Coverage for website/thaliawebsite/api/v2/permissions.py: 57.14%

1from oauth2_provider.contrib.rest_framework import OAuth2Authentication 

2from oauth2_provider.settings import oauth2_settings 

3from rest_framework.exceptions import PermissionDenied 

4from rest_framework.permissions import BasePermission, IsAuthenticated 

5 

6 

7class IsAuthenticatedOrTokenHasScopeForMethod(BasePermission): 

8 def has_permission(self, request, view): 

9 is_authenticated = IsAuthenticated().has_permission(request, view) 

10 oauth2authenticated = False 

11 if is_authenticated: 11 ↛ 16line 11 didn't jump to line 16 because the condition on line 11 was always true

12 oauth2authenticated = isinstance( 

13 request.successful_authenticator, OAuth2Authentication 

14 ) 

15 

16 token = request.auth 

17 has_scope = False 

18 

19 if token and hasattr(token, "scope"): # OAuth 2 19 ↛ 20line 19 didn't jump to line 20 because the condition on line 19 was never true

20 required_scopes = view.required_scopes_per_method.get(request.method, []) 

21 

22 if token.is_valid(required_scopes): 

23 has_scope = True 

24 

25 # Provide information about required scope? 

26 include_required_scope = ( 

27 oauth2_settings.ERROR_RESPONSE_WITH_SCOPES 

28 and required_scopes 

29 and not token.is_expired() 

30 and not token.allow_scopes(required_scopes) 

31 ) 

32 

33 if include_required_scope: 

34 self.message = { 

35 "detail": PermissionDenied.default_detail, 

36 "required_scopes": list(required_scopes), 

37 } 

38 

39 return (is_authenticated and not oauth2authenticated) or has_scope