Skip to content

Commit

Permalink
Merge pull request #1820 from carltongibson/login-dropdown
Browse files Browse the repository at this point in the history 
Hide login link in browsable API if the login view is not registered.
  • Loading branch information
@tomchristie
tomchristie committed Sep 5, 2014
2 parents 29bcce7 + ef1fb3d commit 2e632e5
Show file tree
Hide file tree
Showing 7 changed files with 124 additions and 24 deletions.
28 changes: 10 additions & 18 deletions rest_framework/templates/rest_framework/base.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,14 +5,14 @@
<html>
<head>
{% block head %}

{% block meta %}
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<meta name="robots" content="NONE,NOARCHIVE" />
{% endblock %}

<title>{% block title %}Django REST framework{% endblock %}</title>

{% block style %}
{% block bootstrap_theme %}
<link rel="stylesheet" type="text/css" href="{% static "rest_framework/css/bootstrap.min.css" %}"/>
Expand All @@ -21,7 +21,7 @@
<link rel="stylesheet" type="text/css" href="{% static "rest_framework/css/prettify.css" %}"/>
<link rel="stylesheet" type="text/css" href="{% static "rest_framework/css/default.css" %}"/>
{% endblock %}

{% endblock %}
</head>

Expand All @@ -44,17 +44,9 @@
<ul class="nav pull-right">
{% block userlinks %}
{% if user.is_authenticated %}
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">
{{ user }}
<b class="caret"></b>
</a>
<ul class="dropdown-menu">
<li>{% optional_logout request %}</li>
</ul>
</li>
{% optional_logout request user %}
{% else %}
<li>{% optional_login request %}</li>
{% optional_login request %}
{% endif %}
{% endblock %}
</ul>
Expand Down Expand Up @@ -85,7 +77,7 @@
<div class="btn-group format-selection">
<a class="btn btn-primary js-tooltip" href='{{ request.get_full_path }}'
rel="nofollow" title="Make a GET request on the {{ name }} resource">GET</a>

<button class="btn btn-primary dropdown-toggle js-tooltip" data-toggle="dropdown"
title="Specify a format for the GET request">
<span class="caret"></span>
Expand Down Expand Up @@ -144,7 +136,7 @@ <h1>{{ name }}</h1>
</div>

{% if display_edit_forms %}

{% if post_form or raw_data_post_form %}
<div {% if post_form %}class="tabbable"{% endif %}>
{% if post_form %}
Expand Down Expand Up @@ -190,7 +182,7 @@ <h1>{{ name }}</h1>
</div>
</div>
{% endif %}

{% if put_form or raw_data_put_form or raw_data_patch_form %}
<div {% if put_form %}class="tabbable"{% endif %}>
{% if put_form %}
Expand Down Expand Up @@ -246,7 +238,7 @@ <h1>{{ name }}</h1>
{% endif %}
</div>
<!-- END Content -->

<footer>
{% block footer %}
<p>Sponsored by <a href="http://dabapps.com/">DabApps</a>.</p>
Expand Down
21 changes: 15 additions & 6 deletions rest_framework/templatetags/rest_framework.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,22 +41,31 @@ def optional_login(request):
except NoReverseMatch:
return ''

snippet = "<a href='%s?next=%s'>Log in</a>" % (login_url, escape(request.path))
snippet = "<li><a href='{href}?next={next}'>Log in</a></li>".format(href=login_url, next=escape(request.path))
return snippet


@register.simple_tag
def optional_logout(request):
def optional_logout(request, user):
"""
Include a logout snippet if REST framework's logout view is in the URLconf.
"""
try:
logout_url = reverse('rest_framework:logout')
except NoReverseMatch:
return ''

snippet = "<a href='%s?next=%s'>Log out</a>" % (logout_url, escape(request.path))
return snippet
return '<li class="navbar-text">{user}</li>'.format(user=user)

snippet = """<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">
{user}
<b class="caret"></b>
</a>
<ul class="dropdown-menu">
<li><a href='{href}?next={next}'>Log out</a></li>
</ul>
</li>"""

return snippet.format(user=user, href=logout_url, next=escape(request.path))


@register.simple_tag
Expand Down
Empty file added tests/browsable_api/__init__.py
View file
Empty file.
10 changes: 10 additions & 0 deletions tests/browsable_api/auth_urls.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
from __future__ import unicode_literals
from django.conf.urls import patterns, url, include

from .views import MockView

urlpatterns = patterns(
'',
(r'^$', MockView.as_view()),
url(r'^auth/', include('rest_framework.urls', namespace='rest_framework')),
)
9 changes: 9 additions & 0 deletions tests/browsable_api/no_auth_urls.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
from __future__ import unicode_literals
from django.conf.urls import patterns

from .views import MockView

urlpatterns = patterns(
'',
(r'^$', MockView.as_view()),
)
65 changes: 65 additions & 0 deletions tests/browsable_api/test_browsable_api.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
from __future__ import unicode_literals
from django.contrib.auth.models import User
from django.test import TestCase

from rest_framework.test import APIClient


class DropdownWithAuthTests(TestCase):
"""Tests correct dropdown behaviour with Auth views enabled."""

urls = 'tests.browsable_api.auth_urls'

def setUp(self):
self.client = APIClient(enforce_csrf_checks=True)
self.username = 'john'
self.email = 'lennon@thebeatles.com'
self.password = 'password'
self.user = User.objects.create_user(self.username, self.email, self.password)

def tearDown(self):
self.client.logout()

def test_name_shown_when_logged_in(self):
self.client.login(username=self.username, password=self.password)
response = self.client.get('/')
self.assertContains(response, 'john')

def test_logout_shown_when_logged_in(self):
self.client.login(username=self.username, password=self.password)
response = self.client.get('/')
self.assertContains(response, '>Log out<')

def test_login_shown_when_logged_out(self):
response = self.client.get('/')
self.assertContains(response, '>Log in<')


class NoDropdownWithoutAuthTests(TestCase):
"""Tests correct dropdown behaviour with Auth views NOT enabled."""

urls = 'tests.browsable_api.no_auth_urls'

def setUp(self):
self.client = APIClient(enforce_csrf_checks=True)
self.username = 'john'
self.email = 'lennon@thebeatles.com'
self.password = 'password'
self.user = User.objects.create_user(self.username, self.email, self.password)

def tearDown(self):
self.client.logout()

def test_name_shown_when_logged_in(self):
self.client.login(username=self.username, password=self.password)
response = self.client.get('/')
self.assertContains(response, 'john')

def test_dropdown_not_shown_when_logged_in(self):
self.client.login(username=self.username, password=self.password)
response = self.client.get('/')
self.assertNotContains(response, '<li class="dropdown">')

def test_dropdown_not_shown_when_logged_out(self):
response = self.client.get('/')
self.assertNotContains(response, '<li class="dropdown">')
15 changes: 15 additions & 0 deletions tests/browsable_api/views.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
from __future__ import unicode_literals

from rest_framework.views import APIView
from rest_framework import authentication
from rest_framework import renderers
from rest_framework.response import Response


class MockView(APIView):

authentication_classes = (authentication.SessionAuthentication,)
renderer_classes = (renderers.BrowsableAPIRenderer,)

def get(self, request):
return Response({'a': 1, 'b': 2, 'c': 3})

0 comments on commit 2e632e5

Please sign in to comment.