class Meta: queryset = User.objects.all() allowed_methods = ['get'] authentication = MultiAuthentication(BasicAuthentication(), ApiKeyAuthentication()) authorization = Authorization() fields = ['id', 'username', 'first_name', 'last_name', 'email']
class Meta: authorization = Authorization() authentication = MultiAuthentication(BasicAuthentication(), SessionAuthentication()) allowed_methods = ['get'] resource_name = 'cypher' object_class = object
class Meta: queryset = Device.objects.all().distinct().order_by('-created_date') resource_name = 'devices' authentication = BasicAuthentication() authorization = DjangoAuthorization() include_resource_uri = False allowed_methods = ['get', 'post', 'put']
class Meta: queryset = User.objects.all() resource_name = 'users' allowed_methods = ['get', 'post', 'delete', 'put', 'options'] authorization = Authorization() authentication = MultiAuthentication( ApiKeyAuthentication(), BasicAuthentication(), ) collection_name = 'users' detail_uri_name = 'username' fields = ( 'username', 'id', 'full_name', 'first_name', 'last_name', 'third_name', 'position', 'avatar', 'is_staff', 'email', ) filtering = { 'id': ( 'exact', 'ne', ), }
class Meta: queryset = User.objects.all() fields = ["first_name", "last_name", "username",] allowed_method = ['get'] resource_name = 'login' authorization = DjangoAuthorization() authentication = BasicAuthentication()
class Meta: queryset = Medico.objects.all() resource_name = 'medico' autentication = BasicAuthentication() authorization = DjangoAuthorization() fields = ['cedula', 'nombre']
class Meta: queryset = Storage.objects.all() resource_name = 'storage' allowed_methods = ['get'] authentication = BasicAuthentication() detail_uri_name = 'name' collection_name = 'results'
class Meta: queryset = Transaction.objects.all() resource_name = 'transaction' allowed_methods = ['get', 'post'] authentication = BasicAuthentication() authorization = DjangoAuthorization() always_return_data = True
class Meta: queryset = Profile.objects.all() resource_name = 'user' excludes = ['email', 'password', 'is_superuser'] # Add it here. authentication = BasicAuthentication() authorization = DjangoAuthorization()
class Meta: list_allowed_methods = ['get'] queryset = User.objects.all() resource_name = 'user' authentication = BasicAuthentication() authorization = DjangoAuthorization() always_return_data = True
class Meta: queryset = Node.objects.all() resource_name = 'node' allowed_methods = ['get'] authentication = BasicAuthentication() authorization = DjangoAuthorization() always_return_data = True
class Meta: queryset = Architecture.objects.all() resource_name = 'architecture' authentication = MultiAuthentication( BasicAuthentication(), ApiKeyAuthenticationWithHeaderSupport()) authorization = DjangoAuthorizationWithObjLevelPermissions() serializer = PrettyJSONSerializer()
def resource_meta(model, name=None, queryset=None, authentication=None, authorization=None): '''Shortcut for building Meta classes for ModelResources''' if not name: name = model.__name__.lower() if not queryset: queryset = model.objects.all() if not authentication: authentication = MultiAuthentication(SessionAuthentication(), BasicAuthentication()) if not authorization: authorization = DjangoAuthorization() obj = { 'queryset': queryset, 'resource_name': name, 'authentication': authentication, 'authorization': authorization } return type('Meta', tuple(), obj)
class Meta: queryset = ApiKey.objects.all() allowed_methods = ['get', 'post', 'delete'] always_return_data = True authentication = BasicAuthentication(realm="Open Sound Stream: ApiKeyResource") authorization = UserObjectsOnlyAuthorization() excludes = ['key', 'shown']
class Meta: queryset = VersionedApp.objects.all() resource_name = 'versioned_app' filtering = {'name': ALL} authentication = MultiAuthentication(BasicAuthentication(), ApiKeyAuthentication()) authorization = DjangoAuthorization()
class Meta: queryset = Category.objects.all() authorization = DjangoAuthorization() authentication = BasicAuthentication() allowed_methods = ['get', 'post', 'put', 'delete'] detail_allowed_methods = ['get', 'post', 'put', 'delete'] filtering = {'id': ALL, 'username': ALL_WITH_RELATIONS}
class Meta: object_class = Member queryset = Member.objects.all() resource_name = 'members' allowed_methods = ['get', 'post', 'put', 'delete'] excludes = ['member_photo'] authentication = BasicAuthentication()
class Meta: queryset = Project.objects.all() resource_name = 'projects' list_allowed_methods = ['get', 'post'] detail_allowed_methods = ['get', 'put', 'delete', 'patch'] authorization = DjangoAuthorization() authentication = BasicAuthentication()
class Meta: resource_name = 'project' default_format = 'application/json' queryset = Project.objects.all() authentication = BasicAuthentication() authorization = GuardianAuthorization() abstract = True
class Meta: queryset = EmailSubscriber.objects.all() filtering = { 'email': ALL, 'event': ALL_WITH_RELATIONS, } authentication = BasicAuthentication()
class Meta: queryset = User.objects.all() resource_name = "user" excludes = ["email", "password", "is_active", "is_staff", "is_superuser"] allowed_methods = ["get"] authorization = DjangoAuthorization() authentication = BasicAuthentication()
class Meta: queryset = User.objects.all() resource_name = 'user' excludes = ['email', 'password', 'is_active', 'is_staff', 'is_superuser'] allowed_methods = ['get', ] authentication = BasicAuthentication() authorization = DjangoAuthorization()
class Meta: queryset = Book.objects.all() resource_name = 'book' filtering = {'title': ALL} authentication = BasicAuthentication() authorization = DjangoAuthorization() always_return_data = True
class Meta: resource_name = 'cdr' authorization = Authorization() authentication = BasicAuthentication() allowed_methods = ['post'] throttle = BaseThrottle(throttle_at=1000, timeframe=3600) # default 1000 calls / hour
def test_apikey_and_basic_auth(self): auth = MultiAuthentication(BasicAuthentication(), ApiKeyAuthentication()) request = HttpRequest() john_doe = User.objects.get(username='******') # No API Key or HTTP Basic auth details should fail. self.assertEqual( isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # Basic Auth still returns appropriately. self.assertEqual( auth.is_authenticated(request)['WWW-Authenticate'], 'Basic Realm="django-tastypie"') # API Key Auth works. request = HttpRequest() request.GET['username'] = '******' request.GET['api_key'] = john_doe.api_key.key self.assertEqual(auth.is_authenticated(request), True) self.assertEqual(auth.get_identifier(request), 'johndoe') # Basic Auth works. request = HttpRequest() john_doe = User.objects.get(username='******') john_doe.set_password('pass') john_doe.save() request.META['HTTP_AUTHORIZATION'] = 'Basic %s' % base64.b64encode( 'johndoe:pass'.encode('utf-8')).decode('utf-8') self.assertEqual(auth.is_authenticated(request), True)
class Meta: include_resource_uri = False authentication = MultiAuthentication(SessionAuthentication(), BasicAuthentication()) list_allowed_methods = ['get'] detail_allowed_methods = [] resource_name = 'data/balance'
def test_is_authenticated(self): auth = BasicAuthentication() request = HttpRequest() # No HTTP Basic auth details should fail. self.assertEqual( isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # HttpUnauthorized with auth type and realm self.assertEqual( auth.is_authenticated(request)['WWW-Authenticate'], 'Basic Realm="django-tastypie"') # Wrong basic auth details. request.META['HTTP_AUTHORIZATION'] = 'abcdefg' self.assertEqual( isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # No password. request.META['HTTP_AUTHORIZATION'] = base64.b64encode('daniel') self.assertEqual( isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # Wrong user/password. request.META['HTTP_AUTHORIZATION'] = base64.b64encode('daniel:pass') self.assertEqual( isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # Correct user/password. john_doe = User.objects.get(username='******') john_doe.set_password('pass') john_doe.save() request.META['HTTP_AUTHORIZATION'] = 'Basic %s' % base64.b64encode( 'johndoe:pass') self.assertEqual(auth.is_authenticated(request), True)
class Meta: queryset = Luggage.objects.all() allowed_methods = ['get', 'post'] authentication = MultiAuthentication(BasicAuthentication(), ApiKeyAuthentication()) authorization = Authorization() filtering = {'passenger': ALL}
def test_multiauth_apikey_and_basic_auth__no_details_fails(self): auth = MultiAuthentication(BasicAuthentication(), ApiKeyAuthentication()) request = HttpRequest() self.assertEqual( isinstance(auth.is_authenticated(request), HttpUnauthorized), True)
class Meta: queryset = Homepage.objects.all() resource_name = 'homepage2' fields = ['id'] authentication = BasicAuthentication() authorization = DjangoAuthorization() throttle = CacheThrottle(throttle_at=1)