Skip to content

Commit 3b1c5dc

Browse files
tobamitobami
committed
Use require_GET decorator to disallow non-GET requests
1 parent 471b2dc commit 3b1c5dc

2 files changed

Lines changed: 21 additions & 21 deletions

File tree

codespeed/tests/test_views.py

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,12 +21,19 @@ def setUp(self):
2121
resp = self.client.post(reverse('codespeed.views.add_result'), self.data)
2222
self.assertEqual(resp.status_code, 202)
2323
self.data['commitid'] = "abcd2"
24+
self.data['result_value'] = 150
2425
self.client.post(reverse('codespeed.views.add_result'), self.data)
25-
assert resp.status_code == 202
26+
self.assertEqual(resp.status_code, 202)
2627

2728
def test_reports(self):
2829
response = self.client.get(self.path)
2930

3031
self.assertEqual(response.status_code, 200)
3132
self.assertIn('Latest Results', response.content)
33+
self.assertIn('Latest Significant Results', response.content)
3234
self.assertIn(self.data['commitid'], response.content)
35+
36+
def test_reports_post_returns_405(self):
37+
response = self.client.post(self.path, {})
38+
39+
self.assertEqual(response.status_code, 405)

codespeed/views.py

Lines changed: 13 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,17 @@
11
# -*- coding: utf-8 -*-
22
from datetime import datetime
3-
from itertools import chain
43
import json
54
import logging
65

6+
from django.core.exceptions import ValidationError
7+
from django.core.urlresolvers import reverse
78
from django.http import (HttpResponse, Http404, HttpResponseNotAllowed,
89
HttpResponseBadRequest)
910
from django.shortcuts import get_object_or_404, render_to_response
11+
from django.views.decorators.http import require_GET
12+
from django.views.decorators.csrf import csrf_exempt
1013
from django.template import RequestContext
11-
from django.core.exceptions import ValidationError
12-
from django.core.urlresolvers import reverse
1314
from django.conf import settings
14-
from django.views.decorators.csrf import csrf_exempt
1515

1616
from codespeed.models import (Environment, Report, Project, Revision, Result,
1717
Executable, Benchmark, Branch)
@@ -193,11 +193,8 @@ def getcomparisonexes():
193193
return all_executables, exekeys
194194

195195

196+
@require_GET
196197
def getcomparisondata(request):
197-
if request.method != 'GET':
198-
return HttpResponseNotAllowed('GET')
199-
data = request.GET
200-
201198
executables, exekeys = getcomparisonexes()
202199
benchmarks = Benchmark.objects.all()
203200
environments = Environment.objects.all()
@@ -226,9 +223,8 @@ def getcomparisondata(request):
226223
return HttpResponse(json.dumps(compdata))
227224

228225

226+
@require_GET
229227
def comparison(request):
230-
if request.method != 'GET':
231-
return HttpResponseNotAllowed('GET')
232228
data = request.GET
233229

234230
# Configuration of default parameters
@@ -361,9 +357,8 @@ def comparison(request):
361357
}, context_instance=RequestContext(request))
362358

363359

360+
@require_GET
364361
def gettimelinedata(request):
365-
if request.method != 'GET':
366-
return HttpResponseNotAllowed('GET')
367362
data = request.GET
368363

369364
timeline_list = {'error': 'None', 'timelines': []}
@@ -475,9 +470,8 @@ def gettimelinedata(request):
475470
return HttpResponse(json.dumps(timeline_list))
476471

477472

473+
@require_GET
478474
def timeline(request):
479-
if request.method != 'GET':
480-
return HttpResponseNotAllowed('GET')
481475
data = request.GET
482476

483477
## Configuration of default parameters ##
@@ -590,6 +584,7 @@ def timeline(request):
590584
}, context_instance=RequestContext(request))
591585

592586

587+
@require_GET
593588
def getchangestable(request):
594589
executable = get_object_or_404(Executable, pk=request.GET.get('exe'))
595590
environment = get_object_or_404(Environment, pk=request.GET.get('env'))
@@ -620,9 +615,8 @@ def getchangestable(request):
620615
}, context_instance=RequestContext(request))
621616

622617

618+
@require_GET
623619
def changes(request):
624-
if request.method != 'GET':
625-
return HttpResponseNotAllowed('GET')
626620
data = request.GET
627621

628622
# Configuration of default parameters
@@ -726,10 +720,8 @@ def changes(request):
726720
}, context_instance=RequestContext(request))
727721

728722

723+
@require_GET
729724
def reports(request):
730-
if request.method != 'GET':
731-
return HttpResponseNotAllowed('GET')
732-
733725
context = {}
734726

735727
context['reports'] = \
@@ -747,6 +739,7 @@ def reports(request):
747739
context, context_instance=RequestContext(request))
748740

749741

742+
@require_GET
750743
def displaylogs(request):
751744
rev = get_object_or_404(Revision, pk=request.GET.get('revisionid'))
752745
logs = []
@@ -796,6 +789,7 @@ def displaylogs(request):
796789
context_instance=RequestContext(request))
797790

798791

792+
@require_GET
799793
def getcommitlogs(rev, startrev, update=False):
800794
logs = []
801795

@@ -853,7 +847,6 @@ def validate_result(item):
853847
'result_value',
854848
]
855849

856-
response = {}
857850
error = True
858851
for key in mandatory_data:
859852
if not key in item:

0 commit comments

Comments
 (0)