def testRoles(self):
user = User(email='*****@*****.**', password=MD5Type.generate('secret'))
user.sessions.append(User.Session())
user.store(self.db)
self.assertEqual(self.db[user.id][u'email'], u'*****@*****.**')
json = make_safe_json(User,user,'mysessions')
assert 'password' not in json
assert 'token' not in json
assert 'email' in json
assert 'created_on' in json
assert self.db[user.id]['password'] is not None
u2 = User.load(self.db, user.id)
self.assertTrue(u2.challenge_password(MD5Type.generate('secret')))
def _make_presentable(self, datum):
"""This function takes either a model instance or a dictionary
representation of some model and returns a dictionary one safe for
transmitting as payload.
"""
if isinstance(datum, dict):
iid = str(datum.get('id'))
model_instance = self.model(**datum)
instance = to_json(model_instance, encode=False)
else:
iid = str(datum.id)
instance = to_json(datum, encode=False)
data = make_safe_json(self.model, instance, 'owner', encode=False)
return data
def _make_presentable(self, datum):
"""This function takes either a model instance or a dictionary
representation of some model and returns a dictionary one safe for
transmitting as payload.
"""
if isinstance(datum, dict):
iid = str(datum.get('id'))
model_instance = self.model(**datum)
instance = to_json(model_instance, encode=False)
else:
iid = str(datum.id)
instance = to_json(datum, encode=False)
data = make_safe_json(self.model, instance, 'owner', encode=False)
return data
print 'Attempting validation on:\n\n %s\n' % (total_input)
try:
validate_class_fields(User, total_input)
print 'Validation passed'
except TypeException, se:
print('TypeException caught: %s' % (se))
print 'After validation:\n\n %s\n' % (total_input)
### Check all types and collect all failures
exceptions = validate_class_fields(User, total_input, validate_all=True)
if len(exceptions) == 0:
print 'Validation passed\n'
else:
print '%s exceptions found\n\n %s\n' % (len(exceptions),
[str(e) for e in exceptions])
###
### Type Security
###
# Add the rogue type back to `total_input`
total_input['rogue_type'] = 'MWAHAHA'
user_doc = User(**total_input)
print 'Model as Python:\n %s\n' % (to_python(user_doc))
safe_doc = make_safe_json(User, user_doc, 'owner')
print 'Owner safe doc:\n %s\n' % (safe_doc)
public_safe_doc = make_safe_json(User, user_doc, 'public')
print 'Public safe doc:\n %s\n' % (public_safe_doc)
'public': whitelist('title', 'year'),
}
m = Movie(title='Some Movie',
year=2011,
personal_thoughts='It was pretty good')
print 'MOVIE ]', ('-' * 40)
print ' schema ::', to_jsonschema(m)
print ' python ::', to_python(m)
print ' json ::', to_json(m)
print ' owner ::', make_safe_python(Movie, m, 'owner')
print ' public ::', make_safe_json(Movie, m, 'public')
print
#movie_json = m.to_json()
movie_json = make_safe_json(Movie, m, 'owner')
print 'Movie as JSON ]', ('-' * 32)
print ' json ::', movie_json
print
### Reload movie
movie_data = json.loads(movie_json)
m2 = Movie(**movie_data)
print 'RESTORED MOVIE ]', ('-' * 31)
def test_good_value_into_json(self):
self.testmodel.the_list = [2]
actual = make_safe_json(self.Testmodel, self.testmodel, 'owner')
expected = json.dumps({"the_list":[2]})
self.assertEqual(actual, expected)
class Options:
roles = {
'owner': blacklist(),
'public': whitelist('title', 'year'),
}
mv = Movie()
mv.title = 'Total Recall'
mv.year = 1990
mv.personal_thoughts = 'I wish I had three hands...'
print 'From Movie class to json string:\n\n %s\n' % (to_json(mv))
print ' %s\n' % (to_python(mv, allow_none=True))
print ' %s\n' % (to_json(mv, allow_none=True))
###
### Scrubbing functions
###
ownersafe_json = make_safe_json(Movie, mv, 'owner')
ownersafe_str = 'Making mv safe:\n\n %s\n'
print ownersafe_str % (ownersafe_json)
publicsafe_json = make_safe_json(Movie, mv, 'public')
publicsafe_str = 'Making mv safe in json:\n\n %s\n'
print publicsafe_str % (publicsafe_json)
print 'You can also scrub the models according to whatever system you want:\n'
print ' %s\n' % (to_json(mv, gottago=whitelist('title')))
###
### Instantiate an instance with this data
###
# user_dict
total_input = {
"secret": "e8b5d682452313a6142c10b045a9a135",
"name": "J2D2",
"bio": "J2D2 loves music",
"rogue_field": "MWAHAHA",
}
### Check all types and collect all failures
# exceptions = User.validate_class_types(total_input, validate_all=True)
###
### Type Security
###
# Add the rogue type back to `total_input`
total_input["rogue_field"] = "MWAHAHA"
user_doc = BasicUser(**total_input)
# print 'Document as Python:\n %s\n' % (user_doc.to_python())
safe_doc = make_safe_json(BasicUser, user_doc, "owner")
# print 'Owner safe doc:\n %s\n' % (safe_doc)
public_safe_doc = make_safe_json(BasicUser, user_doc, "public")
# print 'Public safe doc:\n %s\n' % (public_safe_doc)
def test_json_public_safe(self):
json_public_safe = make_safe_json(self.klass, self.instance, 'public',
sort_keys=True)
self.assertEqual(self.json_public_safe, json_public_safe)
def test_json_owner_safe(self):
json_owner_safe = make_safe_json(self.klass, self.instance, 'owner',
sort_keys=True)
self.assertEqual(self.json_owner_safe, json_owner_safe)
print 'Validation passed'
except TypeException, se:
print('TypeException caught: %s' % (se))
print 'After validation:\n\n %s\n' % (total_input)
### Check all types and collect all failures
exceptions = validate_class_fields(User, total_input, validate_all=True)
if len(exceptions) == 0:
print 'Validation passed\n'
else:
print '%s exceptions found\n\n %s\n' % (len(exceptions),
[str(e) for e in exceptions])
###
### Type Security
###
# Add the rogue type back to `total_input`
total_input['rogue_type'] = 'MWAHAHA'
user_doc = User(**total_input)
print 'Model as Python:\n %s\n' % (to_python(user_doc))
safe_doc = make_safe_json(User, user_doc, 'owner')
print 'Owner safe doc:\n %s\n' % (safe_doc)
public_safe_doc = make_safe_json(User, user_doc, 'public')
print 'Public safe doc:\n %s\n' % (public_safe_doc)
class Options:
roles = {
'owner': blacklist('personal_thoughts'),
'public': whitelist('author', 'content', 'comments'),
}
author = Author(name='james',
username='******',
email='*****@*****.**',
a_setting=True,
is_active=True)
print 'AUTHOR ]%s' % ('-' * 40)
print '- as python: ', to_python(author), '\n'
print '- json owner: ', make_safe_json(Author, author, 'owner'), '\n'
print '- json public:', make_safe_json(Author, author, 'public'), '\n'
comment1 = Comment(text='This post was awesome!',
username='******',
email='*****@*****.**')
print 'COMMENT 1 ]%s' % ('-' * 40)
print '- as python: ', to_python(comment1), '\n'
print '- json owner: ', make_safe_json(Comment, comment1, 'owner'), '\n'
print '- json public:', make_safe_json(Comment, comment1, 'public'), '\n'
comment2 = Comment(text='This post is ridiculous',
username='******',
email='*****@*****.**')
print 'COMMENT 2 ]%s' % ('-' * 40)
def test_good_value_into_json(self):
self.testmodel.the_list = [2]
actual = make_safe_json(self.Testmodel, self.testmodel, 'owner')
expected = json.dumps({"the_list": [2]})
self.assertEqual(actual, expected)
post_date = DateTimeType(default=datetime.datetime.now)
comments = ListType(ModelType(Comment))
deleted = BooleanType()
class Options:
roles = {
'owner': blacklist('personal_thoughts'),
'public': whitelist('author', 'content', 'comments'),
}
author = Author(name='james', username='******', email='*****@*****.**',
a_setting=True, is_active=True)
print 'AUTHOR ]%s' % ('-' * 40)
print '- as python: ', to_python(author), '\n'
print '- json owner: ', make_safe_json(Author, author, 'owner'), '\n'
print '- json public:', make_safe_json(Author, author, 'public'), '\n'
comment1 = Comment(text='This post was awesome!', username='******',
email='*****@*****.**')
print 'COMMENT 1 ]%s' % ('-' * 40)
print '- as python: ', to_python(comment1), '\n'
print '- json owner: ', make_safe_json(Comment, comment1, 'owner'), '\n'
print '- json public:', make_safe_json(Comment, comment1, 'public'), '\n'
comment2 = Comment(text='This post is ridiculous', username='******',
email='*****@*****.**')
print 'COMMENT 2 ]%s' % ('-' * 40)
print '- as python: ', to_python(comment2), '\n'
print '- json owner: ', make_safe_json(Comment, comment2, 'owner'), '\n'
def test_json_owner_safe(self):
json_owner_safe = make_safe_json(self.klass, self.instance, 'owner',
sort_keys=True)
self.assertEqual(self.json_owner_safe, json_owner_safe)
roles = {
'owner': blacklist(),
'public': whitelist('title', 'year'),
}
m = Movie(title='Some Movie',
year=2011,
personal_thoughts='It was pretty good')
print 'MOVIE ]', ('-' * 40)
print ' schema ::', to_jsonschema(m)
print ' python ::', to_python(m)
print ' json ::', to_json(m)
print ' owner ::', make_safe_python(Movie, m, 'owner')
print ' public ::', make_safe_json(Movie, m, 'public')
print
#movie_json = m.to_json()
movie_json = make_safe_json(Movie, m, 'owner')
print 'Movie as JSON ]', ('-' * 32)
print ' json ::', movie_json
print
### Reload movie
movie_data = json.loads(movie_json)
m2 = Movie(**movie_data)
print 'RESTORED MOVIE ]', ('-' * 31)
print ' schema ::', to_jsonschema(m2)
print ' python ::', to_python(m2)
def test_json_public_safe(self):
json_public_safe = make_safe_json(self.klass, self.instance, 'public',
sort_keys=True)
self.assertEqual(self.json_public_safe, json_public_safe)
class Options:
roles = {
'owner': blacklist(),
'public': whitelist('title', 'year'),
}
mv = Movie()
mv.title = 'Total Recall'
mv.year = 1990
mv.personal_thoughts = 'I wish I had three hands...'
print 'From Movie class to json string:\n\n %s\n' % (to_json(mv))
print ' %s\n' % (to_python(mv, allow_none=True))
print ' %s\n' % (to_json(mv, allow_none=True))
###
### Scrubbing functions
###
ownersafe_json = make_safe_json(Movie, mv, 'owner')
ownersafe_str = 'Making mv safe:\n\n %s\n'
print ownersafe_str % (ownersafe_json)
publicsafe_json = make_safe_json(Movie, mv, 'public')
publicsafe_str = 'Making mv safe in json:\n\n %s\n'
print publicsafe_str % (publicsafe_json)
print 'You can also scrub the models according to whatever system you want:\n'
print ' %s\n' % (to_json(mv, gottago=whitelist('title')))
