예제 #1
0
    def options(self):
        user = session.get('auth_user', {})
        option = {
            'POST': Auth.has_permission(user, 'add_document'),
            'PUT': Auth.has_permission(user, 'add_document,modify_document'),
            'DELETE': Auth.has_permission(user, 'delete_document')
        }

        if request.args.get('method'):
            if not option.get(request.args.get('method')):
                option['notify_msg'] = {
                    'title': 'No Permission',
                    'message':
                    'You do not have permission to perform that action',
                    'type': 'error'
                }

            return Response(
                response=json.dumps(option),
                status=403
                if not option.get(request.args.get('method')) else 200,
                content_type='application/json')

        return Response(response=json.dumps(option),
                        content_type='application/json',
                        status=200)
예제 #2
0
def post_login():

    user = Auth.get_by_login(request.form.get('email'),
                             request.form.get('password'))
    if user:
        Auth.create_session(user)
        return redirect(request.args.get('next_page', '/'))

    return get_login(error={'message': 'Invalid email and/or password'})
예제 #3
0
파일: main.py 프로젝트: pmcilwaine/hermes
def post_login():

    user = Auth.get_by_login(request.form.get('email'), request.form.get('password'))
    if user:
        Auth.create_session(user)
        return redirect(request.args.get('next_page', '/'))

    return get_login(error={
        'message': 'Invalid email and/or password'
    })
예제 #4
0
    def options(self):
        user = session.get('auth_user', {})
        option = {
            'POST': Auth.has_permission(user, 'upload_archive_document'),
        }

        if request.args.get('method'):
            if not option.get(request.args.get('method')):
                option['notify_msg'] = {
                    'title': 'No Permission',
                    'message': 'You do not have permission to perform that action',
                    'type': 'error'
                }

            return Response(
                response=json.dumps(option),
                status=403 if not option.get(request.args.get('method')) else 200,
                content_type='application/json')

        return Response(response=json.dumps(option), content_type='application/json', status=200)
예제 #5
0
def test_missing_single_permission_from_set(user_mock):
    assert Auth.has_permission(user_mock, ['add', 'modify', 'delete', 'restore']) is False
예제 #6
0
def test_has_multiple_permissions_subset(user_mock):
    assert Auth.has_permission(user_mock, ['add', 'modify']) is True
예제 #7
0
def test_missing_permission(user_mock):
    assert Auth.has_permission(user_mock, ['restore']) is False
예제 #8
0
def test_has_single_permission(user_mock):
    assert Auth.has_permission(user_mock, 'add') is True
예제 #9
0
def test_has_multiple_permissions(user_mock):
    assert Auth.has_permission(user_mock, ['add', 'modify', 'delete']) is True
예제 #10
0
def test_has_multiple_permissions(user_mock):
    assert Auth.has_permission(user_mock, ['add', 'modify', 'delete']) is True
예제 #11
0
def logout():
    if Auth.delete_session():
        return redirect('/')

    return Response(status=400)
예제 #12
0
def test_delete_session(session_mock):
    session_mock.__contains__.return_value = True
    assert Auth.delete_session() is True
    session_mock.pop.assert_called_with('auth_user')
예제 #13
0
def test_has_single_permission(user_mock):
    assert Auth.has_permission(user_mock, 'add') is True
예제 #14
0
def test_has_multiple_permissions_subset(user_mock):
    assert Auth.has_permission(user_mock, ['add', 'modify']) is True
예제 #15
0
def test_delete_session_no_session(session_mock):
    session_mock.__contains__.return_value = False
    assert Auth.delete_session() is False
예제 #16
0
def test_delete_session(session_mock):
    session_mock.__contains__.return_value = True
    assert Auth.delete_session() is True
    session_mock.pop.assert_called_with('auth_user')
예제 #17
0
def test_missing_single_permission_from_set(user_mock):
    assert Auth.has_permission(user_mock,
                               ['add', 'modify', 'delete', 'restore']) is False
예제 #18
0
def test_missing_permission(user_mock):
    assert Auth.has_permission(user_mock, ['restore']) is False
예제 #19
0
def test_delete_session_no_session(session_mock):
    session_mock.__contains__.return_value = False
    assert Auth.delete_session() is False
예제 #20
0
파일: main.py 프로젝트: pmcilwaine/hermes
def logout():
    if Auth.delete_session():
        return redirect('/')

    return Response(status=400)