def add_credentials(request):
"""Create api credentials for a user for a specific dataset."""
dataset_id = request.POST.get('dataset_id')
if not dataset_id:
return HTTPClientError()
# get the user
try:
user = User.objects.get(id=request.matchdict['user_id'])
except User.DoesNotExist:
return HTTPNotFound()
# get the dataset
try:
dataset = DatasetSchema.objects.get(id=request.POST['dataset_id'])
except DatasetSchema.DoesNotExist:
return HTTPNotFound()
APICredential.generate_credential(
user_id=user.id,
dataset_obj=dataset,
salt=request.registry.settings['auth.salt']
)
return HTTPMovedPermanently(location=request.route_url('edit_permissions',
user_id=request.matchdict['user_id']))
def _generate_credentials(self, user_obj, dataset_obj):
"""
Generate and grant credentials to a specific user.
"""
credential = APICredential.generate_credential(
user_id=user_obj.id,
dataset_obj=self.dataset)
return credential
def test_api_credential_key_generation(self):
"""
Verify we can generate two random unique keys for a user's
access to a dataset.
"""
self._login(self.test_email, self.test_password)
self._create_and_populate_dataset()
credential = APICredential.generate_credential(
user_id=self.test_user.id,
dataset_obj=self.dataset)
self.assertNotEqual(credential.public_key, credential.private_key)
for field in credential:
self.assertTrue(getattr(credential, field))