def test_log_message(self):
# Silence the django.server logger by replacing its StreamHandler with
# NullHandler.
logger = logging.getLogger('django.server')
original_handlers = logger.handlers
logger.handlers = [logging.NullHandler()]
try:
request = WSGIRequest(RequestFactory().get('/').environ)
request.makefile = lambda *args, **kwargs: BytesIO()
handler = WSGIRequestHandler(request, '192.168.0.2', None)
level_status_codes = {
'info': [200, 301, 304],
'warning': [400, 403, 404],
'error': [500, 503],
}
def _log_level_code(level, status_code):
with patch_logger('django.server', level) as messages:
handler.log_message('GET %s %s', 'A', str(status_code))
return messages
for level, status_codes in level_status_codes.items():
for status_code in status_codes:
# The correct level gets the message.
messages = _log_level_code(level, status_code)
self.assertIn('GET A %d' % status_code, messages[0])
# Incorrect levels shouldn't have any messages.
for wrong_level in level_status_codes:
if wrong_level != level:
messages = _log_level_code(wrong_level, status_code)
self.assertEqual(len(messages), 0)
finally:
logger.handlers = original_handlers
def test_request_capture(self):
if django.VERSION[:2] < (1, 3):
return
request = WSGIRequest(
environ={
"wsgi.input": StringIO(),
"REQUEST_METHOD": "POST",
"SERVER_NAME": "testserver",
"SERVER_PORT": "80",
"CONTENT_TYPE": "text/html",
"ACCEPT": "text/html",
}
)
request.read(1)
self.raven.capture("Message", message="foo", request=request)
self.assertEquals(len(self.raven.events), 1)
event = self.raven.events.pop(0)
self.assertTrue("sentry.interfaces.Http" in event)
http = event["sentry.interfaces.Http"]
self.assertEquals(http["method"], "POST")
self.assertEquals(http["data"], "<unavailable>")
self.assertTrue("headers" in http)
headers = http["headers"]
self.assertTrue("Content-Type" in headers, headers.keys())
self.assertEquals(headers["Content-Type"], "text/html")
env = http["env"]
self.assertTrue("SERVER_NAME" in env, env.keys())
self.assertEquals(env["SERVER_NAME"], "testserver")
self.assertTrue("SERVER_PORT" in env, env.keys())
self.assertEquals(env["SERVER_PORT"], "80")
def get_request(self, path=None, language=settings.LANGUAGES[0][0]):
if not path:
path = self.get_pages_root()
parsed_path = urlparse(path)
host = parsed_path.netloc or 'testserver'
port = 80
if ':' in host:
host, port = host.split(':', 1)
environ = {
'HTTP_COOKIE': self.client.cookies,
'PATH_INFO': parsed_path.path,
'QUERY_STRING': parsed_path.query,
'REMOTE_ADDR': '127.0.0.1',
'REQUEST_METHOD': 'GET',
'SCRIPT_NAME': '',
'SERVER_NAME': host,
'SERVER_PORT': port,
'SERVER_PROTOCOL': 'HTTP/1.1',
'wsgi.version': (1, 0),
'wsgi.url_scheme': 'http',
'wsgi.errors': self.client.errors,
'wsgi.multiprocess': True,
'wsgi.multithread': False,
'wsgi.run_once': False,
}
request = WSGIRequest(environ)
request.session = self.client.session
request.user = getattr(self, 'user', AnonymousUser())
request.LANGUAGE_CODE = language
return request
def get(self, *args, **kwargs):
# type: (*Any, **Any) -> None
environ = WSGIContainer.environ(self.request)
environ['PATH_INFO'] = urllib.parse.unquote(environ['PATH_INFO'])
request = WSGIRequest(environ)
request._tornado_handler = self
set_script_prefix(get_script_name(environ))
signals.request_started.send(sender=self.__class__)
try:
response = self.get_response(request)
if not response:
return
finally:
signals.request_finished.send(sender=self.__class__)
self.set_status(response.status_code)
for h in response.items():
self.set_header(h[0], h[1])
if not hasattr(self, "_new_cookies"):
self._new_cookies = [] # type: List[http.cookie.SimpleCookie]
self._new_cookies.append(response.cookies)
self.write(response.content)
self.finish()
def test_request_capture(self):
if django.VERSION[:2] < (1, 3):
return
request = WSGIRequest(
environ={
'wsgi.input': StringIO(),
'REQUEST_METHOD': 'POST',
'SERVER_NAME': 'testserver',
'SERVER_PORT': '80',
'CONTENT_TYPE': 'text/html',
'ACCEPT': 'text/html',
})
request.read(1)
self.raven.capture('Message', message='foo', request=request)
self.assertEquals(len(self.raven.events), 1)
event = self.raven.events.pop(0)
self.assertTrue('sentry.interfaces.Http' in event)
http = event['sentry.interfaces.Http']
self.assertEquals(http['method'], 'POST')
self.assertEquals(http['data'], '<unavailable>')
self.assertTrue('headers' in http)
headers = http['headers']
self.assertTrue('Content-Type' in headers, headers.keys())
self.assertEquals(headers['Content-Type'], 'text/html')
env = http['env']
self.assertTrue('SERVER_NAME' in env, env.keys())
self.assertEquals(env['SERVER_NAME'], 'testserver')
self.assertTrue('SERVER_PORT' in env, env.keys())
self.assertEquals(env['SERVER_PORT'], '80')
def setUp(self):
context = {}
environ = {
'HTTP_COOKIE': self.client.cookies,
'PATH_INFO': '/',
'QUERY_STRING': '',
'REMOTE_ADDR': '127.0.0.1',
'REQUEST_METHOD': 'GET',
'SCRIPT_NAME': '',
'SERVER_NAME': 'testserver',
'SERVER_PORT': '80',
'SERVER_PROTOCOL': 'HTTP/1.1',
'wsgi.version': (1,0),
'wsgi.url_scheme': 'http',
'wsgi.errors': self.client.errors,
'wsgi.multiprocess': True,
'wsgi.multithread': False,
'wsgi.run_once': False,
}
request = WSGIRequest(environ)
request.session = self.client.session
request.user = User()
context['request'] = request
self.context = context
def build_request(uri='/', user=None):
'''
Return a fresh HTTP GET / request.
This is essentially a heavily cutdown version of Django 1.3's
`~django.test.client.RequestFactory`.
'''
path, _, querystring = uri.partition('?')
request = WSGIRequest({
'CONTENT_TYPE': 'text/html; charset=utf-8',
'PATH_INFO': path,
'QUERY_STRING': querystring,
'REMOTE_ADDR': '127.0.0.1',
'REQUEST_METHOD': 'GET',
'SCRIPT_NAME': '',
'SERVER_NAME': 'testserver',
'SERVER_PORT': '80',
'SERVER_PROTOCOL': 'HTTP/1.1',
'wsgi.version': (1, 0),
'wsgi.url_scheme': 'http',
'wsgi.input': FakePayload(b''),
'wsgi.errors': six.StringIO(),
'wsgi.multiprocess': True,
'wsgi.multithread': False,
'wsgi.run_once': False,
})
if user is not None:
request.user = user
return request
def test_raw_post_data_partial_read(self):
if django.VERSION[:2] < (1, 3):
return
v = '{"foo": "bar"}'
request = WSGIRequest(
environ={
"wsgi.input": StringIO(v + "\r\n\r\n"),
"REQUEST_METHOD": "POST",
"SERVER_NAME": "testserver",
"SERVER_PORT": "80",
"CONTENT_TYPE": "application/octet-stream",
"CONTENT_LENGTH": len(v),
"ACCEPT": "application/json",
}
)
request.read(1)
self.raven.capture("Message", message="foo", request=request)
self.assertEquals(len(self.raven.events), 1)
event = self.raven.events.pop(0)
self.assertTrue("sentry.interfaces.Http" in event)
http = event["sentry.interfaces.Http"]
self.assertEquals(http["method"], "POST")
self.assertEquals(http["data"], "<unavailable>")
def _make_request(path):
req = WSGIRequest({
'REQUEST_METHOD': 'GET',
'PATH_INFO': path,
'wsgi.input': StringIO()})
req.user = AnonymousUser()
return req
def get(self):
from tornado.wsgi import WSGIContainer
from django.core.handlers.wsgi import WSGIRequest, get_script_name
import urllib
environ = WSGIContainer.environ(self.request)
environ['PATH_INFO'] = urllib.unquote(environ['PATH_INFO'])
request = WSGIRequest(environ)
request._tornado_handler = self
set_script_prefix(get_script_name(environ))
signals.request_started.send(sender=self.__class__)
try:
response = self.get_response(request)
if not response:
return
finally:
signals.request_finished.send(sender=self.__class__)
self.set_status(response.status_code)
for h in response.items():
self.set_header(h[0], h[1])
if not hasattr(self, "_new_cookies"):
self._new_cookies = []
self._new_cookies.append(response.cookies)
self.write(response.content)
self.finish()
def __call__(self, environ):
from django.conf import settings
# Set up middleware if needed. We couldn't do this earlier, because
# settings weren't available.
if self._request_middleware is None:
self.load_middleware()
request_started.disconnect(close_old_connections)
request_started.send(sender=self.__class__)
request_started.connect(close_old_connections)
request = WSGIRequest(environ)
# sneaky little hack so that we can easily get round
# CsrfViewMiddleware. This makes life easier, and is probably
# required for backwards compatibility with external tests against
# admin views.
request._dont_enforce_csrf_checks = not self.enforce_csrf_checks
response = self.get_response(request)
# We're emulating a WSGI server; we must call the close method
# on completion.
if response.streaming:
response.streaming_content = closing_iterator_wrapper(response.streaming_content, response.close)
else:
request_finished.disconnect(close_old_connections)
response.close() # will fire request_finished
request_finished.connect(close_old_connections)
return response
def test_raw_post_data_partial_read(self):
if django.VERSION[:2] < (1, 3):
return
v = '{"foo": "bar"}'
request = WSGIRequest(
environ={
'wsgi.input': StringIO(v + '\r\n\r\n'),
'REQUEST_METHOD': 'POST',
'SERVER_NAME': 'testserver',
'SERVER_PORT': '80',
'CONTENT_TYPE': 'application/octet-stream',
'CONTENT_LENGTH': len(v),
'ACCEPT': 'application/json',
})
request.read(1)
self.raven.capture('Message', message='foo', request=request)
self.assertEquals(len(self.raven.events), 1)
event = self.raven.events.pop(0)
self.assertTrue('sentry.interfaces.Http' in event)
http = event['sentry.interfaces.Http']
self.assertEquals(http['method'], 'POST')
self.assertEquals(http['data'], '<unavailable>')
def test_wsgirequest_repr(self):
request = WSGIRequest({"PATH_INFO": "/somepath/", "REQUEST_METHOD": "get", "wsgi.input": BytesIO(b"")})
request.GET = {"get-key": "get-value"}
request.POST = {"post-key": "post-value"}
request.COOKIES = {"post-key": "post-value"}
request.META = {"post-key": "post-value"}
self.assertEqual(
repr(request),
str_prefix(
"<WSGIRequest\npath:/somepath/,\nGET:{%(_)s'get-key': %(_)s'get-value'},\nPOST:{%(_)s'post-key': %(_)s'post-value'},\nCOOKIES:{%(_)s'post-key': %(_)s'post-value'},\nMETA:{%(_)s'post-key': %(_)s'post-value'}>"
),
)
self.assertEqual(build_request_repr(request), repr(request))
self.assertEqual(
build_request_repr(
request,
path_override="/otherpath/",
GET_override={"a": "b"},
POST_override={"c": "d"},
COOKIES_override={"e": "f"},
META_override={"g": "h"},
),
str_prefix(
"<WSGIRequest\npath:/otherpath/,\nGET:{%(_)s'a': %(_)s'b'},\nPOST:{%(_)s'c': %(_)s'd'},\nCOOKIES:{%(_)s'e': %(_)s'f'},\nMETA:{%(_)s'g': %(_)s'h'}>"
),
)
def test_form_POST_unicode(self):
"""
JSON POST via default web interface with unicode data
"""
# Note: environ and other variables here have simplified content compared to real Request
CONTENT = b'_content_type=application%2Fjson&_content=%7B%22request%22%3A+4%2C+%22firm%22%3A+1%2C+%22text%22%3A+%22%D0%9F%D1%80%D0%B8%D0%B2%D0%B5%D1%82%21%22%7D'
environ = {
'REQUEST_METHOD': 'POST',
'CONTENT_TYPE': 'application/x-www-form-urlencoded',
'CONTENT_LENGTH': len(CONTENT),
'wsgi.input': BytesIO(CONTENT),
}
wsgi_request = WSGIRequest(environ=environ)
wsgi_request._load_post_and_files()
parsers = (JSONParser(), FormParser(), MultiPartParser())
parser_context = {
'encoding': 'utf-8',
'kwargs': {},
'args': (),
}
request = Request(wsgi_request, parsers=parsers, parser_context=parser_context)
method = request.method
self.assertEqual(method, 'POST')
self.assertEqual(request._content_type, 'application/json')
self.assertEqual(request._stream.getvalue(), b'{"request": 4, "firm": 1, "text": "\xd0\x9f\xd1\x80\xd0\xb8\xd0\xb2\xd0\xb5\xd1\x82!"}')
self.assertEqual(request._data, Empty)
self.assertEqual(request._files, Empty)
def test_stream(self):
payload = FakePayload('name=value')
request = WSGIRequest({'REQUEST_METHOD': 'POST',
'CONTENT_TYPE': 'application/x-www-form-urlencoded',
'CONTENT_LENGTH': len(payload),
'wsgi.input': payload})
self.assertEqual(request.read(), b'name=value')
def __init__(self, environ, *args, **kwargs):
Request.__init__(self, environ)
WSGIRequest.__init__(self, environ)
# add path args args to the request
self.url_args = args or []
self.url_kwargs = kwargs or {}
def get_request(self, path=None):
if not path:
path = '/'
environ = {
'HTTP_COOKIE': self.client.cookies,
'PATH_INFO': path,
'QUERY_STRING': '',
'REMOTE_ADDR': '127.0.0.1',
'REQUEST_METHOD': 'GET',
'SCRIPT_NAME': '',
'SERVER_NAME': 'testserver',
'SERVER_PORT': '80',
'SERVER_PROTOCOL': 'HTTP/1.1',
'wsgi.version': (1,0),
'wsgi.url_scheme': 'http',
'wsgi.errors': self.client.errors,
'wsgi.multiprocess': True,
'wsgi.multithread': False,
'wsgi.run_once': False,
}
request = WSGIRequest(environ)
request.session = self.client.session
request.LANGUAGE_CODE = settings.LANGUAGE_CODE
return request
def details_html(self, obj):
try:
env = {
'REQUEST_METHOD' : 'GET',
'wsgi.input' : None,
}
request = WSGIRequest(env)
request.user = AnonymousUser()
bugstext = utils.get_bugs_as_html(obj.id, True)
text = render(request, "apps/tabs.html",
{
"advisory" : obj,
"bugs" : bugstext,
"is_admin" : 1,
}
)
text = text.content
except:
text = "ERROR %s" % sys.exc_info()[1]
# in Django 1.5 and later this is rendered as
# <p>{{ field.contents|linebreaksbr }}</p>
# which replaces newlines with <br /> tags and breaks formatting
# https://code.djangoproject.com/ticket/19226#comment:15
text = text.replace("\n", "")
return text
def test_authenticate(self):
from tardis.tardis_portal.auth.ldap_auth import ldap_auth
from django.core.handlers.wsgi import WSGIRequest
from django.contrib.auth.models import User
# Tests Authenticate API
l = ldap_auth()
req = WSGIRequest({"REQUEST_METHOD": "POST"})
req._post = {'username': '******',
'password': '******',
'authMethod': 'ldap'}
u = l.authenticate(req)
u1 = {'email': '*****@*****.**',
'display': 'Test', 'id': 'testuser1'}
self.failUnlessEqual(u, u1)
# Test authservice API
from tardis.tardis_portal.auth import auth_service
req = WSGIRequest({"REQUEST_METHOD": "POST"})
req._post = {'username': '******',
'password': '******',
'authMethod': 'ldap'}
user = auth_service.authenticate('ldap', request=req)
self.assertTrue(isinstance(user, User))
# Check that there is an entry in the user authentication table
from tardis.tardis_portal.models import UserAuthentication
userAuth = UserAuthentication.objects.get(
userProfile__user=user,
authenticationMethod=l.name)
user1 = UserAuthentication.objects.get(username=user.username,
authenticationMethod='ldap').userProfile.user
self.assertEqual(user, user1)
def wrapped_handler500(request):
from oioioi.base.views import handler500
r = WSGIRequest(request)
r.session = import_module(settings.SESSION_ENGINE).SessionStore()
if self._user:
r.user = self._user
self._req = r
return handler500(r)
def test_log_message(self):
request = WSGIRequest(RequestFactory().get('/').environ)
request.makefile = lambda *args, **kwargs: BytesIO()
handler = WSGIRequestHandler(request, '192.168.0.2', None)
with captured_stderr() as stderr:
handler.log_message('GET %s %s', 'A', 'B')
self.assertIn('] GET A B', stderr.getvalue())
def run(self, meta, *args, **kwargs):
# TODO: subclass WSGIRequest so all of the wsgi stuff is actually gone
request = WSGIRequest(meta)
request._cache_update_cache = True
if not self.should_rebuild(request):
return
handler = AsyncHandler()
response = handler(request)
def test_read_after_value(self):
"""
Reading from request is allowed after accessing request contents as
POST or raw_post_data.
"""
request = WSGIRequest({'REQUEST_METHOD': 'POST', 'wsgi.input': StringIO('name=value')})
self.assertEqual(request.POST, {u'name': [u'value']})
self.assertEqual(request.raw_post_data, 'name=value')
self.assertEqual(request.read(), 'name=value')
def test_value_after_read(self):
"""
Construction of POST or raw_post_data is not allowed after reading
from request.
"""
request = WSGIRequest({'REQUEST_METHOD': 'POST', 'wsgi.input': StringIO('name=value')})
self.assertEqual(request.read(2), 'na')
self.assertRaises(Exception, lambda: request.raw_post_data)
self.assertEqual(request.POST, {})
def test_set_encoding_clears_GET(self):
request = WSGIRequest({
'REQUEST_METHOD': 'GET',
'wsgi.input': '',
'QUERY_STRING': 'name=Hello%20G%C3%BCnter',
})
self.assertEqual(request.GET, {'name': ['Hello Günter']})
request.encoding = 'iso-8859-16'
self.assertEqual(request.GET, {'name': ['Hello G\u0102\u0152nter']})
def test_POST_after_raw_post_data_read_and_stream_read(self):
"""
POST should be populated even if raw_post_data is read first, and then
the stream is read second.
"""
request = WSGIRequest({'REQUEST_METHOD': 'POST', 'wsgi.input': StringIO('name=value')})
raw_data = request.raw_post_data
self.assertEqual(request.read(1), u'n')
self.assertEqual(request.POST, {u'name': [u'value']})
def get_django_request(self):
request = \
WSGIRequest(WSGIContainer.environ(self.request))
request.session = self.get_django_session()
if self.current_user:
request.user = self.current_user
else:
request.user = auth.models.AnonymousUser()
return request
def test_wsgirequest_repr(self):
request = WSGIRequest({'PATH_INFO': '/somepath/', 'REQUEST_METHOD': 'get', 'wsgi.input': BytesIO(b'')})
request.GET = {'get-key': 'get-value'}
request.POST = {'post-key': 'post-value'}
request.COOKIES = {'post-key': 'post-value'}
request.META = {'post-key': 'post-value'}
self.assertEqual(repr(request), str_prefix("<WSGIRequest\npath:/somepath/,\nGET:{%(_)s'get-key': %(_)s'get-value'},\nPOST:{%(_)s'post-key': %(_)s'post-value'},\nCOOKIES:{%(_)s'post-key': %(_)s'post-value'},\nMETA:{%(_)s'post-key': %(_)s'post-value'}>"))
self.assertEqual(build_request_repr(request), repr(request))
self.assertEqual(build_request_repr(request, path_override='/otherpath/', GET_override={'a': 'b'}, POST_override={'c': 'd'}, COOKIES_override={'e': 'f'}, META_override={'g': 'h'}),
str_prefix("<WSGIRequest\npath:/otherpath/,\nGET:{%(_)s'a': %(_)s'b'},\nPOST:{%(_)s'c': %(_)s'd'},\nCOOKIES:{%(_)s'e': %(_)s'f'},\nMETA:{%(_)s'g': %(_)s'h'}>"))
def fake_request(self, path='/', user=None, method='GET', ajax=False, **kwargs):
csrf = kwargs.get('csrf', django_csrf._get_new_csrf_token())
request = WSGIRequest( { 'REQUEST_METHOD': method.upper(),
'PATH_INFO': path,
'wsgi.input': StringIO(),
'CSRF_COOKIE': csrf,
'HTTP_X_REQUESTED_WITH': 'XMLHttpRequest' if ajax else None})
request.user = AnonymousUser() if user is None else user
return request
def test_wsgirequest_repr(self):
request = WSGIRequest({'PATH_INFO': '/somepath/', 'REQUEST_METHOD': 'get', 'wsgi.input': StringIO('')})
request.GET = {u'get-key': u'get-value'}
request.POST = {u'post-key': u'post-value'}
request.COOKIES = {u'post-key': u'post-value'}
request.META = {u'post-key': u'post-value'}
self.assertEqual(repr(request), u"<WSGIRequest\npath:/somepath/,\nGET:{u'get-key': u'get-value'},\nPOST:{u'post-key': u'post-value'},\nCOOKIES:{u'post-key': u'post-value'},\nMETA:{u'post-key': u'post-value'}>")
self.assertEqual(build_request_repr(request), repr(request))
self.assertEqual(build_request_repr(request, path_override='/otherpath/', GET_override={u'a': u'b'}, POST_override={u'c': u'd'}, COOKIES_override={u'e': u'f'}, META_override={u'g': u'h'}),
u"<WSGIRequest\npath:/otherpath/,\nGET:{u'a': u'b'},\nPOST:{u'c': u'd'},\nCOOKIES:{u'e': u'f'},\nMETA:{u'g': u'h'}>")
def test_post(self):
mock_wsgi_session_context()
WSGIRequest.POST = MagicMock({
"user":
COR_COMMENT_DATA_1st["user"],
"comment":
COR_COMMENT_DATA_1st["comment"],
"pub_date":
COR_COMMENT_DATA_1st["pub_date"],
"name":
COR_SHA_PLACE_DATA_1st["name"],
"linkUrl":
COR_SHA_PLACE_DATA_1st["linkUrl"],
"imageUrl":
COR_SHA_PLACE_DATA_1st["imageUrl"],
"extract":
COR_SHA_PLACE_DATA_1st["extract"],
"latitude":
COR_SHA_PLACE_DATA_1st["latitude"],
"longtitude":
COR_SHA_PLACE_DATA_1st["longtitude"],
"prefecture":
COR_SHA_PLACE_DATA_1st["prefecture"],
"city":
COR_SHA_PLACE_DATA_1st["city"],
})
post_request = WSGIRequest({
'REQUEST_METHOD': 'POST',
'PATH_INFO': 'travel:place_list',
'wsgi.input': StringIO()
})
spv = SharePlaceView()
result = spv.post(post_request)
expect = render(post_request, 'travel/share_place_done.html')
self.assertEqual(result.status_code, 200)
self.assertEqual(remove_csrf(result.content.decode('utf-8')),
remove_csrf(expect.content.decode('utf-8')))
def test_body_after_POST_multipart_related(self):
"""
Reading body after parsing multipart that isn't form-data is allowed
"""
# Ticket #9054
# There are cases in which the multipart data is related instead of
# being a binary upload, in which case it should still be accessible
# via body.
payload_data = b"\r\n".join([
b'--boundary',
b'Content-ID: id; name="name"',
b'',
b'value',
b'--boundary--'
b''])
payload = FakePayload(payload_data)
request = WSGIRequest({'REQUEST_METHOD': 'POST',
'CONTENT_TYPE': 'multipart/related; boundary=boundary',
'CONTENT_LENGTH': len(payload),
'wsgi.input': payload})
self.assertEqual(request.POST, {})
self.assertEqual(request.body, payload_data)
def dummy_request(self):
"""
Construct a HttpRequest object that is, as far as possible, representative of ones that would
receive this page as a response. Used for previewing / moderation and any other place where we
want to display a view of this page in the admin interface without going through the regular
page routing logic.
"""
url = self.full_url
if url:
url_info = urlparse(url)
hostname = url_info.hostname
path = url_info.path
port = url_info.port or 80
else:
# Cannot determine a URL to this page - cobble one together based on
# whatever we find in ALLOWED_HOSTS
try:
hostname = settings.ALLOWED_HOSTS[0]
except IndexError:
hostname = 'localhost'
path = '/'
port = 80
request = WSGIRequest({
'REQUEST_METHOD': 'GET',
'PATH_INFO': path,
'SERVER_NAME': hostname,
'SERVER_PORT': port,
'wsgi.input': StringIO(),
})
# Apply middleware to the request - see http://www.mellowmorning.com/2011/04/18/mock-django-request-for-testing/
handler = BaseHandler()
handler.load_middleware()
for middleware_method in handler._request_middleware:
if middleware_method(request):
raise Exception("Couldn't create request mock object - "
"request middleware returned a response")
return request
def finanz_automated(request: WSGIRequest) -> HttpResponse:
file_upload_form = CSVFileUploadForm(request.POST or None, request.FILES)
if file_upload_form.is_valid():
csv_file: Optional[UploadedFile] = request.FILES.get("file")
if csv_file is None:
raise Http404(
) # cannot happen, as file_upload_form would not be valid
csv_file_text = TextIOWrapper(csv_file.file, encoding="iso-8859-1")
results, errors = parse_camt_csv(csv_file_text)
if errors:
for error in errors:
messages.error(request, error)
return redirect("fahrt:finanz_automated")
request.session["results"] = results
messages.success(request, _("The File was successfully uploaded"))
return redirect("fahrt:finanz_auto_matching")
context = {
"form": file_upload_form,
}
return render(request, "fahrt/finanz/automated_finanz.html", context)
def test_POST_connection_error(self):
"""
If wsgi.input.read() raises an exception while trying to read() the
POST, the exception should be identifiable (not a generic IOError).
"""
class ExplodingBytesIO(BytesIO):
def read(self, len=0):
raise IOError("kaboom!")
payload = b'name=value'
request = WSGIRequest({
'REQUEST_METHOD': 'POST',
'CONTENT_TYPE': 'application/x-www-form-urlencoded',
'CONTENT_LENGTH': len(payload),
'wsgi.input': ExplodingBytesIO(payload)
})
with warnings.catch_warnings(record=True) as w:
warnings.simplefilter("always")
with self.assertRaises(UnreadablePostError):
request.raw_post_data
self.assertEqual(len(w), 1)
def __call__(self, environ, start_response):
""" Hijack the main loop from the original thread and listen on events on Redis and Websockets"""
websocket = None
redis_store = self.RedisStore(self._redis_connection)
try:
self.assure_protocol_requirements(environ)
request = WSGIRequest(environ)
self.process_request(request)
channels = self.process_subscriptions(request)
websocket = self.upgrade_websocket(environ, start_response)
logger.debug('Subscribed to channels: {0}'.format(
', '.join(channels)))
redis_store.subscribe_channels(request, channels)
websocket_fd = websocket.get_file_descriptor()
listening_fds = [websocket_fd]
redis_fd = redis_store.get_file_descriptor()
if redis_fd:
listening_fds.append(redis_fd)
redis_store.send_persited_messages(websocket)
while websocket and not websocket.closed:
ready = self.select(listening_fds, [], [], 4.0)[0]
if not ready:
# flush empty socket
websocket.flush()
for fd in ready:
if fd == websocket_fd:
message = websocket.receive()
redis_store.publish_message(message)
elif fd == redis_fd:
response = redis_store.parse_response()
if response[0] == 'message':
message = response[2]
websocket.send(message)
else:
logger.error('Invalid file descriptor: {0}'.format(fd))
except WebSocketError, excpt:
logger.warning('WebSocketError: ', exc_info=sys.exc_info())
response = HttpResponse(status=1001, content='Websocket Closed')
def get_request_mock():
"""Build a ``request`` mock up that is used in to render
the templates in the most fidel environement as possible.
This fonction is used in the get_placeholders method to
render the input template and search for the placeholder
within.
"""
basehandler = BaseHandler()
basehandler.load_middleware()
# http://www.python.org/dev/peps/pep-0333/
request = WSGIRequest({
'HTTP_COOKIE': '',
'PATH_INFO': '/',
'QUERY_STRING': '',
'REMOTE_ADDR': '127.0.0.1',
'REQUEST_METHOD': 'GET',
'SERVER_NAME': 'page-request-mock',
'SCRIPT_NAME': '',
'SERVER_PORT': '80',
'SERVER_PROTOCOL': 'HTTP/1.1',
'HTTP_HOST': 'page-request-host',
'CONTENT_TYPE': 'text/html; charset=utf-8',
'wsgi.version': (1, 0),
'wsgi.url_scheme': 'http',
'wsgi.multiprocess': True,
'wsgi.multithread': False,
'wsgi.run_once': False,
'wsgi.input': StringIO("")
})
# Apply request middleware
for middleware_method in basehandler._request_middleware:
# LocaleMiddleware should never be applied a second time because
# it would broke the current real request language
if 'LocaleMiddleware' not in str(middleware_method.im_class):
response = middleware_method(request)
return request
def filter_participants(request: WSGIRequest) -> HttpResponse:
semester: Semester = get_object_or_404(Semester, pk=get_semester(request))
participants: QuerySet[Participant] = Participant.objects.filter(tour__semester=semester).order_by("surname")
filterform = FilterParticipantsForm(request.POST or None, semester=semester)
if filterform.is_valid():
search: str = filterform.cleaned_data["search"]
on_the_tour: str = filterform.cleaned_data["on_the_tour"]
tour: Optional[Tour] = filterform.cleaned_data["tour"]
if search:
participants = participants.filter(
Q(firstname__icontains=search)
| Q(surname__icontains=search)
| Q(email__icontains=search)
| Q(phone__icontains=search)
| Q(tour__name__icontains=search)
| Q(tour__description__icontains=search),
)
if tour is not None:
participants = participants.filter(tour=tour)
if on_the_tour == "True":
filtered_participants = [p.id for p in participants if p.on_the_tour]
elif on_the_tour == "False":
filtered_participants = [p.id for p in participants if not p.on_the_tour]
else: # on_the_tour == "":
filtered_participants = [p.id for p in participants]
request.session["filtered_participants"] = filtered_participants
return redirect("guidedtours:filtered_participants")
context = {
"participants": participants,
"filterform": filterform,
}
return render(request, "guidedtours/participants/filter_participants.html", context)
def __init__(self, request=None, locale=None):
"""If request is omitted, fall back to a default locale."""
# to avoid circular imports
from kitsune.users.models import Profile
self.request = request or WSGIRequest({"REQUEST_METHOD": "bogus", "wsgi.input": None})
self.locale, self.shortened_path = split_path(self.request.path_info)
# We also need to check to see if locale is already given in the url,
# as that serves as an override.
if not self.locale and request:
if request.user.is_anonymous:
language = request.session.get(settings.LANGUAGE_COOKIE_NAME)
if language:
self.locale = language
else:
try:
self.locale = Profile.objects.get(user=request.user).locale
except Profile.DoesNotExist:
pass
if locale:
self.locale = locale
def test_request_kwarg(self):
handler = OpbeatHandler()
logger = self.logger
logger.handlers = []
logger.addHandler(handler)
logger.error('This is a test error', extra={
'request': WSGIRequest(environ={
'wsgi.input': six.StringIO(),
'REQUEST_METHOD': 'POST',
'SERVER_NAME': 'testserver',
'SERVER_PORT': '80',
'CONTENT_TYPE': 'application/octet-stream',
'ACCEPT': 'application/json',
})
})
self.assertEquals(len(self.opbeat.events), 1)
event = self.opbeat.events.pop(0)
self.assertTrue('http' in event)
http = event['http']
self.assertEquals(http['method'], 'POST')
def __call__(self, environ, start_response):
try:
request = WSGIRequest(environ)
except UnicodeDecodeError:
response = http.HttpResponseBadRequest()
else:
response = self.get_response(request)
# Apply response middleware
for middleware_method in self.response_middleware:
response = middleware_method(request, response)
response = self.apply_response_fixes(request, response)
try:
status_text = STATUS_CODE_TEXT[response.status_code]
except KeyError:
status_text = 'UNKNOWN STATUS CODE'
status = '%s %s' % (response.status_code, status_text)
response_headers = [(str(k), str(v)) for k, v in response.items()]
for c in response.cookies.values():
response_headers.append(('Set-Cookie', str(c.output(header=''))))
start_response(status, response_headers)
return response
def handle_http_event(app):
environ = wsgi(json.loads(sys.stdin.read()))
app.load_middleware()
resp = app.get_response(WSGIRequest(environ))
body = ''
if resp.streaming:
for content in resp.streaming_content:
body += content
else:
body = resp.content.decode('utf-8')
headers = {}
for header in resp.items():
headers[header[0]] = header[1]
resp.close()
sys.stdout.write(
json.dumps({
'body': body,
'status_code': resp.status_code,
'headers': headers,
}))
def test_request_kwarg(self):
handler = SentryHandler()
logger = self.logger
logger.handlers = []
logger.addHandler(handler)
logger.error('This is a test error', extra={
'request': WSGIRequest(environ={
'wsgi.input': StringIO(),
'REQUEST_METHOD': 'POST',
'SERVER_NAME': 'testserver',
'SERVER_PORT': '80',
'CONTENT_TYPE': 'application/octet-stream',
'ACCEPT': 'application/json',
})
})
assert len(self.raven.events) == 1
event = self.raven.events.pop(0)
assert 'request' in event
http = event['request']
assert http['method'] == 'POST'
def test_POST_multipart_with_content_length_zero(self):
"""
Multipart POST requests with Content-Length >= 0 are valid and need to
be handled.
"""
# According to:
# https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.13
# Every request.POST with Content-Length >= 0 is a valid request,
# this test ensures that we handle Content-Length == 0.
payload = FakePayload("\r\n".join([
"--boundary",
'Content-Disposition: form-data; name="name"',
"",
"value",
"--boundary--",
]))
request = WSGIRequest({
"REQUEST_METHOD": "POST",
"CONTENT_TYPE": "multipart/form-data; boundary=boundary",
"CONTENT_LENGTH": 0,
"wsgi.input": payload,
})
self.assertEqual(request.POST, {})
def request(self, **request):
"""
Returns a request simliar to one from a browser which wants to upgrade
to a websocket connection.
"""
environ = {
'HTTP_COOKIE': self.cookies,
'PATH_INFO': '/',
'QUERY_STRING': '',
'REQUEST_METHOD': 'GET',
'SCRIPT_NAME': '',
'SERVER_NAME': 'testserver',
'SERVER_PORT': 80,
'SERVER_PROTOCOL': 'HTTP/1.1',
# WebSocket specific headers
'HTTP_CONNECTION': 'Upgrade',
'HTTP_UPGRADE': 'WebSocket',
}
if self.protocol_version == 76:
raise NotImplementedError(u'This version is not yet supported.')
environ.update(self.defaults)
environ.update(request)
return WSGIRequest(environ)
def test_place_save__with_post_method(self):
request = WSGIRequest({
'REQUEST_METHOD': 'POST',
'wsgi.input': StringIO()
})
mock_wsgi_session_context()
WSGIRequest.POST = Mock()
side_effect = [
WIKI_PLACE_LIST[0]['name'],
WIKI_PLACE_LIST[0]['linkUrl'],
WIKI_PLACE_LIST[0]['imageUrl'],
WIKI_PLACE_LIST[0]['extract'],
WIKI_PLACE_LIST[0]['latitude'],
WIKI_PLACE_LIST[0]['longtitude'],
COR_PLACE_DATA_1st['prefecture'],
COR_PLACE_DATA_1st['city'],
]
WSGIRequest.POST.get = MagicMock(side_effect=side_effect)
expect = render(request, 'travel/place_result.html')
result = place_save(request)
self.assertEqual(remove_csrf(result.content.decode('utf-8')),
remove_csrf(expect.content.decode('utf-8')))
def test_body_after_POST_multipart_form_data(self):
"""
Reading body after parsing multipart/form-data is not allowed
"""
# Because multipart is used for large amounts of data i.e. file uploads,
# we don't want the data held in memory twice, and we don't want to
# silence the error by setting body = '' either.
payload = FakePayload("\r\n".join([
"--boundary",
'Content-Disposition: form-data; name="name"',
"",
"value",
"--boundary--",
]))
request = WSGIRequest({
"REQUEST_METHOD": "POST",
"CONTENT_TYPE": "multipart/form-data; boundary=boundary",
"CONTENT_LENGTH": len(payload),
"wsgi.input": payload,
})
self.assertEqual(request.POST, {"name": ["value"]})
with self.assertRaises(RawPostDataException):
request.body
def test_invalid_multipart_content_length(self):
data = 'data'
boundary = 'boundary'
parsed = urlparse('/path/')
environ = self.client._base_environ(**{
'CONTENT_TYPE': 'multipart/form-data; boundary=%s' % boundary,
'CONTENT_LENGTH': -1,
'PATH_INFO': self.client._get_path(parsed),
'QUERY_STRING': parsed[4],
'REQUEST_METHOD': 'POST',
'wsgi.input': FakePayload(data),
})
request = WSGIRequest(environ)
for content_type in self.serializer.content_types.keys():
if not content_type.startswith('multipart/'):
continue
self.assertRaises(
ValueError,
self.serializer.deserialize_request,
request,
request.META['CONTENT_TYPE']
)
def test_post__when_form_is_valid(self, mock_form):
mock_form.return_value.is_valid.return_value = True
mock_form.return_value.save.return_value = AppUser.objects.get(
id=COR_APPUSER_DATA_1st['id'])
def getitem(name):
return COR_APPUSER_DATA_1st['password']
mock_form.return_value.data = MagicMock()
mock_form.return_value.data.__getitem__.side_effect = getitem
suv = SignUpView()
request = WSGIRequest({
'REQUEST_METHOD': 'POST',
'PATH_INFO': 'accounts:signup',
'wsgi.input': StringIO()})
mock_wsgi_session_context()
expect = redirect('travel:place_list')
result = suv.post(request)
self.assertEqual(
remove_csrf(result.content.decode('utf-8')),
remove_csrf(expect.content.decode('utf-8'))
)
def test_django_logging_request_kwarg(django_elasticapm_client):
handler = LoggingHandler()
logger = logging.getLogger(__name__)
logger.handlers = []
logger.addHandler(handler)
logger.error('This is a test error', extra={
'request': WSGIRequest(environ={
'wsgi.input': compat.StringIO(),
'REQUEST_METHOD': 'POST',
'SERVER_NAME': 'testserver',
'SERVER_PORT': '80',
'CONTENT_TYPE': 'application/json',
'ACCEPT': 'application/json',
})
})
assert len(django_elasticapm_client.events) == 1
event = django_elasticapm_client.events.pop(0)['errors'][0]
assert 'request' in event['context']
request = event['context']['request']
assert request['method'] == 'POST'
def test_body_after_POST_multipart_form_data(self):
"""
Reading body after parsing multipart/form-data is not allowed
"""
# Because multipart is used for large amounts of data i.e. file uploads,
# we don't want the data held in memory twice, and we don't want to
# silence the error by setting body = '' either.
payload = FakePayload("\r\n".join([
'--boundary',
'Content-Disposition: form-data; name="name"',
'',
'value',
'--boundary--'
'']))
request = WSGIRequest({
'REQUEST_METHOD': 'POST',
'CONTENT_TYPE': 'multipart/form-data; boundary=boundary',
'CONTENT_LENGTH': len(payload),
'wsgi.input': payload,
})
self.assertEqual(request.POST, {'name': ['value']})
with self.assertRaises(RawPostDataException):
request.body
def test_post_raw_data(django_elasticapm_client):
request = WSGIRequest(environ={
'wsgi.input': compat.BytesIO(compat.b('foobar')),
'wsgi.url_scheme': 'http',
'REQUEST_METHOD': 'POST',
'SERVER_NAME': 'testserver',
'SERVER_PORT': '80',
'CONTENT_TYPE': 'application/json',
'ACCEPT': 'application/json',
'CONTENT_LENGTH': '6',
})
django_elasticapm_client.capture('Message', message='foo', request=request)
assert len(django_elasticapm_client.events) == 1
event = django_elasticapm_client.events.pop(0)['errors'][0]
assert 'request' in event['context']
request = event['context']['request']
assert request['method'] == 'POST'
if django_elasticapm_client.config.capture_body in ('errors', 'all'):
assert request['body'] == compat.b('foobar')
else:
assert request['body'] == '[REDACTED]'
def mark_notification_as_viewed(request: WSGIRequest, profile_id: int,
notification_id: int):
if request.is_ajax():
if auth.get_user(request).is_anonymous:
return JsonResponse({}, status=404)
profile = get_user_profile(request)
if profile.pk != profile_id:
return JsonResponse({}, status=400)
category = request.POST.get('category', '')
if category == 'polls':
notification = NeedPassPoll.objects.filter(id=notification_id)
elif category == 'results':
notification = CreatedPoll.objects.filter(id=notification_id)
elif category == 'invites':
notification = Invitation.objects.filter(id=notification_id)
else:
return JsonResponse({}, status=400)
if notification.first() is None:
return JsonResponse({}, status=400)
notification.update(is_viewed=True)
return JsonResponse({}, status=200)
def create_request_for_email(method='GET'):
"""
Create an HttpRequest object suitable for use in Django email
forms with appropriate hostname and ports. Requires a configured
default Wagtail Site object.
"""
try:
site = Site.objects.get(is_default_site=True)
except Site.DoesNotExist:
raise RuntimeError('no default wagtail site configured')
return WSGIRequest({
'REQUEST_METHOD':
method,
'SERVER_NAME':
site.hostname,
'SERVER_PORT':
site.port,
'wsgi.input':
'',
'wsgi.url_scheme':
'https' if 443 == site.port else 'http',
})
def recv_connect(self, version=None, support=None, session=None):
"""DDP connect handler."""
if self.connection is not None:
self.error(
400,
'Session already established.',
reason='Current session in detail.',
detail=self.connection.connection_id,
)
elif None in (version, support) or version not in self.versions:
self.reply('failed', version=self.versions[0])
elif version not in support:
self.error('Client version/support mismatch.')
else:
this.request = WSGIRequest(self.ws.environ)
this.ws = self
this.send = self.send
this.reply = self.reply
this.error = self.error
from dddp.models import Connection
cur = connection.cursor()
cur.execute('SELECT pg_backend_pid()')
(backend_pid,) = cur.fetchone()
this.version = version
this.support = support
self.connection = Connection.objects.create(
server_addr='%d:%s' % (
backend_pid,
self.ws.handler.socket.getsockname(),
),
remote_addr=self.remote_addr,
version=version,
)
self.pgworker.connections[self.connection.pk] = self
atexit.register(self.on_close, 'Shutting down.')
self.reply('connected', session=self.connection.connection_id)
def make_request(self,
method='GET',
path='/',
data=None,
content_type=None,
**extra):
if data is None:
data = {}
payload = None
content_length = None
if method not in ('DELETE', 'GET', 'HEAD', 'OPTIONS'):
if content_type is None:
content_type = MULTIPART_CONTENT
encoded = self.client._encode_data(data, content_type)
content_length = len(encoded)
payload = FakePayload(encoded)
data = {}
if content_type is None:
content_type = 'text/html; charset=utf-8'
parsed = urlparse(path)
environ = self.client._base_environ(
**{
'CONTENT_TYPE': content_type,
'PATH_INFO': self.client._get_path(parsed),
'QUERY_STRING': urlencode(data, doseq=True) or parsed[4],
'REQUEST_METHOD': method,
})
if payload:
environ['CONTENT_LENGTH'] = content_length
environ['wsgi.input'] = payload
environ.update(extra)
return WSGIRequest(environ)
class DataUploadMaxMemorySizeMultipartPostTests(SimpleTestCase):
def setUp(self):
payload = FakePayload("\r\n".join([
'--boundary', 'Content-Disposition: form-data; name="name"', '',
'value', '--boundary--'
''
]))
self.request = WSGIRequest({
'REQUEST_METHOD': 'POST',
'CONTENT_TYPE': 'multipart/form-data; boundary=boundary',
'CONTENT_LENGTH': len(payload),
'wsgi.input': payload,
})
def test_size_exceeded(self):
with self.settings(DATA_UPLOAD_MAX_MEMORY_SIZE=10):
with self.assertRaisesMessage(RequestDataTooBig,
TOO_MUCH_DATA_MSG):
self.request._load_post_and_files()
def test_size_not_exceeded(self):
with self.settings(DATA_UPLOAD_MAX_MEMORY_SIZE=11):
self.request._load_post_and_files()
def test_no_limit(self):
with self.settings(DATA_UPLOAD_MAX_MEMORY_SIZE=None):
self.request._load_post_and_files()
def test_file_passes(self):
payload = FakePayload("\r\n".join([
'--boundary',
'Content-Disposition: form-data; name="file1"; filename="test.file"',
'', 'value', '--boundary--'
''
]))
request = WSGIRequest({
'REQUEST_METHOD': 'POST',
'CONTENT_TYPE': 'multipart/form-data; boundary=boundary',
'CONTENT_LENGTH': len(payload),
'wsgi.input': payload,
})
with self.settings(DATA_UPLOAD_MAX_MEMORY_SIZE=1):
request._load_post_and_files()
self.assertIn('file1', request.FILES, "Upload file not present")
def test_broken_pipe_errors(self):
"""WSGIServer handles broken pipe errors."""
request = WSGIRequest(self.request_factory.get('/').environ)
client_address = ('192.168.2.0', 8080)
msg = f'- Broken pipe from {client_address}\n'
tests = [
BrokenPipeError,
ConnectionAbortedError,
ConnectionResetError,
]
for exception in tests:
with self.subTest(exception=exception):
try:
server = WSGIServer(('localhost', 0), WSGIRequestHandler)
try:
raise exception()
except Exception:
with captured_stderr() as err:
with self.assertLogs('django.server', 'INFO') as cm:
server.handle_error(request, client_address)
self.assertEqual(err.getvalue(), '')
self.assertEqual(cm.records[0].getMessage(), msg)
finally:
server.server_close()
def parse_headers_and_body_with_mimer(cls, headers, body):
"""Use piston's Mimer functionality to handle the content.
:return: The value of 'request.data' after using Piston's
translate_mime on the input.
"""
# JAM 2012-10-09 Importing emitters has a side effect of registering
# mime type handlers with utils.translate_mime.
from piston3 import emitters
emitters # Imported for side-effects.
from piston3.utils import translate_mime
environ = {"wsgi.input": BytesIO(body.encode("utf8"))}
for name, value in headers.items():
environ[name.upper().replace("-", "_")] = value
environ["REQUEST_METHOD"] = "POST"
environ["SCRIPT_NAME"] = ""
environ["PATH_INFO"] = ""
from django.core.handlers.wsgi import WSGIRequest
request = WSGIRequest(environ)
translate_mime(request)
return request.data
def convert_tornado_request_to_django_request(self) -> HttpRequest:
# This takes the WSGI environment that Tornado received (which
# fully describes the HTTP request that was sent to Tornado)
# and pass it to Django's WSGIRequest to generate a Django
# HttpRequest object with the original Tornado request's HTTP
# headers, parameters, etc.
environ = WSGIContainer.environ(self.request)
environ["PATH_INFO"] = urllib.parse.unquote(environ["PATH_INFO"])
# Django WSGIRequest setup code that should match logic from
# Django's WSGIHandler.__call__ before the call to
# `get_response()`.
set_script_prefix(get_script_name(environ))
signals.request_started.send(sender=self.__class__)
request = WSGIRequest(environ)
# We do the import during runtime to avoid cyclic dependency
from zerver.lib.request import RequestNotes
# Provide a way for application code to access this handler
# given the HttpRequest object.
RequestNotes.get_notes(request).tornado_handler = weakref.ref(self)
return request
