def error(request):
code = int(request.params.get("code", "500"))
if code == 403:
raise HTTPForbidden("bam")
if code == 401:
e = HTTPUnauthorized()
e.headers["WWW-Authenticate"] = 'Basic realm="Access to staging site"'
raise e
if code == 301:
raise HTTPMovedPermanently(location="http://www.camptocamp.com/en/")
if code == 204:
raise HTTPNoContent()
if request.params.get("db", "0") == "dup":
for _ in range(2):
models.DBSession.add(models.Hello(value="toto"))
elif request.params.get("db", "0") == "data":
models.DBSession.add(models.Hello(id="abcd", value="toto"))
else:
raise Exception("boom")
return {"status": 200}
def error(request):
code = int(request.params.get('code', '500'))
if code == 403:
raise HTTPForbidden('bam')
elif code == 401:
e = HTTPUnauthorized()
e.headers['WWW-Authenticate'] = 'Basic realm="Access to staging site"'
raise e
elif code == 301:
raise HTTPMovedPermanently(location="http://www.camptocamp.com/en/")
elif code == 204:
raise HTTPNoContent()
elif request.params.get('db', '0') == 'dup':
for _ in range(2):
models.DBSession.add(models.Hello(value='toto'))
elif request.params.get('db', '0') == 'data':
models.DBSession.add(models.Hello(id='abcd', value='toto'))
else:
raise Exception('boom')
return {'status': 200}
def project_detail(project, request):
if project.name != request.matchdict.get("name", project.name):
return HTTPMovedPermanently(
request.current_route_path(name=project.name),
)
try:
release = (
request.db.query(Release)
.filter(Release.project == project)
.order_by(
Release.is_prerelease.nullslast(),
Release._pypi_ordering.desc())
.limit(1)
.one()
)
except NoResultFound:
return HTTPNotFound()
return release_detail(release, request)
def main(global_config, **settings):
authn_policy = AuthTktAuthenticationPolicy(
secret='changemeplease')
authz_policy = ACLAuthorizationPolicy()
session_factory = UnencryptedCookieSessionFactoryConfig(
settings['session.secret'])
config = Configurator(settings=settings, session_factory=session_factory)
config.set_authentication_policy(authn_policy)
config.set_authorization_policy(authz_policy)
config.add_static_view('/app', 'static', cache_max_age=3600)
config.add_view(lambda r: HTTPMovedPermanently(location='/app/index.html'),
context='pyramid.httpexceptions.HTTPNotFound')
config.include("cornice")
config.scan("spacehub.views")
engine = create_engine(db_url)
initialize_sql(engine)
return config.make_wsgi_app()
def journals_list(project, request):
q = request.params.get("q")
project_name = request.matchdict["project_name"]
if project_name != project.normalized_name:
raise HTTPMovedPermanently(
request.current_route_path(project_name=project.normalized_name)
)
try:
page_num = int(request.params.get("page", 1))
except ValueError:
raise HTTPBadRequest("'page' must be an integer.") from None
journals_query = (
request.db.query(JournalEntry)
.options(joinedload("submitted_by"))
.filter(JournalEntry.name == project.name)
.order_by(JournalEntry.submitted_date.desc(), JournalEntry.id.desc())
)
if q:
terms = shlex.split(q)
filters = []
for term in terms:
if ":" in term:
field, value = term.split(":", 1)
if field.lower() == "version":
filters.append(JournalEntry.version.ilike(value))
journals_query = journals_query.filter(or_(*filters))
journals = SQLAlchemyORMPage(
journals_query,
page=page_num,
items_per_page=25,
url_maker=paginate_url_factory(request),
)
return {"journals": journals, "project": project, "query": q}
def project_detail(project, request):
project_name = request.matchdict["project_name"]
if project_name != project.normalized_name:
raise HTTPMovedPermanently(
request.current_route_path(
project_name=project.normalized_name,
),
)
maintainers = [
role
for role in (
request.db.query(Role)
.join(User)
.filter(Role.project == project)
.distinct(User.username)
.all()
)
]
maintainers = sorted(
maintainers,
key=lambda x: (x.role_name, x.user.username),
)
journal = [
entry
for entry in (
request.db.query(JournalEntry)
.filter(JournalEntry.name == project.name)
.order_by(JournalEntry.submitted_date.desc())
.limit(50)
)
]
return {
"project": project,
"maintainers": maintainers,
"journal": journal,
"ONE_MB": ONE_MB,
"MAX_FILESIZE": MAX_FILESIZE
}
def canonical_redirect(event):
request = event['request']
# Ignore subrequests
if len(manager.stack) > 1:
return
if request.method not in ('GET', 'HEAD'):
return
if request.response.status_int != 200:
return
if not request.environ.get('encoded.canonical_redirect', True):
return
if request.path_info == '/':
return
if not isinstance(event.rendering_val, dict):
return
canonical = event.rendering_val.get('@id', None)
if canonical is None:
return
canonical_path, _, canonical_qs = canonical.partition('?')
request_path = _join_path_tuple(('', ) +
split_path_info(request.path_info))
if (request_path == canonical_path.rstrip('/')
and request.path_info.endswith('/') == canonical_path.endswith('/')
and (canonical_qs in ('', request.query_string))):
return
if '/@@' in request.path_info:
return
if (parse_qs(canonical_qs) == parse_qs(request.query_string)
and '/suggest' in request_path):
return
qs = canonical_qs or request.query_string
location = canonical_path + ('?' if qs else '') + qs
raise HTTPMovedPermanently(location=location)
def releases_list(project, request):
q = request.params.get("q")
project_name = request.matchdict["project_name"]
if project_name != project.normalized_name:
raise HTTPMovedPermanently(
request.current_route_path(
project_name=project.normalized_name, ), )
try:
page_num = int(request.params.get("page", 1))
except ValueError:
raise HTTPBadRequest("'page' must be an integer.") from None
releases_query = (request.db.query(Release).filter(
Release.project == project).order_by(Release._pypi_ordering.desc()))
if q:
terms = shlex.split(q)
filters = []
for term in terms:
if ":" in term:
field, value = term.split(":", 1)
if field.lower() == "version":
filters.append(Release.version.ilike(value))
releases_query = releases_query.filter(or_(*filters))
releases = SQLAlchemyORMPage(
releases_query,
page=page_num,
items_per_page=25,
url_maker=paginate_url_factory(request),
)
return {
"releases": releases,
"project": project,
"query": q,
}
def get(self):
# LEGACY CODE. ROUTE MOVED TO API V2
# discussion_id = self.request.swagger_data['discussion_id']
# try:
# discussion = UserDiscussion.get(self.user, discussion_id)
# except NotFound:
# raise ResourceNotFound('No such discussion %r' % discussion_id)
#
# dim = DIM(self.user.id)
#
# indexed_discussion = dim.get_by_id(discussion_id)
# if indexed_discussion:
# resp = build_discussion(discussion, indexed_discussion)
# else:
# raise ResourceNotFound(
# 'Discussion {} not found in index'.format(discussion_id))
#
# return resp
discussion_id = self.request.swagger_data['discussion_id']
raise HTTPMovedPermanently(location="/v2/messages?discussion_id=" +
discussion_id)
def simple_detail(project, request):
# TODO: Handle files which are not hosted on PyPI
# Make sure that we're using the normalized version of the URL.
if project.normalized_name != request.matchdict.get(
"name", project.normalized_name):
return HTTPMovedPermanently(
request.current_route_path(name=project.normalized_name))
# Get the latest serial number for this project.
request.response.headers["X-PyPI-Last-Serial"] = str(project.last_serial)
# Get all of the files for this project.
files = sorted(
request.db.query(File).options(joinedload(
File.release)).join(Release).filter(
Release.project == project).all(),
key=lambda f: (parse(f.release.version), f.filename),
)
return {"project": project, "files": files}
def simple_detail(project, request):
# TODO: Handle files which are not hosted on PyPI
# Make sure that we're using the normalized version of the URL.
if (project.normalized_name != request.matchdict.get(
"name", project.normalized_name)):
return HTTPMovedPermanently(
request.current_route_path(name=project.normalized_name), )
# Get the latest serial number for this project.
serial = (request.db.query(func.max(
JournalEntry.id)).filter(JournalEntry.name == project.name).scalar())
request.response.headers["X-PyPI-Last-Serial"] = serial or 0
# Get all of the files for this project.
files = (request.db.query(File).filter(
File.name == project.name,
File.version.in_(project.releases.with_entities(
Release.version))).order_by(File.filename).all())
return {"project": project, "files": files}
def __init__(self,
data,
request=None,
disposition='attachment',
cache_max_age=None,
content_type=None,
content_encoding=None):
if data._public_url:
raise HTTPMovedPermanently(data._public_url)
filename = data.filename
content_type = content_type or getattr(data, 'content_type', None)
if content_type is None:
content_type, content_encoding = \
mimetypes.guess_type(filename, strict=False)
if content_type is None:
content_type = 'application/octet-stream'
# str-ifying content_type is a workaround for a bug in Python 2.7.7
# on Windows where mimetypes.guess_type returns unicode for the
# content_type.
content_type = str(content_type)
super(UploadedFileResponse,
self).__init__(conditional_response=True,
content_type=content_type,
content_encoding=content_encoding)
self.app_iter = FileIter(data.file, _BLOCK_SIZE)
# assignment of content_length must come after assignment of app_iter
self.content_length = data.file.content_length
self.last_modified = data.file.last_modified
if cache_max_age is not None:
self.cache_expires = cache_max_age
disp = '{0};filename="{1}"'.format(
disposition, data.filename.encode('ascii', 'ignore'))
self.headerlist.append(('Content-Disposition', disp))
def _redirect(self, id, lang, slug=None, is_lang_set=False):
scheme = self.request.scheme
if slug is None:
location = self.request.route_url(self._API_ROUTE +
'_view_id_lang',
id=id,
lang=lang,
_scheme=scheme)
else:
location = self.request.route_url(self._API_ROUTE + '_view',
id=id,
lang=lang,
slug=slug,
_scheme=scheme)
if is_lang_set:
raise HTTPMovedPermanently(location=location)
else:
# The original URL had no lang param, which means it had to be
# figured out according to the user's interface and available
# langs => the redirection cannot be permanent since it may differ
# from one user to another.
raise HTTPFound(location=location)
def release_detail(release, request):
project = release.project
if project.name != request.matchdict.get("name", project.name):
return HTTPMovedPermanently(
request.current_route_path(name=project.name),
)
# Get all of the registered versions for this Project, in order of newest
# to oldest.
all_releases = (
request.db.query(Release)
.filter(Release.project == project)
.with_entities(Release.version, Release.created)
.order_by(Release._pypi_ordering.desc())
.all()
)
# Get all of the maintainers for this project.
maintainers = [
r.user
for r in (
request.db.query(Role)
.join(User)
.filter(Role.project == project)
.distinct(User.username)
.order_by(User.username)
.all()
)
]
return {
"project": project,
"release": release,
"files": release.files.all(),
"all_releases": all_releases,
"maintainers": maintainers,
}
def idea_vote(request):
post_data = request.POST
target = post_data.get('target')
session = DBSession()
idea = Idea.get_by_id(target, with_joinedload=False)
voter_username = authenticated_userid(request)
voter = User.get_by_username(voter_username)
redirect_url = route_url('idea', request, idea_id=idea.idea_id)
response = HTTPMovedPermanently(location=redirect_url)
if voter.user_id == idea.author_id:
request.session.flash(u'You cannot vote on your own ideas.')
return response
if post_data.get('form.vote_hit'):
idea.vote(voter, True)
elif post_data.get('form.vote_miss'):
idea.vote(voter, False)
session.flush()
return response
def get_shortener_topic(request: Request) -> NoReturn:
"""Redirect to the full permalink for a topic."""
site_name = request.registry.settings["tildes.site_name"]
destination = f"https://{site_name}{request.context.permalink}"
raise HTTPMovedPermanently(location=destination)
def get_shortener_group(request: Request) -> NoReturn:
"""Redirect to the base path of a group."""
site_name = request.registry.settings["tildes.site_name"]
destination = f"https://{site_name}/~{request.context.path}"
raise HTTPMovedPermanently(location=destination)
def json_release(release, request):
project = release.project
if project.name != request.matchdict.get("name", project.name):
return HTTPMovedPermanently(
request.current_route_path(name=project.name), )
# We want to allow CORS here to enable anyone to fetch data from this API
request.response.headers["Access-Control-Allow-Origin"] = "*"
request.response.headers["Access-Control-Allow-Headers"] = ", ".join([
"Content-Type",
"If-Match",
"If-Modified-Since",
"If-None-Match",
"If-Unmodified-Since",
])
request.response.headers["Access-Control-Allow-Methods"] = "GET"
request.response.headers["Access-Control-Max-Age"] = "86400"
request.response.headers["Access-Control-Expose-Headers"] = ", ".join([
"X-PyPI-Last-Serial",
])
# Get the latest serial number for this project.
serial = (request.db.query(func.max(
JournalEntry.id)).filter(JournalEntry.name == project.name).scalar())
request.response.headers["X-PyPI-Last-Serial"] = str(serial or 0)
# Get all of the releases and files for this project.
release_files = (request.db.query(Release, File).outerjoin(File).filter(
Release.project == project).order_by(Release._pypi_ordering.desc(),
File.filename).all())
# Map our releases + files into a dictionary that maps each release to a
# list of all its files.
releases = {}
for r, file_ in release_files:
files = releases.setdefault(r, [])
if file_ is not None:
files.append(file_)
# Serialize our database objects to match the way that PyPI legacy
# presented this data.
releases = {
r.version: [{
"filename": f.filename,
"packagetype": f.packagetype,
"python_version": f.python_version,
"has_sig": f.has_signature,
"comment_text": f.comment_text,
"md5_digest": f.md5_digest,
"size": f.size,
"downloads": f.downloads,
"upload_time": f.upload_time.strftime("%Y-%m-%dT%H:%M:%S"),
"url": request.route_url("packaging.file", path=f.path),
} for f in fs]
for r, fs in releases.items()
}
# Get our stats service
stats_svc = request.find_service(IDownloadStatService)
return {
"info": {
"name":
project.name,
"version":
release.version,
"summary":
release.summary,
"description":
release.description,
"keywords":
release.keywords,
"license":
release.license,
"classifiers":
list(release.classifiers),
"author":
release.author,
"author_email":
release.author_email,
"maintainer":
release.maintainer,
"maintainer_email":
release.maintainer_email,
"requires_python":
release.requires_python,
"platform":
release.platform,
"downloads": {
"last_day": stats_svc.get_daily_stats(project.name),
"last_week": stats_svc.get_weekly_stats(project.name),
"last_month": stats_svc.get_monthly_stats(project.name),
},
"project_url":
request.route_url(
"packaging.project",
name=project.name,
),
"release_url":
request.route_url(
"packaging.release",
name=project.name,
version=release.version,
),
"docs_url":
project.documentation_url,
"bugtrack_url":
project.bugtrack_url,
"home_page":
release.home_page,
"download_url":
release.download_url,
},
"urls": releases[release.version],
"releases": releases,
}
def account_redirect(request):
_ = request.translate
return HTTPMovedPermanently(location=request.route_url('account'))
def json_project_slash(project, request):
return HTTPMovedPermanently(
# Respond with redirect to url without trailing slash
request.route_path("legacy.api.json.project", name=project.name),
headers=_CORS_HEADERS,
)
def canonicalize_resource_url(request, resource):
canon_url = request.resource_url(resource)
if canon_url != request.path_url:
if request.query_string:
canon_url += '?' + request.query_string
raise HTTPMovedPermanently(location=canon_url)
def search(request):
return HTTPMovedPermanently(
request.route_path("search", _query={"q": request.params.get("term")}))
def search(request):
return HTTPMovedPermanently(
request.route_path('search', _query={'q': request.params.get('term')}))
def profile(user, request):
if user.username != request.matchdict.get("username", user.username):
return HTTPMovedPermanently(
request.current_route_path(username=user.username), )
return {"user": user}
def redirector(request):
return HTTPMovedPermanently(request.route_url('home', discussion_slug=request.matchdict.get('discussion_slug')))
def json_release(release, request):
project = release.project
if project.name != request.matchdict.get("name", project.name):
return HTTPMovedPermanently(
request.current_route_path(name=project.name),
headers=_CORS_HEADERS)
# Apply CORS headers.
request.response.headers.update(_CORS_HEADERS)
# Get the latest serial number for this project.
request.response.headers["X-PyPI-Last-Serial"] = str(project.last_serial)
# Get all of the releases and files for this project.
release_files = (request.db.query(Release, File).options(
Load(Release).load_only("version", "requires_python", "yanked",
"yanked_reason")).outerjoin(File).filter(
Release.project == project).order_by(
Release._pypi_ordering.desc(),
File.filename).all())
# Map our releases + files into a dictionary that maps each release to a
# list of all its files.
releases = {}
for r, file_ in release_files:
files = releases.setdefault(r, [])
if file_ is not None:
files.append(file_)
# Serialize our database objects to match the way that PyPI legacy
# presented this data.
releases = {
r.version: [
{
"filename": f.filename,
"packagetype": f.packagetype,
"python_version": f.python_version,
"has_sig": f.has_signature,
"comment_text": f.comment_text,
"md5_digest": f.md5_digest,
"digests": {
"md5": f.md5_digest,
"sha256": f.sha256_digest
},
"size": f.size,
# TODO: Remove this once we've had a long enough time with it
# here to consider it no longer in use.
"downloads": -1,
"upload_time": f.upload_time.strftime("%Y-%m-%dT%H:%M:%S"),
"upload_time_iso_8601": f.upload_time.isoformat() + "Z",
"url": request.route_url("packaging.file", path=f.path),
"requires_python":
r.requires_python if r.requires_python else None,
"yanked": r.yanked,
"yanked_reason": r.yanked_reason or None,
} for f in fs
]
for r, fs in releases.items()
}
# Serialize a list of vulnerabilties for this release
vulnerabilities = [{
"id": vulnerability_record.id,
"source": vulnerability_record.source,
"link": vulnerability_record.link,
"aliases": vulnerability_record.aliases,
"details": vulnerability_record.details,
"fixed_in": vulnerability_record.fixed_in,
} for vulnerability_record in release.vulnerabilities]
return {
"info": {
"name":
project.name,
"version":
release.version,
"summary":
release.summary,
"description_content_type":
release.description.content_type,
"description":
release.description.raw,
"keywords":
release.keywords,
"license":
release.license,
"classifiers":
list(release.classifiers),
"author":
release.author,
"author_email":
release.author_email,
"maintainer":
release.maintainer,
"maintainer_email":
release.maintainer_email,
"requires_python":
release.requires_python,
"platform":
release.platform,
"downloads": {
"last_day": -1,
"last_week": -1,
"last_month": -1
},
"package_url":
request.route_url("packaging.project", name=project.name),
"project_url":
request.route_url("packaging.project", name=project.name),
"project_urls":
OrderedDict(release.urls) if release.urls else None,
"release_url":
request.route_url("packaging.release",
name=project.name,
version=release.version),
"requires_dist":
(list(release.requires_dist) if release.requires_dist else None),
"docs_url":
project.documentation_url,
"bugtrack_url":
None,
"home_page":
release.home_page,
"download_url":
release.download_url,
"yanked":
release.yanked,
"yanked_reason":
release.yanked_reason or None,
},
"urls": releases[release.version],
"releases": releases,
"vulnerabilities": vulnerabilities,
"last_serial": project.last_serial,
}
def redirector(request):
return HTTPMovedPermanently(
request.route_url(name,
_query=request.GET,
**request.matchdict,
**kw))
def release_detail(release, request):
project = release.project
if project.name != request.matchdict.get("name", project.name):
return HTTPMovedPermanently(
request.current_route_path(name=project.name),
)
# Get all of the registered versions for this Project, in order of newest
# to oldest.
all_releases = (
request.db.query(Release)
.filter(Release.project == project)
.with_entities(
Release.version,
Release.is_prerelease,
Release.created)
.order_by(Release._pypi_ordering.desc())
.all()
)
# Get the latest non-prerelease of this Project, or the latest release if
# all releases are prereleases.
latest_release = first(
all_releases,
key=lambda r: not r.is_prerelease,
default=all_releases[0],
)
# Get all of the maintainers for this project.
maintainers = [
r.user
for r in (
request.db.query(Role)
.join(User)
.filter(Role.project == project)
.distinct(User.username)
.order_by(User.username)
.all()
)
]
# Get the license from the classifiers or metadata, preferring classifiers.
license = None
if release.license:
# Make a best effort when the entire license text is given
# by using the first line only.
license = release.license.split('\n')[0]
license_classifiers = [c.split(" :: ")[-1] for c in release.classifiers
if c.startswith("License")]
if license_classifiers:
license = ', '.join(license_classifiers)
return {
"project": project,
"release": release,
"files": release.files.all(),
"latest_release": latest_release,
"all_releases": all_releases,
"maintainers": maintainers,
"license": license,
}
def add_slash_redirect(self, request):
url = request.path_url + '/'
qs = request.query_string
if qs:
url = url + '?' + qs
raise HTTPMovedPermanently(url)
def replacement(id_):
raise HTTPMovedPermanently(
location=req.route_url(model.__name__.lower(), id=id_))
