def __init__(self, request, response, settings, template_renderer_adapter=None, static_url_generator_adapter=None, authentication_manager_adapter=None, secure_cookie_wrapper_adapter=None, method_selector_adapter=None, response_normaliser_adapter=None): """ """ self.request = request self.response = response self.settings = settings if template_renderer_adapter is None: self.template_renderer = registry.getAdapter( self.settings, ITemplateRenderer) else: self.template_renderer = template_renderer_adapter(self.settings) if static_url_generator_adapter is None: self.static = registry.getMultiAdapter( (self.request, self.settings), IStaticURLGenerator) else: self.static = static_url_generator_adapter(self.request, self.settings) if authentication_manager_adapter is None: self.auth = registry.getAdapter(self.request, IAuthenticationManager) else: self.auth = authentication_manager_adapter(self.request) if secure_cookie_wrapper_adapter is None: self.cookies = registry.getMultiAdapter( (self.request, self.response, self.settings), ISecureCookieWrapper) else: self.cookies = secure_cookie_wrapper_adapter( self.request, self.response, self.settings) if method_selector_adapter is None: self._method_selector = registry.getAdapter(self, IMethodSelector) else: self._method_selector = method_selector_adapter(self) self._response_normaliser_adapter = response_normaliser_adapter
def __init__( self, request, response, settings, template_renderer_adapter=None, static_url_generator_adapter=None, authentication_manager_adapter=None, secure_cookie_wrapper_adapter=None, method_selector_adapter=None, response_normaliser_adapter=None ): """ """ self.request = request self.response = response self.settings = settings if template_renderer_adapter is None: self.template_renderer = registry.getAdapter( self.settings, ITemplateRenderer ) else: self.template_renderer = template_renderer_adapter(self.settings) if static_url_generator_adapter is None: self.static = registry.getMultiAdapter(( self.request, self.settings ), IStaticURLGenerator ) else: self.static = static_url_generator_adapter( self.request, self.settings ) if authentication_manager_adapter is None: self.auth = registry.getAdapter( self.request, IAuthenticationManager ) else: self.auth = authentication_manager_adapter(self.request) if secure_cookie_wrapper_adapter is None: self.cookies = registry.getMultiAdapter(( self.request, self.response, self.settings ), ISecureCookieWrapper ) else: self.cookies = secure_cookie_wrapper_adapter( self.request, self.response, self.settings ) if method_selector_adapter is None: self._method_selector = registry.getAdapter(self, IMethodSelector) else: self._method_selector = method_selector_adapter(self) self._response_normaliser_adapter = response_normaliser_adapter
if self.check_xsrf and self.settings["check_xsrf"]: self.xsrf_validate() except XSRFError, err: handler_response = self.handle_xsrf_error(err) else: try: handler_response = method(*args, **kwargs) except webob_exceptions.HTTPException, err: handler_response = self.error(exception=err) except Exception, err: if self.request.environ.get('paste.throw_errors', False): raise handler_response = self.handle_system_error(err) if self._response_normaliser_adapter is None: response_normaliser = registry.getAdapter(self.response, IResponseNormaliser) else: response_normaliser = self._response_normaliser_adapter( self.response) return response_normaliser.normalise(handler_response) @property def xsrf_token(self): """ A token we can check to prevent `XSRF`_ attacks. .. _`xsrf`: http://en.wikipedia.org/wiki/Cross-site_request_forgery """ if not hasattr(self, '_xsrf_token'): token = self.cookies.get('_xsrf')
self.xsrf_validate() except XSRFError, err: handler_response = self.handle_xsrf_error(err) else: try: handler_response = method(*args, **kwargs) except webob_exceptions.HTTPException, err: handler_response = self.error(exception=err) except Exception, err: if self.request.environ.get('paste.throw_errors', False): raise handler_response = self.handle_system_error(err) if self._response_normaliser_adapter is None: response_normaliser = registry.getAdapter( self.response, IResponseNormaliser ) else: response_normaliser = self._response_normaliser_adapter( self.response ) return response_normaliser.normalise(handler_response) @property def xsrf_token(self): """ A token we can check to prevent `XSRF`_ attacks. .. _`xsrf`: http://en.wikipedia.org/wiki/Cross-site_request_forgery