def test_user_query_views(self): request = Mock() if django.VERSION < (1, 10): request.user.is_anonymous = Mock(return_value=True) else: request.user.is_anonymous = True kwargs = {} self.assertFalse(user_can_see_query(request, **kwargs)) if django.VERSION < (1, 10): request.user.is_anonymous = Mock(return_value=True) else: request.user.is_anonymous = True self.assertFalse(user_can_see_query(request, **kwargs)) kwargs = {'query_id': 123} if django.VERSION < (1, 10): request.user.is_anonymous = Mock(return_value=False) else: request.user.is_anonymous = False self.assertFalse(user_can_see_query(request, **kwargs)) request.user.id = 99 with self.settings(EXPLORER_USER_QUERY_VIEWS={99: [111, 123]}): self.assertTrue(user_can_see_query(request, **kwargs))
def wrap(request, *args, **kwargs): if not app_settings.EXPLORER_PERMISSION_VIEW(request.user)\ and not user_can_see_query(request, kwargs)\ and not (app_settings.EXPLORER_TOKEN_AUTH_ENABLED() and request.META.get('HTTP_X_API_TOKEN') == app_settings.EXPLORER_TOKEN): return safe_admin_login_prompt(request) return f(request, *args, **kwargs)
def view_permission(request, **kwargs): return app_settings.EXPLORER_PERMISSION_VIEW(request.user)\ or user_can_see_query(request, **kwargs)\ or (app_settings.EXPLORER_TOKEN_AUTH_ENABLED() and (request.META.get('HTTP_X_API_TOKEN') == app_settings.EXPLORER_TOKEN or request.GET.get('token') == app_settings.EXPLORER_TOKEN))
def test_user_query_views(self): request = Mock() request.user.is_anonymous = True kwargs = {} self.assertFalse(user_can_see_query(request, **kwargs)) request.user.is_anonymous = True self.assertFalse(user_can_see_query(request, **kwargs)) kwargs = {'query_id': 123} request.user.is_anonymous = False self.assertFalse(user_can_see_query(request, **kwargs)) request.user.id = 99 with self.settings(EXPLORER_USER_QUERY_VIEWS={99: [111, 123]}): self.assertTrue(user_can_see_query(request, **kwargs))