def test_session(self):
request = self.get_request()
limiter = session_ratelimit_post('test')(lambda request: 'RESPONSE')
self.assertEqual(limiter(request), 'RESPONSE')
self.assertEqual(limiter(request).url, '/accounts/login/')
self.assertEqual(limiter(request).url, '/accounts/login/')
sleep(1)
self.assertEqual(limiter(request), 'RESPONSE')
def test_session(self):
request = self.get_request()
limiter = session_ratelimit_post('test')(lambda request: 'RESPONSE')
self.assertEqual(limiter(request), 'RESPONSE')
self.assertEqual(limiter(request).url, '/accounts/login/')
self.assertEqual(limiter(request).url, '/accounts/login/')
sleep(1)
self.assertEqual(limiter(request), 'RESPONSE')
def test_post(self):
request = self.get_request()
limiter = session_ratelimit_post('test')(lambda request: 'RESPONSE')
# First attempt should work
self.assertEqual(limiter(request), 'RESPONSE')
# Second attempt should be blocked
self.assertEqual(limiter(request).url, '/accounts/login/')
# During lockout period request should be blocked
request = self.get_request()
self.assertEqual(limiter(request).url, '/accounts/login/')
# Wait until lockout expires and it should work again
sleep(1)
request = self.get_request()
self.assertEqual(limiter(request), 'RESPONSE')
from weblate.vcs.models import VCS_REGISTRY
class BaseCreateView(CreateView):
def __init__(self, **kwargs):
super().__init__(**kwargs)
self.has_billing = "weblate.billing" in settings.INSTALLED_APPS
def get_form_kwargs(self):
kwargs = super().get_form_kwargs()
kwargs["request"] = self.request
return kwargs
@method_decorator(login_required, name="dispatch")
@method_decorator(session_ratelimit_post("project"), name="dispatch")
class CreateProject(BaseCreateView):
model = Project
form_class = ProjectCreateForm
billings = None
def get_form(self, form_class=None):
form = super().get_form(form_class)
billing_field = form.fields["billing"]
if self.has_billing:
billing_field.queryset = self.billings
try:
billing_field.initial = int(self.request.GET["billing"])
except (ValueError, KeyError):
pass
billing_field.required = not self.request.user.is_superuser
