0001-backoffice-hide-API-access-69564.patch

Emmanuel Cazenave, 27 septembre 2022 18:10

Voir les différences: en ligne côte à côte

Subject: [PATCH] backoffice: hide API access (#69564)

 tests/admin_pages/test_api_access.py          | 39 -------------------
 wcs/admin/settings.py                         |  3 ++
 .../wcs/backoffice/api_accesses.html          |  4 --
 3 files changed, 3 insertions(+), 43 deletions(-)

         return obj
     def test_api_access_new(pub):
         create_superuser(pub)
         ApiAccess.wipe()
         app = login(get_app(pub))
         # go to the page and cancel
         resp = app.get('/backoffice/settings/api-access/')
         resp = resp.click('New API access')
         resp = resp.forms[0].submit('cancel')
         assert resp.location == 'http://example.net/backoffice/settings/api-access/'
         # go to the page and add an API access
         resp = app.get('/backoffice/settings/api-access/')
         resp = resp.click('New API access')
         resp.form['name'] = 'a new API access'
         resp.form['description'] = 'description'
         resp.form['access_identifier'] = 'new_access'
         assert len(resp.form['access_key'].value) == 36
         resp = resp.form.submit('submit')
         assert resp.location == 'http://example.net/backoffice/settings/api-access/'
         resp = resp.follow()
         assert 'a new API access' in resp.text
         resp = resp.click('a new API access')
         assert 'API access - a new API access' in resp.text
         # check name unicity
         resp = app.get('/backoffice/settings/api-access/new')
         resp.form['name'] = 'a new API access'
         resp.form['access_identifier'] = 'changed'
         resp = resp.form.submit('submit')
         assert resp.html.find('div', {'class': 'error'}).text == 'This name is already used.'
         # check access_identifier unicity
         resp.form['name'] = 'new one'
         resp.form['access_identifier'] = 'new_access'
         resp = resp.form.submit('submit')
         assert resp.html.find('div', {'class': 'error'}).text == 'This value is already used.'
     def test_api_access_view(pub, api_access):
         create_superuser(pub)

     from quixote.directory import Directory
     from quixote.html import TemplateIO, htmltext
     from wcs.api_access import ApiAccess
     from wcs.blocks import BlockDef
     from wcs.carddef import CardDef
     from wcs.data_sources import NamedDataSource
-...
             disabled_screens_option = get_publisher().get_site_option('settings-disabled-screens') or ''
             disabled_screens = [x.strip() for x in disabled_screens_option.split(',')]
             if ApiAccess.count() == 0:
                 disabled_screens.append('api-access')
             def enabled(screen):
                 return screen not in disabled_screens

     {% block appbar-title %}{% trans "API access" %}{% endblock %}
     {% block appbar-actions %}
     <a rel="popup" href="new">{% trans "New API access" %}</a>
     {% endblock %}
     {% block content %}
     {% if api_accesses %}
     <ul class="objects-list single-links">
+    -

Projet

Général

Profil

Produits Entr'ouvert » w.c.s.

0001-backoffice-hide-API-access-69564.patch