Python Django REST权限不返回403
我现在正在Django REST3.5上创建一个测试用例Python Django REST权限不返回403,python,django,django-rest-framework,Python,Django,Django Rest Framework,我现在正在Django REST3.5上创建一个测试用例 这是我的tests.py 问题: 它返回201,而不是403。我不希望创建对象 import os import pytest from rest_framework.test import APIClient from apps.price_list_excel_files.models import PriceListExcelFile def upload_excel(user: str, passwd: str) ->
这是我的
tests.py它返回
201403import os
import pytest
from rest_framework.test import APIClient
from apps.price_list_excel_files.models import PriceListExcelFile
def upload_excel(user: str, passwd: str) -> tuple:
client = APIClient()
client.login(username=user, password=passwd)
dir_path = os.path.dirname(os.path.realpath(__file__))
with open(dir_path + '/mixed_case.xlsx', 'rb') as fp:
response = client.post(
'/api/price-list-excel-files/',
{'file': fp},
format='multipart'
)
return client, response
def test_service_manager_upload_excel(prepare_service_mgrs):
client, response = upload_excel("smgr1", "smgr1password")
assert 403 == response.status_code
assert 0 == PriceListExcelFile.objects.count()
models.pyfrom django.db import models
from django.db.models.signals import post_save
from apps.commons.models import AbstractModelController
from apps.price_list_excel_files.permissions import PriceListExcelFilePermisionMixin
from apps.price_list_excel_files.validators import validate_file_extension, validate_head_columns
from apps.price_lists.utils import get_xlsx2db
class PriceListExcelFile(AbstractModelController, PriceListExcelFilePermisionMixin):
"""
A table that store the file record in the system
Feature from Access Level. View is user be able to download an Excel file
Price list
Service MGR View
Service Staff View
"""
file = models.FileField(upload_to='./excels', validators=[validate_file_extension, validate_head_columns])
class Meta:
ordering = ['-id']
post_save.connect(get_xlsx2db, sender=PriceListExcelFile)
权限.pyfrom apps.accounting_users.models import AccountingUser
from apps.marketing_users.models import MarketingUser
from apps.mgmt_users.models import ManagementUser
class PriceListExcelFilePermisionMixin:
@staticmethod
def has_read_permission(request):
return True
def has_object_read_permission(self, request):
return True
@staticmethod
def has_write_permission(request):
import pdb;
pdb.set_trace()
if request.user.is_anonymous():
return False
else:
return ManagementUser.objects.filter(user=request.user).exists() or \
AccountingUser.objects.filter(user=request.user).exists() or \
MarketingUser.objects.filter(user=request.user).exists()
from django.urls import reverse_lazy
from django.views.generic import CreateView
from rest_framework import generics
from apps.price_list_excel_files.forms import UploadFileForm
from apps.price_list_excel_files.models import PriceListExcelFile
from apps.price_list_excel_files.serializers import PriceListExcelFileSerializer
class PriceListExcelFileList(generics.ListCreateAPIView):
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListExcelFileDetail(generics.RetrieveUpdateDestroyAPIView):
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListUploadExcel(CreateView):
template_name = 'price_list_excel_files/upload.html'
form_class = UploadFileForm
def get_form_kwargs(self):
"""
This view has no PUT because user always upload new file
:return:
"""
kwargs = super().get_form_kwargs()
kwargs['user'] = self.request.user
return kwargs
def get_success_url(self):
return reverse_lazy('api:price_list_excel_files:list')
> /Users/el/.pyenv/versions/3.6.0/envs/siam-sbrand/lib/python3.6/site-packages/rest_framework/mixins.py(28)get_success_headers()
-> def get_success_headers(self, data):
(Pdb) list
23 return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers)
24
25 def perform_create(self, serializer):
26 serializer.save()
27
28 -> def get_success_headers(self, data):
29 try:
30 return {'Location': data[api_settings.URL_FIELD_NAME]}
31 except (TypeError, KeyError):
32 return {}
33
(Pdb) api_settings.URL_FIELD_NAME
'url'
(Pdb) data
{'id': 1, 'file': 'http://testserver/media/excels/mixed_case_bYU8C82.xlsx', 'permissions': {'write': False, 'read': True}}
(Pdb) data[api_settings.URL_FIELD_NAME]
*** KeyError: 'url'
from django.urls import reverse_lazy
from django.views.generic import CreateView
from dry_rest_permissions.generics import DRYPermissions
from rest_framework import generics
from apps.price_list_excel_files.forms import UploadFileForm
from apps.price_list_excel_files.models import PriceListExcelFile
from apps.price_list_excel_files.serializers import PriceListExcelFileSerializer
class PriceListExcelFileList(generics.ListCreateAPIView):
permission_classes = (DRYPermissions,)
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListExcelFileDetail(generics.RetrieveUpdateDestroyAPIView):
permission_classes = (DRYPermissions,)
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListUploadExcel(CreateView):
permission_classes = (DRYPermissions,)
template_name = 'price_list_excel_files/upload.html'
form_class = UploadFileForm
def get_form_kwargs(self):
"""
This view has no PUT because user always upload new file
:return:
"""
kwargs = super().get_form_kwargs()
kwargs['user'] = self.request.user
return kwargs
def get_success_url(self):
return reverse_lazy('api:price_list_excel_files:list')
def test_service_manager_upload_excel(prepare_service_mgrs):
client, response = upload_excel("smgr1", "smgr1password")
assert 403 == response.status_code
assert 0 == PriceListExcelFile.objects.count()
from apps.accounting_users.models import AccountingUser
from apps.marketing_users.models import MarketingUser
from apps.mgmt_users.models import ManagementUser
class PriceListExcelFilePermisionMixin:
@staticmethod
def has_read_permission(request):
return True
def has_object_read_permission(self, request):
return True
@staticmethod
def has_write_permission(request):
import pdb;
pdb.set_trace()
if request.user.is_anonymous():
return False
else:
return ManagementUser.objects.filter(user=request.user).exists() or \
AccountingUser.objects.filter(user=request.user).exists() or \
MarketingUser.objects.filter(user=request.user).exists()
from django.urls import reverse_lazy
from django.views.generic import CreateView
from rest_framework import generics
from apps.price_list_excel_files.forms import UploadFileForm
from apps.price_list_excel_files.models import PriceListExcelFile
from apps.price_list_excel_files.serializers import PriceListExcelFileSerializer
class PriceListExcelFileList(generics.ListCreateAPIView):
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListExcelFileDetail(generics.RetrieveUpdateDestroyAPIView):
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListUploadExcel(CreateView):
template_name = 'price_list_excel_files/upload.html'
form_class = UploadFileForm
def get_form_kwargs(self):
"""
This view has no PUT because user always upload new file
:return:
"""
kwargs = super().get_form_kwargs()
kwargs['user'] = self.request.user
return kwargs
def get_success_url(self):
return reverse_lazy('api:price_list_excel_files:list')
> /Users/el/.pyenv/versions/3.6.0/envs/siam-sbrand/lib/python3.6/site-packages/rest_framework/mixins.py(28)get_success_headers()
-> def get_success_headers(self, data):
(Pdb) list
23 return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers)
24
25 def perform_create(self, serializer):
26 serializer.save()
27
28 -> def get_success_headers(self, data):
29 try:
30 return {'Location': data[api_settings.URL_FIELD_NAME]}
31 except (TypeError, KeyError):
32 return {}
33
(Pdb) api_settings.URL_FIELD_NAME
'url'
(Pdb) data
{'id': 1, 'file': 'http://testserver/media/excels/mixed_case_bYU8C82.xlsx', 'permissions': {'write': False, 'read': True}}
(Pdb) data[api_settings.URL_FIELD_NAME]
*** KeyError: 'url'
from django.urls import reverse_lazy
from django.views.generic import CreateView
from dry_rest_permissions.generics import DRYPermissions
from rest_framework import generics
from apps.price_list_excel_files.forms import UploadFileForm
from apps.price_list_excel_files.models import PriceListExcelFile
from apps.price_list_excel_files.serializers import PriceListExcelFileSerializer
class PriceListExcelFileList(generics.ListCreateAPIView):
permission_classes = (DRYPermissions,)
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListExcelFileDetail(generics.RetrieveUpdateDestroyAPIView):
permission_classes = (DRYPermissions,)
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListUploadExcel(CreateView):
permission_classes = (DRYPermissions,)
template_name = 'price_list_excel_files/upload.html'
form_class = UploadFileForm
def get_form_kwargs(self):
"""
This view has no PUT because user always upload new file
:return:
"""
kwargs = super().get_form_kwargs()
kwargs['user'] = self.request.user
return kwargs
def get_success_url(self):
return reverse_lazy('api:price_list_excel_files:list')
def test_service_manager_upload_excel(prepare_service_mgrs):
client, response = upload_excel("smgr1", "smgr1password")
assert 403 == response.status_code
assert 0 == PriceListExcelFile.objects.count()
from apps.accounting_users.models import AccountingUser
from apps.marketing_users.models import MarketingUser
from apps.mgmt_users.models import ManagementUser
class PriceListExcelFilePermisionMixin:
@staticmethod
def has_read_permission(request):
return True
def has_object_read_permission(self, request):
return True
@staticmethod
def has_write_permission(request):
import pdb;
pdb.set_trace()
if request.user.is_anonymous():
return False
else:
return ManagementUser.objects.filter(user=request.user).exists() or \
AccountingUser.objects.filter(user=request.user).exists() or \
MarketingUser.objects.filter(user=request.user).exists()
from django.urls import reverse_lazy
from django.views.generic import CreateView
from rest_framework import generics
from apps.price_list_excel_files.forms import UploadFileForm
from apps.price_list_excel_files.models import PriceListExcelFile
from apps.price_list_excel_files.serializers import PriceListExcelFileSerializer
class PriceListExcelFileList(generics.ListCreateAPIView):
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListExcelFileDetail(generics.RetrieveUpdateDestroyAPIView):
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListUploadExcel(CreateView):
template_name = 'price_list_excel_files/upload.html'
form_class = UploadFileForm
def get_form_kwargs(self):
"""
This view has no PUT because user always upload new file
:return:
"""
kwargs = super().get_form_kwargs()
kwargs['user'] = self.request.user
return kwargs
def get_success_url(self):
return reverse_lazy('api:price_list_excel_files:list')
> /Users/el/.pyenv/versions/3.6.0/envs/siam-sbrand/lib/python3.6/site-packages/rest_framework/mixins.py(28)get_success_headers()
-> def get_success_headers(self, data):
(Pdb) list
23 return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers)
24
25 def perform_create(self, serializer):
26 serializer.save()
27
28 -> def get_success_headers(self, data):
29 try:
30 return {'Location': data[api_settings.URL_FIELD_NAME]}
31 except (TypeError, KeyError):
32 return {}
33
(Pdb) api_settings.URL_FIELD_NAME
'url'
(Pdb) data
{'id': 1, 'file': 'http://testserver/media/excels/mixed_case_bYU8C82.xlsx', 'permissions': {'write': False, 'read': True}}
(Pdb) data[api_settings.URL_FIELD_NAME]
*** KeyError: 'url'
from django.urls import reverse_lazy
from django.views.generic import CreateView
from dry_rest_permissions.generics import DRYPermissions
from rest_framework import generics
from apps.price_list_excel_files.forms import UploadFileForm
from apps.price_list_excel_files.models import PriceListExcelFile
from apps.price_list_excel_files.serializers import PriceListExcelFileSerializer
class PriceListExcelFileList(generics.ListCreateAPIView):
permission_classes = (DRYPermissions,)
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListExcelFileDetail(generics.RetrieveUpdateDestroyAPIView):
permission_classes = (DRYPermissions,)
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListUploadExcel(CreateView):
permission_classes = (DRYPermissions,)
template_name = 'price_list_excel_files/upload.html'
form_class = UploadFileForm
def get_form_kwargs(self):
"""
This view has no PUT because user always upload new file
:return:
"""
kwargs = super().get_form_kwargs()
kwargs['user'] = self.request.user
return kwargs
def get_success_url(self):
return reverse_lazy('api:price_list_excel_files:list')
def test_service_manager_upload_excel(prepare_service_mgrs):
client, response = upload_excel("smgr1", "smgr1password")
assert 403 == response.status_code
assert 0 == PriceListExcelFile.objects.count()
KeyError这是一个bug还是我在测试用例中遗漏了什么?@JensAStrup 你说得对
我忘记了在
views.py中的权限。非常感谢。
希望我的帖子能成为一个例子
视图.py:
from apps.accounting_users.models import AccountingUser
from apps.marketing_users.models import MarketingUser
from apps.mgmt_users.models import ManagementUser
class PriceListExcelFilePermisionMixin:
@staticmethod
def has_read_permission(request):
return True
def has_object_read_permission(self, request):
return True
@staticmethod
def has_write_permission(request):
import pdb;
pdb.set_trace()
if request.user.is_anonymous():
return False
else:
return ManagementUser.objects.filter(user=request.user).exists() or \
AccountingUser.objects.filter(user=request.user).exists() or \
MarketingUser.objects.filter(user=request.user).exists()
from django.urls import reverse_lazy
from django.views.generic import CreateView
from rest_framework import generics
from apps.price_list_excel_files.forms import UploadFileForm
from apps.price_list_excel_files.models import PriceListExcelFile
from apps.price_list_excel_files.serializers import PriceListExcelFileSerializer
class PriceListExcelFileList(generics.ListCreateAPIView):
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListExcelFileDetail(generics.RetrieveUpdateDestroyAPIView):
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListUploadExcel(CreateView):
template_name = 'price_list_excel_files/upload.html'
form_class = UploadFileForm
def get_form_kwargs(self):
"""
This view has no PUT because user always upload new file
:return:
"""
kwargs = super().get_form_kwargs()
kwargs['user'] = self.request.user
return kwargs
def get_success_url(self):
return reverse_lazy('api:price_list_excel_files:list')
> /Users/el/.pyenv/versions/3.6.0/envs/siam-sbrand/lib/python3.6/site-packages/rest_framework/mixins.py(28)get_success_headers()
-> def get_success_headers(self, data):
(Pdb) list
23 return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers)
24
25 def perform_create(self, serializer):
26 serializer.save()
27
28 -> def get_success_headers(self, data):
29 try:
30 return {'Location': data[api_settings.URL_FIELD_NAME]}
31 except (TypeError, KeyError):
32 return {}
33
(Pdb) api_settings.URL_FIELD_NAME
'url'
(Pdb) data
{'id': 1, 'file': 'http://testserver/media/excels/mixed_case_bYU8C82.xlsx', 'permissions': {'write': False, 'read': True}}
(Pdb) data[api_settings.URL_FIELD_NAME]
*** KeyError: 'url'
from django.urls import reverse_lazy
from django.views.generic import CreateView
from dry_rest_permissions.generics import DRYPermissions
from rest_framework import generics
from apps.price_list_excel_files.forms import UploadFileForm
from apps.price_list_excel_files.models import PriceListExcelFile
from apps.price_list_excel_files.serializers import PriceListExcelFileSerializer
class PriceListExcelFileList(generics.ListCreateAPIView):
permission_classes = (DRYPermissions,)
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListExcelFileDetail(generics.RetrieveUpdateDestroyAPIView):
permission_classes = (DRYPermissions,)
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListUploadExcel(CreateView):
permission_classes = (DRYPermissions,)
template_name = 'price_list_excel_files/upload.html'
form_class = UploadFileForm
def get_form_kwargs(self):
"""
This view has no PUT because user always upload new file
:return:
"""
kwargs = super().get_form_kwargs()
kwargs['user'] = self.request.user
return kwargs
def get_success_url(self):
return reverse_lazy('api:price_list_excel_files:list')
def test_service_manager_upload_excel(prepare_service_mgrs):
client, response = upload_excel("smgr1", "smgr1password")
assert 403 == response.status_code
assert 0 == PriceListExcelFile.objects.count()
测试.py:
from apps.accounting_users.models import AccountingUser
from apps.marketing_users.models import MarketingUser
from apps.mgmt_users.models import ManagementUser
class PriceListExcelFilePermisionMixin:
@staticmethod
def has_read_permission(request):
return True
def has_object_read_permission(self, request):
return True
@staticmethod
def has_write_permission(request):
import pdb;
pdb.set_trace()
if request.user.is_anonymous():
return False
else:
return ManagementUser.objects.filter(user=request.user).exists() or \
AccountingUser.objects.filter(user=request.user).exists() or \
MarketingUser.objects.filter(user=request.user).exists()
from django.urls import reverse_lazy
from django.views.generic import CreateView
from rest_framework import generics
from apps.price_list_excel_files.forms import UploadFileForm
from apps.price_list_excel_files.models import PriceListExcelFile
from apps.price_list_excel_files.serializers import PriceListExcelFileSerializer
class PriceListExcelFileList(generics.ListCreateAPIView):
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListExcelFileDetail(generics.RetrieveUpdateDestroyAPIView):
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListUploadExcel(CreateView):
template_name = 'price_list_excel_files/upload.html'
form_class = UploadFileForm
def get_form_kwargs(self):
"""
This view has no PUT because user always upload new file
:return:
"""
kwargs = super().get_form_kwargs()
kwargs['user'] = self.request.user
return kwargs
def get_success_url(self):
return reverse_lazy('api:price_list_excel_files:list')
> /Users/el/.pyenv/versions/3.6.0/envs/siam-sbrand/lib/python3.6/site-packages/rest_framework/mixins.py(28)get_success_headers()
-> def get_success_headers(self, data):
(Pdb) list
23 return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers)
24
25 def perform_create(self, serializer):
26 serializer.save()
27
28 -> def get_success_headers(self, data):
29 try:
30 return {'Location': data[api_settings.URL_FIELD_NAME]}
31 except (TypeError, KeyError):
32 return {}
33
(Pdb) api_settings.URL_FIELD_NAME
'url'
(Pdb) data
{'id': 1, 'file': 'http://testserver/media/excels/mixed_case_bYU8C82.xlsx', 'permissions': {'write': False, 'read': True}}
(Pdb) data[api_settings.URL_FIELD_NAME]
*** KeyError: 'url'
from django.urls import reverse_lazy
from django.views.generic import CreateView
from dry_rest_permissions.generics import DRYPermissions
from rest_framework import generics
from apps.price_list_excel_files.forms import UploadFileForm
from apps.price_list_excel_files.models import PriceListExcelFile
from apps.price_list_excel_files.serializers import PriceListExcelFileSerializer
class PriceListExcelFileList(generics.ListCreateAPIView):
permission_classes = (DRYPermissions,)
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListExcelFileDetail(generics.RetrieveUpdateDestroyAPIView):
permission_classes = (DRYPermissions,)
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListUploadExcel(CreateView):
permission_classes = (DRYPermissions,)
template_name = 'price_list_excel_files/upload.html'
form_class = UploadFileForm
def get_form_kwargs(self):
"""
This view has no PUT because user always upload new file
:return:
"""
kwargs = super().get_form_kwargs()
kwargs['user'] = self.request.user
return kwargs
def get_success_url(self):
return reverse_lazy('api:price_list_excel_files:list')
def test_service_manager_upload_excel(prepare_service_mgrs):
client, response = upload_excel("smgr1", "smgr1password")
assert 403 == response.status_code
assert 0 == PriceListExcelFile.objects.count()
@詹萨斯特鲁普
你说得对
我忘记了在views.py中的权限。非常感谢。
希望我的帖子能成为一个例子
视图.py:
from apps.accounting_users.models import AccountingUser
from apps.marketing_users.models import MarketingUser
from apps.mgmt_users.models import ManagementUser
class PriceListExcelFilePermisionMixin:
@staticmethod
def has_read_permission(request):
return True
def has_object_read_permission(self, request):
return True
@staticmethod
def has_write_permission(request):
import pdb;
pdb.set_trace()
if request.user.is_anonymous():
return False
else:
return ManagementUser.objects.filter(user=request.user).exists() or \
AccountingUser.objects.filter(user=request.user).exists() or \
MarketingUser.objects.filter(user=request.user).exists()
from django.urls import reverse_lazy
from django.views.generic import CreateView
from rest_framework import generics
from apps.price_list_excel_files.forms import UploadFileForm
from apps.price_list_excel_files.models import PriceListExcelFile
from apps.price_list_excel_files.serializers import PriceListExcelFileSerializer
class PriceListExcelFileList(generics.ListCreateAPIView):
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListExcelFileDetail(generics.RetrieveUpdateDestroyAPIView):
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListUploadExcel(CreateView):
template_name = 'price_list_excel_files/upload.html'
form_class = UploadFileForm
def get_form_kwargs(self):
"""
This view has no PUT because user always upload new file
:return:
"""
kwargs = super().get_form_kwargs()
kwargs['user'] = self.request.user
return kwargs
def get_success_url(self):
return reverse_lazy('api:price_list_excel_files:list')
> /Users/el/.pyenv/versions/3.6.0/envs/siam-sbrand/lib/python3.6/site-packages/rest_framework/mixins.py(28)get_success_headers()
-> def get_success_headers(self, data):
(Pdb) list
23 return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers)
24
25 def perform_create(self, serializer):
26 serializer.save()
27
28 -> def get_success_headers(self, data):
29 try:
30 return {'Location': data[api_settings.URL_FIELD_NAME]}
31 except (TypeError, KeyError):
32 return {}
33
(Pdb) api_settings.URL_FIELD_NAME
'url'
(Pdb) data
{'id': 1, 'file': 'http://testserver/media/excels/mixed_case_bYU8C82.xlsx', 'permissions': {'write': False, 'read': True}}
(Pdb) data[api_settings.URL_FIELD_NAME]
*** KeyError: 'url'
from django.urls import reverse_lazy
from django.views.generic import CreateView
from dry_rest_permissions.generics import DRYPermissions
from rest_framework import generics
from apps.price_list_excel_files.forms import UploadFileForm
from apps.price_list_excel_files.models import PriceListExcelFile
from apps.price_list_excel_files.serializers import PriceListExcelFileSerializer
class PriceListExcelFileList(generics.ListCreateAPIView):
permission_classes = (DRYPermissions,)
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListExcelFileDetail(generics.RetrieveUpdateDestroyAPIView):
permission_classes = (DRYPermissions,)
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListUploadExcel(CreateView):
permission_classes = (DRYPermissions,)
template_name = 'price_list_excel_files/upload.html'
form_class = UploadFileForm
def get_form_kwargs(self):
"""
This view has no PUT because user always upload new file
:return:
"""
kwargs = super().get_form_kwargs()
kwargs['user'] = self.request.user
return kwargs
def get_success_url(self):
return reverse_lazy('api:price_list_excel_files:list')
def test_service_manager_upload_excel(prepare_service_mgrs):
client, response = upload_excel("smgr1", "smgr1password")
assert 403 == response.status_code
assert 0 == PriceListExcelFile.objects.count()
测试.py:
from apps.accounting_users.models import AccountingUser
from apps.marketing_users.models import MarketingUser
from apps.mgmt_users.models import ManagementUser
class PriceListExcelFilePermisionMixin:
@staticmethod
def has_read_permission(request):
return True
def has_object_read_permission(self, request):
return True
@staticmethod
def has_write_permission(request):
import pdb;
pdb.set_trace()
if request.user.is_anonymous():
return False
else:
return ManagementUser.objects.filter(user=request.user).exists() or \
AccountingUser.objects.filter(user=request.user).exists() or \
MarketingUser.objects.filter(user=request.user).exists()
from django.urls import reverse_lazy
from django.views.generic import CreateView
from rest_framework import generics
from apps.price_list_excel_files.forms import UploadFileForm
from apps.price_list_excel_files.models import PriceListExcelFile
from apps.price_list_excel_files.serializers import PriceListExcelFileSerializer
class PriceListExcelFileList(generics.ListCreateAPIView):
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListExcelFileDetail(generics.RetrieveUpdateDestroyAPIView):
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListUploadExcel(CreateView):
template_name = 'price_list_excel_files/upload.html'
form_class = UploadFileForm
def get_form_kwargs(self):
"""
This view has no PUT because user always upload new file
:return:
"""
kwargs = super().get_form_kwargs()
kwargs['user'] = self.request.user
return kwargs
def get_success_url(self):
return reverse_lazy('api:price_list_excel_files:list')
> /Users/el/.pyenv/versions/3.6.0/envs/siam-sbrand/lib/python3.6/site-packages/rest_framework/mixins.py(28)get_success_headers()
-> def get_success_headers(self, data):
(Pdb) list
23 return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers)
24
25 def perform_create(self, serializer):
26 serializer.save()
27
28 -> def get_success_headers(self, data):
29 try:
30 return {'Location': data[api_settings.URL_FIELD_NAME]}
31 except (TypeError, KeyError):
32 return {}
33
(Pdb) api_settings.URL_FIELD_NAME
'url'
(Pdb) data
{'id': 1, 'file': 'http://testserver/media/excels/mixed_case_bYU8C82.xlsx', 'permissions': {'write': False, 'read': True}}
(Pdb) data[api_settings.URL_FIELD_NAME]
*** KeyError: 'url'
from django.urls import reverse_lazy
from django.views.generic import CreateView
from dry_rest_permissions.generics import DRYPermissions
from rest_framework import generics
from apps.price_list_excel_files.forms import UploadFileForm
from apps.price_list_excel_files.models import PriceListExcelFile
from apps.price_list_excel_files.serializers import PriceListExcelFileSerializer
class PriceListExcelFileList(generics.ListCreateAPIView):
permission_classes = (DRYPermissions,)
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListExcelFileDetail(generics.RetrieveUpdateDestroyAPIView):
permission_classes = (DRYPermissions,)
queryset = PriceListExcelFile.objects.all()
serializer_class = PriceListExcelFileSerializer
class PriceListUploadExcel(CreateView):
permission_classes = (DRYPermissions,)
template_name = 'price_list_excel_files/upload.html'
form_class = UploadFileForm
def get_form_kwargs(self):
"""
This view has no PUT because user always upload new file
:return:
"""
kwargs = super().get_form_kwargs()
kwargs['user'] = self.request.user
return kwargs
def get_success_url(self):
return reverse_lazy('api:price_list_excel_files:list')
def test_service_manager_upload_excel(prepare_service_mgrs):
client, response = upload_excel("smgr1", "smgr1password")
assert 403 == response.status_code
assert 0 == PriceListExcelFile.objects.count()
您可以共享Rest框架视图吗?前提是我们知道您运行测试的对象。@JensAstrup OK。一个moment@JensAstrup给您。@AllѕVааіy我正在对我系统中的未经授权用户运行测试。您可以共享Rest框架视图吗?前提是我们知道您运行测试的对象。@JensAstrup OK。一个moment@JensAstrup给你。@AllѕVааіy我正在对系统中未经许可的用户运行测试