Fix to decorators to remove methods and blacklist

django_twilio/decorators.py

@@ -64,8 +64,7 @@ def my_view(request):
     """
     @csrf_exempt
     @wraps(f)
-    def decorator(request_or_self, methods=('POST',),
-                  blacklist=True, *args, **kwargs):
+    def decorator(request_or_self, *args, **kwargs):
 
         class_based_view = not isinstance(request_or_self, HttpRequest)
         if not class_based_view:
@@ -84,7 +83,7 @@ def decorator(request_or_self, methods=('POST',),
         )
         if use_forgery_protection:
 
-            if request.method not in methods:
+            if request.method not in ['GET', 'POST']:
                 return HttpResponseNotAllowed(request.method)
 
             # Forgery check
@@ -102,11 +101,11 @@ def decorator(request_or_self, methods=('POST',),
                 if not validator.validate(url, request.GET, signature):
                     return HttpResponseForbidden()
 
-        # Blacklist check
+        # Blacklist check, by default is true
         check_blacklist = getattr(
             settings,
             'DJANGO_TWILIO_BLACKLIST_CHECK',
-            blacklist
+            True
         )
         if check_blacklist:
             blacklisted_resp = get_blacklisted_response(request)

test_project/test_app/decorators.py

@@ -38,7 +38,8 @@ def setUp(self):
     def test_requires_post(self):
         client = Client(enforce_csrf_checks=True)
         with override_settings(DEBUG=False):
-            self.assertEquals(client.get(self.str_uri).status_code, 405)
+            self.assertEquals(client.get(self.str_uri).status_code, 403)
+            self.assertEquals(client.post(self.str_uri).status_code, 403)
             self.assertEquals(client.head(self.str_uri).status_code, 405)
             self.assertEquals(client.options(self.str_uri).status_code, 405)
             self.assertEquals(client.put(self.str_uri).status_code, 405)