def _encode_password(password):
settings = get_settings()
## get this secret key from somewhere since the settings come from somewhere else
## return hmac.new(settings['secret'], password, sha256).hexdigest()
return hmac.new('secret key that comes from somewhere not in settings',
password,
sha256).hexdigest()
def _create_static_view(self):
settings = get_settings()
cache_max_age = int(settings.get(self.PUBLIC_CACHE_MAX_AGE,
self.DEFAULT_CACHE_MAX_AGE))
return static_view(settings.get(self.PUBLIC_DIR),
cache_max_age=cache_max_age,
use_subpath=True)
def _create_static_view(self):
settings = get_settings()
cache_max_age = int(
settings.get(self.PUBLIC_CACHE_MAX_AGE,
self.DEFAULT_CACHE_MAX_AGE))
return static_view(settings.get(self.PUBLIC_DIR),
cache_max_age=cache_max_age,
use_subpath=True)
def serialize(self, field, cstruct, readonly=False):
if cstruct in (null, None):
cstruct = ''
confirm = getattr(field, 'confirm', '')
template = readonly and self.readonly_template or self.template
return field.renderer(template, field=field, cstruct=cstruct,
public_key=get_settings()['public_key'],
)
def template(self):
if sys.platform.startswith("java"): # pragma: no cover
raise RuntimeError("Chameleon templates are not compatible with Jython")
settings = get_settings()
debug = False
auto_reload = False
if settings:
# using .get here is a strategy to be kind to old *tests* rather
# than being kind to any existing production system
auto_reload = settings.get("reload_templates")
debug = settings.get("debug_templates")
reg = get_current_registry()
translate = None
if reg is not None:
translate = reg.queryUtility(IChameleonTranslate)
return TextTemplateFile(self.path, auto_reload=auto_reload, debug=debug, translate=translate)
def negotiate_locale_name(request):
""" Negotiate and return the :term:`locale name` associated with
the current request (never cached)."""
try:
registry = request.registry
except AttributeError:
registry = get_current_registry()
negotiator = registry.queryUtility(ILocaleNegotiator,
default=default_locale_negotiator)
locale_name = negotiator(request)
if locale_name is None:
settings = get_settings() or {}
locale_name = settings.get('default_locale_name', 'en')
return locale_name
def template(self):
settings = get_settings()
debug = False
auto_reload = False
if settings:
# using .get here is a strategy to be kind to old *tests* rather
# than being kind to any existing production system
auto_reload = settings.get('reload_templates')
debug = settings.get('debug_templates')
reg = get_current_registry()
translate = None
if reg is not None:
translate = reg.queryUtility(IChameleonTranslate)
return TextTemplateFile(self.path,
auto_reload=auto_reload,
debug=debug,
translate=translate)
def _secure_tile(tile, permission, authn_policy, authz_policy, strict):
"""wraps tile and does security checks.
"""
wrapped_tile = tile
if not authn_policy and not authz_policy:
return tile
def _secured_tile(context, request):
principals = authn_policy.effective_principals(request)
if authz_policy.permits(context, principals, permission):
try:
return tile(context, request)
except Exception, e:
raise
msg = getattr(request, 'authdebug_message',
'Unauthorized: tile %s failed permission check' % tile)
if strict:
raise Forbidden(msg)
settings = get_settings()
if settings.get('debug_authorization', False):
logger = IDebugLogger()
logger.debug(msg)
return u''
def renderer_factory(path):
from mako.lookup import TemplateLookup
registry = get_current_registry()
lookup = registry.queryUtility(IMakoLookup)
if lookup is None:
settings = get_settings() or {}
reload_templates = settings.get('reload_templates', False)
directories = settings.get('mako.directories')
module_directory = settings.get('mako.module_directory')
input_encoding = settings.get('mako.input_encoding', 'utf-8')
if directories is None:
raise ConfigurationError(
'Mako template used without a lookup path')
directories = directories.splitlines()
directories = [ abspath_from_resource_spec(d) for d in directories ]
lookup = TemplateLookup(directories=directories,
module_directory=module_directory,
input_encoding=input_encoding,
filesystem_checks=reload_templates)
registry.registerUtility(lookup, IMakoLookup)
_, path = resolve_resource_spec(path)
return MakoLookupTemplateRenderer(path, lookup)
def deserialize(self, field, pstruct):
if pstruct is null:
return null
challenge = pstruct.get('recaptcha_challenge_field') or ''
response = pstruct.get('recaptcha_response_field') or ''
if not response:
raise Invalid(field.schema, 'No input')
if not challenge:
raise Invalid(field.schema, 'Missing challenge')
privatekey = get_settings()['private_key']
remoteip = self.request.remote_addr
data = urlencode(dict(privatekey=privatekey,
remoteip=remoteip,
challenge=challenge,
response=response))
h = httplib2.Http(timeout=10)
try:
resp, content = h.request(self.url,
"POST",
headers=self.headers,
body=data)
except AttributeError as e:
if e=="'NoneType' object has no attribute 'makefile'":
## XXX: catch a possible httplib regression in 2.7 where
## XXX: there is no connextion made to the socker so
## XXX sock is still None when makefile is called.
raise Invalid(field.schema,
"Could not connect to the captcha service.")
if not resp['status'] == '200':
raise Invalid(field.schema,
"There was an error talking to the recaptcha \
server{0}".format(resp['status']))
valid, reason = content.split('\n')
if not valid == 'true':
if reason == 'incorrect-captcha-sol':
reason = "Incorrect solution"
raise Invalid(field.schema, reason.replace('\\n', ' ').strip("'") )
return pstruct
def _callFUT(self):
from pyramid.settings import get_settings
return get_settings()
def check_password(self, password):
settings = get_settings()
return self.passhash == hmac.new(settings['secret'], password, sha256).hexdigest()
def set_password(self, password):
settings = get_settings()
return hmac.new(settings['secret'], password, sha256).hexdigest()
def _reload_resources():
settings = get_settings()
return settings and settings.get('reload_resources')
def _callFUT(self):
from pyramid.settings import get_settings
return get_settings()
def config(self):
settings = get_settings()
config = settings['config']
return importString(config)
