def get_conceptscheme_concepts(self):
scheme_id = self.request.matchdict['scheme_id']
provider = self.skos_registry.get_provider(scheme_id)
if not provider:
return HTTPNotFound()
query = {}
mode = self.request.params.get('mode', 'default')
sort = self.request.params.get('sort', None)
label = self.request.params.get('label', None)
postprocess = False
if mode == 'dijitFilteringSelect' and label == '':
concepts = []
else:
if label not in [None, '*', '']:
if mode == 'dijitFilteringSelect' and '*' in label:
postprocess = True
query['label'] = label.replace('*', '')
else:
query['label'] = label
type = self.request.params.get('type', None)
if type in ['concept', 'collection']:
query['type'] = type
coll = self.request.params.get('collection', None)
if coll is not None:
query['collection'] = {'id': coll, 'depth': 'all'}
concepts = provider.find(query)
# We need to refine results further
if postprocess:
if label.startswith('*') and label.endswith('*'):
concepts = [c for c in concepts if label[1:-1] in c['label']]
elif label.endswith('*'):
concepts = [c for c in concepts if c['label'].startswith(label[0:-1])]
elif label.startswith('*'):
concepts = [c for c in concepts if c['label'].endswith(label[1:])]
#Result sorting
if sort:
sort_desc = (sort[0:1] == '-')
sort = sort[1:] if sort[0:1] in ['-', '+'] else sort
sort = sort.strip() # dojo store does not encode '+'
if (len(concepts) > 0) and (sort in concepts[0]):
concepts.sort(key=lambda concept: concept[sort], reverse=sort_desc)
# Result paging
paging_data = False
if 'Range' in self.request.headers:
paging_data = parse_range_header(self.request.headers['Range'])
count = len(concepts)
if not paging_data:
paging_data = {
'start': 0,
'finish': count - 1 if count > 0 else 0,
'number': count
}
cslice = concepts[paging_data['start']:paging_data['finish']+1]
self.request.response.headers[ascii_native_('Content-Range')] = \
ascii_native_('items %d-%d/%d' % (
paging_data['start'], paging_data['finish'], count
))
return cslice
def test_get_uri_deprecated_way(self):
res1 = self.testapp.get(
'/uris?uri=http://python.com/trees', {},
{ascii_native_('Accept'): ascii_native_('application/json')})
res2 = self.testapp.get(
'/uris/http://python.com/trees', {},
{ascii_native_('Accept'): ascii_native_('application/json')})
self.assertEqual(res1.body, res2.body)
def test_get_uri_no_uri(self):
res = self.testapp.get(
'/uris',
{},
{ascii_native_('Accept'): ascii_native_('application/json')},
status=400
)
self.assertEqual('400 Bad Request', res.status)
def test_get_conceptschemes_json(self):
res = self.testapp.get(
'/conceptschemes', {},
{ascii_native_('Accept'): ascii_native_('application/json')})
self.assertEqual('200 OK', res.status)
self.assertIn('application/json', res.headers['Content-Type'])
data = json.loads(res.body.decode('utf-8'))
self.assertIsInstance(data, list)
self.assertEqual(len(data), 1)
def test_get_context_jsonld(self):
res = self.testapp.get(
'/jsonld/context/skos', {},
{ascii_native_('Accept'): ascii_native_('application/ld+json')})
assert res.status == '200 OK'
assert 'application/ld+json' in res.headers['Content-Type']
data = json.loads(res.body.decode('utf-8'))
assert isinstance(data, dict)
assert 'skos' in data
assert 'dct' in data
def test_get_conceptschemes_json(self):
res = self.testapp.get(
'/conceptschemes',
{},
{ascii_native_('Accept'): ascii_native_('application/json')})
self.assertEqual('200 OK', res.status)
self.assertIn('application/json', res.headers['Content-Type'])
data = json.loads(res.body.decode('utf-8'))
self.assertIsInstance(data, list)
self.assertEqual(len(data), 1)
def test_get_conceptschemes_trees_cs_json(self):
res = self.testapp.get(
'/conceptschemes/TREES/c', {},
{ascii_native_('Accept'): ascii_native_('application/json')})
self.assertEqual('200 OK', res.status)
self.assertIn('application/json', res.headers['Content-Type'])
self.assertIsInstance(res.headers['Content-Range'], string_types)
self.assertEqual('items 0-2/3', res.headers['Content-Range'])
data = json.loads(res.body.decode('utf-8'))
self.assertIsInstance(data, list)
self.assertEqual(len(data), 3)
def test_get_uri_cs_json(self):
res = self.testapp.get(
'/uris?uri=http://python.com/trees', {},
{ascii_native_('Accept'): ascii_native_('application/json')})
self.assertEqual('200 OK', res.status)
self.assertIn('application/json', res.headers['Content-Type'])
data = json.loads(res.body.decode('utf-8'))
self.assertIsInstance(data, dict)
self.assertIn('uri', data)
self.assertIn('id', data)
self.assertIn('type', data)
def test_get_conceptscheme_concepts_search_dfs_all(self):
res = self.testapp.get(
'/conceptschemes/TREES/c', {
'mode': 'dijitFilteringSelect',
'label': '*'
}, {ascii_native_('Accept'): ascii_native_('application/json')})
self.assertEqual('200 OK', res.status)
self.assertIn('application/json', res.headers['Content-Type'])
data = json.loads(res.body.decode('utf-8'))
self.assertIsInstance(data, list)
self.assertEqual(3, len(data))
def test_get_conceptscheme_concepts_search_dfs_all(self):
res = self.testapp.get(
'/conceptschemes/TREES/c',
{'mode': 'dijitFilteringSelect', 'label': '*'},
{ascii_native_('Accept'): ascii_native_('application/json')}
)
self.assertEqual('200 OK', res.status)
self.assertIn('application/json', res.headers['Content-Type'])
data = json.loads(res.body.decode('utf-8'))
self.assertIsInstance(data, list)
self.assertEqual(3, len(data))
def test_get_uri_deprecated_way(self):
res1 = self.testapp.get(
'/uris?uri=http://python.com/trees',
{},
{ascii_native_('Accept'): ascii_native_('application/json')}
)
res2 = self.testapp.get(
'/uris/http://python.com/trees',
{},
{ascii_native_('Accept'): ascii_native_('application/json')}
)
self.assertEqual(res1.body, res2.body)
def test_get_conceptschemes_trees_cs_json(self):
res = self.testapp.get(
'/conceptschemes/TREES/c',
{},
{ascii_native_('Accept'): ascii_native_('application/json')}
)
self.assertEqual('200 OK', res.status)
self.assertIn('application/json', res.headers['Content-Type'])
self.assertIsInstance(res.headers['Content-Range'], string_types)
self.assertEqual('items 0-2/3', res.headers['Content-Range'])
data = json.loads(res.body.decode('utf-8'))
self.assertIsInstance(data, list)
self.assertEqual(len(data), 3)
def test_get_uri_cs_json(self):
res = self.testapp.get(
'/uris?uri=http://python.com/trees',
{},
{ascii_native_('Accept'): ascii_native_('application/json')}
)
self.assertEqual('200 OK', res.status)
self.assertIn('application/json', res.headers['Content-Type'])
data = json.loads(res.body.decode('utf-8'))
self.assertIsInstance(data, dict)
self.assertIn('uri', data)
self.assertIn('id', data)
self.assertIn('type', data)
def test_get_conceptschemes_trees_species_jsonld(self):
res = self.testapp.get(
'/conceptschemes/TREES/c/3', {},
{ascii_native_('Accept'): ascii_native_('application/ld+json')})
assert res.status == '200 OK'
assert 'application/ld+json' in res.headers['Content-Type']
data = json.loads(res.body.decode('utf-8'))
assert isinstance(data, dict)
assert 'id' in data
assert 'label' in data
assert 'uri' in data
assert 'type' in data
assert '@context' in data
assert '/jsonld/context/skos' in data['@context']
def test_get_top_concepts(self):
res = self.testapp.get(
'/conceptschemes/TREES/topconcepts',
{ascii_native_('Accept'): ascii_native_('application/json')})
self.assertEqual('200 OK', res.status)
self.assertIn('application/json', res.headers['Content-Type'])
data = json.loads(res.body.decode('utf-8'))
self.assertIsInstance(data, list)
self.assertEqual(2, len(data))
for c in data:
self.assertIn('id', c)
self.assertIn('uri', c)
self.assertIn('label', c)
self.assertEqual('concept', c['type'])
def test_get_top_concepts(self):
res = self.testapp.get(
'/conceptschemes/TREES/topconcepts',
{ascii_native_('Accept'): ascii_native_('application/json')}
)
self.assertEqual('200 OK', res.status)
self.assertIn('application/json', res.headers['Content-Type'])
data = json.loads(res.body.decode('utf-8'))
self.assertIsInstance(data, list)
self.assertEqual(2, len(data))
for c in data:
self.assertIn('id', c)
self.assertIn('uri', c)
self.assertIn('label', c)
self.assertEqual('concept', c['type'])
def test_json_basic_auth(anonhtmltestapp):
from base64 import b64encode
from pyramid.compat import ascii_native_
url = '/'
value = "Authorization: Basic %s" % ascii_native_(b64encode(b'nobody:pass'))
res = anonhtmltestapp.get(url, headers={'Authorization': value}, status=401)
assert res.content_type == 'application/json'
def test_json_basic_auth(anonhtmltestapp):
from base64 import b64encode
from pyramid.compat import ascii_native_
url = '/'
value = "Authorization: Basic %s" % ascii_native_(b64encode(b'nobody:pass'))
res = anonhtmltestapp.get(url, headers={'Authorization': value}, status=401)
assert res.content_type == 'application/json'
def test_get_conceptschemes_trees_species_json(self):
res = self.testapp.get(
'/conceptschemes/TREES/c/3', {},
{ascii_native_('Accept'): ascii_native_('application/json')})
self.assertEqual('200 OK', res.status)
self.assertIn('application/json', res.headers['Content-Type'])
data = json.loads(res.body.decode('utf-8'))
self.assertIsInstance(data, dict)
self.assertIn('id', data)
self.assertIn('label', data)
self.assertIn('labels', data)
self.assertEqual('collection', data['type'])
self.assertNotIn('narrower', data)
self.assertNotIn('broader', data)
self.assertNotIn('related', data)
self.assertIn('members', data)
self.assertIn('member_of', data)
def test_collection_post_bad_(anontestapp):
from base64 import b64encode
from pyramid.compat import ascii_native_
value = "Authorization: Basic %s" % ascii_native_(
b64encode(b'nobody:pass'))
anontestapp.post_json('/organism', {},
headers={'Authorization': value},
status=401)
def test_get_conceptscheme_json(self):
res = self.testapp.get(
'/conceptschemes/TREES', {},
{ascii_native_('Accept'): ascii_native_('application/json')})
self.assertEqual('200 OK', res.status)
self.assertIn('application/json', res.headers['Content-Type'])
data = json.loads(res.body.decode('utf-8'))
self.assertIsInstance(data, dict)
self.assertIn('id', data)
self.assertIn('uri', data)
self.assertIn('subject', data)
self.assertIn('label', data)
self.assertIn('labels', data)
self.assertIn('sources', data)
self.assertEqual(len(data['labels']), 2)
for l in data['labels']:
self.assertIsInstance(l, dict)
self.assertIn('notes', data)
def test_get_conceptscheme_json(self):
res = self.testapp.get(
'/conceptschemes/TREES',
{},
{ascii_native_('Accept'): ascii_native_('application/json')})
self.assertEqual('200 OK', res.status)
self.assertIn('application/json', res.headers['Content-Type'])
data = json.loads(res.body.decode('utf-8'))
self.assertIsInstance(data, dict)
self.assertIn('id', data)
self.assertIn('uri', data)
self.assertIn('subject', data)
self.assertIn('label', data)
self.assertIn('labels', data)
self.assertEqual(len(data['labels']), 2)
for l in data['labels']:
self.assertIsInstance(l, dict)
self.assertIn('notes', data)
def _page_results(self, concepts):
# Result paging
paging_data = False
if 'Range' in self.request.headers:
paging_data = parse_range_header(self.request.headers['Range'])
count = len(concepts)
if not paging_data:
paging_data = {
'start': 0,
'finish': count - 1 if count > 0 else 0,
'number': count
}
cslice = concepts[paging_data['start']:paging_data['finish'] + 1]
self.request.response.headers[ascii_native_('Content-Range')] = \
ascii_native_('items %d-%d/%d' % (
paging_data['start'], paging_data['finish'], count
))
return cslice
def _page_results(self, concepts):
# Result paging
paging_data = False
if 'Range' in self.request.headers:
paging_data = parse_range_header(self.request.headers['Range'])
count = len(concepts)
if not paging_data:
paging_data = {
'start': 0,
'finish': count - 1 if count > 0 else 0,
'number': count
}
cslice = concepts[paging_data['start']:paging_data['finish']+1]
self.request.response.headers[ascii_native_('Content-Range')] = \
ascii_native_('items %d-%d/%d' % (
paging_data['start'], paging_data['finish'], count
))
return cslice
def find_resource(resource, path):
""" Given a resource object and a string or tuple representing a path
(such as the return value of :func:`pyramid.traversal.resource_path` or
:func:`pyramid.traversal.resource_path_tuple`), return a resource in this
application's resource tree at the specified path. The resource passed
in *must* be :term:`location`-aware. If the path cannot be resolved (if
the respective node in the resource tree does not exist), a
:exc:`KeyError` will be raised.
This function is the logical inverse of
:func:`pyramid.traversal.resource_path` and
:func:`pyramid.traversal.resource_path_tuple`; it can resolve any
path string or tuple generated by either of those functions.
Rules for passing a *string* as the ``path`` argument: if the
first character in the path string is the ``/``
character, the path is considered absolute and the resource tree
traversal will start at the root resource. If the first character
of the path string is *not* the ``/`` character, the path is
considered relative and resource tree traversal will begin at the resource
object supplied to the function as the ``resource`` argument. If an
empty string is passed as ``path``, the ``resource`` passed in will
be returned. Resource path strings must be escaped in the following
manner: each Unicode path segment must be encoded as UTF-8 and as
each path segment must escaped via Python's :mod:`urllib.quote`.
For example, ``/path/to%20the/La%20Pe%C3%B1a`` (absolute) or
``to%20the/La%20Pe%C3%B1a`` (relative). The
:func:`pyramid.traversal.resource_path` function generates strings
which follow these rules (albeit only absolute ones).
Rules for passing *text* (Unicode) as the ``path`` argument are the same
as those for a string. In particular, the text may not have any nonascii
characters in it.
Rules for passing a *tuple* as the ``path`` argument: if the first
element in the path tuple is the empty string (for example ``('',
'a', 'b', 'c')``, the path is considered absolute and the resource tree
traversal will start at the resource tree root object. If the first
element in the path tuple is not the empty string (for example
``('a', 'b', 'c')``), the path is considered relative and resource tree
traversal will begin at the resource object supplied to the function
as the ``resource`` argument. If an empty sequence is passed as
``path``, the ``resource`` passed in itself will be returned. No
URL-quoting or UTF-8-encoding of individual path segments within
the tuple is required (each segment may be any string or unicode
object representing a resource name). Resource path tuples generated by
:func:`pyramid.traversal.resource_path_tuple` can always be
resolved by ``find_resource``.
"""
if isinstance(path, text_type):
path = ascii_native_(path)
D = traverse(resource, path)
view_name = D['view_name']
context = D['context']
if view_name:
raise KeyError('%r has no subelement %s' % (context, view_name))
return context
def test_get_conceptschemes_trees_larch_json(self):
res = self.testapp.get(
'/conceptschemes/TREES/c/1',
{},
{ascii_native_('Accept'): ascii_native_('application/json')}
)
self.assertEqual('200 OK', res.status)
self.assertIn('application/json', res.headers['Content-Type'])
data = json.loads(res.body.decode('utf-8'))
self.assertIsInstance(data, dict)
self.assertIn('id', data)
self.assertIn('label', data)
self.assertIn('labels', data)
self.assertIn('notes', data)
self.assertEqual('concept', data['type'])
self.assertIn('narrower', data)
self.assertIn('broader', data)
self.assertIn('related', data)
def test_json_basic_auth(anonhtmltestapp):
url = '/'
value = "Authorization: Basic %s" % ascii_native_(
b64encode(b'nobody:pass'))
res = anonhtmltestapp.get(url,
headers={
'Authorization': value,
'Accept': "application/json"
},
status=401)
assert res.content_type == 'application/json'
def _get_tag_label(self, column_index):
"""
Convenience method returning a tag label. All tag labels are strings.
Returns *None* if the tag label is an empty string.
Overwrite this method to address special formats (e.g. keyword
conversion, case-sensitivity, whitespaces, etc.).
:returns: Tag label.
:rtype: :class:`str`
"""
tag_label = self._get_cell_value(self._current_row, column_index)
if tag_label is None:
result = None
else:
result = ascii_native_(tag_label)
return result
def _get_tag_label(self, column_index):
"""
Convenience method returning a tag label. All tag labels are strings.
Returns *None* if the tag label is an empty string.
Overwrite this method to address special formats (e.g. keyword
conversion, case-sensitivity, whitespaces, etc.).
:returns: Tag label.
:rtype: :class:`str`
"""
tag_label = self._get_cell_value(self._current_row, column_index)
if tag_label is None:
result = None
else:
result = ascii_native_(tag_label)
return result
def get_cell_value(self, sheet, row_index, column_index):
"""
Returns the value of the specified in the given sheet.
Converts the passed cell value either into
a ascii string (if basestring) or a number (if non_string).
"""
cell_value = sheet.cell_value(row_index, column_index)
cell_name = '%s%i' % (label_from_number(column_index + 1),
row_index + 1)
sheet_name = self.get_sheet_name(sheet)
conv_value = None
if isinstance(cell_value, string_types):
try:
conv_value = ascii_native_(cell_value)
except UnicodeEncodeError:
msg = 'Unknown character in cell %s (sheet "%s"). Remove ' \
'or replace the character, please.' \
% (cell_name, sheet_name)
self.add_error(msg)
else:
if conv_value == '':
conv_value = None
else:
# Try to convert to an int or float.
try:
conv_value = int(conv_value)
except ValueError:
try:
conv_value = float(conv_value)
except ValueError:
pass
elif isinstance(cell_value, (float, int)):
if is_valid_number(value=cell_value, is_integer=True):
conv_value = int(cell_value)
else:
conv_value = cell_value
else:
msg = 'There is some unknown content in cell %s (sheet %s).' \
% (cell_name, sheet_name)
self.add_error(msg)
return conv_value
def get_cell_value(self, sheet, row_index, column_index):
"""
Returns the value of the specified in the given sheet.
Converts the passed cell value either into
a ascii string (if basestring) or a number (if non_string).
"""
cell_value = sheet.cell_value(row_index, column_index)
cell_name = '%s%i' % (label_from_number(column_index + 1),
row_index + 1)
sheet_name = self.get_sheet_name(sheet)
conv_value = None
if isinstance(cell_value, string_types):
try:
conv_value = ascii_native_(cell_value)
except UnicodeEncodeError:
msg = 'Unknown character in cell %s (sheet "%s"). Remove ' \
'or replace the character, please.' \
% (cell_name, sheet_name)
self.add_error(msg)
else:
if conv_value == '':
conv_value = None
else:
# Try to convert to an int or float.
try:
conv_value = int(conv_value)
except ValueError:
try:
conv_value = float(conv_value)
except ValueError:
pass
elif isinstance(cell_value, (float, int)):
if is_valid_number(value=cell_value, is_integer=True):
conv_value = int(cell_value)
else:
conv_value = cell_value
else:
msg = 'There is some unknown content in cell %s (sheet %s).' \
% (cell_name, sheet_name)
self.add_error(msg)
return conv_value
def test_collection_post_bad_(anontestapp):
from base64 import b64encode
from pyramid.compat import ascii_native_
value = "Authorization: Basic %s" % ascii_native_(b64encode(b'nobody:pass'))
anontestapp.post_json('/organism', {}, headers={'Authorization': value}, status=401)
def remember(self, request, userid, max_age=None, tokens=()):
""" Return a set of Set-Cookie headers; when set into a response,
these headers will represent a valid authentication ticket.
``max_age``
The max age of the auth_tkt cookie, in seconds. When this value is
set, the cookie's ``Max-Age`` and ``Expires`` settings will be set,
allowing the auth_tkt cookie to last between browser sessions. If
this value is ``None``, the ``max_age`` value provided to the
helper itself will be used as the ``max_age`` value. Default:
``None``.
``tokens``
A sequence of strings that will be placed into the auth_tkt tokens
field. Each string in the sequence must be of the Python ``str``
type and must match the regex ``^[A-Za-z][A-Za-z0-9+_-]*$``.
Tokens are available in the returned identity when an auth_tkt is
found in the request and unpacked. Default: ``()``.
"""
max_age = self.max_age if max_age is None else int(max_age)
environ = request.environ
if self.include_ip:
remote_addr = environ["REMOTE_ADDR"]
else:
remote_addr = "0.0.0.0"
user_data = ""
encoding_data = self.userid_type_encoders.get(type(userid))
if encoding_data:
encoding, encoder = encoding_data
else:
warnings.warn(
"userid is of type {}, and is not supported by the "
"AuthTktAuthenticationPolicy. Explicitly converting to string "
"and storing as base64. Subsequent requests will receive a "
"string as the userid, it will not be decoded back to the type "
"provided.".format(type(userid)),
RuntimeWarning,
)
encoding, encoder = self.userid_type_encoders.get(text_type)
userid = str(userid)
userid = encoder(userid)
user_data = "userid_type:%s" % encoding
new_tokens = []
for token in tokens:
if isinstance(token, text_type):
try:
token = ascii_native_(token)
except UnicodeEncodeError:
raise ValueError("Invalid token %r" % (token,))
if not (isinstance(token, str) and VALID_TOKEN.match(token)):
raise ValueError("Invalid token %r" % (token,))
new_tokens.append(token)
tokens = tuple(new_tokens)
if hasattr(request, "_authtkt_reissued"):
request._authtkt_reissue_revoked = True
ticket = self.AuthTicket(
self.secret,
userid,
remote_addr,
tokens=tokens,
user_data=user_data,
cookie_name=self.cookie_name,
secure=self.secure,
hashalg=self.hashalg,
)
cookie_value = ticket.cookie_value()
return self._get_cookies(request, cookie_value, max_age)
def basic_auth(username, password):
from base64 import b64encode
from pyramid.compat import ascii_native_
return 'Basic ' + ascii_native_(b64encode(('%s:%s' % (username, password)).encode('utf-8')))
def traverse(resource, path):
"""Given a resource object as ``resource`` and a string or tuple
representing a path as ``path`` (such as the return value of
:func:`pyramid.traversal.resource_path` or
:func:`pyramid.traversal.resource_path_tuple` or the value of
``request.environ['PATH_INFO']``), return a dictionary with the
keys ``context``, ``root``, ``view_name``, ``subpath``,
``traversed``, ``virtual_root``, and ``virtual_root_path``.
A definition of each value in the returned dictionary:
- ``context``: The :term:`context` (a :term:`resource` object) found
via traversal or url dispatch. If the ``path`` passed in is the
empty string, the value of the ``resource`` argument passed to this
function is returned.
- ``root``: The resource object at which :term:`traversal` begins.
If the ``resource`` passed in was found via url dispatch or if the
``path`` passed in was relative (non-absolute), the value of the
``resource`` argument passed to this function is returned.
- ``view_name``: The :term:`view name` found during
:term:`traversal` or :term:`url dispatch`; if the ``resource`` was
found via traversal, this is usually a representation of the
path segment which directly follows the path to the ``context``
in the ``path``. The ``view_name`` will be a Unicode object or
the empty string. The ``view_name`` will be the empty string if
there is no element which follows the ``context`` path. An
example: if the path passed is ``/foo/bar``, and a resource
object is found at ``/foo`` (but not at ``/foo/bar``), the 'view
name' will be ``u'bar'``. If the ``resource`` was found via
urldispatch, the view_name will be the name the route found was
registered with.
- ``subpath``: For a ``resource`` found via :term:`traversal`, this
is a sequence of path segments found in the ``path`` that follow
the ``view_name`` (if any). Each of these items is a Unicode
object. If no path segments follow the ``view_name``, the
subpath will be the empty sequence. An example: if the path
passed is ``/foo/bar/baz/buz``, and a resource object is found at
``/foo`` (but not ``/foo/bar``), the 'view name' will be
``u'bar'`` and the :term:`subpath` will be ``[u'baz', u'buz']``.
For a ``resource`` found via url dispatch, the subpath will be a
sequence of values discerned from ``*subpath`` in the route
pattern matched or the empty sequence.
- ``traversed``: The sequence of path elements traversed from the
root to find the ``context`` object during :term:`traversal`.
Each of these items is a Unicode object. If no path segments
were traversed to find the ``context`` object (e.g. if the
``path`` provided is the empty string), the ``traversed`` value
will be the empty sequence. If the ``resource`` is a resource found
via :term:`url dispatch`, traversed will be None.
- ``virtual_root``: A resource object representing the 'virtual' root
of the resource tree being traversed during :term:`traversal`.
See :ref:`vhosting_chapter` for a definition of the virtual root
object. If no virtual hosting is in effect, and the ``path``
passed in was absolute, the ``virtual_root`` will be the
*physical* root resource object (the object at which :term:`traversal`
begins). If the ``resource`` passed in was found via :term:`URL
dispatch` or if the ``path`` passed in was relative, the
``virtual_root`` will always equal the ``root`` object (the
resource passed in).
- ``virtual_root_path`` -- If :term:`traversal` was used to find
the ``resource``, this will be the sequence of path elements
traversed to find the ``virtual_root`` resource. Each of these
items is a Unicode object. If no path segments were traversed
to find the ``virtual_root`` resource (e.g. if virtual hosting is
not in effect), the ``traversed`` value will be the empty list.
If url dispatch was used to find the ``resource``, this will be
``None``.
If the path cannot be resolved, a :exc:`KeyError` will be raised.
Rules for passing a *string* as the ``path`` argument: if the
first character in the path string is the with the ``/``
character, the path will considered absolute and the resource tree
traversal will start at the root resource. If the first character
of the path string is *not* the ``/`` character, the path is
considered relative and resource tree traversal will begin at the resource
object supplied to the function as the ``resource`` argument. If an
empty string is passed as ``path``, the ``resource`` passed in will
be returned. Resource path strings must be escaped in the following
manner: each Unicode path segment must be encoded as UTF-8 and
each path segment must escaped via Python's :mod:`urllib.quote`.
For example, ``/path/to%20the/La%20Pe%C3%B1a`` (absolute) or
``to%20the/La%20Pe%C3%B1a`` (relative). The
:func:`pyramid.traversal.resource_path` function generates strings
which follow these rules (albeit only absolute ones).
Rules for passing a *tuple* as the ``path`` argument: if the first
element in the path tuple is the empty string (for example ``('',
'a', 'b', 'c')``, the path is considered absolute and the resource tree
traversal will start at the resource tree root object. If the first
element in the path tuple is not the empty string (for example
``('a', 'b', 'c')``), the path is considered relative and resource tree
traversal will begin at the resource object supplied to the function
as the ``resource`` argument. If an empty sequence is passed as
``path``, the ``resource`` passed in itself will be returned. No
URL-quoting or UTF-8-encoding of individual path segments within
the tuple is required (each segment may be any string or unicode
object representing a resource name).
Explanation of the conversion of ``path`` segment values to
Unicode during traversal: Each segment is URL-unquoted, and
decoded into Unicode. Each segment is assumed to be encoded using
the UTF-8 encoding (or a subset, such as ASCII); a
:exc:`pyramid.exceptions.URLDecodeError` is raised if a segment
cannot be decoded. If a segment name is empty or if it is ``.``,
it is ignored. If a segment name is ``..``, the previous segment
is deleted, and the ``..`` is ignored. As a result of this
process, the return values ``view_name``, each element in the
``subpath``, each element in ``traversed``, and each element in
the ``virtual_root_path`` will be Unicode as opposed to a string,
and will be URL-decoded.
"""
if is_nonstr_iter(path):
# the traverser factory expects PATH_INFO to be a string, not
# unicode and it expects path segments to be utf-8 and
# urlencoded (it's the same traverser which accepts PATH_INFO
# from user agents; user agents always send strings).
if path:
path = _join_path_tuple(tuple(path))
else:
path = ""
# The user is supposed to pass us a string object, never Unicode. In
# practice, however, users indeed pass Unicode to this API. If they do
# pass a Unicode object, its data *must* be entirely encodeable to ASCII,
# so we encode it here as a convenience to the user and to prevent
# second-order failures from cropping up (all failures will occur at this
# step rather than later down the line as the result of calling
# ``traversal_path``).
path = ascii_native_(path)
if path and path[0] == "/":
resource = find_root(resource)
reg = get_current_registry()
request_factory = reg.queryUtility(IRequestFactory)
if request_factory is None:
from pyramid.request import Request # avoid circdep
request_factory = Request
request = request_factory.blank(path)
request.registry = reg
traverser = reg.queryAdapter(resource, ITraverser)
if traverser is None:
traverser = ResourceTreeTraverser(resource)
return traverser(request)
def remember(self, request, userid, max_age=None, tokens=()):
""" Return a set of Set-Cookie headers; when set into a response,
these headers will represent a valid authentication ticket.
``max_age``
The max age of the auth_tkt cookie, in seconds. When this value is
set, the cookie's ``Max-Age`` and ``Expires`` settings will be set,
allowing the auth_tkt cookie to last between browser sessions. If
this value is ``None``, the ``max_age`` value provided to the
helper itself will be used as the ``max_age`` value. Default:
``None``.
``tokens``
A sequence of strings that will be placed into the auth_tkt tokens
field. Each string in the sequence must be of the Python ``str``
type and must match the regex ``^[A-Za-z][A-Za-z0-9+_-]*$``.
Tokens are available in the returned identity when an auth_tkt is
found in the request and unpacked. Default: ``()``.
"""
if max_age is None:
max_age = self.max_age
environ = request.environ
if self.include_ip:
remote_addr = environ['REMOTE_ADDR']
else:
remote_addr = '0.0.0.0'
user_data = ''
encoding_data = self.userid_type_encoders.get(type(userid))
if encoding_data:
encoding, encoder = encoding_data
userid = encoder(userid)
user_data = 'userid_type:%s' % encoding
new_tokens = []
for token in tokens:
if isinstance(token, text_type):
try:
token = ascii_native_(token)
except UnicodeEncodeError:
raise ValueError("Invalid token %r" % (token,))
if not (isinstance(token, str) and VALID_TOKEN.match(token)):
raise ValueError("Invalid token %r" % (token,))
new_tokens.append(token)
tokens = tuple(new_tokens)
if hasattr(request, '_authtkt_reissued'):
request._authtkt_reissue_revoked = True
ticket = self.AuthTicket(
self.secret,
userid,
remote_addr,
tokens=tokens,
user_data=user_data,
cookie_name=self.cookie_name,
secure=self.secure)
cookie_value = ticket.cookie_value()
return self._get_cookies(environ, cookie_value, max_age)
def traverse(resource, path):
"""Given a resource object as ``resource`` and a string or tuple
representing a path as ``path`` (such as the return value of
:func:`pyramid.traversal.resource_path` or
:func:`pyramid.traversal.resource_path_tuple` or the value of
``request.environ['PATH_INFO']``), return a dictionary with the
keys ``context``, ``root``, ``view_name``, ``subpath``,
``traversed``, ``virtual_root``, and ``virtual_root_path``.
A definition of each value in the returned dictionary:
- ``context``: The :term:`context` (a :term:`resource` object) found
via traversal or url dispatch. If the ``path`` passed in is the
empty string, the value of the ``resource`` argument passed to this
function is returned.
- ``root``: The resource object at which :term:`traversal` begins.
If the ``resource`` passed in was found via url dispatch or if the
``path`` passed in was relative (non-absolute), the value of the
``resource`` argument passed to this function is returned.
- ``view_name``: The :term:`view name` found during
:term:`traversal` or :term:`url dispatch`; if the ``resource`` was
found via traversal, this is usually a representation of the
path segment which directly follows the path to the ``context``
in the ``path``. The ``view_name`` will be a Unicode object or
the empty string. The ``view_name`` will be the empty string if
there is no element which follows the ``context`` path. An
example: if the path passed is ``/foo/bar``, and a resource
object is found at ``/foo`` (but not at ``/foo/bar``), the 'view
name' will be ``u'bar'``. If the ``resource`` was found via
urldispatch, the view_name will be the name the route found was
registered with.
- ``subpath``: For a ``resource`` found via :term:`traversal`, this
is a sequence of path segments found in the ``path`` that follow
the ``view_name`` (if any). Each of these items is a Unicode
object. If no path segments follow the ``view_name``, the
subpath will be the empty sequence. An example: if the path
passed is ``/foo/bar/baz/buz``, and a resource object is found at
``/foo`` (but not ``/foo/bar``), the 'view name' will be
``u'bar'`` and the :term:`subpath` will be ``[u'baz', u'buz']``.
For a ``resource`` found via url dispatch, the subpath will be a
sequence of values discerned from ``*subpath`` in the route
pattern matched or the empty sequence.
- ``traversed``: The sequence of path elements traversed from the
root to find the ``context`` object during :term:`traversal`.
Each of these items is a Unicode object. If no path segments
were traversed to find the ``context`` object (e.g. if the
``path`` provided is the empty string), the ``traversed`` value
will be the empty sequence. If the ``resource`` is a resource found
via :term:`url dispatch`, traversed will be None.
- ``virtual_root``: A resource object representing the 'virtual' root
of the resource tree being traversed during :term:`traversal`.
See :ref:`vhosting_chapter` for a definition of the virtual root
object. If no virtual hosting is in effect, and the ``path``
passed in was absolute, the ``virtual_root`` will be the
*physical* root resource object (the object at which :term:`traversal`
begins). If the ``resource`` passed in was found via :term:`URL
dispatch` or if the ``path`` passed in was relative, the
``virtual_root`` will always equal the ``root`` object (the
resource passed in).
- ``virtual_root_path`` -- If :term:`traversal` was used to find
the ``resource``, this will be the sequence of path elements
traversed to find the ``virtual_root`` resource. Each of these
items is a Unicode object. If no path segments were traversed
to find the ``virtual_root`` resource (e.g. if virtual hosting is
not in effect), the ``traversed`` value will be the empty list.
If url dispatch was used to find the ``resource``, this will be
``None``.
If the path cannot be resolved, a :exc:`KeyError` will be raised.
Rules for passing a *string* as the ``path`` argument: if the
first character in the path string is the with the ``/``
character, the path will considered absolute and the resource tree
traversal will start at the root resource. If the first character
of the path string is *not* the ``/`` character, the path is
considered relative and resource tree traversal will begin at the resource
object supplied to the function as the ``resource`` argument. If an
empty string is passed as ``path``, the ``resource`` passed in will
be returned. Resource path strings must be escaped in the following
manner: each Unicode path segment must be encoded as UTF-8 and
each path segment must escaped via Python's :mod:`urllib.quote`.
For example, ``/path/to%20the/La%20Pe%C3%B1a`` (absolute) or
``to%20the/La%20Pe%C3%B1a`` (relative). The
:func:`pyramid.traversal.resource_path` function generates strings
which follow these rules (albeit only absolute ones).
Rules for passing a *tuple* as the ``path`` argument: if the first
element in the path tuple is the empty string (for example ``('',
'a', 'b', 'c')``, the path is considered absolute and the resource tree
traversal will start at the resource tree root object. If the first
element in the path tuple is not the empty string (for example
``('a', 'b', 'c')``), the path is considered relative and resource tree
traversal will begin at the resource object supplied to the function
as the ``resource`` argument. If an empty sequence is passed as
``path``, the ``resource`` passed in itself will be returned. No
URL-quoting or UTF-8-encoding of individual path segments within
the tuple is required (each segment may be any string or unicode
object representing a resource name).
Explanation of the conversion of ``path`` segment values to
Unicode during traversal: Each segment is URL-unquoted, and
decoded into Unicode. Each segment is assumed to be encoded using
the UTF-8 encoding (or a subset, such as ASCII); a
:exc:`pyramid.exceptions.URLDecodeError` is raised if a segment
cannot be decoded. If a segment name is empty or if it is ``.``,
it is ignored. If a segment name is ``..``, the previous segment
is deleted, and the ``..`` is ignored. As a result of this
process, the return values ``view_name``, each element in the
``subpath``, each element in ``traversed``, and each element in
the ``virtual_root_path`` will be Unicode as opposed to a string,
and will be URL-decoded.
"""
if is_nonstr_iter(path):
# the traverser factory expects PATH_INFO to be a string, not
# unicode and it expects path segments to be utf-8 and
# urlencoded (it's the same traverser which accepts PATH_INFO
# from user agents; user agents always send strings).
if path:
path = _join_path_tuple(tuple(path))
else:
path = ''
# The user is supposed to pass us a string object, never Unicode. In
# practice, however, users indeed pass Unicode to this API. If they do
# pass a Unicode object, its data *must* be entirely encodeable to ASCII,
# so we encode it here as a convenience to the user and to prevent
# second-order failures from cropping up (all failures will occur at this
# step rather than later down the line as the result of calling
# ``traversal_path``).
path = ascii_native_(path)
if path and path[0] == '/':
resource = find_root(resource)
reg = get_current_registry()
request_factory = reg.queryUtility(IRequestFactory)
if request_factory is None:
from pyramid.request import Request # avoid circdep
request_factory = Request
request = request_factory.blank(path)
request.registry = reg
traverser = reg.queryAdapter(resource, ITraverser)
if traverser is None:
traverser = ResourceTreeTraverser(resource)
return traverser(request)
def basic_auth(username, password):
return 'Basic ' + ascii_native_(
b64encode(('%s:%s' % (username, password)).encode('utf-8')))
def basic_auth(username, password):
from base64 import b64encode
from pyramid.compat import ascii_native_
return 'Basic ' + ascii_native_(b64encode(('%s:%s' % (username, password)).encode('utf-8')))
def test_get_uri_no_uri(self):
res = self.testapp.get(
'/uris', {},
{ascii_native_('Accept'): ascii_native_('application/json')},
status=400)
self.assertEqual('400 Bad Request', res.status)
def remember(self, request, userid, max_age=None, tokens=()):
""" Return a set of Set-Cookie headers; when set into a response,
these headers will represent a valid authentication ticket.
``max_age``
The max age of the auth_tkt cookie, in seconds. When this value is
set, the cookie's ``Max-Age`` and ``Expires`` settings will be set,
allowing the auth_tkt cookie to last between browser sessions. If
this value is ``None``, the ``max_age`` value provided to the
helper itself will be used as the ``max_age`` value. Default:
``None``.
``tokens``
A sequence of strings that will be placed into the auth_tkt tokens
field. Each string in the sequence must be of the Python ``str``
type and must match the regex ``^[A-Za-z][A-Za-z0-9+_-]*$``.
Tokens are available in the returned identity when an auth_tkt is
found in the request and unpacked. Default: ``()``.
"""
if max_age is None:
max_age = self.max_age
environ = request.environ
if self.include_ip:
remote_addr = environ['REMOTE_ADDR']
else:
remote_addr = '0.0.0.0'
user_data = ''
encoding_data = self.userid_type_encoders.get(type(userid))
if encoding_data:
encoding, encoder = encoding_data
userid = encoder(userid)
user_data = 'userid_type:%s' % encoding
new_tokens = []
for token in tokens:
if isinstance(token, text_type):
try:
token = ascii_native_(token)
except UnicodeEncodeError:
raise ValueError("Invalid token %r" % (token, ))
if not (isinstance(token, str) and VALID_TOKEN.match(token)):
raise ValueError("Invalid token %r" % (token, ))
new_tokens.append(token)
tokens = tuple(new_tokens)
if hasattr(request, '_authtkt_reissued'):
request._authtkt_reissue_revoked = True
ticket = self.AuthTicket(self.secret,
userid,
remote_addr,
tokens=tokens,
user_data=user_data,
cookie_name=self.cookie_name,
secure=self.secure)
cookie_value = ticket.cookie_value()
return self._get_cookies(environ, cookie_value, max_age)
def traversal_path(path):
""" Variant of :func:`pyramid.traversal.traversal_path_info` suitable for
decoding paths that are URL-encoded."""
path = ascii_native_(path)
path = url_unquote_native(path, 'latin-1', 'strict')
return traversal_path_info(path)