From 02e8765db17f2a28ef04aa28d10a3b28ad5eeb3f Mon Sep 17 00:00:00 2001 From: SerenaFeng Date: Thu, 7 Sep 2017 16:18:56 +0800 Subject: leverage token_check only when posting results In this patch begin to consider the LFID authentication, token check only effects results, the permission of other resources(pods/projects...) will be checked by LFID. Change-Id: I20f6f221e3bd75ebf06dcd91012898b913f1d0be Signed-off-by: SerenaFeng --- utils/test/testapi/opnfv_testapi/resources/handlers.py | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) (limited to 'utils/test/testapi/opnfv_testapi/resources/handlers.py') diff --git a/utils/test/testapi/opnfv_testapi/resources/handlers.py b/utils/test/testapi/opnfv_testapi/resources/handlers.py index ed55c7028..757c81753 100644 --- a/utils/test/testapi/opnfv_testapi/resources/handlers.py +++ b/utils/test/testapi/opnfv_testapi/resources/handlers.py @@ -73,7 +73,9 @@ class GenericApiHandler(web.RequestHandler): cls_data = self.table_cls.from_dict(data) return cls_data.format_http() - @check.authenticate + @web.asynchronous + @gen.coroutine + @check.valid_token @check.no_body @check.miss_fields @check.carriers_exist @@ -172,13 +174,15 @@ class GenericApiHandler(web.RequestHandler): def _get_one(self, data, query=None): self.finish_request(self.format_data(data)) - @check.authenticate + @web.asynchronous + @gen.coroutine @check.not_exist def _delete(self, data, query=None): yield dbapi.db_delete(self.table, query) self.finish_request() - @check.authenticate + @web.asynchronous + @gen.coroutine @check.no_body @check.not_exist @check.updated_one_not_exist @@ -189,7 +193,8 @@ class GenericApiHandler(web.RequestHandler): update_req['_id'] = str(data._id) self.finish_request(update_req) - @check.authenticate + @web.asynchronous + @gen.coroutine @check.no_body @check.not_exist @check.updated_one_not_exist -- cgit 1.2.3-korg