diff --git a/combo/apps/export_import/api_views.py b/combo/apps/export_import/api_views.py index 636dded0..6ac32ea3 100644 --- a/combo/apps/export_import/api_views.py +++ b/combo/apps/export_import/api_views.py @@ -40,7 +40,7 @@ klasses['roles'] = Group class Index(GenericAPIView): - permission_classes = (permissions.IsAuthenticated,) + permission_classes = (permissions.IsAdminUser,) def get(self, request, *args, **kwargs): if is_portal_agent(): @@ -128,7 +128,7 @@ def get_component_bundle_entry(request, component, order): class ListComponents(GenericAPIView): - permission_classes = (permissions.IsAuthenticated,) + permission_classes = (permissions.IsAdminUser,) def get(self, request, *args, **kwargs): klass = klasses[kwargs['component_type']] @@ -146,7 +146,7 @@ list_components = ListComponents.as_view() class ExportComponent(GenericAPIView): - permission_classes = (permissions.IsAuthenticated,) + permission_classes = (permissions.IsAdminUser,) def get(self, request, uuid, *args, **kwargs): serialisation = get_object_or_404(Page, uuid=uuid).get_serialized_page() @@ -157,7 +157,7 @@ export_component = ExportComponent.as_view() class ComponentDependencies(GenericAPIView): - permission_classes = (permissions.IsAuthenticated,) + permission_classes = (permissions.IsAdminUser,) def get(self, request, uuid, *args, **kwargs): klass = klasses[kwargs['component_type']] @@ -200,7 +200,7 @@ def component_redirect(request, component_type, uuid): class BundleCheck(GenericAPIView): - permission_classes = (permissions.IsAuthenticated,) + permission_classes = (permissions.IsAdminUser,) def put(self, request, *args, **kwargs): tar_io = io.BytesIO(request.read()) @@ -311,7 +311,7 @@ bundle_check = BundleCheck.as_view() class BundleImport(GenericAPIView): - permission_classes = (permissions.IsAuthenticated,) + permission_classes = (permissions.IsAdminUser,) action = 'import_bundle' def put(self, request, *args, **kwargs): @@ -338,7 +338,6 @@ bundle_import = BundleImport.as_view() class BundleDeclare(BundleImport): - permission_classes = (permissions.IsAuthenticated,) action = 'declare_bundle' @@ -346,7 +345,7 @@ bundle_declare = BundleDeclare.as_view() class BundleUnlink(GenericAPIView): - permission_classes = (permissions.IsAuthenticated,) + permission_classes = (permissions.IsAdminUser,) def post(self, request, *args, **kwargs): if request.POST.get('application'): diff --git a/tests/test_applification_api.py b/tests/test_applification_api.py index 6cd821e2..946d27b2 100644 --- a/tests/test_applification_api.py +++ b/tests/test_applification_api.py @@ -28,8 +28,8 @@ from .wcs.utils import MockedRequestResponse, mocked_requests_send pytestmark = pytest.mark.django_db -def test_object_types(settings, app, john_doe): - app.authorization = ('Basic', (john_doe.username, john_doe.username)) +def test_object_types(settings, app, admin_user): + app.authorization = ('Basic', (admin_user.username, admin_user.username)) resp = app.get('/api/export-import/') assert resp.json == { 'data': [ @@ -71,8 +71,8 @@ def test_object_types(settings, app, john_doe): } -def test_list(app, john_doe): - app.authorization = ('Basic', (john_doe.username, john_doe.username)) +def test_list(app, admin_user): + app.authorization = ('Basic', (admin_user.username, admin_user.username)) Page.objects.all().delete() page = Page(title='Test', slug='test', template_name='standard') page.save() @@ -115,8 +115,8 @@ def test_list(app, john_doe): } -def test_export_page(app, john_doe): - app.authorization = ('Basic', (john_doe.username, john_doe.username)) +def test_export_page(app, admin_user): + app.authorization = ('Basic', (admin_user.username, admin_user.username)) Page.objects.all().delete() page = Page(title='Test', slug='test', template_name='standard') page.save() @@ -126,8 +126,8 @@ def test_export_page(app, john_doe): app.get('/api/export-import/pages/%s/' % uuid.uuid4(), status=404) -def test_export_page_with_role(app, john_doe): - app.authorization = ('Basic', (john_doe.username, john_doe.username)) +def test_export_page_with_role(app, admin_user): + app.authorization = ('Basic', (admin_user.username, admin_user.username)) group = Group(name='plop') group.save() Page.objects.all().delete() @@ -138,8 +138,8 @@ def test_export_page_with_role(app, john_doe): assert resp.json['data']['fields']['groups'] == ['plop'] -def test_page_dependencies(app, john_doe): - app.authorization = ('Basic', (john_doe.username, john_doe.username)) +def test_page_dependencies(app, admin_user): + app.authorization = ('Basic', (admin_user.username, admin_user.username)) page = Page.objects.create(title='Test', slug='test', template_name='standard') resp = app.get(f'/api/export-import/pages/{page.uuid}/dependencies/') assert resp.json == {'data': [], 'err': 0} @@ -147,8 +147,8 @@ def test_page_dependencies(app, john_doe): app.get('/api/export-import/pages/%s/dependencies/' % uuid.uuid4(), status=404) -def test_page_dependencies_groups(app, john_doe): - app.authorization = ('Basic', (john_doe.username, john_doe.username)) +def test_page_dependencies_groups(app, admin_user): + app.authorization = ('Basic', (admin_user.username, admin_user.username)) group1 = Group(name='plop1') group1.save() group2 = Group(name='plop2') @@ -172,8 +172,8 @@ def test_page_dependencies_groups(app, john_doe): } -def test_page_dependencies_children(app, john_doe): - app.authorization = ('Basic', (john_doe.username, john_doe.username)) +def test_page_dependencies_children(app, admin_user): + app.authorization = ('Basic', (admin_user.username, admin_user.username)) page = Page(title='Test', slug='test', template_name='standard') page.save() page2 = Page(title='Child', slug='child', template_name='standard', parent=page) @@ -198,8 +198,7 @@ def test_page_dependencies_children(app, john_doe): } -def test_page_redirect(app, john_doe): - app.authorization = ('Basic', (john_doe.username, john_doe.username)) +def test_page_redirect(app): page = Page(title='Test', slug='test', template_name='standard') page.save() redirect_url = f'/api/export-import/pages/{page.uuid}/redirect/' @@ -257,7 +256,7 @@ def create_bundle(elements, *args, **kwargs): @pytest.fixture -def bundle(app, john_doe): +def bundle(app, admin_user): page, dummy = Page.objects.get_or_create( slug='test', defaults={'title': 'Test Page', 'template_name': 'standard'} ) @@ -270,8 +269,8 @@ def bundle(app, john_doe): ) -def test_bundle_import(app, john_doe): - app.authorization = ('Basic', (john_doe.username, john_doe.username)) +def test_bundle_import(app, admin_user): + app.authorization = ('Basic', (admin_user.username, admin_user.username)) bundles = [] for version_number in ['42.0', '42.1']: @@ -387,8 +386,8 @@ def test_bundle_import(app, john_doe): ) -def test_bundle_import_pages_position(app, john_doe): - app.authorization = ('Basic', (john_doe.username, john_doe.username)) +def test_bundle_import_pages_position(app, admin_user): + app.authorization = ('Basic', (admin_user.username, admin_user.username)) page1 = Page.objects.create( slug='test1', title='Test Page 1', @@ -930,8 +929,8 @@ def test_bundle_import_pages_position(app, john_doe): assert Page.objects.get(uuid=page2.uuid).parent is None -def test_bundle_declare(app, john_doe): - app.authorization = ('Basic', (john_doe.username, john_doe.username)) +def test_bundle_declare(app, admin_user): + app.authorization = ('Basic', (admin_user.username, admin_user.username)) page, dummy = Page.objects.get_or_create( slug='test', defaults={'title': 'Test Page', 'template_name': 'standard'} @@ -1031,8 +1030,8 @@ def test_bundle_declare(app, john_doe): ) -def test_bundle_unlink(app, john_doe, bundle): - app.authorization = ('Basic', (john_doe.username, john_doe.username)) +def test_bundle_unlink(app, admin_user, bundle): + app.authorization = ('Basic', (admin_user.username, admin_user.username)) application = Application.objects.create( name='Test', @@ -1086,8 +1085,8 @@ def test_bundle_unlink(app, john_doe, bundle): assert ApplicationElement.objects.count() == 2 -def test_bundle_check(app, john_doe): - app.authorization = ('Basic', (john_doe.username, john_doe.username)) +def test_bundle_check(app, admin_user): + app.authorization = ('Basic', (admin_user.username, admin_user.username)) bundles = [] for version_number in ['1.0', '2.0']: @@ -1249,7 +1248,7 @@ def test_bundle_check(app, john_doe): @mock.patch('requests.Session.send', side_effect=mocked_requests_send) -def test_page_dependencies_card_models(mock_send, app, john_doe): +def test_page_dependencies_card_models(mock_send, app, admin_user): page = Page.objects.create( title='Test', slug='test', @@ -1268,7 +1267,7 @@ def test_page_dependencies_card_models(mock_send, app, john_doe): } assert card_dep in page.get_dependencies() - app.authorization = ('Basic', (john_doe.username, john_doe.username)) + app.authorization = ('Basic', (admin_user.username, admin_user.username)) with mock.patch('requests.Session.get') as requests_get: requests_get.side_effect = ConnectionError() resp = app.get(f'/api/export-import/pages/{page.uuid}/dependencies/', status=400) @@ -1363,7 +1362,7 @@ def test_page_dependencies_linkslist_cell(): @mock.patch('requests.Session.send', side_effect=mocked_requests_send) -def test_page_dependencies_form_cell(mock_send, app, john_doe): +def test_page_dependencies_form_cell(mock_send, app, admin_user): page = Page.objects.create(title='Test', slug='test', template_name='standard') cell = WcsFormCell(page=page, placeholder='content', order=0, formdef_reference='default:form-title') cell.save() @@ -1377,7 +1376,7 @@ def test_page_dependencies_form_cell(mock_send, app, john_doe): 'redirect': 'http://127.0.0.1:8999/api/export-import/forms/form-title/redirect/', }, } in page.get_dependencies() - app.authorization = ('Basic', (john_doe.username, john_doe.username)) + app.authorization = ('Basic', (admin_user.username, admin_user.username)) resp = app.get(f'/api/export-import/pages/{page.uuid}/dependencies/') assert resp.json['data'][0]['type'] == 'forms'