-
-
Notifications
You must be signed in to change notification settings - Fork 122
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix: permissions on channels requests #331
base: main
Are you sure you want to change the base?
Fix: permissions on channels requests #331
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The PR is mostly fine! :)
Left a small suggestion, will take a look again when the PR is ready to be reviewed
@@ -56,6 +57,17 @@ def test_is_authenticated(db, gql_client: GraphQLTestClient): | |||
} | |||
|
|||
|
|||
@pytest.mark.django_db(transaction=True) | |||
async def test_channels_authenticated( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would be nice to have tests for both authenticated and non-authenticated (which would fail) for this
user = info.context.request.user | ||
except AttributeError: | ||
# this is a channels request | ||
user = info.context["request"].user |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why not always info.context["request"].user
? It works in both cases
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When I wrote this PR context wasn't a dict on HTTP requests.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You may want to use:
from strawberry_django.auth.utls import get_current_user
user = get_current_user(info)
Description
Types of Changes
Issues Fixed or Closed by This PR
fix #330
Checklist