def test_other_user_with_general_token(self):
other_user = User.objects.create_user('oho', '*****@*****.**',
'nono')
with override_settings(MEDIA_ROOT=self.tempdir, MEDIA_URL='/'):
request = toolbox.add_request('abc', requester=self.user)
toolbox.attach_file(request, ContentFile(b'abc'))
token = toolbox.create_general_token(request)
http_request = self.factory.get('/something')
http_request.user = other_user
# With no verification and no requester required
response = serve_file(http_request,
token,
require_requester=False,
verify_requester=False)
self.assertEqual(response.status_code, 200)
# Now try with simply not requiring the requester
http_request.user = other_user
self.assertRaises(UserIsNotRequester,
serve_file,
http_request,
token,
require_requester=False)
# Now try with requiring the requester but not verifying
http_request.user = other_user
self.assertRaises(SuspiciousToken,
serve_file,
http_request,
token,
verify_requester=False)
def test_invalid_token(self):
with override_settings(MEDIA_ROOT=self.tempdir, MEDIA_URL='/'):
request = toolbox.add_request('abc', requester=self.user)
toolbox.attach_file(request, ContentFile(b'abc'))
token = toolbox.create_token(request)
http_request = self.factory.get('/something')
http_request.user = self.user
self.assertRaises(SuspiciousToken, serve_file, http_request, token + 'a')
def test_invalid_token(self):
with override_settings(MEDIA_ROOT=self.tempdir, MEDIA_URL='/'):
request = toolbox.add_request('abc', requester=self.user)
toolbox.attach_file(request, ContentFile(b'abc'))
token = toolbox.create_token(request)
http_request = self.factory.get('/something')
http_request.user = self.user
self.assertRaises(SuspiciousToken, serve_file, http_request,
token + 'a')
def test_other_user(self):
other_user = User.objects.create_user('oho', '*****@*****.**', 'nono')
with override_settings(MEDIA_ROOT=self.tempdir, MEDIA_URL='/'):
request = toolbox.add_request('abc', requester=self.user)
toolbox.attach_file(request, ContentFile(b'abc'))
token = toolbox.create_token(request)
http_request = self.factory.get('/something')
http_request.user = other_user
self.assertRaises(UserIsNotRequester, serve_file, http_request, token)
def test_token_expired(self, decode_mock):
decode_mock.side_effect = SignatureExpired
with override_settings(MEDIA_ROOT=self.tempdir, MEDIA_URL='/'):
request = toolbox.add_request('abc', requester=self.user)
toolbox.attach_file(request, ContentFile(b'abc'))
token = toolbox.create_token(request)
http_request = self.factory.get('/something')
http_request.user = self.user
self.assertRaises(SignatureHasExpired, serve_file, http_request, token)
def test(self):
request = toolbox.add_request('abc')
with override_settings(MEDIA_ROOT=self.tempdir, MEDIA_URL=''):
contents = ContentFile('something special')
toolbox.attach_file(request, contents, 'something.txt', 'text/plain')
path = request.filehandle.path
self.assertTrue(os.path.isfile(path))
request.delete()
self.assertFalse(os.path.isfile(path))
def test_token_expired(self, decode_mock):
decode_mock.side_effect = SignatureExpired
with override_settings(MEDIA_ROOT=self.tempdir, MEDIA_URL='/'):
request = toolbox.add_request('abc', requester=self.user)
toolbox.attach_file(request, ContentFile(b'abc'))
token = toolbox.create_token(request)
http_request = self.factory.get('/something')
http_request.user = self.user
self.assertRaises(SignatureHasExpired, serve_file, http_request,
token)
def test_other_user_with_no_verification(self):
other_user = User.objects.create_user('oho', '*****@*****.**', 'nono')
with override_settings(MEDIA_ROOT=self.tempdir, MEDIA_URL='/'):
request = toolbox.add_request('abc', requester=self.user)
toolbox.attach_file(request, ContentFile(b'abc'))
token = toolbox.create_token(request)
http_request = self.factory.get('/something')
http_request.user = other_user
response = serve_file(http_request, token, verify_requester=False)
self.assertEqual(response.status_code, 200)
def test(self):
request = toolbox.add_request('abc')
with override_settings(MEDIA_ROOT=self.tempdir, MEDIA_URL=''):
contents = ContentFile('something special')
toolbox.attach_file(request, contents, 'something.txt',
'text/plain')
path = request.filehandle.path
self.assertTrue(os.path.isfile(path))
request.delete()
self.assertFalse(os.path.isfile(path))
def test_other_user_with_no_verification(self):
other_user = User.objects.create_user('oho', '*****@*****.**',
'nono')
with override_settings(MEDIA_ROOT=self.tempdir, MEDIA_URL='/'):
request = toolbox.add_request('abc', requester=self.user)
toolbox.attach_file(request, ContentFile(b'abc'))
token = toolbox.create_token(request)
http_request = self.factory.get('/something')
http_request.user = other_user
response = serve_file(http_request, token, verify_requester=False)
self.assertEqual(response.status_code, 200)
def test_other_user(self):
other_user = User.objects.create_user('oho', '*****@*****.**',
'nono')
with override_settings(MEDIA_ROOT=self.tempdir, MEDIA_URL='/'):
request = toolbox.add_request('abc', requester=self.user)
toolbox.attach_file(request, ContentFile(b'abc'))
token = toolbox.create_token(request)
http_request = self.factory.get('/something')
http_request.user = other_user
self.assertRaises(UserIsNotRequester, serve_file, http_request,
token)
def test_other_user_with_general_token(self):
other_user = User.objects.create_user('oho', '*****@*****.**', 'nono')
with override_settings(MEDIA_ROOT=self.tempdir, MEDIA_URL='/'):
request = toolbox.add_request('abc', requester=self.user)
toolbox.attach_file(request, ContentFile(b'abc'))
token = toolbox.create_general_token(request)
http_request = self.factory.get('/something')
http_request.user = other_user
# With no verification and no requester required
response = serve_file(http_request, token, require_requester=False, verify_requester=False)
self.assertEqual(response.status_code, 200)
# Now try with simply not requiring the requester
http_request.user = other_user
self.assertRaises(UserIsNotRequester, serve_file, http_request, token, require_requester=False)
# Now try with requiring the requester but not verifying
http_request.user = other_user
self.assertRaises(SuspiciousToken, serve_file, http_request, token, verify_requester=False)
def test(self):
request = toolbox.add_request('abc')
with override_settings(MEDIA_ROOT=self.tempdir, MEDIA_URL=''):
contents = ContentFile('something special')
toolbox.attach_file(request, contents, 'something.txt')
response = toolbox.serve(request)
self.assertEqual(response['Content-Type'], 'application/octet-stream')
self.assertEqual(response['Content-Disposition'], 'attachment; filename="something.txt"')
self.assertEqual(response.content, b'something special')
response = toolbox.serve(request, default_content_type='text/plain')
self.assertEqual(response['Content-Type'], 'text/plain')
self.assertEqual(response.content, b'something special')
self.assertEqual(response['Content-Disposition'], 'attachment; filename="something.txt"')
request.filename = ''
request.save()
response = toolbox.serve(request, default_content_type='text/plain')
self.assertEqual(response['Content-Type'], 'text/plain')
self.assertEqual(response.content, b'something special')
self.assertFalse(response.get('Content-Disposition'))
def test(self):
request = toolbox.add_request('abc')
with override_settings(MEDIA_ROOT=self.tempdir, MEDIA_URL=''):
contents = ContentFile('something special')
toolbox.attach_file(request, contents, 'something.txt')
response = toolbox.serve(request)
self.assertEqual(response['Content-Type'],
'application/octet-stream')
self.assertEqual(response['Content-Disposition'],
'attachment; filename="something.txt"')
self.assertEqual(response.content, b'something special')
response = toolbox.serve(request,
default_content_type='text/plain')
self.assertEqual(response['Content-Type'], 'text/plain')
self.assertEqual(response.content, b'something special')
self.assertEqual(response['Content-Disposition'],
'attachment; filename="something.txt"')
request.filename = ''
request.save()
response = toolbox.serve(request,
default_content_type='text/plain')
self.assertEqual(response['Content-Type'], 'text/plain')
self.assertEqual(response.content, b'something special')
self.assertFalse(response.get('Content-Disposition'))
