Minor fixes.

2013-04-04 17:19:43 +02:00 · 2013-04-04 17:19:43 +02:00 · 31c86c8f8d
parent ef7c15ec1d
commit 31c86c8f8d
5 changed files with 52 additions and 2 deletions
--- a/README.rst
+++ b/README.rst
@ -11,3 +11,14 @@ Setup development environment.
    python manage.py syncdb --migrate --noinput
    python manage.py loaddata initial_user
    python manage.py sample_data
+
+
+Auth: admin/123123
+
+
+Polyfill's
+----------
+
+Django-Rest Framework by default returns 403 for not authenticated requests and permission denied
+requests. On ``base.__init__`` has a monky patch for this bug. On its solved on django rest framework,
+this patch must be removed.
--- a/greenmine/base/models.py
+++ b/greenmine/base/models.py
@ -64,3 +64,9 @@ class Role(models.Model):

    def __unicode__(self):
        return unicode(self.name)
+
+
+
+# Patch api view for correctly return 401 responses on
+# request is authenticated instead of 403
+from .monkey import patch_api_view; patch_api_view()
--- a/greenmine/base/monkey.py
+++ b/greenmine/base/monkey.py
@ -0,0 +1,31 @@
+# -*- coding: utf-8 -*-
+
+from rest_framework import views
+from rest_framework import status, exceptions
+from rest_framework.response import Response
+
+def patch_api_view():
+    from django.views.generic import View
+
+    if hasattr(views, "_patched"):
+        return
+
+    views._APIView = views.APIView
+    views._patched = True
+
+    class APIView(views.APIView):
+        def handle_exception(self, exc):
+            if isinstance(exc, exceptions.NotAuthenticated):
+                return Response({'detail': 'Not authenticated'},
+                                status=status.HTTP_401_UNAUTHORIZED,
+                                exception=True)
+            return super(APIView, self).handle_exception(exc)
+
+        @classmethod
+        def as_view(cls, **initkwargs):
+            view = super(views._APIView, cls).as_view(**initkwargs)
+            view.cls_instance = cls(**initkwargs)
+            return view
+
+    print "Patching APIView"
+    views.APIView = APIView
--- a/greenmine/base/urls.py
+++ b/greenmine/base/urls.py
@ -3,6 +3,7 @@ from rest_framework.urlpatterns import format_suffix_patterns

 from greenmine.base.api import Login, Logout, ApiRoot

+
 urlpatterns = format_suffix_patterns(patterns('',
    url(r'^auth/login/$', Login.as_view(), name='login'),
    url(r'^auth/logout/$', Logout.as_view(), name='logout'),
--- a/greenmine/scrum/api.py
+++ b/greenmine/scrum/api.py
@ -174,8 +174,9 @@ class IssueDetail(generics.RetrieveUpdateDestroyAPIView):

    def post_save(self, obj, created=False):
        with reversion.create_revision():
-            #Update the comment in the last version
-            reversion.set_comment(self.request.DATA['comment'])
+            if "comment" in self.request.DATA:
+                # Update the comment in the last version
+                reversion.set_comment(self.request.DATA['comment'])


 class SeverityList(generics.ListCreateAPIView):