def test_Skin_default(self):
from plone.app.caching.operations.etags import Skin
environ = {'SERVER_NAME': 'example.com', 'SERVER_PORT': '80'}
response = HTTPResponse()
request = HTTPRequest(StringIO(), environ, response)
published = DummyPublished(DummyContext())
class DummyPortalSkins(object):
def getRequestVarname(self):
return 'skin_name'
def getDefaultSkin(self):
return 'defaultskin'
published.__parent__.portal_skins = DummyPortalSkins()
etag = Skin(published, request)
self.assertEqual('defaultskin', etag())
def makeTestRequest(environ=None):
"""Return an HTTPRequest object suitable for testing views."""
from sys import stdin, stdout
from zope.publisher.browser import setDefaultSkin
from ZPublisher.HTTPRequest import HTTPRequest
from ZPublisher.HTTPResponse import HTTPResponse
if environ is None:
environ = {}
environ.setdefault('SERVER_NAME', 'foo')
environ.setdefault('SERVER_PORT', '80')
environ.setdefault('REQUEST_METHOD', 'GET')
resp = HTTPResponse(stdout=stdout)
req = HTTPRequest(stdin, environ, resp)
req._steps = ['noobject'] # Fake a published object.
req['ACTUAL_URL'] = req.get('URL')
setDefaultSkin(req)
return req
def do_fake_request(self, request_method, headers=None):
if headers is None:
headers = {}
__version__ = "0.1"
env = {}
env['SERVER_NAME'] = 'bobo.server'
env['SERVER_PORT'] = '80'
env['REQUEST_METHOD'] = request_method
env['REMOTE_ADDR'] = '204.183.226.81 '
env['REMOTE_HOST'] = 'bobo.remote.host'
env['HTTP_USER_AGENT'] = 'Bobo/%s' % __version__
env['HTTP_HOST'] = '127.0.0.1'
env['SERVER_SOFTWARE'] = 'Bobo/%s' % __version__
env['SERVER_PROTOCOL'] = 'HTTP/1.0 '
env['HTTP_ACCEPT'] = 'image/gif, image/x-xbitmap, image/jpeg, */* '
env['SERVER_HOSTNAME'] = 'bobo.server.host'
env['GATEWAY_INTERFACE'] = 'CGI/1.1 '
env['SCRIPT_NAME'] = 'Main'
env.update(headers)
return HTTPRequest(StringIO.StringIO(), env, HTTPResponse())
def makerequest(environ=None, stdin=''):
stdout = StringIO()
stdin = StringIO(stdin)
if environ is None:
environ = {}
# Header-Name -> HEADER_NAME
_ = {}
for k, v in environ.items():
k = k.replace('-', '_').upper()
_[k] = v
environ = _
response = HTTPResponse(stdout=stdout)
environ.setdefault('SERVER_NAME', 'foo')
environ.setdefault('SERVER_PORT', '80')
request = HTTPRequest(stdin, environ, response)
# process stdin data
request.processInputs()
return request
def test_default_viewname_but_no_view_doesnt_override_fti(self):
response = HTTPResponse()
environment = {'URL': '',
'PARENTS': [self.site],
'REQUEST_METHOD': 'GET',
'SERVER_PORT': '80',
'REQUEST_METHOD': 'GET',
'steps': [],
'SERVER_NAME': 'localhost',
'_hacked_path': 0}
r = HTTPRequest(StringIO(), environment, response)
r.other.update(environment)
alsoProvides(r, IBrowserRequest)
# we define a Zope3-style default view name, but no
# corresponding view, no change in behaviour expected
defineDefaultViewName('index.html', DummyContent)
r.traverse('foo')
self.assertEqual(r.URL, '/foo/dummy_view')
self.assertEqual(r.response.base, '/foo/')
def test_cookie(self):
"""Test cookies"""
# by default, the tree sets a cookie, so test for that
request = self.request
response = request.RESPONSE
self.assertTrue(self.varname in response.cookies)
# now make a tree that doesn't set a cookie
treeexp = response.cookies[self.varname]['value']
environ = {'SERVER_NAME': "", 'SERVER_PORT': '0'}
response = HTTPResponse(stdout=BytesIO())
request = HTTPRequest(BytesIO(), environ, response)
request.other[self.varname] = treeexp
self.tree = ZopeTree(self.root_obj,
'id',
'children',
request,
self.varname,
set_cookie=0)
self.assertFalse(self.varname in response.cookies)
def test_enabled_accepted(self):
provideUtility(Registry(), IRegistry)
registry = getUtility(IRegistry)
registry.registerInterface(IPloneCacheSettings)
ploneSettings = registry.forInterface(IPloneCacheSettings)
ploneSettings.enableCompression = True
environ = {
'SERVER_NAME': 'example.com',
'SERVER_PORT': '80',
'HTTP_ACCEPT_ENCODING': 'gzip'
}
response = HTTPResponse()
request = HTTPRequest(StringIO(), environ, response)
published = DummyPublished()
GZipTransform(published, request).transformUnicode(u"", "utf-8")
self.assertEqual(1, response.enableHTTPCompression(query=True))
def _getFauxRequest(self, payload, content_type):
# environ['method'] = 'POST'
# environ['content-disposition'] = disposition
# environ['CONTENT_DISPOSITION']
# environ['slug'] = 'The Beach'
# environ['charset']= 'utf-8'
# environ['BODY'] = payload
resp = HTTPResponse(stdout=sys.stdout)
environ = {}
environ['SERVER_NAME'] = 'foo'
environ['SERVER_PORT'] = '80'
environ['REQUEST_METHOD'] = 'POST'
environ['METHOD'] = 'POST'
environ['CONTENT_TYPE'] = content_type
environ['CONTENT_LENGTH'] = len(payload)
file = StringIO(payload)
req = HTTPRequest(stdin=file, environ=environ, response=resp)
return req
def test_default_view_from_fti(self):
response = HTTPResponse()
environment = {
'URL': '',
'PARENTS': [self.site],
'REQUEST_METHOD': 'GET',
'SERVER_NAME': 'localhost',
'SERVER_PORT': '80',
'REQUEST_METHOD': 'GET',
'steps': [],
'_hacked_path': 0
}
r = HTTPRequest(StringIO(), environment, response)
r.other.update(environment)
r.traverse('foo')
self.assertEqual(r.URL, '/foo/dummy_view')
self.assertEqual(
r.response.base, '/foo/',
'CMF Collector issue #192 (wrong base): %s' %
(r.response.base or 'empty', ))
def test_challenge_redirect(self):
# Prepare the plugin.
from pas.plugins.headers.plugins import HeaderPlugin
plugin = HeaderPlugin()
url = "https://example.org/saml-login"
plugin.redirect_url = url
# Prepare the request.
request = HeaderRequest()
out = BytesIO()
response = HTTPResponse(stdout=out)
# When the plugin makes a challenge, it must return a True value.
self.assertTrue(plugin.challenge(request, response))
# Check the response.
out.seek(0)
self.assertEqual(out.read(), b"")
self.assertEqual(response.headers["location"],
"{}?came_from={}".format(url, request.URL))
def _makeOne(self, stdin=None, environ=None, response=None, clean=1):
from ZPublisher.HTTPResponse import HTTPResponse
if stdin is None:
stdin = BytesIO()
if environ is None:
environ = {}
if 'REQUEST_METHOD' not in environ:
environ['REQUEST_METHOD'] = 'GET'
if 'SERVER_NAME' not in environ:
environ['SERVER_NAME'] = 'http://localhost'
if 'SERVER_PORT' not in environ:
environ['SERVER_PORT'] = '8080'
if response is None:
response = HTTPResponse(stdout=BytesIO())
return self._getTargetClass()(stdin, environ, response, clean)
def testUrlBrowserIdIsFound(self):
bid = '43295340A0bpcu4nkCI'
name = '_ZopeId'
resp = HTTPResponse()
environ = {}
environ['SERVER_NAME'] = 'fred'
environ['SERVER_PORT'] = '80'
self.req = HTTPRequest(stdin, environ, resp)
self.req['TraversalRequestNameStack'] = ['foo', 'bar', bid, name]
self.app.REQUEST = self.req
self.m.setAutoUrlEncoding(1)
self.m.setBrowserIdNamespaces(('url', ))
self.m.updateTraversalData()
traverser = BrowserIdManagerTraverser()
traverser(self.app, self.req)
self.failUnless(isAWellFormedBrowserId(self.req.browser_id_))
self.failUnless(self.req.browser_id_ns_ == 'url')
self.failUnless(self.req._script[-1] == self.req.browser_id_)
self.failUnless(self.req._script[-2] == '_ZopeId')
self.failUnless(
self.req['TraversalRequestNameStack'] == ['foo', 'bar'])
def openWithForm(self, form, editmode=False):
""" Display the document using the given form's layouts.
First, check if the user has proper access rights.
"""
db = self.getParentDatabase()
if editmode:
if not db.isCurrentUserAuthor(self):
raise Unauthorized, "You cannot edit this document."
else:
if not self.isReader():
raise Unauthorized, "You cannot read this content"
onOpenDocument_error = self._onOpenDocument(form)
if onOpenDocument_error:
html_content = onOpenDocument_error
else:
# we use the specified form's layout
request = getattr(self, 'REQUEST', None)
if not request:
import sys
from ZPublisher.HTTPResponse import HTTPResponse
from ZPublisher.HTTPRequest import HTTPRequest
response = HTTPResponse(stdout=sys.stdout)
env = {
'SERVER_NAME': 'fake_server',
'SERVER_PORT': '80',
'REQUEST_METHOD': 'GET'
}
request = HTTPRequest(sys.stdin, env, response)
html_content = form.displayDocument(self,
editmode=editmode,
request=request)
plone_tools = getToolByName(db, 'plone_utils')
encoding = plone_tools.getSiteEncoding()
html_content = html_content.encode(encoding)
return html_content
def test_UserID_anonymous(self):
from plone.app.caching.operations.etags import UserID
@implementer(Interface)
@adapter(DummyContext, Interface)
class DummyPortalState(object):
def __init__(self, context, request):
pass
def member(self):
return None
provideAdapter(DummyPortalState, name=u'plone_portal_state')
environ = {'SERVER_NAME': 'example.com', 'SERVER_PORT': '80'}
response = HTTPResponse()
request = HTTPRequest(StringIO(), environ, response)
published = DummyPublished(DummyContext())
etag = UserID(published, request)
self.assertIsNone(etag())
def test_ObjectLocked_false(self):
from plone.app.caching.operations.etags import ObjectLocked
@implementer(Interface)
@adapter(DummyContext, Interface)
class DummyContextState(object):
def __init__(self, context, request):
pass
def is_locked(self):
return False
provideAdapter(DummyContextState, name=u'plone_context_state')
environ = {'SERVER_NAME': 'example.com', 'SERVER_PORT': '80'}
response = HTTPResponse()
request = HTTPRequest(StringIO(), environ, response)
published = DummyPublished(DummyContext())
etag = ObjectLocked(published, request)
self.assertEqual('0', etag())
def test_LastModified_None(self):
from plone.app.caching.operations.etags import LastModified
@implementer(ILastModified)
@adapter(DummyPublished)
class DummyLastModified(object):
def __init__(self, context):
self.context = context
def __call__(self):
return None
provideAdapter(DummyLastModified)
environ = {'SERVER_NAME': 'example.com', 'SERVER_PORT': '80'}
response = HTTPResponse()
request = HTTPRequest(StringIO(), environ, response)
published = DummyPublished(DummyContext())
etag = LastModified(published, request)
self.assertIsNone(etag())
def testSwordServiceStatement(self):
self.folder.invokeFactory('Folder', 'workspace')
xml = os.path.join(DIRNAME, 'data', 'entry.xml')
file = open(xml, 'rb')
content = file.read()
file.close()
env = {
'REQUEST_METHOD': 'POST',
'CONTENT_LENGTH': len(content),
'CONTENT_TYPE': 'application/atom+xml;type=entry',
'CONTENT_DISPOSITION': 'attachment; filename=entry.xml',
'SERVER_NAME': 'nohost',
'SERVER_PORT': '80'
}
uploadresponse = HTTPResponse(stdout=StringIO())
uploadrequest = clone_request(self.app.REQUEST, uploadresponse, env)
uploadrequest.set('BODYFILE', StringIO(content))
uploadrequest.set('PARENTS', [self.folder.workspace])
adapter = getMultiAdapter(
(self.folder.workspace, uploadrequest), Interface, 'atompub')
xml = adapter()
assert "<sword:error" not in xml, xml
id = self.folder.workspace.objectIds()[0]
file = self.folder.workspace[id]
adapter = getMultiAdapter((file, self.portal.REQUEST), ISWORDStatement)
xml = adapter()
assert "<sword:error" not in xml, xml
dom = parseString(xml)
returned_statement = dom.toxml()
obj = self.folder.workspace.objectValues()[0]
file = open(os.path.join(DIRNAME, 'data', 'entry_statement.xml'), 'r')
dom = parse(file)
file.close()
dates = dom.getElementsByTagName('updated')
dates[0].firstChild.nodeValue = obj.modified()
reference_statement = dom.toxml()
def testContentRetrieve(self):
id = self.folder.invokeFactory('Folder', 'workspace')
workspace = self.folder[id]
id = workspace.invokeFactory('File', 'content_file')
content_file = workspace[id]
zipfilename = os.path.join(DIRNAME, 'data', 'multipart.txt')
file = open(zipfilename, 'r')
content_file.setFile(file)
env = {
'REQUEST_METHOD': 'GET',
'SERVER_NAME': 'nohost',
'SERVER_PORT': '80'
}
getresponse = HTTPResponse(stdout=StringIO())
getrequest = clone_request(self.app.REQUEST, getresponse, env)
self.setRoles(('Manager',))
adapter = getMultiAdapter(
(content_file, getrequest), Interface, 'sword')
zipfile = adapter()
file.close()
def test_UserLanguage(self):
from plone.app.caching.operations.etags import UserLanguage
class DummyPortalState(object):
implements(Interface)
adapts(DummyContext, Interface)
def __init__(self, context, request):
pass
def language(self):
return 'en'
provideAdapter(DummyPortalState, name=u"plone_portal_state")
environ = {'SERVER_NAME': 'example.com', 'SERVER_PORT': '80'}
response = HTTPResponse()
request = HTTPRequest(StringIO(), environ, response)
published = DummyPublished(DummyContext())
etag = UserLanguage(published, request)
self.assertEqual('en', etag())
def test_default_viewname_overrides_fti(self):
response = HTTPResponse()
environment = { 'URL': '',
'PARENTS': [self.site],
'REQUEST_METHOD': 'GET',
'SERVER_PORT': '80',
'REQUEST_METHOD': 'GET',
'steps': [],
'SERVER_NAME': 'localhost',
'_hacked_path': 0 }
r = HTTPRequest(StringIO(), environment, response)
r.other.update(environment)
# we define a Zope3-style default view name for which a view
# actually exists
defineDefaultViewName('index.html', DummyContent)
zope.component.provideAdapter(
DummyView, (DummyContent, IBrowserRequest), IBrowserView,
'index.html')
r.traverse('foo')
self.assertEqual( r.URL, '/foo/index.html' )
self.assertEqual( r.response.base, '/foo/' )
def testCSRF(self):
""" test CSRF check on data clear """
# create a saver and add a record
self.ff1.invokeFactory('FormSaveDataAdapter', 'saver')
saver = self.ff1.saver
self.ff1.setActionAdapter(('saver', ))
request = FakeRequest(topic='test subject',
replyto='*****@*****.**',
comments='test comments')
errors = self.ff1.fgvalidate(REQUEST=request)
self.assertEqual(errors, {})
# for the rest of this test, we need a bit more serious request simulation
environ = {}
environ.setdefault('SERVER_NAME', 'foo')
environ.setdefault('SERVER_PORT', '80')
environ.setdefault('REQUEST_METHOD', 'POST')
request = HTTPRequest(sys.stdin, environ,
HTTPResponse(stdout=sys.stdout))
# clearSavedFormInput is part of the API, so it should work if there's no
# request
saver.clearSavedFormInput()
# But, if this is from a form, we should need a valid authenticator
request.form = {
'clearSavedFormInput': '1',
}
self.assertRaises(zExceptions.Forbidden, saver.clearSavedFormInput,
**{'request': request})
# with authenticator... no error
tag = AuthenticatorView('context', 'request').authenticator()
token = tag.split('"')[5]
request.form['_authenticator'] = token
saver.clearSavedFormInput(request=request)
def test_LastModified(self):
from plone.app.caching.operations.etags import LastModified
mod = datetime(2010, 1, 2, 3, 4, 5, 6, tzlocal())
utcStamp = time.mktime(mod.utctimetuple())
@implementer(ILastModified)
@adapter(DummyPublished)
class DummyLastModified(object):
def __init__(self, context):
self.context = context
def __call__(self):
return mod
provideAdapter(DummyLastModified)
environ = {'SERVER_NAME': 'example.com', 'SERVER_PORT': '80'}
response = HTTPResponse()
request = HTTPRequest(StringIO(), environ, response)
published = DummyPublished(DummyContext())
etag = LastModified(published, request)
self.assertEqual(str(utcStamp), etag())
def test_setHeader_drops_LF(self):
from ZPublisher.HTTPResponse import HTTPResponse
response = HTTPResponse()
response.setHeader('Location', 'http://www.ietf.org/rfc/\nrfc2616.txt')
self.assertEqual(response.headers['location'],
'http://www.ietf.org/rfc/rfc2616.txt')
def _createResponse(self):
return HTTPResponse()
def get_fake_request():
return HTTPRequest(StringIO.StringIO(), {
'SERVER_NAME': 'jucon',
'SERVER_PORT': '8080'
}, HTTPResponse())
def test_timeout(self):
response = HTTPResponse()
self.setCookie(response, "secret", "euphorie", "123", 3600)
cookie = response.cookies['euphorie']
self.assertTrue('expires' in cookie)
def process_wrapper(pid, request_body, request_environ):
# Sets up everything we need to run a view method in a new Zope-ish
# context, then runs it and stores the result for later retrieval.
_process = None
def my_mapply(object,
positional=(),
keyword={},
debug=None,
maybe=None,
missing_name=None,
handle_class=None,
context=None,
bind=0):
if not isinstance(keyword, Mapping):
keyword = {}
keyword['process_id'] = pid
args = (getattr(object, '__run__', object), )
kwargs = dict(positional=positional,
keyword=keyword,
debug=debug,
maybe=maybe,
context=context,
bind=bind)
if missing_name is not None:
kwargs['missing_name'] = missing_name
if handle_class is not None:
kwargs['handle_class'] = handle_class
return mapply(*args, **kwargs)
response = HTTPResponse(stdout=StringIO(), stderr=StringIO())
request = HTTPRequest(StringIO(request_body), request_environ, response)
request.set('process_id', pid)
import Zope2
app = Zope2.bobo_application.__bobo_traverse__(request)
reg = getProcessRegistry(app)
_process = reg.get(pid)
# Run
try:
try:
response = publish(request, 'Zope2', [None], mapply=my_mapply)
# We can't just pass the response back, as the data streams will not
# be set up right.
attr = (hasattr(response, 'cookies') and 'cookies') or \
(hasattr(response, '_cookies') and '_cookies')
cookies = deepcopy(getattr(response, attr))
if IHTTPResponse.providedBy(response):
_process['result'] = (response.getStatus(),
dict(response.getHeaders()), cookies,
response.consumeBody())
else:
# Currently, ZPublisher.HTTPResponse doesn't implement
# IHTTPResponse, even though HTTPRequest implements
# IHTTPRequest.
_process['result'] = (response.getStatus(),
dict(response.headers), cookies,
response.body)
except Exception, e:
# Set result to the exception raised
_process['result'] = e
raise
else:
try:
if form.getOnOpenDocument():
#RunFormula(self, form.getOnOpenDocument())
valid = self.runFormulaScript("form_" + form.id + "_onopen",
self, form.onOpenDocument)
except PlominoScriptException, e:
e.reportError('onOpen event failed')
if not valid:
# we use the specified form's layout
request = getattr(self, 'REQUEST', None)
if not request:
import sys
from ZPublisher.HTTPResponse import HTTPResponse
from ZPublisher.HTTPRequest import HTTPRequest
response = HTTPResponse(stdout=sys.stdout)
env = {
'SERVER_NAME': 'fake_server',
'SERVER_PORT': '80',
'REQUEST_METHOD': 'GET'
}
request = HTTPRequest(sys.stdin, env, response)
html_content = form.displayDocument(self,
editmode=editmode,
request=request)
else:
html_content = valid
plone_tools = getToolByName(db, 'plone_utils')
encoding = plone_tools.getSiteEncoding()
html_content = html_content.encode(encoding)
