def test_valid_key(self):
"""Make sure the key is valid"""
actual_ip_plus_desc = actual_ip_plus_context(
lambda req: req.POST.get('description', 'no description'))
url = reverse('feedback')
factory = RequestFactory(HTTP_X_CLUSTER_CLIENT_IP='192.168.100.101')
# create a request with this as the description
desc = u'\u5347\u7ea7\u4e86\u65b0\u7248\u672c\u4e4b\u540e' * 16
req = factory.post(url, {'description': desc})
key = actual_ip_plus_desc(req)
# Key can't exceed memcached 250 character max
length = len(key)
ok_(length < 250)
# Key must be a string
ok_(isinstance(key, str))
# create a request with this as the description
second_desc = u'\u62e9\u201c\u5728\u65b0\u6807\u7b7e\u9875\u4e2d' * 16
second_req = factory.post(url, {'description': second_desc})
second_key = actual_ip_plus_desc(second_req)
# Two descriptions with the same ip address should produce
# different keys.
assert key != second_key
def test_valid_key(self):
"""Make sure the key is valid"""
actual_ip_plus_desc = actual_ip_plus_context(
lambda req: req.POST.get('description', 'no description')
)
url = reverse('feedback')
factory = RequestFactory(HTTP_X_CLUSTER_CLIENT_IP='192.168.100.101')
# create a request with this as the description
desc = u'\u5347\u7ea7\u4e86\u65b0\u7248\u672c\u4e4b\u540e' * 16
req = factory.post(url, {
'description': desc
})
key = actual_ip_plus_desc(req)
# Key can't exceed memcached 250 character max
length = len(key)
assert length < 250
# Key must be a string
assert isinstance(key, str)
# create a request with this as the description
second_desc = u'\u62e9\u201c\u5728\u65b0\u6807\u7b7e\u9875\u4e2d' * 16
second_req = factory.post(url, {
'description': second_desc
})
second_key = actual_ip_plus_desc(second_req)
# Two descriptions with the same ip address should produce
# different keys.
assert key != second_key
def get_throttles(self):
"""Returns throttle class instances"""
def _get_desc(req):
return req.data.get('description', u'no description')
return [
RatelimitThrottle(
rulename='api_post_{n}ph'.format(n=PER_HOUR_LIMIT),
rate='{n}/h'.format(n=PER_HOUR_LIMIT)),
RatelimitThrottle(rulename='api_post_doublesubmit_1p10m',
rate='1/10m',
keyfun=actual_ip_plus_context(_get_desc))
]
def get_throttles(self):
"""Returns throttle class instances"""
def _get_desc(req):
return req.data.get('description', u'no description')
return [
RatelimitThrottle(
rulename='api_post_{n}ph'.format(n=PER_HOUR_LIMIT),
rate='{n}/h'.format(n=PER_HOUR_LIMIT)),
RatelimitThrottle(
rulename='api_post_doublesubmit_1p10m',
rate='1/10m',
keyfun=actual_ip_plus_context(_get_desc))
]
def get_throttles(self):
"""Returns throttle class instances"""
def _get_desc(req):
return req.data.get('description', u'no description')
return [
RatelimitThrottle(
rulename='api_post_50ph',
rate='50/h'),
RatelimitThrottle(
rulename='api_post_doublesubmit_1p10m',
rate='1/10m',
keyfun=actual_ip_plus_context(_get_desc))
]
def get_throttles(self):
"""Returns throttle class instances"""
def _get_desc(req):
return req.DATA.get('description', u'no description')
return [
RatelimitThrottle(
rulename='api_post_50ph',
rate='50/h'),
RatelimitThrottle(
rulename='api_post_doublesubmit_1p10m',
rate='1/10m',
keyfun=actual_ip_plus_context(_get_desc))
]
def test_valid_key_ipv6(self):
"""Make sure ipv6 keys work"""
actual_ip_plus_desc = actual_ip_plus_context(lambda req: req.POST.get("description", "no description"))
url = reverse("feedback")
factory = RequestFactory(HTTP_X_CLUSTER_CLIENT_IP="0000:0000:0000:0000:0000:0000:0000:0000")
# create a request with this as the description
desc = u"\u5347\u7ea7\u4e86\u65b0\u7248\u672c\u4e4b\u540e" * 16
req = factory.post(url, {"description": desc})
key = actual_ip_plus_desc(req)
# Key can't exceed memcached 250 character max
length = len(key)
ok_(length < 250)
def test_valid_key_ipv6(self):
"""Make sure ipv6 keys work"""
actual_ip_plus_desc = actual_ip_plus_context(
lambda req: req.POST.get('description', 'no description'))
url = reverse('feedback')
factory = RequestFactory(
HTTP_X_CLUSTER_CLIENT_IP='0000:0000:0000:0000:0000:0000:0000:0000')
# create a request with this as the description
desc = u'\u5347\u7ea7\u4e86\u65b0\u7248\u672c\u4e4b\u540e' * 16
req = factory.post(url, {'description': desc})
key = actual_ip_plus_desc(req)
# Key can't exceed memcached 250 character max
length = len(key)
ok_(length < 250)
def test_valid_key_ipv6(self):
"""Make sure ipv6 keys work"""
actual_ip_plus_desc = actual_ip_plus_context(
lambda req: req.POST.get('description', 'no description')
)
url = reverse('feedback')
factory = RequestFactory(
HTTP_X_CLUSTER_CLIENT_IP='0000:0000:0000:0000:0000:0000:0000:0000')
# create a request with this as the description
desc = u'\u5347\u7ea7\u4e86\u65b0\u7248\u672c\u4e4b\u540e' * 16
req = factory.post(url, {
'description': desc
})
key = actual_ip_plus_desc(req)
# Key can't exceed memcached 250 character max
length = len(key)
assert length < 250
"""
@wraps(func)
def _requires_firefox(request, *args, **kwargs):
# Note: This is sort of a lie. What's going on here is that
# parse_ua only parses Firefox-y browsers. So if it's UNKNOWN
# at this point, then it's not Firefox-y. If parse_ua ever
# changes, then this will cease to be true.
if request.BROWSER.browser == UNKNOWN:
return HttpResponseRedirect(reverse('download-firefox'))
return func(request, *args, **kwargs)
return _requires_firefox
@ratelimit(rulename='doublesubmit_1p10m',
keyfun=actual_ip_plus_context(
lambda req: req.POST.get('description', u'no description')),
rate='1/10m')
@ratelimit(rulename='50ph', rate='50/h')
def _handle_feedback_post(request, locale=None, product=None,
version=None, channel=None):
"""Saves feedback post to db accounting for throttling
:arg request: request we're handling the post for
:arg locale: locale specified in the url
:arg product: None or the Product
:arg version: validated and sanitized version specified in the url
:arg channel: validated and sanitized channel specified in the url
"""
if getattr(request, 'limited', False):
# If we're throttled, then return the thanks page, but don't
"""
@wraps(func)
def _requires_firefox(request, *args, **kwargs):
# Note: This is sort of a lie. What's going on here is that
# parse_ua only parses Firefox-y browsers. So if it's UNKNOWN
# at this point, then it's not Firefox-y. If parse_ua ever
# changes, then this will cease to be true.
if request.BROWSER.browser == UNKNOWN:
return HttpResponseRedirect(reverse('download-firefox'))
return func(request, *args, **kwargs)
return _requires_firefox
@ratelimit(rulename='doublesubmit_1p10m',
keyfun=actual_ip_plus_context(
lambda req: req.POST.get('description', u'no description')),
rate='1/10m')
@ratelimit(rulename='50ph', rate='50/h')
def _handle_feedback_post(request,
locale=None,
product=None,
version=None,
channel=None):
"""Saves feedback post to db accounting for throttling
:arg request: request we're handling the post for
:arg locale: locale specified in the url
:arg product: None or the Product
:arg version: validated and sanitized version specified in the url
:arg channel: validated and sanitized channel specified in the url
