Exemple #1
0
def test_flash(user_id):
    # Execute the first request flash some message
    with application_and_request_context(), login.UserSessionContext(user_id):
        session_id = on_succeeded_login(user_id)  # Create and activate session
        assert session is not None

        flash("abc")
        assert session.session_info.flashes == ["abc"]

    # Now create the second request to get the previously flashed message
    with application_and_request_context(), login.UserSessionContext(user_id):
        on_access(user_id, session_id)
        assert session is not None
        assert session.session_info.flashes == ["abc"]

        # Get the flashed messages removes the messages from the session
        # and subsequent calls to get_flashed_messages return the messages
        # over and over.
        assert get_flashed_messages() == [HTML("abc")]
        assert get_flashed_messages() == [HTML("abc")]
        assert session.session_info.flashes == []

    # Now create the third request that should not have access to the flashed messages since the
    # second one consumed them.
    with application_and_request_context(), login.UserSessionContext(user_id):
        on_access(user_id, session_id)
        assert session is not None
        assert session.session_info.flashes == []
        assert get_flashed_messages() == []
Exemple #2
0
    def page(self) -> None:
        watolib.init_wato_datastructures(with_wato_lock=True)

        profile_changed = False
        if html.request.has_var('_save') and html.check_transaction():
            try:
                profile_changed = self._action()
            except MKUserError as e:
                html.add_user_error(e.varname, e)

        if profile_changed and config.user.authorized_login_sites():
            title = _('Replicate new user profile')
        else:
            title = self._page_title()

        breadcrumb = make_simple_page_breadcrumb(
            mega_menu_registry.menu_user(), title)
        html.header(title, breadcrumb, self._page_menu(breadcrumb))

        for message in get_flashed_messages():
            html.show_message(message)

        # Now, if in distributed environment where users can login to remote sites, set the trigger for
        # pushing the new user profile to the remote sites asynchronously
        if profile_changed and config.user.authorized_login_sites():
            user_profile_async_replication_page()
            return

        self._show_form(profile_changed)
Exemple #3
0
    def page(self) -> None:
        acktime = request.get_float_input_mandatory('acktime', time.time())
        if request.var('_confirm'):
            _acknowledge_failed_notifications(acktime, time.time())

            if user.authorized_login_sites():
                watolib.init_wato_datastructures(with_wato_lock=True)

                title = _('Replicate user profile')
                breadcrumb = make_simple_page_breadcrumb(
                    mega_menu_registry.menu_monitoring(), title)
                html.header(title, breadcrumb)

                for message in get_flashed_messages():
                    html.show_message(message)
                # This local import is needed for the moment
                import cmk.gui.wato.user_profile  # pylint: disable=redefined-outer-name
                cmk.gui.wato.user_profile.user_profile_async_replication_page(
                    back_url="clear_failed_notifications.py")
                return

        failed_notifications = load_failed_notifications(
            before=acktime, after=acknowledged_time())
        self._show_page(acktime, failed_notifications)
        if request.var('_confirm'):
            html.reload_whole_page()
Exemple #4
0
def test_flash_dont_escape_html(user_id, request_context):
    now = datetime.now()
    with login.UserSessionContext(user_id):
        on_succeeded_login(user_id, now)  # Create and activate session

        flash(HTML("<script>aaa</script>"))
        assert get_flashed_messages() == [HTML("<script>aaa</script>")]
Exemple #5
0
def test_flash_escape_html_in_str(user_id, module_wide_request_context):
    with login.UserContext(user_id):
        on_succeeded_login(user_id)  # Create and activate session

        flash("<script>aaa</script>")
        assert get_flashed_messages() == [
            HTML("&lt;script&gt;aaa&lt;/script&gt;")
        ]
Exemple #6
0
    def page(self) -> None:
        title = _("Replicate user profile")
        breadcrumb = make_simple_page_breadcrumb(
            mega_menu_registry.menu_user(), title)
        html.header(title, breadcrumb, self._page_menu(breadcrumb))

        for message in get_flashed_messages():
            html.show_message(message)

        # Now, if in distributed environment where users can login to remote sites, set the trigger for
        # pushing the new user profile to the remote sites asynchronously
        user_profile_async_replication_page(
            back_url=request.get_url_input("back", "user_profile.py"))
Exemple #7
0
def test_flash(user_id):
    environ = create_environ()
    # Execute the first request flash some message
    with AppContext(DummyApplication(environ, None)), \
            RequestContext(htmllib.html(http.Request(environ))) as request, \
            login.UserContext(user_id):
        session_id = on_succeeded_login(user_id)  # Create and activate session
        assert request.session is not None

        flash("abc")
        assert session.session_info.flashes == ["abc"]

    # Now create the second request to get the previously flashed message
    with AppContext(DummyApplication(environ, None)), \
            RequestContext(htmllib.html(http.Request(environ))), \
            login.UserContext(user_id):
        on_access(user_id, session_id)
        assert request.session is not None
        assert session.session_info.flashes == ["abc"]

        # Get the flashed messages removes the messages from the session
        # and subsequent calls to get_flashed_messages return the messages
        # over and over.
        assert get_flashed_messages() == [HTML("abc")]
        assert get_flashed_messages() == [HTML("abc")]
        assert session.session_info.flashes == []

    # Now create the third request that should not have access to the flashed messages since the
    # second one consumed them.
    with AppContext(DummyApplication(environ, None)), \
            RequestContext(htmllib.html(http.Request(environ))), \
            login.UserContext(user_id):
        on_access(user_id, session_id)
        assert request.session is not None
        assert session.session_info.flashes == []
        assert get_flashed_messages() == []
Exemple #8
0
    def page(self) -> None:
        title = self._page_title()
        breadcrumb = self._breadcrumb()
        html.header(title, breadcrumb, self._page_menu(breadcrumb))

        if transactions.check_transaction():
            try:
                self._action()
            except MKUserError as e:
                user_errors.add(e)

        for message in get_flashed_messages():
            html.show_message(message)

        html.show_user_errors()

        self._show_form()
Exemple #9
0
    def page(self) -> None:
        title = self._page_title()
        breadcrumb = make_simple_page_breadcrumb(mega_menu_registry.menu_user(), title)
        html.header(title, breadcrumb, self._page_menu(breadcrumb))

        if request.has_var("_save") and transactions.check_transaction():
            try:
                self._action()
            except MKUserError as e:
                user_errors.add(e)

        for message in get_flashed_messages():
            html.show_message(message)

        html.show_user_errors()

        self._show_form()
Exemple #10
0
    def _patch_page(self) -> None:
        breadcrumb = _release_notes_breadcrumb()

        load_werks()
        werk_table_options = _werk_table_options_from_request()

        html.header(self._title(),
                    breadcrumb,
                    _release_notes_page_menu(breadcrumb, werk_table_options),
                    page_state=_release_switch(major=False))

        for message in get_flashed_messages():
            html.show_message(message)

        handle_acknowledgement()
        render_werks_table(werk_table_options)

        html.footer()
Exemple #11
0
    def page(self) -> None:
        watolib.init_wato_datastructures(with_wato_lock=True)

        title = self._page_title()
        breadcrumb = make_simple_page_breadcrumb(mega_menu_registry.menu_user(), title)
        html.header(title, breadcrumb, self._page_menu(breadcrumb))

        if html.request.has_var('_save') and html.check_transaction():
            try:
                self._action()
            except MKUserError as e:
                html.add_user_error(e.varname, e)

        for message in get_flashed_messages():
            html.show_message(message)

        if html.has_user_errors():
            html.show_user_errors()

        self._show_form()
Exemple #12
0
    def page(self) -> None:
        acktime = request.get_float_input_mandatory("acktime", time.time())
        if request.var("_confirm"):
            _acknowledge_failed_notifications(acktime, time.time())

            if user.authorized_login_sites():
                title = _("Replicate user profile")
                breadcrumb = make_simple_page_breadcrumb(
                    mega_menu_registry.menu_monitoring(), title
                )
                make_header(html, title, breadcrumb)

                for message in get_flashed_messages():
                    html.show_message(message)
                user_profile_async_replication_page(back_url="clear_failed_notifications.py")
                return

        failed_notifications = load_failed_notifications(before=acktime, after=acknowledged_time())
        self._show_page(acktime, failed_notifications)
        if request.var("_confirm"):
            html.reload_whole_page()
Exemple #13
0
    def page(self) -> cmk.gui.pages.PageResult:
        breadcrumb = make_simple_page_breadcrumb(mega_menu_registry["help_links"], self._title())

        load_werks()
        werk_table_options = _werk_table_options_from_request()

        html.header(
            self._title(),
            breadcrumb,
            self._page_menu(breadcrumb, werk_table_options),
        )

        for message in get_flashed_messages():
            html.show_message(message)

        handle_acknowledgement()

        html.open_div(class_="wato")
        render_werks_table(werk_table_options)
        html.close_div()

        html.footer()
Exemple #14
0
    def _patch_page(self) -> None:
        breadcrumb = _release_notes_breadcrumb()

        load_werks()
        werk_table_options = _werk_table_options_from_request()

        html.header(
            self._title(),
            breadcrumb,
            _release_notes_page_menu(breadcrumb, werk_table_options),
        )

        for message in get_flashed_messages():
            html.show_message(message)

        handle_acknowledgement()

        html.open_div(class_="wato")
        render_werks_table(werk_table_options)
        html.close_div()

        html.footer()
Exemple #15
0
def _wato_page_handler(current_mode: str,
                       mode_permissions: Optional[List[PermissionName]],
                       mode_class: Type[WatoMode]) -> None:
    try:
        init_wato_datastructures(with_wato_lock=not html.is_transaction())
    except Exception:
        # Snapshot must work in any case
        if current_mode == 'snapshot':
            pass
        else:
            raise

    # Check general permission for this mode
    if mode_permissions is not None and not config.user.may("wato.seeall"):
        _ensure_mode_permissions(mode_permissions)

    mode = mode_class()

    # Do actions (might switch mode)
    if html.is_transaction():
        try:
            config.user.need_permission("wato.edit")

            # Even if the user has seen this mode because auf "seeall",
            # he needs an explicit access permission for doing changes:
            if config.user.may("wato.seeall"):
                if mode_permissions:
                    _ensure_mode_permissions(mode_permissions)

            if cmk.gui.watolib.read_only.is_enabled(
            ) and not cmk.gui.watolib.read_only.may_override():
                raise MKUserError(None, cmk.gui.watolib.read_only.message())

            result = mode.action()
            if isinstance(result, (tuple, str, bool)):
                raise MKGeneralException(
                    f"WatoMode \"{current_mode}\" returns unsupported return value: {result!r}"
                )

            # We assume something has been modified and increase the config generation ID by one.
            update_config_generation()

            if config.wato_use_git:
                do_git_commit()

            # Handle two cases:
            # a) Don't render the page content after action
            #    (a confirm dialog is displayed by the action, or a non-HTML content was sent)
            # b) Redirect to another page
            if isinstance(result, FinalizeRequest):
                raise result

        except MKUserError as e:
            html.add_user_error(e.varname, str(e))

        except MKAuthException as e:
            reason = e.args[0]
            html.add_user_error(None, reason)

    breadcrumb = make_main_menu_breadcrumb(
        mode.main_menu()) + mode.breadcrumb()
    page_menu = mode.page_menu(breadcrumb)
    wato_html_head(title=mode.title(),
                   breadcrumb=breadcrumb,
                   page_menu=page_menu,
                   show_body_start=display_options.enabled(display_options.H),
                   show_top_heading=display_options.enabled(display_options.T))

    if not html.is_transaction() or (cmk.gui.watolib.read_only.is_enabled() and
                                     cmk.gui.watolib.read_only.may_override()):
        _show_read_only_warning()

    # Show outcome of failed action on this page
    if html.has_user_errors():
        html.show_user_errors()

    # Show outcome of previous page (that redirected to this one)
    for message in get_flashed_messages():
        html.show_message(message)

    # Show content
    mode.handle_page()

    if is_sidebar_reload_needed():
        html.reload_whole_page()

    wato_html_footer(show_body_end=display_options.enabled(display_options.H))
Exemple #16
0
def test_flash_dont_escape_html(user_id, module_wide_request_context):
    with login.UserSessionContext(user_id):
        on_succeeded_login(user_id)  # Create and activate session

        flash(HTML("<script>aaa</script>"))
        assert get_flashed_messages() == [HTML("<script>aaa</script>")]