def test_raises_template_syntaxerror(self): self.assertRaises(TemplateSyntaxError, self.render, "{% host_url %}") self.assertRaises(TemplateSyntaxError, self.render, "{% host_url 'simple-direct' host %}") self.assertRaises(TemplateSyntaxError, self.render, "{% host_url 'simple-direct' as %}") self.assertRaises(TemplateSyntaxError, self.render, "{% host_url simple-direct %}") self.assertRaises(TemplateSyntaxError, parse_params, 'host_url', Parser(['']), "username=='johndoe'") self.assertRaises(TemplateSyntaxError, parse_params, 'host_url', Parser(['']), "\n='johndoe'")
def test_unicorn_args_and_kwargs(): # args after the component name get ignored token = Token(TokenType.TEXT, "unicorn 'todo' '1' 2 hello='world' test=3 '4'") unicorn_node = unicorn(Parser([]), token) assert unicorn_node.kwargs == {"hello": "world", "test": 3}
def test_filter_parsing(self): c = {"article": {"section": "News"}} p = Parser("", builtins=[filter_library]) def fe_test(s, val): self.assertEqual(FilterExpression(s, p).resolve(c), val) fe_test("article.section", "News") fe_test("article.section|upper", "NEWS") fe_test('"News"', "News") fe_test("'News'", "News") fe_test(r'"Some \"Good\" News"', 'Some "Good" News') fe_test(r'"Some \"Good\" News"', 'Some "Good" News') fe_test(r"'Some \'Bad\' News'", "Some 'Bad' News") fe = FilterExpression(r'"Some \"Good\" News"', p) self.assertEqual(fe.filters, []) self.assertEqual(fe.var, 'Some "Good" News') # Filtered variables should reject access of attributes beginning with # underscores. msg = ( "Variables and attributes may not begin with underscores: 'article._hidden'" ) with self.assertRaisesMessage(TemplateSyntaxError, msg): FilterExpression("article._hidden|upper", p)
def second_pass_render(request, content): """ Split on the secret delimiter and generate the token list by passing through text outside of phased blocks as single text tokens and tokenizing text inside the phased blocks. This ensures that nothing outside of the phased blocks is tokenized, thus eliminating the possibility of a template code injection vulnerability. """ result = tokens = [] for index, bit in enumerate(content.split( settings.PHASED_SECRET_DELIMITER)): if index % 2: tokens = Lexer(bit, None).tokenize() else: tokens.append(Token(TOKEN_TEXT, bit)) context = RequestContext( request, restore_csrf_token(request, unpickle_context(bit))) rendered = Parser(tokens).parse().render(context) if settings.PHASED_SECRET_DELIMITER in rendered: rendered = second_pass_render(request, rendered) result.append(rendered) return "".join(result)
def _get_parser(): import django parser = Parser([]) if django.VERSION >= (1, 9): import django.template.defaultfilters parser.add_library(django.template.defaultfilters.register) return parser
def compile_nodelist(self): """ Pass template name to parser instance """ if self.engine.debug: lexer = DebugLexer19(self.source) else: lexer = Lexer(self.source) tokens = lexer.tokenize() parser = Parser( tokens, self.engine.template_libraries, self.engine.template_builtins, ) parser.template_name = self.origin.template_name try: return parser.parse() except Exception as e: if self.engine.debug: e.template_debug = self.get_exception_info(e, e.token) raise
def build_migration(self, src, filename=None, charset='utf-8'): """Create a migration for a Django template file to Transifex Native syntax. The returned object contains every change separately, so that it can be reviewed string by string. :param unicode src: the whole Django template :param str filename: the filename of the original template :param str charset: the character set to use :return: a FileMigration instance :rtype: FileMigration """ self._reset() src = force_text(src, charset) # Using the DebugLexer because we need the positional information # of each token (start/end pos). It is slower than Lexer, but Lexer # doesn't provide that information tokens = DebugLexer(src).tokenize() parser = Parser(tokens, libraries={}, builtins=[], origin=filename) # Since no template libraries are loaded when this code is running, # we need to override the find function in order to use the # functionality of the Parser class. The overridden function returns # the object as given. # Without the override, a KeyError would be raised inside the parser. parser.find_filter = find_filter_identity # Create a migration object for this template; we'll add stuff to it # as we go migration = FileMigration(filename, src) while parser.tokens: token = parser.next_token() start, end = token.position # Parse the current token. This may or may not return a migration. # Also it may return a list of tokens that were consumed, # additionally to the current token. If this happens, # `_parse_token()` will have made sure that `parser` has moved # forward, consuming those tokens, so that they don't appear again # in the while loop. string_migration, extra_consumed_tokens = self._parse_token( token, parser, original_string=src[start:end]) if not string_migration: continue # If additional tokens were consumed, we need to add # them in the migration, so that the StringMigration object # includes the information of what part of the original template # was migrated to the new syntax, for this particular translatable # string if extra_consumed_tokens: for extra_token in extra_consumed_tokens: start, end = extra_token.position string_migration.update(src[start:end], '') migration.add_string(string_migration) return migration
def test_token_kwargs(self): parser = Parser("") self.assertEqual(token_kwargs([], parser), {}) bits = ['a="A"'] token_kwargs(bits, parser) self.assertEqual(bits, []) bits = ['a="A"', "invalid"] token_kwargs(bits, parser) self.assertEqual(bits, ["invalid"])
def test_can_load_from_missing_taglib(self): template = ('{% load friendly_loader %}' '{% friendly_load error from error_tags %}') lexer = Lexer(template) parser = Parser(lexer.tokenize(), engine.template_libraries, engine.template_builtins) parser.parse() self.assertTrue(isinstance(Template(template), Template), 'Expected template to initialize')
def test_token_kwargs(self): parser = Parser('') self.assertEqual(token_kwargs([], parser), {}) bits = ['a="A"'] token_kwargs(bits, parser) self.assertEqual(bits, []) bits = ['a="A"', 'invalid'] token_kwargs(bits, parser) self.assertEqual(bits, ['invalid'])
def url(self, sitetree_item, context=None): """Resolves item's URL. :param TreeItemBase sitetree_item: TreeItemBase heir object, 'url' property of which is processed as URL pattern or simple URL. :param Context context: :rtype: str|unicode """ context = context or self.current_page_context resolve_var = self.resolve_var if not isinstance(sitetree_item, MODEL_TREE_ITEM_CLASS): sitetree_item = resolve_var(sitetree_item, context) resolved_url = self._items_urls.get(sitetree_item) if resolved_url is not None: return resolved_url # Resolve only if item's URL is marked as pattern. if sitetree_item.urlaspattern: url = sitetree_item.url view_path = url all_arguments = [] if ' ' in url: view_path = url.split(' ') # We should try to resolve URL parameters from site tree item. for view_argument in view_path[1:]: resolved = resolve_var(view_argument) # We enclose arg in double quotes as already resolved. all_arguments.append('"%s"' % resolved) view_path = view_path[0].strip('"\' ') url_pattern = "'%s' %s" % (view_path, ' '.join(all_arguments)) else: url_pattern = '%s' % sitetree_item.url if sitetree_item.urlaspattern: # Form token to pass to Django 'url' tag. url_token = 'url %s as item.url_resolved' % url_pattern url_tag(Parser(None), Token(token_type=TOKEN_BLOCK, contents=url_token)).render(context) resolved_url = context[ 'item.url_resolved'] or UNRESOLVED_ITEM_MARKER else: resolved_url = url_pattern self._items_urls[sitetree_item] = resolved_url return resolved_url
def url(self, sitetree_item: Union['TreeItemBase', FilterExpression], context: Context = None) -> str: """Resolves item's URL. :param sitetree_item: TreeItemBase heir object, 'url' property of which is processed as URL pattern or simple URL. :param context: """ context = context or self.current_page_context resolve_var = self.resolve_var if not isinstance(sitetree_item, MODEL_TREE_ITEM_CLASS): sitetree_item = resolve_var(sitetree_item, context) resolved_url = self._items_urls.get(sitetree_item) if resolved_url is not None: return resolved_url # Resolve only if item's URL is marked as pattern. if sitetree_item.urlaspattern: url = sitetree_item.url view_path = url all_arguments = [] if ' ' in url: view_path = url.split(' ') # We should try to resolve URL parameters from site tree item. for view_argument in view_path[1:]: resolved = resolve_var(view_argument) # We enclose arg in double quotes as already resolved. all_arguments.append(f'"{resolved}"') view_path = view_path[0].strip('"\' ') url_pattern = f"'{view_path}' {' '.join(all_arguments)}" else: url_pattern = f'{sitetree_item.url}' if sitetree_item.urlaspattern: # Form token to pass to Django 'url' tag. url_token = f'url {url_pattern} as item.url_resolved' url_tag( Parser([]), Token(token_type=TOKEN_BLOCK, contents=url_token) ).render(context) resolved_url = context['item.url_resolved'] or UNRESOLVED_ITEM_MARKER else: resolved_url = url_pattern self._items_urls[sitetree_item] = resolved_url return resolved_url
def loremi(count, method, random=False): from django.template.base import Context, Token, Parser, TOKEN_TEXT from django.template.defaulttags import lorem c = Context() lorem_str = "lorem %s %s" % (count, method) if random: lorem_str += " random" t = Token(TOKEN_TEXT, lorem_str) p = Parser(t) return lorem(p, t).render(c)
def test_unicorn_render_kwarg(): token = Token( TokenType.TEXT, "unicorn 'tests.templatetags.test_unicorn_render.FakeComponentKwargs' test_kwarg='tested!'", ) unicorn_node = unicorn(Parser([]), token) context = {} actual = unicorn_node.render(Context(context)) assert "<b>tested!</b>" in actual
def test_unicorn_render_context_variable(): token = Token( TokenType.TEXT, "unicorn 'tests.templatetags.test_unicorn_render.FakeComponentKwargs' test_kwarg=test_var.nested", ) unicorn_node = unicorn(Parser([]), token) context = {"test_var": {"nested": "variable!"}} actual = unicorn_node.render(Context(context)) assert "<b>variable!</b>" in actual
def test_can_load_taglib_using_friendly_load(self): template = '{% load friendly_loader %}{% friendly_load flatpages %}' lexer = Lexer(template) parser = Parser(lexer.tokenize(), engine.template_libraries, engine.template_builtins) parser.parse() self.assertTrue( 'get_flatpages' in parser.tags, 'Expected flatpages taglib to load and provide the get_flatpages tag' )
def test_unicorn_render_id_use_pk(): token = Token( TokenType.TEXT, "unicorn 'tests.templatetags.test_unicorn_render.FakeComponentModel' model_id=model.id", ) unicorn_node = unicorn(Parser([]), token) context = {"model": {"pk": 123}} actual = unicorn_node.render(Context(context)) assert "==123==" in actual
def test_unicorn_render_with_invalid_html(): token = Token( TokenType.TEXT, "unicorn 'tests.templatetags.test_unicorn_render.FakeComponentKwargsWithHtmlEntity' test_kwarg=test_var.nested", ) unicorn_node = unicorn(Parser([]), token) context = {"test_var": {"nested": "variable!"}} actual = unicorn_node.render(Context(context)) assert "->variable!<-" in actual
def __str__(self): my_lexer = Lexer(self.title, UNKNOWN_SOURCE) my_tokens = my_lexer.tokenize() # Deliberately strip off template tokens that are not text or variable. for my_token in my_tokens: if my_token.token_type not in (TOKEN_TEXT, TOKEN_VAR): my_tokens.remove(my_token) my_parser = Parser(my_tokens) return my_parser.parse().render(SiteTree.get_global_context())
def __str__(self): my_lexer = get_lexer(self.title) my_tokens = my_lexer.tokenize() # Deliberately strip off template tokens that are not text or variable. for my_token in my_tokens: if my_token.token_type not in (TOKEN_TEXT, TOKEN_VAR): my_tokens.remove(my_token) my_parser = Parser(my_tokens) return my_parser.parse().render(get_sitetree().current_page_context)
def test_unicorn_render_child_component_no_script_tag(settings): settings.DEBUG = True token = Token( TokenType.TEXT, "unicorn 'tests.templatetags.test_unicorn_render.FakeComponentKwargs' parent=view", ) unicorn_node = unicorn(Parser([]), token) view = FakeComponentParent(component_name="test", component_id="asdf") context = {"view": view} html = unicorn_node.render(Context(context)) assert "<script" not in html
def test_unicorn_render_parent_component_one_script_tag(settings): settings.DEBUG = True token = Token( TokenType.TEXT, "unicorn 'tests.templatetags.test_unicorn_render.FakeComponentParent'", ) unicorn_node = unicorn(Parser([]), token) context = {} html = unicorn_node.render(Context(context)) assert '<script type="module"' in html assert len(re.findall('<script type="module"', html)) == 1
def test_unicorn_render_calls_with_arg(settings): settings.DEBUG = True token = Token( TokenType.TEXT, "unicorn 'tests.templatetags.test_unicorn_render.FakeComponentCalls2'", ) unicorn_node = unicorn(Parser([]), token) context = {} html = unicorn_node.render(Context(context)) assert '<script type="module"' in html assert len(re.findall('<script type="module"', html)) == 1 assert '"calls":[{"fn":"testCall2","args":["hello"]}]' in html
def test_context_no_request(self): """ This is a weird and limited test to ensure that if request is not in context no exception is thrown. In this case MetaFromPage.render_tag does not need a full environment to work """ context = {} dummy_tokens = DummyTokens('myval', 'as', 'myname') tag = MetaFromPage.render_tag( MetaFromPage(Parser(dummy_tokens), dummy_tokens), context, None, 'meta') self.assertFalse(tag) self.assertTrue(context['meta'])
def test_unicorn_render_with_component_name_from_context(): token = Token( TokenType.TEXT, "unicorn component_name", ) unicorn_node = unicorn(Parser([]), token) context = { "component_name": "tests.templatetags.test_unicorn_render.FakeComponent" } html = unicorn_node.render(Context(context)) assert '<script type="module"' in html assert len(re.findall('<script type="module"', html)) == 1
def test_unicorn_render_parent_with_pk(settings): settings.DEBUG = True token = Token( TokenType.TEXT, "unicorn 'tests.templatetags.test_unicorn_render.FakeComponentKwargs' parent=view pk=99", ) unicorn_node = unicorn(Parser([]), token) view = FakeComponentParent(component_name="test", component_id="asdf") context = {"view": view} unicorn_node.render(Context(context)) assert ( unicorn_node.component_id == "asdf:tests.templatetags.test_unicorn_render.FakeComponentKwargs:99")
def test_repr(self): token = Token(TokenType.BLOCK, 'some text') self.assertEqual(repr(token), '<Block token: "some text...">') parser = Parser([token], builtins=[filter_library]) self.assertEqual( repr(parser), '<Parser tokens=[<Block token: "some text...">]>', ) filter_expression = FilterExpression('news|upper', parser) self.assertEqual(repr(filter_expression), "<FilterExpression 'news|upper'>") lexer = Lexer('{% for i in 1 %}{{ a }}\n{% endfor %}') self.assertEqual( repr(lexer), '<Lexer template_string="{% for i in 1 %}{{ a...", verbatim=False>', )
def test_wtm_include_marketing(rf, site): token = Token(token_type=TOKEN_TYPE, contents='wtm_include "marketing" "test.html"') parser = Parser(tokens=[token]) node = wtm_include(parser, token) with pytest.raises(TemplateDoesNotExist): request = rf.get(site.root_page.url) node.render(context=make_context({"request": request})) request.COOKIES = {"wtm": "marketing:false"} node.render(context=make_context({"request": request})) request.COOKIES = {"wtm": "marketing:true"} node.render(context=make_context({"request": request}))
def test_tag_update_query_string(self): request = mock.Mock() request.get_full_path = mock.Mock(return_value='/fake') parser = Parser('') token = Token(TOKEN_TEXT, 'tag with "page"="2"') node = tag_update_query_string(parser, token) self.assertEqual(node.render({'request': request}), u'/fake?page=2') token = Token(TOKEN_TEXT, 'tag with page=num_page') node = tag_update_query_string(parser, token) self.assertEqual( node.render({ 'request': request, 'page': 'page', 'num_page': 2 }), u'/fake?page=2')
def _build_choices(self): """Build choices list runtime using 'sitetree_tree' tag""" tree_token = u'sitetree_tree from "%s" template "%s"' % (self.tree, self.template) choices_str = sitetree_tree( Parser(None), Token(token_type=TOKEN_BLOCK, contents=tree_token)).render( template.Context(current_app='admin')) tree_choices = [('', self.root_title)] for line in choices_str.splitlines(): if line.strip(): splitted = line.split(':::') tree_choices.append((splitted[0], mark_safe(splitted[1]))) return tree_choices