def test_various_statuses(self): created = HttpCreated(location='http://example.com/thingy/1/') self.assertEqual(created.status_code, 201) self.assertEqual(created['Location'], 'http://example.com/thingy/1/') # Regression. created_2 = HttpCreated() self.assertEqual(created_2.status_code, 201) self.assertEqual(created_2['Location'], '') accepted = HttpAccepted() self.assertEqual(accepted.status_code, 202) no_content = HttpNoContent() self.assertEqual(no_content.status_code, 204) see_other = HttpSeeOther() self.assertEqual(see_other.status_code, 303) not_modified = HttpNotModified() self.assertEqual(not_modified.status_code, 304) bad_request = HttpBadRequest() self.assertEqual(bad_request.status_code, 400) unauthorized = HttpUnauthorized() self.assertEqual(unauthorized.status_code, 401) not_found = HttpNotFound() self.assertEqual(not_found.status_code, 404) not_allowed = HttpMethodNotAllowed() self.assertEqual(not_allowed.status_code, 405) conflict = HttpConflict() self.assertEqual(conflict.status_code, 409) gone = HttpGone() self.assertEqual(gone.status_code, 410) toomanyrequests = HttpTooManyRequests() self.assertEqual(toomanyrequests.status_code, 429) not_implemented = HttpNotImplemented() self.assertEqual(not_implemented.status_code, 501)
def post_detail(self, request, **kwargs): pk = kwargs['pk'].strip("/") metric = Metric.objects.get(pk=pk) obs_class = metric.unit.observation_type.model_class() if obs_class is RatioObservation: return HttpNotImplemented() else: from_dt = iso8601.parse_date(request.POST['from_datetime']).replace(tzinfo=None) to_dt = iso8601.parse_date(request.POST['to_datetime']).replace(tzinfo=None) metric_obs = metric.related_observations try: ob = metric_obs.get( metric = metric, from_datetime = from_dt, to_datetime = to_dt, ) except obs_class.DoesNotExist: ob = obs_class.objects.create( metric = metric, from_datetime = from_dt, to_datetime = to_dt, ) rawvalue = request.POST.get('value', None) ob.value = self.deserialize(request, rawvalue) ob.save() url = "/observation/%s/" % ob.pk return HttpCreated(location=url)
def test_should_return_error_message_in_tastypie_if_exception_while_loading_vcl(self): with patch('vaas.cluster.cluster.load_vcl_task.delay', side_effect=Exception('load vcl failed')): request = MagicMock(id='10', session={}) middleware = VclRefreshMiddleware() VclRefreshState.set_refresh('10', [MagicMock(id='1')]) response = middleware.process_response(request, HttpCreated()) assert_true(isinstance(response, HttpApplicationError)) assert_equals(b'Exception: load vcl failed', response.content)
def post_list(self, request, **kwargs): assignment = Assignment.objects.current_assignment() if assignment is not None: bn = Bone(target=assignment.worker) bn.save() bn_res = BoneResource() bn_location = bn_res.get_resource_uri(bn) return HttpCreated(location=bn_location) else: return HttpBadRequest()
def post_list(self, request, **kwargs): today = date.today() assignment = Assignment.objects.current_assignment() if assignment is not None: ndg = Nudge(target=assignment.worker) ndg.save() ndg_res = NudgeResource() ndg_location = ndg_res.get_resource_uri(ndg) return HttpCreated(location=ndg_location) else: return HttpBadRequest()
def post_detail(self, request, **kwargs): assignment = Assignment.objects.get(pk=kwargs['pk']) if 'defer' in request.POST: debit = assignment.defer() debit_res = DebitResource() location = debit_res.get_resource_uri(debit) return HttpCreated(location=location) elif 'nudge' in request.POST: nudge = Nudge.objects.create(target=assignment.worker) nudge_res = NudgeResource() location = nudge_res.get_resource_uri(nudge) return HttpCreated(location=location) return HttpBadRequest()
def post_list(self, request, **kwargs): """Stop making it return standard location header""" deserialized = self.deserialize(request, request.body, format=request.META.get( 'CONTENT_TYPE', 'application/json')) bundle = self.build_bundle(data=dict_strip_unicode_keys(deserialized), request=request) self.is_valid(bundle) updated_bundle = self.obj_create(bundle, request=request) return HttpCreated(location=updated_bundle.obj.get_absolute_url())
def post_list(self, request, **kwargs): deserialized = self.deserialize( request, request.raw_post_data, format=request.META.get('CONTENT_TYPE', 'application/json') ) bundle = self.build_bundle(data=dict_strip_unicode_keys(deserialized)) self.is_valid(bundle, request) post = request.POST.copy() post.update(bundle.data) request.POST = post request._dont_enforce_csrf_checks = True response = password_reset(request) return HttpCreated(location=response['location'])
def put_detail(self, request, **kwargs): """ rewrite the parent method to do litter alternatives for the deserialized data """ deserialized = self.deserialize(request) deserialized = self.alter_put_detail_deserialized_data(deserialized) deserialized = self.alter_deserialized_detail_data( request, deserialized) bundle = self.build_bundle(data=dict_strip_unicode_keys(deserialized), request=request) try: updated_bundle = self.obj_update( bundle=bundle, **self.remove_api_resource_names(kwargs)) if 'FILES' in deserialized: file_keys = [key for key in deserialized['FILES'].keys()] obj = updated_bundle.obj for key in file_keys: if hasattr(obj, key): setattr(obj, key, deserialized['FILES'][key]) obj.save() self.obj_post_updated(obj) if not self._meta.always_return_data: return HttpNoContent() else: # Invalidate prefetched_objects_cache for bundled object # because we might have changed a prefetched field updated_bundle.obj._prefetched_objects_cache = {} updated_bundle = self.full_dehydrate(updated_bundle) updated_bundle = self.alter_detail_data_to_serialize( request, updated_bundle) return self.create_response(request, updated_bundle) except (NotFound, MultipleObjectsReturned): updated_bundle = self.obj_create( bundle=bundle, **self.remove_api_resource_names(kwargs)) location = self.get_resource_uri(updated_bundle) if not self._meta.always_return_data: return HttpCreated(location=location) else: updated_bundle = self.full_dehydrate(updated_bundle) updated_bundle = self.alter_detail_data_to_serialize( request, updated_bundle) return self.create_response(request, updated_bundle, response_class=HttpCreated, location=location)
def obj_get_list(self, bundle, **kwargs): query = bundle.request.GET.get('q') if not query: response = {'status': 0, 'message': 'Empty query'} else: #from my_task.tasks import google, duck_duck_go, twitter from my_task.tasks import google, duck_duck_go, twitter # Async process from celery.result import ResultSet #A collection of results. rs = ResultSet([]) # Add AsyncResult as a new member of the set. rs.add(google.delay(query)) rs.add(duck_duck_go.delay(query)) rs.add(twitter.delay(query)) response = rs.get() # waiting for the results url = "http://127.0.0.1:8000/my_resources/v1/search/?q={query}".format( query=query) try: response = { 'query': query, 'results': { 'google': { 'text': response[0], 'url': url }, 'duckduckgo': { 'text': response[1], 'url': url }, 'twitter': { 'text': response[2], 'url': url } } } except AttributeError: response = {'status': 0, 'message': 'Result Timeout'} # For immediate response raise ImmediateHttpResponse(response=HttpCreated( content=json.dumps(response), content_type='application/json; charset=UTF-8'))
def post_list(self, request, **kwargs): post_data = self.deserialize(request, request.body, format=request.META.get( 'CONTENT_TYPE', 'application/json')) bundle = self.build_bundle(data=dict_strip_unicode_keys(post_data), request=request) self.is_valid(bundle) updated_bundle = self.obj_create(bundle) if updated_bundle.obj.sender is updated_bundle.obj.recipient: error_message = "You can't send message to yourself" cont_dic = {"error": error_message} content = json.dumps(cont_dic) return HttpResponseBadRequest(content_type='application/json', content=content) updated_bundle.obj.save() return HttpCreated(location=updated_bundle.obj.get_absolute_url())
def post_list(self, request, **kwargs): """ Creates a new resource/object with the provided data. Calls ``obj_create`` with the provided data and returns a response with the new resource's location. If a new resource is created, return ``HttpCreated`` (201 Created). """ deserialized = self.deserialize(request, request.raw_post_data, format=request.META.get('CONTENT_TYPE', 'application/json')) # Force this in an ugly way, at least should do "reverse" deserialized["users"] = ["/api/v1/user/%s/" % request.user.id,] bundle = self.build_bundle(data=dict_strip_unicode_keys(deserialized)) self.is_valid(bundle, request) updated_bundle = self.obj_create(bundle, request=request) return HttpCreated(location=self.get_resource_uri(updated_bundle))
def post_list(self, request, **kwargs): """ Creates a new resource/object with the provided data. Calls ``obj_create`` with the provided data and returns a response with the new resource's location. If a new resource is created, return ``HttpCreated`` (201 Created). """ deserialized = self.deserialize( request, request.raw_post_data, format=request.META.get('CONTENT_TYPE', 'application/json') ) deserialized = self.alter_deserialized_list_data(request, deserialized) bundle = ResultBundle(**dict_strip_unicode_keys(deserialized)) self.is_valid(bundle, request) updated_bundle = self.obj_create(bundle, request=request) return HttpCreated(location=self.get_resource_uri(updated_bundle))
def remove_children(self, request, **kwargs): try: obj = self.cached_obj_get(request=request, **self.remove_api_resource_names(kwargs)) except ObjectDoesNotExist: return HttpGone() except MultipleObjectsReturned: return HttpMultipleChoices("More than one resource " "is found at this URI.") if request.method == 'POST': data = json.loads(request.POST.items()[0][0]) if 'image' in data: if isinstance(data['image'], list): for URI in data['image']: try: im = Image.objects.get( uuid=uuid_re.search(URI).group() ) obj.image_set.remove(im) except ObjectDoesNotExist: return HttpResponseNotFound( 'At least one of the image ' 'URI\'s cannot be found') else: raise ImmediateHttpResponse(response=HttpForbidden( 'Image URI\'s must be in an array')) if 'wordbox' in data: if isinstance(data['wordbox'], list): for URI in data['wordbox']: try: wb = WordBox.objects.get(uuid=uuid_re.search( URI).group()) obj.wordbox_set.remove(wb) except ObjectDoesNotExist: return HttpResponseNotFound( 'At least one of the wordbox ' 'URI\'s cannot be found') else: raise ImmediateHttpResponse(response=HttpForbidden( 'Wordbox URI\'s must be in an array')) else: raise ImmediateHttpResponse(response=HttpResponse(status=405)) return HttpCreated()
class ExemploResource(Resource): class Meta: allowed_methods = ['post'] resource_name = 'exemplo' authorization = Authorization() def obj_create(self, bundle, **kwargs): logger.info('REQUEST: %s', bundle.data) try: mensagem = bundle.data['mensagem'] except KeyError, e: logger.error('Faltando o parametro %s.' % str(e)) raise ImmediateHttpResponse( HttpBadRequest( JsonResponse( {'error': 'Faltando o parametro %s.' % str(e)}))) raise ImmediateHttpResponse( HttpCreated( JsonResponse( {'success': 'Mensagem recebida foi = %s' % str(mensagem)})))
def obj_create(self, bundle, **kwargs): bundle.obj = ImportScanObject(initial=kwargs) self.is_valid(bundle) if bundle.errors: raise ImmediateHttpResponse(response=self.error_response(bundle.request, bundle.errors)) bundle = self.full_hydrate(bundle) test = bundle.obj.__getattr__('test_obj') scan_type = bundle.obj.__getattr__('scan_type') min_sev = bundle.obj.__getattr__('minimum_severity') scan_date = bundle.obj.__getattr__('scan_date') verified = bundle.obj.__getattr__('verified') active = bundle.obj.__getattr__('active') try: parser = import_parser_factory(bundle.data['file'], test) except ValueError: raise NotFound("Parser ValueError") try: items = parser.items original_items = test.finding_set.all().values_list("id", flat=True) new_items = [] mitigated_count = 0 finding_count = 0 finding_added_count = 0 reactivated_count = 0 for item in items: sev = item.severity if sev == 'Information' or sev == 'Informational': sev = 'Info' if Finding.SEVERITIES[sev] > Finding.SEVERITIES[min_sev]: continue if scan_type == 'Veracode Scan' or scan_type == 'Arachni Scan': find = Finding.objects.filter(title=item.title, test__id=test.id, severity=sev, numerical_severity=Finding.get_numerical_severity(sev), description=item.description ) else: find = Finding.objects.filter(title=item.title, test__id=test.id, severity=sev, numerical_severity=Finding.get_numerical_severity(sev), ) if len(find) == 1: find = find[0] if find.mitigated: # it was once fixed, but now back find.mitigated = None find.mitigated_by = None find.active = True find.verified = verified find.save() note = Notes(entry="Re-activated by %s re-upload." % scan_type, author=bundle.request.user) note.save() find.notes.add(note) reactivated_count += 1 new_items.append(find.id) else: item.test = test item.date = test.target_start item.reporter = bundle.request.user item.last_reviewed = timezone.now() item.last_reviewed_by = bundle.request.user item.verified = verified item.active = active item.save() finding_added_count += 1 new_items.append(item.id) find = item if hasattr(item, 'unsaved_req_resp') and len(item.unsaved_req_resp) > 0: for req_resp in item.unsaved_req_resp: burp_rr = BurpRawRequestResponse(finding=find, burpRequestBase64=req_resp["req"], burpResponseBase64=req_resp["resp"], ) burp_rr.clean() burp_rr.save() if item.unsaved_request is not None and item.unsaved_response is not None: burp_rr = BurpRawRequestResponse(finding=find, burpRequestBase64=item.unsaved_request, burpResponseBase64=item.unsaved_response, ) burp_rr.clean() burp_rr.save() if find: finding_count += 1 for endpoint in item.unsaved_endpoints: ep, created = Endpoint.objects.get_or_create(protocol=endpoint.protocol, host=endpoint.host, path=endpoint.path, query=endpoint.query, fragment=endpoint.fragment, product=test.engagement.product) find.endpoints.add(ep) if item.unsaved_tags is not None: find.tags = item.unsaved_tags # calculate the difference to_mitigate = set(original_items) - set(new_items) for finding_id in to_mitigate: finding = Finding.objects.get(id=finding_id) finding.mitigated = datetime.combine(scan_date, timezone.now().time()) finding.mitigated_by = bundle.request.user finding.active = False finding.save() note = Notes(entry="Mitigated by %s re-upload." % scan_type, author=bundle.request.user) note.save() finding.notes.add(note) mitigated_count += 1 except SyntaxError: raise NotFound("Parser SyntaxError") # Everything executed fine. We successfully imported the scan. raise ImmediateHttpResponse(HttpCreated(location = bundle.obj.__getattr__('test')))
def obj_create(self, bundle, **kwargs): bundle.obj = ImportScanObject(initial=kwargs) self.is_valid(bundle) if bundle.errors: raise ImmediateHttpResponse(response=self.error_response(bundle.request, bundle.errors)) bundle = self.full_hydrate(bundle) # We now have all the options we need and will just replicate the process in views.py tt, t_created = Test_Type.objects.get_or_create(name=bundle.data['scan_type']) # will save in development environment environment, env_created = Development_Environment.objects.get_or_create(name="Development") scan_date = datetime.strptime(bundle.data['scan_date'], '%Y-%m-%d') t = Test(engagement=bundle.obj.__getattr__('engagement_obj'), test_type=tt, target_start=scan_date, target_end=scan_date, environment=environment, percent_complete=100) t.full_clean() t.save() t.tags = bundle.data['tags'] try: parser = import_parser_factory(bundle.data['file'], t) except ValueError: raise NotFound("Parser ValueError") try: for item in parser.items: sev = item.severity if sev == 'Information' or sev == 'Informational': sev = 'Info' item.severity = sev if Finding.SEVERITIES[sev] > Finding.SEVERITIES[bundle.data['minimum_severity']]: continue item.test = t item.date = t.target_start item.reporter = bundle.request.user item.last_reviewed = timezone.now() item.last_reviewed_by = bundle.request.user item.active = bundle.data['active'] item.verified = bundle.data['verified'] item.save() if hasattr(item, 'unsaved_req_resp') and len(item.unsaved_req_resp) > 0: for req_resp in item.unsaved_req_resp: burp_rr = BurpRawRequestResponse(finding=item, burpRequestBase64=req_resp["req"], burpResponseBase64=req_resp["resp"], ) burp_rr.clean() burp_rr.save() if item.unsaved_request is not None and item.unsaved_response is not None: burp_rr = BurpRawRequestResponse(finding=item, burpRequestBase64=item.unsaved_request, burpResponseBase64=item.unsaved_response, ) burp_rr.clean() burp_rr.save() for endpoint in item.unsaved_endpoints: ep, created = Endpoint.objects.get_or_create(protocol=endpoint.protocol, host=endpoint.host, path=endpoint.path, query=endpoint.query, fragment=endpoint.fragment, product=t.engagement.product) item.endpoints.add(ep) if item.unsaved_tags is not None: item.tags = item.unsaved_tags except SyntaxError: raise NotFound("Parser SyntaxError") # Everything executed fine. We successfully imported the scan. res = TestResource() uri = res.get_resource_uri(t) raise ImmediateHttpResponse(HttpCreated(location = uri))
def post_list(self, request, **kwargs): hosts_list = json.loads(request.body)["objects"] self._validate_list(hosts_list) cache.set("auto_discovered_hosts_json", json.dumps(hosts_list), None) return HttpCreated()