def test_it_sets_custom_content_security_policy_header(self, pyramid_request):
client.sidebar_app(pyramid_request)
csp_header = pyramid_request.response.headers["Content-Security-Policy"]
assert (
csp_header
== "script-src 'self' http://example.com https://www.google-analytics.com; style-src http://example.com 'unsafe-inline'"
)
def test_it_sets_custom_content_security_policy_header(
self, pyramid_request):
client.sidebar_app(pyramid_request)
csp_header = pyramid_request.response.headers[
"Content-Security-Policy"]
assert (
csp_header ==
"script-src 'self' https://cdn.hypothes.is https://www.google-analytics.com; style-src https://cdn.hypothes.is"
)
def test_uses_client_boot_script_when_enabled(self, pyramid_request):
pyramid_request.feature.flags['use_client_boot_script'] = True
ctx = client.sidebar_app(pyramid_request)
assert ctx['app_js_urls'] == ['/embed.js']
assert ctx['app_css_urls'] == []
def annotation_page(context, request):
annotation = context.annotation
document = annotation.document
if document and document.title:
title = "Annotation by {user} on {title}".format(
user=annotation.userid.replace("acct:", ""), title=document.title
)
else:
title = "Annotation by {user}".format(
user=annotation.userid.replace("acct:", "")
)
alternate = request.route_url("api.annotation", id=annotation.id)
return sidebar_app(
request,
{
"meta_attrs": (
{"property": "og:title", "content": title},
{"property": "og:description", "content": ""},
{"property": "og:image", "content": "/assets/images/logo.png"},
{"property": "og:site_name", "content": "Hypothes.is"},
{"property": "og:url", "content": request.url},
),
"link_attrs": (
{"rel": "alternate", "href": alternate, "type": "application/json"},
),
},
)
def stream(_context, request):
q = request.params.get("q", "").split(":", 1)
if len(q) >= 2 and q[0] == "tag":
tag = q[1]
if " " in tag:
tag = '"' + tag + '"'
query = {"q": "tag:{}".format(tag)}
location = request.route_url("activity.search", _query=query)
raise httpexceptions.HTTPFound(location=location)
atom = request.route_url("stream_atom")
rss = request.route_url("stream_rss")
return sidebar_app(
request,
{
"link_tags": [
{
"rel": "alternate",
"href": atom,
"type": "application/atom+xml"
},
{
"rel": "alternate",
"href": rss,
"type": "application/rss+xml"
},
]
},
)
def stream(context, request):
q = request.params.get('q', '').split(':', 1)
if len(q) >= 2 and q[0] == 'tag':
tag = q[1]
if ' ' in tag:
tag = '"' + tag + '"'
query = {'q': 'tag:{}'.format(tag)}
location = request.route_url('activity.search', _query=query)
raise httpexceptions.HTTPFound(location=location)
atom = request.route_url('stream_atom')
rss = request.route_url('stream_rss')
return sidebar_app(
request, {
'link_tags': [
{
'rel': 'alternate',
'href': atom,
'type': 'application/atom+xml'
},
{
'rel': 'alternate',
'href': rss,
'type': 'application/rss+xml'
},
]
})
def annotation_page(context, request):
annotation = context.annotation
document = annotation.document
if document and document.title:
title = 'Annotation by {user} on {title}'.format(
user=annotation.userid.replace('acct:', ''),
title=document.title)
else:
title = 'Annotation by {user}'.format(
user=annotation.userid.replace('acct:', ''))
alternate = request.route_url('api.annotation', id=annotation.id)
return sidebar_app(request, {
'meta_attrs': (
{'property': 'og:title', 'content': title},
{'property': 'og:description', 'content': ''},
{'property': 'og:image', 'content': '/assets/images/logo.png'},
{'property': 'og:site_name', 'content': 'Hypothes.is'},
{'property': 'og:url', 'content': request.url},
),
'link_attrs': (
{'rel': 'alternate', 'href': alternate,
'type': 'application/json'},
),
})
def annotation_page(context, request):
annotation = context.annotation
document = annotation.document
if document and document.title:
title = "Annotation by {user} on {title}".format(
user=annotation.userid.replace("acct:", ""), title=document.title
)
else:
title = "Annotation by {user}".format(
user=annotation.userid.replace("acct:", "")
)
alternate = request.route_url("api.annotation", id=annotation.id)
return sidebar_app(
request,
{
"meta_attrs": (
{"property": "og:title", "content": title},
{"property": "og:description", "content": ""},
{"property": "og:image", "content": "/assets/images/logo.png"},
{"property": "og:site_name", "content": "Hypothes.is"},
{"property": "og:url", "content": request.url},
),
"link_attrs": (
{"rel": "alternate", "href": alternate, "type": "application/json"},
),
},
)
def test_it_sets_asset_urls(self, pyramid_request):
pyramid_request.feature.flags['use_client_boot_script'] = False
ctx = client.sidebar_app(pyramid_request)
assert ctx['app_css_urls'] == ['/assets/client/app.css']
assert ctx['app_js_urls'] == ['/assets/client/app.js']
def test_it_disables_oauth(self, pyramid_request):
pyramid_request.feature.flags['client_oauth'] = False
ctx = client.sidebar_app(pyramid_request)
cfg = json.loads(ctx['app_config'])
assert cfg['oauthEnabled'] is False
def test_it_includes_client_config(self, pyramid_request):
ctx = client.sidebar_app(pyramid_request)
expected_config = {
"apiUrl": "http://example.com/api",
"websocketUrl": "wss://example.com/ws",
"sentry": {"dsn": "test-sentry-dsn", "environment": "dev"},
"authDomain": "example.com",
"googleAnalytics": "UA-4567",
"oauthClientId": "test-client-id",
"rpcAllowedOrigins": "https://lti.hypothes.is",
}
actual_config = json.loads(ctx["app_config"])
assert actual_config == expected_config
def test_it_includes_client_config(self, pyramid_request):
ctx = client.sidebar_app(pyramid_request)
expected_config = {
"apiUrl": "http://example.com/api",
"websocketUrl": "wss://example.com/ws",
"release": __version__,
"raven": {"dsn": "test-sentry-dsn", "release": __version__},
"authDomain": "example.com",
"googleAnalytics": "UA-4567",
"oauthClientId": "test-client-id",
"rpcAllowedOrigins": "https://lti.hypothes.is",
}
actual_config = json.loads(ctx["app_config"])
assert actual_config == expected_config
def stream(context, request):
q = request.params.get('q', '').split(':', 1)
if len(q) >= 2 and q[0] == 'tag':
tag = q[1]
if ' ' in tag:
tag = '"' + tag + '"'
query = {'q': 'tag:{}'.format(tag)}
location = request.route_url('activity.search', _query=query)
raise httpexceptions.HTTPFound(location=location)
atom = request.route_url('stream_atom')
rss = request.route_url('stream_rss')
return sidebar_app(request, {
'link_tags': [
{'rel': 'alternate', 'href': atom, 'type': 'application/atom+xml'},
{'rel': 'alternate', 'href': rss, 'type': 'application/rss+xml'},
]
})
def test_it_includes_client_config(self, pyramid_request):
ctx = client.sidebar_app(pyramid_request)
expected_config = {
'apiUrl': 'http://example.com/api',
'websocketUrl': 'wss://example.com/ws',
'serviceUrl': 'http://example.com/',
'release': __version__,
'raven': {
'dsn': 'test-sentry-dsn',
'release': __version__
},
'authDomain': 'example.com',
'googleAnalytics': 'UA-4567'
}
actual_config = json.loads(ctx['app_config'])
assert actual_config == expected_config
def test_it_includes_client_config(self, pyramid_request):
ctx = client.sidebar_app(pyramid_request)
expected_config = {
'apiUrl': 'http://example.com/api',
'websocketUrl': 'wss://example.com/ws',
'serviceUrl': 'http://example.com/',
'release': __version__,
'raven': {
'dsn': 'test-sentry-dsn',
'release': __version__
},
'authDomain': 'example.com',
'googleAnalytics': 'UA-4567'
}
actual_config = json.loads(ctx['app_config'])
assert actual_config == expected_config
def annotation_page(context, request):
annotation = context.annotation
document = annotation.document
if document and document.title:
title = 'Annotation by {user} on {title}'.format(
user=annotation.userid.replace('acct:', ''), title=document.title)
else:
title = 'Annotation by {user}'.format(
user=annotation.userid.replace('acct:', ''))
alternate = request.route_url('api.annotation', id=annotation.id)
return sidebar_app(
request, {
'meta_attrs': (
{
'property': 'og:title',
'content': title
},
{
'property': 'og:description',
'content': ''
},
{
'property': 'og:image',
'content': '/assets/images/logo.png'
},
{
'property': 'og:site_name',
'content': 'Hypothes.is'
},
{
'property': 'og:url',
'content': request.url
},
),
'link_attrs': ({
'rel': 'alternate',
'href': alternate,
'type': 'application/json'
}, ),
})
def stream(context, request):
q = request.params.get("q", "").split(":", 1)
if len(q) >= 2 and q[0] == "tag":
tag = q[1]
if " " in tag:
tag = '"' + tag + '"'
query = {"q": "tag:{}".format(tag)}
location = request.route_url("activity.search", _query=query)
raise httpexceptions.HTTPFound(location=location)
atom = request.route_url("stream_atom")
rss = request.route_url("stream_rss")
return sidebar_app(
request,
{
"link_tags": [
{"rel": "alternate", "href": atom, "type": "application/atom+xml"},
{"rel": "alternate", "href": rss, "type": "application/rss+xml"},
]
},
)
def test_it_includes_client_config(self, pyramid_request):
ctx = client.sidebar_app(pyramid_request)
expected_config = {
'apiUrl': 'http://example.com/api',
'websocketUrl': 'wss://example.com/ws',
'serviceUrl': 'http://example.com/',
'release': __version__,
'raven': {
'dsn': 'test-sentry-dsn',
'release': __version__
},
'authDomain': 'example.com',
'googleAnalytics': 'UA-4567',
'oauthClientId': 'test-client-id',
'oauthEnabled': True,
'rpcAllowedOrigins': 'https://lti.hypothes.is',
}
actual_config = json.loads(ctx['app_config'])
assert actual_config == expected_config
def test_it_sets_embed_url(self, pyramid_request):
ctx = client.sidebar_app(pyramid_request)
assert ctx["embed_url"] == "/embed.js"
def test_it_sets_client_url(self, pyramid_request):
ctx = client.sidebar_app(pyramid_request)
assert ctx["client_url"] == "http://example.com/client_url"
def test_it_sets_embed_url(self, pyramid_request):
ctx = client.sidebar_app(pyramid_request)
assert ctx['embed_url'] == '/embed.js'