Exemplo n.º 1
0
    def __init__(self, config):
        pluginmanager.PluginBase.__init__(self)

        self._db = SessionDatabase()
        self._expiration = int(config.get("expiration", 60)) * 60

        hookmanager.register("HOOK_USER_DELETE", lambda user: self._db.delete_session(user=user))
Exemplo n.º 2
0
    def __init__(self, config):
        pluginmanager.PluginBase.__init__(self)

        self._db = SessionDatabase()
        self._expiration = int(config.get("expiration", 60)) * 60

        hookmanager.register("HOOK_USER_DELETE", lambda user: self._db.delete_session(user=user))
Exemplo n.º 3
0
def test_baseview_render(baseview_fixtures):
    """
    Test `prewikka.baseview.BaseView.render` method.
    """
    from prewikka.baseview import BaseView

    base_view = BaseView()

    # register a fake HOOK to test all lines in baseview
    hookmanager.register('HOOK_LOAD_HEAD_CONTENT',
                         '<script src="foo.js"></script>')
    hookmanager.register('HOOK_LOAD_BODY_CONTENT', '<foo>bar</foo>')

    # default render
    base_view.render()

    # no user
    backup_user = env.request.user
    env.request.user = None
    base_view.render()
    env.request.user = backup_user

    # clean
    hookmanager.unregister('HOOK_LOAD_HEAD_CONTENT',
                           '<script src="foo.js"></script>')
    hookmanager.unregister('HOOK_LOAD_BODY_CONTENT', '<foo>bar</foo>')
Exemplo n.º 4
0
def test_hookmanager_unregister():
    """
    Test `prewikka.hookmanager.HookManager.unregister()` method.
    """
    hook = 'hook_6'
    method = lambda x: x

    hookmanager.register(hook, method)
    hookmanager.unregister(hook, method)

    assert list(hookmanager.trigger(hook, 'bar')) == []
Exemplo n.º 5
0
def test_hookmanager_register():
    """
    Test `prewikka.hookmanager.HookManager.register()` method.
    """
    hook = 'hook_1'

    assert hook not in hookmanager.hookmgr

    hookmanager.register(hook, lambda x: 42)

    assert hook in hookmanager.hookmgr
Exemplo n.º 6
0
    def __init__(self):
        env.dataprovider.check_datatype(self.type)

        self._formatter = self.formatter(self.type)

        self.all_fields = []
        self._main_fields = list(self.default_columns.keys())
        self.fields_info = collections.OrderedDict()
        self.columns_properties = collections.OrderedDict()

        self._prepare_fields()
        view.View.__init__(self)

        hookmanager.register(
            "HOOK_LOAD_HEAD_CONTENT",
            [resource.CSSLink("datasearch/css/datasearch.css")])

        section = self.section or env.dataprovider.get_label(self.type)
        tabs = self.tabs or (N_("Forensic"), N_("Dashboard"))

        view.route("/%s/forensic/ajax_timeline" % self.name,
                   self.ajax_timeline)
        view.route("/%s/forensic/ajax_table" % self.name, self.ajax_table)
        view.route("/%s/forensic/ajax_details" % self.name, self.ajax_details)
        view.route("/%s/forensic/ajax_infos" % self.name, self.ajax_infos)
        view.route("/%s/forensic/ajax_groupby" % self.name, self.ajax_groupby)
        view.route("/%s/forensic/csv_download" % self.name,
                   self.csv_download,
                   methods=["POST"])
        view.route("/%s/forensic" % self.name,
                   self.forensic,
                   menu=(section, tabs[0]),
                   keywords=["listing", "inheritable"],
                   datatype=self.type,
                   priority=1,
                   help="#%sforensic" % self.type,
                   methods=["POST", "GET"])
        view.route("/%s/dashboard" % self.name,
                   self.dashboard,
                   menu=(section, tabs[1]),
                   datatype=self.type,
                   help="#%sdashboard" % self.type,
                   methods=["POST", "GET"])
Exemplo n.º 7
0
def test_hookmanager_trigger():
    """
    Test `prewikka.hookmanager.HookManager.trigger()` method.
    """
    # Test method return value
    hook = 'hook_2'
    hookmanager.register(hook, lambda x: x + '42')

    assert list(hookmanager.trigger(hook, 'bar')) == ['bar42']

    with pytest.raises(TypeError):
        list(hookmanager.trigger(hook, 'foo', 'bar'))

    with pytest.raises(TypeError):
        list(hookmanager.trigger(hook, 'bar', type=int))

    # Test exception handling
    hook = 'hook_3'
    hookmanager.register(hook, lambda x: 1 / x)

    with pytest.raises(ZeroDivisionError):
        list(hookmanager.trigger(hook, 0))

    assert list(hookmanager.trigger(hook, 0, _except=lambda e: None)) == []

    # Test constant value
    hook = 'hook_4'
    hookmanager.register(hook, 42)

    assert list(hookmanager.trigger(hook, type=int)) == [42]

    # Test return ordering
    hook = 'hook_5'
    hookmanager.register(hook, 'a', _order=2)
    hookmanager.register(hook, 'b', _order=1)
    hookmanager.register(hook, 'r', _order=3)

    assert ''.join(hookmanager.trigger(hook)) == 'bar'
Exemplo n.º 8
0
 def __init__(self):
     view.View.__init__(self)
     hookmanager.register(
         "HOOK_LOAD_HEAD_CONTENT",
         [resource.CSSLink("statistics/css/gridstack.min.css")])
Exemplo n.º 9
0
    def __init__(self):
        env.dataprovider.check_datatype("alert")
        StaticStats.__init__(self)

        hookmanager.register("HOOK_DASHBOARD_DEFAULT_GRAPHS", _DEFAULT_GRAPHS)
Exemplo n.º 10
0
 def __init__(self):
     self._reinit()
     self._joblist = set()
     hookmanager.register("HOOK_PLUGINS_RELOAD", self._reinit)
Exemplo n.º 11
0
    # CSRF string will still match.
    request.add_cookie("CSRF_COOKIE", get_token(request))

    if request.method in ('GET', 'HEAD', 'OPTIONS', 'TRACE'):
        return

    if request.get_origin() != request.get_target_origin():
        raise Exception("Origin check failed")

    if request._csrf_cookie is None:
        raise Exception("CSRF cookie not set")

    # Check non-cookie token for match.
    request_csrf_token = request.arguments.get(CSRF_POST_KEY)
    if not request_csrf_token:
        # Fall back to X-CSRFToken, to make things easier for AJAX,
        # and possible for PUT/DELETE.
        request_csrf_token = request.headers.get("x-csrftoken", '')
        if not request_csrf_token:
            raise Exception("CSRF token has not been provided")

    if not _compare_salted_tokens(request_csrf_token, request._csrf_cookie):
        raise Exception("CSRF token is invalid")


def _rotate_token(user):
    env.request.web.add_cookie("CSRF_COOKIE", _get_new_csrf_token())


hookmanager.register("HOOK_SESSION_CREATE", _rotate_token)