Merge pull request #120 from justinwp/master

with MasterKey('key'):

Merge pull request #120 from justinwp/master
with MasterKey('key'):
bfb76788 · David Robinson · 928d4ee9 · 9741b0d4 · bfb76788 · bfb76788
Commit bfb76788 authored Nov 30, 2015 by David Robinson
Hide whitespace changes
Inline Side-by-side

Showing with 54 additions and 2 deletions

README.mkd
+12 -0

parse_rest/connection.py
+13 -1

parse_rest/tests.py
+29 -1

No files found.
--- a/README.mkd
+++ b/README.mkd
@@ -558,4 +558,16 @@ with SessionToken(token):

 Assuming the CollectedItem 'Sword' is read-protected from the public by an ACL and is readable only by the user, SessionToken allows the user to bypass the ACL and get the 'Sword' item.

+Elevating Access to Master
+--------------------------
+Sometimes it is useful to only allow privileged use of the master key for specific uses. 
+
+~~~~~ {python}
+from parse_rest.connection import MasterKey
+
+with MasterKey('master key'):
+    # do privileged calls
+~~~~~
+
+
 That's it! This is a first try at a Python library for Parse, and is probably not bug-free. If you run into any issues, please get in touch -- dgrtwo@princeton.edu. Thanks!
--- a/parse_rest/connection.py
+++ b/parse_rest/connection.py
@@ -45,7 +45,19 @@ class SessionToken:
        ACCESS_KEYS.update({'session_token': self.token})

    def __exit__(self, type, value, traceback):
-        ACCESS_KEYS['session_token']
+        del ACCESS_KEYS['session_token']
+
+
+class MasterKey:
+    def __init__(self, master_key):
+        global ACCESS_KEYS
+        self.master_key = master_key
+
+    def __enter__(self):
+        return ACCESS_KEYS.update({'master_key': self.master_key})
+
+    def __exit__(self, type, value, traceback):
+        del ACCESS_KEYS['master_key']


 def master_key_required(func):

--- a/parse_rest/tests.py
+++ b/parse_rest/tests.py
@@ -15,7 +15,7 @@ import six
 from itertools import chain

 from parse_rest.core import ResourceRequestNotFound
-from parse_rest.connection import register, ParseBatcher
+from parse_rest.connection import register, ParseBatcher, SessionToken, MasterKey
 from parse_rest.datatypes import GeoPoint, Object, Function, Pointer
 from parse_rest.user import User
 from parse_rest import query
@@ -579,6 +579,34 @@ class TestPush(unittest.TestCase):
                   channels=["Mets"], where={"scores": True})


+class TestSessionToken(unittest.TestCase):
+    """
+    Test SessionToken class enter and exit.
+    """
+    def get_access_keys(self):
+        from parse_rest.connection import ACCESS_KEYS
+        return ACCESS_KEYS
+
+    def testWithSessionToken(self):
+        with SessionToken(token='asdf'):
+            self.assertIn('session_token', self.get_access_keys())
+        self.assertNotIn('session_token', self.get_access_keys())
+
+
+class TestMasterKey(unittest.TestCase):
+    """
+    Test MasterKey class enter and exit.
+    """
+    def get_access_keys(self):
+        from parse_rest.connection import ACCESS_KEYS
+        return ACCESS_KEYS
+
+    def testWithMasterKey(self):
+        with MasterKey(master_key='asdf'):
+            self.assertIn('master_key', self.get_access_keys() )
+        self.assertNotIn('master_key', self.get_access_keys() )
+
+
 def run_tests():
    """Run all tests in the parse_rest package"""
    tests = unittest.TestLoader().loadTestsFromNames(['parse_rest.tests'])