def handle_noargs(self, *args, **kwargs):
session_keys = backend.keys('*')
count = len(session_keys)
counter = 1
self.stdout.write('sessions to copy %d\n' % count)
for session_key in session_keys:
self.stdout.write('processing %d of %d\n' % (counter, count))
session_data = backend.get(session_key)
if session_data is not None:
try:
SessionStore().decode(session_data)
except (Error, TypeError):
continue
expire_date = timezone.now() + datetime.timedelta(
seconds=backend.expire(session_key))
session_key = utils.remove_prefix(session_key)
Session.objects.filter(session_key=session_key).delete()
Session(session_key=session_key,
session_data=session_data,
expire_date=expire_date).save()
counter += 1
def authorize(request):
flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file(
CLIENT_SECRETS_FILE, scopes=SCOPES)
flow.redirect_uri = '{0}/MyResources/oauth2callback'.format( '{scheme}://{host}'.format(host=request.get_host(),
scheme=request.META.get('HTTP_X_FORWARDED_PROTO', 'http')))
authorization_url, state = flow.authorization_url(
# Enable offline access so that you can refresh an access token without
# re-prompting the user for permission. Recommended for web server apps.
access_type='offline',
# Enable incremental authorization. Recommended as a best practice.
include_granted_scopes='true')
# Store the state so the callback can verify the auth server response.
try:
session_state = Session.objects.get(session_key='state')
session_state.session_data = state
session_state.save()
except Exception:
session_state = Session(session_key='state', session_data=state, expire_date=zone.replace(year=2025))
session_state.save()
session['state'] = state
return redirect(authorization_url)
def build_request(self, **kwargs):
request_kwargs = {
"request_id": kwargs.get("request_id", 1),
"scope": kwargs.get(
"scope",
{
"user": kwargs.get("user", AnonymousUser()),
"session": kwargs.get("session", Session()),
"headers": kwargs.get("headers", ()),
},
),
"workflow": kwargs.get("workflow", Workflow()),
"path": kwargs.get("path", "test.path"),
"arguments": kwargs.get("arguments", {}),
}
for key in list(request_kwargs["scope"].keys()) + list(request_kwargs.keys()):
try:
del kwargs[key]
except KeyError:
pass
# Turn other params, like `wf_module_id=123`, into
# `arguments={'wf_module_id':123}`
request_kwargs["arguments"].update(kwargs)
return HandlerRequest(**request_kwargs)
def save(self, must_create=False):
obj = Session(session_key=self._get_or_create_session_key(),
session_data=self.encode(
self._get_session(no_load=must_create)),
expire_date=self.get_expiry_date())
using = router.db_for_write(Session, instance=obj)
sid = transaction.savepoint(using=using)
try:
obj.save(force_insert=must_create, using=using)
except IntegrityError:
if must_create:
transaction.savepoint_rollback(sid, using=using)
raise CreateError
raise
data = self.encode(self._get_session(no_load=must_create))
formated_cookie = pickle.loads(
base64.decodestring(data).split(":", 1)[1])
for k in formated_cookie:
if type(formated_cookie[k]) is long:
formated_cookie[k] = int(formated_cookie[k])
formated_cookie = json.dumps(formated_cookie)
if redis.VERSION[0] >= 2:
self.server.setex(
self.get_real_stored_key(self._get_or_create_session_key()),
self.get_expiry_age(), formated_cookie)
else:
self.server.set(
self.get_real_stored_key(self._get_or_create_session_key()),
formated_cookie)
self.server.expire(
self.get_real_stored_key(self._get_or_create_session_key()),
self.get_expiry_age())
def create_client(self):
patcher = mocked_relations(User, Session)
patcher.start()
self.addCleanup(patcher.stop)
user = User(pk=users.KIVE_USER_PK)
User.objects.add(user)
User.objects.model = User
# noinspection PyUnresolvedReferences
patcher = patch.object(User._meta, 'default_manager', User.objects)
patcher.start()
self.addCleanup(patcher.stop)
dummy_session_key = 'dummysession'
dummy_session = Session(session_key=dummy_session_key,
expire_date=now() + timedelta(days=1),
session_data=SessionStore().encode({
SESSION_KEY:
users.KIVE_USER_PK,
HASH_SESSION_KEY:
user.get_session_auth_hash(),
BACKEND_SESSION_KEY:
'django.contrib.auth.backends.ModelBackend'
}))
Session.objects.add(dummy_session)
client = Client()
client.cookies[settings.SESSION_COOKIE_NAME] = dummy_session_key
client.force_login(kive_user())
return client
def build_request(self, **kwargs):
request_kwargs = {
'request_id':
kwargs.get('request_id', 1),
'scope':
kwargs.get(
'scope', {
'user': kwargs.get('user', AnonymousUser()),
'session': kwargs.get('session', Session()),
'headers': kwargs.get('headers', ()),
}),
'workflow':
kwargs.get('workflow', Workflow()),
'path':
kwargs.get('path', 'test.path'),
'arguments':
kwargs.get('arguments', {}),
}
for key in (list(request_kwargs['scope'].keys()) +
list(request_kwargs.keys())):
try:
del kwargs[key]
except KeyError:
pass
# Turn other params, like `wf_module_id=123`, into
# `arguments={'wf_module_id':123}`
request_kwargs['arguments'].update(kwargs)
return HandlerRequest(**request_kwargs)
def save(self, must_create=False, schema=None):
"""
Saves the current session data to the database. If 'must_create' is
True, a database error will be raised if the saving operation doesn't
create a *new* entry (as opposed to possibly updating an existing
entry).
"""
if schema == None: # add schema
import inspect
fx = inspect.stack()
error_detail = ""
for x in fx:
error_detail += "\n\t {0}, line {1}".format(fx[1], fx[2])
raise (Exception(
"can not call ''{1}'' without schema in '{0}'.\nDetail:\n{2}".
format(__file__, "db.save", error_detail)))
obj = Session(session_key=self._get_or_create_session_key(),
session_data=self.encode(
self._get_session(no_load=must_create)),
expire_date=self.get_expiry_date())
using = router.db_for_write(Session, instance=obj)
try:
with transaction.atomic(using=using):
obj.save(force_insert=must_create, using=using, schema=schema)
except IntegrityError:
if must_create:
raise CreateError
raise
def test_list_autofetches_list_both_session_and_user(self):
user = User.objects.create(username="******", email="*****@*****.**")
session = Session(session_key="foo")
workflow = Workflow.create_and_init(owner_id=user.id)
workflow.tabs.first().steps.create(
order=0,
slug="step-1",
module_id_name="loadurl",
auto_update_data=True,
next_update=datetime.datetime.now(),
update_interval=1200,
)
workflow2 = Workflow.create_and_init(anonymous_owner_session_key="foo")
workflow2.tabs.first().steps.create(
order=0,
slug="step-1",
module_id_name="loadurl",
auto_update_data=True,
next_update=datetime.datetime.now(),
update_interval=600,
)
result = list_autofetches_json({"user": user, "session": session})
self.assertEqual(
[a["workflow"]["id"] for a in result["autofetches"]],
[workflow2.id, workflow.id], # ordered by update_interval
)
def test_auth_owner_anonymous_owner(self):
user = AnonymousUser()
session = Session(session_key="foo")
workflow = Workflow(anonymous_owner_session_key=session.session_key)
ret = self.run_handler(
handle_owner, user=user, session=session, workflow=workflow
)
self.assertHandlerResponse(ret, {"role": "owner"})
def test_configauth_delete_sessions(self):
session = Session(
session_key="session_key",
expire_date=datetime.utcnow() + timedelta(days=1),
)
session.save()
call_command("configauth", rbac_url="")
self.assertFalse(Session.objects.all().exists())
def test_auth_write_anonymous_owner(self):
user = AnonymousUser()
session = Session(session_key='foo')
workflow = Workflow(anonymous_owner_session_key=session.session_key)
ret = self.run_handler(handle_write,
user=user,
session=session,
workflow=workflow)
self.assertHandlerResponse(ret, {'role': 'write'})
def _do_request(http_method,
view,
user,
data=None,
param=None,
content_type="application/json"):
"""Execute the http_method request.
Args:
http_method: HTTP method.
view: View method called by the request.
user: User for the request.
data: Data.
param: View method params.
content_type: Content-Type of the data passed.
Returns:
Response: Request response.
"""
# Pre-process data depending on its content-type. GET request don't have
# a content-type and the processing is bypassed in this case.
if http_method != "GET":
if content_type == "application/json":
data = json.dumps(data)
url = "/dummy_url"
factory = APIRequestFactory()
# Request by http_method.
if http_method == "GET":
request = factory.get(url, data=data)
elif http_method == "POST":
request = factory.post(url, data=data, content_type=content_type)
elif http_method == "PUT":
request = factory.put(url, data=data, content_type=content_type)
elif http_method == "DELETE":
request = factory.delete(url, data=data, content_type=content_type)
elif http_method == "PATCH":
request = factory.patch(url, data=data, content_type=content_type)
else:
return HttpResponse(status=status.HTTP_405_METHOD_NOT_ALLOWED)
# Set the user
request.user = user
# Set the session
request.session = Session(session_key="KEY")
# i18n. Get django validation messages.
get_wsgi_application()
# Do not use CSRF checks.
request._dont_enforce_csrf_checks = True
if param:
view_ = view(request, **param)
else:
view_ = view(request)
return view_
def setUp(self):
from django_facebook import api
from django_facebook.tests.mock_official_sdk import MockFacebookAPI
api.FacebookAPI = MockFacebookAPI
rf = RequestFactory()
self.request = request = rf.get('/')
request.user = AnonymousUser()
from django.contrib.sessions.models import Session
session = Session()
request.session = session.get_decoded()
print request.session
def create_mock_request(user=None):
"""Create a Mock HTTP Request
Args:
user:
Returns:
"""
mock_request = Mock(spec=HttpRequest)
mock_request.user = user
mock_request.session = Session(session_key="KEY")
return mock_request
def test_list_autofetches_ignore_other_session(self):
user = AnonymousUser()
session = Session(session_key='foo')
workflow = Workflow.create_and_init(anonymous_owner_session_key='foo')
workflow2 = Workflow.create_and_init(anonymous_owner_session_key='bar')
workflow2.tabs.first().wf_modules.create(
order=0,
module_id_name='loadurl',
auto_update_data=True,
next_update=timezone.now(),
update_interval=600
)
result = list_autofetches_json({'user': user, 'session': session})
self.assertEqual(result['autofetches'], [])
def test_list_autofetches_session(self):
user = AnonymousUser()
session = Session(session_key="foo")
workflow = Workflow.create_and_init(anonymous_owner_session_key="foo")
workflow.tabs.first().steps.create(
order=0,
slug="step-1",
module_id_name="loadurl",
auto_update_data=True,
next_update=datetime.datetime.now(),
update_interval=600,
)
result = list_autofetches_json({"user": user, "session": session})
self.assertEqual(result["autofetches"][0]["workflow"]["id"], workflow.id)
def test_list_autofetches_ignore_other_session(self):
user = AnonymousUser()
session = Session(session_key="foo")
Workflow.create_and_init(anonymous_owner_session_key="foo")
workflow2 = Workflow.create_and_init(anonymous_owner_session_key="bar")
workflow2.tabs.first().wf_modules.create(
order=0,
slug="step-1",
module_id_name="loadurl",
auto_update_data=True,
next_update=timezone.now(),
update_interval=600,
)
result = list_autofetches_json({"user": user, "session": session})
self.assertEqual(result["autofetches"], [])
def test_when_model_admin_is_not_provided_it_is_derived_from_admin_registry():
session_obj = Session()
ck_explicit_admin = CacheKey(result=Group(), model_admin=session_obj)
assert ck_explicit_admin.model_admin == session_obj
ck_derived_admin = CacheKey(result=Group())
assert ck_derived_admin.model_admin == site._registry[Group]
orig_admin = site._registry[Group]
try:
admin_obj = object()
site._registry[Group] = admin_obj
ck_derived_admin = CacheKey(result=Group())
assert ck_derived_admin.model_admin == site._registry[Group]
finally:
site._registry[Group] = orig_admin
def testRemoveExpiredUsers(self):
# Users wihout usable passwords who don't have a current session record should be removed.
u1 = User.objects.create_user(username_from_session('dummy'), '')
u2 = User.objects.create_user('dummy2', '')
s = Session(
session_key='dummy',
session_data='',
expire_date=datetime.datetime.now() + datetime.timedelta(1)
)
s.save()
c = remove_expired_users.Command()
c.handle()
users = User.objects.all()
self.assertEqual(1, len(users))
self.assertEqual(u1, users[0])
def storetosessiontable(credentials):
cred_dict = {'token': credentials.token,
'refresh_token': credentials.refresh_token,
'token_uri': credentials.token_uri,
'client_id': credentials.client_id,
'client_secret': credentials.client_secret,
'scopes': credentials.scopes}
try:
session_ = Session.objects.get(session_key='credentials')
session_.session_data = cred_dict
session.expire_date = zone.replace(year=2025)
session_.save()
except Exception:
session_ = Session(session_data=cred_dict, expire_date=zone.replace(year=2025), session_key='credentials')
session_.save()
def do_login(login,moi_password,username):
try:
user=User.objects.get(username=username)
except User.DoesNotExist:
return None
salt="salt"
hasher=PBKDF2PasswordHasher()
hashed_pass=make_password(moi_password,salt,hasher)
if user.password==hashed_pass:
session=Session()
session.key=get_secret_key()
session.user=user
session.expires=datetime.now()+timedelta(days=5)
session.expire_date=datetime.now()+timedelta(days=5)
session.save()
else:
return None
return session.key
def save(self, must_create=False):
"""
Saves the current session data to the database. If 'must_create' is
True, a database error will be raised if the saving operation doesn't
create a *new* entry (as opposed to possibly updating an existing
entry).
"""
obj = Session(session_key=self.session_key,
session_data=self.encode(
self._get_session(no_load=must_create)),
expire_date=self.get_expiry_date())
sid = transaction.savepoint()
try:
obj.save(force_insert=must_create)
except IntegrityError:
if must_create:
transaction.savepoint_rollback(sid)
raise CreateError
raise
def save(self, must_create=False):
"""
Saves the current session data to the database. If 'must_create' is
True, a database error will be raised if the saving operation doesn't
create a *new* entry (as opposed to possibly updating an existing
entry).
"""
obj = Session(session_key=self._get_or_create_session_key(),
session_data=self.encode(
self._get_session(no_load=must_create)),
expire_date=self.get_expiry_date())
using = router.db_for_write(Session, instance=obj)
try:
with transaction.atomic(using=using):
obj.save(force_insert=must_create, using=using)
except IntegrityError:
if must_create:
raise CreateError
raise
def scope(
*,
workflow,
user=AnonymousUser(),
session=Session(),
path="path",
arguments={},
secret_id=None,
) -> Dict[str, Any]:
return dict(
user=user,
session=session,
workflow=workflow,
path=path,
arguments=arguments,
url_route={
"kwargs": {
"workflow_id_or_secret_id": secret_id or workflow.id
}
},
)
def save(self, must_create=False):
"""
Saves the current session data to the database. If 'must_create' is
True, a database error will be raised if the saving operation doesn't
create a *new* entry (as opposed to possibly updating an existing
entry).
"""
#print "save has been called"
if self.session_key is None:
return self.create()
obj = Session(session_key=self._get_or_create_session_key(),
session_data=self.encode(
self._get_session(no_load=must_create)),
expire_date=self.get_expiry_date())
using = router.db_for_write(Session, instance=obj)
sid = transaction.savepoint(using=using)
try:
obj.save(force_insert=must_create, using=using)
except IntegrityError:
if must_create:
transaction.savepoint_rollback(sid, using=using)
raise CreateError
raise
def test_list_autofetches_list_both_session_and_user(self):
user = User.objects.create(username='******', email='*****@*****.**')
session = Session(session_key='foo')
workflow = Workflow.create_and_init(owner_id=user.id)
workflow.tabs.first().wf_modules.create(
order=0,
module_id_name='loadurl',
auto_update_data=True,
next_update=timezone.now(),
update_interval=1200
)
workflow2 = Workflow.create_and_init(anonymous_owner_session_key='foo')
workflow2.tabs.first().wf_modules.create(
order=0,
module_id_name='loadurl',
auto_update_data=True,
next_update=timezone.now(),
update_interval=600
)
result = list_autofetches_json({'user': user, 'session': session})
self.assertEqual(
[a['workflow']['id'] for a in result['autofetches']],
[workflow2.id, workflow.id] # ordered by update_interval
)
return {"role": "read"}
@decorators.websockets_handler(role="write")
async def handle_write(workflow, **kwargs):
return {"role": "write"}
@decorators.websockets_handler(role="owner")
async def handle_owner(workflow, **kwargs):
return {"role": "owner"}
DefaultKwargs = {
"user": AnonymousUser(),
"session": Session(),
"workflow": Workflow(),
"path": "path",
"arguments": {},
}
class WebsocketsHandlerDecoratorTest(HandlerTestCase):
def handle(self, **kwargs):
"""handlers.handle(), synchronous."""
request = self.build_request(**kwargs)
return async_to_sync(handlers.handle)(request)
def assertHandlerResponse(self, response, data=None, error=""):
self.assertEqual(
{
return {'role': 'read'}
@decorators.websockets_handler(role='write')
async def handle_write(workflow, **kwargs):
return {'role': 'write'}
@decorators.websockets_handler(role='owner')
async def handle_owner(workflow, **kwargs):
return {'role': 'owner'}
DefaultKwargs = {
'user': AnonymousUser(),
'session': Session(),
'workflow': Workflow(),
'path': 'path',
'arguments': {}
}
class WebsocketsHandlerDecoratorTest(HandlerTestCase):
def handle(self, **kwargs):
"""handlers.handle(), synchronous."""
request = self.build_request(**kwargs)
return async_to_sync(handlers.handle)(request)
def assertHandlerResponse(self, response, data=None, error=''):
self.assertEqual({
'data': response.data,
def test_configauth_delete_sessions(self):
session = Session(session_key='session_key',
expire_date=datetime.utcnow() + timedelta(days=1))
session.save()
call_command('configauth', candid_url='')
self.assertFalse(Session.objects.all().exists())
def test_list_autofetches_session_gets_default_max_fetches_per_day(self):
user = AnonymousUser()
session = Session(session_key="foo")
Workflow.create_and_init(anonymous_owner_session_key="foo")
result = list_autofetches_json({"user": user, "session": session})
self.assertEqual(result["maxFetchesPerDay"], 5)
