Mercurial > p > roundup > code

view test/pytest_patcher.py @ 7155:89a59e46b3af

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
improve REST interface security When using REST, we reflect the client's origin. If the wildcard '*' is used in allowed_api_origins all origins are allowed. When this is done, it also added an 'Access-Control-Allow-Credentials: true' header. This Credentials header should not be added if the site is matched only by '*'. This header should be provided only for explicit origins (e.g. https://example.org) not for the wildcard. This is now fixed for CORS preflight OPTIONS request as well as normal GET, PUT, DELETE, POST, PATCH and OPTIONS requests. A missing Access-Control-Allow-Credentials will prevent the tracker from being accessed using credentials. This prevents an unauthorized third party web site from using a user's credentials to access information in the tracker that is not publicly available. Added test for this specific case. In addition, allowed_api_origins can include explicit origins in addition to '*'. '*' must be first in the list. Also adapted numerous tests to work with these changes. Doc updates.
author John Rouillard <rouilj@ieee.org>
date Thu, 23 Feb 2023 12:01:33 -0500
parents 1c94afabb2cb
children
line wrap: on
line source

"""
The following code was taken from:

    https://github.com/pytest-dev/pytest/issues/568#issuecomment-216569420

to resolve a bug with using pytest.mark.skip(). Once the bug is resolved in
pytest this file can be removed along with all the wrapper mark_class()
references in the other test files.
"""
import types


def mark_class(marker):
    '''Workaround for https://github.com/pytest-dev/pytest/issues/568'''
    def copy_func(f):
        try:
            return types.FunctionType(f.__code__, f.__globals__,
                                      name=f.__name__, argdefs=f.__defaults__,
                                      closure=f.__closure__)
        except AttributeError:
            return types.FunctionType(f.func_code, f.func_globals,
                                      name=f.func_name,
                                      argdefs=f.func_defaults,
                                      closure=f.func_closure)

    def mark(cls):
        if isinstance(cls, types.FunctionType):
            return marker(copy_func(cls))

        for method in dir(cls):
            if method.startswith('test'):
                f = copy_func(getattr(cls, method))
                setattr(cls, method, marker(f))
        return cls
    return mark
Roundup Issue Tracker: http://roundup-tracker.org/