Comments (1)
hamishwillee
commented on May 22, 2024
1
@isherifwilson Thanks very much - good catch. Yes it is inconsistent.
Arguably the behaviour in RenewBookInstancesViewTest is wrong - if you're not logged and you're trying to do something that requires permissions then you should be taken to a login screen to log in - ie the status code will be 302 (redirect). If you are logged in but have the incorrect permissions then you should get 403 forbidden. Redirecting to login again when you're already logged in is annoying
As you say, the default permissions on function and class based views are different (this may have changed since I designed the test). Essentially though we need two decorators in the function view case, and the permission one has to raise an exception:
@login_required
@permission_required('catalog.can_mark_returned', raise_exception=True)
def renew_book_librarian(request, pk): def renew_book_librarian(request, pk):
I have fixed up the code in #76 and the docs. The test for this case is now: test_forbidden_if_logged_in_but_not_correct_permission
from django-locallibrary-tutorial.
Related Issues (20)
- Using non heroku install HOT 1
- issues on ALLOWED_HOSTS HOT 1
- How to enable CORS headers in locallibrary tutorial ? HOT 4
- Handle case where Book belonging to Bookinstance is deleted.
- Visual Studio Code debugging HOT 3
- Copy skeleton into a new project HOT 2
- [spam] HOT 1
- Issue when logging out HOT 11
- tutorial part 3 HOT 8
- remove uses of fields = '__all__' HOT 4
- the form validation for the renewal is not working HOT 3
- SystemCheckError HOT 4
- Adding more challenges, explanations to challenge solutions HOT 4
- Improving Pagination step HOT 2
- Loan_status. HOT 2
- raise NoReverseMatch(msg) django.urls.exceptions.NoReverseMatch: Reverse for 'renew-book-librarian' with arguments '(UUID('b3efb948-ab15-44dc-87af-50c6ede58c18'),)' not found. 1 pattern(s) tried: ['catalog/book/uuid:pk>/renew/$'] HOT 2
- Add fixtures to catalog HOT 6
- NoReverseMatch - Reverse for 'logout' not found. HOT 3
- 'RenewBookForm' object has no attribute 'cleaned_data' HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from django-locallibrary-tutorial.