def test_apply_request_privacy_valid(self, mock_validate): wrapper = wrappers.apply_request_privacy(Mock(__name__="Foo"), {"zoo": 1}) try: wrapper(request=4) except Exception: raise Exception("Unexpected error") mock_validate.assert_called_once_with(4, {"zoo": 1, "_type": "Foo"}, wrapper_kw={"drop_hidden": False})
def test_apply_request_privacy_invalid(self, mock_validate): mock_validate.side_effect = wrappers.ValidationError("boo") wrapper = wrappers.apply_request_privacy(Mock(__name__="Foo"), {"zoo": 1}) with pytest.raises(JHTTPForbidden) as ex: wrapper(request=4) expected = "Not enough permissions to update fields: boo" assert str(ex.value) == expected mock_validate.assert_called_once_with(4, {"zoo": 1, "_type": "Foo"}, wrapper_kw={"drop_hidden": False})
def setup_default_wrappers(self): """ Setup defaulf wrappers. Wrappers are applied when view method does not return instance of Response. In this case nefertari renderers call wrappers and handle response generation. Note: It's important for `add_etag` wrapper be applied before `apply_privacy` as later may remove response data that is used to generate etag """ # Index self._after_calls['index'] = [ wrappers.wrap_in_dict(self.request), wrappers.add_meta(self.request), wrappers.add_object_url(self.request), wrappers.add_etag(self.request), ] # Show self._after_calls['show'] = [ wrappers.wrap_in_dict(self.request), wrappers.add_meta(self.request), wrappers.add_object_url(self.request), ] # Create self._after_calls['create'] = [ wrappers.wrap_in_dict(self.request), wrappers.add_meta(self.request), wrappers.add_object_url(self.request), ] # Update self._after_calls['update'] = [ wrappers.wrap_in_dict(self.request), wrappers.add_meta(self.request), wrappers.add_object_url(self.request), ] # Replace self._after_calls['replace'] = [ wrappers.wrap_in_dict(self.request), wrappers.add_meta(self.request), wrappers.add_object_url(self.request), ] # Privacy wrappers if self._auth_enabled: for meth in ('index', 'show', 'create', 'update', 'replace'): self._after_calls[meth] += [ wrappers.apply_privacy(self.request), ] for meth in ('update', 'replace', 'update_many'): self._before_calls[meth] += [ wrappers.apply_request_privacy(self.Model, self._json_params), ]
def setup_default_wrappers(self): """ Setup defaulf wrappers. Wrappers are applied when view method does not return instance of Response. In this case nefertari renderers call wrappers and handle response generation. Note: It's important for `add_etag` wrapper be applied before `apply_privacy` as later may remove response data that is used to generate etag """ # Index self._after_calls['index'] = [ wrappers.wrap_in_dict(self.request), wrappers.add_meta(self.request), wrappers.add_object_url(self.request), wrappers.add_etag(self.request), ] # Show self._after_calls['show'] = [ wrappers.wrap_in_dict(self.request), wrappers.add_meta(self.request), wrappers.add_object_url(self.request), ] # Create self._after_calls['create'] = [ wrappers.wrap_in_dict(self.request), wrappers.add_meta(self.request), wrappers.add_object_url(self.request), ] # Update self._after_calls['update'] = [ wrappers.wrap_in_dict(self.request), wrappers.add_meta(self.request), wrappers.add_object_url(self.request), ] # Replace self._after_calls['replace'] = [ wrappers.wrap_in_dict(self.request), wrappers.add_meta(self.request), wrappers.add_object_url(self.request), ] # Privacy wrappers if self._auth_enabled: for meth in ('index', 'show', 'create', 'update', 'replace'): self._after_calls[meth] += [ wrappers.apply_privacy(self.request), ] for meth in ('update', 'replace', 'update_many'): self._before_calls[meth] += [ wrappers.apply_request_privacy( self.Model, self._json_params), ]
def test_apply_request_privacy_valid(self, mock_validate): wrapper = wrappers.apply_request_privacy( Mock(__name__='Foo'), {'zoo': 1}) try: wrapper(request=4) except Exception: raise Exception('Unexpected error') mock_validate.assert_called_once_with( 4, {'zoo': 1, '_type': 'Foo'}, wrapper_kw={'drop_hidden': False})
def test_apply_request_privacy_invalid(self, mock_validate): mock_validate.side_effect = wrappers.ValidationError('boo') wrapper = wrappers.apply_request_privacy( Mock(__name__='Foo'), {'zoo': 1}) with pytest.raises(JHTTPForbidden) as ex: wrapper(request=4) expected = 'Not enough permissions to update fields: boo' assert str(ex.value) == expected mock_validate.assert_called_once_with( 4, {'zoo': 1, '_type': 'Foo'}, wrapper_kw={'drop_hidden': False})