def test_apply_request_privacy_valid(self, mock_validate):
wrapper = wrappers.apply_request_privacy(Mock(__name__="Foo"), {"zoo": 1})
try:
wrapper(request=4)
except Exception:
raise Exception("Unexpected error")
mock_validate.assert_called_once_with(4, {"zoo": 1, "_type": "Foo"}, wrapper_kw={"drop_hidden": False})
def test_apply_request_privacy_invalid(self, mock_validate):
mock_validate.side_effect = wrappers.ValidationError("boo")
wrapper = wrappers.apply_request_privacy(Mock(__name__="Foo"), {"zoo": 1})
with pytest.raises(JHTTPForbidden) as ex:
wrapper(request=4)
expected = "Not enough permissions to update fields: boo"
assert str(ex.value) == expected
mock_validate.assert_called_once_with(4, {"zoo": 1, "_type": "Foo"}, wrapper_kw={"drop_hidden": False})
def setup_default_wrappers(self):
""" Setup defaulf wrappers.
Wrappers are applied when view method does not return instance
of Response. In this case nefertari renderers call wrappers and
handle response generation.
Note: It's important for `add_etag` wrapper be applied before
`apply_privacy` as later may remove response data that
is used to generate etag
"""
# Index
self._after_calls['index'] = [
wrappers.wrap_in_dict(self.request),
wrappers.add_meta(self.request),
wrappers.add_object_url(self.request),
wrappers.add_etag(self.request),
]
# Show
self._after_calls['show'] = [
wrappers.wrap_in_dict(self.request),
wrappers.add_meta(self.request),
wrappers.add_object_url(self.request),
]
# Create
self._after_calls['create'] = [
wrappers.wrap_in_dict(self.request),
wrappers.add_meta(self.request),
wrappers.add_object_url(self.request),
]
# Update
self._after_calls['update'] = [
wrappers.wrap_in_dict(self.request),
wrappers.add_meta(self.request),
wrappers.add_object_url(self.request),
]
# Replace
self._after_calls['replace'] = [
wrappers.wrap_in_dict(self.request),
wrappers.add_meta(self.request),
wrappers.add_object_url(self.request),
]
# Privacy wrappers
if self._auth_enabled:
for meth in ('index', 'show', 'create', 'update', 'replace'):
self._after_calls[meth] += [
wrappers.apply_privacy(self.request),
]
for meth in ('update', 'replace', 'update_many'):
self._before_calls[meth] += [
wrappers.apply_request_privacy(self.Model,
self._json_params),
]
def setup_default_wrappers(self):
""" Setup defaulf wrappers.
Wrappers are applied when view method does not return instance
of Response. In this case nefertari renderers call wrappers and
handle response generation.
Note: It's important for `add_etag` wrapper be applied before
`apply_privacy` as later may remove response data that
is used to generate etag
"""
# Index
self._after_calls['index'] = [
wrappers.wrap_in_dict(self.request),
wrappers.add_meta(self.request),
wrappers.add_object_url(self.request),
wrappers.add_etag(self.request),
]
# Show
self._after_calls['show'] = [
wrappers.wrap_in_dict(self.request),
wrappers.add_meta(self.request),
wrappers.add_object_url(self.request),
]
# Create
self._after_calls['create'] = [
wrappers.wrap_in_dict(self.request),
wrappers.add_meta(self.request),
wrappers.add_object_url(self.request),
]
# Update
self._after_calls['update'] = [
wrappers.wrap_in_dict(self.request),
wrappers.add_meta(self.request),
wrappers.add_object_url(self.request),
]
# Replace
self._after_calls['replace'] = [
wrappers.wrap_in_dict(self.request),
wrappers.add_meta(self.request),
wrappers.add_object_url(self.request),
]
# Privacy wrappers
if self._auth_enabled:
for meth in ('index', 'show', 'create', 'update', 'replace'):
self._after_calls[meth] += [
wrappers.apply_privacy(self.request),
]
for meth in ('update', 'replace', 'update_many'):
self._before_calls[meth] += [
wrappers.apply_request_privacy(
self.Model, self._json_params),
]
def test_apply_request_privacy_valid(self, mock_validate):
wrapper = wrappers.apply_request_privacy(
Mock(__name__='Foo'), {'zoo': 1})
try:
wrapper(request=4)
except Exception:
raise Exception('Unexpected error')
mock_validate.assert_called_once_with(
4, {'zoo': 1, '_type': 'Foo'},
wrapper_kw={'drop_hidden': False})
def test_apply_request_privacy_invalid(self, mock_validate):
mock_validate.side_effect = wrappers.ValidationError('boo')
wrapper = wrappers.apply_request_privacy(
Mock(__name__='Foo'), {'zoo': 1})
with pytest.raises(JHTTPForbidden) as ex:
wrapper(request=4)
expected = 'Not enough permissions to update fields: boo'
assert str(ex.value) == expected
mock_validate.assert_called_once_with(
4, {'zoo': 1, '_type': 'Foo'},
wrapper_kw={'drop_hidden': False})
