def open(self, secure=False, **kwargs):
"""Make a request using werkzeug.test.Client"""
base = copy.copy(self.environ_base)
base_url = utils.abs_url(secure=secure)
base.update(base_url=base_url)
base.update(kwargs)
return self.client.open(**base)
def setUp(self):
self.environ_base = {
'base_url': utils.abs_url()
, 'method': 'GET'
}
self.client = Client(application, Response)
self.logged_in = False
def serve_expr(self, tdata, expr):
meta = {}
resp = {
'expr_id':
expr.id,
'content_url':
abs_url(domain=self.config.content_domain,
secure=tdata.request.is_secure) + expr.id,
'expr':
expr.client_view(viewer=tdata.user, activity=10),
'title':
expr.get('title', '[Untitled]')
}
if (not tdata.user.can_view(expr)
and not expr.cmp_password(tdata.request.form.get('password'))
and not expr.cmp_password(tdata.request.args.get('pw'))):
resp['expr'] = dfilter(resp['expr'],
['owner', 'auth', 'id', 'name'])
resp['expr']['title'] = '[password required]'
resp['error'] = 'password'
else:
snap_url = expr.snapshot_name('big')
if snap_url and not snap_url.startswith("http"):
meta['img_url'] = "http:" + snap_url
else:
meta['img_url'] = snap_url
expr_owner = expr.get_owner()
if expr_owner and expr_owner['analytics'].get('views_by'):
expr_owner.increment({'analytics.views_by': 1})
if not expr.get('views'): expr['views'] = 0
if expr_owner.id != tdata.user.id: expr.increment({'views': 1})
resp['meta'] = meta
return resp
def expr(self, tdata, id=None, owner_name=None, expr_name='', **args):
expr = (self.db.Expr.fetch(id) if id else self.db.Expr.named(
owner_name, expr_name))
if not expr:
if args.get('route_name') == 'user_home':
return self.redirect(
tdata.response,
abs_url('/' + owner_name + '/profile/feed'))
return None
return self.serve_expr(tdata, expr)
def deactivate(self, tdata, request, response, **args):
if request.form.get('deactivate')=='':
if not tdata.user.logged_in:
return { 'error': 'need_login'}
# log them out
auth.handle_logout(self.db, tdata.user, request, response)
# delete user data
tdata.user.delete()
# redirect to home
return self.redirect(response, abs_url('/'))
def oembed(self, tdata, request, response, **args):
format = request.args.get('format', 'json')
if format != 'json':
return self.serve_500(request, response, status=501)
url = URL(request.args.get('url'))
params = url.query
user_and_page = url.path[1:].split('/', 1)
user = lget(user_and_page, 0)
page = lget(user_and_page, 1, '')
r = self.db.Expr.named(user, page)
if not r: return self.serve_404(tdata)
if r['auth'] == 'password':
return self.serve_forbidden(tdata, request, response, status=401)
type(required)
resp = dict(title=r.get('title', r.get('name', '')),
author_name=r['owner_name'],
author_url=r.owner.url)
# ultra snapshot doesn't exist on any old page
max_w = min(715, int(request.args.get('maxwidth', 715)))
max_h = min(430, int(request.args.get('maxheight', 430)))
size = r.snapshot_max_size(max_w, max_h)
dims = r.snapshot_dims(size)
if size:
snapshot = r.snapshot_name_http(size=size)
resp.update(type='rich',
version='1.0',
thumbnail_url=snapshot,
thumbnail_width=dims[0],
thumbnail_height=dims[1],
width=dims[0],
height=dims[1])
if request.args.get('template', 'iframe') == 'iframe':
# default click to play view
# params['viewport'] = '{0}x{1}'.format(*dims)
resp.update(
html=("<iframe src='{0}' " +
"width='{1}' height='{2}' allowfullscreen></iframe>"
).format(abs_url('e/' + r.id), *dims))
else:
# linked snapshot img
target = request.args.get('link_target', '_new')
resp.update(html=("<a href='{0}?{1}' target='{2}'><img " +
"src='{3}' width='{4}' height='{5}'></a>"
).format(r.url, urllib.urlencode(params),
target, snapshot, *dims))
else:
# uh-oh, missing snapshot, give a simple link
resp.update(type='link')
return self.serve_json(response, resp)
def url(self, name, abs=False, return_debug=True, http=False):
if not name: return self.base_url
props = self.assets.get(name)
# TODO: return path of special logging 404 page if asset not found
if props:
url = ((self.local_base_url + name) if props[2] else
(self.base_url + name + '.' + props[1]))
if abs and re.match(r'/[^/]', url): url = abs_url() + url[1:]
if http and url.startswith('//'): url = 'http:' + url
return url
elif return_debug:
return '/not_found:' + name
def log_in(self, admin=False):
"""The werkzeug request Client saves cookies included in response, so
you can log in using this method before performing any test cases that
require a logged in user"""
user = {'username': '******', 'secret': 'triangle22'}
if self.logged_in: return True
data = {'action': 'login', 'url': utils.abs_url()}
data.update(user)
resp = self.open(method='POST', secure=True, data=data)
if resp.status == '303 SEE OTHER':
self.user = db.User.named(user['username'])
self.logged_in = True
else:
raise Exception("login failed, status {}".format(resp.status))
if admin:
config.admins.append(user['username'])
return self.logged_in
def test_request_invite(self):
"""Test the request invite form"""
email = 'test+{}@thenewhive.com'.format(utils.junkstr(8).lower())
data = {
'action': 'signup_request'
, 'name': 'test'
, 'email': email
, 'referral': 'referral field'
, 'message': 'message field'
, 'forward': utils.abs_url()
}
response = self.open(data=data)
self.assertStatus(response, 200)
# Check newly created contact record
record = db.Contact.last()
print record
self.assertEqual(record['email'], email)
return record
def login(self, tdata, request, response, **args):
error = False
if tdata.user.logged_in:
resp = tdata.user.client_view()
else:
authed = auth.handle_login(self.db, request, response)
if type(authed) == self.db.User.entity:
resp = authed.client_view()
else:
resp = { 'error': 'Incorrect username or password.' }
error = "login"
if request.args.get('json') or request.form.get('json'):
return self.serve_json(response, resp)
query = ""
if error:
query = "#error=" + error
return self.redirect( response, (request.form.get('from')
or abs_url()) + query )
def embed(self,
tdata,
request,
response,
owner_name=None,
expr_name=None,
expr_id=None,
**args):
expr = (self.db.Expr.fetch(expr_id) if expr_id else self.db.Expr.named(
owner_name, expr_name))
if not expr: return self.serve_404(tdata)
tdata.context.update(
expr=expr,
embed=True,
content_url=abs_url(domain=self.config.content_domain,
secure=tdata.request.is_secure) + expr.id,
icon=False,
route_args=args,
barebones=True)
tdata.context.update(self.cards_for_expr(tdata, expr))
return self.serve_page(tdata, 'pages/embed.html')
def password_recover(self, tdata, request, response, **args):
resp = {}
logged_user = tdata.user
email = request.form.get('email')
users = list(self.db.User.search({'email': email}))
if logged_user and logged_user.id:
resp = { 'error': 'Already logged in.' }
elif not users:
resp = { 'error': 'Sorry, that email address is not in our records.' }
else:
for user in users:
key = junkstr(16)
user.recovery_link = (abs_url(secure=True)
+ "home/password_reset?key="
+ key + '&user=' + user.id
)
user.update(password_recovery = key)
mail.TemporaryPassword(jinja_env=self.jinja_env, db=self.db
).send(users)
return self.serve_json(response, resp)
def streamified_login(self, tdata, request, response, **args):
streamified_username = request.args['usernames'].split(',')[0]
post = {
'code': request.args['code'],
'grant_type': 'authorization_code',
'redirect_uri': abs_url(secure=True) + 'streamified_login',
'scope': streamified_username,
'client_id': config.streamified_client_id,
'client_secret': config.streamified_client_secret,
}
headers = { 'content-type': 'application/x-www-form-urlencoded', }
body = urllib.urlencode(post)
print config.streamified_url + 'oauth/access_token', body
http = httplib2.Http(timeout=0.5, disable_ssl_certificate_validation=True)
resp, content = http.request(config.streamified_url + 'oauth/access_token',
method='POST', body=body, headers=headers)
print (resp, content)
return self.serve_page(tdata, 'pages/streamified_login.html')
def __init__(self, code=None, redirect_uri=None, user=None):
self.client_id = config.facebook_app_id
self.client_secret = config.facebook_client_secret
self.scope = 'email'
self.auth_uri = 'https://www.facebook.com/dialog/oauth'
self.token_uri = 'https://graph.facebook.com/oauth/access_token'
self.default_redirect_uri = abs_url(secure=True)
self.user_agent = None
self._access_token = None
self.redirect_uri = redirect_uri
self.code = code
self.user = user
if code and redirect_uri != None:
self.auth = [{'code': code, 'redirect_uri': redirect_uri}]
else: self.auth = []
self._credentials = None
self.flow = OAuth2WebServerFlow(
client_id=self.client_id
, client_secret=self.client_secret
, scope=self.scope
, auth_uri = self.auth_uri
, token_uri = self.token_uri
)
def user_tag_redirect(self, tdata, owner_name='', tag_name='', **kwargs):
return self.redirect(
tdata.response,
abs_url('/' + owner_name +
('/collection/' + tag_name if tag_name else '')))
def my_home(self, tdata, **kwargs):
return self.redirect(
tdata.response,
abs_url('/' + tdata.user['name'] + '/profile/feed' +
Community.parse_query(tdata.request.query_string)))
def profile_redirect(self, tdata, owner_name='', **kwargs):
return self.redirect(
tdata.response,
abs_url('/' + owner_name +
('/profile/feed' if owner_name else '')))
