def test_related(): field_lookup = FieldLookupBackend() lookup = '__'.join(['inventory', 'organization', 'pk']) field, new_lookup = field_lookup.get_field_from_lookup( InventorySource, lookup) print(field) print(new_lookup)
def test_invalid_field(): invalid_field = u"ヽヾ" field_lookup = FieldLookupBackend() with pytest.raises(ValueError) as excinfo: field_lookup.value_to_python(WorkflowJobTemplate, invalid_field, 'foo') assert 'is not an allowed field name. Must be ascii encodable.' in str( excinfo.value)
def test_filter_on_password_field(password_field, lookup_suffix): field_lookup = FieldLookupBackend() lookup = '__'.join(filter(None, [password_field, lookup_suffix])) with pytest.raises(PermissionDenied) as excinfo: field, new_lookup = field_lookup.get_field_from_lookup( Credential, lookup) assert 'not allowed' in str(excinfo.value)
def related_search_fields(self): def skip_related_name(name): return ( name is None or name.endswith('_role') or name.startswith('_') or name.startswith('deprecated_') or name.endswith('_set') or name == 'polymorphic_ctype' ) fields = set([]) for field in self.model._meta.fields: if skip_related_name(field.name): continue if getattr(field, 'related_model', None): fields.add('{}__search'.format(field.name)) for related in self.model._meta.related_objects: name = related.related_name if isinstance(related, OneToOneRel) and self.model._meta.verbose_name.startswith('unified'): # Add underscores for polymorphic subclasses for user utility name = related.related_model._meta.verbose_name.replace(" ", "_") if skip_related_name(name) or name.endswith('+'): continue fields.add('{}__search'.format(name)) m2m_related = [] m2m_related += self.model._meta.local_many_to_many if issubclass(self.model, UnifiedJobTemplate) and self.model != UnifiedJobTemplate: m2m_related += UnifiedJobTemplate._meta.local_many_to_many if issubclass(self.model, UnifiedJob) and self.model != UnifiedJob: m2m_related += UnifiedJob._meta.local_many_to_many for relationship in m2m_related: if skip_related_name(relationship.name): continue if relationship.related_model._meta.app_label != 'main': continue fields.add('{}__search'.format(relationship.name)) fields = list(fields) allowed_fields = [] for field in fields: try: FieldLookupBackend().get_field_from_lookup(self.model, field) except PermissionDenied: pass except FieldDoesNotExist: allowed_fields.append(field) else: allowed_fields.append(field) return allowed_fields
def __init__(self, t): kwargs = dict() k, v = self._extract_key_value(t) k, v = self._json_path_to_contains(k, v) Host = get_model('host') search_kwargs = self._expand_search(k, v) if search_kwargs: kwargs.update(search_kwargs) q = reduce(lambda x, y: x | y, [models.Q(**{u'%s__icontains' % _k:_v}) for _k, _v in kwargs.items()]) self.result = Host.objects.filter(q) else: # detect loops and restrict access to sensitive fields # this import is intentional here to avoid a circular import from awx.api.filters import FieldLookupBackend FieldLookupBackend().get_field_from_lookup(Host, k) kwargs[k] = v self.result = Host.objects.filter(**kwargs)
def test_invalid_iexact(): field_lookup = FieldLookupBackend() with pytest.raises(ValueError) as excinfo: field_lookup.value_to_python(Job, 'id__iexact', '1') assert 'is not a text field and cannot be filtered by case-insensitive search' in str( excinfo.value)
def test_valid_iexact(): field_lookup = FieldLookupBackend() value, new_lookup, _ = field_lookup.value_to_python( JobTemplate, 'project__name__iexact', 'foo') assert 'foo' in value
def test_empty_in(empty_value): field_lookup = FieldLookupBackend() with pytest.raises(ValueError) as excinfo: field_lookup.value_to_python(JobTemplate, 'project__name__in', empty_value) assert 'empty value for __in' in str(excinfo.value)
def test_invalid_filter_key(): field_lookup = FieldLookupBackend() # FieldDoesNotExist is caught and converted to ParseError by filter_queryset with pytest.raises(FieldDoesNotExist) as excinfo: field_lookup.value_to_python(JobEvent, 'event_data.task_action', 'foo') assert 'has no field named' in str(excinfo)
def test_looping_filters_prohibited(): field_lookup = FieldLookupBackend() with pytest.raises(ParseError) as loop_exc: field_lookup.get_field_from_lookup(Job, 'job_events__job__job_events') assert 'job_events' in str(loop_exc.value)
def test_filter_sensitive_fields_and_relations(model, query): field_lookup = FieldLookupBackend() with pytest.raises(PermissionDenied) as excinfo: field, new_lookup = field_lookup.get_field_from_lookup(model, query) assert 'not allowed' in str(excinfo.value)
def test_valid_in(valid_value): field_lookup = FieldLookupBackend() value, new_lookup = field_lookup.value_to_python(JobTemplate, 'project__name__in', valid_value) assert 'foo' in value