class Meta:
queryset = User.objects.all()
allowed_methods = ['get']
authentication = MultiAuthentication(BasicAuthentication(),
ApiKeyAuthentication())
authorization = Authorization()
fields = ['id', 'username', 'first_name', 'last_name', 'email']
class Meta:
authorization = Authorization()
authentication = MultiAuthentication(BasicAuthentication(),
SessionAuthentication())
allowed_methods = ['get']
resource_name = 'cypher'
object_class = object
class Meta:
queryset = Device.objects.all().distinct().order_by('-created_date')
resource_name = 'devices'
authentication = BasicAuthentication()
authorization = DjangoAuthorization()
include_resource_uri = False
allowed_methods = ['get', 'post', 'put']
class Meta:
queryset = User.objects.all()
resource_name = 'users'
allowed_methods = ['get', 'post', 'delete', 'put', 'options']
authorization = Authorization()
authentication = MultiAuthentication(
ApiKeyAuthentication(),
BasicAuthentication(),
)
collection_name = 'users'
detail_uri_name = 'username'
fields = (
'username',
'id',
'full_name',
'first_name',
'last_name',
'third_name',
'position',
'avatar',
'is_staff',
'email',
)
filtering = {
'id': (
'exact',
'ne',
),
}
class Meta:
queryset = User.objects.all()
fields = ["first_name", "last_name", "username",]
allowed_method = ['get']
resource_name = 'login'
authorization = DjangoAuthorization()
authentication = BasicAuthentication()
class Meta:
queryset = Medico.objects.all()
resource_name = 'medico'
autentication = BasicAuthentication()
authorization = DjangoAuthorization()
fields = ['cedula', 'nombre']
class Meta:
queryset = Storage.objects.all()
resource_name = 'storage'
allowed_methods = ['get']
authentication = BasicAuthentication()
detail_uri_name = 'name'
collection_name = 'results'
class Meta:
queryset = Transaction.objects.all()
resource_name = 'transaction'
allowed_methods = ['get', 'post']
authentication = BasicAuthentication()
authorization = DjangoAuthorization()
always_return_data = True
class Meta:
queryset = Profile.objects.all()
resource_name = 'user'
excludes = ['email', 'password', 'is_superuser']
# Add it here.
authentication = BasicAuthentication()
authorization = DjangoAuthorization()
class Meta:
list_allowed_methods = ['get']
queryset = User.objects.all()
resource_name = 'user'
authentication = BasicAuthentication()
authorization = DjangoAuthorization()
always_return_data = True
class Meta:
queryset = Node.objects.all()
resource_name = 'node'
allowed_methods = ['get']
authentication = BasicAuthentication()
authorization = DjangoAuthorization()
always_return_data = True
class Meta:
queryset = Architecture.objects.all()
resource_name = 'architecture'
authentication = MultiAuthentication(
BasicAuthentication(), ApiKeyAuthenticationWithHeaderSupport())
authorization = DjangoAuthorizationWithObjLevelPermissions()
serializer = PrettyJSONSerializer()
def resource_meta(model,
name=None,
queryset=None,
authentication=None,
authorization=None):
'''Shortcut for building Meta classes for ModelResources'''
if not name:
name = model.__name__.lower()
if not queryset:
queryset = model.objects.all()
if not authentication:
authentication = MultiAuthentication(SessionAuthentication(),
BasicAuthentication())
if not authorization:
authorization = DjangoAuthorization()
obj = {
'queryset': queryset,
'resource_name': name,
'authentication': authentication,
'authorization': authorization
}
return type('Meta', tuple(), obj)
class Meta:
queryset = ApiKey.objects.all()
allowed_methods = ['get', 'post', 'delete']
always_return_data = True
authentication = BasicAuthentication(realm="Open Sound Stream: ApiKeyResource")
authorization = UserObjectsOnlyAuthorization()
excludes = ['key', 'shown']
class Meta:
queryset = VersionedApp.objects.all()
resource_name = 'versioned_app'
filtering = {'name': ALL}
authentication = MultiAuthentication(BasicAuthentication(),
ApiKeyAuthentication())
authorization = DjangoAuthorization()
class Meta:
queryset = Category.objects.all()
authorization = DjangoAuthorization()
authentication = BasicAuthentication()
allowed_methods = ['get', 'post', 'put', 'delete']
detail_allowed_methods = ['get', 'post', 'put', 'delete']
filtering = {'id': ALL, 'username': ALL_WITH_RELATIONS}
class Meta:
object_class = Member
queryset = Member.objects.all()
resource_name = 'members'
allowed_methods = ['get', 'post', 'put', 'delete']
excludes = ['member_photo']
authentication = BasicAuthentication()
class Meta:
queryset = Project.objects.all()
resource_name = 'projects'
list_allowed_methods = ['get', 'post']
detail_allowed_methods = ['get', 'put', 'delete', 'patch']
authorization = DjangoAuthorization()
authentication = BasicAuthentication()
class Meta:
resource_name = 'project'
default_format = 'application/json'
queryset = Project.objects.all()
authentication = BasicAuthentication()
authorization = GuardianAuthorization()
abstract = True
class Meta:
queryset = EmailSubscriber.objects.all()
filtering = {
'email': ALL,
'event': ALL_WITH_RELATIONS,
}
authentication = BasicAuthentication()
class Meta:
queryset = User.objects.all()
resource_name = "user"
excludes = ["email", "password", "is_active", "is_staff", "is_superuser"]
allowed_methods = ["get"]
authorization = DjangoAuthorization()
authentication = BasicAuthentication()
class Meta:
queryset = User.objects.all()
resource_name = 'user'
excludes = ['email', 'password', 'is_active', 'is_staff', 'is_superuser']
allowed_methods = ['get', ]
authentication = BasicAuthentication()
authorization = DjangoAuthorization()
class Meta:
queryset = Book.objects.all()
resource_name = 'book'
filtering = {'title': ALL}
authentication = BasicAuthentication()
authorization = DjangoAuthorization()
always_return_data = True
class Meta:
resource_name = 'cdr'
authorization = Authorization()
authentication = BasicAuthentication()
allowed_methods = ['post']
throttle = BaseThrottle(throttle_at=1000,
timeframe=3600) # default 1000 calls / hour
def test_apikey_and_basic_auth(self):
auth = MultiAuthentication(BasicAuthentication(),
ApiKeyAuthentication())
request = HttpRequest()
john_doe = User.objects.get(username='******')
# No API Key or HTTP Basic auth details should fail.
self.assertEqual(
isinstance(auth.is_authenticated(request), HttpUnauthorized), True)
# Basic Auth still returns appropriately.
self.assertEqual(
auth.is_authenticated(request)['WWW-Authenticate'],
'Basic Realm="django-tastypie"')
# API Key Auth works.
request = HttpRequest()
request.GET['username'] = '******'
request.GET['api_key'] = john_doe.api_key.key
self.assertEqual(auth.is_authenticated(request), True)
self.assertEqual(auth.get_identifier(request), 'johndoe')
# Basic Auth works.
request = HttpRequest()
john_doe = User.objects.get(username='******')
john_doe.set_password('pass')
john_doe.save()
request.META['HTTP_AUTHORIZATION'] = 'Basic %s' % base64.b64encode(
'johndoe:pass'.encode('utf-8')).decode('utf-8')
self.assertEqual(auth.is_authenticated(request), True)
class Meta:
include_resource_uri = False
authentication = MultiAuthentication(SessionAuthentication(),
BasicAuthentication())
list_allowed_methods = ['get']
detail_allowed_methods = []
resource_name = 'data/balance'
def test_is_authenticated(self):
auth = BasicAuthentication()
request = HttpRequest()
# No HTTP Basic auth details should fail.
self.assertEqual(
isinstance(auth.is_authenticated(request), HttpUnauthorized), True)
# HttpUnauthorized with auth type and realm
self.assertEqual(
auth.is_authenticated(request)['WWW-Authenticate'],
'Basic Realm="django-tastypie"')
# Wrong basic auth details.
request.META['HTTP_AUTHORIZATION'] = 'abcdefg'
self.assertEqual(
isinstance(auth.is_authenticated(request), HttpUnauthorized), True)
# No password.
request.META['HTTP_AUTHORIZATION'] = base64.b64encode('daniel')
self.assertEqual(
isinstance(auth.is_authenticated(request), HttpUnauthorized), True)
# Wrong user/password.
request.META['HTTP_AUTHORIZATION'] = base64.b64encode('daniel:pass')
self.assertEqual(
isinstance(auth.is_authenticated(request), HttpUnauthorized), True)
# Correct user/password.
john_doe = User.objects.get(username='******')
john_doe.set_password('pass')
john_doe.save()
request.META['HTTP_AUTHORIZATION'] = 'Basic %s' % base64.b64encode(
'johndoe:pass')
self.assertEqual(auth.is_authenticated(request), True)
class Meta:
queryset = Luggage.objects.all()
allowed_methods = ['get', 'post']
authentication = MultiAuthentication(BasicAuthentication(),
ApiKeyAuthentication())
authorization = Authorization()
filtering = {'passenger': ALL}
def test_multiauth_apikey_and_basic_auth__no_details_fails(self):
auth = MultiAuthentication(BasicAuthentication(),
ApiKeyAuthentication())
request = HttpRequest()
self.assertEqual(
isinstance(auth.is_authenticated(request), HttpUnauthorized), True)
class Meta:
queryset = Homepage.objects.all()
resource_name = 'homepage2'
fields = ['id']
authentication = BasicAuthentication()
authorization = DjangoAuthorization()
throttle = CacheThrottle(throttle_at=1)
