def refined_query(self, query, model, req): """Derived classes may override this method to add model-specific query refinements of their own. """ if model == Contribution: return query.options( joinedload_all(Contribution.references, ContributionReference.source)) if model == Parameter: if req.matchdict['id'][-1] not in ascii_uppercase: # route match for 2008-style URL: redirect! raise HTTPMovedPermanently( req.route_url('contribution', id=req.matchdict['id'])) if model == Source: try: # redirect legacy refdb URLs formed with numeric id: rec = Source.get(int(req.matchdict['id']), default=None) if rec: raise HTTPMovedPermanently( req.route_url('source', id=rec.id)) else: raise HTTPNotFound() except ValueError: pass return query
def __call__(self, model, req): if model == Language: # responses for no longer supported legacy codes if not models.Languoid.get(req.matchdict['id'], default=None): legacy = models.LegacyCode.get(req.matchdict['id'], default=None) if legacy: raise HTTPMovedPermanently(location=legacy.url(req)) # # FIXME: how to serve HTTP 410 for legacy codes? # elif model == Source: if ':' in req.matchdict['id']: ref = req.db.query(models.Source)\ .join(models.Refprovider)\ .filter(models.Refprovider.id == req.matchdict['id'])\ .first() if ref: raise HTTPMovedPermanently( location=req.route_url('source', id=ref.id)) legacy = req.db.query( models.LegacyRef).filter_by(id=req.matchdict['id']) if req.db.query(legacy.exists()).scalar(): raise HTTPGone() return super(GLCtxFactoryQuery, self).__call__(model, req)
def release_detail(release, request): project = release.project # Check if the requested version is equivalent but not exactly the same as # the release's version. Use `.get` because this view is used by # `project_detail` and there may not be a version. # # This also handles the case where both the version and the project name # need adjusted, and handles it in a single redirect. if release.version != request.matchdict.get("version", release.version): return HTTPMovedPermanently( request.current_route_path(name=project.name, version=release.version) ) # It's possible that the requested version was correct (or not provided), # but we still need to adjust the project name. if project.name != request.matchdict.get("name", project.name): return HTTPMovedPermanently(request.current_route_path(name=project.name)) # Render the release description. description = readme.render(release.description, release.description_content_type) # Get all of the maintainers for this project. maintainers = [ r.user for r in ( request.db.query(Role) .join(User) .filter(Role.project == project) .distinct(User.username) .order_by(User.username) .all() ) ] # Get the license from both the `Classifier` and `License` metadata fields license_classifiers = ", ".join( c.split(" :: ")[-1] for c in release.classifiers if c.startswith("License") ) # Make a best effort when the entire license text is given by using the # first line only. short_license = release.license.split("\n")[0] if release.license else None if license_classifiers and short_license: license = f"{license_classifiers} ({short_license})" else: license = license_classifiers or short_license or None return { "project": project, "release": release, "description": description, "files": release.files.all(), "latest_version": project.latest_version, "all_versions": project.all_versions, "maintainers": maintainers, "license": license, }
def display(request): name = request.params.get('name') version = request.params.get('version') if not name: raise HTTPNotFound if version: return HTTPMovedPermanently( request.route_path('packaging.release', name=name, version=version)) return HTTPMovedPermanently( request.route_path('packaging.project', name=name))
def display(request): name = request.params.get("name") version = request.params.get("version") if not name: raise HTTPNotFound if version: return HTTPMovedPermanently( request.route_path("packaging.release", name=name, version=version)) return HTTPMovedPermanently( request.route_path("packaging.project", name=name))
def file_redirect(request): # Pull the information we need to find this file out of the URL. pyversion, first, name, filename = request.matchdict["path"].split("/") # This is just a simple sanity check so that we don't have to look this up # in the database since it would otherwise be redundant. if first != name[0]: return HTTPNotFound() # If the filename we're looking for is a signature, then we'll need to turn # this into the *real* filename and a note that we're looking for the # signature. if filename.endswith(".asc"): filename = filename[:-4] signature = True else: signature = False # Look up to see if there is a file that match this python version, name, # and filename in the database. If there isn't we'll 404 here. try: file_ = ( request.db.query(File) .filter((File.python_version == pyversion) & (File.name == name) & (File.filename == filename)) .one() ) except NoResultFound: return HTTPNotFound() # If we've located the file, but we're actually looking for the signature # then we'll check to see if this file object has a signature associated # with it. If it does we'll redirect to that, if not then we'll return a # 404. if signature: if file_.has_signature: return HTTPMovedPermanently( request.route_path("packaging.file", path=file_.pgp_path) ) else: return HTTPNotFound() # Finally if we've gotten here, then we want to just return a redirect to # the actual file. return HTTPMovedPermanently( request.route_path("packaging.file", path=file_.path) )
def profile(user, request): if user.username != request.matchdict.get("username", user.username): return HTTPMovedPermanently( request.current_route_path(username=user.username), ) return {"user": user}
def project_detail(project, request): project_name = request.matchdict["project_name"] if project_name != project.normalized_name: raise HTTPMovedPermanently( request.current_route_path( project_name=project.normalized_name, ), ) maintainers = [ role for role in (request.db.query(Role).join(User).filter( Role.project == project).distinct(User.username).all()) ] maintainers = sorted( maintainers, key=lambda x: (x.role_name, x.user.username), ) journal = [ entry for entry in (request.db.query(JournalEntry).filter( JournalEntry.name == project.name).order_by( JournalEntry.submitted_date.desc()).limit(50)) ] return { "project": project, "maintainers": maintainers, "journal": journal, "ONE_MB": ONE_MB, "MAX_FILESIZE": MAX_FILESIZE }
def wiki_view(page, request): # TODO wait what happens if the path is empty # If we got here and the URL has no trailing slash, redirect and add it. # (Only files and /@@foo are allowed to not have a trailing slash.) # TODO any cleaner way to do this, or cleaner place to do it? i can't use # append_slash because core has dibs on the notfound view, and anyway i # want a consistent url for pages that /do/ exist too if not request.path.endswith('/'): new_url = request.path_url + '/' if request.query_string: new_url += '?' new_url += request.query_string raise HTTPMovedPermanently(location=new_url) if not page.exists: # TODO what if it exists, but is a directory, or unreadable, or etc.? # TODO should offer spelling suggestions... eventually # TODO should examine the hierarchy to see if the parent exist, or any # children exist # TODO possibly a URL containing a dot somewhere (or @@, or whatever) # should not end up here? request.response.status_int = 404 return render_to_response('spline_wiki:templates/missing.mako', dict(page=page), request=request) # TODO maybe i should go through git for this too, in case the repo is # bare. bare repo actually sounds like an ok idea. content = render_prose(page.read()) return dict( page=page, content=content, )
def error_redirect(request): ''' Errors get redirected here ''' url = request.application_url + '/assets/public/error.html' return HTTPMovedPermanently(location=url, expires=0, cache_control='no-store, no-cache, must-revalidate')
def __call__(self, request): """ Performs the URL lookup and returns a Traversal root object or None if no context for the current URL could be found. If a context object is found but the human readable part of the URL doesn't match an HTTPMovedPermanently exception is raised. :param request: Current request :type request: :class:`~pyramid.request.Request` :raises pyramid.httpexceptions.HTTPMovedPermanently: If the request human readable URL didn't match :return: None or a dict like object """ if not request.matchdict: return None path_elements = request.matchdict.get('traverse', []) id, requested_url_parts = self._context_id( path_elements, separator='-' ) if not id: return None context = self._get_context(id) if not context: return None context_url = request.resource_path(context) if not self._validate_url(requested_url_parts, context_url): raise HTTPMovedPermanently(location=request.y_path(context)) return self._get_root(requested_url_parts, context.lineage)
def canonical_redirect(event): request = event['request'] # Ignore subrequests if len(manager.stack) > 1: return if request.method not in ('GET', 'HEAD'): return if request.response.status_int != 200: return if not request.environ.get('clincoded.canonical_redirect', True): return if request.path_info == '/': return canonical_path = event.rendering_val.get('@id', None) if canonical_path is None: return canonical_path = canonical_path.split('?', 1)[0] request_path = _join_path_tuple(('', ) + split_path_info(request.path_info)) if (request_path == canonical_path.rstrip('/') and request.path_info.endswith('/') == canonical_path.endswith('/')): return if '/@@' in request.path_info: return qs = request.query_string location = canonical_path + ('?' if qs else '') + qs raise HTTPMovedPermanently(location=location)
def _check_slug(group, request): """Redirect if the request slug does not match that of the group.""" slug = request.matchdict.get('slug') if slug is None or slug != group.slug: raise HTTPMovedPermanently(request.route_path('group_read', pubid=group.pubid, slug=group.slug))
def idea_vote(request): post_data = request.POST target = post_data.get('target') session = DBSession() idea = Idea.get_by_id(target) voter_username = authenticated_userid(request) voter = User.get_by_username(voter_username) if post_data.get('form.vote_hit'): idea.hits += 1 idea.author.hits += 1 voter.delivered_hits += 1 elif post_data.get('form.vote_miss'): idea.misses += 1 idea.author.misses += 1 voter.delivered_misses += 1 idea.voted_users.append(voter) session.flush() redirect_url = route_url('idea', request, idea_id=idea.idea_id) response = HTTPMovedPermanently(location=redirect_url) return response
def project_detail(project, request): project_name = request.matchdict["project_name"] if project_name != project.normalized_name: raise HTTPMovedPermanently( request.current_route_path(project_name=project.normalized_name)) releases = (request.db.query(Release).filter( Release.project == project).order_by( Release._pypi_ordering.desc()).limit(10).all()) maintainers = [ role for role in (request.db.query(Role).join(User).filter( Role.project == project).distinct(User.username).all()) ] maintainers = sorted(maintainers, key=lambda x: (x.role_name, x.user.username)) journal = [ entry for entry in (request.db.query(JournalEntry).options( joinedload("submitted_by")).filter( JournalEntry.name == project.name).order_by( JournalEntry.submitted_date.desc(), JournalEntry.id.desc()).limit(30)) ] return { "project": project, "releases": releases, "maintainers": maintainers, "journal": journal, "ONE_MB": ONE_MB, "MAX_FILESIZE": MAX_FILESIZE, "ONE_GB": ONE_GB, "MAX_PROJECT_SIZE": MAX_PROJECT_SIZE, }
def release_detail(release, request): project = release.project if project.name != request.matchdict.get("name", project.name): return HTTPMovedPermanently( request.current_route_path(name=project.name), ) # Get all of the registered versions for this Project, in order of newest # to oldest. all_releases = (request.db.query(Release).filter( Release.project == project).with_entities( Release.version, Release.created).order_by(Release._pypi_ordering.desc()).all()) # Get all of the maintainers for this project. maintainers = [ r.user for r in (request.db.query(Role).join(User).filter( Role.project == project).distinct(User.username).order_by( User.username).all()) ] return { "project": project, "release": release, "files": release.files.all(), "all_releases": all_releases, "maintainers": maintainers, }
def release_detail(release, request): project = release.project if project.name != request.matchdict.get("name", project.name): return HTTPMovedPermanently( request.current_route_path(name=project.name), ) # Get all of the registered versions for this Project, in order of newest # to oldest. all_releases = (project.releases.with_entities( Release.version, Release.created).order_by(Release._pypi_ordering.desc()).all()) # Get all of the maintainers for this project. maintainers = [ r.user for r in (request.db.query(Role).join(User).filter( Role.project == project).distinct(User.username).order_by( User.username).all()) ] stats_svc = request.find_service(IDownloadStatService) return { "project": project, "release": release, "files": release.files.all(), "all_releases": all_releases, "maintainers": maintainers, "download_stats": { "daily": stats_svc.get_daily_stats(project.name), "weekly": stats_svc.get_weekly_stats(project.name), "monthly": stats_svc.get_monthly_stats(project.name), }, }
def my_route(request, path): if not path: path = "/" if path.endswith("/"): path += "index.html" try: key = request.s3.get_key(path) except S3ResponseError: # Try the same request, but with a /index.html added onto it. try: key = request.s3.get_key(path + "/index.html") except S3ResponseError: return HTTPNotFound() else: return HTTPMovedPermanently("/" + path + "/") key.open_read() content_type, content_encoding = mimetypes.guess_type(path) return Response( app_iter=key, content_type=content_type, content_encoding=content_encoding, )
def simple_detail(project, request): # TODO: Handle files which are not hosted on PyPI # Make sure that we're using the normalized version of the URL. if project.normalized_name != request.matchdict.get( "name", project.normalized_name ): return HTTPMovedPermanently( request.current_route_path(name=project.normalized_name) ) # Get the latest serial number for this project. request.response.headers["X-PyPI-Last-Serial"] = str(project.last_serial) # Get all of the files for this project. files = sorted( request.db.query(File) .options(joinedload(File.release)) .join(Release) .filter(Release.project == project) .all(), key=lambda f: (parse(f.release.version), f.filename), ) return {"project": project, "files": files}
def __call__(self, value, system): request = system.get('request') vary = request.environ.get('encoded.vary', None) if vary is not None: original_vary = request.response.vary or () request.response.vary = original_vary + vary if (request.method in ('GET', 'HEAD') and request.response.status_int == 200 and isinstance(value, dict) and request.environ.get('encoded.canonical_redirect', True)): url = value.get('@id', None) if url is not None: path = url.split('?', 1)[0] if path != request.path: qs = request.query_string location = path + ('?' if qs else '') + qs raise HTTPMovedPermanently(location=location) format = request.environ.get('encoded.format', 'json') value = self.json_renderer(value, system) if format == 'json': return value else: return self.page_renderer(value, system)
def error_redirect(request): ''' Errors get redirected here ''' return HTTPMovedPermanently( location=request.route_url('error'), expires=0, cache_control='no-store, no-cache, must-revalidate')
def json_release_slash(project, request): return HTTPMovedPermanently( # Respond with redirect to url without trailing slash request.route_path("legacy.api.json.release", name=project.name, version=project.version), headers=_CORS_HEADERS, )
def __init__(self, f, request, disposition='attachment', cache_max_age=604800, content_type=None, content_encoding=None): """ :param f: the ``UploadedFile`` file field value. :type f: :class:`depot.io.interfaces.StoredFile` :param request: Current request. :type request: :class:`pyramid.request.Request` :param disposition: :type disposition: :param cache_max_age: The number of seconds that should be used to HTTP cache this response. :param content_type: The content_type of the response. :param content_encoding: The content_encoding of the response. It's generally safe to leave this set to ``None`` if you're serving a binary file. This argument will be ignored if you also leave ``content-type`` as ``None``. """ if f.public_url: raise HTTPMovedPermanently(f.public_url) content_encoding, content_type = self._get_type_and_encoding( content_encoding, content_type, f) super(StoredFileResponse, self).__init__( conditional_response=True, content_type=content_type, content_encoding=content_encoding) app_iter = None if request is not None and \ not get_settings()['kotti.depot_replace_wsgi_file_wrapper']: environ = request.environ if 'wsgi.file_wrapper' in environ: app_iter = environ['wsgi.file_wrapper'](f, _BLOCK_SIZE) if app_iter is None: app_iter = FileIter(f) self.app_iter = app_iter # assignment of content_length must come after assignment of app_iter self.content_length = f.content_length self.last_modified = f.last_modified if cache_max_age is not None: self.cache_expires = cache_max_age self.cache_control.public = True self.etag = self.generate_etag(f) self.content_disposition = rfc6266.build_header( f.filename, disposition=disposition, filename_compat=unidecode(f.filename))
def test_unicode_redirects(original_location, expected_location): if original_location: resp_in = HTTPMovedPermanently(original_location) else: resp_in = Response() resp_out = sanity.unicode_redirects(resp_in) assert resp_out.location == expected_location
def antibody_approval_page_view(context, request): if 'antibodies' in request.traversed: obj = request.embed(request.resource_path(context), '@@object') qs = request.query_string location = obj['antibody'] + ('?' if qs else '') + qs raise HTTPMovedPermanently(location=location) if request.has_permission('view'): return item_view_page(context, request) raise HTTPForbidden()
def public_report_short_url(request, validator=None): request.matchdict['name'] = 'public_short_url' request.GET['sid'] = request.matchdict['sid'] path = generate_report(request, validator, prefix='public.') url = request.application_url + path return HTTPMovedPermanently( location=url, expires=0, cache_control='no-store, no-cache, must-revalidate')
def __init__(self, request): settings = request.registry.settings if not asbool(settings.get('caliopen_ws.force_https', '0')): return if request.environ.get('REQUEST_SCHEME') != 'https': url = "https://" + request.host + request.path_qs log.debug('Redirect to %s' % url) raise HTTPMovedPermanently(location=url) self.request = request
def profile(user, request): if user.username != request.matchdict.get("username", user.username): return HTTPMovedPermanently( request.current_route_path(username=user.username), ) projects = (request.db.query(Release).options(joinedload( Release.project)).join(Project).distinct(Project.name).filter( Project.users.contains(user)).order_by(Project.name).all()) return {"user": user, "projects": projects}
def profile(user, request): if user.username != request.matchdict.get("username", user.username): return HTTPMovedPermanently( request.current_route_path(username=user.username)) projects = (request.db.query(Project).filter( Project.users.contains(user)).join(Project.releases).order_by( Release.created.desc()).all()) return {"user": user, "projects": projects}
def reset(request): _ = request.translate token = DBSession.query(PasswordResetToken) \ .filter_by(token=request.matchdict['token']) \ .first() if not token or not token.user: request.messages.error(_('Unknown password reset token.')) url = request.route_url('account_forgot') return HTTPMovedPermanently(location=url) password = request.POST.get('password') password2 = request.POST.get('password2') if request.method != 'POST' or not password or not password2: return {'token': token} if not User.validate_password(password) or password != password2: request.messages.error(_('Invalid password.')) request.response.status_code = HTTPBadRequest.code return {'token': token} token.user.set_password(password) mailer = get_mailer(request) body = render('mail/password_reset_done.mako', { 'user': token.user, 'changed_by': request.remote_addr, }, request=request) message = Message(subject=_('CCVPN: Password changed'), recipients=[token.user.email], body=body) mailer.send(message) msg = _('You have changed the password for ${user}.', mapping={'user': token.user.username}) msg += ' ' + _('You can now log in.') request.messages.info(msg) DBSession.delete(token) url = request.route_url('account_login') return HTTPMovedPermanently(location=url)