def test_custom_permissions(app, testmodelcls): """Test custom permissions.""" class CustomModel(testmodelcls): """Some custom model.""" pass class CustomView(ModelView): """Some custom model.""" @staticmethod def is_accessible(): """Check if accessible.""" return False protected_view = protected_adminview_factory(CustomView) app.extensions['admin'][0].add_view(protected_view(CustomModel, db.session)) with app.test_client() as client: res = client.get('/login/?user=1') assert res.status_code == 200 res = client.get('/admin/') assert res.status_code == 200 res = client.get('/admin/testmodel/') assert res.status_code == 200 res = client.get('/admin/testbase/') assert res.status_code == 200 res = client.get('/admin/custommodel/') assert res.status_code == 403
def app(request): """Flask application fixture.""" instance_path = tempfile.mkdtemp() app = Flask('testapp', instance_path=instance_path) Babel(app) FlaskCLI(app) InvenioDB(app) LoginManager(app) app.admin_app = InvenioAdmin(app) protected_view = protected_adminview_factory(TestModelView) app.admin_app.admin.add_view(protected_view(TestModel, db.session)) app.config.update( TESTING=True, SECRET_KEY="SECRET_KEY", ) with app.app_context(): if not database_exists(str(db.engine.url)): create_database(str(db.engine.url)) db.drop_all() db.create_all() def teardown(): with app.app_context(): drop_database(str(db.engine.url)) shutil.rmtree(instance_path) request.addfinalizer(teardown) return app
def test_custom_permissions(app, testmodelcls): """Test custom permissions.""" class CustomModel(testmodelcls): """Some custom model.""" pass class CustomView(ModelView): """Some custom model.""" @staticmethod def is_accessible(): """Check if accessible.""" return False protected_view = protected_adminview_factory(CustomView) app.extensions['admin'][0].add_view( protected_view(CustomModel, db.session)) with app.test_client() as client: res = client.get('/login/?user=1') assert res.status_code == 200 res = client.get('/admin/') assert res.status_code == 200 res = client.get('/admin/testmodel/') assert res.status_code == 200 res = client.get('/admin/testbase/') assert res.status_code == 200 res = client.get('/admin/custommodel/') assert res.status_code == 403
InvenioI18N(app) InvenioTheme(app) admin_app = InvenioAdmin( app, permission_factory=lambda x: Permission(action_admin_access)) app.register_blueprint(accounts_blueprint) app.register_blueprint(admin_blueprint) @app.route('/') def index(): """Basic test view.""" flash( Markup('Login with username <strong>[email protected]</strong> ' 'and password <strong>123456</strong>.')) return redirect('/admin/') class TestModel(db.Model): """Simple model with just one column.""" id = db.Column(db.Integer, primary_key=True) """Id of the model.""" class TestModelView(ModelView): """ModelView of the TestModel.""" protected_view = protected_adminview_factory(TestModelView) admin_app.admin.add_view(protected_view(TestModel, db.session))
# Create Flask application app = Flask(__name__) Babel(app) admin_app = InvenioAdmin(app) LoginManager(app) FlaskCLI(app) InvenioDB(app) app.config.update( SECRET_KEY="CHANGE_ME", ) class TestModel(db.Model): """Simple model with just one column.""" id = db.Column(db.Integer, primary_key=True) """Id of the model.""" class TestModelView(ModelView): """ModelView of the TestModel.""" pass protected_view = protected_adminview_factory(TestModelView) admin_app.admin.add_view(protected_view(TestModel, db.session)) if __name__ == "__main__": app.run()