0001-api-restrict-API-to-authenticated-admin-users-fixes-.patch
| tests/conftest.py | ||
|---|---|---|
| 277 | 277 | |
| 278 | 278 | |
| 279 | 279 |
@pytest.fixture |
| 280 |
def app(request): |
|
| 280 |
def app(request, admin):
|
|
| 281 | 281 |
wtm = django_webtest.WebTestMixin() |
| 282 | 282 |
wtm._patch_settings() |
| 283 | 283 |
request.addfinalizer(wtm._unpatch_settings) |
| 284 |
return django_webtest.DjangoTestApp(extra_environ={'HTTP_HOST': 'localhost'})
|
|
| 284 |
app = django_webtest.DjangoTestApp(extra_environ={'HTTP_HOST': 'localhost'})
|
|
| 285 |
app.authorization = ('Basic', ('admin', 'admin'))
|
|
| 286 |
return app |
|
| 285 | 287 | |
| 286 | 288 | |
| 287 | 289 |
@pytest.fixture |
| zoo/settings.py | ||
|---|---|---|
| 187 | 187 |
# Rest Framework |
| 188 | 188 |
REST_FRAMEWORK = {
|
| 189 | 189 |
# 'EXCEPTION_HANDLER': 'zoo.utils.rest_exception_handler', |
| 190 |
'DEFAULT_AUTHENTICATION_CLASSES': (), |
|
| 191 |
'DEFAULT_PERMISSION_CLASSES': (), |
|
| 190 |
'DEFAULT_AUTHENTICATION_CLASSES': ( |
|
| 191 |
'rest_framework.authentication.BasicAuthentication', |
|
| 192 |
'rest_framework.authentication.SessionAuthentication', |
|
| 193 |
), |
|
| 194 |
'DEFAULT_PERMISSION_CLASSES': ('rest_framework.permissions.IsAdminUser',),
|
|
| 192 | 195 |
} |
| 193 | 196 | |
| 194 | 197 |
ZOO_NANTERRE_APPLICATIONS = {
|
| zoo/zoo_nanterre/api_views.py | ||
|---|---|---|
| 1464 | 1464 | |
| 1465 | 1465 | |
| 1466 | 1466 |
class Federation(IndividuViewMixin, APIView): |
| 1467 |
permission_classes = () |
|
| 1468 | ||
| 1467 | 1469 |
def get(self, request, identifier, application, format=None): |
| 1468 | 1470 |
app_dfn = utils.get_application(application) |
| 1469 | 1471 |
if not app_dfn: |
| 1470 |
- |
|