def put(self): try: uuid.UUID(self.password_id) except ValueError: return invalid_password_id() password = self._get_password() if password is None: return password_not_found() else: cleaned_data, errors = validate_password(self.request.body, self.request.charset) if errors: result = {'message': ','.join(errors)} return HTTPBadRequest(body=json.dumps(result), charset='utf8', content_type='application/json') password.secret = cleaned_data['secret'] password.service = cleaned_data['service'] password.account = cleaned_data['account'] password.expiration = cleaned_data['expiration'] password.notes = cleaned_data['notes'] password.tags = cleaned_data['tags'] Session.add(password) return {'password': password.as_dict()}
def test_password_collection_get_non_empty(self): password = Password(service='testing', secret='s3cr3t', user_id=self.user_id) with transaction.manager: Session.add(password) Session.flush() password_id = password.id res = self.testapp.get('/passwords', headers=self.auth_header) self.assertEqual(res.status, '200 OK') self.assertEqual(res.json, { "passwords": [{ 'account': '', 'creation': '2014-02-23T08:00:00', 'modification': '2014-02-23T08:00:00', 'expiration': None, 'id': password_id, 'notes': u'', 'owner': self.user_id, 'user': self.user_id, 'secret': 's3cr3t', 'service': 'testing', 'tags': [], }], })
def preferences(request): schema = UserPreferencesSchema() button1 = Button('submit', _('Save changes')) button1.css_class = 'btn-primary' form = Form(schema, buttons=(button1, )) user = request.user if 'submit' in request.POST: controls = request.POST.items() try: appstruct = form.validate(controls) except ValidationFailure as e: return {'form': e.render()} user.update_preferences(appstruct) Session.add(user) request.session.flash( _('The changes were saved successfully'), 'success', ) return HTTPFound(location=request.route_path('user_preferences')) return { 'form': form.render({ 'allow_google_analytics': user.allow_google_analytics, 'send_passwords_periodically': user.send_passwords_periodically, }) }
def test_get_accounts_multiple_providers(self): user = User(email='*****@*****.**', email_verified=True) identity1 = ExternalIdentity(user=user, provider='twitter', external_id='1234') identity2 = ExternalIdentity(user=user, provider='google', external_id='4321') password = Password(user=user, secret='secret') Session.add(user) Session.add(identity1) Session.add(identity2) Session.add(password) Session.flush() self.assertEqual(user.get_accounts('google'), [ {'id': user.id, 'is_current': True, 'is_verified': True, 'passwords': 1, 'providers': [{ 'name': 'twitter', 'is_current': False, }, { 'name': 'google', 'is_current': True, }]} ])
def delete(self): set_config(self.request.user) result = Session.query(self.model).get(int(self.request.matchdict['id'])) if result and not result.is_readonly: Session.delete(result) return result raise HTTPNotFound()
def test_get_accounts_multiple_providers(self): user = User(email='*****@*****.**', email_verified=True) identity1 = ExternalIdentity(user=user, provider='twitter', external_id='1234') identity2 = ExternalIdentity(user=user, provider='google', external_id='4321') password = Password(user=user, secret='secret') Session.add(user) Session.add(identity1) Session.add(identity2) Session.add(password) Session.flush() self.assertEqual(user.get_accounts('google'), [{ 'id': user.id, 'is_current': True, 'is_verified': True, 'passwords': 1, 'providers': [{ 'name': 'twitter', 'is_current': False, }, { 'name': 'google', 'is_current': True, }] }])
def verify_email(request): try: code = request.params['code'] except KeyError: return HTTPBadRequest('Missing code parameter') try: email = request.params['email'] except KeyError: return HTTPBadRequest('Missing email parameter') evc = EmailVerificationCode(code) user = evc.verify(email) if user is not None: request.session.flash( _('Congratulations, your email has been successfully verified'), 'success', ) user.verify_email() Session.add(user) return { 'verified': True, } else: request.session.flash( _('Sorry, your verification code is not correct or has expired'), 'error', ) return { 'verified': False, }
def main(argv=sys.argv): # Usage and configuration if len(argv) != 2: usage(argv) config_uri = argv[1] setup_logging(config_uri) settings = get_appsettings(config_uri) config = Configurator(settings=settings) config.include('pyramid_sqlalchemy') # Make the database with schema and default data with transaction.manager: metadata.create_all() root = RootFolder(name='', title='Moonbase Demo', __acl__=[ ['Allow', ['paul'], 'view'] ] ) Session.add(root) f1 = root['f1'] = Folder( title='Folder 1', __acl__=[ ['Allow', ['shane'], 'view'] ] ) f1['da'] = Document(title='Document 1A')
def handle_refresh_token(request, client): if 'refresh_token' not in request.POST: log.info('refresh_token field missing') return HTTPBadRequest(InvalidRequest(error_description='refresh_token ' 'field required')) if 'user_id' not in request.POST: log.info('user_id field missing') return HTTPBadRequest(InvalidRequest(error_description='user_id ' 'field required')) auth_token = db.query(Oauth2Token).filter_by( refresh_token=request.POST.get('refresh_token')).first() if not auth_token: log.info('invalid refresh_token') return HTTPUnauthorized(InvalidToken(error_description='Provided ' 'refresh_token is not valid.')) if auth_token.client.client_id != client.client_id: log.info('invalid client_id') return HTTPBadRequest(InvalidClient(error_description='Client does ' 'not own this refresh_token.')) if str(auth_token.user_id) != request.POST.get('user_id'): log.info('invalid user_id') return HTTPBadRequest(InvalidClient(error_description='The given ' 'user_id does not match the given refresh_token.')) new_token = auth_token.refresh() db.add(new_token) db.flush() return new_token.asJSON(token_type='bearer')
def test_application_edit_unauthorized(self): create_and_login_user(self.testapp) app = Application(name='Test Application', main_url='http://example.com', callback_url='http://example.com/callback', authorized_origins=['http://example.com', 'https://example.com'], production_ready=False, image_url='http://example.com/image.png', description='example description') other_user = User(screen_name='Alice doe', first_name='Alice', last_name='Doe', email='*****@*****.**') other_user.applications.append(app) with transaction.manager: Session.add(other_user) Session.flush() app_id = app.id res = self.testapp.get('/oauth2/applications/%s/edit' % str(app_id), status=401) self.assertEqual(res.status, '401 Unauthorized')
def test_application_edit_cancel(self): user = User(screen_name='John Doe', first_name='John', last_name='Doe', email='*****@*****.**') app = Application(name='Test Application', main_url='http://example.com', callback_url='http://example.com/callback', authorized_origins=['http://example.com', 'https://example.com'], production_ready=False, image_url='http://example.com/image.png', description='example description') user.applications.append(app) with transaction.manager: Session.add(user) Session.flush() app_id = app.id user_id = user.id self.testapp.get('/__login/' + str(user_id)) res = self.testapp.post('/oauth2/applications/%s/edit' % str(app_id), { 'cancel': 'Cancel', }) self.assertEqual(res.status, '302 Found') self.assertEqual(res.location, 'http://localhost/oauth2/applications')
def test_register_new_user_email_not_verified(self): self.testapp.post('/__session', { 'next_url': 'http://localhost/foo/bar', 'user_info__provider': 'twitter', 'user_info__external_id': '1234', 'user_info__screen_name': 'John Doe', 'user_info__first_name': 'John', 'user_info__last_name': 'Doe', 'user_info__email': '*****@*****.**', }, status=302) # if no email is provided at registration, the email is # not verified res = self.testapp.post('/register', { 'first_name': 'John2', 'last_name': 'Doe2', 'email': '', 'submit': 'Register into Yith Library', }, status=302) self.assertEqual(res.status, '302 Found') self.assertEqual(res.location, 'http://localhost/foo/bar') self.assertEqual(Session.query(User).count(), 1) user = Session.query(User).filter(User.first_name == 'John2').one() self.assertEqual(user.first_name, 'John2') self.assertEqual(user.last_name, 'Doe2') self.assertEqual(user.email, '') self.assertEqual(user.email_verified, False) self.assertEqual(user.send_passwords_periodically, False) identity = Session.query(ExternalIdentity).filter( ExternalIdentity.external_id == '1234', ExternalIdentity.provider == 'twitter', ).one() self.assertEqual(identity.user, user)
def collection_timestamp(self, collection_id, parent_id, auth=None): """Get the highest timestamp of every objects in this `collection_id` for this `parent_id`. .. note:: This should take deleted objects into account. :param str collection_id: the collection id. :param str parent_id: the collection parent. :returns: the latest timestamp of the collection. :rtype: int """ tb = Timestamps.__table__ qry = select([label('last_modified', func.max(tb.c.last_modified))]).where(and_( tb.c.parent_id == parent_id, tb.c.collection_id == collection_id)) last_modified, = Session.execute(qry).fetchone() if last_modified is None: last_modified = datetime.datetime.utcnow() with transaction.manager: Session.add(Timestamps(parent_id=parent_id, collection_id=collection_id, last_modified=last_modified)) return last_modified.replace(tzinfo=datetime.timezone.utc).timestamp()
def main(argv=sys.argv): # Usage and configuration if len(argv) != 2: usage(argv) config_uri = argv[1] setup_logging(config_uri) settings = get_appsettings(config_uri) config = Configurator(settings=settings) config.include('pyramid_sqlalchemy') # Make the database with schema and default data with transaction.manager: metadata.create_all() for todo in sample_todos: t = ToDo(title=todo['title'], acl=todo.get('acl')) Session.add(t) for user in sample_users: u = User(id=user['id'], username=user['username'], password=user['password'], first_name=user['first_name'], last_name=user['last_name'], groups=user['groups']) Session.add(u)
def developer_application_delete(request): app_id = request.matchdict['app'] try: uuid.UUID(app_id) except ValueError: return HTTPBadRequest() try: app = Session.query(Application).filter(Application.id == app_id).one() except NoResultFound: return HTTPNotFound() assert_authenticated_user_is_registered(request) if app.user != request.user: return HTTPUnauthorized() if 'submit' in request.POST: Session.delete(app) request.session.flash( _('The application ${app} was deleted successfully', mapping={'app': app.name}), 'success', ) return HTTPFound( location=request.route_path('oauth2_developer_applications')) return {'app': app}
def filter_objects(cls, objects, first=False, **params): """ Perform query with :params: on instances sequence :objects: :param object: Sequence of :cls: instances on which query should be run. :param params: Query parameters to filter :objects:. """ id_name = cls.pk_field() ids = [getattr(obj, id_name, None) for obj in objects] ids = [str(id_) for id_ in ids if id_ is not None] field_obj = getattr(cls, id_name) query_set = Session().query(cls).filter(field_obj.in_(ids)) if params: params['query_set'] = query_set.from_self() query_set = cls.get_collection(**params) if first: first_obj = query_set.first() if not first_obj: msg = "'{}({})' resource not found".format( cls.__name__, params) raise JHTTPNotFound(msg) return first_obj return query_set
def _delete_many(cls, items, request=None, synchronize_session=False): """ Delete :items: queryset or objects list. When queryset passed, Query.delete() is used to delete it but first queryset is re-queried to clean it from explicit limit/offset/etc. If some of the methods listed above were called, or :items: is not a Query instance, one-by-one items update is performed. `on_bulk_delete` function is called to delete objects from index and to reindex relationships. This is done explicitly because it is impossible to get access to deleted objects in signal handler for 'after_bulk_delete' ORM event. """ if isinstance(items, Query): del_queryset = cls._clean_queryset(items) del_items = del_queryset.all() del_count = del_queryset.delete( synchronize_session=synchronize_session) on_bulk_delete(cls, del_items, request) return del_count items_count = len(items) session = Session() for item in items: item._request = request session.delete(item) session.flush() return items_count
def list(cls, empresa_id, offset, limit, sort, order, cliente): """ Método para retorno com paginação e ordenação remotas :param empresa_id: identificação da empresa :param offset: ponteiro inicial da consulta :param limit: limite de registros :param sort: coluna de ordenação :param order: tipo de ordenação :param cliente: filtro para a coluna cliente_id (hash_id) :return: """ s = asc('pedidos_' + sort) # joinedload obriga concatenação if order == 'desc': s = desc(sort) # todo: parametro 'q' para lista completa ou lista para select (novo ClienteSelectSchema) # todo: é necessário um método para filtros dinâmicos de acordo com modelo if cliente: decoded_id = get_decoded_id('clientes', cliente, empresa_id) return Session.query(cls) \ .filter(and_(cls.empresa_id == empresa_id, cls.cliente_id == decoded_id)) \ .options(joinedload(cls.cliente)) \ .order_by(s).limit(limit).offset(offset).all() else: return Session.query(cls) \ .filter(cls.empresa_id == empresa_id).order_by(s) \ .options(joinedload(cls.cliente).load_only('nome')) \ .limit(limit).offset(offset).all()
def test_user_get(self): expiration = datetime.datetime(2014, 2, 23, 9, 0) access_code = AccessCode(code=self.access_code, code_type='Bearer', expiration=expiration, scope=['read-userinfo'], user_id=self.user_id, application_id=self.application_id) with transaction.manager: Session.add(access_code) Session.flush() auth_header = {'Authorization': 'Bearer %s' % self.access_code} res = self.testapp.get('/user', headers=auth_header) self.assertEqual(res.status, '200 OK') self.assertEqual(res.json, { 'id': self.user_id, 'screen_name': 'John Doe', 'first_name': 'John', 'last_name': 'Doe', 'email': '*****@*****.**', 'email_verified': True, 'allow_google_analytics': True, 'send_passwords_periodically': False, 'creation': '2012-12-12T12:12:00', 'last_login': '******', })
def test_register_new_user_wants_analytics_cookie(self): self.testapp.post('/__session', { 'next_url': 'http://localhost/foo/bar', 'user_info__provider': 'google', 'user_info__external_id': '1234', 'user_info__screen_name': 'John Doe', 'user_info__first_name': 'John', 'user_info__last_name': 'Doe', 'user_info__email': '', USER_ATTR: True, }, status=302) # The user want the Google Analytics cookie res = self.testapp.post('/register', { 'first_name': 'John3', 'last_name': 'Doe3', 'email': '*****@*****.**', 'submit': 'Register into Yith Library', }, status=302) self.assertEqual(res.status, '302 Found') self.assertEqual(res.location, 'http://localhost/foo/bar') self.assertEqual(Session.query(User).count(), 1) user = Session.query(User).filter(User.first_name == 'John3').one() self.assertFalse(user is None) self.assertEqual(user.first_name, 'John3') self.assertEqual(user.last_name, 'Doe3') self.assertEqual(user.email, '*****@*****.**') self.assertEqual(user.email_verified, False) self.assertEqual(user.allow_google_analytics, True) self.assertEqual(user.send_passwords_periodically, False) identity = Session.query(ExternalIdentity).filter( ExternalIdentity.external_id == '1234', ExternalIdentity.provider == 'google', ).one() self.assertEqual(identity.user, user)
def test_save_bearer_token(self): rv, request = self._create_request_validator() token = { 'expires_in': 3600, # seconds 'access_token': 'fghijk', 'token_type': 'Bearer', 'refresh_token': 'lmnopq', } request.user = Session.query(User).filter( User.id == self.user_id).one() request.scopes = ['read-passwords', 'write-passwords'] request.client = rv.get_client(self.app_id) rv.save_bearer_token(token, request) access_code = Session.query(AccessCode).filter( AccessCode.code == 'fghijk').one() self.assertEquals(access_code.code, 'fghijk') self.assertEquals(access_code.code_type, 'Bearer') self.assertEquals(access_code.scope, ['read-passwords', 'write-passwords']) self.assertEquals(access_code.refresh_code, 'lmnopq') expected_expiration = datetime.datetime(2012, 1, 10, 16, 31, 11) self.assertEquals(access_code.expiration, expected_expiration) self.assertEquals(access_code.user_id, self.user_id) self.assertEquals(access_code.application_id, self.app_id)
def revoke_application(request): app_id = request.matchdict['app'] try: uuid.UUID(app_id) except ValueError: return HTTPBadRequest() try: app = Session.query(Application).filter(Application.id == app_id).one() except NoResultFound: return HTTPNotFound() assert_authenticated_user_is_registered(request) if 'submit' in request.POST: authorized_apps = Session.query(AuthorizedApplication).filter( AuthorizedApplication.application == app, AuthorizedApplication.user == request.user).all() for authorized_app in authorized_apps: Session.delete(authorized_app) request.session.flash( _('The access to application ${app} has been revoked', mapping={'app': app.name}), 'success', ) return HTTPFound( location=request.route_path('oauth2_authorized_applications')) return {'app': app}
def delete(self): """ Delete an item from a collection; typically occurs with requests like DELETE /users/1 """ Session.delete(self.context.entity) Session.flush() return Response(status=204)
def empty(self): """ Empty the collection (delete all items) """ entity_class = self.context.model Session.query(entity_class).delete() return Response(status=204)
def import_via_hro_view_via_post(request): from datetime import datetime from pyramid.httpexceptions import HTTPFound from pyramid_sqlalchemy import Session from ..forms import UploadForm from ..models import NewStudentModel form = UploadForm(request.POST) if form.validate(): # 取得資料庫裡面已有的學生資料,藉此資料來實作 "已存在的學生不更動,只新增不存在的學生" 的功能 existed_new_students = { i.signup_number for i in Session.query(NewStudentModel.signup_number) } file_content = form.file.data.file.read().decode('cp950') content_lines = file_content.split('\r\n') for each_line in content_lines: splitted_line = each_line.split(',') if not splitted_line[0].isdigit(): continue if len(splitted_line) != 15: continue new_student = NewStudentModel() new_student.signup_number = int(splitted_line[0]) new_student.name = splitted_line[1] new_student.parent_name = splitted_line[2] new_student.id_number = splitted_line[3] new_student.parent_id_number = splitted_line[4] new_student.birthday = datetime.strptime(splitted_line[5], '%Y/%m/%d') new_student.move_in_date = datetime.strptime(splitted_line[6], '%Y/%m/%d') new_student.gender = splitted_line[7] new_student.village = splitted_line[9] new_student.neighborhood = splitted_line[10] new_student.address = splitted_line[11] new_student.note = splitted_line[14].strip() if new_student.signup_number not in existed_new_students: Session.add(new_student) return HTTPFound(location=request.route_path('home')) else: return {'form': form}
def add_view_via_post(request): import os, shutil from pkg_resources import resource_filename from pyramid_sqlalchemy import Session from pyramid.httpexceptions import HTTPFound from ..forms import NewStudentForm from ..models import NewStudentModel form = NewStudentForm(request.POST) # 該欄位是文字欄位,可省略不輸入,但我們希望在這情況下塞到資料庫是 NULL,所以這邊強制改成 None if form.signup_number.data == '': form.signup_number.data = None if form.validate(): new_student = NewStudentModel() form.populate_obj(new_student) if form.picture.data: # 有上傳大頭照,要存檔,並將資料庫對應的欄位設定 picture_name = form.id_number.data + os.path.splitext(form.picture.data.filename)[-1] with open(resource_filename('tp_enroll', 'static/pictures/{}'.format(picture_name)), 'wb') as output: shutil.copyfileobj(form.picture.data.file, output) new_student.picture_name = picture_name # 觸發 auto increment new_student.id = None # 鄰的欄位,應該要純數字。如果使用者誤填了鄰,要刪掉多餘的文字 if new_student.neighborhood.endswith('鄰'): new_student.neighborhood = new_student.neighborhood[:-1] Session.add(new_student) return HTTPFound(location=request.route_path('home')) return {'form': form}
def test_add_feature(self): _group11 = FeatureGroup.get(11) NAME_FEATURE = 'NAME_FEATURE' _feature = Feature(n=1, name=NAME_FEATURE, feature_group=[_group11]) Session.add(_feature) assert _feature.n is not None assert len(_feature.feature_group) == 1
def delete_all(self, collection_id, parent_id, filters=None, with_deleted=True, id_field=DEFAULT_ID_FIELD, modified_field=DEFAULT_MODIFIED_FIELD, deleted_field=DEFAULT_DELETED_FIELD, auth=None): """Delete all objects in this `collection_id` for this `parent_id`. :param str collection_id: the collection id. :param str parent_id: the collection parent. :param filters: Optionnally filter the objects to delete. :type filters: list of :class:`cliquet.storage.Filter` :param bool with_deleted: track deleted records with a tombstone :returns: the list of deleted objects, with minimal set of attributes. :rtype: list of dict """ qry = Session.query(self.collection).options(load_only('id'))\ .filter(and_(self.collection.parent_id == parent_id, getattr(self.collection, deleted_field) == False)) for every in filters: qry = qry.filter(SQLAFilter(self.collection, every)()) rows = [{"id": every.id, "parent_id": parent_id, "collection_id": collection_id, modified_field: datetime.datetime.utcnow()} for every in qry.all()] Session.bulk_update_mappings(self.collection, [{"id": every['id'], deleted_field: True, modified_field: every[modified_field]} for every in rows]) if with_deleted: Session.bulk_insert_mappings(Deleted, rows) return rows
def test_model_sets_n_automatically(self): _group = FeatureGroup(name='NAME_FEATURE_GROUP') Session.add(_group) Session.flush() assert _group.n is not None assert _group.parent_n is None assert _group.name == 'NAME_FEATURE_GROUP'
def test_applications_list_apps_one_app(self): user = User(screen_name='John Doe', first_name='John', last_name='Doe', email='*****@*****.**') app = Application(name='Test Application', main_url='https://example.com', callback_url='https://example.com/callback', production_ready=False) user.applications.append(app) with transaction.manager: Session.add(user) Session.flush() app_id = app.id user_id = user.id self.testapp.get('/__login/' + str(user_id)) res = self.testapp.get('/oauth2/applications') self.assertEqual(res.status, '200 OK') res.mustcontain('John') res.mustcontain('Log out') res.mustcontain('Developer Applications') res.mustcontain('Register new application') res.mustcontain(app_id) res.mustcontain('Test Application') res.mustcontain('https://example.com')
def test_application_edit_invalid_change(self): user = User(screen_name='John Doe', first_name='John', last_name='Doe', email='*****@*****.**') app = Application(name='Test Application', main_url='http://example.com', callback_url='http://example.com/callback', authorized_origins=['http://example.com', 'https://example.com'], production_ready=False, image_url='http://example.com/image.png', description='example description') user.applications.append(app) with transaction.manager: Session.add(user) Session.flush() app_id = app.id user_id = user.id self.testapp.get('/__login/' + str(user_id)) res = self.testapp.post('/oauth2/applications/%s/edit' % str(app_id), { 'submit': 'Save changes', }) self.assertEqual(res.status, '200 OK') res.mustcontain('There was a problem with your submission') res.mustcontain('Required')
def generate_question(employee_name): """ Получение след.вопроса в зависимости от плана и уже отвеченных вопросов """ null_question = Question(n=0) today = date.today() year = today.year month = today.month employee = EmployeeCtrl.find_by_name(employee_name) plan = PlanCtrl.get_current_plan(employee_name, year, month) qty_answered = ResultCtrl.count_answered(employee, year, month) # уже отвечено if plan.qty_question > qty_answered: qty_day = plan.qty_question // plan.qty_work + 1 # к-во вопросов в день # print('qty_day = %s' % (qty_day,)) # print(plan) params = {'employee_n': employee.n, 'date': today} results = ResultCtrl.find(params) # отвечено сегодня # print('results = %s' % (results,)) if len(results) < qty_day: # если план на день еще не выполнен subquery = Session.query( Result.question_n).filter(Result.employee_n == employee.n) q = Session.query(Question).filter( not_(Question.n.in_(subquery))) questions = q.all() # print(questions) if len(questions) == 0 or questions is None: return QuestionCtrl.get_repeat(employee) return questions[0] else: return null_question else: # План по вопросам сделан return null_question
def test_user_get(self): expiration = datetime.datetime(2014, 2, 23, 9, 0) access_code = AccessCode(code=self.access_code, code_type='Bearer', expiration=expiration, scope=['read-userinfo'], user_id=self.user_id, application_id=self.application_id) with transaction.manager: Session.add(access_code) Session.flush() auth_header = {'Authorization': 'Bearer %s' % self.access_code} res = self.testapp.get('/user', headers=auth_header) self.assertEqual(res.status, '200 OK') self.assertEqual( res.json, { 'id': self.user_id, 'screen_name': 'John Doe', 'first_name': 'John', 'last_name': 'Doe', 'email': '*****@*****.**', 'email_verified': True, 'allow_google_analytics': True, 'send_passwords_periodically': False, 'creation': '2012-12-12T12:12:00', 'last_login': '******', })
def clean_access_codes(): result = setup_simple_command( "clean_access_codes", "Deletes expired access codes" ) if isinstance(result, int): return result else: settings, closer, env, args = result try: now = datetime.datetime.utcnow() with transaction.manager: counter = 0 for access_code in Session.query(AccessCode).filter( AccessCode.expiration < now ): Session.delete(access_code) counter += 1 if counter > 0: safe_print('%d access codes were cleaned' % counter) finally: closer()
def fix_many_feature_groups(request, sql_session): Session.add(FeatureGroup(n=1, name='group1')) Session.add(FeatureGroup(n=11, name='group11', parent_n=1)) Session.add(FeatureGroup(n=12, name='group12', parent_n=1)) Session.add(FeatureGroup(n=2, name='group2')) Session.add(FeatureGroup(n=21, name='group21', parent_n=2))
def revoke_application(request): app_id = request.matchdict['app'] try: uuid.UUID(app_id) except ValueError: return HTTPBadRequest() try: app = Session.query(Application).filter(Application.id == app_id).one() except NoResultFound: return HTTPNotFound() assert_authenticated_user_is_registered(request) if 'submit' in request.POST: authorized_apps = Session.query(AuthorizedApplication).filter( AuthorizedApplication.application == app, AuthorizedApplication.user == request.user ).all() for authorized_app in authorized_apps: Session.delete(authorized_app) request.session.flash( _('The access to application ${app} has been revoked', mapping={'app': app.name}), 'success', ) return HTTPFound( location=request.route_path('oauth2_authorized_applications')) return {'app': app}
def add_order(request): """ Форма заказа """ if 'form.submitted' in request.params: date = request.params['date'] date = date.split("-") time = request.params['time'] time = time.split(":") order = Order(name=request.params['name'], phone=request.params['phone'], email=request.params['email'], contact_face=request.params['contact_face'], event=int(request.params['event']), date=datetime.date(year=int(date[0]), month=int(date[1]), day=int(date[2])), time=datetime.time(hour=int(time[0]), minute=int(time[1])), address=request.params['address'], count_participants=int( request.params['count_participants']), note=request.params['note']) Session.add(order) current_order_id = Order.get_last_order().id next_url = request.route_url('order', id=current_order_id) return HTTPFound(location=next_url) return { "title": "Добавление новой записи", "save_url": request.route_url('new_order'), "events": Event.get_events() }
def create(self, collection_id, parent_id, record, id_generator=None, unique_fields=None, id_field=DEFAULT_ID_FIELD, modified_field=DEFAULT_MODIFIED_FIELD, auth=None): """Create the specified `object` in this `collection_id` for this `parent_id`. Assign the id to the object, using the attribute :attr:`cliquet.resource.Model.id_field`. .. note:: This will update the collection timestamp. :raises: :exc:`cliquet.storage.exceptions.UnicityError` :param str collection_id: the collection id. :param str parent_id: the collection parent. :param dict record: the object to create. :returns: the newly created object. :rtype: dict """ obj = self.collection.serialize(record) obj.parent_id = parent_id setattr(obj, modified_field, datetime.datetime.utcnow()) try: Session.add(obj) Session.flush() except IntegrityError as e: logger.exception('Object %s for collection %s raised %s', record, self.collection, e) process_unicity_error(e, Session, self.collection, record) # TODO: store new timestamps date return self.collection.deserialize(obj)
def adicional_delete(self): t = self.context Session.delete(t) msg = 'Registro deletado' res = dumps(dict(data=dict(code=200, message=msg)), ensure_ascii=False) return HTTPOk(body=res, content_type='application/json; charset=UTF-8')
def test_valid_request(self): _, user_id = create_and_login_user(self.testapp) _, application_id, application_secret = create_client() # First authorize the app res = self.testapp.get( '/oauth2/endpoints/authorization', { 'response_type': 'code', 'client_id': application_id, 'redirect_uri': 'https://example.com/callback', }) self.assertEqual(res.status, '200 OK') res = self.testapp.post( '/oauth2/endpoints/authorization', { 'submit': 'Authorize', 'response_type': 'code', 'client_id': application_id, 'redirect_uri': 'https://example.com/callback', 'scope': 'read-passwords', }) self.assertEqual(res.status, '302 Found') grant = Session.query(AuthorizationCode).filter( AuthorizationCode.application_id == application_id, AuthorizationCode.user_id == user_id, ).one() code = grant.code # now send the token request headers = { 'Authorization': auth_basic_encode(application_id, application_secret), } res = self.testapp.post('/oauth2/endpoints/token', { 'grant_type': 'authorization_code', 'code': code, }, headers=headers) self.assertEqual(res.status, '200 OK') self.assertEqual(res.headers['Cache-Control'], 'no-store') self.assertEqual(res.headers['Pragma'], 'no-cache') # the grant code should be removed try: grant = Session.query(AuthorizationCode).filter( AuthorizationCode.application_id == application_id, AuthorizationCode.user_id == user_id, ).one() except NoResultFound: grant = None self.assertEqual(grant, None) # and an access token should be created self.assertEqual(res.json['token_type'], 'Bearer') self.assertEqual(res.json['expires_in'], 3600) access_code = Session.query(AccessCode).filter( AccessCode.code == res.json['access_token'], ).one() self.assertNotEqual(access_code, None)
def collection_post(self): set_config(self.request.user) if self.model.is_readonly: raise HTTPBadRequest() validate_colander_schema(self._schema, self.request) obj = self.model(**self.request.json_body) Session.add(obj) return obj
def sqlalchemy_teardown(context): transaction.abort() Session.remove() metadata.drop_all() Session.configure(bind=None) metadata.bind = None context.engine.dispose() context.sqlalchemy_patcher.stop()
def test_update_instance(): balloon = BalloonModel(figure=u'Giraffe') Session.add(balloon) Session.flush() request = DummyRequest(matchdict={'id': balloon.id}) resource = BalloonResource(request) resource.update_from_dict({'figure': u'Elephant'}) assert balloon.figure == u'Elephant'
def create_answer(question, params): if 'txt' in params and params['txt'] != '': answer = Answer() answer.txt = params['txt'] answer.question_n = question.n Session.add(answer) Session.flush() return answer
def addEvent(self): request = self.request if 'form.submitted' in request.params: name = request.params['name'] date = request.params['date'] DBSession.add(Event(EventName=name, EventTime=date)) events = DBSession.query(Event).order_by(Event.id) return {'events': events}