-
-
Potentially, you could have several sites but have them all anonymous. So we should check if anonymous access is enabled for the site before requiring an authenticated user.
-
The assert_ functions are being deprecated in Python 2.7 and I believe in Django. The docs say to just use assertTrue, which should do the right thing.
-
Can we maybe move this import into the class definition? Or will that continue to break things? I think we end up taking a small performance hit every time encode() is called, and that's called quite a lot.
-
-
If a name is specified but it doesn't exist in the database, this will return None and we'll check if the user has access on the default site. Is that what we want? Feels like we should instead error out with a 404.
-
Do a lot of preparatory work for adding local-site rooting to the webapi.
Review Request #1950 — Created Nov. 27, 2010 and submitted
Do a lot of preparatory work for adding local-site rooting to the webapi. This change adds a bunch of infrastructure to prepare for my next changes which actually add knowledge of local-site infrastructure and URLs to the API. This includes: - New test fixtures. - Local site checking in manager.accessible() and model.is_accessible_by() for Group, LocalSite, Repository, and ReviewRequest. - A fix for a circular import in webapi/encoder.py (this import was only circular when running -only- the webapi tests, for some reason). - A fix for the to_group_deprecated mess (this actually adds local-site knowledge to a bit of the deprecated json API, which wasn't planned yet but it's nice to clean it up). - Add a check_local_site decorator which will be used to check for access to the local site before returning data or links. - Add an override of WebAPIResource.get_href which knows how to serialize links including the local-site name.
Ran unit tests.
- Change Summary:
-
- Fix imports for decorator (found when trying to actually use it) - Fix get_href to take into account the SITE_ROOT.
- Diff:
-
Revision 3 (+220 -82)