def test_validate_uri(self):
self.clioinfra = Configuration()
if self.clioinfra.not_valid_uri('passwd'):
print self.clioinfra.config['error']
if self.clioinfra.not_valid_uri('`wget'):
print self.clioinfra.config['error']
if self.clioinfra.not_valid_uri('|'):
print self.clioinfra.config['error']
def geofilter():
pids = []
ctrlist = {}
ctrfilter = []
settings = Configuration()
clioinfra = Dataset()
clioindex = clioinfra.clioindex()
columns = [
'1', 'Webmapper code', 'Webmapper numeric code', 'ccode',
'country name', 'start year', 'end year'
]
(classification, geodataset, title,
units) = content2dataframe(settings.config,
settings.config['geocoderhandle'])
settings = DataFilter(request.args)
if settings.selected():
pids = clioinfra.findhandles(settings.selected())
datasets = clioinfra.retrievedatasets(pids)
selection = []
for item in datasets:
dataset = datasets[item]
dataset.columns = dataset.ix[1]
dataset = dataset.convert_objects(convert_numeric=True)
dataset.index = dataset['Webmapper numeric code']
if (settings.minyear()):
dataset = dataset.loc[
dataset['start year'] >= settings.minyear()]
dataset = dataset.loc[
dataset['start year'] <= settings.maxyear()]
for col in columns:
dataset = dataset.drop(col, axis=1)
dataset['total'] = dataset.sum(axis=1)
dataset = dataset.ix[dataset['total'] > 0]
selection.append(dataset.index)
for row in selection:
for countryID in row:
if countryID not in ctrlist:
ctrlist[countryID] = countryID
ctrfilter.append(countryID)
geodataset = geodataset.convert_objects(convert_numeric=True)
geodataset = geodataset.loc[geodataset['start year'] >= settings.minyear()]
geodataset = geodataset.loc[geodataset['start year'] <= settings.maxyear()]
if settings.showframe():
geodataset.index = geodataset['Webmapper numeric code']
if ctrfilter:
geodataset = geodataset.ix[ctrfilter]
(geocoder, geolist, oecd) = buildgeocoder(geodataset, settings.config,
settings.countryfilter())
data = json.dumps(geocoder, encoding="utf-8", sort_keys=True, indent=4)
return Response(data, mimetype='application/json')
def testsearch(self):
settings = Configuration()
dv = "National"
dv = "Micro"
sconnection = ExtrasearchAPI(settings.config['dataverseroot'], dv)
p = sconnection.read_all_datasets()
self.assertTrue(bool(sconnection.read_all_datasets()))
# test if dataset is private
self.assertTrue(bool(sconnection.has_restricted_data("V4Q8XE")))
# test if dataset is public
self.assertFalse(bool(sconnection.has_restricted_data("8FCYOX")))
# test full handle pid
self.assertTrue(
bool(sconnection.has_restricted_data("hdl:10622/V4Q8XE")))
def test_validate_uri(self):
self.clioinfra = Configuration()
self.assertFalse(
self.clioinfra.is_valid_uri(
'http://cliodomain.com/xcxc;`some code'))
# check if passwd can be recognized in uri
self.assertFalse(self.clioinfra.are_parameters_valid('passwd'),
'passwd recognition problem')
# wget instance in uri
self.assertFalse(self.clioinfra.are_parameters_valid('wget` '),
'wget recognition problem')
self.assertFalse(self.clioinfra.are_parameters_valid('curl '),
'curl recognition problem')
# other characters are allowed
self.assertTrue(
self.clioinfra.are_parameters_valid(
"http://data.cliodomain.org/collabs/data/static/"),
'False recognition of characters in url')
# shell injection check
self.assertFalse(
self.clioinfra.are_parameters_valid(
"http://data.cliodomain.org/?export?fileId=12;%cat%20/etc/passw1d%20"
), 'False recognition of characters in url')
def login(settings=''):
name = ''
clioinfra = Configuration()
opensession = {}
openldap = OpenLDAP()
if request.args.get('project'):
opensession['project'] = request.args.get('project')
else:
opensession['project'] = ''
try:
thisuser = openldap.authentificate(request.form.get('login'),
request.form.get('password'))
if thisuser[0][1]['uid'][0]:
session['name'] = thisuser[0][1]['displayName'][0]
session['uid'] = thisuser[0][1]['uid'][0]
if opensession['project']:
session['project'] = opensession['project']
name = str(thisuser[0][1]['displayName'][0])
try:
projectname = session['project']
except:
projectname = ''
if projectname:
sandboxflag = re.search("sandbox", request.url)
if sandboxflag:
projecturl = "%s/%s" % (clioinfra.config['apiroot'],
projectname)
else:
projecturl = "%s/%s" % (clioinfra.config['proxy'], projectname)
return redirect(projecturl, code=302)
else:
return make_response(
render_template('iish/login.html', username=name))
except:
return make_response(render_template('iish/login.html'))
def test_settings(self):
self.clioinfra = Configuration()
self.assertTrue(self.clioinfra.config['dataverseroot'])
self.assertTrue(self.clioinfra.config['apiroot'])
self.assertTrue(self.clioinfra.config['key'])
def upload_file():
if request.method == 'POST':
file = request.files['files']
if file and allowed_file(file.filename):
filename = secure_filename(file.filename)
file.save(os.path.join(app.config['UPLOAD_FOLDER'], filename))
return redirect("%spics/%s" % (request.url_root, filename))
return 'Upload form'
@app.route('/pics/<filename>')
def uploaded_file(filename):
return send_from_directory(app.config['UPLOAD_FOLDER'], filename)
clioinfra = Configuration()
app.secret_key = clioinfra.config['secretkey']
@app.route('/')
def browse(settings=''):
session['name'] = ''
return make_response(render_template('iish/projects.html'))
@app.route('/logout', methods=['GET'])
def logout(settings=''):
session['name'] = ''
try:
if 'project' in session:
sandboxflag = re.search("sandbox", request.url)
def test_ldap(self):
self.clioinfra = Configuration()
self.openldap = OpenLDAP()
thisuser = self.openldap.searchuser("testusername")
thisuser = self.openldap.authentificate("testusername", "passwd")
print thisuser
