def assertReactivateEmailSent(self, email_user):
"""Assert that the correct reactivation email has been sent"""
context = {
'name': self.user.profile.name,
'key': self.registration.activation_key
}
self.assertEmailUser(
email_user,
'emails/activation_email_subject.txt',
context,
'emails/activation_email.txt',
context
)
# Thorough tests for safe_get_host are elsewhere; here we just want a quick URL sanity check
request = RequestFactory().post('unused_url')
request.user = self.user
request.META['HTTP_HOST'] = "aGenericValidHostName"
self.append_allowed_hosts("aGenericValidHostName")
mako_middleware_process_request(request)
body = render_to_string('emails/activation_email.txt', context)
host = safe_get_host(request)
self.assertIn(host, body)
def assertChangeEmailSent(self, email_user):
"""
Assert that the correct email was sent to confirm an email change
"""
context = {
'old_email': self.user.email,
'new_email': self.pending_change_request.new_email,
}
self.assertEmailUser(
email_user,
'emails/email_change_subject.txt',
context,
'emails/confirm_email_change.txt',
context
)
# Thorough tests for safe_get_host are elsewhere; here we just want a quick URL sanity check
request = RequestFactory().post('unused_url')
request.user = self.user
request.META['HTTP_HOST'] = "aGenericValidHostName"
self.append_allowed_hosts("aGenericValidHostName")
with patch('edxmako.request_context.get_current_request', return_value=request):
body = render_to_string('emails/confirm_email_change.txt', context)
url = safe_get_host(request)
self.assertIn(url, body)
def get_template_request_context(request=None):
"""
Returns the template processing context to use for the current request,
or returns None if there is not a current request.
"""
if request is None:
request = get_current_request()
if request is None:
return None
request_cache_dict = request_cache.get_cache('edxmako')
cache_key = "request_context"
if cache_key in request_cache_dict:
return request_cache_dict[cache_key]
context = RequestContext(request)
context['is_secure'] = request.is_secure()
context['site'] = safe_get_host(request)
request_cache_dict[cache_key] = context
return context
def assertReactivateEmailSent(self, email_user):
"""Assert that the correct reactivation email has been sent"""
context = {
'name': self.user.profile.name,
'key': self.registration.activation_key
}
self.assertEmailUser(
email_user,
'emails/activation_email_subject.txt',
context,
'emails/activation_email.txt',
context
)
# Thorough tests for safe_get_host are elsewhere; here we just want a quick URL sanity check
request = RequestFactory().post('unused_url')
request.user = self.user
request.META['HTTP_HOST'] = "aGenericValidHostName"
self.append_allowed_hosts("aGenericValidHostName")
mako_middleware_process_request(request)
body = render_to_string('emails/activation_email.txt', context)
host = safe_get_host(request)
self.assertIn(host, body)
def assertChangeEmailSent(self, email_user):
"""Assert that the correct email was sent to confirm an email change"""
context = {
'old_email': self.user.email,
'new_email': self.pending_change_request.new_email,
}
self.assertEmailUser(
email_user,
'emails/email_change_subject.txt',
context,
'emails/confirm_email_change.txt',
context
)
# Thorough tests for safe_get_host are elsewhere; here we just want a quick URL sanity check
request = RequestFactory().post('unused_url')
request.user = self.user
request.META['HTTP_HOST'] = "aGenericValidHostName"
self.append_allowed_hosts("aGenericValidHostName")
mako_middleware_process_request(request)
body = render_to_string('emails/confirm_email_change.txt', context)
url = safe_get_host(request)
self.assertIn(url, body)
def get_template_request_context(request=None):
"""
Returns the template processing context to use for the current request,
or returns None if there is not a current request.
"""
if request is None:
request = get_current_request()
if request is None:
return None
request_cache_dict = request_cache.get_cache('edxmako')
cache_key = "request_context"
if cache_key in request_cache_dict:
return request_cache_dict[cache_key]
context = RequestContext(request)
context['is_secure'] = request.is_secure()
context['site'] = safe_get_host(request)
request_cache_dict[cache_key] = context
return context
def get_template_request_context(request=None):
"""
Returns the template processing context to use for the current request,
or returns None if there is not a current request.
"""
if request is None:
request = get_current_request()
if request is None:
return None
request_cache_dict = request_cache.get_cache('edxmako')
cache_key = "request_context"
if cache_key in request_cache_dict:
return request_cache_dict[cache_key]
context = RequestContext(request)
context['is_secure'] = request.is_secure()
context['site'] = safe_get_host(request)
# This used to happen when a RequestContext object was initialized but was
# moved to a different part of the logic when template engines were introduced.
# Since we are not using template engines we do this here.
# https://github.com/django/django/commit/37505b6397058bcc3460f23d48a7de9641cd6ef0
for processor in get_template_context_processors():
context.update(processor(request))
request_cache_dict[cache_key] = context
return context
def assertReactivateEmailSent(self, email_user):
"""
Assert that the correct reactivation email has been sent
"""
context = generate_activation_email_context(self.user, self.registration)
self.assertEmailUser(
email_user,
'emails/activation_email_subject.txt',
context,
'emails/activation_email.txt',
context
)
# Thorough tests for safe_get_host are elsewhere; here we just want a quick URL sanity check
request = RequestFactory().post('unused_url')
request.user = self.user
request.META['HTTP_HOST'] = "aGenericValidHostName"
self.append_allowed_hosts("aGenericValidHostName")
with patch('edxmako.request_context.get_current_request', return_value=request):
body = render_to_string('emails/activation_email.txt', context)
host = safe_get_host(request)
self.assertIn(host, body)
def send_admin_activation_email(first_name, org_id, org_name, claimed_by_name,
claimed_by_email, dest_addr, hash_key):
"""
Send an admin activation email.
"""
request = get_current_request()
max_retries = settings.RETRY_ACTIVATION_EMAIL_MAX_ATTEMPTS
encoded_org_id = base64.b64encode(str(org_id))
message_context = {
"first_name": first_name,
"key": hash_key.activation_hash,
"org_id": encoded_org_id,
"org_name": org_name,
"referring_user": hash_key.suggested_by.username,
"claimed_by_name": claimed_by_name,
"claimed_by_email": claimed_by_email,
}
admin_activation_link = '{protocol}://{site}/onboarding/admin_activate/{activation_key}?admin_activation=True'.format(
protocol='https' if request.is_secure() else 'http',
site=safe_get_host(request),
org_id=encoded_org_id,
activation_key=hash_key.activation_hash)
message_context["admin_activation_link"] = admin_activation_link
while max_retries > 0:
try:
MandrillClient().send_mail(
MandrillClient.ORG_ADMIN_ACTIVATION_TEMPLATE, dest_addr,
message_context)
max_retries = 0
except:
max_retries -= 1
def get_template_request_context(request=None):
"""
Returns the template processing context to use for the current request,
or returns None if there is not a current request.
"""
if request is None:
request = get_current_request()
if request is None:
return None
request_cache_dict = request_cache.get_cache('edxmako')
cache_key = "request_context"
if cache_key in request_cache_dict:
return request_cache_dict[cache_key]
context = RequestContext(request)
context['is_secure'] = request.is_secure()
context['site'] = safe_get_host(request)
# This used to happen when a RequestContext object was initialized but was
# moved to a different part of the logic when template engines were introduced.
# Since we are not using template engines we do this here.
# https://github.com/django/django/commit/37505b6397058bcc3460f23d48a7de9641cd6ef0
for processor in get_template_context_processors():
context.update(processor(request))
request_cache_dict[cache_key] = context
return context
def assertReactivateEmailSent(self, email_user):
"""
Assert that the correct reactivation email has been sent
"""
context = generate_activation_email_context(self.user, self.registration)
self.assertEmailUser(
email_user,
'emails/activation_email_subject.txt',
context,
'emails/activation_email.txt',
context
)
# Thorough tests for safe_get_host are elsewhere; here we just want a quick URL sanity check
request = RequestFactory().post('unused_url')
request.user = self.user
request.META['HTTP_HOST'] = "aGenericValidHostName"
self.append_allowed_hosts("aGenericValidHostName")
with patch('edxmako.request_context.get_current_request', return_value=request):
body = render_to_string('emails/activation_email.txt', context)
host = safe_get_host(request)
self.assertIn(host, body)
def get_template_request_context():
"""
Returns the template processing context to use for the current request,
or returns None if there is not a current request.
"""
request = getattr(REQUEST_CONTEXT, "request", None)
if not request:
return None
context = RequestContext(request)
context['is_secure'] = request.is_secure()
context['site'] = safe_get_host(request)
return context
def send_account_activation_email(request, registration, user):
activation_link = '{protocol}://{site}/activate/{key}'.format(
protocol='https' if request.is_secure() else 'http',
site=safe_get_host(request),
key=registration.activation_key
)
context = {
'first_name': user.first_name,
'activation_link': activation_link,
}
MandrillClient().send_mail(MandrillClient.USER_ACCOUNT_ACTIVATION_TEMPLATE, user.email, context)
def get_template_request_context():
"""
Returns the template processing context to use for the current request,
or returns None if there is not a current request.
"""
request = getattr(REQUEST_CONTEXT, "request", None)
if not request:
return None
context = RequestContext(request)
context['is_secure'] = request.is_secure()
context['site'] = safe_get_host(request)
return context
def assertChangeEmailSent(self, email_user):
"""Assert that the correct email was sent to confirm an email change"""
context = {"old_email": self.user.email, "new_email": self.pending_change_request.new_email}
self.assertEmailUser(
email_user, "emails/email_change_subject.txt", context, "emails/confirm_email_change.txt", context
)
# Thorough tests for safe_get_host are elsewhere; here we just want a quick URL sanity check
request = RequestFactory().post("unused_url")
request.user = self.user
request.META["HTTP_HOST"] = "aGenericValidHostName"
self.append_allowed_hosts("aGenericValidHostName")
mako_middleware_process_request(request)
body = render_to_string("emails/confirm_email_change.txt", context)
url = safe_get_host(request)
self.assertIn(url, body)
def get_template_request_context():
"""
Returns the template processing context to use for the current request,
or returns None if there is not a current request.
"""
request = getattr(REQUEST_CONTEXT, "request", None)
if not request:
return None
context = RequestContext(request)
context['is_secure'] = request.is_secure()
context['site'] = safe_get_host(request)
# This used to happen when a RequestContext object was initialized but was
# moved to a different part of the logic when template engines were introduced.
# Since we are not using template engines we do this here.
# https://github.com/django/django/commit/37505b6397058bcc3460f23d48a7de9641cd6ef0
for processor in get_template_context_processors():
context.update(processor(request))
return context
def get_template_request_context():
"""
Returns the template processing context to use for the current request,
or returns None if there is not a current request.
"""
request = getattr(REQUEST_CONTEXT, "request", None)
if not request:
return None
context = RequestContext(request)
context['is_secure'] = request.is_secure()
context['site'] = safe_get_host(request)
# This used to happen when a RequestContext object was initialized but was
# moved to a different part of the logic when template engines were introduced.
# Since we are not using template engines we do this here.
# https://github.com/django/django/commit/37505b6397058bcc3460f23d48a7de9641cd6ef0
for processor in get_template_context_processors():
context.update(processor(request))
return context
def send_admin_update_email(org_id, org_name, dest_addr, org_admin_name,
hash_key, claimed_by_email, claimed_by_name):
"""
Send an email to the admin, that this user claims himself to be the admin
"""
request = get_current_request()
admin_activation_link = '{protocol}://{site}/onboarding/admin_activate/{claimed_by_key}'.format(
protocol='https' if request.is_secure() else 'http',
site=safe_get_host(request),
claimed_by_key=hash_key.activation_hash)
message_context = {
"org_name": org_name,
"first_name": org_admin_name,
"claimed_by_name": claimed_by_name,
"claimed_by_email": claimed_by_email,
"admin_activation_link": admin_activation_link
}
MandrillClient().send_mail(MandrillClient.ORG_ADMIN_CHANGE_TEMPLATE,
dest_addr, message_context)
def test_safe_get_host(self):
""" Tests that the safe_get_host function returns the desired host """
settings.SITE_NAME = 'siteName.com'
factory = RequestFactory()
request = factory.request()
request.META['HTTP_HOST'] = 'www.userProvidedHost.com'
# If ALLOWED_HOSTS is not set properly, safe_get_host should return SITE_NAME
settings.ALLOWED_HOSTS = None
self.assertEqual(safe_get_host(request), "siteName.com")
settings.ALLOWED_HOSTS = ["*"]
self.assertEqual(safe_get_host(request), "siteName.com")
settings.ALLOWED_HOSTS = ["foo.com", "*"]
self.assertEqual(safe_get_host(request), "siteName.com")
# If ALLOWED_HOSTS is set properly, and the host is valid, we just return the user-provided host
settings.ALLOWED_HOSTS = [request.META['HTTP_HOST']]
self.assertEqual(safe_get_host(request), request.META['HTTP_HOST'])
# If ALLOWED_HOSTS is set properly but the host is invalid, we should get a SuspiciousOperation
settings.ALLOWED_HOSTS = ["the_valid_website.com"]
with self.assertRaises(SuspiciousOperation):
safe_get_host(request)
def test_safe_get_host(self):
""" Tests that the safe_get_host function returns the desired host """
settings.SITE_NAME = 'siteName.com'
factory = RequestFactory()
request = factory.request()
request.META['HTTP_HOST'] = 'www.userProvidedHost.com'
# If ALLOWED_HOSTS is not set properly, safe_get_host should return SITE_NAME
settings.ALLOWED_HOSTS = None
self.assertEqual(safe_get_host(request), "siteName.com")
settings.ALLOWED_HOSTS = ["*"]
self.assertEqual(safe_get_host(request), "siteName.com")
settings.ALLOWED_HOSTS = ["foo.com", "*"]
self.assertEqual(safe_get_host(request), "siteName.com")
# If ALLOWED_HOSTS is set properly, and the host is valid, we just return the user-provided host
settings.ALLOWED_HOSTS = [request.META['HTTP_HOST']]
self.assertEqual(safe_get_host(request), request.META['HTTP_HOST'])
# If ALLOWED_HOSTS is set properly but the host is invalid, we should get a SuspiciousOperation
settings.ALLOWED_HOSTS = ["the_valid_website.com"]
with self.assertRaises(SuspiciousOperation):
safe_get_host(request)
def process_request(self, request):
REQUEST_CONTEXT.context = RequestContext(request)
REQUEST_CONTEXT.context['is_secure'] = request.is_secure()
REQUEST_CONTEXT.context['site'] = safe_get_host(request)
def process_request(self, request):
REQUEST_CONTEXT.context = RequestContext(request)
REQUEST_CONTEXT.context['is_secure'] = request.is_secure()
REQUEST_CONTEXT.context['site'] = safe_get_host(request)
def process_request(self, request):
global requestcontext
requestcontext = RequestContext(request)
requestcontext['is_secure'] = request.is_secure()
requestcontext['site'] = safe_get_host(request)
def process_request(self, request):
global requestcontext
requestcontext = RequestContext(request)
requestcontext['is_secure'] = request.is_secure()
requestcontext['site'] = safe_get_host(request)
requestcontext['doc_url'] = self.get_doc_url_func(request)
