0001-admin-suggest-a-random-key-on-api-new-form-49117.patch
| tests/admin_pages/test_api_access.py | ||
|---|---|---|
| 72 | 72 |
assert resp.location == 'http://example.net/backoffice/settings/api-access/' |
| 73 | 73 | |
| 74 | 74 |
# go to the page and add an API access |
| 75 | 75 |
resp = app.get('/backoffice/settings/api-access/')
|
| 76 | 76 |
resp = resp.click('New API access')
|
| 77 | 77 |
resp.form['name'] = 'a new API access' |
| 78 | 78 |
resp.form['description'] = 'description' |
| 79 | 79 |
resp.form['access_identifier'] = 'new_access' |
| 80 |
resp.form['access_key'] = '1234'
|
|
| 80 |
assert len(resp.form['access_key'].value) == 36
|
|
| 81 | 81 |
resp = resp.form.submit('submit')
|
| 82 | 82 |
assert resp.location == 'http://example.net/backoffice/settings/api-access/' |
| 83 | 83 |
resp = resp.follow() |
| 84 | 84 |
assert 'a new API access' in resp.text |
| 85 | 85 |
resp = resp.click('a new API access')
|
| 86 | 86 |
assert 'API access - a new API access' in resp.text |
| 87 | 87 | |
| 88 | 88 |
# check name unicity |
| 89 | 89 |
resp = app.get('/backoffice/settings/api-access/new')
|
| 90 | 90 |
resp.form['name'] = 'a new API access' |
| 91 | 91 |
resp.form['access_identifier'] = 'changed' |
| 92 |
resp.form['access_key'] = '1234' |
|
| 93 | 92 |
resp = resp.form.submit('submit')
|
| 94 | 93 |
assert resp.html.find('div', {'class': 'error'}).text == 'This name is already used.'
|
| 95 | 94 | |
| 96 | 95 |
# check access_identifier unicity |
| 97 | 96 |
resp.form['name'] = 'new one' |
| 98 | 97 |
resp.form['access_identifier'] = 'new_access' |
| 99 | 98 |
resp = resp.form.submit('submit')
|
| 100 | 99 |
assert resp.html.find('div', {'class': 'error'}).text == 'This value is already used.'
|
| ... | ... | |
| 135 | 134 |
assert api_access.description == 'bla bla bla' |
| 136 | 135 |
assert api_access.access_identifier == 'smith2' |
| 137 | 136 |
assert api_access.access_key == '5678' |
| 138 | 137 | |
| 139 | 138 |
# check name unicity |
| 140 | 139 |
resp = app.get('/backoffice/settings/api-access/new')
|
| 141 | 140 |
resp.form['name'] = 'Jhon' |
| 142 | 141 |
resp.form['access_identifier'] = 'jhon' |
| 143 |
resp.form['access_key'] = '1234' |
|
| 144 | 142 |
resp = resp.form.submit('submit')
|
| 145 | 143 |
resp = app.get('/backoffice/settings/api-access/1/')
|
| 146 | 144 |
resp = resp.click(href='edit') |
| 147 | 145 |
resp.form['name'] = 'Jhon' |
| 148 | 146 |
resp = resp.form.submit('submit')
|
| 149 | 147 |
assert resp.html.find('div', {'class': 'error'}).text == 'This name is already used.'
|
| 150 | 148 | |
| 151 | 149 | |
| wcs/admin/api_access.py | ||
|---|---|---|
| 9 | 9 |
# This program is distributed in the hope that it will be useful, |
| 10 | 10 |
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 11 | 11 |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 12 | 12 |
# GNU General Public License for more details. |
| 13 | 13 |
# |
| 14 | 14 |
# You should have received a copy of the GNU General Public License |
| 15 | 15 |
# along with this program; if not, see <http://www.gnu.org/licenses/>. |
| 16 | 16 | |
| 17 |
import uuid |
|
| 18 | ||
| 17 | 19 |
from quixote import get_response, redirect |
| 18 | 20 |
from quixote.directory import Directory |
| 19 | 21 |
from quixote.html import TemplateIO, htmltext |
| 20 | 22 | |
| 21 | 23 |
from wcs.qommon import _, errors, template |
| 22 | 24 |
from wcs.qommon.form import Form, StringWidget, TextWidget, HtmlWidget |
| 23 | 25 |
from wcs.qommon.backoffice.menu import html_top |
| 24 | 26 |
from wcs.api_access import ApiAccess |
| ... | ... | |
| 37 | 39 |
value=self.api_access.name) |
| 38 | 40 |
form.add(TextWidget, 'description', title=_('Description'),
|
| 39 | 41 |
cols=40, rows=5, |
| 40 | 42 |
value=self.api_access.description) |
| 41 | 43 |
form.add(StringWidget, 'access_identifier', title=_('Access identifier'),
|
| 42 | 44 |
required=True, size=30, |
| 43 | 45 |
value=self.api_access.access_identifier) |
| 44 | 46 |
form.add(StringWidget, 'access_key', title=_('Access key'), required=True, size=30,
|
| 45 |
value=self.api_access.access_key) |
|
| 47 |
value=self.api_access.access_key or str(uuid.uuid4()))
|
|
| 46 | 48 |
if not self.api_access.is_readonly(): |
| 47 | 49 |
form.add_submit('submit', _('Submit'))
|
| 48 | 50 |
form.add_submit('cancel', _('Cancel'))
|
| 49 | 51 |
return form |
| 50 | 52 | |
| 51 | 53 |
def submit_form(self, form): |
| 52 | 54 |
name = form.get_widget('name').parse()
|
| 53 | 55 |
access_identifier = form.get_widget('access_identifier').parse()
|
| 54 |
- |
|