CGM_Public/pretix_original
2
0
Fork 1
mirror of https://github.com/pretix/pretix.git synced 2026-05-06 15:24:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add device security profiles (#1806)

Browse Source
This commit is contained in:
Raphael Michel
2020-10-13 17:40:25 +02:00
committed by GitHub
parent 301849f771
commit e8f3ad633a
15 changed files with 177 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/tests/api/test_auth.py
View File

@@ -76,3 +76,16 @@ def test_device_auth_revoked(client, device):
resp = client.get('/api/v1/organizers/')
assert resp.status_code == 401
assert str(resp.data['detail']) == "Device access has been revoked."
@pytest.mark.django_db
def test_device_auth_security_profile(client, device):
client.credentials(HTTP_AUTHORIZATION='Device ' + device.api_token)
device.security_profile = "pretixscan"
device.save()
resp = client.get('/api/v1/organizers/dummy/giftcards/')
assert resp.status_code == 403
device.security_profile = "pretixpos"
device.save()
resp = client.get('/api/v1/organizers/dummy/giftcards/')
assert resp.status_code == 200

3
src/tests/api/test_devices.py
View File

@@ -38,7 +38,8 @@ TEST_DEV_RES = {
"hardware_brand": "Zebra",
"hardware_model": "TC25",
"software_brand": "pretixSCAN",
"software_version": "1.5.1"
"software_version": "1.5.1",
"security_profile": "full"
}

3
src/tests/control/test_devices.py
View File

@@ -50,8 +50,8 @@ def test_create_device(event, admin_user, admin_team, client):
resp = client.post('/control/organizer/dummy/device/add', {
'name': 'Foo',
'limit_events': str(event.pk),
'security_profile': 'full',
}, follow=True)
print(resp.status_code, resp.content)
with scopes_disabled():
d = Device.objects.last()
assert d.name == 'Foo'
@@ -66,6 +66,7 @@ def test_update_device(event, admin_user, admin_team, device, client):
client.post('/control/organizer/dummy/device/{}/edit'.format(device.pk), {
'name': 'Cashdesk 2',
'limit_events': str(event.pk),
'security_profile': 'full',
}, follow=True)
device.refresh_from_db()
assert device.name == 'Cashdesk 2'