def test_validate_uri(self): self.clioinfra = Configuration() if self.clioinfra.not_valid_uri('passwd'): print self.clioinfra.config['error'] if self.clioinfra.not_valid_uri('`wget'): print self.clioinfra.config['error'] if self.clioinfra.not_valid_uri('|'): print self.clioinfra.config['error']
def geofilter(): pids = [] ctrlist = {} ctrfilter = [] settings = Configuration() clioinfra = Dataset() clioindex = clioinfra.clioindex() columns = [ '1', 'Webmapper code', 'Webmapper numeric code', 'ccode', 'country name', 'start year', 'end year' ] (classification, geodataset, title, units) = content2dataframe(settings.config, settings.config['geocoderhandle']) settings = DataFilter(request.args) if settings.selected(): pids = clioinfra.findhandles(settings.selected()) datasets = clioinfra.retrievedatasets(pids) selection = [] for item in datasets: dataset = datasets[item] dataset.columns = dataset.ix[1] dataset = dataset.convert_objects(convert_numeric=True) dataset.index = dataset['Webmapper numeric code'] if (settings.minyear()): dataset = dataset.loc[ dataset['start year'] >= settings.minyear()] dataset = dataset.loc[ dataset['start year'] <= settings.maxyear()] for col in columns: dataset = dataset.drop(col, axis=1) dataset['total'] = dataset.sum(axis=1) dataset = dataset.ix[dataset['total'] > 0] selection.append(dataset.index) for row in selection: for countryID in row: if countryID not in ctrlist: ctrlist[countryID] = countryID ctrfilter.append(countryID) geodataset = geodataset.convert_objects(convert_numeric=True) geodataset = geodataset.loc[geodataset['start year'] >= settings.minyear()] geodataset = geodataset.loc[geodataset['start year'] <= settings.maxyear()] if settings.showframe(): geodataset.index = geodataset['Webmapper numeric code'] if ctrfilter: geodataset = geodataset.ix[ctrfilter] (geocoder, geolist, oecd) = buildgeocoder(geodataset, settings.config, settings.countryfilter()) data = json.dumps(geocoder, encoding="utf-8", sort_keys=True, indent=4) return Response(data, mimetype='application/json')
def testsearch(self): settings = Configuration() dv = "National" dv = "Micro" sconnection = ExtrasearchAPI(settings.config['dataverseroot'], dv) p = sconnection.read_all_datasets() self.assertTrue(bool(sconnection.read_all_datasets())) # test if dataset is private self.assertTrue(bool(sconnection.has_restricted_data("V4Q8XE"))) # test if dataset is public self.assertFalse(bool(sconnection.has_restricted_data("8FCYOX"))) # test full handle pid self.assertTrue( bool(sconnection.has_restricted_data("hdl:10622/V4Q8XE")))
def test_validate_uri(self): self.clioinfra = Configuration() self.assertFalse( self.clioinfra.is_valid_uri( 'http://cliodomain.com/xcxc;`some code')) # check if passwd can be recognized in uri self.assertFalse(self.clioinfra.are_parameters_valid('passwd'), 'passwd recognition problem') # wget instance in uri self.assertFalse(self.clioinfra.are_parameters_valid('wget` '), 'wget recognition problem') self.assertFalse(self.clioinfra.are_parameters_valid('curl '), 'curl recognition problem') # other characters are allowed self.assertTrue( self.clioinfra.are_parameters_valid( "http://data.cliodomain.org/collabs/data/static/"), 'False recognition of characters in url') # shell injection check self.assertFalse( self.clioinfra.are_parameters_valid( "http://data.cliodomain.org/?export?fileId=12;%cat%20/etc/passw1d%20" ), 'False recognition of characters in url')
def login(settings=''): name = '' clioinfra = Configuration() opensession = {} openldap = OpenLDAP() if request.args.get('project'): opensession['project'] = request.args.get('project') else: opensession['project'] = '' try: thisuser = openldap.authentificate(request.form.get('login'), request.form.get('password')) if thisuser[0][1]['uid'][0]: session['name'] = thisuser[0][1]['displayName'][0] session['uid'] = thisuser[0][1]['uid'][0] if opensession['project']: session['project'] = opensession['project'] name = str(thisuser[0][1]['displayName'][0]) try: projectname = session['project'] except: projectname = '' if projectname: sandboxflag = re.search("sandbox", request.url) if sandboxflag: projecturl = "%s/%s" % (clioinfra.config['apiroot'], projectname) else: projecturl = "%s/%s" % (clioinfra.config['proxy'], projectname) return redirect(projecturl, code=302) else: return make_response( render_template('iish/login.html', username=name)) except: return make_response(render_template('iish/login.html'))
def test_settings(self): self.clioinfra = Configuration() self.assertTrue(self.clioinfra.config['dataverseroot']) self.assertTrue(self.clioinfra.config['apiroot']) self.assertTrue(self.clioinfra.config['key'])
def upload_file(): if request.method == 'POST': file = request.files['files'] if file and allowed_file(file.filename): filename = secure_filename(file.filename) file.save(os.path.join(app.config['UPLOAD_FOLDER'], filename)) return redirect("%spics/%s" % (request.url_root, filename)) return 'Upload form' @app.route('/pics/<filename>') def uploaded_file(filename): return send_from_directory(app.config['UPLOAD_FOLDER'], filename) clioinfra = Configuration() app.secret_key = clioinfra.config['secretkey'] @app.route('/') def browse(settings=''): session['name'] = '' return make_response(render_template('iish/projects.html')) @app.route('/logout', methods=['GET']) def logout(settings=''): session['name'] = '' try: if 'project' in session: sandboxflag = re.search("sandbox", request.url)
def test_ldap(self): self.clioinfra = Configuration() self.openldap = OpenLDAP() thisuser = self.openldap.searchuser("testusername") thisuser = self.openldap.authentificate("testusername", "passwd") print thisuser