATE], Article)
abilities.append(EDIT, Article, author_id=user.id)
client = app.test_client()
jonathan = User(name='jonathan', admin=True)
nancy = User(name='nancy', admin=False)
# admins should be able to view
with user_set(app, jonathan):
resp = client.get("/overwritten/1234")
eq_(b"Get 1234", resp.data)
# Non admins not be able to do this
with user_set(app, nancy):
resp = client.get("/overwritten/1234")
eq_(resp.status_code, 401)
def test_overwritten_get():
app = Flask("overwritten")
bouncer = Bouncer(app)
OverwrittenView.register(app)
# Which classy views do you want to lock down, you can pass multiple
bouncer.monitor(OverwrittenView)
@bouncer.authorization_method
def define_authorization(user, abilities):
if user.is_admin:
# self.can_manage(ALL)
abilities.append(MANAGE, ALL)
else:
abilities.append([READ, CREATE], Article)
abilities.append(EDIT, Article, author_id=user.id)
client = app.test_client()
jonathan = User(name='jonathan', admin=True)
nancy = User(name='nancy', admin=False)
# admins should be able to view
with user_set(app, jonathan):
resp = client.get("/overwritten/1234")
eq_(b"Get 1234", resp.data)
# Non admins not be able to do this
with user_set(app, nancy):
resp = client.get("/overwritten/1234")
eq_(resp.status_code, 401)
from flask import Flask, url_for
from flask_bouncer import Bouncer, bounce
from test_flask_bouncer.models import Article, User
from test_flask_bouncer.helpers import user_set
from bouncer.constants import *
from .view_classes import ArticleView, OverwrittenView
from nose.tools import *
app = Flask("classy")
bouncer = Bouncer(app)
ArticleView.register(app)
# Which classy views do you want to lock down, you can pass multiple
bouncer.monitor(ArticleView)
@bouncer.authorization_method
def define_authorization(user, abilities):
if user.is_admin:
# self.can_manage(ALL)
abilities.append(MANAGE, ALL)
else:
abilities.append([READ, CREATE], Article)
abilities.append(EDIT, Article, author_id=user.id)
client = app.test_client()
jonathan = User(name='jonathan', admin=True)
nancy = User(name='nancy', admin=False)
from flask import Flask, url_for
from flask_bouncer import Bouncer, bounce
from test_flask_bouncer.models import Article, User
from test_flask_bouncer.helpers import user_set
from bouncer.constants import *
from .view_classes import ArticleView, OverwrittenView
from nose.tools import *
app = Flask("classy")
bouncer = Bouncer(app)
ArticleView.register(app)
# Which classy views do you want to lock down, you can pass multiple
bouncer.monitor(ArticleView)
@bouncer.authorization_method
def define_authorization(user, abilities):
if user.is_admin:
# self.can_manage(ALL)
abilities.append(MANAGE, ALL)
else:
abilities.append([READ, CREATE], Article)
abilities.append(EDIT, Article, author_id=user.id)
client = app.test_client()
jonathan = User(name='jonathan', admin=True)
