From 1bc048d1c7890aa294e9fa9aa8a5a560635f72d9 Mon Sep 17 00:00:00 2001
From: Thom Mahoney <mahoneyt@gmail.com>
Date: Mon, 15 Sep 2014 10:49:11 -0700
Subject: [PATCH] require key authentication for purge_by_key

---
 README           |  3 +++
 fastly/fastly.py |  3 +++
 test/api_test.py | 11 +++++++++++
 3 files changed, 17 insertions(+)

diff --git a/README b/README
index 8ea0a7e..6034c40 100644
--- a/README
+++ b/README
@@ -11,4 +11,7 @@ Doc files
 Docstrings
 Config file
 
+TESTING:
+
+`python -m test.api_test`
 
diff --git a/fastly/fastly.py b/fastly/fastly.py
index 6896fd8..2f2190e 100644
--- a/fastly/fastly.py
+++ b/fastly/fastly.py
@@ -57,5 +57,8 @@ class API(object):
         return resp.status == 200
 
     def purge_key(self, service, key):
+        if type(self.conn.authenticator) is not KeyAuthenticator:
+            raise AuthenticationError("This request requires an API key")
+
         resp, data = self.conn.request('POST','/service/%s/purge/%s' % (service, key))
         return resp.status == 200
diff --git a/test/api_test.py b/test/api_test.py
index e5c4d65..f802215 100644
--- a/test/api_test.py
+++ b/test/api_test.py
@@ -11,6 +11,17 @@ class APITest(unittest.TestCase):
     def test_purge(self):
         self.assertTrue(self.api.purge_url('test.com', '/'))
 
+    def test_purge_by_key(self):
+        self.api.deauthenticate()
+        self.api.authenticate_by_key('TESTAPIKEY')
+        self.assertTrue(self.api.purge_key('test.com', 'foo'))
+
+    def test_cookie_purge_by_key(self):
+        self.api.deauthenticate()
+        self.api.authenticate_by_password('foo@example.com', 'password')
+        with self.assertRaises(fastly.AuthenticationError):
+            self.api.purge_key('test.com', 'foo')
+
     def test_auth_error(self):
         self.api.deauthenticate()
         with self.assertRaises(fastly.AuthenticationError):