Commit a830b71e authored by adietmue's avatar adietmue
Browse files

Backend: Fix Devserver and auth bugs

parent 3869a466
...@@ -37,22 +37,21 @@ connection.close() ...@@ -37,22 +37,21 @@ connection.close()
def post(resource, data): def post(resource, data):
"""Create something, ignoring auth.""" """Create something, ignoring auth."""
with APP.test_request_context(): with APP.test_request_context():
g.user = 'Not None :)' g.apiuser = 'Not None :)'
g.nethz = 'Something' g.nethz = 'Something'
g.admin = True g.admin = True
response = CLIENT.post(resource, response = CLIENT.post('%s/%s' % (APP.config['URL_PREFIX'], resource),
data=json.dumps(data), data=json.dumps(data),
content_type="application/json", content_type="application/json",
headers={'Authorization': 'Token Lala'}) headers={'Authorization': 'Token Lala'})
if response.status_code != 201: if response.status_code != 201:
"""
error = json.loads(response.get_data(as_text=True)) error = json.loads(response.get_data(as_text=True))
status = error['_error']['code'] status = error['_error']['code']
issues = str(error['_issues']) message = str(error['_error'].get('message', ''))
print('Warning(%s):' % status, issues) issues = str(error.get('_issues', ''))
""" print('%s:' % status, issues or message)
return {} return {}
return json.loads(response.get_data(as_text=True)) return json.loads(response.get_data(as_text=True))
......
...@@ -64,8 +64,6 @@ def get_user(): ...@@ -64,8 +64,6 @@ def get_user():
if response: if response:
print('Resp', response['_items'][0]) print('Resp', response['_items'][0])
return response['_items'][0]['user'] return response['_items'][0]['user']
else:
raise FileNotFoundError
@request_cache('nethz') @request_cache('nethz')
......
...@@ -70,7 +70,7 @@ def drop_database(application): ...@@ -70,7 +70,7 @@ def drop_database(application):
def user(self, **kwargs): def user(self, **kwargs):
"""Additional context to fake a user.""" """Additional context to fake a user."""
with self.test_request_context(): with self.test_request_context():
g.user = 'Not None :)' g.apiuser = 'Not None :)'
g.nethz = 'Something' g.nethz = 'Something'
g.admin = False g.admin = False
......
...@@ -2,8 +2,6 @@ ...@@ -2,8 +2,6 @@
import pytest import pytest
from flask import g
ALL_RESOURCES = ['lectures', 'courses', 'signups', 'selections', 'payments'] ALL_RESOURCES = ['lectures', 'courses', 'signups', 'selections', 'payments']
ADMIN_RESOURCES = ['lectures', 'courses'] # only admin can write ADMIN_RESOURCES = ['lectures', 'courses'] # only admin can write
...@@ -37,18 +35,13 @@ def test_user_can_read(app, resource): ...@@ -37,18 +35,13 @@ def test_user_can_read(app, resource):
Not signups! There, users can only see their own items -> extra test Not signups! There, users can only see their own items -> extra test
This implies that admins can read, too, since every admin is a user. This implies that admins can read, too, since every admin is a user.
""" """
with app.test_request_context(): with app.user():
# Fake a user
g.user = 'Not None :)'
faketoken = {'Authorization': 'Token Trolololo'}
# Read resource # Read resource
app.client.get('/' + resource, headers=faketoken, assert_status=200) app.client.get('/' + resource, assert_status=200)
# Create fake item and read item # Create fake item and read item
_id = app.data.driver.db[resource].insert({}) _id = app.data.driver.db[resource].insert({})
app.client.get('/%s/%s' % (resource, _id), app.client.get('/%s/%s' % (resource, _id),
headers=faketoken,
assert_status=200) assert_status=200)
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment