def testBasicContext_unicode(self):
#Tests so that AbsoluteURL handle unicode names as well
request = TestRequest()
root = Root()
root.__name__ = u'\u0439'
content = contained(TrivialContent(), root, name=u'\u0442')
content = contained(TrivialContent(), content, name=u'\u0435')
content = contained(TrivialContent(), content, name=u'\u0441')
view = zapi.getMultiAdapter((content, request), name='absolute_url')
self.assertEqual(str(view),
'http://127.0.0.1/%D0%B9/%D1%82/%D0%B5/%D1%81')
self.assertEqual(view(),
'http://127.0.0.1/%D0%B9/%D1%82/%D0%B5/%D1%81')
self.assertEqual(unicode(view),
u'http://127.0.0.1/\u0439/\u0442/\u0435/\u0441')
self.assertEqual(absoluteURL(content, request),
'http://127.0.0.1/%D0%B9/%D1%82/%D0%B5/%D1%81')
breadcrumbs = view.breadcrumbs()
self.assertEqual(breadcrumbs,
({'name': '', 'url': 'http://127.0.0.1'},
{'name': u'\u0439', 'url': 'http://127.0.0.1/%D0%B9'},
{'name': u'\u0442',
'url': 'http://127.0.0.1/%D0%B9/%D1%82'},
{'name': u'\u0435',
'url': 'http://127.0.0.1/%D0%B9/%D1%82/%D0%B5'},
{'name': u'\u0441',
'url':
'http://127.0.0.1/%D0%B9/%D1%82/%D0%B5/%D1%81'},
))
def testBasicContext(self):
request = TestRequest()
content = contained(TrivialContent(), Root(), name='a')
content = contained(TrivialContent(), content, name='b')
content = contained(TrivialContent(), content, name='c')
view = zapi.getMultiAdapter((content, request), name='absolute_url')
self.assertEqual(str(view), 'http://127.0.0.1/a/b/c')
self.assertEqual(absoluteURL(content, request),
'http://127.0.0.1/a/b/c')
breadcrumbs = view.breadcrumbs()
self.assertEqual(breadcrumbs,
({'name': '', 'url': 'http://127.0.0.1'},
{'name': 'a', 'url': 'http://127.0.0.1/a'},
{'name': 'b', 'url': 'http://127.0.0.1/a/b'},
{'name': 'c', 'url': 'http://127.0.0.1/a/b/c'},
))
def __call__(self):
ticket = self.request.form.get('ticket',None)
if ticket is None:
# we cannot set post headers in flash, so get the
# querystring manually
qs = self.request.get('QUERY_STRING','ticket=')
ticket = qs.split('=')[-1] or None
logger.debug('Ticket being used is "%s"' % str(ticket))
if ticket is None:
raise Unauthorized('No ticket specified')
context = utils.non_view_context(self.context)
url = absoluteURL(context, self.request)
username = ticketmod.ticketOwner(url, ticket)
if username is None:
logger.warn('Ticket "%s" was invalidated, cannot be used '
'any more.' % str(ticket))
raise Unauthorized('Ticket is not valid')
old_sm = SecurityManagement.getSecurityManager()
user = utils.find_user(context, username)
SecurityManagement.newSecurityManager(self.request, user)
logger.debug('Switched to user "%s"' % username)
ticketmod.invalidateTicket(url,ticket)
if self.request.form.get('Filedata', None) is None:
# flash sends a emtpy form in a pre request in flash version 8.0
return ""
fileUpload = self.request.form['Filedata']
fileName = self.request.form['Filename']
contentType = self.request.form.get('Content-Type',None)
factory = IFileFactory(self.context)
f = factory(fileName, contentType, fileUpload)
event.notify(FlashUploadedEvent(f))
result = "filename=%s" %f.getId()
SecurityManagement.setSecurityManager(old_sm)
return result
def challenge(self, request):
"""Challenges by redirecting to a loging form.
To illustrate, we'll create a test request:
>>> from zope.publisher.browser import TestRequest
>>> request = TestRequest()
and confirm its response's initial status and 'location' header:
>>> request.response.getStatus()
599
>>> request.response.getHeader('location')
When we issue a challenge using a session plugin:
>>> plugin = SessionCredentialsPlugin()
>>> plugin.challenge(request)
True
we get a redirect:
>>> request.response.getStatus()
302
>>> request.response.getHeader('location')
'http://127.0.0.1/@@loginForm.html?camefrom=http%3A%2F%2F127.0.0.1'
The plugin redirects to the page defined by the loginpagename
attribute:
>>> plugin.loginpagename = 'mylogin.html'
>>> plugin.challenge(request)
True
>>> request.response.getHeader('location')
'http://127.0.0.1/@@mylogin.html?camefrom=http%3A%2F%2F127.0.0.1'
It also provides the request URL as a 'camefrom' GET style parameter.
To illustrate, we'll pretend we've traversed a couple names:
>>> request._traversed_names = ['foo', 'bar']
>>> request.getURL()
'http://127.0.0.1/foo/bar'
When we challenge:
>>> plugin.challenge(request)
True
We see the 'camefrom' points to the traversed URL:
>>> request.response.getHeader('location') # doctest: +ELLIPSIS
'.../@@mylogin.html?camefrom=http%3A%2F%2F127.0.0.1%2Ffoo%2Fbar'
This can be used by the login form to redirect the user back to the
originating URL upon successful authentication.
"""
if not IHTTPRequest.providedBy(request):
return False
site = hooks.getSite()
camefrom = request.getURL()
url = '%s/@@%s?%s' % (absoluteURL(site, request),
self.loginpagename,
urlencode({'camefrom': camefrom}))
request.response.redirect(url)
return True
def testNoContext(self):
request = TestRequest()
view = zapi.getMultiAdapter((Root(), request), name='absolute_url')
self.assertEqual(str(view), 'http://127.0.0.1')
self.assertEqual(absoluteURL(Root(), request), 'http://127.0.0.1')
def testVirtualHostingWithoutContextInformation(self):
request = TestRequest()
request._vh_root = contained(TrivialContent(), Root(), name='a')
view = zapi.getMultiAdapter((None, request), name='absolute_url')
self.assertEqual(str(view), 'http://127.0.0.1')
self.assertEqual(absoluteURL(None, request), 'http://127.0.0.1')