To receive notifications about scheduled maintenance, please subscribe to the mailing-list gitlab-operations@sympa.ethz.ch. You can subscribe to the mailing-list at https://sympa.ethz.ch

Commit a830b71e authored by Alexander Dietmüller's avatar Alexander Dietmüller
Browse files

Backend: Fix Devserver and auth bugs

parent 3869a466
......@@ -37,22 +37,21 @@ connection.close()
def post(resource, data):
"""Create something, ignoring auth."""
with APP.test_request_context():
g.user = 'Not None :)'
g.apiuser = 'Not None :)'
g.nethz = 'Something'
g.admin = True
response = CLIENT.post(resource,
response = CLIENT.post('%s/%s' % (APP.config['URL_PREFIX'], resource),
data=json.dumps(data),
content_type="application/json",
headers={'Authorization': 'Token Lala'})
if response.status_code != 201:
"""
error = json.loads(response.get_data(as_text=True))
status = error['_error']['code']
issues = str(error['_issues'])
print('Warning(%s):' % status, issues)
"""
message = str(error['_error'].get('message', ''))
issues = str(error.get('_issues', ''))
print('%s:' % status, issues or message)
return {}
return json.loads(response.get_data(as_text=True))
......
......@@ -64,8 +64,6 @@ def get_user():
if response:
print('Resp', response['_items'][0])
return response['_items'][0]['user']
else:
raise FileNotFoundError
@request_cache('nethz')
......
......@@ -70,7 +70,7 @@ def drop_database(application):
def user(self, **kwargs):
"""Additional context to fake a user."""
with self.test_request_context():
g.user = 'Not None :)'
g.apiuser = 'Not None :)'
g.nethz = 'Something'
g.admin = False
......
......@@ -2,8 +2,6 @@
import pytest
from flask import g
ALL_RESOURCES = ['lectures', 'courses', 'signups', 'selections', 'payments']
ADMIN_RESOURCES = ['lectures', 'courses'] # only admin can write
......@@ -37,18 +35,13 @@ def test_user_can_read(app, resource):
Not signups! There, users can only see their own items -> extra test
This implies that admins can read, too, since every admin is a user.
"""
with app.test_request_context():
# Fake a user
g.user = 'Not None :)'
faketoken = {'Authorization': 'Token Trolololo'}
with app.user():
# Read resource
app.client.get('/' + resource, headers=faketoken, assert_status=200)
app.client.get('/' + resource, assert_status=200)
# Create fake item and read item
_id = app.data.driver.db[resource].insert({})
app.client.get('/%s/%s' % (resource, _id),
headers=faketoken,
assert_status=200)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment