Use API Key for accessing telemetry API endpoint
Signed-off-by: Alfredos-Panagiotis Damkalis <fredy@fredy.gr>spacecruft
parent
b63487e8c4
commit
4b721a4488
|
@ -0,0 +1,16 @@
|
|||
"""SatNOGS DB API permissions, django rest framework"""
|
||||
from __future__ import absolute_import
|
||||
|
||||
from rest_framework import permissions
|
||||
|
||||
|
||||
class SafeMethodsWithPermission(permissions.BasePermission):
|
||||
"""Access non-destructive methods (like GET and HEAD) with API Key"""
|
||||
|
||||
def has_permission(self, request, view):
|
||||
return self.has_object_permission(request, view)
|
||||
|
||||
def has_object_permission(self, request, view, obj=None):
|
||||
if request.method in permissions.SAFE_METHODS:
|
||||
return request.user.is_authenticated
|
||||
return True
|
|
@ -95,9 +95,9 @@ class TelemetryViewApiTest(TestCase):
|
|||
def test_list(self):
|
||||
"""Test the Telemetry API listing"""
|
||||
response = self.client.get('/api/telemetry/', format='json')
|
||||
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
||||
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
|
||||
|
||||
def test_retrieve(self):
|
||||
"""Test the Telemetry API retrieval"""
|
||||
response = self.client.get('/api/telemetry/{0}/'.format(self.datum.id), format='json')
|
||||
self.assertContains(response, self.datum.observer)
|
||||
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
|
||||
|
|
|
@ -5,10 +5,10 @@ from __future__ import absolute_import, division, print_function, \
|
|||
from django.core.files.base import ContentFile
|
||||
from rest_framework import mixins, status, viewsets
|
||||
from rest_framework.parsers import FileUploadParser, FormParser
|
||||
from rest_framework.permissions import AllowAny
|
||||
from rest_framework.response import Response
|
||||
|
||||
from db.api import filters, pagination, serializers
|
||||
from db.api.perms import SafeMethodsWithPermission
|
||||
from db.base.models import DemodData, Mode, Satellite, Transmitter
|
||||
from db.base.tasks import update_satellite
|
||||
|
||||
|
@ -42,7 +42,7 @@ class TelemetryView( # pylint: disable=R0901
|
|||
queryset = DemodData.objects.all()
|
||||
serializer_class = serializers.TelemetrySerializer
|
||||
filter_class = filters.TelemetryViewFilter
|
||||
permission_classes = (AllowAny, )
|
||||
permission_classes = [SafeMethodsWithPermission]
|
||||
parser_classes = (FormParser, FileUploadParser)
|
||||
pagination_class = pagination.LinkedHeaderPageNumberPagination
|
||||
|
||||
|
|
|
@ -56,7 +56,7 @@
|
|||
<span class="caret"></span>
|
||||
</a>
|
||||
<ul class="dropdown-menu" role="menu">
|
||||
<li><a href="{% url 'users_edit' %}">Settings</a></li>
|
||||
<li><a href="{% url 'users_edit' %}">Settings/API Key</a></li>
|
||||
{{ logout_block }}
|
||||
</ul>
|
||||
</li>
|
||||
|
|
Loading…
Reference in New Issue