def get_conceptscheme_concepts(self):
        scheme_id = self.request.matchdict['scheme_id']
        provider = self.skos_registry.get_provider(scheme_id)
        if not provider:
            return HTTPNotFound()
        query = {}
        mode = self.request.params.get('mode', 'default')
        sort = self.request.params.get('sort', None)
        label = self.request.params.get('label', None)
        postprocess = False
        if mode == 'dijitFilteringSelect' and label == '':
            concepts = []
        else:
            if label not in [None, '*', '']:
                if mode == 'dijitFilteringSelect' and '*' in label:
                    postprocess = True
                    query['label'] = label.replace('*', '')
                else:
                    query['label'] = label
            type = self.request.params.get('type', None)
            if type in ['concept', 'collection']:
                query['type'] = type
            coll = self.request.params.get('collection', None)
            if coll is not None:
                query['collection'] = {'id': coll, 'depth': 'all'}
            concepts = provider.find(query)
        # We need to refine results further
        if postprocess:
            if label.startswith('*') and label.endswith('*'):
                concepts = [c for c in concepts if label[1:-1] in c['label']]
            elif label.endswith('*'):
                concepts = [c for c in concepts if c['label'].startswith(label[0:-1])]
            elif label.startswith('*'):
                concepts = [c for c in concepts if c['label'].endswith(label[1:])]

        #Result sorting
        if sort:
            sort_desc = (sort[0:1] == '-')
            sort = sort[1:] if sort[0:1] in ['-', '+'] else sort
            sort = sort.strip() # dojo store does not encode '+'
            if (len(concepts) > 0) and (sort in concepts[0]):
                concepts.sort(key=lambda concept: concept[sort], reverse=sort_desc)

        # Result paging
        paging_data = False
        if 'Range' in self.request.headers:
            paging_data = parse_range_header(self.request.headers['Range'])
        count = len(concepts)
        if not paging_data:
            paging_data = {
                'start': 0,
                'finish': count - 1 if count > 0 else 0,
                'number': count
            }
        cslice = concepts[paging_data['start']:paging_data['finish']+1]
        self.request.response.headers[ascii_native_('Content-Range')] = \
            ascii_native_('items %d-%d/%d' % (
                paging_data['start'], paging_data['finish'], count
            ))
        return cslice
Exemple #2
0
 def test_get_uri_deprecated_way(self):
     res1 = self.testapp.get(
         '/uris?uri=http://python.com/trees', {},
         {ascii_native_('Accept'): ascii_native_('application/json')})
     res2 = self.testapp.get(
         '/uris/http://python.com/trees', {},
         {ascii_native_('Accept'): ascii_native_('application/json')})
     self.assertEqual(res1.body, res2.body)
 def test_get_uri_no_uri(self):
     res = self.testapp.get(
         '/uris',
         {},
         {ascii_native_('Accept'): ascii_native_('application/json')},
         status=400
     )
     self.assertEqual('400 Bad Request', res.status)
Exemple #4
0
 def test_get_conceptschemes_json(self):
     res = self.testapp.get(
         '/conceptschemes', {},
         {ascii_native_('Accept'): ascii_native_('application/json')})
     self.assertEqual('200 OK', res.status)
     self.assertIn('application/json', res.headers['Content-Type'])
     data = json.loads(res.body.decode('utf-8'))
     self.assertIsInstance(data, list)
     self.assertEqual(len(data), 1)
Exemple #5
0
 def test_get_context_jsonld(self):
     res = self.testapp.get(
         '/jsonld/context/skos', {},
         {ascii_native_('Accept'): ascii_native_('application/ld+json')})
     assert res.status == '200 OK'
     assert 'application/ld+json' in res.headers['Content-Type']
     data = json.loads(res.body.decode('utf-8'))
     assert isinstance(data, dict)
     assert 'skos' in data
     assert 'dct' in data
 def test_get_conceptschemes_json(self):
     res = self.testapp.get(
         '/conceptschemes',
         {},
         {ascii_native_('Accept'): ascii_native_('application/json')})
     self.assertEqual('200 OK', res.status)
     self.assertIn('application/json', res.headers['Content-Type'])
     data = json.loads(res.body.decode('utf-8'))
     self.assertIsInstance(data, list)
     self.assertEqual(len(data), 1)
Exemple #7
0
 def test_get_conceptschemes_trees_cs_json(self):
     res = self.testapp.get(
         '/conceptschemes/TREES/c', {},
         {ascii_native_('Accept'): ascii_native_('application/json')})
     self.assertEqual('200 OK', res.status)
     self.assertIn('application/json', res.headers['Content-Type'])
     self.assertIsInstance(res.headers['Content-Range'], string_types)
     self.assertEqual('items 0-2/3', res.headers['Content-Range'])
     data = json.loads(res.body.decode('utf-8'))
     self.assertIsInstance(data, list)
     self.assertEqual(len(data), 3)
Exemple #8
0
 def test_get_uri_cs_json(self):
     res = self.testapp.get(
         '/uris?uri=http://python.com/trees', {},
         {ascii_native_('Accept'): ascii_native_('application/json')})
     self.assertEqual('200 OK', res.status)
     self.assertIn('application/json', res.headers['Content-Type'])
     data = json.loads(res.body.decode('utf-8'))
     self.assertIsInstance(data, dict)
     self.assertIn('uri', data)
     self.assertIn('id', data)
     self.assertIn('type', data)
Exemple #9
0
 def test_get_conceptscheme_concepts_search_dfs_all(self):
     res = self.testapp.get(
         '/conceptschemes/TREES/c', {
             'mode': 'dijitFilteringSelect',
             'label': '*'
         }, {ascii_native_('Accept'): ascii_native_('application/json')})
     self.assertEqual('200 OK', res.status)
     self.assertIn('application/json', res.headers['Content-Type'])
     data = json.loads(res.body.decode('utf-8'))
     self.assertIsInstance(data, list)
     self.assertEqual(3, len(data))
 def test_get_conceptscheme_concepts_search_dfs_all(self):
     res = self.testapp.get(
         '/conceptschemes/TREES/c',
         {'mode': 'dijitFilteringSelect', 'label': '*'},
         {ascii_native_('Accept'): ascii_native_('application/json')}
     )
     self.assertEqual('200 OK', res.status)
     self.assertIn('application/json', res.headers['Content-Type'])
     data = json.loads(res.body.decode('utf-8'))
     self.assertIsInstance(data, list)
     self.assertEqual(3, len(data))
 def test_get_uri_deprecated_way(self):
     res1 = self.testapp.get(
         '/uris?uri=http://python.com/trees',
         {},
         {ascii_native_('Accept'): ascii_native_('application/json')}
     )
     res2 = self.testapp.get(
         '/uris/http://python.com/trees',
         {},
         {ascii_native_('Accept'): ascii_native_('application/json')}
     )
     self.assertEqual(res1.body, res2.body)
 def test_get_conceptschemes_trees_cs_json(self):
     res = self.testapp.get(
         '/conceptschemes/TREES/c',
         {},
         {ascii_native_('Accept'): ascii_native_('application/json')}
     )
     self.assertEqual('200 OK', res.status)
     self.assertIn('application/json', res.headers['Content-Type'])
     self.assertIsInstance(res.headers['Content-Range'], string_types)
     self.assertEqual('items 0-2/3', res.headers['Content-Range'])
     data = json.loads(res.body.decode('utf-8'))
     self.assertIsInstance(data, list)
     self.assertEqual(len(data), 3)
 def test_get_uri_cs_json(self):
     res = self.testapp.get(
         '/uris?uri=http://python.com/trees',
         {},
         {ascii_native_('Accept'): ascii_native_('application/json')}
     )
     self.assertEqual('200 OK', res.status)
     self.assertIn('application/json', res.headers['Content-Type'])
     data = json.loads(res.body.decode('utf-8'))
     self.assertIsInstance(data, dict)
     self.assertIn('uri', data)
     self.assertIn('id', data)
     self.assertIn('type', data)
Exemple #14
0
 def test_get_conceptschemes_trees_species_jsonld(self):
     res = self.testapp.get(
         '/conceptschemes/TREES/c/3', {},
         {ascii_native_('Accept'): ascii_native_('application/ld+json')})
     assert res.status == '200 OK'
     assert 'application/ld+json' in res.headers['Content-Type']
     data = json.loads(res.body.decode('utf-8'))
     assert isinstance(data, dict)
     assert 'id' in data
     assert 'label' in data
     assert 'uri' in data
     assert 'type' in data
     assert '@context' in data
     assert '/jsonld/context/skos' in data['@context']
Exemple #15
0
 def test_get_top_concepts(self):
     res = self.testapp.get(
         '/conceptschemes/TREES/topconcepts',
         {ascii_native_('Accept'): ascii_native_('application/json')})
     self.assertEqual('200 OK', res.status)
     self.assertIn('application/json', res.headers['Content-Type'])
     data = json.loads(res.body.decode('utf-8'))
     self.assertIsInstance(data, list)
     self.assertEqual(2, len(data))
     for c in data:
         self.assertIn('id', c)
         self.assertIn('uri', c)
         self.assertIn('label', c)
         self.assertEqual('concept', c['type'])
 def test_get_top_concepts(self):
     res = self.testapp.get(
         '/conceptschemes/TREES/topconcepts',
         {ascii_native_('Accept'): ascii_native_('application/json')}
     )
     self.assertEqual('200 OK', res.status)
     self.assertIn('application/json', res.headers['Content-Type'])
     data = json.loads(res.body.decode('utf-8'))
     self.assertIsInstance(data, list)
     self.assertEqual(2, len(data))
     for c in data:
         self.assertIn('id', c)
         self.assertIn('uri', c)
         self.assertIn('label', c)
         self.assertEqual('concept', c['type'])
Exemple #17
0
def test_json_basic_auth(anonhtmltestapp):
    from base64 import b64encode
    from pyramid.compat import ascii_native_
    url = '/'
    value = "Authorization: Basic %s" % ascii_native_(b64encode(b'nobody:pass'))
    res = anonhtmltestapp.get(url, headers={'Authorization': value}, status=401)
    assert res.content_type == 'application/json'
def test_json_basic_auth(anonhtmltestapp):
    from base64 import b64encode
    from pyramid.compat import ascii_native_
    url = '/'
    value = "Authorization: Basic %s" % ascii_native_(b64encode(b'nobody:pass'))
    res = anonhtmltestapp.get(url, headers={'Authorization': value}, status=401)
    assert res.content_type == 'application/json'
Exemple #19
0
 def test_get_conceptschemes_trees_species_json(self):
     res = self.testapp.get(
         '/conceptschemes/TREES/c/3', {},
         {ascii_native_('Accept'): ascii_native_('application/json')})
     self.assertEqual('200 OK', res.status)
     self.assertIn('application/json', res.headers['Content-Type'])
     data = json.loads(res.body.decode('utf-8'))
     self.assertIsInstance(data, dict)
     self.assertIn('id', data)
     self.assertIn('label', data)
     self.assertIn('labels', data)
     self.assertEqual('collection', data['type'])
     self.assertNotIn('narrower', data)
     self.assertNotIn('broader', data)
     self.assertNotIn('related', data)
     self.assertIn('members', data)
     self.assertIn('member_of', data)
Exemple #20
0
def test_collection_post_bad_(anontestapp):
    from base64 import b64encode
    from pyramid.compat import ascii_native_
    value = "Authorization: Basic %s" % ascii_native_(
        b64encode(b'nobody:pass'))
    anontestapp.post_json('/organism', {},
                          headers={'Authorization': value},
                          status=401)
Exemple #21
0
 def test_get_conceptscheme_json(self):
     res = self.testapp.get(
         '/conceptschemes/TREES', {},
         {ascii_native_('Accept'): ascii_native_('application/json')})
     self.assertEqual('200 OK', res.status)
     self.assertIn('application/json', res.headers['Content-Type'])
     data = json.loads(res.body.decode('utf-8'))
     self.assertIsInstance(data, dict)
     self.assertIn('id', data)
     self.assertIn('uri', data)
     self.assertIn('subject', data)
     self.assertIn('label', data)
     self.assertIn('labels', data)
     self.assertIn('sources', data)
     self.assertEqual(len(data['labels']), 2)
     for l in data['labels']:
         self.assertIsInstance(l, dict)
     self.assertIn('notes', data)
 def test_get_conceptscheme_json(self):
     res = self.testapp.get(
         '/conceptschemes/TREES',
         {},
         {ascii_native_('Accept'): ascii_native_('application/json')})
     self.assertEqual('200 OK', res.status)
     self.assertIn('application/json', res.headers['Content-Type'])
     data = json.loads(res.body.decode('utf-8'))
     self.assertIsInstance(data, dict)
     self.assertIn('id', data)
     self.assertIn('uri', data)
     self.assertIn('subject', data)
     self.assertIn('label', data)
     self.assertIn('labels', data)
     self.assertEqual(len(data['labels']), 2)
     for l in data['labels']:
         self.assertIsInstance(l, dict)
     self.assertIn('notes', data)
 def _page_results(self, concepts):
     # Result paging
     paging_data = False
     if 'Range' in self.request.headers:
         paging_data = parse_range_header(self.request.headers['Range'])
     count = len(concepts)
     if not paging_data:
         paging_data = {
             'start': 0,
             'finish': count - 1 if count > 0 else 0,
             'number': count
         }
     cslice = concepts[paging_data['start']:paging_data['finish'] + 1]
     self.request.response.headers[ascii_native_('Content-Range')] = \
         ascii_native_('items %d-%d/%d' % (
             paging_data['start'], paging_data['finish'], count
         ))
     return cslice
 def _page_results(self, concepts):
     # Result paging
     paging_data = False
     if 'Range' in self.request.headers:
         paging_data = parse_range_header(self.request.headers['Range'])
     count = len(concepts)
     if not paging_data:
         paging_data = {
             'start': 0,
             'finish': count - 1 if count > 0 else 0,
             'number': count
         }
     cslice = concepts[paging_data['start']:paging_data['finish']+1]
     self.request.response.headers[ascii_native_('Content-Range')] = \
         ascii_native_('items %d-%d/%d' % (
             paging_data['start'], paging_data['finish'], count
         ))
     return cslice
Exemple #25
0
def find_resource(resource, path):
    """ Given a resource object and a string or tuple representing a path
    (such as the return value of :func:`pyramid.traversal.resource_path` or
    :func:`pyramid.traversal.resource_path_tuple`), return a resource in this
    application's resource tree at the specified path.  The resource passed
    in *must* be :term:`location`-aware.  If the path cannot be resolved (if
    the respective node in the resource tree does not exist), a
    :exc:`KeyError` will be raised.

    This function is the logical inverse of
    :func:`pyramid.traversal.resource_path` and
    :func:`pyramid.traversal.resource_path_tuple`; it can resolve any
    path string or tuple generated by either of those functions.

    Rules for passing a *string* as the ``path`` argument: if the
    first character in the path string is the ``/``
    character, the path is considered absolute and the resource tree
    traversal will start at the root resource.  If the first character
    of the path string is *not* the ``/`` character, the path is
    considered relative and resource tree traversal will begin at the resource
    object supplied to the function as the ``resource`` argument.  If an
    empty string is passed as ``path``, the ``resource`` passed in will
    be returned.  Resource path strings must be escaped in the following
    manner: each Unicode path segment must be encoded as UTF-8 and as
    each path segment must escaped via Python's :mod:`urllib.quote`.
    For example, ``/path/to%20the/La%20Pe%C3%B1a`` (absolute) or
    ``to%20the/La%20Pe%C3%B1a`` (relative).  The
    :func:`pyramid.traversal.resource_path` function generates strings
    which follow these rules (albeit only absolute ones).

    Rules for passing *text* (Unicode) as the ``path`` argument are the same
    as those for a string.  In particular, the text may not have any nonascii
    characters in it.

    Rules for passing a *tuple* as the ``path`` argument: if the first
    element in the path tuple is the empty string (for example ``('',
    'a', 'b', 'c')``, the path is considered absolute and the resource tree
    traversal will start at the resource tree root object.  If the first
    element in the path tuple is not the empty string (for example
    ``('a', 'b', 'c')``), the path is considered relative and resource tree
    traversal will begin at the resource object supplied to the function
    as the ``resource`` argument.  If an empty sequence is passed as
    ``path``, the ``resource`` passed in itself will be returned.  No
    URL-quoting or UTF-8-encoding of individual path segments within
    the tuple is required (each segment may be any string or unicode
    object representing a resource name).  Resource path tuples generated by
    :func:`pyramid.traversal.resource_path_tuple` can always be
    resolved by ``find_resource``.
    """
    if isinstance(path, text_type):
        path = ascii_native_(path)
    D = traverse(resource, path)
    view_name = D['view_name']
    context = D['context']
    if view_name:
        raise KeyError('%r has no subelement %s' % (context, view_name))
    return context
 def test_get_conceptschemes_trees_larch_json(self):
     res = self.testapp.get(
         '/conceptschemes/TREES/c/1',
         {},
         {ascii_native_('Accept'): ascii_native_('application/json')}
     )
     self.assertEqual('200 OK', res.status)
     self.assertIn('application/json', res.headers['Content-Type'])
     data = json.loads(res.body.decode('utf-8'))
     self.assertIsInstance(data, dict)
     self.assertIn('id', data)
     self.assertIn('label', data)
     self.assertIn('labels', data)
     self.assertIn('notes', data)
     self.assertEqual('concept', data['type'])
     self.assertIn('narrower', data)
     self.assertIn('broader', data)
     self.assertIn('related', data)
Exemple #27
0
def test_json_basic_auth(anonhtmltestapp):
    url = '/'
    value = "Authorization: Basic %s" % ascii_native_(
        b64encode(b'nobody:pass'))
    res = anonhtmltestapp.get(url,
                              headers={
                                  'Authorization': value,
                                  'Accept': "application/json"
                              },
                              status=401)
    assert res.content_type == 'application/json'
Exemple #28
0
    def _get_tag_label(self, column_index):
        """
        Convenience method returning a tag label. All tag labels are strings.
        Returns *None* if the tag label is an empty string.

        Overwrite this method to address special formats (e.g. keyword
        conversion, case-sensitivity, whitespaces, etc.).

        :returns: Tag label.
        :rtype: :class:`str`
        """
        tag_label = self._get_cell_value(self._current_row, column_index)
        if tag_label is None:
            result = None
        else:
            result = ascii_native_(tag_label)
        return result
Exemple #29
0
    def _get_tag_label(self, column_index):
        """
        Convenience method returning a tag label. All tag labels are strings.
        Returns *None* if the tag label is an empty string.

        Overwrite this method to address special formats (e.g. keyword
        conversion, case-sensitivity, whitespaces, etc.).

        :returns: Tag label.
        :rtype: :class:`str`
        """
        tag_label = self._get_cell_value(self._current_row, column_index)
        if tag_label is None:
            result = None
        else:
            result = ascii_native_(tag_label)
        return result
Exemple #30
0
 def get_cell_value(self, sheet, row_index, column_index):
     """
     Returns the value of the specified in the given sheet.
     Converts the passed cell value either into
     a ascii string (if basestring) or a number (if non_string).
     """
     cell_value = sheet.cell_value(row_index, column_index)
     cell_name = '%s%i' % (label_from_number(column_index + 1),
                           row_index + 1)
     sheet_name = self.get_sheet_name(sheet)
     conv_value = None
     if isinstance(cell_value, string_types):
         try:
             conv_value = ascii_native_(cell_value)
         except UnicodeEncodeError:
             msg = 'Unknown character in cell %s (sheet "%s"). Remove ' \
                   'or replace the character, please.' \
                   % (cell_name, sheet_name)
             self.add_error(msg)
         else:
             if conv_value == '':
                 conv_value = None
             else:
                 # Try to convert to an int or float.
                 try:
                     conv_value = int(conv_value)
                 except ValueError:
                     try:
                         conv_value = float(conv_value)
                     except ValueError:
                         pass
     elif isinstance(cell_value, (float, int)):
         if is_valid_number(value=cell_value, is_integer=True):
             conv_value = int(cell_value)
         else:
             conv_value = cell_value
     else:
         msg = 'There is some unknown content in cell %s (sheet %s).' \
               % (cell_name, sheet_name)
         self.add_error(msg)
     return conv_value
Exemple #31
0
 def get_cell_value(self, sheet, row_index, column_index):
     """
     Returns the value of the specified in the given sheet.
     Converts the passed cell value either into
     a ascii string (if basestring) or a number (if non_string).
     """
     cell_value = sheet.cell_value(row_index, column_index)
     cell_name = '%s%i' % (label_from_number(column_index + 1),
                           row_index + 1)
     sheet_name = self.get_sheet_name(sheet)
     conv_value = None
     if isinstance(cell_value, string_types):
         try:
             conv_value = ascii_native_(cell_value)
         except UnicodeEncodeError:
             msg = 'Unknown character in cell %s (sheet "%s"). Remove ' \
                   'or replace the character, please.' \
                   % (cell_name, sheet_name)
             self.add_error(msg)
         else:
             if conv_value == '':
                 conv_value = None
             else:
                 # Try to convert to an int or float.
                 try:
                     conv_value = int(conv_value)
                 except ValueError:
                     try:
                         conv_value = float(conv_value)
                     except ValueError:
                         pass
     elif isinstance(cell_value, (float, int)):
         if is_valid_number(value=cell_value, is_integer=True):
             conv_value = int(cell_value)
         else:
             conv_value = cell_value
     else:
         msg = 'There is some unknown content in cell %s (sheet %s).' \
               % (cell_name, sheet_name)
         self.add_error(msg)
     return conv_value
Exemple #32
0
def test_collection_post_bad_(anontestapp):
    from base64 import b64encode
    from pyramid.compat import ascii_native_
    value = "Authorization: Basic %s" % ascii_native_(b64encode(b'nobody:pass'))
    anontestapp.post_json('/organism', {}, headers={'Authorization': value}, status=401)
Exemple #33
0
    def remember(self, request, userid, max_age=None, tokens=()):
        """ Return a set of Set-Cookie headers; when set into a response,
        these headers will represent a valid authentication ticket.

        ``max_age``
          The max age of the auth_tkt cookie, in seconds.  When this value is
          set, the cookie's ``Max-Age`` and ``Expires`` settings will be set,
          allowing the auth_tkt cookie to last between browser sessions.  If
          this value is ``None``, the ``max_age`` value provided to the
          helper itself will be used as the ``max_age`` value.  Default:
          ``None``.

        ``tokens``
          A sequence of strings that will be placed into the auth_tkt tokens
          field.  Each string in the sequence must be of the Python ``str``
          type and must match the regex ``^[A-Za-z][A-Za-z0-9+_-]*$``.
          Tokens are available in the returned identity when an auth_tkt is
          found in the request and unpacked.  Default: ``()``.
        """
        max_age = self.max_age if max_age is None else int(max_age)

        environ = request.environ

        if self.include_ip:
            remote_addr = environ["REMOTE_ADDR"]
        else:
            remote_addr = "0.0.0.0"

        user_data = ""

        encoding_data = self.userid_type_encoders.get(type(userid))

        if encoding_data:
            encoding, encoder = encoding_data
        else:
            warnings.warn(
                "userid is of type {}, and is not supported by the "
                "AuthTktAuthenticationPolicy. Explicitly converting to string "
                "and storing as base64. Subsequent requests will receive a "
                "string as the userid, it will not be decoded back to the type "
                "provided.".format(type(userid)),
                RuntimeWarning,
            )
            encoding, encoder = self.userid_type_encoders.get(text_type)
            userid = str(userid)

        userid = encoder(userid)
        user_data = "userid_type:%s" % encoding

        new_tokens = []
        for token in tokens:
            if isinstance(token, text_type):
                try:
                    token = ascii_native_(token)
                except UnicodeEncodeError:
                    raise ValueError("Invalid token %r" % (token,))
            if not (isinstance(token, str) and VALID_TOKEN.match(token)):
                raise ValueError("Invalid token %r" % (token,))
            new_tokens.append(token)
        tokens = tuple(new_tokens)

        if hasattr(request, "_authtkt_reissued"):
            request._authtkt_reissue_revoked = True

        ticket = self.AuthTicket(
            self.secret,
            userid,
            remote_addr,
            tokens=tokens,
            user_data=user_data,
            cookie_name=self.cookie_name,
            secure=self.secure,
            hashalg=self.hashalg,
        )

        cookie_value = ticket.cookie_value()
        return self._get_cookies(request, cookie_value, max_age)
Exemple #34
0
def basic_auth(username, password):
    from base64 import b64encode
    from pyramid.compat import ascii_native_
    return 'Basic ' + ascii_native_(b64encode(('%s:%s' % (username, password)).encode('utf-8')))
Exemple #35
0
def traverse(resource, path):
    """Given a resource object as ``resource`` and a string or tuple
    representing a path as ``path`` (such as the return value of
    :func:`pyramid.traversal.resource_path` or
    :func:`pyramid.traversal.resource_path_tuple` or the value of
    ``request.environ['PATH_INFO']``), return a dictionary with the
    keys ``context``, ``root``, ``view_name``, ``subpath``,
    ``traversed``, ``virtual_root``, and ``virtual_root_path``.

    A definition of each value in the returned dictionary:

    - ``context``: The :term:`context` (a :term:`resource` object) found
      via traversal or url dispatch.  If the ``path`` passed in is the
      empty string, the value of the ``resource`` argument passed to this
      function is returned.

    - ``root``: The resource object at which :term:`traversal` begins.
      If the ``resource`` passed in was found via url dispatch or if the
      ``path`` passed in was relative (non-absolute), the value of the
      ``resource`` argument passed to this function is returned.

    - ``view_name``: The :term:`view name` found during
      :term:`traversal` or :term:`url dispatch`; if the ``resource`` was
      found via traversal, this is usually a representation of the
      path segment which directly follows the path to the ``context``
      in the ``path``.  The ``view_name`` will be a Unicode object or
      the empty string.  The ``view_name`` will be the empty string if
      there is no element which follows the ``context`` path.  An
      example: if the path passed is ``/foo/bar``, and a resource
      object is found at ``/foo`` (but not at ``/foo/bar``), the 'view
      name' will be ``u'bar'``.  If the ``resource`` was found via
      urldispatch, the view_name will be the name the route found was
      registered with.

    - ``subpath``: For a ``resource`` found via :term:`traversal`, this
      is a sequence of path segments found in the ``path`` that follow
      the ``view_name`` (if any).  Each of these items is a Unicode
      object.  If no path segments follow the ``view_name``, the
      subpath will be the empty sequence.  An example: if the path
      passed is ``/foo/bar/baz/buz``, and a resource object is found at
      ``/foo`` (but not ``/foo/bar``), the 'view name' will be
      ``u'bar'`` and the :term:`subpath` will be ``[u'baz', u'buz']``.
      For a ``resource`` found via url dispatch, the subpath will be a
      sequence of values discerned from ``*subpath`` in the route
      pattern matched or the empty sequence.

    - ``traversed``: The sequence of path elements traversed from the
      root to find the ``context`` object during :term:`traversal`.
      Each of these items is a Unicode object.  If no path segments
      were traversed to find the ``context`` object (e.g. if the
      ``path`` provided is the empty string), the ``traversed`` value
      will be the empty sequence.  If the ``resource`` is a resource found
      via :term:`url dispatch`, traversed will be None.

    - ``virtual_root``: A resource object representing the 'virtual' root
      of the resource tree being traversed during :term:`traversal`.
      See :ref:`vhosting_chapter` for a definition of the virtual root
      object.  If no virtual hosting is in effect, and the ``path``
      passed in was absolute, the ``virtual_root`` will be the
      *physical* root resource object (the object at which :term:`traversal`
      begins).  If the ``resource`` passed in was found via :term:`URL
      dispatch` or if the ``path`` passed in was relative, the
      ``virtual_root`` will always equal the ``root`` object (the
      resource passed in).

    - ``virtual_root_path`` -- If :term:`traversal` was used to find
      the ``resource``, this will be the sequence of path elements
      traversed to find the ``virtual_root`` resource.  Each of these
      items is a Unicode object.  If no path segments were traversed
      to find the ``virtual_root`` resource (e.g. if virtual hosting is
      not in effect), the ``traversed`` value will be the empty list.
      If url dispatch was used to find the ``resource``, this will be
      ``None``.

    If the path cannot be resolved, a :exc:`KeyError` will be raised.

    Rules for passing a *string* as the ``path`` argument: if the
    first character in the path string is the with the ``/``
    character, the path will considered absolute and the resource tree
    traversal will start at the root resource.  If the first character
    of the path string is *not* the ``/`` character, the path is
    considered relative and resource tree traversal will begin at the resource
    object supplied to the function as the ``resource`` argument.  If an
    empty string is passed as ``path``, the ``resource`` passed in will
    be returned.  Resource path strings must be escaped in the following
    manner: each Unicode path segment must be encoded as UTF-8 and
    each path segment must escaped via Python's :mod:`urllib.quote`.
    For example, ``/path/to%20the/La%20Pe%C3%B1a`` (absolute) or
    ``to%20the/La%20Pe%C3%B1a`` (relative).  The
    :func:`pyramid.traversal.resource_path` function generates strings
    which follow these rules (albeit only absolute ones).

    Rules for passing a *tuple* as the ``path`` argument: if the first
    element in the path tuple is the empty string (for example ``('',
    'a', 'b', 'c')``, the path is considered absolute and the resource tree
    traversal will start at the resource tree root object.  If the first
    element in the path tuple is not the empty string (for example
    ``('a', 'b', 'c')``), the path is considered relative and resource tree
    traversal will begin at the resource object supplied to the function
    as the ``resource`` argument.  If an empty sequence is passed as
    ``path``, the ``resource`` passed in itself will be returned.  No
    URL-quoting or UTF-8-encoding of individual path segments within
    the tuple is required (each segment may be any string or unicode
    object representing a resource name).

    Explanation of the conversion of ``path`` segment values to
    Unicode during traversal: Each segment is URL-unquoted, and
    decoded into Unicode. Each segment is assumed to be encoded using
    the UTF-8 encoding (or a subset, such as ASCII); a
    :exc:`pyramid.exceptions.URLDecodeError` is raised if a segment
    cannot be decoded.  If a segment name is empty or if it is ``.``,
    it is ignored.  If a segment name is ``..``, the previous segment
    is deleted, and the ``..`` is ignored.  As a result of this
    process, the return values ``view_name``, each element in the
    ``subpath``, each element in ``traversed``, and each element in
    the ``virtual_root_path`` will be Unicode as opposed to a string,
    and will be URL-decoded.
    """

    if is_nonstr_iter(path):
        # the traverser factory expects PATH_INFO to be a string, not
        # unicode and it expects path segments to be utf-8 and
        # urlencoded (it's the same traverser which accepts PATH_INFO
        # from user agents; user agents always send strings).
        if path:
            path = _join_path_tuple(tuple(path))
        else:
            path = ""

    # The user is supposed to pass us a string object, never Unicode.  In
    # practice, however, users indeed pass Unicode to this API.  If they do
    # pass a Unicode object, its data *must* be entirely encodeable to ASCII,
    # so we encode it here as a convenience to the user and to prevent
    # second-order failures from cropping up (all failures will occur at this
    # step rather than later down the line as the result of calling
    # ``traversal_path``).

    path = ascii_native_(path)

    if path and path[0] == "/":
        resource = find_root(resource)

    reg = get_current_registry()

    request_factory = reg.queryUtility(IRequestFactory)
    if request_factory is None:
        from pyramid.request import Request  # avoid circdep

        request_factory = Request

    request = request_factory.blank(path)
    request.registry = reg
    traverser = reg.queryAdapter(resource, ITraverser)
    if traverser is None:
        traverser = ResourceTreeTraverser(resource)

    return traverser(request)
    def remember(self, request, userid, max_age=None, tokens=()):
        """ Return a set of Set-Cookie headers; when set into a response,
        these headers will represent a valid authentication ticket.

        ``max_age``
          The max age of the auth_tkt cookie, in seconds.  When this value is
          set, the cookie's ``Max-Age`` and ``Expires`` settings will be set,
          allowing the auth_tkt cookie to last between browser sessions.  If
          this value is ``None``, the ``max_age`` value provided to the
          helper itself will be used as the ``max_age`` value.  Default:
          ``None``.

        ``tokens``
          A sequence of strings that will be placed into the auth_tkt tokens
          field.  Each string in the sequence must be of the Python ``str``
          type and must match the regex ``^[A-Za-z][A-Za-z0-9+_-]*$``.
          Tokens are available in the returned identity when an auth_tkt is
          found in the request and unpacked.  Default: ``()``.
        """
        if max_age is None:
            max_age = self.max_age

        environ = request.environ

        if self.include_ip:
            remote_addr = environ['REMOTE_ADDR']
        else:
            remote_addr = '0.0.0.0'

        user_data = ''

        encoding_data = self.userid_type_encoders.get(type(userid))

        if encoding_data:
            encoding, encoder = encoding_data
            userid = encoder(userid)
            user_data = 'userid_type:%s' % encoding

        new_tokens = []
        for token in tokens:
            if isinstance(token, text_type):
                try:
                    token = ascii_native_(token)
                except UnicodeEncodeError:
                    raise ValueError("Invalid token %r" % (token,))
            if not (isinstance(token, str) and VALID_TOKEN.match(token)):
                raise ValueError("Invalid token %r" % (token,))
            new_tokens.append(token)
        tokens = tuple(new_tokens)

        if hasattr(request, '_authtkt_reissued'):
            request._authtkt_reissue_revoked = True

        ticket = self.AuthTicket(
            self.secret,
            userid,
            remote_addr,
            tokens=tokens,
            user_data=user_data,
            cookie_name=self.cookie_name,
            secure=self.secure)

        cookie_value = ticket.cookie_value()
        return self._get_cookies(environ, cookie_value, max_age)
Exemple #37
0
def traverse(resource, path):
    """Given a resource object as ``resource`` and a string or tuple
    representing a path as ``path`` (such as the return value of
    :func:`pyramid.traversal.resource_path` or
    :func:`pyramid.traversal.resource_path_tuple` or the value of
    ``request.environ['PATH_INFO']``), return a dictionary with the
    keys ``context``, ``root``, ``view_name``, ``subpath``,
    ``traversed``, ``virtual_root``, and ``virtual_root_path``.

    A definition of each value in the returned dictionary:

    - ``context``: The :term:`context` (a :term:`resource` object) found
      via traversal or url dispatch.  If the ``path`` passed in is the
      empty string, the value of the ``resource`` argument passed to this
      function is returned.

    - ``root``: The resource object at which :term:`traversal` begins.
      If the ``resource`` passed in was found via url dispatch or if the
      ``path`` passed in was relative (non-absolute), the value of the
      ``resource`` argument passed to this function is returned.

    - ``view_name``: The :term:`view name` found during
      :term:`traversal` or :term:`url dispatch`; if the ``resource`` was
      found via traversal, this is usually a representation of the
      path segment which directly follows the path to the ``context``
      in the ``path``.  The ``view_name`` will be a Unicode object or
      the empty string.  The ``view_name`` will be the empty string if
      there is no element which follows the ``context`` path.  An
      example: if the path passed is ``/foo/bar``, and a resource
      object is found at ``/foo`` (but not at ``/foo/bar``), the 'view
      name' will be ``u'bar'``.  If the ``resource`` was found via
      urldispatch, the view_name will be the name the route found was
      registered with.

    - ``subpath``: For a ``resource`` found via :term:`traversal`, this
      is a sequence of path segments found in the ``path`` that follow
      the ``view_name`` (if any).  Each of these items is a Unicode
      object.  If no path segments follow the ``view_name``, the
      subpath will be the empty sequence.  An example: if the path
      passed is ``/foo/bar/baz/buz``, and a resource object is found at
      ``/foo`` (but not ``/foo/bar``), the 'view name' will be
      ``u'bar'`` and the :term:`subpath` will be ``[u'baz', u'buz']``.
      For a ``resource`` found via url dispatch, the subpath will be a
      sequence of values discerned from ``*subpath`` in the route
      pattern matched or the empty sequence.

    - ``traversed``: The sequence of path elements traversed from the
      root to find the ``context`` object during :term:`traversal`.
      Each of these items is a Unicode object.  If no path segments
      were traversed to find the ``context`` object (e.g. if the
      ``path`` provided is the empty string), the ``traversed`` value
      will be the empty sequence.  If the ``resource`` is a resource found
      via :term:`url dispatch`, traversed will be None.

    - ``virtual_root``: A resource object representing the 'virtual' root
      of the resource tree being traversed during :term:`traversal`.
      See :ref:`vhosting_chapter` for a definition of the virtual root
      object.  If no virtual hosting is in effect, and the ``path``
      passed in was absolute, the ``virtual_root`` will be the
      *physical* root resource object (the object at which :term:`traversal`
      begins).  If the ``resource`` passed in was found via :term:`URL
      dispatch` or if the ``path`` passed in was relative, the
      ``virtual_root`` will always equal the ``root`` object (the
      resource passed in).

    - ``virtual_root_path`` -- If :term:`traversal` was used to find
      the ``resource``, this will be the sequence of path elements
      traversed to find the ``virtual_root`` resource.  Each of these
      items is a Unicode object.  If no path segments were traversed
      to find the ``virtual_root`` resource (e.g. if virtual hosting is
      not in effect), the ``traversed`` value will be the empty list.
      If url dispatch was used to find the ``resource``, this will be
      ``None``.

    If the path cannot be resolved, a :exc:`KeyError` will be raised.

    Rules for passing a *string* as the ``path`` argument: if the
    first character in the path string is the with the ``/``
    character, the path will considered absolute and the resource tree
    traversal will start at the root resource.  If the first character
    of the path string is *not* the ``/`` character, the path is
    considered relative and resource tree traversal will begin at the resource
    object supplied to the function as the ``resource`` argument.  If an
    empty string is passed as ``path``, the ``resource`` passed in will
    be returned.  Resource path strings must be escaped in the following
    manner: each Unicode path segment must be encoded as UTF-8 and
    each path segment must escaped via Python's :mod:`urllib.quote`.
    For example, ``/path/to%20the/La%20Pe%C3%B1a`` (absolute) or
    ``to%20the/La%20Pe%C3%B1a`` (relative).  The
    :func:`pyramid.traversal.resource_path` function generates strings
    which follow these rules (albeit only absolute ones).

    Rules for passing a *tuple* as the ``path`` argument: if the first
    element in the path tuple is the empty string (for example ``('',
    'a', 'b', 'c')``, the path is considered absolute and the resource tree
    traversal will start at the resource tree root object.  If the first
    element in the path tuple is not the empty string (for example
    ``('a', 'b', 'c')``), the path is considered relative and resource tree
    traversal will begin at the resource object supplied to the function
    as the ``resource`` argument.  If an empty sequence is passed as
    ``path``, the ``resource`` passed in itself will be returned.  No
    URL-quoting or UTF-8-encoding of individual path segments within
    the tuple is required (each segment may be any string or unicode
    object representing a resource name).

    Explanation of the conversion of ``path`` segment values to
    Unicode during traversal: Each segment is URL-unquoted, and
    decoded into Unicode. Each segment is assumed to be encoded using
    the UTF-8 encoding (or a subset, such as ASCII); a
    :exc:`pyramid.exceptions.URLDecodeError` is raised if a segment
    cannot be decoded.  If a segment name is empty or if it is ``.``,
    it is ignored.  If a segment name is ``..``, the previous segment
    is deleted, and the ``..`` is ignored.  As a result of this
    process, the return values ``view_name``, each element in the
    ``subpath``, each element in ``traversed``, and each element in
    the ``virtual_root_path`` will be Unicode as opposed to a string,
    and will be URL-decoded.
    """

    if is_nonstr_iter(path):
        # the traverser factory expects PATH_INFO to be a string, not
        # unicode and it expects path segments to be utf-8 and
        # urlencoded (it's the same traverser which accepts PATH_INFO
        # from user agents; user agents always send strings).
        if path:
            path = _join_path_tuple(tuple(path))
        else:
            path = ''

    # The user is supposed to pass us a string object, never Unicode.  In
    # practice, however, users indeed pass Unicode to this API.  If they do
    # pass a Unicode object, its data *must* be entirely encodeable to ASCII,
    # so we encode it here as a convenience to the user and to prevent
    # second-order failures from cropping up (all failures will occur at this
    # step rather than later down the line as the result of calling
    # ``traversal_path``).

    path = ascii_native_(path)

    if path and path[0] == '/':
        resource = find_root(resource)

    reg = get_current_registry()

    request_factory = reg.queryUtility(IRequestFactory)
    if request_factory is None:
        from pyramid.request import Request # avoid circdep
        request_factory = Request

    request = request_factory.blank(path)
    request.registry = reg
    traverser = reg.queryAdapter(resource, ITraverser)
    if traverser is None:
        traverser = ResourceTreeTraverser(resource)

    return traverser(request)
Exemple #38
0
def basic_auth(username, password):
    return 'Basic ' + ascii_native_(
        b64encode(('%s:%s' % (username, password)).encode('utf-8')))
def basic_auth(username, password):
    from base64 import b64encode
    from pyramid.compat import ascii_native_
    return 'Basic ' + ascii_native_(b64encode(('%s:%s' % (username, password)).encode('utf-8')))
Exemple #40
0
 def test_get_uri_no_uri(self):
     res = self.testapp.get(
         '/uris', {},
         {ascii_native_('Accept'): ascii_native_('application/json')},
         status=400)
     self.assertEqual('400 Bad Request', res.status)
Exemple #41
0
    def remember(self, request, userid, max_age=None, tokens=()):
        """ Return a set of Set-Cookie headers; when set into a response,
        these headers will represent a valid authentication ticket.

        ``max_age``
          The max age of the auth_tkt cookie, in seconds.  When this value is
          set, the cookie's ``Max-Age`` and ``Expires`` settings will be set,
          allowing the auth_tkt cookie to last between browser sessions.  If
          this value is ``None``, the ``max_age`` value provided to the
          helper itself will be used as the ``max_age`` value.  Default:
          ``None``.

        ``tokens``
          A sequence of strings that will be placed into the auth_tkt tokens
          field.  Each string in the sequence must be of the Python ``str``
          type and must match the regex ``^[A-Za-z][A-Za-z0-9+_-]*$``.
          Tokens are available in the returned identity when an auth_tkt is
          found in the request and unpacked.  Default: ``()``.
        """
        if max_age is None:
            max_age = self.max_age

        environ = request.environ

        if self.include_ip:
            remote_addr = environ['REMOTE_ADDR']
        else:
            remote_addr = '0.0.0.0'

        user_data = ''

        encoding_data = self.userid_type_encoders.get(type(userid))

        if encoding_data:
            encoding, encoder = encoding_data
            userid = encoder(userid)
            user_data = 'userid_type:%s' % encoding

        new_tokens = []
        for token in tokens:
            if isinstance(token, text_type):
                try:
                    token = ascii_native_(token)
                except UnicodeEncodeError:
                    raise ValueError("Invalid token %r" % (token, ))
            if not (isinstance(token, str) and VALID_TOKEN.match(token)):
                raise ValueError("Invalid token %r" % (token, ))
            new_tokens.append(token)
        tokens = tuple(new_tokens)

        if hasattr(request, '_authtkt_reissued'):
            request._authtkt_reissue_revoked = True

        ticket = self.AuthTicket(self.secret,
                                 userid,
                                 remote_addr,
                                 tokens=tokens,
                                 user_data=user_data,
                                 cookie_name=self.cookie_name,
                                 secure=self.secure)

        cookie_value = ticket.cookie_value()
        return self._get_cookies(environ, cookie_value, max_age)
Exemple #42
0
def traversal_path(path):
    """ Variant of :func:`pyramid.traversal.traversal_path_info` suitable for
    decoding paths that are URL-encoded."""
    path = ascii_native_(path)
    path = url_unquote_native(path, 'latin-1', 'strict')
    return traversal_path_info(path)