def test_flash(user_id):
# Execute the first request flash some message
with application_and_request_context(), login.UserSessionContext(user_id):
session_id = on_succeeded_login(user_id) # Create and activate session
assert session is not None
flash("abc")
assert session.session_info.flashes == ["abc"]
# Now create the second request to get the previously flashed message
with application_and_request_context(), login.UserSessionContext(user_id):
on_access(user_id, session_id)
assert session is not None
assert session.session_info.flashes == ["abc"]
# Get the flashed messages removes the messages from the session
# and subsequent calls to get_flashed_messages return the messages
# over and over.
assert get_flashed_messages() == [HTML("abc")]
assert get_flashed_messages() == [HTML("abc")]
assert session.session_info.flashes == []
# Now create the third request that should not have access to the flashed messages since the
# second one consumed them.
with application_and_request_context(), login.UserSessionContext(user_id):
on_access(user_id, session_id)
assert session is not None
assert session.session_info.flashes == []
assert get_flashed_messages() == []
def page(self) -> None:
watolib.init_wato_datastructures(with_wato_lock=True)
profile_changed = False
if html.request.has_var('_save') and html.check_transaction():
try:
profile_changed = self._action()
except MKUserError as e:
html.add_user_error(e.varname, e)
if profile_changed and config.user.authorized_login_sites():
title = _('Replicate new user profile')
else:
title = self._page_title()
breadcrumb = make_simple_page_breadcrumb(
mega_menu_registry.menu_user(), title)
html.header(title, breadcrumb, self._page_menu(breadcrumb))
for message in get_flashed_messages():
html.show_message(message)
# Now, if in distributed environment where users can login to remote sites, set the trigger for
# pushing the new user profile to the remote sites asynchronously
if profile_changed and config.user.authorized_login_sites():
user_profile_async_replication_page()
return
self._show_form(profile_changed)
def page(self) -> None:
acktime = request.get_float_input_mandatory('acktime', time.time())
if request.var('_confirm'):
_acknowledge_failed_notifications(acktime, time.time())
if user.authorized_login_sites():
watolib.init_wato_datastructures(with_wato_lock=True)
title = _('Replicate user profile')
breadcrumb = make_simple_page_breadcrumb(
mega_menu_registry.menu_monitoring(), title)
html.header(title, breadcrumb)
for message in get_flashed_messages():
html.show_message(message)
# This local import is needed for the moment
import cmk.gui.wato.user_profile # pylint: disable=redefined-outer-name
cmk.gui.wato.user_profile.user_profile_async_replication_page(
back_url="clear_failed_notifications.py")
return
failed_notifications = load_failed_notifications(
before=acktime, after=acknowledged_time())
self._show_page(acktime, failed_notifications)
if request.var('_confirm'):
html.reload_whole_page()
def test_flash_dont_escape_html(user_id, request_context):
now = datetime.now()
with login.UserSessionContext(user_id):
on_succeeded_login(user_id, now) # Create and activate session
flash(HTML("<script>aaa</script>"))
assert get_flashed_messages() == [HTML("<script>aaa</script>")]
def test_flash_escape_html_in_str(user_id, module_wide_request_context):
with login.UserContext(user_id):
on_succeeded_login(user_id) # Create and activate session
flash("<script>aaa</script>")
assert get_flashed_messages() == [
HTML("<script>aaa</script>")
]
def page(self) -> None:
title = _("Replicate user profile")
breadcrumb = make_simple_page_breadcrumb(
mega_menu_registry.menu_user(), title)
html.header(title, breadcrumb, self._page_menu(breadcrumb))
for message in get_flashed_messages():
html.show_message(message)
# Now, if in distributed environment where users can login to remote sites, set the trigger for
# pushing the new user profile to the remote sites asynchronously
user_profile_async_replication_page(
back_url=request.get_url_input("back", "user_profile.py"))
def test_flash(user_id):
environ = create_environ()
# Execute the first request flash some message
with AppContext(DummyApplication(environ, None)), \
RequestContext(htmllib.html(http.Request(environ))) as request, \
login.UserContext(user_id):
session_id = on_succeeded_login(user_id) # Create and activate session
assert request.session is not None
flash("abc")
assert session.session_info.flashes == ["abc"]
# Now create the second request to get the previously flashed message
with AppContext(DummyApplication(environ, None)), \
RequestContext(htmllib.html(http.Request(environ))), \
login.UserContext(user_id):
on_access(user_id, session_id)
assert request.session is not None
assert session.session_info.flashes == ["abc"]
# Get the flashed messages removes the messages from the session
# and subsequent calls to get_flashed_messages return the messages
# over and over.
assert get_flashed_messages() == [HTML("abc")]
assert get_flashed_messages() == [HTML("abc")]
assert session.session_info.flashes == []
# Now create the third request that should not have access to the flashed messages since the
# second one consumed them.
with AppContext(DummyApplication(environ, None)), \
RequestContext(htmllib.html(http.Request(environ))), \
login.UserContext(user_id):
on_access(user_id, session_id)
assert request.session is not None
assert session.session_info.flashes == []
assert get_flashed_messages() == []
def page(self) -> None:
title = self._page_title()
breadcrumb = self._breadcrumb()
html.header(title, breadcrumb, self._page_menu(breadcrumb))
if transactions.check_transaction():
try:
self._action()
except MKUserError as e:
user_errors.add(e)
for message in get_flashed_messages():
html.show_message(message)
html.show_user_errors()
self._show_form()
def page(self) -> None:
title = self._page_title()
breadcrumb = make_simple_page_breadcrumb(mega_menu_registry.menu_user(), title)
html.header(title, breadcrumb, self._page_menu(breadcrumb))
if request.has_var("_save") and transactions.check_transaction():
try:
self._action()
except MKUserError as e:
user_errors.add(e)
for message in get_flashed_messages():
html.show_message(message)
html.show_user_errors()
self._show_form()
def _patch_page(self) -> None:
breadcrumb = _release_notes_breadcrumb()
load_werks()
werk_table_options = _werk_table_options_from_request()
html.header(self._title(),
breadcrumb,
_release_notes_page_menu(breadcrumb, werk_table_options),
page_state=_release_switch(major=False))
for message in get_flashed_messages():
html.show_message(message)
handle_acknowledgement()
render_werks_table(werk_table_options)
html.footer()
def page(self) -> None:
watolib.init_wato_datastructures(with_wato_lock=True)
title = self._page_title()
breadcrumb = make_simple_page_breadcrumb(mega_menu_registry.menu_user(), title)
html.header(title, breadcrumb, self._page_menu(breadcrumb))
if html.request.has_var('_save') and html.check_transaction():
try:
self._action()
except MKUserError as e:
html.add_user_error(e.varname, e)
for message in get_flashed_messages():
html.show_message(message)
if html.has_user_errors():
html.show_user_errors()
self._show_form()
def page(self) -> None:
acktime = request.get_float_input_mandatory("acktime", time.time())
if request.var("_confirm"):
_acknowledge_failed_notifications(acktime, time.time())
if user.authorized_login_sites():
title = _("Replicate user profile")
breadcrumb = make_simple_page_breadcrumb(
mega_menu_registry.menu_monitoring(), title
)
make_header(html, title, breadcrumb)
for message in get_flashed_messages():
html.show_message(message)
user_profile_async_replication_page(back_url="clear_failed_notifications.py")
return
failed_notifications = load_failed_notifications(before=acktime, after=acknowledged_time())
self._show_page(acktime, failed_notifications)
if request.var("_confirm"):
html.reload_whole_page()
def page(self) -> cmk.gui.pages.PageResult:
breadcrumb = make_simple_page_breadcrumb(mega_menu_registry["help_links"], self._title())
load_werks()
werk_table_options = _werk_table_options_from_request()
html.header(
self._title(),
breadcrumb,
self._page_menu(breadcrumb, werk_table_options),
)
for message in get_flashed_messages():
html.show_message(message)
handle_acknowledgement()
html.open_div(class_="wato")
render_werks_table(werk_table_options)
html.close_div()
html.footer()
def _patch_page(self) -> None:
breadcrumb = _release_notes_breadcrumb()
load_werks()
werk_table_options = _werk_table_options_from_request()
html.header(
self._title(),
breadcrumb,
_release_notes_page_menu(breadcrumb, werk_table_options),
)
for message in get_flashed_messages():
html.show_message(message)
handle_acknowledgement()
html.open_div(class_="wato")
render_werks_table(werk_table_options)
html.close_div()
html.footer()
def _wato_page_handler(current_mode: str,
mode_permissions: Optional[List[PermissionName]],
mode_class: Type[WatoMode]) -> None:
try:
init_wato_datastructures(with_wato_lock=not html.is_transaction())
except Exception:
# Snapshot must work in any case
if current_mode == 'snapshot':
pass
else:
raise
# Check general permission for this mode
if mode_permissions is not None and not config.user.may("wato.seeall"):
_ensure_mode_permissions(mode_permissions)
mode = mode_class()
# Do actions (might switch mode)
if html.is_transaction():
try:
config.user.need_permission("wato.edit")
# Even if the user has seen this mode because auf "seeall",
# he needs an explicit access permission for doing changes:
if config.user.may("wato.seeall"):
if mode_permissions:
_ensure_mode_permissions(mode_permissions)
if cmk.gui.watolib.read_only.is_enabled(
) and not cmk.gui.watolib.read_only.may_override():
raise MKUserError(None, cmk.gui.watolib.read_only.message())
result = mode.action()
if isinstance(result, (tuple, str, bool)):
raise MKGeneralException(
f"WatoMode \"{current_mode}\" returns unsupported return value: {result!r}"
)
# We assume something has been modified and increase the config generation ID by one.
update_config_generation()
if config.wato_use_git:
do_git_commit()
# Handle two cases:
# a) Don't render the page content after action
# (a confirm dialog is displayed by the action, or a non-HTML content was sent)
# b) Redirect to another page
if isinstance(result, FinalizeRequest):
raise result
except MKUserError as e:
html.add_user_error(e.varname, str(e))
except MKAuthException as e:
reason = e.args[0]
html.add_user_error(None, reason)
breadcrumb = make_main_menu_breadcrumb(
mode.main_menu()) + mode.breadcrumb()
page_menu = mode.page_menu(breadcrumb)
wato_html_head(title=mode.title(),
breadcrumb=breadcrumb,
page_menu=page_menu,
show_body_start=display_options.enabled(display_options.H),
show_top_heading=display_options.enabled(display_options.T))
if not html.is_transaction() or (cmk.gui.watolib.read_only.is_enabled() and
cmk.gui.watolib.read_only.may_override()):
_show_read_only_warning()
# Show outcome of failed action on this page
if html.has_user_errors():
html.show_user_errors()
# Show outcome of previous page (that redirected to this one)
for message in get_flashed_messages():
html.show_message(message)
# Show content
mode.handle_page()
if is_sidebar_reload_needed():
html.reload_whole_page()
wato_html_footer(show_body_end=display_options.enabled(display_options.H))
def test_flash_dont_escape_html(user_id, module_wide_request_context):
with login.UserSessionContext(user_id):
on_succeeded_login(user_id) # Create and activate session
flash(HTML("<script>aaa</script>"))
assert get_flashed_messages() == [HTML("<script>aaa</script>")]