Hi Ari,
-- It looks like Django REST swagger has an `is_admin` flag you can use...
http://django-rest-swagger.readthedocs.org/en/latest/settings.html#is-superuser
You'll probably also want to disable the browsable API by removing it from the 'DEFAULT_RENDERER_CLASSES' key in the 'REST_FRAMEWORK' settings dictionary.
> Also, in unit tests (particularly of views) I'd like to mock the model, rather than have the models call against the database.
That's an interesting one. I've actually started to more properly consider doing this throughout the REST framework codebase, and probably also introduce some supported API for mock objects and mock querysets.
There's actually very little you need to do for this...
* Querysets should be any list-like structure. If you're mocking a detail view, they'll also need to implement a `.get(...)` method.
* Some of the filter classes require the queryset to expose a `.filter(...)` or `.order_by(...)` method. If you're not testing that you probably won't need it.
Also if you've any ModelSerializers or Serializer.save() code that's under test you'd need to mock those method to prevent any actual database saves, that's probably a bit more awkward, but for many test cases you could probably avoid that (eg pass a different serializer class to the view under test)
Couple of places we do similar things in the REST framework tests:
https://github.com/tomchristie/django-rest-framework/blob/master/tests/utils.py#L5-30
https://github.com/tomchristie/django-rest-framework/blob/version-3.1/tests/test_pagination.py#L454-481 (version-3.1 branch)
Nothing very consistent there yet, but probably worth a look.
Hope that helps!
On Monday, 2 February 2015 14:21:22 UTC, Ari King wrote:
On Monday, 2 February 2015 14:21:22 UTC, Ari King wrote:
Hi,
In the last couple of days I started experimenting with Django and Django Rest Framework. Using the excellent documentation and ViewSets I was able to create a PoC API in a very short time. I was also able to add Django Rest Swagger for documentation of the API. However, at this point I'd like to secure access to the Swagger API documentation, but I'm unclear on how to limit access to Django 'superusers.' I'd appreciate clarification on how to do so.Also, in unit tests (particularly of views) I'd like to mock the model, rather than have the models call against the database. Are there any Django "conventions" or best practices for doing so?
Thanks.
Best,
Ari
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/1175785d-dc78-4c81-9bfb-99bf8953e846%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment