コード例 #1
0
    def test_signal_that_returns_true(self):
        def handler(*args, **kwargs):
            return True

        check_request_enabled.connect(handler)

        resp = self.client.options(
            '/test-view/',
            HTTP_ORIGIN='http://foobar.it',
            HTTP_ACCESS_CONTROL_REQUEST_METHOD='value',
        )
        assert resp.status_code == 200
        assert resp[ACCESS_CONTROL_ALLOW_ORIGIN] == 'http://foobar.it'
コード例 #2
0
    def test_signal_allow_some_urls_to_everyone(self):
        def allow_api_to_all(sender, request, **kwargs):
            return request.path.startswith('/api/')

        check_request_enabled.connect(allow_api_to_all)

        resp = self.client.options(
            '/test-view/',
            HTTP_ORIGIN='http://example.org',
            HTTP_ACCESS_CONTROL_REQUEST_METHOD='value',
        )
        assert resp.status_code == 200
        assert ACCESS_CONTROL_ALLOW_ORIGIN not in resp

        resp = self.client.options(
            '/api/something/',
            HTTP_ORIGIN='http://example.org',
            HTTP_ACCESS_CONTROL_REQUEST_METHOD='value',
        )
        assert resp.status_code == 200
        assert resp[ACCESS_CONTROL_ALLOW_ORIGIN] == 'http://example.org'
コード例 #3
0
        # can get it (instead of generating a new one and saving it into this
        # new empty session)
        # See djangoapps.xblock.utils.get_xblock_id_for_anonymous_user()
        user.xblock_id_for_anonymous_user = user_id
    else:
        raise AuthenticationFailed("Invalid user ID format.")

    request_webob = DjangoWebobRequest(
        request
    )  # Convert from django request to the webob format that XBlocks expect
    block = load_block(usage_key, user)
    # Run the handler, and save any resulting XBlock field value changes:
    response_webob = block.handle(handler_name, request_webob, suffix)
    response = webob_to_django_response(response_webob)
    return response


def cors_allow_xblock_handler(sender, request, **kwargs):  # lint-amnesty, pylint: disable=unused-argument
    """
    Sandboxed XBlocks need to be able to call XBlock handlers via POST,
    from a different domain. See 'xblock_handler' method for details and how security is
    enforced.
    Per the corsheaders docs, a signal is the only way to achieve this for
    just a specific view/URL.
    """
    return request.path.startswith(
        '/api/xblock/v2/xblocks/') and '/handler/' in request.path


check_request_enabled.connect(cors_allow_xblock_handler)
コード例 #4
0
from corsheaders.signals import check_request_enabled


def cors_allow_api_to_everyone(sender, request, **kwargs):
    return request.path.startswith('/api/')


check_request_enabled.connect(cors_allow_api_to_everyone)
コード例 #5
0
ファイル: handlers.py プロジェクト: NTolendi10/lab10 
from corsheaders.signals import check_request_enabled

from myapp.models import MySite

def cors_allow_mysites(sender, request, **kwargs):
    return MySite.objects.filter(host=request.host).exists()

check_request_enabled.connect(cors_allow_mysites)
コード例 #6
0
def temporary_check_request_hander(handler):
    check_request_enabled.connect(handler)
    try:
        yield
    finally:
        check_request_enabled.disconnect(handler)
コード例 #7
0
ファイル: handlers.py プロジェクト: esrg-knights/Socrates 
# myapp/handlers.py
from corsheaders.signals import check_request_enabled


def cors_allow_api_to_everyone(sender, request, **kwargs):
    return request.path.startswith("/api/")


check_request_enabled.connect(cors_allow_api_to_everyone)
コード例 #8
0
from corsheaders.signals import check_request_enabled


def cors_allow_origins_for_polaris_requests(sender, request, **_kwargs):
    return (request.path.startswith("/sep24")
            or request.path.startswith("/sep6")
            or request.path.startswith("/sep31")
            or request.path.startswith("/.well-known")
            or request.path.startswith("/auth")
            or request.path.startswith("/kyc"))


check_request_enabled.connect(cors_allow_origins_for_polaris_requests)
コード例 #9
0
        from dashboard.tasks import m2m_changed_interested
        m2m_changed_interested.delay(instance.pk)


def changed_fulfillments(sender, instance, action, reverse, model, **kwargs):
    """Handle changes to Bounty fulfillments."""
    event_name = 'work_submitted'
    profile_handles = []

    fulfillments = instance.fulfillments.select_related(
        'profile').all().order_by('pk')
    if fulfillments.filter(accepted=True).exists():
        event_name = 'work_done'

    for fulfillment in fulfillments:
        profile_handles.append(
            (fulfillment.profile.handle, fulfillment.profile.absolute_url))

    if action in ['post_add', 'post_remove']:
        maybe_market_to_github(instance,
                               event_name,
                               profile_pairs=profile_handles)


def allow_all_bounties(sender, request, **kwargs):
    return request.method == 'GET' and request.path.startswith(
        '/api/v0.1/bounties/')


check_request_enabled.connect(allow_all_bounties)
コード例 #10
0
 def ready(self):
     check_request_enabled.connect(self.allow_api)
コード例 #11
0
ファイル: utils.py プロジェクト: ottoyiu/django-cors-headers 
def temporary_check_request_hander(handler):
    check_request_enabled.connect(handler)
    try:
        yield
    finally:
        check_request_enabled.disconnect(handler)
コード例 #12
0
ファイル: handlers.py プロジェクト: hentrev/cykel 
from corsheaders.signals import check_request_enabled

# Allow CORS for All GBFS Urls
def cors_allow(sender, request, **kwargs):
    return request.path.startswith('/gbfs/')

check_request_enabled.connect(cors_allow)
コード例 #13
0
ファイル: signals.py プロジェクト: iMMAP/ccpm-kpi 
# coding: utf-8
from corsheaders.signals import check_request_enabled

from .models import CorsModel


def cors_allow_external_sites(sender, request, **kwargs):
    origin = request.META.get('HTTP_ORIGIN')
    return CorsModel.objects.filter(cors=origin).exists()


check_request_enabled.connect(cors_allow_external_sites)
コード例 #14
0
 def ready(self):
     # Makes sure all signal handlers are connected
     if getattr(settings, 'BADGR_CORS_MODEL'):
         from mainsite.signals import cors_allowed_sites
         check_request_enabled.connect(cors_allowed_sites)
コード例 #15
0
    client = kwargs['instance']
    tracker = client.tracker

    if client.manager_code and not getattr(client, 'discount', None):
        discount = Discount.objects.get_by_code(client.manager_code)
        ClientDiscount.client_spanshot(discount, client)

    if tracker.has_changed('login') or tracker.has_changed('login_alias'):
        invalidate_mb_client_login_cache.delay(client_id=client.id)

    if client.installation == 'installed':
        invalidate_client_cache_task.delay(client_id=client.id)
    try:
        client.website
    except Client.website.RelatedObjectDoesNotExist:
        website = ClientWebsite()
        website.is_enabled = True
        website.client = client
        website.generate_url()
        website.save()


def cors_allow_with_own_domains(sender, request, **kwargs):
    """
    Check if the CORS request is allowed
    """
    return cors.check_host(request.get_host())


check_request_enabled.connect(cors_allow_with_own_domains)
コード例 #16
0
from corsheaders.signals import check_request_enabled
from django.urls import resolve
from django.conf import settings


def cors_allow_for_client_namespaces(sender, request, **kwargs):
    namespace = resolve(request.path).namespace
    return namespace in settings.NAMESPACES_FOR_CLIENTS


check_request_enabled.connect(cors_allow_for_client_namespaces)