Exemplo n.º 1
0
def validate_colander_schema(schema, request):
    """Validates that the request is conform to the given schema"""
    from colander import Invalid

    def _validate_fields(location, data):
        for attr in schema.get_attributes(location=location, request=request):
            if attr.required and not attr.name in data:
                # missing
                request.errors.add(location, attr.name,
                                   "%s is missing" % attr.name)
            else:
                try:
                    if not attr.name in data:
                        deserialized = attr.deserialize()
                    else:
                        deserialized = attr.deserialize(data[attr.name])
                except Invalid as e:
                    # the struct is invalid
                    try:
                        request.errors.add(location, attr.name,
                                           e.asdict()[attr.name])
                    except KeyError:
                        for k, v in e.asdict().items():
                            if k.startswith(attr.name):
                                request.errors.add(location, k, v)
                else:
                    request.validated[attr.name] = deserialized

    qs, headers, body, path = extract_request_data(request)

    _validate_fields('path', path)
    _validate_fields('header', headers)
    _validate_fields('body', body)
    _validate_fields('querystring', qs)
Exemplo n.º 2
0
def validate_colander_schema(schema, request):
    """Validates that the request is conform to the given schema"""
    from colander import Invalid
    def _validate_fields(location, data):
        for attr in schema.get_attributes(location=location,
                                          request=request):
            if attr.required and not attr.name in data:
                # missing
                request.errors.add(location, attr.name,
                                   "%s is missing" % attr.name)
            else:
                try:
                    if not attr.name in data:
                        deserialized = attr.deserialize()
                    else:
                        deserialized = attr.deserialize(data[attr.name])
                except Invalid as e:
                    # the struct is invalid
                    try:
                        request.errors.add(location, attr.name,
                                           e.asdict()[attr.name])
                    except KeyError:
                        for k, v in e.asdict().items():
                            if k.startswith(attr.name):
                                request.errors.add(location, k, v)
                else:
                    request.validated[attr.name] = deserialized

    qs, headers, body, path = extract_request_data(request)

    _validate_fields('path', path)
    _validate_fields('header', headers)
    _validate_fields('body', body)
    _validate_fields('querystring', qs)
Exemplo n.º 3
0
def validate_colander_schema(schema, request):
    """Validates that the request is conform to the given schema"""
    from colander import Invalid, Sequence, drop

    def _validate_fields(location, data):
        for attr in schema.get_attributes(location=location,
                                          request=request):
            if attr.required and not attr.name in data:
                # missing
                request.errors.add(location, attr.name,
                                   "%s is missing" % attr.name)
            else:
                try:
                    if not attr.name in data:
                        deserialized = attr.deserialize()
                    else:
                        if (location == 'querystring' and
                                isinstance(attr.typ, Sequence)):
                            serialized = data.getall(attr.name)
                        else:
                            serialized = data[attr.name]
                        deserialized = attr.deserialize(serialized)
                except Invalid as e:
                    # the struct is invalid
                    try:
                        request.errors.add(location, attr.name,
                                           e.asdict()[attr.name])
                    except KeyError:
                        for k, v in e.asdict().items():
                            if k.startswith(attr.name):
                                request.errors.add(location, k, v)
                else:
                    if deserialized is not drop:
                        request.validated[attr.name] = deserialized

    qs, headers, body, path = extract_request_data(request)

    _validate_fields('path', path)
    _validate_fields('header', headers)
    _validate_fields('body', body)
    _validate_fields('querystring', qs)

    # These taken from colander's _SchemaNode::deserialize
    # to apply preparer/validator on the root node
    from colander.compat import is_nonstr_iter
    c_schema = schema._schema_inst
    if c_schema.preparer is not None:
        # if the preparer is a function, call a single preparer
        if hasattr(c_schema.preparer, '__call__'):
            request.validated = c_schema.preparer(request.validated)
            # if the preparer is a list, call each separate preparer
        elif is_nonstr_iter(c_schema.preparer):
            for preparer in c_schema.preparer:
                request.validated = preparer(request.validated)

    from colander import deferred
    if c_schema.validator is not None:
        if not isinstance(c_schema.validator, deferred): # unbound
            c_schema.validator(c_schema, request.validated)
Exemplo n.º 4
0
def validate_colander_schema(schema, request):
    """Validates that the request is conform to the given schema"""
    from colander import Invalid, Sequence, drop

    def _validate_fields(location, data):
        if location == 'body':
            try:
                original = data
                data = webob.multidict.MultiDict(schema.unflatten(data))
                data.update(original)
            except KeyError:
                pass

        for attr in schema.get_attributes(location=location,
                                          request=request):
            if attr.required and not attr.name in data:
                # missing
                request.errors.add(location, attr.name,
                                   "%s is missing" % attr.name)
            else:
                try:
                    if not attr.name in data:
                        deserialized = attr.deserialize()
                    else:
                        if (location == 'querystring' and
                                isinstance(attr.typ, Sequence)):
                            serialized = data.getall(attr.name)
                        else:
                            serialized = data[attr.name]
                        deserialized = attr.deserialize(serialized)
                except Invalid as e:
                    # the struct is invalid
                    try:
                        request.errors.add(location, attr.name,
                                           e.asdict()[attr.name])
                    except KeyError:
                        for k, v in e.asdict().items():
                            if k.startswith(attr.name):
                                request.errors.add(location, k, v)
                else:
                    if deserialized is not drop:
                        request.validated[attr.name] = deserialized

    qs, headers, body, path = extract_request_data(request)

    _validate_fields('path', path)
    _validate_fields('header', headers)
    _validate_fields('body', body)
    _validate_fields('querystring', qs)

    # validate unknown
    if schema.colander_schema.typ.unknown == 'raise':
        attrs = schema.get_attributes(location=('body', 'querystring'),
                                      request=request)
        params = list(qs.keys()) + list(body.keys())
        msg = '%s is not allowed'
        for param in set(params) - set([attr.name for attr in attrs]):
            request.errors.add('body' if param in body else 'querystring',
                               param, msg % param)
Exemplo n.º 5
0
def validate_colander_schema(schema, request):
    """Validates that the request is conform to the given schema"""
    from colander import Invalid, Sequence, drop

    def _validate_fields(location, data):
        for attr in schema.get_attributes(location=location,
                                          request=request):
            if attr.required and not attr.name in data:
                # missing
                request.errors.add(location, attr.name,
                                   "%s is missing" % attr.name)
            else:
                try:
                    if not attr.name in data:
                        deserialized = attr.deserialize()
                    else:
                        if (location == 'querystring' and
                                isinstance(attr.typ, Sequence)):
                            serialized = data.getall(attr.name)
                        else:
                            serialized = data[attr.name]
                        deserialized = attr.deserialize(serialized)
                except Invalid as e:
                    # the struct is invalid
                    try:
                        request.errors.add(location, attr.name,
                                           e.asdict()[attr.name])
                    except KeyError:
                        for k, v in e.asdict().items():
                            if k.startswith(attr.name):
                                request.errors.add(location, k, v)
                else:
                    if deserialized is not drop:
                        request.validated[attr.name] = deserialized

    def _validate_custom_temp(data):
        if not request.errors:

            try:
                schema._c_schema.deserialize(request.validated)
            except Invalid as e:
                # the struct is invalid
                request.errors.add('', 'custom validators', e.asdict()[''])

    qs, headers, body, path = extract_request_data(request)

    _validate_fields('path', path)
    _validate_fields('header', headers)
    _validate_fields('body', body)
    _validate_fields('querystring', qs)

    _validate_custom_temp(request.validated)
Exemplo n.º 6
0
def validate_colander_schema(schema, request):
    """Validates that the request is conform to the given schema"""
    from colander import Invalid, Sequence, drop, null

    if not isinstance(schema.colander_schema, colander.MappingSchema):
        raise SchemaError('schema is not a MappingSchema: %s' %
                          type(schema.colander_schema))

    def _validate_fields(location, data):
        if location == 'body':
            try:
                original = data
                data = webob.multidict.MultiDict(schema.unflatten(data))
                data.update(original)
            except KeyError:
                pass

        if location == 'querystring':
            try:
                original = data
                data = schema.unflatten(original)
            except KeyError:
                pass

        for attr in schema.get_attributes(location=location, request=request):
            if attr.required and attr.name not in data and \
               attr.default == null:
                # missing
                request.errors.add(location, attr.name,
                                   "%s is missing" % attr.name)
            else:
                try:
                    if attr.name not in data:
                        if attr.default != null:
                            deserialized = attr.deserialize(attr.serialize())
                        else:
                            deserialized = attr.deserialize()
                    else:
                        if (location == 'querystring'
                                and isinstance(attr.typ, Sequence)):
                            serialized = original.getall(attr.name)
                        else:
                            serialized = data[attr.name]
                        deserialized = attr.deserialize(serialized)
                except Invalid as e:
                    # the struct is invalid
                    try:
                        request.errors.add(location, attr.name,
                                           e.asdict()[attr.name])
                    except KeyError:
                        for k, v in e.asdict().items():
                            if k.startswith(attr.name):
                                request.errors.add(location, k, v)
                else:
                    if deserialized is not drop:
                        request.validated[attr.name] = deserialized

    qs, headers, body, path = extract_request_data(request)

    _validate_fields('path', path)
    _validate_fields('header', headers)
    _validate_fields('body', body)
    _validate_fields('querystring', qs)

    # validate unknown
    if schema.colander_schema.typ.unknown == 'raise':
        attrs = schema.get_attributes(location=('body', 'querystring'),
                                      request=request)
        params = list(qs.keys()) + list(body.keys())
        msg = '%s is not allowed'
        for param in set(params) - set([attr.name for attr in attrs]):
            request.errors.add('body' if param in body else 'querystring',
                               param, msg % param)
Exemplo n.º 7
0
                    # missing
                    request.errors.add(location, attr.name,
                                       "%s is missing" % attr.name)
                else:
                    try:
                        if not attr.name in data:
                            deserialized = attr.deserialize(None)
                        else:
                            deserialized = attr.deserialize(data[attr.name])
                    except Invalid, e:
                        # the struct is invalid
                        request.errors.add(location, attr.name,
                                           e.asdict()[attr.name])
                    else:
                        request.validated[attr.name] = deserialized

        qs, headers, body, path = extract_request_data(request)

        _validate_fields('path', path)
        _validate_fields('header', headers)
        _validate_fields('body', body)
        _validate_fields('querystring', qs)

    return validator


DEFAULT_VALIDATORS = []
DEFAULT_FILTERS = [
    filter_json_xsrf,
]
Exemplo n.º 8
0
def validate_colander_schema(schema, request):
    """Validates that the request is conform to the given schema"""
    from colander import Invalid, Sequence, drop, null, Mapping

    # CorniceSchema.colander_schema guarantees that we have a colander
    #  instance and not a class so we should use `typ` and not
    #  `schema_type()` to determine the type.
    schema_type = schema.colander_schema.typ
    unknown = getattr(schema_type, 'unknown', None)

    if not isinstance(schema_type, Mapping):
        raise SchemaError('colander schema type is not a Mapping: %s' %
                          type(schema_type))

    def _validate_fields(location, data):
        if location == 'body':
            try:
                original = data
                data = webob.multidict.MultiDict(schema.unflatten(data))
                data.update(original)
            except KeyError:
                pass

        if location == 'querystring':
            try:
                original = data
                data = schema.unflatten(original)
            except KeyError:
                pass

        for attr in schema.get_attributes(location=location, request=request):
            if attr.required and attr.name not in data and \
               attr.default == null:
                # missing
                request.errors.add(location, attr.name,
                                   "%s is missing" % attr.name)
            else:
                try:
                    if attr.name not in data:
                        if attr.default != null:
                            deserialized = attr.deserialize(attr.serialize())
                        else:
                            deserialized = attr.deserialize()
                    else:
                        if (location == 'querystring'
                                and isinstance(attr.typ, Sequence)):
                            serialized = original.getall(attr.name)
                        else:
                            serialized = data[attr.name]
                        if serialized is None:
                            serialized = null
                        deserialized = attr.deserialize(serialized)
                except Invalid as e:
                    # the struct is invalid
                    try:
                        request.errors.add(location, attr.name,
                                           e.asdict()[attr.name])
                    except KeyError:
                        for k, v in e.asdict().items():
                            if k.startswith(attr.name):
                                request.errors.add(location, k, v)
                else:
                    if deserialized is not drop:
                        request.validated[attr.name] = deserialized

        if location == "body" and unknown == 'preserve':
            for field, value in data.items():
                if field not in request.validated:
                    request.validated[field] = value

    qs, headers, body, path = extract_request_data(request)

    _validate_fields('path', path)
    _validate_fields('header', headers)
    _validate_fields('body', body)
    _validate_fields('querystring', qs)

    # validate unknown
    if unknown == 'raise':
        attrs = schema.get_attributes(location=('body', 'querystring'),
                                      request=request)
        params = list(qs.keys()) + list(body.keys())
        msg = '%s is not allowed'
        for param in set(params) - set([attr.name for attr in attrs]):
            request.errors.add('body' if param in body else 'querystring',
                               param, msg % param)
Exemplo n.º 9
0
    def _validate_fields(location, data):
        for attr in schema.get_attributes(location=location):
            if attr.required and not attr.name in data:
                # missing
                request.errors.add(location, attr.name,
                                   "%s is missing" % attr.name)
            else:
                try:
                    if not attr.name in data:
                        deserialized = attr.deserialize()
                    else:
                        deserialized = attr.deserialize(data[attr.name])
                except Invalid, e:
                    # the struct is invalid
                    try:
                        request.errors.add(location, attr.name,
                                           e.asdict()[attr.name])
                    except KeyError:
                        for k, v in e.asdict().items():
                            if k.startswith(attr.name):
                                request.errors.add(location, k, v)
                else:
                    request.validated[attr.name] = deserialized

    qs, headers, body, path = extract_request_data(request)

    _validate_fields('path', path)
    _validate_fields('header', headers)
    _validate_fields('body', body)
    _validate_fields('querystring', qs)
Exemplo n.º 10
0
def validate_colander_schema(schema, request):
    """Validates that the request is conform to the given schema"""
    from colander import Invalid, Sequence, drop, null, Mapping

    # CorniceSchema.colander_schema guarantees that we have a colander
    #  instance and not a class so we should use `typ` and not
    #  `schema_type()` to determine the type.
    schema_type = schema.colander_schema.typ
    unknown = getattr(schema_type, 'unknown', None)

    if not isinstance(schema_type, Mapping):
        raise SchemaError('colander schema type is not a Mapping: %s' %
                          type(schema_type))

    def _validate_fields(location, data):
        if location == 'body':
            try:
                original = data
                data = webob.multidict.MultiDict(schema.unflatten(data))
                data.update(original)
            except KeyError:
                pass

        if location == 'querystring':
            try:
                original = data
                data = schema.unflatten(original)
            except KeyError:
                pass

        for attr in schema.get_attributes(location=location,
                                          request=request):
            if attr.required and attr.name not in data and \
               attr.default == null:
                # missing
                request.errors.add(location, attr.name,
                                   "%s is missing" % attr.name)
            else:
                try:
                    if attr.name not in data:
                        if attr.default != null:
                            deserialized = attr.deserialize(attr.serialize())
                        else:
                            deserialized = attr.deserialize()
                    else:
                        if (location == 'querystring' and
                                isinstance(attr.typ, Sequence)):
                            serialized = original.getall(attr.name)
                        else:
                            serialized = data[attr.name]
                        deserialized = attr.deserialize(serialized)
                except Invalid as e:
                    # the struct is invalid
                    try:
                        request.errors.add(location, attr.name,
                                           e.asdict()[attr.name])
                    except KeyError:
                        for k, v in e.asdict().items():
                            if k.startswith(attr.name):
                                request.errors.add(location, k, v)
                else:
                    if deserialized is not drop:
                        request.validated[attr.name] = deserialized

        if location == "body" and unknown == 'preserve':
            for field, value in data.items():
                if field not in request.validated:
                    request.validated[field] = value

    qs, headers, body, path = extract_request_data(request)

    _validate_fields('path', path)
    _validate_fields('header', headers)
    _validate_fields('body', body)
    _validate_fields('querystring', qs)

    # validate unknown
    if unknown == 'raise':
        attrs = schema.get_attributes(location=('body', 'querystring'),
                                      request=request)
        params = list(qs.keys()) + list(body.keys())
        msg = '%s is not allowed'
        for param in set(params) - set([attr.name for attr in attrs]):
            request.errors.add('body' if param in body else 'querystring',
                               param, msg % param)