mozilla
diff --git a/‎lib/bango/resources/refund.py‎
Lines changed: 2 additions & 2 deletions b/‎lib/bango/resources/refund.py‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎lib/services/resources.py‎
Lines changed: 78 additions & 43 deletions b/‎lib/services/resources.py‎
Lines changed: 78 additions & 43 deletions
diff --git a/‎lib/services/tests.py‎
Lines changed: 16 additions & 20 deletions b/‎lib/services/tests.py‎
Lines changed: 16 additions & 20 deletions
diff --git a/‎lib/transactions/models.py‎
Lines changed: 2 additions & 1 deletion b/‎lib/transactions/models.py‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎requirements/prod.txt‎
Lines changed: 2 additions & 1 deletion b/‎requirements/prod.txt‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎solitude/authentication.py‎
Lines changed: 32 additions & 0 deletions b/‎solitude/authentication.py‎
Lines changed: 32 additions & 0 deletions
@@ -1,12 +1,13 @@
-from functools import partial
 import uuid
+from functools import partial
 
 from django.conf import settings
 
 from tastypie import fields
 from tastypie.exceptions import ImmediateHttpResponse
 from tastypie.http import HttpNotFound
 
+from cached import SimpleResource
 from lib.bango.client import ClientMock
 from lib.bango.constants import CANT_REFUND, NOT_SUPPORTED, OK, PENDING
 from lib.bango.errors import BangoFormError
@@ -15,7 +16,6 @@
                                         STATUS_PENDING, TYPE_REFUND)
 from lib.transactions.models import Transaction
 from lib.transactions.resources import TransactionResource
-from cached import SimpleResource
 
 from solitude.logger import getLogger
 
 
@@ -1,23 +1,26 @@
-import json
 import urlparse
 
 from django.conf import settings
 from django.core.cache import cache
+from django.core.exceptions import PermissionDenied
+from django.views import debug
 
 import requests
 from aesfield.field import AESField
-from tastypie import http
-from tastypie.exceptions import ImmediateHttpResponse
-from tastypie_services.services import StatusError, StatusObject as Base
+from rest_framework.decorators import api_view
+from rest_framework.response import Response
 
 from lib.sellers.models import Seller
-from solitude.base import Resource
 from solitude.logger import getLogger
 
 log = getLogger('s.services')
 
 
-class StatusObject(Base):
+class StatusObject(object):
+
+    def __init__(self):
+        self.status = {}
+        self.error = None
 
     @property
     def is_proxy(self):
@@ -26,22 +29,25 @@ def is_proxy(self):
     def test_cache(self):
         # caching fails silently so we have to read from it after writing.
         cache.set('status', 'works')
-
         if cache.get('status') == 'works':
-            self.cache = True
+            return True
+
+        return False
 
     def test_db(self):
         try:
             # exists is one of the fastest queries one can run.
             Seller.objects.exists()
-            self.db = True
+            return True
         except Exception:
             log.error('Error connection to the db', exc_info=True)
+            return False
 
     def test_settings(self):
         # Warn if the settings are confused and the proxy settings are
         # mixed with non-proxy settings. At this time we can't tell if you
         # are running just the database server or solitude all in one.
+        self.status['settings'] = True
         caches = getattr(settings, 'CACHES', {})
         dbs = getattr(settings, 'DATABASES', {})
 
@@ -52,7 +58,7 @@ def test_settings(self):
                 if (db.get('ENGINE', '') not in ['',
                         'django.db.backends.dummy']):
                     log.error('Proxy db set to: %s' % engine)
-                    self.settings = False
+                    return False
 
             # There could be an issue if you share a proxy with the database
             # server, a local cache should be fine.
@@ -62,13 +68,17 @@ def test_settings(self):
                         'django.core.cache.backends.dummy.DummyCache',
                         'django.core.cache.backends.locmem.LocMemCache']):
                     log.error('Proxy cache set to: %s' % backend)
-                    self.settings = False
+                    return False
 
         # Tuck the encrypt test into settings.
         test = AESField(aes_key='bango:signature')
         if test._decrypt(test._encrypt('foo')) != 'foo':
-            self.settings = False
+            return False
 
+        return True
+
+    def test_proxies(self):
+        self.status['proxies'] = True
         if not self.is_proxy and settings.BANGO_PROXY:
             # Ensure that we can speak to the proxy.
             home = urlparse.urlparse(settings.BANGO_PROXY)
@@ -77,7 +87,7 @@ def test_settings(self):
                 requests.get(proxy, verify=True, timeout=5)
             except:
                 log.error('Proxy error: %s' % proxy, exc_info=True)
-                self.settings = False
+                return False
 
         if self.is_proxy:
             # Ensure that we can speak to Bango.
@@ -86,35 +96,60 @@ def test_settings(self):
                 requests.get(url, verify=True, timeout=30)
             except:
                 log.error('Bango error: %s' % proxy, exc_info=True)
-                self.settings = False
+                return False
 
-    def test(self):
-        self.test_cache()
-        self.test_db()
-        self.test_settings()
+        return True
 
-        if self.is_proxy:
-            if self.settings and not (self.db and self.cache):
-                return self
-            raise StatusError(str(self))
-
-        if self.db and self.cache:
-            return self
-        raise StatusError(str(self))
-
-
-class RequestResource(Resource):
-    """
-    This is a resource that does nothing, just returns some information
-    about the request. Useful for testing that solitude is working for you.
-    """
-
-    class Meta(Resource.Meta):
-        list_allowed_methods = ['get']
-        resource_name = 'request'
-
-    def obj_get_list(self, request, **kwargs):
-        content = {'authenticated': request.OAUTH_KEY}
-        response = http.HttpResponse(content=json.dumps(content),
-                                     content_type='application/json')
-        raise ImmediateHttpResponse(response=response)
+
+class TestError(Exception):
+    pass
+
+
+@api_view(['GET'])
+def error(request):
+    raise TestError('This is a test.')
+
+
+@api_view(['GET'])
+def status(request):
+    obj = StatusObject()
+    for key, method in (('proxies', obj.test_proxies),
+                        ('db', obj.test_db),
+                        ('cache', obj.test_cache),
+                        ('settings', obj.test_settings)):
+        obj.status[key] = method()
+
+    if obj.is_proxy:
+        if (obj.status['settings'] and not
+            (obj.status['db'] and obj.status['cache'])):
+            code = 200
+        else:
+            # The proxy should have good settings but not the db or cache.
+            code = 500
+
+    if obj.status['db'] and obj.status['cache']:
+        code = 200
+    else:
+        # The db instance should have a good db and cache.
+        code = 500
+    return Response(obj.status, status=code)
+
+
+@api_view(['GET'])
+def request_resource(request):
+    return Response({'authenticated': request.OAUTH_KEY})
+
+
+@api_view(['GET'])
+def settings_list(request):
+    if not getattr(settings, 'CLEANSED_SETTINGS_ACCESS', False):
+        raise PermissionDenied
+    return Response(sorted(debug.get_safe_settings().keys()))
+
+
+@api_view(['GET'])
+def settings_view(request, setting):
+    if not getattr(settings, 'CLEANSED_SETTINGS_ACCESS', False):
+        raise PermissionDenied
+    return Response({'key': setting,
+                     'value': debug.get_safe_settings()[setting]})
@@ -2,25 +2,27 @@
 
 from django.conf import settings
 from django.core.cache import cache
+from django.core.urlresolvers import reverse
 
 from mock import patch
+from nose import SkipTest
 from nose.tools import eq_
 
+
 from solitude.base import APITest
-from lib.services.resources import StatusObject
+from lib.services.resources import TestError
 
 
 @patch.object(settings, 'DEBUG', False)
 class TestStatus(APITest):
 
     def setUp(self):
-        self.api_name = 'services'
-        self.list_url = self.get_list_url('status')
+        self.list_url = reverse('services.status')
 
     def failed(self, res, on):
         eq_(res.status_code, 500)
         data = json.loads(res.content)
-        assert '%s: False' % on in data['error_message'], data
+        assert False in data.values()
 
     @patch.object(cache, 'get', lambda x: None)
     def test_failure_status(self):
@@ -30,8 +32,8 @@ def test_failure_status(self):
     # Note that Django will use the values in the settings, altering
     # CACHES right now will still work if your settings allow it. Urk.
     @patch('requests.get')
-    @patch.object(StatusObject, 'test_cache')
-    @patch.object(StatusObject, 'test_db')
+    @patch('lib.services.resources.StatusObject.test_cache')
+    @patch('lib.services.resources.StatusObject.test_db')
     def test_proxy(self, test_db, test_cache, requests):
         with self.settings(SOLITUDE_PROXY=True,
                            DATABASES={'default': {'ENGINE': ''}},
@@ -40,31 +42,25 @@ def test_proxy(self, test_db, test_cache, requests):
             eq_(res.status_code, 200, res.content)
 
     @patch('requests.get')
-    @patch.object(StatusObject, 'test_cache')
-    @patch.object(StatusObject, 'test_db')
+    @patch('lib.services.resources.StatusObject.test_cache')
+    @patch('lib.services.resources.StatusObject.test_db')
     def test_proxy_db(self, test_db, test_cache, requests):
+        test_db.return_value = False
+        test_cache.return_value = False
         with self.settings(SOLITUDE_PROXY=True,
                            DATABASES={'default': {'ENGINE': 'foo'}},
                            CACHES={}):
             self.failed(self.client.get(self.list_url), 'settings')
 
 
-@patch.object(settings, 'DEBUG', False)
-class TestError(APITest):
-
-    def setUp(self):
-        self.api_name = 'services'
-        self.list_url = self.get_list_url('error')
+class TestErrors(APITest):
 
     def test_throws_error(self):
-        res = self.client.get(self.list_url)
-        eq_(res.status_code, 500)
-        data = json.loads(res.content)
-        eq_(data['error_message'], 'This is a test.')
+        with self.assertRaises(TestError):
+            self.client.get(reverse('services.error'))
 
 
 class TestNoop(APITest):
 
     def test_noop(self):
-        self.api_name = 'services'
-        eq_(self.client.get(self.get_list_url('request')).status_code, 200)
+        eq_(self.client.get(reverse('services.request')).status_code, 200)
@@ -24,7 +24,8 @@ class Transaction(Model):
     currency = models.CharField(max_length=3, blank=True)
     provider = models.PositiveIntegerField(choices=constants.SOURCES_CHOICES)
     related = models.ForeignKey('self', blank=True, null=True,
-                                on_delete=models.PROTECT)
+                                on_delete=models.PROTECT,
+                                related_name='relations')
     seller_product = models.ForeignKey('sellers.SellerProduct', db_index=True)
     status = models.PositiveIntegerField(default=constants.STATUS_DEFAULT,
                                          choices=constants.STATUSES_CHOICES)
 
@@ -12,6 +12,7 @@ dj-database-url==0.2.1
 django-aesfield==0.1
 django-celery==2.2.4
 django-extensions==0.9
+django-filter==0.6
 django-multidb-router==0.5
 django-nose==1.1
 django-paranoia==0.1.7
@@ -20,6 +21,7 @@ django-raven-metlog==0.1
 django-sha2==0.4
 django-statsd-mozilla==0.3.8.3
 django-tastypie==0.9.11
+djangorestframework==2.3.5
 funfactory==2.1.1
 gunicorn==0.17.2
 httplib2==0.7.6
@@ -46,7 +48,6 @@ six==1.2.0
 slumber==0.5.3
 statsd==1.0.0
 suds==0.4
-tastypie-services==0.2.2
 tower==0.3.4
 
 # not on pypi
 
@@ -3,6 +3,8 @@
 from django.conf import settings
 import oauth2
 
+from rest_framework.authentication import BaseAuthentication
+from rest_framework.exceptions import AuthenticationFailed
 from tastypie.authentication import Authentication
 
 from solitude.logger import getLogger
@@ -59,6 +61,36 @@ def is_authenticated(self, request, **kwargs):
             return False
 
 
+class DummyUser(object):
+    pass
+
+
+class RestOAuthAuthentication(BaseAuthentication):
+
+    def authenticate(self, request):
+        auth_header_value = request.META.get('HTTP_AUTHORIZATION', None)
+        request.OAUTH_KEY = None
+        oauth_server, oauth_request = initialize_oauth_server_request(request)
+        try:
+            key = get_oauth_consumer_key_from_header(auth_header_value)
+            if not key:
+                if settings.REQUIRE_OAUTH:
+                    return None
+                return (DummyUser(), None)
+            oauth_server.verify_request(oauth_request, Consumer(key), None)
+            request.OAUTH_KEY = key
+            log.info(u'Access granted: %s' % key)
+            return (DummyUser(), None)
+
+        except KeyError:
+            log.error(u'No key: %s' % key)
+            return AuthenticationFailed
+
+        except:
+            log.error(u'Access failed: %s' % key, exc_info=True)
+            return AuthenticationFailed
+
+
 def initialize_oauth_server_request(request):
     """
     OAuth initialization.