Projet

Général

Profil

0001-api-don-t-mark-API-fake-admin-user-as-an-API-user-53.patch

Frédéric Péters, 11 mai 2021 15:27

Télécharger (1,46 ko)

Voir les différences: 

Subject: [PATCH] api: don't mark API fake admin user as an API user (#53926)


 tests/api/test_carddef.py | 5 +++++
 wcs/api.py                | 1 +
 2 files changed, 6 insertions(+)
tests/api/test_carddef.py
157 157 
    assert resp.json['data'][0]['digest'] == formdata.digest
158 158 
    assert resp.json['data'][0]['text'] == formdata.digest
159 159 

  		




  
  160
  
    
    # get single carddata (as signed request without any user specified, so

  		




  
  161
  
    
    # no check for permissions)

  		




  
  162
  
    
    resp = get_app(pub).get(sign_uri('/api/cards/test/%s/' % formdata.id))

  		




  
  163
  
    
    assert resp.json['text'] == formdata.digest

  		




  
  164
  
    

  		




  160
  165
  
    
    # get schema

  		




  161
  166
  
    
    resp = get_app(pub).get(sign_uri('/api/cards/test/@schema'), status=200)

  		




  162
  167
  
    
    assert len(resp.json['fields']) == 1

  		












  

    
      wcs/api.py
    
  





  264
  264
  
    
            class ApiAdminUser:

  		




  265
  265
  
    
                is_admin = True

  		




  266
  266
  
    
                anonymous = True

  		




  
  267
  
    
                is_api_user = False

  		




  267
  268
  
    

  		




  268
  269
  
    
            get_request()._user = ApiAdminUser()

  		




  269
  270
  
    
            return True

  		




  270
  
  
    
-