def test_su(self):
"""
CSRF protection does not check `GET` requests so we need to be sure
that this request results in an HTTP 405 (method not allowed) status
code.
"""
user = self.new_user()
request_url = reverse('webgateway_su', args=[user.omeName.val])
_csrf_get_response(self.django_root_client, request_url, {})
_post_response(self.django_root_client, request_url, {})
_csrf_post_response(self.django_root_client, request_url, {})
def test_edit_channel_names(self):
"""
CSRF protection does not check `GET` requests so we need to be sure
that this request results in an HTTP 405 (method not allowed) status
code.
"""
img = self.image_with_channels()
query_string = data = {'channel0': 'foobar'}
request_url = reverse('edit_channel_names', args=[img.id.val])
_csrf_get_response(self.django_client,
request_url,
query_string,
status_code=405)
_csrf_post_response(self.django_client, request_url, data)
def test_su(self):
"""
CSRF protection does not check `GET` requests so we need to be sure
that this request results in an HTTP 405 (method not allowed) status
code.
"""
user = self.new_user()
request_url = reverse('webgateway_su', args=[user.omeName.val])
_csrf_get_response(self.django_root_client, request_url, {})
_post_response(self.django_root_client, request_url, {})
_csrf_post_response(self.django_root_client, request_url, {})
def test_edit_channel_names(self):
"""
CSRF protection does not check `GET` requests so we need to be sure
that this request results in an HTTP 405 (method not allowed) status
code.
"""
img = self.image_with_channels()
query_string = data = {'channel0': 'foobar'}
request_url = reverse(
'edit_channel_names', args=[img.id.val]
)
_csrf_get_response(self.django_client, request_url, query_string,
status_code=405)
_csrf_post_response(self.django_client, request_url, data)
def test_ome_tiff_script(self):
"""
CSRF protection does not check `GET` requests so we need to be sure
that this request results in an HTTP 405 (method not allowed) status
code.
"""
img = self.createTestImage(session=self.sf)
request_url = reverse('ome_tiff_script', args=[img.id.val])
_post_response(self.django_client, request_url, {})
_csrf_post_response(self.django_client, request_url, {})
_csrf_get_response(self.django_client, request_url, {},
status_code=405)
def test_ome_tiff_script(self):
"""
CSRF protection does not check `GET` requests so we need to be sure
that this request results in an HTTP 405 (method not allowed) status
code.
"""
img = self.createTestImage(session=self.sf)
request_url = reverse('ome_tiff_script', args=[img.id.val])
_post_response(self.django_client, request_url, {})
_csrf_post_response(self.django_client, request_url, {})
_csrf_get_response(self.django_client,
request_url, {},
status_code=405)
def test_reset_rendering_settings(self):
"""
CSRF protection does not check `GET` requests so we need to be sure
that this request results in an HTTP 405 (method not allowed) status
code.
"""
img = self.createTestImage(session=self.sf)
# Reset through webclient as it is calling directly
# webgateway.reset_image_rdef_json
request_url = reverse('reset_rdef_json')
data = {'toids': img.id.val, 'to_type': 'image'}
_post_response(self.django_client, request_url, data)
_csrf_post_response(self.django_client, request_url, data)
_get_response(self.django_client, request_url, data)
_csrf_get_response(self.django_client,
request_url,
data,
status_code=405)
def test_reset_rendering_settings(self):
"""
CSRF protection does not check `GET` requests so we need to be sure
that this request results in an HTTP 405 (method not allowed) status
code.
"""
img = self.createTestImage(session=self.sf)
# Reset through webclient as it is calling directly
# webgateway.reset_image_rdef_json
request_url = reverse('reset_rdef_json')
data = {
'toids': img.id.val,
'to_type': 'image'
}
_post_response(self.django_client, request_url, data)
_csrf_post_response(self.django_client, request_url, data)
_get_response(self.django_client, request_url, data)
_csrf_get_response(self.django_client, request_url, data,
status_code=405)
def test_copy_past_rendering_settings(self):
"""
CSRF protection does not check `GET` requests so we need to be sure
that this request results in an HTTP 405 (method not allowed) status
code.
"""
img = self.createTestImage(session=self.sf)
# put image id into session
session = self.django_client.session
session['fromid'] = img.id.val
session.save()
request_url = reverse('webgateway.views.copy_image_rdef_json')
data = {'toids': img.id.val}
_post_response(self.django_client, request_url, data)
_csrf_post_response(self.django_client, request_url, data)
_csrf_get_response(self.django_client,
request_url,
data,
status_code=405)
def test_copy_past_rendering_settings(self):
"""
CSRF protection does not check `GET` requests so we need to be sure
that this request results in an HTTP 405 (method not allowed) status
code.
"""
img = self.createTestImage(session=self.sf)
# put image id into session
session = self.django_client.session
session['fromid'] = img.id.val
session.save()
request_url = reverse('webgateway.views.copy_image_rdef_json')
data = {
'toids': img.id.val
}
_post_response(self.django_client, request_url, data)
_csrf_post_response(self.django_client, request_url, data)
_csrf_get_response(self.django_client, request_url, data,
status_code=405)
