def configure_forms(self): """Configure subsystems for rendering Deform forms. * Deform templates * Deform JS and CSS * CSRf view mapper """ from pyramid.config.views import DefaultViewMapper from websauna.system.form.resources import DefaultFormResources from websauna.system.form.interfaces import IFormResources from websauna.system.core.csrf import csrf_mapper_factory # Make Deform widgets aware of our widget template paths configure_zpt_renderer(["websauna.system:form/templates/deform"]) # Include Deform JS and CSS to static serving self.static_asset_policy.add_static_view('deform-static', 'deform:static') # Overrides for Deform 2 stock JS and CSS default_form_resources = DefaultFormResources() self.config.registry.registerUtility(default_form_resources, IFormResources) # Configure CSRF protection mapper = self.config.registry.queryUtility(IViewMapperFactory) if mapper is None: mapper = DefaultViewMapper self.config.set_view_mapper(csrf_mapper_factory(mapper))
def csrf_app(request): """py.test fixture to set up a dummy app for CSRF testing. :param request: pytest's FixtureRequest (internal class, cannot be hinted on a signature) """ session = DummySession() config = testing.setUp() config.set_view_mapper(csrf_mapper_factory(DefaultViewMapper)) config.add_route("home", "/") config.add_route("csrf_sample", "/csrf_sample") config.add_route("csrf_exempt_sample", "/csrf_exempt_sample") config.add_route("csrf_exempt_sample_context", "/csrf_exempt_sample_context") config.scan(csrfsamples) # We need sessions in order to use CSRF feature def dummy_session_factory(secret): # Return the same session over and over again return session config.set_session_factory(dummy_session_factory) def teardown(): testing.tearDown() app = TestApp(config.make_wsgi_app()) # Expose session data for tests to read app.session = session return app