Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
16 changed files
with
610 additions
and
13 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,64 @@ | ||
.. _rest: | ||
|
||
========= | ||
REST API | ||
========= | ||
The ``waliki.rest`` plugin together ``waliki.git`` provides a set of REST API endpoints. | ||
|
||
With this plugin you'll get: | ||
|
||
URLs | ||
---- | ||
|
||
| List all Pages | ||
| ``GET http://yoursite.com[/<waliki_prefix>]/<WALIKI_API_ROOT>/all`` | ||
| | ||
| Add Page | ||
| ``POST http://yoursite.com[/<waliki_prefix>]/<WALIKI_API_ROOT>/new`` | ||
| | ||
| Retrieve Page | ||
| ``GET http://yoursite.com[/<waliki_prefix>]/<WALIKI_API_ROOT>/<slug>`` | ||
| | ||
| Edit Page | ||
| ``POST http://yoursite.com[/<waliki_prefix>]/<WALIKI_API_ROOT>/<slug>/edit`` | ||
| | ||
| Move Page | ||
| ``POST http://yoursite.com[/<waliki_prefix>]/<WALIKI_API_ROOT>/<slug>/move`` | ||
| | ||
| Delete Page | ||
| ``POST http://yoursite.com[/<waliki_prefix>]/<WALIKI_API_ROOT>/<slug>/delete`` | ||
| | ||
| History of changes | ||
| ``GET http://yoursite.com[/<waliki_prefix>]/<WALIKI_API_ROOT>/<slug>/history`` | ||
| | ||
| Retrieve a version | ||
| ``GET http://yoursite.com[/<waliki_prefix>]/<WALIKI_API_ROOT>/<slug>/version/<version>/`` | ||
| | ||
| Diff | ||
| ``GET http://yoursite.com[/<waliki_prefix>]/<WALIKI_API_ROOT>/<slug>/diff/<new_version>..<old_version>`` | ||
Setup | ||
------- | ||
|
||
It requires `djangorestframework`_ as requirement. Install it via pip:: | ||
|
||
$ pip install djangorestframework | ||
|
||
To install it, add ``'waliki.rest'`` and ``'rest_framework'`` after ``'waliki.git'`` in your ``settings.INSTALLED_APPS``:: | ||
|
||
INSTALLED_APPS = ( | ||
... | ||
'waliki', | ||
... | ||
'waliki.git', | ||
'waliki.rest', | ||
... | ||
'rest_framework', | ||
... | ||
) | ||
|
||
| Default url for restful service: | ||
``WALIKI_API_ROOT = 'API'`` | ||
|
||
.. _djangorestframework: https://github.com/tomchristie/django-rest-framework |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,119 @@ | ||
from django.core.urlresolvers import reverse | ||
from django.conf import settings | ||
|
||
from rest_framework import status | ||
from rest_framework.test import APITestCase | ||
|
||
from waliki.models import Page | ||
|
||
|
||
class PageCreateTests(APITestCase): | ||
|
||
def test_create_page_anonymous(self): | ||
""" | ||
#Ensure a new Page can't be created by a Anonymous user without permission | ||
""" | ||
url = reverse('page_new') | ||
data = {'title': 'Title', 'slug':'title', 'markup': 'Markdown'} | ||
response = self.client.post(url, data) | ||
|
||
if 'add_page' in settings.WALIKI_ANONYMOUS_USER_PERMISSIONS: | ||
#if anonymous user can add page | ||
self.assertEqual(response.status_code, status.HTTP_201_CREATED) | ||
else: | ||
#anonymous user can't add page | ||
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) | ||
|
||
|
||
class PageRetrieveTests(APITestCase): | ||
title = 'My little Title' | ||
slug = 'my-little-title' | ||
markup = 'Markdown' | ||
|
||
raw = 'My hack' | ||
message = 'Fuck you' | ||
|
||
def setUp(self): | ||
Page.objects.create(title=self.title, slug=self.slug, markup=self.markup) | ||
|
||
def test_detail_page_anonymous(self): | ||
""" | ||
Ensure a Page can't be watched by a Anonymous user without permission | ||
""" | ||
url = reverse('page_detail', args=(self.slug,)) | ||
response = self.client.get(url) | ||
|
||
if 'view_page' in settings.WALIKI_ANONYMOUS_USER_PERMISSIONS: | ||
#if anonymous user can view a page | ||
self.assertEqual(response.status_code, status.HTTP_200_OK) | ||
else: | ||
#if anonymous user can't view a page | ||
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) | ||
|
||
|
||
class PageEditTests(APITestCase): | ||
title = 'My little Title' | ||
slug = 'my-little-title' | ||
markup = 'Markdown' | ||
|
||
raw = 'My hack' | ||
message = 'Fuck you' | ||
|
||
def setUp(self): | ||
Page.objects.create(title=self.title, slug=self.slug, markup=self.markup) | ||
|
||
def test_edit_page_anonymous(self): | ||
""" | ||
#Ensure a Page can't be edited by a Anonymous user without permission | ||
""" | ||
url = reverse('page_edit', args=(self.slug,)) | ||
data = { | ||
'title': self.title, | ||
'slug': self.slug, | ||
'markup': self.markup, | ||
'raw': self.raw, | ||
'message': self.message } | ||
|
||
response = self.client.post(url, data) | ||
|
||
if 'change_page' in settings.WALIKI_ANONYMOUS_USER_PERMISSIONS: | ||
#if anonymous user can view a page | ||
self.assertEqual(response.status_code, status.HTTP_200_OK) | ||
else: | ||
#if anonymous user can't view a page | ||
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) | ||
|
||
def test_move_page_anonymous(self): | ||
""" | ||
#Ensure a Page can't be moved by a Anonymous user without permission | ||
""" | ||
url = reverse('page_move', args=(self.slug,)) | ||
data = { | ||
'slug': 'self-slug' | ||
} | ||
|
||
response = self.client.post(url, data) | ||
|
||
if 'change_page' in settings.WALIKI_ANONYMOUS_USER_PERMISSIONS: | ||
#if anonymous user can view a page | ||
self.assertEqual(response.status_code, status.HTTP_200_OK) | ||
else: | ||
#if anonymous user can't view a page | ||
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) | ||
|
||
def test_delete_page_anonymous(self): | ||
""" | ||
#Ensure a Page can't be deleted by a Anonymous user without permission | ||
""" | ||
url = reverse('page_delete', args=(self.slug,)) | ||
data = { | ||
'what': 'this' | ||
} | ||
response = self.client.post(url, data) | ||
|
||
if 'change_page' in settings.WALIKI_ANONYMOUS_USER_PERMISSIONS: | ||
#if anonymous user can view a page | ||
self.assertEqual(response.status_code, status.HTTP_200_OK) | ||
else: | ||
#if anonymous user can't view a page | ||
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
# -*- encoding: utf-8 -*- | ||
from django.contrib.auth.models import AnonymousUser | ||
|
||
from waliki import settings | ||
from waliki.acl import check_perms | ||
|
||
from rest_framework.permissions import BasePermission | ||
|
||
class WalikiPermission(BasePermission): | ||
""" | ||
Base Permission Class for Waliki default and ACL rules | ||
""" | ||
permission = '' | ||
|
||
def has_permission(self, request, view, *args, **kwargs): | ||
slug = request.resolver_match.kwargs.get('slug', ' ') | ||
if check_perms((self.permission), request.user, slug): | ||
return True | ||
else: | ||
if isinstance(request.user, AnonymousUser): | ||
if self.permission in settings.WALIKI_ANONYMOUS_USER_PERMISSIONS: | ||
return True | ||
else: | ||
if self.permission in settings.WALIKI_LOGGED_USER_PERMISSIONS: | ||
return True | ||
|
||
|
||
class WalikiPermission_AddPage(WalikiPermission): | ||
permission = 'add_page' | ||
|
||
class WalikiPermission_ViewPage(WalikiPermission): | ||
permission = 'view_page' | ||
|
||
class WalikiPermission_ChangePage(WalikiPermission): | ||
permission = 'change_page' |
Oops, something went wrong.