def test_cors_headers_app_origins(self):
cm = CORSManager('')
user = User(screen_name='John Doe',
first_name='John',
last_name='Doe',
email='*****@*****.**')
app = Application(name='Test Application',
authorized_origins=['http://localhost'])
user.applications.append(app)
with transaction.manager:
Session.add(user)
Session.add(app)
Session.flush()
app_id = app.id
request = DummyRequest(headers={'Origin': 'http://localhost'},
params={'client_id': app_id})
response = request.response
cm.add_cors_header(request, response)
self.assertEqual(
response.headers, {
'Content-Type': 'text/html; charset=UTF-8',
'Content-Length': '0',
'Access-Control-Allow-Origin': 'http://localhost',
})
def test_cors_headers_app_origins(self):
cm = CORSManager('')
user = User(screen_name='John Doe',
first_name='John',
last_name='Doe',
email='*****@*****.**')
app = Application(name='Test Application',
authorized_origins=['http://localhost'])
user.applications.append(app)
with transaction.manager:
Session.add(user)
Session.add(app)
Session.flush()
app_id = app.id
request = DummyRequest(headers={'Origin': 'http://localhost'},
params={'client_id': app_id})
response = request.response
cm.add_cors_header(request, response)
self.assertEqual(response.headers, {
'Content-Type': 'text/html; charset=UTF-8',
'Content-Length': '0',
'Access-Control-Allow-Origin': 'http://localhost',
})
def test_cors_headers_global_origins_access_denied(self):
cm = CORSManager('')
request = DummyRequest(headers={'Origin': 'foo'})
response = request.response
cm.add_cors_header(request, response)
self.assertEqual(response.headers, {
'Content-Type': 'text/html; charset=UTF-8',
'Content-Length': '0',
})
def test_cors_headers_global_origins_access_denied(self):
cm = CORSManager('')
request = DummyRequest(headers={'Origin': 'foo'})
response = request.response
cm.add_cors_header(request, response)
self.assertEqual(response.headers, {
'Content-Type': 'text/html; charset=UTF-8',
'Content-Length': '0',
})
def test_cors_headers_global_origins(self):
cm = CORSManager('http://localhost')
request = DummyRequest(headers={'Origin': 'http://localhost'})
response = request.response
cm.add_cors_header(request, response)
self.assertEqual(response.headers, {
'Content-Type': 'text/html; charset=UTF-8',
'Content-Length': '0',
'Access-Control-Allow-Origin': 'http://localhost',
})
def test_cors_headers_global_origins(self):
cm = CORSManager('http://localhost')
request = DummyRequest(headers={'Origin': 'http://localhost'})
response = request.response
cm.add_cors_header(request, response)
self.assertEqual(
response.headers, {
'Content-Type': 'text/html; charset=UTF-8',
'Content-Length': '0',
'Access-Control-Allow-Origin': 'http://localhost',
})
def test_cors_headers_app_origins_access_denied(self):
cm = CORSManager('')
self.db.applications.insert({
'name': 'test-app',
'client_id': 'client1',
'authorized_origins': ['http://localhost'],
}, safe=True)
request = DummyRequest(headers={'Origin': 'http://localhost'},
params={'client_id': 'client2'})
request.db = self.db
response = request.response
cm.add_cors_header(request, response)
self.assertEqual(response.headers, {
'Content-Type': 'text/html; charset=UTF-8',
'Content-Length': '0',
})
def test_cors_headers(self):
cm = CORSManager('')
request = FakeRequest({'Origin': 'foo'})
response = FakeResponse({})
cm.add_cors_header(request, response)
self.assertEqual(response.headers, {})
cm = CORSManager('http://localhost')
request = FakeRequest({'Origin': 'http://localhost'})
response = FakeResponse({})
cm.add_cors_header(request, response)
self.assertEqual(response.headers,
{'Access-Control-Allow-Origin': 'http://localhost'})
def main(global_config, **settings):
""" This function returns a Pyramid WSGI application.
"""
# read pyramid_mailer options
for key, default in (('host', 'localhost'), ('port', '25'),
('username', None), ('password', None),
('default_sender', '*****@*****.**')):
option = 'mail_' + key
settings[option] = read_setting_from_env(settings, option, default)
# read admin_emails option
settings['admin_emails'] = read_setting_from_env(settings, 'admin_emails',
'').split()
# read Google Analytics code
settings['google_analytics_code'] = read_setting_from_env(
settings, 'google_analytics_code', None)
# read the auth secret
settings['auth_tk_secret'] = read_setting_from_env(settings,
'auth_tk_secret', None)
if settings['auth_tk_secret'] is None:
raise ConfigurationError('The auth_tk_secret configuration '
'option is required')
# SQLAlchemy setup
settings['database_url'] = read_setting_from_env(settings, 'database_url',
None)
if settings['database_url'] is None:
raise ConfigurationError('The database_url configuration '
'option is required')
settings['sqlalchemy.url'] = settings['database_url']
# read sessions settings
settings['redis.sessions.secret'] = read_setting_from_env(
settings, 'redis.sessions.secret', None)
if settings['redis.sessions.secret'] is None:
raise ConfigurationError('The redis.sessions.secret configuration '
'option is required')
settings['redis.sessions.url'] = read_setting_from_env(
settings, 'redis.sessions.url', None)
if settings['redis.sessions.url'] is None:
raise ConfigurationError('The redis.sessions.url configuration '
'option is required')
# Available languages
available_languages = read_setting_from_env(settings,
'available_languages', 'en es')
settings['available_languages'] = [
lang for lang in available_languages.split(' ') if lang
]
# Public URL root
settings['public_url_root'] = read_setting_from_env(
settings, 'public_url_root', 'http://localhost:6543/')
# Google, Facebook and Microsoft Live Connect settings for pyramid_sna
settings[
'google_scope'] = 'https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile'
settings[
'google_callback'] = 'yithlibraryserver.sna_callbacks.google_callback'
settings['facebook_scope'] = 'email'
settings[
'facebook_callback'] = 'yithlibraryserver.sna_callbacks.facebook_callback'
settings[
'liveconnect_callback'] = 'yithlibraryserver.sna_callbacks.liveconnect_callback'
# webassets
settings['webassets.base_dir'] = 'yithlibraryserver:static'
settings['webassets.base_url'] = 'static'
settings['webassets.static_view'] = 'True'
here = os.path.dirname(os.path.abspath(__file__))
manifest_path = ('static', 'build', 'manifest.json')
settings['webassets.manifest'] = 'json:%s' % os.path.join(
here, *manifest_path)
# main config object
config = Configurator(
settings=settings,
root_factory=RootFactory,
authorization_policy=ACLAuthorizationPolicy(),
authentication_policy=AuthTktAuthenticationPolicy(
settings['auth_tk_secret'],
wild_domain=False,
hashalg='sha512',
),
locale_negotiator=locale_negotiator,
)
config.add_renderer('json', json_renderer)
config.add_static_view('static', 'static', cache_max_age=3600)
# Chameleon setup
config.include('pyramid_chameleon')
# Webassets
config.include('pyramid_webassets')
# SQLAlchemy
config.include('pyramid_sqlalchemy')
config.enable_sql_two_phase_commit()
# Setup of stuff used only in the tests
if 'testing' in settings and asbool(settings['testing']):
config.include('pyramid_mailer.testing')
config.set_session_factory(SignedCookieSessionFactory('testing'))
# add test only views to make it easy to login and add
# things to the session during the tests
from yithlibraryserver.testing import view_test_login
from yithlibraryserver.testing import view_test_add_to_session
config.add_route('test_login', '/__login/{user}')
config.add_view(view_test_login, route_name='test_login')
config.add_route('test_add_to_session', '/__session')
config.add_view(view_test_add_to_session,
route_name='test_add_to_session')
else: # pragma: no cover
config.include('pyramid_mailer')
config.include('pyramid_redis_sessions')
# Google/Facebook authentication
config.include('pyramid_sna')
config.include('pyramid_tm')
# CORS support setup
config.registry.settings['cors_manager'] = CORSManager(
read_setting_from_env(settings, 'cors_allowed_origins', ''))
# Routes
config.include('yithlibraryserver.backups')
config.include('yithlibraryserver.contributions')
config.include('yithlibraryserver.oauth2')
config.include('yithlibraryserver.password')
# Translation directories
config.add_translation_dirs('yithlibraryserver:locale/')
# the user package needs to be included before twitter,
# facebook and google
config.include('yithlibraryserver.user')
config.include('yithlibraryserver.twitter')
if config.registry.settings['facebook_auth_enabled']:
config.add_identity_provider('Facebook')
if config.registry.settings['google_auth_enabled']:
config.add_identity_provider('Google')
if config.registry.settings['liveconnect_auth_enabled']:
config.add_identity_provider('Live Connect')
config.include('yithlibraryserver.persona')
# assets
config.include('yithlibraryserver.assets')
includeme(config)
# Subscribers
config.include('yithlibraryserver.subscribers')
config.scan(ignore=[
re.compile('.*tests.*').search,
re.compile('.*testing.*').search
])
return config.make_wsgi_app()
