0001-api-restrict-API-to-authenticated-admin-users-fixes-.patch
tests/conftest.py | ||
---|---|---|
277 | 277 | |
278 | 278 | |
279 | 279 |
@pytest.fixture |
280 |
def app(request): |
|
280 |
def app(request, admin):
|
|
281 | 281 |
wtm = django_webtest.WebTestMixin() |
282 | 282 |
wtm._patch_settings() |
283 | 283 |
request.addfinalizer(wtm._unpatch_settings) |
284 |
return django_webtest.DjangoTestApp(extra_environ={'HTTP_HOST': 'localhost'}) |
|
284 |
app = django_webtest.DjangoTestApp(extra_environ={'HTTP_HOST': 'localhost'}) |
|
285 |
app.authorization = ('Basic', ('admin', 'admin')) |
|
286 |
return app |
|
285 | 287 | |
286 | 288 | |
287 | 289 |
@pytest.fixture |
zoo/settings.py | ||
---|---|---|
187 | 187 |
# Rest Framework |
188 | 188 |
REST_FRAMEWORK = { |
189 | 189 |
# 'EXCEPTION_HANDLER': 'zoo.utils.rest_exception_handler', |
190 |
'DEFAULT_AUTHENTICATION_CLASSES': (), |
|
191 |
'DEFAULT_PERMISSION_CLASSES': (), |
|
190 |
'DEFAULT_AUTHENTICATION_CLASSES': ( |
|
191 |
'rest_framework.authentication.BasicAuthentication', |
|
192 |
'rest_framework.authentication.SessionAuthentication', |
|
193 |
), |
|
194 |
'DEFAULT_PERMISSION_CLASSES': ('rest_framework.permissions.IsAdminUser',), |
|
192 | 195 |
} |
193 | 196 | |
194 | 197 |
ZOO_NANTERRE_APPLICATIONS = { |
zoo/zoo_nanterre/api_views.py | ||
---|---|---|
1464 | 1464 | |
1465 | 1465 | |
1466 | 1466 |
class Federation(IndividuViewMixin, APIView): |
1467 |
permission_classes = () |
|
1468 | ||
1467 | 1469 |
def get(self, request, identifier, application, format=None): |
1468 | 1470 |
app_dfn = utils.get_application(application) |
1469 | 1471 |
if not app_dfn: |
1470 |
- |