api: disable legacy fillslots api by default (#77806)

2023-05-23 11:33:03 +02:00 · 2023-05-23 11:33:03 +02:00 · 13f44f7cd0
parent 84bdeb3ed3
commit 13f44f7cd0
4 changed files with 24 additions and 0 deletions
--- a/chrono/api/views.py
+++ b/chrono/api/views.py
@ -21,6 +21,7 @@ import itertools
 import json
 import uuid
 from django.conf import settings
 from django.db import IntegrityError, transaction
 from django.db.models import BooleanField, Count, ExpressionWrapper, F, Func, Prefetch, Q
 from django.db.models.expressions import RawSQL
@ -1402,6 +1403,9 @@ class Fillslots(APIView):
    serializer_class = serializers.FillSlotsSerializer
    def post(self, request, agenda_identifier=None, event_identifier=None, format=None):
        if not settings.LEGACY_FILLSLOTS_ENABLED:
            raise APIErrorBadRequest(N_('deprecated call'))
        return self.fillslot(request=request, agenda_identifier=agenda_identifier, format=format)
    def fillslot(self, request, agenda_identifier=None, slots=None, format=None, retry=False):
--- a/chrono/settings.py
+++ b/chrono/settings.py
@ -198,6 +198,7 @@ SMS_SENDER = ''
 REST_FRAMEWORK = {'EXCEPTION_HANDLER': 'chrono.api.utils.exception_handler'}
 SHARED_CUSTODY_ENABLED = False
 LEGACY_FILLSLOTS_ENABLED = False
 local_settings_file = os.environ.get(
    'CHRONO_SETTINGS_FILE', os.path.join(os.path.dirname(__file__), 'local_settings.py')
--- a/tests/api/fillslot/test_all.py
+++ b/tests/api/fillslot/test_all.py
@ -2621,3 +2621,21 @@ def test_user_external_id(app, user):
            assert not any(x['disabled'] for x in resp.json['data'])
        meeting_event.delete()
 def test_booking_api_fillslots_deprecated(app, user, settings):
    settings.LEGACY_FILLSLOTS_ENABLED = False
    agenda = Agenda.objects.create(label='Foo bar', kind='events')
    event = Event.objects.create(
        label='Event', start_datetime=now() + datetime.timedelta(days=5), places=10, agenda=agenda
    )
    app.authorization = ('Basic', ('john.doe', 'password'))
    resp = app.post_json('/api/agenda/%s/fillslots/' % agenda.slug, params={'slots': [event.id]}, status=400)
    assert 'deprecated' in resp.json['err_desc']
    assert Booking.objects.count() == 0
    resp = app.post_json('/api/agenda/%s/fillslot/%s/' % (agenda.slug, event.id))
    assert Booking.objects.count() == 1
--- a/tests/settings.py
+++ b/tests/settings.py
@ -45,5 +45,6 @@ EXCEPTIONS_SOURCES = {}
 SITE_BASE_URL = 'https://example.com'
 SHARED_CUSTODY_ENABLED = True
 LEGACY_FILLSLOTS_ENABLED = True
 PASSWORD_HASHERS = ["django.contrib.auth.hashers.MD5PasswordHasher"]