Python sanitizeの例、openatlas.util.display.sanitize Pythonの例

コード例 #1

0

ファイルを表示

ファイル: entity.py プロジェクト: NinaBrundke/OpenAtlas

 def update(self, form: Optional[FlaskForm] = None) -> None:
     from openatlas.util.display import sanitize
     if form:  # e.g. imports have no forms
         self.save_nodes(form)
         if self.class_.name != 'object_location':
             self.set_dates(form)
             self.update_aliases(form)
         for field in ['name', 'description']:
             if hasattr(form, field):
                 setattr(self, field, getattr(form, field).data)
         if hasattr(form, 'name_inverse'):  # A directional node, e.g. actor actor relation
             self.name = form.name.data.replace('(', '').replace(')', '').strip()
             if form.name_inverse.data.strip():
                 inverse = form.name_inverse.data.replace('(', '').replace(')', '').strip()
                 self.name += ' (' + inverse + ')'
     if self.class_.name == 'type':
         self.name = sanitize(self.name, 'node')
     elif self.class_.name == 'object_location':
         self.name = 'Location of ' + self.name
         self.description = None
     Db.update({
         'id': self.id,
         'name': str(self.name).strip(),
         'begin_from': Date.datetime64_to_timestamp(self.begin_from),
         'begin_to': Date.datetime64_to_timestamp(self.begin_to),
         'end_from': Date.datetime64_to_timestamp(self.end_from),
         'end_to': Date.datetime64_to_timestamp(self.end_to),
         'begin_comment': str(self.begin_comment).strip() if self.begin_comment else None,
         'end_comment': str(self.end_comment).strip() if self.end_comment else None,
         'description': sanitize(self.description, 'text')})

コード例 #2

0

ファイルを表示

 def insert_import(entity: Entity,
                   location: Entity,
                   project: Project,
                   easting: float,
                   northing: float) -> None:
     Db.insert_import({
         'entity_id': location.id,
         'description': 'Imported centerpoint of {name} from the {project} project'.format(
             name=sanitize(entity.name, 'text'),
             project=sanitize(project.name, 'text')),
         'geojson': '''{{"type":"Point", "coordinates": [{easting},{northing}]}}'''.format(
             easting=easting, northing=northing)})

コード例 #3

0

ファイルを表示

ファイル: entity.py プロジェクト: NinaBrundke/OpenAtlas

 def get_name_directed(self, inverse: bool = False) -> str:
     """ Returns name part of a directed type e.g. actor actor relation: parent of (child of)"""
     from openatlas.util.display import sanitize
     name_parts = self.name.split(' (')
     if inverse and len(name_parts) > 1:  # pragma: no cover
         return sanitize(name_parts[1], 'node')
     return name_parts[0]

コード例 #4

0

ファイルを表示

 def insert(entity: Entity, form: FlaskForm) -> None:
     for shape in ['point', 'line', 'polygon']:
         data = getattr(form, 'gis_' + shape + 's').data
         if not data:
             continue  # pragma: no cover
         for item in json.loads(data):
             if not item['geometry']['coordinates'] or item['geometry']['coordinates'] == [[]]:
                 continue  # pragma: no cover
             if item['properties']['shapeType'] != 'centerpoint':
                 Db.test_geom(json.dumps(item['geometry']))
             Db.insert(
                 shape='linestring' if shape == 'line' else shape,
                 data={
                     'entity_id': entity.id,
                     'name': sanitize(item['properties']['name'], 'text'),
                     'description': sanitize(item['properties']['description'], 'text'),
                     'type': item['properties']['shapeType'],
                     'geojson': json.dumps(item['geometry'])})

コード例 #5

0

ファイルを表示

ファイル: entity.py プロジェクト: NinaBrundke/OpenAtlas

 def insert(class_name: str, name: str, description: Optional[str] = None) -> Entity:
     from openatlas.util.display import sanitize
     if not name:  # pragma: no cover
         from openatlas import logger
         logger.log('error', 'model', 'Insert entity without name')
         abort(422)
     id_ = Db.insert({
         'name': str(name).strip(),
         'code': g.classes[class_name].cidoc_class.code,
         'system_class': class_name,
         'description': sanitize(description, 'text') if description else None})
     return Entity.get_by_id(id_)

コード例 #6

0

ファイルを表示

ファイル: hierarchy.py プロジェクト: NinaBrundke/OpenAtlas

def save(form: FlaskForm,
         node: Optional[Node] = None,
         param: Optional[str] = None) -> Optional[Node]:
    Transaction.begin()
    try:
        if node:
            Node.update_hierarchy(node, form)
        else:
            node = Entity.insert('type', sanitize(form.name.data))
            Node.insert_hierarchy(node, form, value_type=True if param == 'value' else False)
        node.update(form)
        Transaction.commit()
    except Exception as e:  # pragma: no cover
        Transaction.rollback()
        logger.log('error', 'database', 'transaction failed', e)
        flash(_('error transaction'), 'error')
        abort(418)
    return node

コード例 #7

0

ファイルを表示

 def update_note(id_: int, note: str, public: bool) -> None:
     from openatlas.util.display import sanitize
     Db.update_note(id_, sanitize(note, 'text'), public)

コード例 #8

0

ファイルを表示

 def insert_note(entity_id: int, note: str, public: bool) -> None:
     from openatlas.util.display import sanitize
     Db.insert_note(current_user.id, entity_id, sanitize(note, 'text'),
                    public)

コード例 #9

0

ファイルを表示

ファイル: admin.py プロジェクト: NinaBrundke/OpenAtlas

def admin_index(action: Optional[str] = None,
                id_: Optional[int] = None) -> Union[str, Response]:
    if is_authorized('manager'):
        if id_ and action == 'delete_user':
            user = User.get_by_id(id_)
            if not user \
                    or user.id == current_user.id \
                    or (user.group == 'admin' and not is_authorized('admin')):
                abort(403)  # pragma: no cover
            User.delete(id_)
            flash(_('user deleted'), 'info')
        elif action == 'remove_logo':
            Settings.set_logo()
            return redirect(url_for('admin_index') + '#tab-file')
    dirs = {
        'uploads':
        True if os.access(app.config['UPLOAD_DIR'], os.W_OK) else False,
        'export/sql':
        True if os.access(app.config['EXPORT_DIR'] /
                          'sql', os.W_OK) else False,
        'export/csv':
        True if os.access(app.config['EXPORT_DIR'] / 'csv', os.W_OK) else False
    }
    tables = {
        'user':
        Table([
            'username', 'name', 'group', 'email', 'newsletter', 'created',
            'last login', 'entities'
        ]),
        'content':
        Table(['name'] +
              [language for language in app.config['LANGUAGES'].keys()])
    }
    for user in User.get_all():
        count = User.get_created_entities_count(user.id)
        email = user.email if is_authorized(
            'manager') or user.settings['show_email'] else ''
        tables['user'].rows.append([
            link(user), user.real_name, user.group, email,
            _('yes') if user.settings['newsletter'] else '',
            format_date(user.created),
            format_date(user.login_last_success),
            format_number(count) if count else ''
        ])
    for item, languages in Content.get_content().items():
        content = [uc_first(_(item))]
        for language in app.config['LANGUAGES'].keys():
            content.append(sanitize(languages[language], 'text'))
        content.append(link(_('edit'), url_for('admin_content', item=item)))
        tables['content'].rows.append(content)
    form = None
    if is_authorized('admin'):
        form = TestMailForm()
        if form.validate_on_submit(
        ) and session['settings']['mail']:  # pragma: no cover
            subject = _('Test mail from %(site_name)s',
                        site_name=session['settings']['site_name'])
            body = _('This test mail was sent by %(username)s',
                     username=current_user.username)
            body += ' ' + _('at') + ' ' + request.headers['Host']
            if send_mail(subject, body, form.receiver.data):
                flash(
                    _('A test mail was sent to %(email)s.',
                      email=form.receiver.data), 'info')
        else:
            form.receiver.data = current_user.email
    return render_template('admin/index.html',
                           form=form,
                           tables=tables,
                           settings=session['settings'],
                           writeable_dirs=dirs,
                           disk_space_info=get_disk_space_info(),
                           imports=Import.get_all_projects(),
                           title=_('admin'),
                           crumbs=[_('admin')],
                           info={
                               'file': get_form_settings(FilesForm()),
                               'general': get_form_settings(GeneralForm()),
                               'mail': get_form_settings(MailForm()),
                               'map': get_form_settings(MapForm()),
                               'api': get_form_settings(ApiForm()),
                               'modules': get_form_settings(ModulesForm())
                           })

コード例 #10

0

ファイルを表示

 def update_project(project: Project) -> None:
     Db.update_project(project.id, project.name,
                       sanitize(project.description, 'text'))

コード例 #11

0

ファイルを表示

ファイル: filters.py プロジェクト: NinaBrundke/OpenAtlas

def sanitize(self: Any, string: str) -> str:
    return display.sanitize(string)