def handle(self, *args, **options):
if len(args) < 1:
self.stderr.write('Please provide a directory containing the files '+
'relative to PROJECT_DIR.')
textbook_dir = os.path.join(settings.PROJECT_DIR, '..', args[0])
listing = os.listdir( textbook_dir )
# Iterate over all of the folders.
for folder in listing:
page_listing = os.listdir( os.path.join(textbook_dir, folder) )
for md in [f for f in page_listing if f.endswith(".md")]:
try:
data = ""
f = open(os.path.join(textbook_dir, folder, md))
data = f.read()
slug = md[:-3]
f.close()
# Now try to make a page Model.
try: page = Page.objects.get(name=slug)
except: page = Page(name=slug)
page.content = data
page.save()
self.stdout.write('Wrote textbook page: %s\n'%md)
except: self.stderr.write('Skipped textbook page: %s\n'%md)
self.stdout.write('Successfully compiled textbook pages\n')
def setUp(self):
from regions.models import Region
from pages.models import Page
from tags.models import Tag, PageTagSet
self.factory = RequestFactory()
# Create a new region and associate a domain with it
self.sf = Region(full_name="San Francisco", slug="sf")
self.sf.save()
self.sf.regionsettings.domain = 'fakename.org'
self.sf.regionsettings.save()
self.user = User.objects.create_user(
username='******', email='*****@*****.**', password='******')
self.user.save()
# Create a page in the SF region
p = Page(name='Parks', content='<p>Hi</p>', region=self.sf)
p.save(user=self.user)
p.content += "!"
p.save(user=self.user)
# Add a tag to the page
t = Tag(name='park', slug='park', region=self.sf)
t.save(user=self.user)
pts = PageTagSet(region=self.sf, page=p)
pts.save(user=self.user)
pts.tags.add(t)
pts.save(user=self.user)
def test_create_url(self):
p = Page()
p.save()
u = URL(TEST_URL)
u.add_content(p)
self.assertTrue(p.content_ptr in u.get_content(),
"URL does not point to correct content.")
def test_html_safety(self):
"""
Check that we're handling HTML in a safe way
"""
html = markup_to_html('<p>Foo</em>', 'html')
self.assertEqual(html, '<p>Foo</p>')
html = markup_to_html('Foo<script>alert()</script>', 'html')
self.assertEqual(html, 'Fooalert()')
# some junky MSWord-like markup
html = markup_to_html('Foo<p class="home"><Span style="font-size: 500%">bar</Span></P>', 'html', restricted=True)
self.assertEqual(html, 'Foo<p>bar</p>')
html = markup_to_html('A <p> </p><table cellpadding="10"><tr><td colspan=4>B</td></tr></table>',
'html', restricted=True)
self.assertEqual(html, 'A <p> </p>B')
# unsafe if we ask for it
html = markup_to_html('Foo<script>alert()</script>', 'html', html_already_safe=True)
self.assertEqual(html, 'Foo<script>alert()</script>')
# PageVersions should be saved only with safe HTML
offering = CourseOffering.objects.get(slug=TEST_COURSE_SLUG)
memb = Member.objects.get(offering=offering, person__userid="ggbaker")
p = Page(offering=offering, label="Test")
p.save()
v1 = PageVersion(page=p, title="T1", wikitext='<em>Some</em> <script>HTML</script>', editor=memb)
v1.set_markup('html')
v1.save()
self.assertEqual(v1.wikitext, '<em>Some</em> HTML')
def add_page(request, page='main'):
if request.POST:
title = request.POST['title']
text = request.POST['text']
if request.POST.has_key('slug'):
if request.POST['slug']:
slug = slugfy(request.POST['slug'])
else:
slug = slugfy(title)
else:
slug = slugfy(title)
if Page.objects.filter(slug=slug):
error = 'Страница с таким URL уже существует. Пожалуйста назовите материал иначе (Допишите категорию, например: "Фильм2012", Фильм1984", "Книга", "Мьюзикл", "Пресс-релиз")'
return render_to_response('cre.html', {'error':error,
'title':title,
'text':text,
'slug':slug###########№№
}, context_instance = RequestContext(request))
new_page = Page(title = title,
text = text,
slug=slug)
new_page.save()
if page == 'main':
return redirect(new_page)
else:
p = get_object_or_404(Page, slug=page)
a = Relations(child=new_page, page=p)
a.save()
return redirect(new_page)#redirect(new_page)
else:
context={}
if request.GET.has_key('ntitle'):
context = {'title':request.GET['ntitle']}
return render_to_response('cre.html', context, context_instance = RequestContext(request))
def test_translation_of_translation(self):
p = Page()
p.save()
ptrans1 = p.translation.translate_to(TEST_LANGUAGE_CODE)
ptrans2 = ptrans1.translation.translate_to(TEST_LANGUAGE_CODE2)
self.assertTrue(ptrans1 in ptrans2.translation_sources.all(),
"Translation source not found in sources.")
def process(self):
self.log("Starting to process key: " + self.key)
data = self._getData()
page = self._getExistingPage()
if not page:
self.log("Page has not been seen before, creating new one.")
page = Page()
page.date_published = self._getPublishedDate()
page.key = ndb.Key("Page", self.subkey)
page.slug = data.get('slug', self.slug)
page.published = True
else:
self.log("Page has been seen before, updating existing one.")
# As a precaution, if the page has a status that is draft, ignore it.
if data.get('status'):
if data['status'] == "draft":
self.log("Caught page in Draft mode, ending processing.")
return
page.title = data['title']
page.body = self._renderBody(data.content)
page.frontmatter = data.to_dict()
self._inflateStatic(data.content)
page.put()
return page.body
def test_new_translation_is_anchored_to_source(self):
p = Page()
p.save()
ptrans = p.translation.translate_to(TEST_LANGUAGE_CODE)
anchor = ptrans.translation.anchor
self.assertEqual(anchor.content, p.content_ptr,
"Translation is not anchored to the source.")
def test_api(self):
crs = CourseOffering.objects.get(slug=TEST_COURSE_SLUG)
memb = Member.objects.get(offering=crs, person__userid="ggbaker")
person = Person.objects.get(userid='ggbaker')
p = Page(offering=crs, label="PageExists")
p.save()
v = PageVersion(page=p, title="Page Exists", wikitext="Original Contents", editor=memb, comment="original page")
v.save()
from dashboard.models import new_feed_token
token = new_feed_token()
updata = u"""{
"userid": "ggbaker",
"token": "%s",
"pages": [
{
"label": "Index",
"title": "The Coursé Page",
"can_read": "ALL",
"can_write": "INST",
"wikitext-base64": "VGhpcyBwYWdlIGlzIHNwZWNpYWwgaW4gKipzb21lKiogd2F5LiBcKHh+XjIrMSA9IFxmcmFjezF9ezJ9XCkuCgpHb29kYnllIHdvcmxkIQ==",
"comment": "page creation comment",
"use_math": true
},
{
"label": "PageExists",
"new_label": "PageChanged",
"title": "Another Page",
"can_read": "STUD",
"wikitext": "This is some **new** page\\n\\ncontent."
}
]
}""" % (token)
# make a request with no auth token in place
c = Client()
url = reverse('pages.views.api_import', kwargs={'course_slug': crs.slug})
response = c.post(url, data=updata.encode('utf8'), content_type="application/json")
self.assertEquals(response.status_code, 403)
# create token and try again
person.config['pages-token'] = token
person.save()
response = c.post(url, data=updata.encode('utf8'), content_type="application/json")
self.assertEquals(response.status_code, 200)
# make sure the data arrived
self.assertEquals(Page.objects.filter(offering=crs, label="PageExists").count(), 0)
p = Page.objects.get(offering=crs, label="PageChanged")
v = p.current_version()
self.assertEqual(v.title, "Another Page")
self.assertEqual(v.get_wikitext(), "This is some **new** page\n\ncontent.")
p = Page.objects.get(offering=crs, label="Index")
v = p.current_version()
self.assertEqual(v.title, u"The Cours\u00e9 Page")
self.assertEqual(v.get_wikitext(), 'This page is special in **some** way. \\(x~^2+1 = \\frac{1}{2}\\).\n\nGoodbye world!')
self.assert_('math' in v.config)
self.assertEqual(v.config['math'], True)
def test_lookup_by_uuid(self):
p = Page()
p.save()
u = UUID(p)
found = UUID.objects.get(uuid=u.uuid)
self.assertEqual(found.content, p.content_ptr,
"Unable to find correct content by UUID.")
def test_merge_conflict(self):
p = Page()
p.content = '<p>old content</p>'
p.name = 'Front Page'
p.save()
a = PageForm(instance=p)
b = PageForm(instance=p)
b_post = b.initial
b_post['content'] = '<p>b content</p>'
b = PageForm(b_post, instance=p)
self.failUnless(b.is_valid())
b.save()
p = Page.objects.get(pk=p.pk)
a_post = a.initial
a_post['content'] = '<p>a content</p>'
a = PageForm(a_post, instance=p)
self.failIf(a.is_valid())
self.failUnless(PageForm.conflict_error in str(a.errors))
a_post = a.data
a = PageForm(a_post, instance=p)
self.failUnless(a.is_valid())
a.save()
p = Page.objects.get(pk=p.pk)
self.failUnless('Edit conflict!' in p.content)
def _get_creole(self):
"Get a Creole class for some PageVersion for generic testing"
crs = CourseOffering.objects.get(slug=TEST_COURSE_SLUG)
p = Page(offering=crs, label="Foo")
p.save()
pv = PageVersion(page=p)
return ParserFor(crs, pv)
def test_redirect(self):
"""
Redirecting with redirect stub
"""
crs = CourseOffering.objects.get(slug=TEST_COURSE_SLUG)
memb = Member.objects.get(offering=crs, person__userid="ggbaker")
p = Page(offering=crs, label="Test")
p.save()
v = PageVersion(page=p, title="Test Page", wikitext="one +two+ three +four+", editor=memb)
v.save()
c = Client()
# normal pages still viewable
url = reverse('offering:pages:view_page', kwargs={'course_slug': crs.slug, 'page_label': 'Test'})
response = c.get(url)
self.assertEqual(response.status_code, 200)
v = PageVersion(page=p, redirect='NewLocation', editor=memb)
v.save()
response = c.get(url)
self.assertEqual(response.status_code, 301)
redir_url = reverse('offering:pages:view_page', kwargs={'course_slug': crs.slug, 'page_label': 'NewLocation'})
self.assertTrue(response['location'].endswith(redir_url))
def test_new_content_creates_new_anchor(self):
pre_count = len(Anchor.objects.all())
p = Page()
p.save()
post_count = len(Anchor.objects.all())
self.assertTrue(pre_count < post_count,
"Anchor not automatically created for new content.")
def test_fix_tags(self):
"""
Test the `fix_tags` utility function.
"""
from pages.models import Page
from tags.tag_utils import fix_tags
#########################
# Create some test regions
#########################
sf = Region(full_name="San Francisco Test", slug='sftest')
sf.save()
mission = Region(full_name="Mission", slug="mission")
mission.save()
#########################
# Create some test tags
#########################
park = Tag(name='park', region=sf)
park.save()
fun = Tag(name='fun', region=sf)
fun.save()
#########################
# Add the tags to a test page
#########################
page = Page(name="Duboce Park", content="<p>Park.</p>", region=sf)
page.save()
pts = PageTagSet(
page=page,
region=sf
)
pts.save()
pts.tags.add(park)
pts.tags.add(fun)
pts.save()
# Now do something odd and make one of the referenced `Tag`s point
# to a different region than the PageTagSet.
fun.region = mission
fun.save()
self.assertTrue(pts.tags.filter(region=mission).exists())
# Then attempt a fix:
fix_tags(sf, PageTagSet.objects.filter(id=pts.id))
pts = PageTagSet.objects.get(page=page, region=sf)
self.assertFalse(pts.tags.filter(region=mission).exists())
# Check that this is fixed in historical versions as well
for pts_h in pts.versions.all():
self.assertFalse(pts_h.tags.filter(region=mission).exists())
def test_lookup_by_url(self):
p = Page()
p.save()
u = URL(TEST_URL)
u.add_content(p)
found = URL.objects.get(url=TEST_URL)
self.assertTrue(p.content_ptr in found.get_content(),
"Unable to find correct content by URL.")
def get_object(self):
page = Page(slug=slugify(self.kwargs["slug"])) # A dummy page object.
latest_page = page.history.most_recent()
# Need to set the pk on the dummy page for correct MapData lookup.
page.pk = latest_page.id
page.name = latest_page.name
return MapData(page=page)
def submit_changes(request, title):
try:
page = Page.objects.get(title=title)
page.change(request.POST['text-field'])
except:
page = Page(title=title, article=request.POST['text-field'])
page.save()
return HttpResponseRedirect('/wiki/' + title)
def home(request):
c = get_common_context(request)
c['request_url'] = 'home'
c['recent_news'] = Article.get_list(c['lang'])[:6]
c['recent_photos'] = Photo.objects.all()[:3]
c['home_top'] = Page.get('home_top', c['lang'])['content']
c['home_history'] = Page.get('home_history', c['lang'])['content']
return render_to_response('home.html', c, context_instance=RequestContext(request))
def test_translation_of_translation(self):
p = Page()
p.save()
ptrans1 = p.translation.translate_to(TEST_LANGUAGE_CODE)
ptrans2 = ptrans1.translation.translate_to(TEST_LANGUAGE_CODE2)
self.assertEqual(ptrans2.translation.anchor.content, p.content_ptr,
"Translation of a translation is not anchored to "
"original lanugage source.")
def test_multiple_translation_lookup_via_anchor(self):
p = Page()
p.save()
ptrans1 = p.translation.translate_to(TEST_LANGUAGE_CODE)
ptrans2 = p.translation.translate_to(TEST_LANGUAGE_CODE2)
lookup = Anchor.objects.get(content=p)
self.assertEqual(len(lookup), 3,
"Multiple translation lookup via anchor failed.")
def test_multiple_translation_lookup_via_anchor(self):
if not TEST_REVISION_INTERACTIONS: return
p = Page()
p.save()
ptrans1 = p.translation.translate_to(TEST_LANGUAGE_CODE)
ptrans_rev2 = ptrans.revision.revise()
lookup = Anchor.objects.get(content=p)
self.assertEqual(len(lookup), 3,
"Translation lookup with revisions via anchor failed.")
def home_page(request):
c = {}
c.update(csrf(request))
c['res'] = Page.get_page_by_slug('res')
c['how'] = Page.get_page_by_slug('how')
c['plus'] = Page.get_page_by_slug('plus')
c['svp'] = Page.get_page_by_slug('svp')
c['derm'] = Page.get_page_by_slug('derm')
return render_to_response('home.html', c, context_instance=RequestContext(request))
def test_create_translation_available(self):
p = Page()
p.save()
ptrans = p.translation.translate_to(TEST_LANGUAGE_CODE)
self.assertTrue(ptrans in p.translations_available.all(),
"New translation not available from source.")
lookup_by_code = p.translations_available.get(language_code=TEST_LANGUAGE_CODE)
self.assertEqual(lookup_by_code, ptrans,
"New translation not found by language code lookup.")
def get_queryset(self):
page = Page(slug=slugify(self.kwargs['slug'])) # A dummy page object.
latest_page = page.versions.most_recent()
# Need to set the pk on the dummy page for correct MapData lookup.
page.pk = latest_page.id
page.name = latest_page.name
self.mapdata = MapData(page=page)
return self.mapdata.versions.all()
def new_page(self, content={"title": "test-page"}, language="en-us"):
author = User.objects.all()[0]
page = Page(author=author, status=Page.PUBLISHED, template="pages/examples/index.html")
page.save()
# necessary to clear old URL cache
page.invalidate()
for key, value in content.items():
Content(page=page, language="en-us", type=key, body=value).save()
return page
def home_page(request):
c = get_common_context(request)
c['request_url'] = 'home'
c['articles'] = Article.get_recent(10)
c['home_who'] = Page.get_page_by_slug('home_who')['content']
c['home_where'] = Page.get_page_by_slug('home_where')['content']
c['home_from'] = Page.get_page_by_slug('home_from')['content']
c['home_reason'] = Page.get_page_by_slug('home_reason')['content']
return render_to_response('home.html', c, context_instance=RequestContext(request))
def get_object(self):
region = self.get_region()
# A dummy page object.
page = Page(slug=slugify(self.kwargs['slug']), region=region)
latest_page = page.versions.most_recent()
# Need to set the pk on the dummy page for correct MapData lookup.
page.pk = latest_page.id
page.name = latest_page.name
return MapData(page=page, region=region)
def test_translation_out_of_date(self):
if not TEST_REVISION_INTERACTIONS: return
p = Page()
p.save()
ptrans = p.translation.translate_to(TEST_LANGUAGE_CODE)
prev2 = p.revision.revise()
prev2.save()
self.assertTrue(prev2 in ptrans.translation.sources_updated(),
"New revision of original source not listed in "
"updated sources of out-of-date translation.")
class RedirectAPITests(APITestCase):
def setUp(self):
super(RedirectAPITests, self).setUp()
# Create the edit user and add it to the authenticated group
self.edit_user = User(
username="******", email="*****@*****.**", password="******")
self.edit_user.save()
all_group, created = Group.objects.get_or_create(name=settings.USERS_DEFAULT_GROUP)
self.edit_user.groups.add(all_group)
self.edit_user.save()
self.edit_user_2 = User(
username="******", email="*****@*****.**", password="******")
self.edit_user_2.save()
all_group, created = Group.objects.get_or_create(name=settings.USERS_DEFAULT_GROUP)
self.edit_user_2.groups.add(all_group)
self.edit_user_2.save()
self.sf = Region(full_name="San Francisco", slug="sf")
self.sf.save()
self.oak = Region(full_name="Oakland", slug="oak")
self.oak.save()
self.dolores_park = Page(name="Dolores Park", content="<p>Hi</p>", region=self.sf)
self.dolores_park.save()
self.duboce_park = Page(name="Duboce Park", content="<p>Hi</p>", region=self.sf)
self.duboce_park.save()
self.mission_dolores_park = Redirect(
source="mission dolores park",
destination=self.dolores_park,
region=self.sf
)
self.mission_dolores_park.save()
self.dog_park = Redirect(
source="dog park",
destination=self.duboce_park,
region=self.sf
)
self.dog_park.save()
def test_redirect_list(self):
response = self.client.get('%s/redirects/' % self.API_ROOT)
jresp = json.loads(response.content)
self.assertEqual(len(jresp['results']), 2)
def test_redirect_simple_post(self):
self.client.force_authenticate(user=self.edit_user)
data = {'source': 'redirect from pg', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.dolores_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
resp = self.client.post('%s/redirects/' % self.API_ROOT, data, format='json')
jresp = json.loads(resp.content)
self.assertEqual(resp.status_code, status.HTTP_201_CREATED)
self.assertEqual(jresp['source'], 'redirect from pg')
def test_redirect_destination_noexist(self):
self.client.force_authenticate(user=self.edit_user)
data = {'source': 'redirect from pg', 'destination': 'http://testserver%s/pages/3585484585/' % self.API_ROOT, 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
resp = self.client.post('%s/redirects/' % self.API_ROOT, data, format='json')
self.assertEqual(resp.status_code, status.HTTP_400_BAD_REQUEST)
def test_destination_chained_filter(self):
response = self.client.get('%s/redirects/?destination__slug__icontains=dolores' % self.API_ROOT)
jresp = json.loads(response.content)
self.assertEqual(len(jresp['results']), 1)
def test_redirect_permissions(self):
self.client.force_authenticate(user=self.edit_user)
# We want to tie the redirect permissions should be tied to the
# Redirect object -and- the Page object that's associated with the
# redirect. This is so that if, for instance, Page(name="Front Page")
# is only editable by a certain group, creating a Redirect from
# "Front Page" to somewhere is similarly protected.
#####################################################################################
# 1. Redirect already exists, redirects.change_redirect / redirects.delete_redirect
# should be checked.
#####################################################################################
# Make it so only edit_user_2 can edit the Mission Dolores Park redirect
assign_perm('change_redirect', self.edit_user_2, self.mission_dolores_park)
# Now try and update the "Mission Dolores Park" redirect as edit_user
data = {'source': 'mission dolores park', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.duboce_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
resp = self.client.put('%s/redirects/%s/' % (self.API_ROOT, self.mission_dolores_park.id), data, format='json')
self.assertIn(resp.status_code, [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])
# Now remove the permission and it should work
remove_perm('change_redirect', self.edit_user_2, self.mission_dolores_park)
data = {'source': 'mission dolores park', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.duboce_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
resp = self.client.put('%s/redirects/%s/' % (self.API_ROOT, self.mission_dolores_park.id), data, format='json')
self.assertEqual(resp.status_code, status.HTTP_200_OK)
#####################################################################################
# 2. Redirect doesn't exist yet but a `source` page does.
# pages.change_page should be checked.
#####################################################################################
# Let's create a page
p = Page(
name="Oasis",
content="<p>Blah</p>",
region=self.sf
)
p.save()
# and then set permissions to restrict it from being edited by `edit_user`
assign_perm('change_page', self.edit_user_2, p)
# now let's try and create a redirect from "oasis" to "duboce park" as `edit_user`:
data = {'source': 'oasis', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.duboce_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
resp = self.client.post('%s/redirects/' % self.API_ROOT, data, format='json')
self.assertIn(resp.status_code, [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])
# Now remove the permission and it should work
remove_perm('change_page', self.edit_user_2, p)
data = {'source': 'oasis', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.duboce_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
resp = self.client.post('%s/redirects/' % self.API_ROOT, data, format='json')
self.assertEqual(resp.status_code, status.HTTP_201_CREATED)
#####################################################################################
## Let's also test to see that a general 'ban' of a user restricts redirect creation
#####################################################################################
# First, ban from the region
banned, created = BannedFromRegion.objects.get_or_create(region=self.sf)
banned.users.add(self.edit_user)
data = {'source': 'mission dolores park', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.dolores_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
resp = self.client.put('%s/redirects/%s/' % (self.API_ROOT, self.mission_dolores_park.id), data, format='json')
self.assertIn(resp.status_code, [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])
# Now remove the ban and it should work
banned.users.remove(self.edit_user)
data = {'source': 'mission dolores park', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.dolores_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
resp = self.client.put('%s/redirects/%s/' % (self.API_ROOT, self.mission_dolores_park.id), data, format='json')
self.assertEqual(resp.status_code, status.HTTP_200_OK)
# Now, let's try a global ban using the banned group
banned = Group.objects.get(name=settings.USERS_BANNED_GROUP)
self.edit_user.groups.add(banned)
data = {'source': 'mission dolores park', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.duboce_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
resp = self.client.put('%s/redirects/%s/' % (self.API_ROOT, self.mission_dolores_park.id), data, format='json')
self.assertIn(resp.status_code, [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])
## Now remove the ban and it should work
self.edit_user.groups.remove(banned)
data = {'source': 'mission dolores park', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.duboce_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
resp = self.client.put('%s/redirects/%s/' % (self.API_ROOT, self.mission_dolores_park.id), data, format='json')
self.assertEqual(resp.status_code, status.HTTP_200_OK)
def commit_items(self, response_dict):
"""
Accepts a dict like this:
{"items":[{"id":18697,"siteId":8162,"roleId":-1,"name":"Annual Report 2007 ...}],"totalItemsCount":1010,"skip":0,"limit":10}
:param response_dict: dict of items
:return:
"""
for item in response_dict['items']:
try:
p = Page.objects.get(page_id=item.get('id'))
except Page.DoesNotExist:
p = Page()
exp_date = item.get('expiryDate')
exp_date = datetime.datetime.strptime(
exp_date.split('T')[0], '%Y-%m-%d')
p.name = item.get('name')
p.url = item.get('pageUrl')
p.enabled = item.get('enabled')
p.expires = exp_date
p.page_id = item.get('id')
p.content = item.get('content')
p.title = item.get('title')
p.template_id = item.get('templateId')
p.seo_description = item.get('seoMetadataDescription')
p.save()
def extra_context(self):
context = super(WithMapSearchView, self).extra_context()
context['query_slug'] = Page(name=self.query).pretty_slug
context['keywords'] = self.query.split()
context['map'] = self.get_map()
return context
def page(self, obj):
from pages.models import Page
return Page(slug=obj.source, name=obj.source.capitalize())
def is_exploitable(self, exploit):
p = Page(name='XSS Test', content=exploit)
p.clean_fields()
t = Template(html_to_template_text(p.content))
html = t.render(Context())
return self.contains_script(html)
def test_get(self):
page = Page(title="how to get 10 pikachu onto a train",
slug="pikachu",
body="poke 'em on")
self.assertEqual(str(page), "how to get 10 pikachu onto a train")
def get_page(self, request):
try:
page = Page.objects.get(path=request.path[1:-1])
except Page.DoesNotExist:
page = Page()
return page
page = page[0]
return format_html('<li style="float:right"><a href="/blog/archives/{0}">{1} »</a></li>',
page.link, page.title)
except Exception , e:
print e
pass
elif page_type == 'blog':
try :
if pagenum == 0 :
return ""
pagenum = int(pagenum) -1
page = Page.query().filter(
ndb.AND(Page.draft == False, Page.blog == True, Page.timestamp > int(timestamp))
).order(Page.timestamp).fetch(1)
page = page[0]
#print page
format_html('<li style="float:right"><a href="/blog/{0}">Newer entries »</a></li>',
"page/{0}/".format(pagenum if pagenum > 1 else "" )
)
except Exception , e:
tb = traceback.format_exc()
print tb
return ""
@register.simple_tag(takes_context = True)
def prev_link(context, page_type, timestamp = 0, pagenum = None):
def create_and_update_from_json_data(d, user):
"""
Create or update page based on python dict d loaded from JSON data.
This applies all data except for redirect_to, which is done in a
second pass after all pages have been imported,
user is the User instance that will be used if the author can't
be found in the DB.
returns (page object, created, messages).
created is True if this was a new page or False if an existing page
was updated.
messages is a list of strings warnings/messages about this import
"""
page = None
parent = None
parent_required = True
created = False
messages = []
page_languages = set(lang[0] for lang in settings.PAGE_LANGUAGES)
for lang, s in list(d['complete_slug'].items()):
if lang not in page_languages:
messages.append(_("Language '%s' not imported") % (lang,))
continue
page = Page.objects.from_path(s, lang, exclude_drafts=False)
if page and page.get_complete_slug(lang) == s:
break
if parent_required and parent is None:
if '/' in s:
parent = Page.objects.from_path(s.rsplit('/', 1)[0], lang,
exclude_drafts=False)
else:
parent_required = False
else:
# can't find an existing match, need to create a new Page
page = Page(parent=parent)
created = True
user_model = get_user_model()
def custom_get_user_by_email(email):
"""
Simplified version
"""
return user_model.objects.get(email=email)
try:
page.author = custom_get_user_by_email(d['author_email'])
except (user_model.DoesNotExist, user_model.MultipleObjectsReturned):
page.author = user
messages.append(_("Original author '%s' not found")
% (d['author_email'],))
page.creation_date = datetime.strptime(d['creation_date'],
ISODATE_FORMAT)
page.publication_date = datetime.strptime(d['publication_date'],
ISODATE_FORMAT) if d['publication_date'] else None
page.publication_end_date = datetime.strptime(d['publication_end_date'],
ISODATE_FORMAT) if d['publication_end_date'] else None
page.last_modification_date = datetime.strptime(
d['last_modification_date'], ISODATE_FORMAT)
page.status = {
'published': Page.PUBLISHED,
'hidden': Page.HIDDEN,
'draft': Page.DRAFT,
}[d['status']]
page.template = d['template']
page.redirect_to_url = d['redirect_to_url']
page.save()
# Add tags
if settings.PAGE_TAGGING:
from taggit.models import Tag
tags = d.get('tags', [])
page.tags.clear()
if tags:
for tag in tags:
Tag.objects.get_or_create(name=tag)
page.tags.add(tag)
page.save()
if settings.PAGE_USE_SITE_ID:
if d['sites']:
for site in d['sites']:
try:
page.sites.add(Site.objects.get(domain=site))
except Site.DoesNotExist:
messages.append(_("Could not add site '%s' to page")
% (site,))
if not settings.PAGE_HIDE_SITES and not page.sites.count():
# need at least one site
page.sites.add(Site.objects.get(pk=global_settings.SITE_ID))
def create_content(lang, ctype, body):
Content.objects.create_content_if_changed(page, lang, ctype, body)
for lang in d['content_language_updated_order']:
if lang not in page_languages:
continue
create_content(lang, 'slug',
d['complete_slug'][lang].rsplit('/', 1)[-1])
create_content(lang, 'title', d['title'][lang])
for ctype, langs_bodies in list(d['content'].items()):
create_content(lang, ctype, langs_bodies[lang])
return page, created, messages
def setUp(self):
super(MapAPITests, self).setUp()
# Create the edit user and add it to the authenticated group
self.edit_user = User(username="******",
email="*****@*****.**",
password="******")
self.edit_user.save()
all_group, created = Group.objects.get_or_create(
name=settings.USERS_DEFAULT_GROUP)
self.edit_user.groups.add(all_group)
self.edit_user.save()
self.edit_user_2 = User(username="******",
email="*****@*****.**",
password="******")
self.edit_user_2.save()
all_group, created = Group.objects.get_or_create(
name=settings.USERS_DEFAULT_GROUP)
self.edit_user_2.groups.add(all_group)
self.edit_user_2.save()
self.sf = Region(full_name="San Francisco", slug="sf")
self.sf.save()
self.oak = Region(full_name="Oakland", slug="oak")
self.oak.save()
self.golden_gate_park = Page(name="Golden Gate Park",
content="<p>Hi</p>",
region=self.sf)
self.golden_gate_park.save()
self.dolores_park = Page(name="Dolores Park",
content="<p>Hi</p>",
region=self.sf)
self.dolores_park.save()
self.duboce_park = Page(name="Duboce Park",
content="<p>Hi</p>",
region=self.sf)
self.duboce_park.save()
self.dolores_park_map = MapData(page=self.dolores_park, region=self.sf)
self.dolores_park_map.geom = GEOSGeometry("""
{ "type": "GeometryCollection", "geometries": [
{
"type": "Polygon",
"coordinates": [
[
[
-122.42835760116576,
37.76128348360843
],
[
-122.42799282073973,
37.75812815505155
],
[
-122.42591142654419,
37.758297799795336
],
[
-122.42627620697021,
37.761402229904654
],
[
-122.42835760116576,
37.76128348360843
]
]
]
}]
}""")
self.dolores_park_map.save()
self.duboce_park_map = MapData(page=self.duboce_park, region=self.sf)
self.duboce_park_map.geom = GEOSGeometry("""
{ "type": "GeometryCollection", "geometries": [
{
"type": "Polygon",
"coordinates": [
[
[
-122.43505239486696,
37.770443352285376
],
[
-122.43490219116211,
37.76917121614543
],
[
-122.431640625,
37.769408683219545
],
[
-122.43179082870485,
37.76991753866766
],
[
-122.43460178375243,
37.769713996908635
],
[
-122.43505239486696,
37.770443352285376
]
]
]
}
]
}
""")
self.duboce_park_map.save()
def test_date_ordering(self):
"""Test page date ordering feature."""
self.set_setting("PAGE_USE_SITE_ID", False)
author = get_user_model().objects.all()[0]
yesterday = get_now() - datetime.timedelta(days=1)
now = get_now()
p1 = Page(author=author, status=Page.PUBLISHED, publication_date=now)
p1.save()
p2 = Page(author=author, publication_date=now, status=Page.PUBLISHED)
p2.save()
p3 = Page(author=author,
publication_date=yesterday,
status=Page.PUBLISHED)
p3.save()
p2.move_to(p1, position='first-child')
p3.move_to(p1, position='first-child')
p1 = Page.objects.get(pk=p1.id)
p2 = Page.objects.get(pk=p2.id)
p3 = Page.objects.get(pk=p3.id)
self.assertEqual([p.id for p in p1.get_children_for_frontend()],
[p3.id, p2.id])
self.assertEqual(
[p.id for p in p1.get_date_ordered_children_for_frontend()],
[p2.id, p3.id])
os.environ['DJANGO_SETTINGS_MODULE'] = 'settings'
from django.db.models.loading import cache as model_cache
if not model_cache.loaded:
model_cache.get_models()
from django.http import HttpResponse
from django.template.loader import get_template
from django.template import Context, Template
from django.shortcuts import render,RequestContext
from django.http import HttpResponse
from pages.models import Page,Categorie_Page,Template
from moteur.models import Film
from scripts_django.tools import recursif_template
import settings
b = Page(Nom="ImageActeur_Modele")
b.save()
b = Page(Nom="Acteur_Modele")
b.save()
b = Page(Nom="ImageFilm_Modele")
b.save()
b = Page(Nom="Film_Modele")
b.save()
b = Page(Nom="ImageVente_Modele")
b.save()
b = Page(Nom="Pack_Modele")
b.save()
b = Page(Nom="ImageVideo_Modele")
b.save()
b = Page(Nom="Pack_Modele")
b.save()
class MapAPITests(APITestCase):
def setUp(self):
super(MapAPITests, self).setUp()
# Create the edit user and add it to the authenticated group
self.edit_user = User(username="******",
email="*****@*****.**",
password="******")
self.edit_user.save()
all_group, created = Group.objects.get_or_create(
name=settings.USERS_DEFAULT_GROUP)
self.edit_user.groups.add(all_group)
self.edit_user.save()
self.edit_user_2 = User(username="******",
email="*****@*****.**",
password="******")
self.edit_user_2.save()
all_group, created = Group.objects.get_or_create(
name=settings.USERS_DEFAULT_GROUP)
self.edit_user_2.groups.add(all_group)
self.edit_user_2.save()
self.sf = Region(full_name="San Francisco", slug="sf")
self.sf.save()
self.oak = Region(full_name="Oakland", slug="oak")
self.oak.save()
self.golden_gate_park = Page(name="Golden Gate Park",
content="<p>Hi</p>",
region=self.sf)
self.golden_gate_park.save()
self.dolores_park = Page(name="Dolores Park",
content="<p>Hi</p>",
region=self.sf)
self.dolores_park.save()
self.duboce_park = Page(name="Duboce Park",
content="<p>Hi</p>",
region=self.sf)
self.duboce_park.save()
self.dolores_park_map = MapData(page=self.dolores_park, region=self.sf)
self.dolores_park_map.geom = GEOSGeometry("""
{ "type": "GeometryCollection", "geometries": [
{
"type": "Polygon",
"coordinates": [
[
[
-122.42835760116576,
37.76128348360843
],
[
-122.42799282073973,
37.75812815505155
],
[
-122.42591142654419,
37.758297799795336
],
[
-122.42627620697021,
37.761402229904654
],
[
-122.42835760116576,
37.76128348360843
]
]
]
}]
}""")
self.dolores_park_map.save()
self.duboce_park_map = MapData(page=self.duboce_park, region=self.sf)
self.duboce_park_map.geom = GEOSGeometry("""
{ "type": "GeometryCollection", "geometries": [
{
"type": "Polygon",
"coordinates": [
[
[
-122.43505239486696,
37.770443352285376
],
[
-122.43490219116211,
37.76917121614543
],
[
-122.431640625,
37.769408683219545
],
[
-122.43179082870485,
37.76991753866766
],
[
-122.43460178375243,
37.769713996908635
],
[
-122.43505239486696,
37.770443352285376
]
]
]
}
]
}
""")
self.duboce_park_map.save()
def test_map_list(self):
response = self.client.get('%s/maps/' % self.API_ROOT)
jresp = json.loads(response.content)
self.assertEqual(len(jresp['results']), 2)
def test_map_simple_post(self):
self.client.force_authenticate(user=self.edit_user)
geojson = """
{ "type": "GeometryCollection", "geometries": [
{
"type": "Polygon",
"coordinates": [
[
[
-122.42835760116576,
37.76128348360843
],
[
-122.42799282073973,
37.75812815505155
],
[
-122.42591142654419,
37.758297799795336
],
[
-122.42627620697021,
37.761402229904654
],
[
-122.42835760116576,
37.76128348360843
]
]
]
}]
}"""
data = {
'page':
'http://testserver%s/pages/%s/' %
(self.API_ROOT, self.golden_gate_park.id),
'geom':
geojson,
'region':
'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
}
resp = self.client.post('%s/maps/' % self.API_ROOT,
data,
format='json')
self.assertEqual(resp.status_code, status.HTTP_201_CREATED)
def test_page_chained_filter(self):
response = self.client.get('%s/maps/?page__slug__icontains=dolores' %
self.API_ROOT)
jresp = json.loads(response.content)
self.assertEqual(len(jresp['results']), 1)
def test_geo_filter(self):
response = self.client.get(
'%s/maps/?polys__contains={ "type": "Point", "coordinates": [ -122.42724180221558, 37.75988395932576 ] }'
% self.API_ROOT)
jresp = json.loads(response.content)
self.assertEqual(len(jresp['results']), 1)
def test_map_permissions(self):
self.client.force_authenticate(user=self.edit_user)
# Make it so only edit_user_2 can edit the Dolores Park page
assign_perm('change_page', self.edit_user_2, self.dolores_park)
# Now try and update the "dolores park" map as edit_user
geojson = """
{ "type": "GeometryCollection", "geometries": [
{
"type": "Polygon",
"coordinates": [
[
[
-122.42835760116576,
37.76128348360843
],
[
-122.42799282073973,
37.75812815505155
],
[
-122.42591142654419,
37.758297799795336
],
[
-122.42627620697021,
37.761402229904654
],
[
-122.42835760116576,
37.76128348360843
]
]
]
}]
}"""
data = {
'page':
'http://testserver%s/pages/%s/' %
(self.API_ROOT, self.dolores_park.id),
'geom':
geojson,
'region':
'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
}
resp = self.client.put('%s/maps/%s/' %
(self.API_ROOT, self.dolores_park_map.id),
data,
format='json')
self.assertIn(
resp.status_code,
[status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])
# Now remove the permission and it should work
remove_perm('change_page', self.edit_user_2, self.dolores_park)
data = {
'page':
'http://testserver%s/pages/%s/' %
(self.API_ROOT, self.dolores_park.id),
'geom':
geojson,
'region':
'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
}
resp = self.client.put('%s/maps/%s/' %
(self.API_ROOT, self.dolores_park_map.id),
data,
format='json')
self.assertEqual(resp.status_code, status.HTTP_200_OK)
##################################################################################
# Let's also test a normal POST to a protected page which doesn't yet have a map
##################################################################################
new_park = Page(name="New Park", content="<p>Hi</p>", region=self.sf)
new_park.save()
# Make it so only edit_user_2 can edit the Dolores Park page
assign_perm('change_page', self.edit_user_2, new_park)
# Now try and create the "New Park" map as edit_user
geojson = """
{ "type": "GeometryCollection", "geometries": [
{
"type": "Polygon",
"coordinates": [
[
[
-122.42835760116576,
37.76128348360843
],
[
-122.42799282073973,
37.75812815505155
],
[
-122.42591142654419,
37.758297799795336
],
[
-122.42627620697021,
37.761402229904654
],
[
-122.42835760116576,
37.76128348360843
]
]
]
}]
}"""
data = {
'page':
'http://testserver%s/pages/%s/' % (self.API_ROOT, new_park.id),
'geom':
geojson,
'region':
'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
}
resp = self.client.post('%s/maps/' % self.API_ROOT,
data,
format='json')
self.assertIn(
resp.status_code,
[status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])
# Now remove the permission and it should work
remove_perm('change_page', self.edit_user_2, new_park)
data = {
'page':
'http://testserver%s/pages/%s/' % (self.API_ROOT, new_park.id),
'geom':
geojson,
'region':
'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
}
resp = self.client.post('%s/maps/' % self.API_ROOT,
data,
format='json')
self.assertEqual(resp.status_code, status.HTTP_201_CREATED)
##################################################################################
# Let's also test to see that a general 'ban' of a user restricts map editing
##################################################################################
# First, ban from the region
banned, created = BannedFromRegion.objects.get_or_create(
region=self.sf)
banned.users.add(self.edit_user)
# Now try and update the "dolores park" map as edit_user
geojson = """
{ "type": "GeometryCollection", "geometries": [
{
"type": "Polygon",
"coordinates": [
[
[
-122.42835760116576,
37.76128348360843
],
[
-122.42799282073973,
37.75812815505155
],
[
-122.42591142654419,
37.758297799795336
],
[
-122.42627620697021,
37.761402229904654
],
[
-122.42835760116576,
37.76128348360843
]
]
]
}]
}"""
data = {
'page':
'http://testserver%s/pages/%s/' %
(self.API_ROOT, self.dolores_park.id),
'geom':
geojson,
'region':
'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
}
resp = self.client.put('%s/maps/%s/' %
(self.API_ROOT, self.dolores_park_map.id),
data,
format='json')
self.assertIn(
resp.status_code,
[status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])
# Now remove the ban and it should work
banned.users.remove(self.edit_user)
data = {
'page':
'http://testserver%s/pages/%s/' %
(self.API_ROOT, self.dolores_park.id),
'geom':
geojson,
'region':
'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
}
resp = self.client.put('%s/maps/%s/' %
(self.API_ROOT, self.dolores_park_map.id),
data,
format='json')
self.assertEqual(resp.status_code, status.HTTP_200_OK)
# Now, let's try a global ban using the banned group
banned = Group.objects.get(name=settings.USERS_BANNED_GROUP)
self.edit_user.groups.add(banned)
# Now try and update the "dolores park" map as edit_user
geojson = """
{ "type": "GeometryCollection", "geometries": [
{
"type": "Polygon",
"coordinates": [
[
[
-122.42835760116576,
37.76128348360843
],
[
-122.42799282073973,
37.75812815505155
],
[
-122.42591142654419,
37.758297799795336
],
[
-122.42627620697021,
37.761402229904654
],
[
-122.42835760116576,
37.76128348360843
]
]
]
}]
}"""
data = {
'page':
'http://testserver%s/pages/%s/' %
(self.API_ROOT, self.dolores_park.id),
'geom':
geojson,
'region':
'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
}
resp = self.client.put('%s/maps/%s/' %
(self.API_ROOT, self.dolores_park_map.id),
data,
format='json')
self.assertIn(
resp.status_code,
[status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])
# Now remove the ban and it should work
self.edit_user.groups.remove(banned)
data = {
'page':
'http://testserver%s/pages/%s/' %
(self.API_ROOT, self.dolores_park.id),
'geom':
geojson,
'region':
'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
}
resp = self.client.put('%s/maps/%s/' %
(self.API_ROOT, self.dolores_park_map.id),
data,
format='json')
self.assertEqual(resp.status_code, status.HTTP_200_OK)
def get_context_data(self, **kwargs):
context = super(RedirectCompareView, self).get_context_data(**kwargs)
context['page'] = Page(slug=self.object.source,
name=self.object.source)
return context
def setUp(self):
super(AuthenticationAPITests, self).setUp()
# Create the edit user and add it to the authenticated group
self.edit_user = User(
username="******", email="*****@*****.**", password="******")
self.edit_user.save()
all_group, created = Group.objects.get_or_create(name=settings.USERS_DEFAULT_GROUP)
self.edit_user.groups.add(all_group)
self.edit_user.save()
# Create auth token for the edit user
self.token = Token.objects.get_or_create(user=self.edit_user)[0]
self.sf_region = Region(full_name='San Francisco', slug='sf')
self.sf_region.save()
p = Page(region=self.sf_region)
p.content = '<p>Dolores Park here</p>'
p.name = 'Dolores Park'
p.save()
self.dolores_park = p
p = Page(region=self.sf_region)
p.content = '<p>Duboce Park here</p>'
p.name = 'Duboce Park'
p.save()
self.duboce_park = p
def view_home(request, template="page_view"):
page = Page.query().published().filter(is_home=True).get()
return _render_page(request, page, page['template_name'] or template)
def test_page_rename(self):
p = Page()
p.content = "<p>The page content.</p>"
p.name = "Original page"
p.save()
p.rename_to("New page")
# Renamed-to page should exist.
new_p = Page.objects.get(name="New page")
# new_p should have the same content.
self.assertEqual(new_p.content, p.content)
# "Original page" should no longer exist.
pgs = Page.objects.filter(name="Original page")
self.assertEqual(len(pgs), 0)
# and a redirect from "original page" to "New page" should exist.
Redirect.objects.filter(source="original page", destination=new_p)
###########################################################
# Renaming to a page that already exists should raise an
# exception and not affect the original page.
###########################################################
p = Page()
p.content = "<p>Hello, world.</p>"
p.name = "Page A"
p.save()
self.assertRaises(exceptions.PageExistsError, p.rename_to, "New page")
# p should be unaffected. No redirect should be created.
p = Page.objects.get(name="Page A")
self.assertEqual(p.content, "<p>Hello, world.</p>")
self.assertEqual(len(Redirect.objects.filter(source="page a")), 0)
###########################################################
# Renaming should carry along files and FK'ed items that
# point to it.
###########################################################
p = Page()
p.content = "<p>A page with files and a map.</p>"
p.name = "Page With FKs"
p.save()
# Create a file that points at the page.
pf = PageFile(file=ContentFile("foo"), name="file.txt", slug=p.slug)
pf.save()
# Create a redirect that points at the page.
redirect = Redirect(source="foobar", destination=p)
redirect.save()
# Create a map that points at the page.
points = GEOSGeometry("""MULTIPOINT (-122.4378964233400069 37.7971758820830033, -122.3929211425700032 37.7688207875790027, -122.3908612060599950 37.7883584775320003, -122.4056240844700056 37.8013807351830025, -122.4148937988299934 37.8002956347170027, -122.4183270263600036 37.8051784612779969)""")
map = MapData(points=points, page=p)
map.save()
p.rename_to("New Page With FKs")
new_p = Page.objects.get(name="New Page With FKs")
self.assertEqual(len(MapData.objects.filter(page=new_p)), 1)
# Two redirects: one we created explicitly and one that was
# created during rename_to()
self.assertEqual(len(Redirect.objects.filter(destination=new_p)), 2)
self.assertEqual(len(PageFile.objects.filter(slug=new_p.slug)), 1)
# Renaming should keep slugs pointed at old page /and/ copy
# them to the new page.
self.assertEqual(len(PageFile.objects.filter(slug=p.slug)), 1)
###########################################################
# Renaming with multiple files.
###########################################################
p = Page()
p.content = "<p>A new page with multiple files.</p>"
p.name = "Page with multiple files"
p.save()
# Create a file that points at the page.
pf = PageFile(file=ContentFile("foo"), name="file.txt", slug=p.slug)
pf.save()
pf = PageFile(file=ContentFile("foo2"), name="file2.txt", slug=p.slug)
pf.save()
pf = PageFile(file=ContentFile("foo3"), name="file3.txt", slug=p.slug)
pf.save()
p.rename_to("A page with multiple files 2")
p = Page.objects.get(name="A page with multiple files 2")
self.assertEqual(len(PageFile.objects.filter(slug=p.slug)), 3)
###########################################################
# Reverting a renamed page should be possible and should
# restore files and FK'ed items that were pointed at the
# original page. The renamed-to page should still exist
# after the revert and should still have its own files and
# FK'ed items pointed at it.
###########################################################
p = Page(name="Page With FKs", slug="page with fks")
# get the version right before it was deleted
v_before_deleted = len(p.versions.all()) - 1
p_h = p.versions.as_of(version=v_before_deleted)
p_h.revert_to()
p = Page.objects.get(name="Page With FKs")
self.assertEqual(len(MapData.objects.filter(page=p)), 1)
self.assertEqual(len(PageFile.objects.filter(slug=p.slug)), 1)
p2 = Page.objects.get(name="New Page With FKs")
self.assertEqual(len(MapData.objects.filter(page=p2)), 1)
self.assertEqual(len(PageFile.objects.filter(slug=p2.slug)), 1)
self.assertEqual(len(Redirect.objects.filter(destination=p2)), 1)
###########################################################
# Renaming a page and then renaming it back.
###########################################################
# 1. Simple case
p = Page(name="Page X", content="<p>Foobar</p>")
p.save()
p.rename_to("Page Y")
self.assertEqual(len(Page.objects.filter(name="Page X")), 0)
self.assertEqual(len(Page.objects.filter(name="Page Y")), 1)
p_new = Page.objects.get(name="Page Y")
p_new.rename_to("Page X")
self.assertEqual(len(Page.objects.filter(name="Page X")), 1)
self.assertEqual(len(Page.objects.filter(name="Page Y")), 0)
# 2. If we have FKs pointed at the page this shouldn't be
# totally f****d.
p = Page(name="Page X2", content="<p>Foo X</p>")
p.save()
points = GEOSGeometry("""MULTIPOINT (-122.4378964233400069 37.7971758820830033, -122.3929211425700032 37.7688207875790027, -122.3908612060599950 37.7883584775320003, -122.4056240844700056 37.8013807351830025, -122.4148937988299934 37.8002956347170027, -122.4183270263600036 37.8051784612779969)""")
map = MapData(points=points, page=p)
map.save()
# Create a file that points at the page.
pf = PageFile(file=ContentFile("foooo"), name="file_foo.txt", slug=p.slug)
pf.save()
p.rename_to("Page Y2")
p_new = Page.objects.get(name="Page Y2")
# FK points at the page we renamed to.
self.assertEqual(len(MapData.objects.filter(page=p_new)), 1)
self.assertEqual(len(PageFile.objects.filter(slug=p_new.slug)), 1)
# Now rename it back.
p_new.rename_to("Page X2")
p = Page.objects.get(name="Page X2")
# After rename-back-to, FK points to the renamed-back-to page.
self.assertEqual(len(MapData.objects.filter(page=p)), 1)
self.assertEqual(len(PageFile.objects.filter(slug=p.slug)), 1)
###########################################################
# Renaming a page but keeping the same slug
###########################################################
p = Page(name="Foo A", content="<p>Foo A</p>")
p.save()
p.rename_to("FOO A")
# Name has changed.
self.assertEqual(len(Page.objects.filter(name="FOO A")), 1)
# Has the same history, with a new entry for the name change.
p = Page.objects.get(name="FOO A")
p1, p0 = p.versions.all()
self.assertEqual(p1.name, 'FOO A')
self.assertEqual(p0.name, 'Foo A')
self.assertEqual(p0.content, p1.content)
###########################################################
# Renaming a page twice (A -> B -> C) and then revert A to
# an existing state.
###########################################################
p = Page(name="Bar A", content="<p>Bar A</p>")
p.save()
p.rename_to("Bar B")
p = Page.objects.get(name="Bar B")
p.rename_to("Bar C")
p = Page(name="Bar A", slug="bar a")
p_h = p.versions.as_of(version=1)
p_h.revert_to()
###########################################################
# Renaming a page back and forth and reverting.
###########################################################
p = Page(name="Zoo A", content="<p>Zoo A</p>")
p.save()
p.rename_to("Zoo B")
p = Page.objects.get(name="Zoo B")
p.rename_to("Zoo A")
p = Page.objects.get(name="Zoo A")
p.rename_to("Zoo B")
p = Page(name="Zoo A", slug="zoo a")
p_h = p.versions.as_of(version=1)
p_h.revert_to()
###########################################################
# page A, rename to B, then create new A, rename B to C,
# rename C to B, then revert C to first version
###########################################################
p = Page(name="Mike A", content="<p>A</p>")
p.save()
p.rename_to("Mike B")
new_a = Page(name="Mike A", content="<p>A new</p>")
new_a.save()
p = Page.objects.get(name="Mike B")
p.rename_to("Mike C")
p = Page.objects.get(name="Mike C")
p.rename_to("Mike B")
p_c = Page(name="Mike C", slug="mike c")
p_h = p_c.versions.as_of(version=1)
p_h.revert_to()
from django.contrib.auth.models import AbstractBaseUser, PermissionsMixin
from feincms_extensions.content_types import JsonRichTextContent
from user_management.models.mixins import ActiveUserMixin, BasicUserFieldsMixin
from pages.models import Page
class User(ActiveUserMixin, BasicUserFieldsMixin, PermissionsMixin,
AbstractBaseUser):
pass
Page.register_regions(
('abstract', 'Abstract/Summary'),
('body', 'Main Article'),
)
Page.create_content_type(JsonRichTextContent)
Page.register_extensions(
'feincms_extensions.render_regions',
'feincms_extensions.render_json',
)
def update(self, request):
page = Page(content=request.data.get("content", ""))
return Response(page.content_as_html)
def test_api(self):
crs = CourseOffering.objects.get(slug=TEST_COURSE_SLUG)
memb = Member.objects.get(offering=crs, person__userid="ggbaker")
person = Person.objects.get(userid='ggbaker')
p = Page(offering=crs, label="PageExists")
p.save()
v = PageVersion(page=p,
title="Page Exists",
wikitext="Original Contents",
editor=memb,
comment="original page")
v.save()
from dashboard.models import new_feed_token
token = new_feed_token()
updata = """{
"userid": "ggbaker",
"token": "%s",
"pages": [
{
"label": "Index",
"title": "The Coursé Page",
"can_read": "ALL",
"can_write": "INST",
"wikitext-base64": "VGhpcyBwYWdlIGlzIHNwZWNpYWwgaW4gKipzb21lKiogd2F5LiBcKHh+XjIrMSA9IFxmcmFjezF9ezJ9XCkuCgpHb29kYnllIHdvcmxkIQ==",
"comment": "page creation comment",
"use_math": true
},
{
"label": "PageExists",
"new_label": "PageChanged",
"title": "Another Page",
"can_read": "STUD",
"wikitext": "This is some **new** page\\n\\ncontent."
}
]
}""" % (token)
# make a request with no auth token in place
c = Client()
url = reverse('offering:pages:api_import',
kwargs={'course_slug': crs.slug})
response = c.post(url,
data=updata.encode('utf8'),
content_type="application/json")
self.assertEqual(response.status_code, 403)
# create token and try again
person.config['pages-token'] = token
person.save()
response = c.post(url,
data=updata.encode('utf8'),
content_type="application/json")
self.assertEqual(response.status_code, 200)
# make sure the data arrived
self.assertEqual(
Page.objects.filter(offering=crs, label="PageExists").count(), 0)
p = Page.objects.get(offering=crs, label="PageChanged")
v = p.current_version()
self.assertEqual(v.title, "Another Page")
self.assertEqual(v.get_wikitext(),
"This is some **new** page\n\ncontent.")
p = Page.objects.get(offering=crs, label="Index")
v = p.current_version()
self.assertEqual(v.title, "The Cours\u00e9 Page")
self.assertEqual(
v.get_wikitext(),
'This page is special in **some** way. \\(x~^2+1 = \\frac{1}{2}\\).\n\nGoodbye world!'
)
self.assertTrue('math' in v.config)
self.assertEqual(v.config['math'], True)
from pages.models import Page
import json
print('Importing pagesMeta.json')
pages = json.load(open('pagesMeta.json'))
print('Creating pages')
for item in pages:
Page(readableTitle=item[0], page=item[1]).save()
print('Creating pages is finiched')
def test_permissions(self):
"""
Test page access control behaviour.
"""
crs = CourseOffering.objects.get(slug=TEST_COURSE_SLUG)
memb = Member.objects.filter(offering=crs, role='INST').first()
inst = memb.person
ta = Member.objects.filter(offering=crs, role='TA').first().person
stud = Member.objects.filter(offering=crs, role='STUD').first().person
non_member = Person.objects.get(userid='dixon')
assert not Member.objects.filter(offering=crs, person=non_member)
p = Page(offering=crs, label="Test", can_read='STAF', can_write='INST')
p.save()
v = PageVersion(page=p,
title="Test Page",
wikitext="Page contents",
editor=memb)
v.save()
# page-viewing permissions
c = Client()
url = reverse('offering:pages:view_page',
kwargs={
'course_slug': crs.slug,
'page_label': 'Test'
})
c.logout()
response = c.get(url)
self.assertEqual(response.status_code, 403)
c.login_user(inst.userid)
response = c.get(url)
self.assertEqual(response.status_code, 200)
c.login_user(ta.userid)
response = c.get(url)
self.assertEqual(response.status_code, 200)
c.login_user(stud.userid)
response = c.get(url)
self.assertEqual(response.status_code, 403)
c.login_user(non_member.userid)
response = c.get(url)
self.assertEqual(response.status_code, 403)
# ... but with a PagePermission object, non_member can access
pp = PagePermission(person=non_member, offering=crs, role='INST')
pp.save()
response = c.get(url)
self.assertEqual(response.status_code, 200)
# page-editing permissions
url = reverse('offering:pages:edit_page',
kwargs={
'course_slug': crs.slug,
'page_label': 'Test'
})
c.logout()
response = c.get(url)
self.assertEqual(response.status_code, 302) # redirect to log in
c.login_user(inst.userid)
response = c.get(url)
self.assertEqual(response.status_code, 200)
c.login_user(ta.userid)
response = c.get(url)
self.assertEqual(response.status_code, 403)
c.login_user(stud.userid)
response = c.get(url)
self.assertEqual(response.status_code, 403)
# editing with PagePermission not implemented
c.login_user(non_member.userid)
response = c.get(url)
self.assertEqual(response.status_code, 403)
def create_video_page(self):
page = Page()
page.title = 'Онлайн'
page.slug = 'online'
page.order = 10
page.save()
def test_macros(self):
"""
Test macro behaviour
"""
crs = CourseOffering.objects.get(slug=TEST_COURSE_SLUG)
memb = Member.objects.get(offering=crs, person__userid="ggbaker")
p = Page(offering=crs, label="Index")
p.save()
v = PageVersion(page=p,
title="Index Page",
wikitext="one +two+ three +four+",
editor=memb)
v.save()
# no macros defined: rendered as-is
self.assertEqual(p.current_version().html_contents().strip(),
"<p>one +two+ three +four+</p>")
mp = Page(offering=crs, label=MACRO_LABEL)
mp.save()
mv = PageVersion(page=mp,
title="Macros",
wikitext="two: 22\nfour: 4444",
editor=memb)
mv.save()
# macros defined: should be substituted
self.assertEqual(p.current_version().html_contents().strip(),
"<p>one 22 three 4444</p>")
mp.label = 'NOT_MACROS'
mp.save()
# macros disappear: back to original
self.assertEqual(p.current_version().html_contents().strip(),
"<p>one +two+ three +four+</p>")
def test_redirect_to_self(self):
p = Page(name="foobar", content="<p>foobar</p>")
p.save()
r = Redirect(source='foobar', destination=p)
self.assertRaises(exceptions.RedirectToSelf, r.save)
def _pages_from_json(request, offering, data):
with django.db.transaction.atomic():
try:
data = data.decode('utf-8-sig')
except UnicodeDecodeError:
raise ValidationError(u"Bad UTF-8 data in file.")
try:
data = json.loads(data)
except ValueError as e:
raise ValidationError(u'JSON decoding error. Exception was: "' +
str(e) + '"')
if not isinstance(data, dict):
raise ValidationError(
u'Outer JSON data structure must be an object.')
if 'userid' not in data or 'token' not in data:
raise ValidationError(
u'Outer JSON data object must contain keys "userid" and "token".'
)
if 'pages' not in data:
raise ValidationError(
u'Outer JSON data object must contain keys "pages".')
if not isinstance(data['pages'], list):
raise ValidationError(u'Value for "pages" must be a list.')
try:
user = Person.objects.get(userid=data['userid'])
member = Member.objects.exclude(role='DROP').get(person=user,
offering=offering)
except Person.DoesNotExist, Member.DoesNotExist:
raise ValidationError(u'Person with that userid does not exist.')
if 'pages-token' not in user.config or user.config[
'pages-token'] != data['token']:
e = ValidationError(u'Could not validate authentication token.')
e.status = 403
raise e
# if we get this far, the user is authenticated and we can start processing the pages...
for i, pdata in enumerate(data['pages']):
if not isinstance(pdata, dict):
raise ValidationError(
u'Page #%i entry structure must be an object.' % (i))
if 'label' not in pdata:
raise ValidationError(
u'Page #%i entry does not have a "label".' % (i))
# handle changes to the Page object
pages = Page.objects.filter(offering=offering,
label=pdata['label'])
if pages:
page = pages[0]
old_ver = page.current_version()
else:
page = Page(offering=offering, label=pdata['label'])
old_ver = None
# check write permissions
# mock the request object enough to satisfy _check_allowed()
class FakeRequest(object):
pass
fake_request = FakeRequest()
fake_request.user = FakeRequest()
fake_request.user.username = user.userid
if old_ver:
m = _check_allowed(fake_request, offering, page.can_write,
page.editdate())
else:
m = _check_allowed(fake_request, offering,
offering.page_creators())
if not m:
raise ValidationError(u'You can\'t edit page #%i.' % (i))
# handle Page attributes
if 'can_read' in pdata:
if type(pdata['can_read']
) != unicode or pdata['can_read'] not in ACL_DESC:
raise ValidationError(
u'Page #%i "can_read" value must be one of %s.' %
(i, ','.join(ACL_DESC.keys())))
page.can_read = pdata['can_read']
if 'can_write' in pdata:
if type(pdata['can_write']) != unicode or pdata[
'can_write'] not in WRITE_ACL_DESC:
raise ValidationError(
u'Page #%i "can_write" value must be one of %s.' %
(i, ','.join(WRITE_ACL_DESC.keys())))
if m.role == 'STUD':
raise ValidationError(
u'Page #%i: students can\'t change can_write value.' %
(i))
page.can_write = pdata['can_write']
if 'new_label' in pdata:
if type(pdata['new_label']) != unicode:
raise ValidationError(
u'Page #%i "new_label" value must be a string.' % (i))
if m.role == 'STUD':
raise ValidationError(
u'Page #%i: students can\'t change label value.' % (i))
if Page.objects.filter(offering=offering,
label=pdata['new_label']):
raise ValidationError(
u'Page #%i: there is already a page with that "new_label".'
% (i))
page.label = pdata['new_label']
page.save()
# handle PageVersion changes
ver = PageVersion(page=page, editor=member)
if 'title' in pdata:
if type(pdata['title']) != unicode:
raise ValidationError(
u'Page #%i "title" value must be a string.' % (i))
ver.title = pdata['title']
elif old_ver:
ver.title = old_ver.title
else:
raise ValidationError(
u'Page #%i has no "title" for new page.' % (i))
if 'comment' in pdata:
if type(pdata['comment']) != unicode:
raise ValidationError(
u'Page #%i "comment" value must be a string.' % (i))
ver.comment = pdata['comment']
if 'use_math' in pdata:
if type(pdata['use_math']) != bool:
raise ValidationError(
u'Page #%i "comment" value must be a boolean.' % (i))
ver.set_math(pdata['use_math'])
if 'wikitext-base64' in pdata:
if type(pdata['wikitext-base64']) != unicode:
raise ValidationError(
u'Page #%i "wikitext-base64" value must be a string.' %
(i))
try:
wikitext = base64.b64decode(pdata['wikitext-base64'])
except TypeError:
raise ValidationError(
u'Page #%i "wikitext-base64" contains bad base BASE64 data.'
% (i))
ver.wikitext = wikitext
elif 'wikitext' in pdata:
if type(pdata['wikitext']) != unicode:
raise ValidationError(
u'Page #%i "wikitext" value must be a string.' % (i))
ver.wikitext = pdata['wikitext']
elif old_ver:
ver.wikitext = old_ver.wikitext
else:
raise ValidationError(
u'Page #%i has no wikitext for new page.' % (i))
ver.save()
return user
def test_redirect_permissions(self):
self.client.force_authenticate(user=self.edit_user)
# We want to tie the redirect permissions should be tied to the
# Redirect object -and- the Page object that's associated with the
# redirect. This is so that if, for instance, Page(name="Front Page")
# is only editable by a certain group, creating a Redirect from
# "Front Page" to somewhere is similarly protected.
#####################################################################################
# 1. Redirect already exists, redirects.change_redirect / redirects.delete_redirect
# should be checked.
#####################################################################################
# Make it so only edit_user_2 can edit the Mission Dolores Park redirect
assign_perm('change_redirect', self.edit_user_2, self.mission_dolores_park)
# Now try and update the "Mission Dolores Park" redirect as edit_user
data = {'source': 'mission dolores park', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.duboce_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
resp = self.client.put('%s/redirects/%s/' % (self.API_ROOT, self.mission_dolores_park.id), data, format='json')
self.assertIn(resp.status_code, [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])
# Now remove the permission and it should work
remove_perm('change_redirect', self.edit_user_2, self.mission_dolores_park)
data = {'source': 'mission dolores park', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.duboce_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
resp = self.client.put('%s/redirects/%s/' % (self.API_ROOT, self.mission_dolores_park.id), data, format='json')
self.assertEqual(resp.status_code, status.HTTP_200_OK)
#####################################################################################
# 2. Redirect doesn't exist yet but a `source` page does.
# pages.change_page should be checked.
#####################################################################################
# Let's create a page
p = Page(
name="Oasis",
content="<p>Blah</p>",
region=self.sf
)
p.save()
# and then set permissions to restrict it from being edited by `edit_user`
assign_perm('change_page', self.edit_user_2, p)
# now let's try and create a redirect from "oasis" to "duboce park" as `edit_user`:
data = {'source': 'oasis', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.duboce_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
resp = self.client.post('%s/redirects/' % self.API_ROOT, data, format='json')
self.assertIn(resp.status_code, [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])
# Now remove the permission and it should work
remove_perm('change_page', self.edit_user_2, p)
data = {'source': 'oasis', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.duboce_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
resp = self.client.post('%s/redirects/' % self.API_ROOT, data, format='json')
self.assertEqual(resp.status_code, status.HTTP_201_CREATED)
#####################################################################################
## Let's also test to see that a general 'ban' of a user restricts redirect creation
#####################################################################################
# First, ban from the region
banned, created = BannedFromRegion.objects.get_or_create(region=self.sf)
banned.users.add(self.edit_user)
data = {'source': 'mission dolores park', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.dolores_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
resp = self.client.put('%s/redirects/%s/' % (self.API_ROOT, self.mission_dolores_park.id), data, format='json')
self.assertIn(resp.status_code, [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])
# Now remove the ban and it should work
banned.users.remove(self.edit_user)
data = {'source': 'mission dolores park', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.dolores_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
resp = self.client.put('%s/redirects/%s/' % (self.API_ROOT, self.mission_dolores_park.id), data, format='json')
self.assertEqual(resp.status_code, status.HTTP_200_OK)
# Now, let's try a global ban using the banned group
banned = Group.objects.get(name=settings.USERS_BANNED_GROUP)
self.edit_user.groups.add(banned)
data = {'source': 'mission dolores park', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.duboce_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
resp = self.client.put('%s/redirects/%s/' % (self.API_ROOT, self.mission_dolores_park.id), data, format='json')
self.assertIn(resp.status_code, [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])
## Now remove the ban and it should work
self.edit_user.groups.remove(banned)
data = {'source': 'mission dolores park', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.duboce_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
resp = self.client.put('%s/redirects/%s/' % (self.API_ROOT, self.mission_dolores_park.id), data, format='json')
self.assertEqual(resp.status_code, status.HTTP_200_OK)
def create_and_update_from_json_data(d, user):
"""
Create or update page based on python dict d loaded from JSON data.
This applies all data except for redirect_to, which is done in a
second pass after all pages have been imported,
user is the User instance that will be used if the author can't
be found in the DB.
returns (page object, created, messages).
created is True if this was a new page or False if an existing page
was updated.
messages is a list of strings warnings/messages about this import
"""
page = None
parent = None
parent_required = True
created = False
messages = []
page_languages = set(lang[0] for lang in settings.PAGE_LANGUAGES)
for lang, s in list(d['complete_slug'].items()):
if lang not in page_languages:
messages.append(_("Language '%s' not imported") % (lang, ))
continue
page = Page.objects.from_path(s, lang, exclude_drafts=False)
if page and page.get_complete_slug(lang) == s:
break
if parent_required and parent is None:
if '/' in s:
parent = Page.objects.from_path(s.rsplit('/', 1)[0],
lang,
exclude_drafts=False)
else:
parent_required = False
else:
# can't find an existing match, need to create a new Page
page = Page(parent=parent)
created = True
def custom_get_user_by_email(email):
"""
Allow the user profile class to look up a user by email
address
"""
# bit of an unpleasant hack that requres the logged-in
# user has a profile, but I don't want to reproduce the
# code in get_profile() here
try:
profile = user.get_profile()
except (SiteProfileNotAvailable, ObjectDoesNotExist):
return User.objects.get(email=email)
get_user_by_email = getattr(profile, 'get_user_by_email', None)
if get_user_by_email:
return get_user_by_email(email)
return User.objects.get(email=email)
try:
page.author = custom_get_user_by_email(d['author_email'])
except (User.DoesNotExist, User.MultipleObjectsReturned):
page.author = user
messages.append(
_("Original author '%s' not found") % (d['author_email'], ))
page.creation_date = datetime.strptime(d['creation_date'], ISODATE_FORMAT)
page.publication_date = datetime.strptime(
d['publication_date'],
ISODATE_FORMAT) if d['publication_date'] else None
page.publication_end_date = datetime.strptime(
d['publication_end_date'],
ISODATE_FORMAT) if d['publication_end_date'] else None
page.last_modification_date = datetime.strptime(
d['last_modification_date'], ISODATE_FORMAT)
page.status = {
'published': Page.PUBLISHED,
'hidden': Page.HIDDEN,
'draft': Page.DRAFT,
}[d['status']]
page.template = d['template']
page.redirect_to_url = d['redirect_to_url']
page.save()
if settings.PAGE_USE_SITE_ID:
if d['sites']:
for site in d['sites']:
try:
page.sites.add(Site.objects.get(domain=site))
except Site.DoesNotExist:
messages.append(
_("Could not add site '%s' to page") % (site, ))
if not settings.PAGE_HIDE_SITES and not page.sites.count():
# need at least one site
page.sites.add(Site.objects.get(pk=global_settings.SITE_ID))
def create_content(lang, ctype, body):
Content.objects.create_content_if_changed(page, lang, ctype, body)
for lang in d['content_language_updated_order']:
if lang not in page_languages:
continue
create_content(lang, 'slug', d['complete_slug'][lang].rsplit('/',
1)[-1])
create_content(lang, 'title', d['title'][lang])
for ctype, langs_bodies in list(d['content'].items()):
create_content(lang, ctype, langs_bodies[lang])
return page, created, messages
def test_map_permissions(self):
self.client.force_authenticate(user=self.edit_user)
# Make it so only edit_user_2 can edit the Dolores Park page
assign_perm('change_page', self.edit_user_2, self.dolores_park)
# Now try and update the "dolores park" map as edit_user
geojson = """
{ "type": "GeometryCollection", "geometries": [
{
"type": "Polygon",
"coordinates": [
[
[
-122.42835760116576,
37.76128348360843
],
[
-122.42799282073973,
37.75812815505155
],
[
-122.42591142654419,
37.758297799795336
],
[
-122.42627620697021,
37.761402229904654
],
[
-122.42835760116576,
37.76128348360843
]
]
]
}]
}"""
data = {
'page':
'http://testserver%s/pages/%s/' %
(self.API_ROOT, self.dolores_park.id),
'geom':
geojson,
'region':
'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
}
resp = self.client.put('%s/maps/%s/' %
(self.API_ROOT, self.dolores_park_map.id),
data,
format='json')
self.assertIn(
resp.status_code,
[status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])
# Now remove the permission and it should work
remove_perm('change_page', self.edit_user_2, self.dolores_park)
data = {
'page':
'http://testserver%s/pages/%s/' %
(self.API_ROOT, self.dolores_park.id),
'geom':
geojson,
'region':
'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
}
resp = self.client.put('%s/maps/%s/' %
(self.API_ROOT, self.dolores_park_map.id),
data,
format='json')
self.assertEqual(resp.status_code, status.HTTP_200_OK)
##################################################################################
# Let's also test a normal POST to a protected page which doesn't yet have a map
##################################################################################
new_park = Page(name="New Park", content="<p>Hi</p>", region=self.sf)
new_park.save()
# Make it so only edit_user_2 can edit the Dolores Park page
assign_perm('change_page', self.edit_user_2, new_park)
# Now try and create the "New Park" map as edit_user
geojson = """
{ "type": "GeometryCollection", "geometries": [
{
"type": "Polygon",
"coordinates": [
[
[
-122.42835760116576,
37.76128348360843
],
[
-122.42799282073973,
37.75812815505155
],
[
-122.42591142654419,
37.758297799795336
],
[
-122.42627620697021,
37.761402229904654
],
[
-122.42835760116576,
37.76128348360843
]
]
]
}]
}"""
data = {
'page':
'http://testserver%s/pages/%s/' % (self.API_ROOT, new_park.id),
'geom':
geojson,
'region':
'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
}
resp = self.client.post('%s/maps/' % self.API_ROOT,
data,
format='json')
self.assertIn(
resp.status_code,
[status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])
# Now remove the permission and it should work
remove_perm('change_page', self.edit_user_2, new_park)
data = {
'page':
'http://testserver%s/pages/%s/' % (self.API_ROOT, new_park.id),
'geom':
geojson,
'region':
'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
}
resp = self.client.post('%s/maps/' % self.API_ROOT,
data,
format='json')
self.assertEqual(resp.status_code, status.HTTP_201_CREATED)
##################################################################################
# Let's also test to see that a general 'ban' of a user restricts map editing
##################################################################################
# First, ban from the region
banned, created = BannedFromRegion.objects.get_or_create(
region=self.sf)
banned.users.add(self.edit_user)
# Now try and update the "dolores park" map as edit_user
geojson = """
{ "type": "GeometryCollection", "geometries": [
{
"type": "Polygon",
"coordinates": [
[
[
-122.42835760116576,
37.76128348360843
],
[
-122.42799282073973,
37.75812815505155
],
[
-122.42591142654419,
37.758297799795336
],
[
-122.42627620697021,
37.761402229904654
],
[
-122.42835760116576,
37.76128348360843
]
]
]
}]
}"""
data = {
'page':
'http://testserver%s/pages/%s/' %
(self.API_ROOT, self.dolores_park.id),
'geom':
geojson,
'region':
'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
}
resp = self.client.put('%s/maps/%s/' %
(self.API_ROOT, self.dolores_park_map.id),
data,
format='json')
self.assertIn(
resp.status_code,
[status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])
# Now remove the ban and it should work
banned.users.remove(self.edit_user)
data = {
'page':
'http://testserver%s/pages/%s/' %
(self.API_ROOT, self.dolores_park.id),
'geom':
geojson,
'region':
'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
}
resp = self.client.put('%s/maps/%s/' %
(self.API_ROOT, self.dolores_park_map.id),
data,
format='json')
self.assertEqual(resp.status_code, status.HTTP_200_OK)
# Now, let's try a global ban using the banned group
banned = Group.objects.get(name=settings.USERS_BANNED_GROUP)
self.edit_user.groups.add(banned)
# Now try and update the "dolores park" map as edit_user
geojson = """
{ "type": "GeometryCollection", "geometries": [
{
"type": "Polygon",
"coordinates": [
[
[
-122.42835760116576,
37.76128348360843
],
[
-122.42799282073973,
37.75812815505155
],
[
-122.42591142654419,
37.758297799795336
],
[
-122.42627620697021,
37.761402229904654
],
[
-122.42835760116576,
37.76128348360843
]
]
]
}]
}"""
data = {
'page':
'http://testserver%s/pages/%s/' %
(self.API_ROOT, self.dolores_park.id),
'geom':
geojson,
'region':
'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
}
resp = self.client.put('%s/maps/%s/' %
(self.API_ROOT, self.dolores_park_map.id),
data,
format='json')
self.assertIn(
resp.status_code,
[status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])
# Now remove the ban and it should work
self.edit_user.groups.remove(banned)
data = {
'page':
'http://testserver%s/pages/%s/' %
(self.API_ROOT, self.dolores_park.id),
'geom':
geojson,
'region':
'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
}
resp = self.client.put('%s/maps/%s/' %
(self.API_ROOT, self.dolores_park_map.id),
data,
format='json')
self.assertEqual(resp.status_code, status.HTTP_200_OK)
def get_common_context(request):
form = OrderForm()
hform = OrderHForm()
fform = OrderFForm()
c = {}
if request.method == 'POST':
if request.POST['action'] == 'subscribe':
em = request.POST.get('email', None)
if em:
Subscribe(email=em).save()
messages.success(request,
u'Вы успешно подписались на рассылку.')
else:
messages.error(request, u'Необходимо ввести емейл.')
elif request.POST['action'] == 'homeform':
hform = OrderHForm(request.POST)
if hform.is_valid():
hform.save()
messages.success(request, u'Ваша заявка успешно отправлена.')
hform = OrderHForm()
else:
c['show_hform'] = True
messages.error(request, u'Необходимо ввести имя и телефон.')
elif request.POST['action'] == 'franchajzing':
fform = OrderFForm(request.POST)
if fform.is_valid():
fform.save()
messages.success(request, u'Ваша заявка успешно отправлена.')
fform = OrderFForm()
else:
print fform.errors
c['show_fform'] = True
messages.error(request, u'Необходимо ввести имя и телефон.')
else:
form = OrderForm(request.POST)
if form.is_valid():
form.save()
c['request-ok'] = True
else:
if request.POST['action'] == 'signup':
c['show_signup'] = True
if request.POST['action'] == 'get':
c['show_get'] = True
if request.POST['action'] == 'gift':
c['show_gift'] = True
messages.error(request, u'Необходимо ввести имя.')
c['request_url'] = request.path
c['is_debug'] = settings.DEBUG
c['reviews'] = Review.objects.all()[:3]
c['form'] = form
c['hform'] = hform
c['fform'] = fform
c['menu'] = Menu.objects.filter(parent=None)
c['partners'] = Partner.objects.all()
c['complex'] = Page.get_by_slug('complex').content
try:
c['menu_cat'] = Menu.get_by_href(request.path).parent
except:
c['menu_cat'] = None
c['siteurl'] = request.get_host().split('.')[0]
c['phone'] = config_value('MyApp', 'PHONE')
c.update(csrf(request))
return c
