CGM_Public/pretix_cgo
1
0
Fork 0
forked from CGM_Public/pretix_original
Code Pull Requests Actions Activity

Refs #314 -- Read-only REST API (#513)

Browse Source 
* initial commit

* API auth

* Hierarchical URLs

* Add session auth

* Strong hierarchy

* Add filters

* Add i18n fields, questions

* More viewsets and serializers

* Ticket download

* Add OrderPosition serializer

* View-level permissions

* More tests

* More tests

* Add basic API docs

* Add REST API to docs frontpage

* Tests for order endpoints

* Add invoice tests

* Voucher and waitinglist tests

* Doc draft

* order docs

* Docs on all viewsets

* Disable DRF docs, style sphinx, style browsable API

* Fix tests

* deprecated imports

* Test foo

* Attendee names

* Fix migration problems

* Remove browsable API, plugin integration

* Doc fixes
This commit is contained in:
Raphael Michel
2017-06-19 11:16:04 +02:00
committed by GitHub
parent 6df3a7d4b5
commit b2d4bea1d0
71 changed files with 4213 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
src/tests/api/test_auth.py Normal file
View File

@@ -0,0 +1,53 @@
import pytest
from pretix.base.models import Organizer
@pytest.mark.django_db
def test_no_auth(client):
resp = client.get('/api/v1/organizers/')
assert resp.status_code == 401
@pytest.mark.django_db
def test_session_auth_no_teams(client, user):
client.login(email=user.email, password='dummy')
resp = client.get('/api/v1/organizers/')
assert resp.status_code == 200
assert len(resp.data['results']) == 0
@pytest.mark.django_db
def test_session_auth_with_teams(client, user, team):
team.members.add(user)
Organizer.objects.create(name='Other dummy', slug='dummy')
client.login(email=user.email, password='dummy')
resp = client.get('/api/v1/organizers/')
assert resp.status_code == 200
assert len(resp.data['results']) == 1
@pytest.mark.django_db
def test_token_invalid(client):
client.credentials(HTTP_AUTHORIZATION='Token ABCDE')
resp = client.get('/api/v1/organizers/')
assert resp.status_code == 401
@pytest.mark.django_db
def test_token_auth_valid(client, team):
Organizer.objects.create(name='Other dummy', slug='dummy')
t = team.tokens.create(name='Foo')
client.credentials(HTTP_AUTHORIZATION='Token ' + t.token)
resp = client.get('/api/v1/organizers/')
assert resp.status_code == 200
assert len(resp.data['results']) == 1
@pytest.mark.django_db
def test_token_auth_inactive(client, team):
Organizer.objects.create(name='Other dummy', slug='dummy')
t = team.tokens.create(name='Foo', active=False)
client.credentials(HTTP_AUTHORIZATION='Token ' + t.token)
resp = client.get('/api/v1/organizers/')
assert resp.status_code == 401