def urlencode(self, safe=None): """ Returns an encoded string of all query string arguments. :arg safe: Used to specify characters which do not require quoting, for example:: >>> q = QueryDict('', mutable=True) >>> q['next'] = '/a&b/' >>> q.urlencode() 'next=%2Fa%26b%2F' >>> q.urlencode(safe='/') 'next=/a%26b/' """ output = [] if safe: safe = force_bytes(safe, self.encoding) encode = lambda k, v: '%s=%s' % ((quote(k, safe), quote(v, safe))) else: encode = lambda k, v: urlencode({k: v}) for k, list_ in self.lists(): k = force_bytes(k, self.encoding) output.extend(encode(k, force_bytes(v, self.encoding)) for v in list_) return '&'.join(output)
def getCacheEntry(request, viewType, skipCentralRefresh = False, isData = False): isCache = cacheIsAvailable(request) if isCache: is_json = False # We do this check to always rebuild cache for the page when it called from the crawler if (('HTTP_X_FORWARDED_FOR' in request.META) and (request.META['HTTP_X_FORWARDED_FOR'] in notcachedRemoteAddress) and skipCentralRefresh == False): return None request._cache_update_cache = False if ((('HTTP_ACCEPT' in request.META) and (request.META.get('HTTP_ACCEPT') in ('application/json'))) or ( 'json' in request.GET)): is_json = True key_prefix = "%s_%s_%s_" % (is_json, djangosettings.CACHE_MIDDLEWARE_KEY_PREFIX, viewType) if isData==False: try: if request.method == "POST": path = hashlib.md5(encoding.force_bytes(encoding.iri_to_uri(request.get_full_path() + '?' + request.body))) else: path = hashlib.md5(encoding.force_bytes(encoding.iri_to_uri(request.get_full_path()))) except: path = hashlib.md5(encoding.force_bytes(encoding.iri_to_uri(request.get_full_path()))) cache_key = '%s.%s' % (key_prefix, path.hexdigest()) return cache.get(cache_key, None) else: if 'harvester' in request.META['PATH_INFO']: is_json = False key_prefix = "%s_%s_%s_" % (is_json, djangosettings.CACHE_MIDDLEWARE_KEY_PREFIX, viewType) cache_key = '%s' % (key_prefix) return cache.get(cache_key, None) else: return None
def get_auth_token(cls, user_id): # Generate an auth token for the user id of a connection. return hmac.new( force_bytes(settings.SECRET_KEY), force_bytes(user_id), hashlib.sha1 ).hexdigest()
def generic(self, method, path, data='', content_type='application/octet-stream', secure=False, **extra): """Constructs an arbitrary HTTP request.""" parsed = urlparse(force_str(path)) data = force_bytes(data, settings.DEFAULT_CHARSET) r = { 'PATH_INFO': self._get_path(parsed), 'REQUEST_METHOD': str(method), 'SERVER_PORT': str('443') if secure else str('80'), 'wsgi.url_scheme': str('https') if secure else str('http'), } if data: r.update({ 'CONTENT_LENGTH': len(data), 'CONTENT_TYPE': str(content_type), 'wsgi.input': FakePayload(data), }) r.update(extra) # If QUERY_STRING is absent or empty, we want to extract it from the URL. if not r.get('QUERY_STRING'): query_string = force_bytes(parsed[4]) # WSGI requires latin-1 encoded strings. See get_path_info(). if six.PY3: query_string = query_string.decode('iso-8859-1') r['QUERY_STRING'] = query_string return self.request(**r)
def _reset_password(error_message=''): ''' subfunction used to reset password ''' if request.method == "POST" and request.POST['reset_pass']: if not request.POST['reset_email']: error_message = 'Email field are empty.' else: associated_users= User.objects.filter(Q(email=request.POST['reset_email'])|Q(username=request.POST['reset_email'])) if associated_users.exists(): for user in associated_users: email_temp_data = Context({ 'email': user.email, 'domain': request.META['HTTP_HOST'], 'site_name': '127.0.0.2:8000', 'uid': urlsafe_base64_encode(force_bytes(user.pk)), 'time': urlsafe_base64_encode(force_bytes(datetime.now())), 'user': user, 'token': default_token_generator.make_token(user), 'protocol': 'http', }) text_subject = get_template('chtor_admin/_res_/reset_subject.txt').render() html_content = get_template('chtor_admin/_res_/reset_email.html').render(email_temp_data) msg = EmailMultiAlternatives(text_subject, html_content, '*****@*****.**', [request.POST['reset_email']]) msg.content_subtype = "html" msg.send() messages.error(request, error_message) return render(request, 'chtor_admin/reset_password_done.html', { 'email': user.email }) else: messages.error(request, 'This username does not exist in the system.') return render(request, 'chtor_admin/reset_password.html') # send_mail('Subject here', 'Here is the message.', '*****@*****.**', [request.POST['reset_email']], fail_silently=False) messages.error(request, error_message) return render(request, 'chtor_admin/reset_password.html')
def salted_hmac(key_salt, value, secret=None): """ Returns the HMAC-HASH of 'value', using a key generated from key_salt and a secret (which defaults to settings.SECRET_KEY). A different key_salt should be passed in for every application of HMAC. :type key_salt: any :type value: any :type secret: any :rtype: HMAC """ if secret is None: secret = settings.SECRET_KEY key_salt = force_bytes(key_salt) secret = force_bytes(secret) # We need to generate a derived key from our base key. We can do this by # passing the key_salt and our base key through a pseudo-random function and # SHA1 works nicely. digest = hashes.Hash(settings.CRYPTOGRAPHY_DIGEST, backend=settings.CRYPTOGRAPHY_BACKEND) digest.update(key_salt + secret) key = digest.finalize() # If len(key_salt + secret) > sha_constructor().block_size, the above # line is redundant and could be replaced by key = key_salt + secret, since # the hmac module does the same thing for keys longer than the block size. # However, we need to ensure that we *always* do this. h = HMAC(key, settings.CRYPTOGRAPHY_DIGEST, backend=settings.CRYPTOGRAPHY_BACKEND) h.update(force_bytes(value)) return h
def build_absolute_uri(self, path=None, parameters=None): """ Returns absolute uri to the specified `path` with optional query string `parameters`. If no `path` is provided, the current request full path (including query string) will be used and extended by optional `parameters`. """ params = {} if path: uri = self.request.build_absolute_uri('/%s%s' % (self.api.path, path)) else: params = dict(self.parameters) uri = self.request.build_absolute_uri(self.request.path) enc = self.request.GET.encoding # todo: change to internal restosaur settings params.update(parameters or {}) params = dict(map(lambda x: (force_bytes(x[0], enc), force_bytes(x[1], enc)), params.items())) if params: return '%s?%s' % (uri, urllib.urlencode(params)) else: return uri
def add_attributes(field): if verbose_names and field.verbose_name: label = force_bytes(field.verbose_name) if label.islower(): label = label.capitalize() else: label = force_bytes(field.name) t = type(field).__name__ if isinstance(field, (OneToOneField, ForeignKey)): t += " ({0})".format(field.rel.field_name) # TODO: ManyToManyField, GenericRelation model['fields'].append({ 'name': field.name, 'label': label, 'type': t, 'blank': field.blank, 'abstract': field in abstract_fields, 'relation': isinstance(field, RelatedField), 'primary_key': field.primary_key, 'verbose_name': field.verbose_name if hasattr(field, 'verbose_name') else '', 'auto_now': field.auto_now if hasattr(field, 'auto_now') else False, 'auto_now_add': field.auto_now_add if hasattr(field, 'auto_now_add') else False, 'auto_created': field.auto_created if hasattr(field, 'auto_created') else False, 'choices': bool(getattr(field, 'choices')), })
def test_user_can_reset_password(self): url = reverse("password_new") beverly = UserFactory(username="******") beverly.set_password("jack") beverly.save() mismatch_password_data = { "uid": urlsafe_base64_encode(force_bytes(beverly.pk)).decode(), "token": default_token_generator.make_token(beverly), "password": encode_string("wesley"), "confirm_password": encode_string("WESLEY") } response = self.client.post(url, mismatch_password_data, format='json') self.assertEqual(response.status_code, 400) self.assertFalse(User.objects.get(username='******').check_password('wesley')) bad_uid_data = { "uid": urlsafe_base64_encode(force_bytes(UserFactory().pk)).decode(), "token": default_token_generator.make_token(beverly), "password": encode_string("wesley"), "confirm_password": encode_string("wesley") } response = self.client.post(url, bad_uid_data, format='json') self.assertEqual(response.status_code, 400) self.assertFalse(User.objects.get(username='******').check_password('wesley')) good_data = { "uid": urlsafe_base64_encode(force_bytes(beverly.pk)).decode(), "token": default_token_generator.make_token(beverly), "password": encode_string("wesley"), "confirm_password": encode_string("wesley") } self.assertSchemaPost(url, "$setPasswordRequest", "$userResponse", good_data, None, status_OK=True) self.assertTrue(User.objects.get(username='******').check_password('wesley'))
def walk_storage(path, topdown=True, onerror=None, followlinks=False, storage=default_storage): """ Generate the file names in a stored directory tree by walking the tree top-down. For each directory in the tree rooted at the directory top (including top itself), it yields a 3-tuple (dirpath, dirnames, filenames). This is intended for use with an implementation of the Django storage API. You can specify something other than the default storage instance with the storage keyword argument. """ if not topdown: raise NotImplementedError if onerror: raise NotImplementedError roots = [path] while len(roots): new_roots = [] for root in roots: dirs, files = storage.listdir(root) files = [force_bytes(f) for f in files] dirs = [force_bytes(d) for d in dirs] yield root, dirs, files for dn in dirs: new_roots.append('%s/%s' % (root, dn)) roots[:] = new_roots
def add_relation(field, extras=""): if verbose_names and field.verbose_name: label = force_bytes(field.verbose_name) if label.islower(): label = label.capitalize() else: label = force_bytes(field.name) # show related field name if hasattr(field, 'related_query_name'): related_query_name = field.related_query_name() if verbose_names and related_query_name.islower(): related_query_name = related_query_name.replace('_', ' ').capitalize() label += force_bytes(' ({})'.format(related_query_name)) # handle self-relationships and lazy-relationships if isinstance(field.rel.to, six.string_types): if field.rel.to == 'self': target_model = field.model else: raise Exception("Lazy relationship for model (%s) must be explicit for field (%s)" % (field.model.__name__, field.name)) else: target_model = field.rel.to _rel = { 'target_app': target_model.__module__.replace('.', '_'), 'target': target_model.__name__, 'type': type(field).__name__, 'name': field.name, 'label': label, 'arrows': extras, 'needs_node': True } if _rel not in model['relations'] and consider(_rel['target']): model['relations'].append(_rel)
def get_outgoing_url(url): """ Bounce a URL off an outgoing URL redirector, such as outgoing.prod.mozaws.net. """ if not settings.REDIRECT_URL: return url # django.utils.http._urlparse is a copy of python's urlparse() # "but uses fixed urlsplit() function". parsed_url = django_urlparse(url) url_netloc = parsed_url.netloc # This prevents a link like javascript://addons.mozilla.org... # being returned unchanged since the netloc matches the # safe list see bug 1251023 if parsed_url.scheme not in ['http', 'https']: return '/' # No double-escaping, and some domain names are excluded. if (url_netloc == django_urlparse(settings.REDIRECT_URL).netloc or url_netloc in settings.REDIRECT_URL_ALLOW_LIST): return url url = force_bytes(jinja2.utils.Markup(url).unescape()) sig = hmac.new(force_bytes(settings.REDIRECT_SECRET_KEY), msg=url, digestmod=hashlib.sha256).hexdigest() # Let '&=' through so query params aren't escaped. We probably shouldn't # bother to quote the query part at all. return '/'.join([settings.REDIRECT_URL.rstrip('/'), sig, quote(url, safe='/&=')])
def add_relation(self, field, model, extras=""): if self.verbose_names and field.verbose_name: label = force_bytes(field.verbose_name) if label.islower(): label = label.capitalize() else: label = field.name # show related field name if hasattr(field, 'related_query_name'): related_query_name = field.related_query_name() if self.verbose_names and related_query_name.islower(): related_query_name = related_query_name.replace('_', ' ').capitalize() label = '{} ({})'.format(label, force_bytes(related_query_name)) # handle self-relationships and lazy-relationships if isinstance(field.rel.to, six.string_types): if field.rel.to == 'self': target_model = field.model else: if '.' in field.rel.to: app_label, model_name = field.rel.to.split('.', 1) else: app_label = field.model._meta.app_label model_name = field.rel.to target_model = apps.get_model(app_label, model_name) else: target_model = field.rel.to _rel = self.get_relation_context(target_model, field, label, extras) if _rel not in model['relations'] and self.use_model(_rel['target']): return _rel
def load_template(self, template_name, template_dirs=None): if connection.tenant: key = '-'.join([str(connection.tenant.pk), template_name]) else: key = template_name if template_dirs: # If template directories were specified, use a hash to # differentiate if connection.tenant: key = '-'.join([str(connection.tenant.pk), template_name, hashlib.sha1(force_bytes('|'.join(template_dirs))).hexdigest()]) else: key = '-'.join([template_name, hashlib.sha1(force_bytes('|'.join(template_dirs))).hexdigest()]) if key not in self.template_cache: template, origin = self.find_template(template_name, template_dirs) if not hasattr(template, 'render'): try: template = get_template_from_string(template, origin, template_name) except TemplateDoesNotExist: # If compiling the template we found raises TemplateDoesNotExist, # back off to returning the source and display name for the template # we were asked to load. This allows for correct identification (later) # of the actual template that does not exist. return template, origin self.template_cache[key] = template return self.template_cache[key], None
def constant_time_compare(val1, val2): """ :type val1: any :type val2: any :rtype: bool """ return constant_time.bytes_eq(force_bytes(val1), force_bytes(val2))
def deserialize_instance(model, data): ret = model() for k, v in data.items(): is_db_value = False if k.startswith(SERIALIZED_DB_FIELD_PREFIX): k = k[len(SERIALIZED_DB_FIELD_PREFIX) :] is_db_value = True if v is not None: try: f = model._meta.get_field(k) if isinstance(f, DateTimeField): v = dateparse.parse_datetime(v) elif isinstance(f, TimeField): v = dateparse.parse_time(v) elif isinstance(f, DateField): v = dateparse.parse_date(v) elif isinstance(f, BinaryField): v = force_bytes(base64.b64decode(force_bytes(v))) elif is_db_value: try: # This is quite an ugly hack, but will cover most # use cases... v = f.from_db_value(v, None, None, None) except: raise ImproperlyConfigured( "Unable to auto serialize field '{}', custom" " serialization override required".format(k) ) except FieldDoesNotExist: pass setattr(ret, k, v) return ret
def get_template_key(fragment_name, vary_on=None, prefix='template.cache'): """Compose the cache key of a template.""" if vary_on is None: vary_on = () key = ':'.join([urlquote(force_bytes(var)) for var in vary_on]) args = hashlib.md5(force_bytes(key)) return (prefix + '.%s.%s') % (fragment_name, args.hexdigest())
def assert_is_input_message(self, msg): """ Ensure passed message is the same as the message we have fed to the command """ self.assertEqual(force_bytes(self.input_message.as_string(), 'utf-8'), force_bytes(msg.as_string(), 'utf-8'))
def pbkdf2(password, salt, iterations, dklen=0, digest=None): """Return the hash of password using pbkdf2.""" if digest is None: digest = hashlib.sha256 dklen = dklen or None password = force_bytes(password) salt = force_bytes(salt) return hashlib.pbkdf2_hmac(digest().name, password, salt, iterations, dklen)
def __init__(self, geo_input, srid=None): """ The base constructor for GEOS geometry objects. It may take the following inputs: * strings: - WKT - HEXEWKB (a PostGIS-specific canonical form) - GeoJSON (requires GDAL) * buffer: - WKB The `srid` keyword specifies the Source Reference Identifier (SRID) number for this Geometry. If not provided, it defaults to None. """ input_srid = None if isinstance(geo_input, bytes): geo_input = force_text(geo_input) if isinstance(geo_input, str): wkt_m = wkt_regex.match(geo_input) if wkt_m: # Handle WKT input. if wkt_m.group('srid'): input_srid = int(wkt_m.group('srid')) g = self._from_wkt(force_bytes(wkt_m.group('wkt'))) elif hex_regex.match(geo_input): # Handle HEXEWKB input. g = wkb_r().read(force_bytes(geo_input)) elif json_regex.match(geo_input): # Handle GeoJSON input. ogr = gdal.OGRGeometry.from_json(geo_input) g = ogr._geos_ptr() input_srid = ogr.srid else: raise ValueError('String input unrecognized as WKT EWKT, and HEXEWKB.') elif isinstance(geo_input, GEOM_PTR): # When the input is a pointer to a geometry (GEOM_PTR). g = geo_input elif isinstance(geo_input, memoryview): # When the input is a buffer (WKB). g = wkb_r().read(geo_input) elif isinstance(geo_input, GEOSGeometry): g = capi.geom_clone(geo_input.ptr) else: raise TypeError('Improper geometry input type: %s' % type(geo_input)) if not g: raise GEOSException('Could not initialize GEOS Geometry with given input.') input_srid = input_srid or capi.geos_get_srid(g) or None if input_srid and srid and input_srid != srid: raise ValueError('Input geometry already has SRID: %d.' % input_srid) super().__init__(g, None) # Set the SRID, if given. srid = input_srid or srid if srid and isinstance(srid, int): self.srid = srid
def post(self, request, *args, **kwargs): form = self.form_class(request.POST) if form.is_valid(): data= form.cleaned_data["email_or_username"] if self.validate_email_address(data) is True: associated_users= User.objects.filter(Q(email=data)|Q(username=data)) if associated_users.exists(): for user in associated_users: c = { 'email': user.email, 'domain': request.META['HTTP_HOST'], 'site_name': 'SinComplique', 'uid': urlsafe_base64_encode(force_bytes(user.pk)), 'user': user, 'token': default_token_generator.make_token(user), 'protocol': 'http', } subject_template_name = 'users/password_reset_subject.txt' email_template_name = 'users/password_reset_subject.html' subject = 'Cambio de Contraseña' subject = ''.join(subject.splitlines()) email_txt = loader.render_to_string(subject_template_name, c) email_html = loader.render_to_string(email_template_name, c) send_mail(subject, email_html, settings.DEFAULT_FROM_EMAIL, [user.email]) result = self.form_valid(form) messages.success(request, 'An email has been sent to ' + data +". Please check its inbox to continue reseting password.") return result result = self.form_invalid(form) messages.warning(request, 'No user is associated with this email address') return result else: associated_users= User.objects.filter(username=data) if associated_users.exists(): for user in associated_users: c = { 'email': user.email, 'domain': request.META['HTTP_HOST'], 'site_name': 'SinComplique', 'uid': urlsafe_base64_encode(force_bytes(user.pk)), 'user': user, 'token': default_token_generator.make_token(user), 'protocol': 'http', } subject_template_name='users/password_reset_subject.txt' email_template_name='users/password_reset_subject.html' subject = loader.render_to_string(subject_template_name, c) subject = ''.join(subject.splitlines()) email_txt = loader.render_to_string(subject_template_name, c) email_html = loader.render_to_string(email_template_name, c) send_mail(subject, email_html, settings.DEFAULT_FROM_EMAIL , [user.email]) result = self.form_valid(form) messages.success(request, 'Email has been sent to ' + data +"'s email address. Please check its inbox to continue reseting password.") return result result = self.form_invalid(form) messages.error(request, 'This username does not exist in the system.') return result messages.error(request, 'Invalid Input') return self.form_invalid(form)
def register(request): """ Display the user registration form and store the :model:`auth.User` and his :model:`inviMarket.Profile` in the database. **Context** ``form`` An instace of the user registration form. ``error`` A string variable containing any general error message. **Template:** :template:`inviMarket/register.html` """ error = None if request.user.is_authenticated(): return redirect('index') if request.method == 'POST': form = RegisterForm(request.POST) if 'terms' not in request.POST: error= _("You must read and accept the terms and conditions.") elif form.is_valid(): if form.cleaned_data['last_name'] != "": return redirect('confirm') new_user = form.save() # Create a random activation key and store it in the user profile salt = hashlib.sha1(str(random.random())).hexdigest()[:5] activation_key = hashlib.sha1(salt+new_user.email).hexdigest() key_expires = timezone.now() + datetime.timedelta(2) lang = request.LANGUAGE_CODE profile = Profile(user=new_user, activation_key=activation_key, key_expires=key_expires, lang=lang, last_visit=timezone.now()) profile.save() # Send the activation key to the user text = render_to_string('email/activation.txt', {'name': new_user.first_name, 'uidb64': urlsafe_base64_encode(force_bytes(new_user.id)), 'key': activation_key, 'domain': settings.DOMAIN, }) html = render_to_string('email/activation.html', {'name': new_user.first_name, 'uidb64': urlsafe_base64_encode(force_bytes(new_user.id)), 'key': activation_key, 'domain': settings.DOMAIN, }) subject = "Account activation" send_mail(subject, text, "inviMarket <*****@*****.**>", [new_user.email], html_message=html,fail_silently=False) return redirect('confirm') else: form = RegisterForm() return render(request, 'register.html', {'form': form, 'error': error})
def cache_key(template_name, template_dirs): if connection.tenant and template_dirs: return '-'.join([str(connection.tenant.pk), template_name, hashlib.sha1(force_bytes('|'.join(template_dirs))).hexdigest()]) if template_dirs: # If template directories were specified, use a hash to differentiate return '-'.join([template_name, hashlib.sha1(force_bytes('|'.join(template_dirs))).hexdigest()]) else: return template_name
def get_user_password(user, disable=False): """Return ready-to-use password from user instance.""" scheme, password = user.password.split("}") return ( force_bytes(scheme) + b"}" + b"#" if disable else b"" + force_bytes(password) )
def mv(cls, src, dst, msg): """Move a file from src to dst.""" try: if storage.exists(src): log.info(msg % (src, dst)) move_stored_file(src, dst) except UnicodeEncodeError: msg = 'Move Failure: %s %s' % (force_bytes(src), force_bytes(dst)) log.error(msg)
def test_force_bytes_exception(self): """ force_bytes knows how to convert to bytes an exception containing non-ASCII characters in its args. """ error_msg = "This is an exception, voilà" exc = ValueError(error_msg) self.assertEqual(force_bytes(exc), error_msg.encode()) self.assertEqual(force_bytes(exc, encoding='ascii', errors='ignore'), b'This is an exception, voil')
def make_activation_code(): """ Generate a unique activation code. """ random_string = str(random.random()) random_digest = sha1(force_bytes(random_string)).hexdigest()[:5] time_string = str(datetime.now().microsecond) combined_string = random_digest + time_string return sha1(force_bytes(combined_string)).hexdigest()
def get_compiled_content_file(self, asset): if isinstance(asset, GenericAsset): return registry_instance.finder_service.open_asset(asset) else: ret = ContentFile('') asset_manifest = registry_instance.asset_manifest_repository.get_asset_manifest_with_asset(asset) for content_line in asset_manifest.get_content_lines(): ret.write(force_bytes(content_line)) ret.write(force_bytes("\n")) return ret
def send_signup_confirm_email(request, user): uid = urlsafe_base64_encode(force_bytes(user.pk)) token = token_generator.make_token(user) context = { 'user': user, 'host': request.scheme + '://' + request.META['HTTP_HOST'], 'uid': urlsafe_base64_encode(force_bytes(user.pk)) 'token': token_generator.make_token(user), }
def _generate_orderless_cache_key(request, method, headerlist, key_prefix): """Returns a cache key from the headers given in the header list.""" ctx = hashlib.md5() for header in headerlist: value = request.META.get(header, None) if value is not None: ctx.update(force_bytes(value)) url = hashlib.md5(force_bytes(_generate_orderless_cache_url(request))) cache_key = "views.decorators.cache.cache_page.%s.%s.%s.%s" % (key_prefix, method, url.hexdigest(), ctx.hexdigest()) return _i18n_cache_key_suffix(request, cache_key)
def convert_binaryfield_value(self, value, expression, connection, context): if isinstance(value, Database.LOB): value = force_bytes(value.read()) return value
def test_remove_user_from_chat_chat_does_not_exist(self): response = self.client.get(reverse('remove_user_from_chat', kwargs={'pk': '10', 'user_pk': self.user.pk}), follow=True) self.assertIn(force_bytes('User or chat does not exist'), response.content)
def test_chat_view(self): response = self.client.get(reverse('chat', kwargs={'pk': self.chat.pk}), follow=True) self.assertEqual(response.status_code, 200) self.assertTemplateUsed('chat.html') self.assertIn(force_bytes(self.chat.title), response.content)
def test_delete_chat_doesnt_exist(self): response = self.client.get(reverse('delete_chat', kwargs={'pk': '10'}), follow=True) self.assertIn(force_bytes('You can not delete a chat that does not exist'), response.content)
def test_add_users_to_chat_not_chat_owner(self): chat = Chat.objects.create(owner=self.user1, title='test_chat1') response = self.client.post(reverse('add_users_to_chat', kwargs={'pk': chat.pk}), follow=True) self.assertEqual(response.status_code, 200) self.assertIn(force_bytes('You can only edit your own chats'), response.content)
def get_cookie_signer(salt="django.core.signing.get_cookie_signer"): Signer = import_string(settings.SIGNING_BACKEND) key = force_bytes(settings.SECRET_KEY) # SECRET_KEY may be str or bytes. return Signer(b"django.http.cookies" + key, salt=salt)
def register_view(request): if request.method == "POST": username = request.POST['username'] email = request.POST['email'] password1 = request.POST['password1'] password2 = request.POST['password2'] birthdate = request.POST['date'] createdat = datetime.datetime.now() faculty = request.POST['Bölüm'] gender = request.POST['gender'] converted = datetime.datetime.strptime(birthdate, '%Y-%m-%d') if str(email).split('@')[1] != 'isik.edu.tr': messages.error( request, 'Güvenliğiniz için sadece Işık mailiniz ile kayıt olabilirsiniz.' ) return redirect('register') if password1 != password2: messages.error(request, 'İki şifre eşleşmiyor.') return redirect('register') if len(password1) < 8: messages.error(request, 'Şifre 8 karakterden küçük olamaz.') return redirect('register') if converted.year > createdat.year: messages.error(request, 'Geçersiz doğum tarihi.Geçerli bir tarih giriniz.') return redirect('register') if email and User.objects.filter(email=email).exclude( username=username).exists(): messages.error( request, 'Email sistemde kayıtlı.Lütfen başka bir email giriniz.') return redirect('register') if User.objects.filter(username=username).exists(): messages.error( request, 'Kullanıcı adı sistemde kayıtlı.Lütfen başka bir kullanıcı adı giriniz.' ) return redirect('register') user = User.objects.create_user(username=username, email=email, password=password1) profile = UserProfile(gender=gender, faculty=faculty, user=user, birthdate=birthdate, createdat=createdat) # user_test = UserProfile.objects.get(pk=13) profile.save() subject = 'Aramıza hoşgeldin - The Insider Sight' current_site = get_current_site(request) message = render_to_string( 'account_activation_email.html', { 'user': user, 'domain': current_site.domain, 'uid': urlsafe_base64_encode(force_bytes(user.pk)), 'token': account_activation_token.make_token(user), }) user.email_user(subject, message) messages.success(request, 'Onay maili belirttiğiniz maile gönderildi.') return redirect('register') else: return render(request, 'register.html')
def basic_auth(self, user, password): return b"Basic " + b64encode(force_bytes(user + ":" + password))
def test_leave_chat_chat_does_not_exist(self): response = self.client.get(reverse('leave_chat', kwargs={'pk': '10'}), follow=True) self.assertIn(force_bytes('This chat does not exist yet or have been deleted'), response.content)
# TOKEN generator import from django.contrib.auth.tokens import default_token_generator from django.contrib.sites.shortcuts import get_current_site from django.core.mail import EmailMessage from django.template.loader import render_to_string from django.utils.encoding import force_bytes from django.utils.http import urlsafe_base64_encode, urlsafe_base64_decode current_site = get_current_site(request) mail_subject = 'Activate your account.' message = render_to_string( 'person/acc_active_email.html', { 'user': user, 'domain': current_site.domain, 'uid': urlsafe_base64_encode(force_bytes(user.pk)), 'token': default_token_generator.make_token(user), }) to_email = form.cleaned_data.get('email') email = EmailMessage(mail_subject, message, to=[to_email])
def admin_options(request): cat_choice = Categoriechoiceform() typ = Categorie.objects.all().order_by('cat') kat = Kategorie.objects.all().order_by('kategorie') calc = Calc_Choices.objects.all() kat_element = ElementTOKat.objects.all().order_by('katgroup__kategorie') load_table = Element.objects.filter(categories=13) elements = KategorieElement.objects.all().order_by('kat_element') userform = SignupForm() user = request.user users = Userlimitform() event_cat_choice = EventsCategoriechoiceform() if request.method == 'POST': signupform = SignupForm(request.POST) if signupform.is_valid(): to_email = signupform.cleaned_data.get('email') try: match = User.objects.get(email=to_email) except ObjectDoesNotExist: user = signupform.save(commit=False) user.is_active = True user.save() from mail_templated import EmailMessage current_site = get_current_site(request) message = EmailMessage( 'email\login.tpl', { 'user': user, 'domain': current_site.domain, 'uid': urlsafe_base64_encode(force_bytes( user.pk)).decode(), 'token': PasswordResetTokenGenerator().make_token(user) }, from_email='*****@*****.**', to=[user.email]) message.send() messages.success( request, 'Benutzer wurde erfolgreich erstellt und eine E-Mail Verrifizierung an ' + to_email + ' versendet.') else: messages.warning( request, 'E-Mail ' + to_email + ' ist bereits vergeben.') else: messages.warning( request, 'Achtung! Überprüfen Sie die Eingabe der E-Mail und des Benutzernamen! Der Benutzername darf keine Leerzeichen enthalten. Folgende Zeichen dürfen verwendet werden: @/-/+/-/_' ) return render( request, 'options/admin_options.html', { 'kat': kat, 'elements': elements, 'calc': calc, 'cat_choice': cat_choice, 'load_table': load_table, 'typ': typ, 'kat_element': kat_element, 'userform': userform, 'user': user, 'users': users, 'event_cat_choice': event_cat_choice, })
def sign_cert(self, ca, csr, expires=None, algorithm=None, subject=None, cn_in_san=True, csr_format=Encoding.PEM, subject_alternative_name=None, key_usage=None, extended_key_usage=None, tls_feature=None, ocsp_no_check=False, issuer_url=None, crl_url=None, ocsp_url=None, issuer_alternative_name=None, extra_extensions=None, password=None): """Create a signed certificate from a CSR. **PLEASE NOTE:** This function creates the raw certificate and is usually not invoked directly. It is called by :py:func:`Certificate.objects.init() <django_ca.managers.CertificateManager.init>`, which passes along all parameters unchanged and saves the raw certificate to the database. Parameters ---------- ca : :py:class:`~django_ca.models.CertificateAuthority` The certificate authority to sign the certificate with. csr : str or :py:class:`~cg:cryptography.x509.CertificateSigningRequest` A valid CSR. If not already a :py:class:`~cg:cryptography.x509.CertificateSigningRequest`, the format is given by the ``csr_format`` parameter. expires : datetime, optional Datetime for when this certificate will expire, defaults to the ``CA_DEFAULT_EXPIRES`` setting. algorithm : str or :py:class:`~cg:cryptography.hazmat.primitives.hashes.HashAlgorithm`, optional Hash algorithm used when signing the certificate, passed to :py:func:`~django_ca.utils.parse_hash_algorithm`. The default is the value of the :ref:`CA_DIGEST_ALGORITHM <settings-ca-digest-algorithm>` setting. subject : dict or str or :py:class:`~django_ca.subject.Subject` Subject string, e.g. ``"/CN=example.com"`` or ``Subject("/CN=example.com")``. The value is actually passed to :py:class:`~django_ca.subject.Subject` if it is not already an instance of that class. If this value is not passed or if the value does not contain a CommonName, the first value of the ``subject_alternative_name`` parameter is used as CommonName. cn_in_san : bool, optional Wether the CommonName should also be included as subjectAlternativeName. The default is ``True``, but the parameter is ignored if no CommonName is given. This is typically set to ``False`` when creating a client certificate, where the subjects CommonName has no meaningful value as subjectAlternativeName. csr_format : :py:class:`~cg:cryptography.hazmat.primitives.serialization.Encoding`, optional The format of the CSR. The default is ``PEM``. subject_alternative_name : dict or :py:class:`~django_ca.extensions.SubjectAlternativeName`, optional A dict passed to :py:class:`~django_ca.extensions.SubjectAlternativeName` if not already an instance of that class. key_usage : dict or :py:class:`~django_ca.extensions.KeyUsage`, optional Value for the ``keyUsage`` X509 extension. A dict passed to :py:class:`~django_ca.extensions.KeyUsage` if not already an instance of that class. extended_key_usage : dict or :py:class:`~django_ca.extensions.ExtendedKeyUsage`, optional Value for the ``extendedKeyUsage`` X509 extension. A dict passed to :py:class:`~django_ca.extensions.ExtendedKeyUsage` if not already an instance of that class. tls_feature : dict or :py:class:`~django_ca.extensions.TLSFeature`, optional Value for the ``TLSFeature`` X509 extension. The dict passed to :py:class:`~django_ca.extensions.TLSFeature` if not already an instance of that class. ocsp_no_check : bool, optional Add the OCSPNoCheck flag, indicating that an OCSP client should trust this certificate for it's lifetime. This value only makes sense if you intend to use the certificate for an OCSP responder, the default is ``False``. See `RFC 6990, section 4.2.2.2.1 <https://tools.ietf.org/html/rfc6960#section-4.2.2.2>`_ for more information. issuer_url : ``str`` or ``bool``, optional Pass a custom issuer URL overriding the value configured in the CA or pass ``False`` to disable getting any issuer_url from the CA (e.g. to pass a custom extension in ``extra_extensions``). crl_url : ``str`` or ``bool``, optional Pass a custom CRL URL overriding the value configured in the CA or pass ``False`` to disable getting any issuer_url from the CA (e.g. to pass a custom extension in ``extra_extensions``). ocsp_url : ``str`` or ``bool``, optional Pass a custom OCSP URL overriding the value configured in the CA or pass ``False`` to disable getting any issuer_url from the CA (e.g. to pass a custom extension in ``extra_extensions``). issuer_alternative_name : ``dict`` or :py:class:`~django_ca.extensions.IssuerAlternativeName`, \ optional Pass a custom issuer alternative name URL overriding the value configured in the CA or pass an empty dict to disable getting any issuer_url from the CA. extra_extensions : list of :py:class:`cg:cryptography.x509.Extension` or \ :py:class:`django_ca.extensions.Extension`, optional An optional list of additional extensions to add to the certificate. password : bytes, optional Password used to load the private key of the certificate authority. If not passed, the private key is assumed to be unencrypted. Returns ------- cryptography.x509.Certificate The signed certificate. """ # TODO: This function does not check the expiry of the parent CA yet (manage.py sign_cert does) ######################## # Normalize parameters # ######################## if subject is None: subject = Subject( ) # we need a subject instance so we can possibly add the CN elif not isinstance(subject, Subject): subject = Subject(subject) if 'CN' not in subject and not subject_alternative_name: raise ValueError( "Must name at least a CN or a subjectAlternativeName.") algorithm = parse_hash_algorithm(algorithm) # Normalize extensions to django_ca.extensions.Extension subclasses if key_usage and not isinstance(key_usage, KeyUsage): key_usage = KeyUsage(key_usage) if extended_key_usage and not isinstance(extended_key_usage, ExtendedKeyUsage): extended_key_usage = ExtendedKeyUsage(extended_key_usage) if tls_feature and not isinstance(tls_feature, TLSFeature): tls_feature = TLSFeature(tls_feature) if not subject_alternative_name: subject_alternative_name = SubjectAlternativeName({}) elif not isinstance(subject_alternative_name, SubjectAlternativeName): subject_alternative_name = SubjectAlternativeName( subject_alternative_name) # use first SAN as CN if CN is not set if 'CN' not in subject: subject['CN'] = subject_alternative_name.value[0].value elif cn_in_san and 'CN' in subject: # add CN to SAN if cn_in_san is True (default) try: cn_name = parse_general_name(subject['CN']) except idna.IDNAError: raise ValueError( '%s: Could not parse CommonName as subjectAlternativeName.' % subject['CN']) else: if cn_name not in subject_alternative_name: subject_alternative_name.insert(0, cn_name) if issuer_url is None: issuer_url = ca.issuer_url if crl_url is None: crl_url = ca.crl_url if ocsp_url is None: ocsp_url = ca.ocsp_url if issuer_alternative_name is None: issuer_alternative_name = IssuerAlternativeName({ 'value': shlex_split(ca.issuer_alt_name, ','), }) ################ # Read the CSR # ################ if isinstance(csr, x509.CertificateSigningRequest): req = csr elif csr_format == Encoding.PEM: req = x509.load_pem_x509_csr(force_bytes(csr), default_backend()) elif csr_format == Encoding.DER: req = x509.load_der_x509_csr(force_bytes(csr), default_backend()) else: raise ValueError('Unknown CSR format passed: %s' % csr_format) ######################### # Send pre-issue signal # ######################### pre_issue_cert.send(sender=self.model, ca=ca, csr=csr, expires=expires, algorithm=algorithm, subject=subject, cn_in_san=cn_in_san, csr_format=csr_format, subject_alternative_name=subject_alternative_name, key_usage=key_usage, extended_key_usage=extended_key_usage, tls_featur=tls_feature, issuer_url=issuer_url, crl_url=crl_url, ocsp_url=ocsp_url, issuer_alternative_name=issuer_alternative_name, extra_extensions=extra_extensions, password=password) ####################### # Generate public key # ####################### public_key = req.public_key() builder = get_cert_builder(expires) builder = builder.public_key(public_key) builder = builder.issuer_name(ca.x509.subject) builder = builder.subject_name(subject.name) # Add extensions builder = builder.add_extension(x509.BasicConstraints( ca=False, path_length=None), critical=True) builder = builder.add_extension( x509.SubjectKeyIdentifier.from_public_key(public_key), critical=False) # Get authorityKeyIdentifier from subjectKeyIdentifier from signing CA builder = builder.add_extension(ca.get_authority_key_identifier(), critical=False) for critical, ext in self.get_common_extensions( issuer_url, crl_url, ocsp_url): builder = builder.add_extension(ext, critical=critical) if subject_alternative_name: builder = builder.add_extension( **subject_alternative_name.for_builder()) if key_usage: builder = builder.add_extension(**key_usage.for_builder()) if extended_key_usage: builder = builder.add_extension(**extended_key_usage.for_builder()) if tls_feature: builder = builder.add_extension(**tls_feature.for_builder()) if issuer_alternative_name: if not isinstance(issuer_alternative_name, IssuerAlternativeName): issuer_alternative_name = IssuerAlternativeName( issuer_alternative_name) builder = builder.add_extension( **issuer_alternative_name.for_builder()) if ocsp_no_check: builder = builder.add_extension(**OCSPNoCheck().for_builder()) if extra_extensions: builder = self._extra_extensions(builder, extra_extensions) ################### # Sign public key # ################### cert = builder.sign(private_key=ca.key(password), algorithm=algorithm, backend=default_backend()) return cert, req
def test_messages_view(self): response = self.client.get(reverse('messages'), follow=True) self.assertEqual(response.status_code, 200) self.assertTemplateUsed('messages.html') self.assertIn(force_bytes(self.chat.title), response.content)
def test_remove_user_from_chat_user_not_in_chat(self): response = self.client.get(reverse('remove_user_from_chat', kwargs={'pk': self.chat.pk, 'user_pk': self.user2.pk}), follow=True) self.assertIn(force_bytes('Action not allowed'), response.content)
def _process_files(parsed_diff, basedir, repository, base_commit_id, request, get_file_exists=None, check_existence=False, limit_to=None): """Collect metadata about files in the parser. Args: parsed_diff (reviewboard.diffviewer.parser.ParsedDiff): The parsed diff to process. basedir (unicode): The base directory to prepend to all file paths in the diff. repository (reviewboard.scmtools.models.Repository): The repository that the diff was created against. base_commit_id (unicode): The ID of the commit that the diff is based upon. This is needed by some SCMs or hosting services to properly look up files, if the diffs represent blob IDs instead of commit IDs and the service doesn't support those lookups. request (django.http.HttpRequest): The current HTTP request. check_existence (bool, optional): Whether or not existence checks should be performed against the upstream repository. get_file_exists (callable, optional): A callable to use to determine if a given file exists in the repository. If ``check_existence`` is ``True`` this argument must be provided. limit_to (list of unicode, optional): A list of filenames to limit the results to. Yields: reviewboard.diffviewer.parser.ParsedDiffFile: Each file present in the diff. Raises: ValueError: ``check_existence`` was ``True`` but ``get_file_exists`` was not provided. """ if check_existence and get_file_exists is None: raise ValueError('Must provide get_file_exists when check_existence ' 'is True') tool = repository.get_scmtool() basedir = force_bytes(basedir) parsed_change = parsed_diff.changes[0] for f in parsed_change.files: # This will either be a Revision or bytes. Either way, convert it # bytes now. orig_revision = force_bytes(f.orig_file_details) source_filename, source_revision = tool.parse_diff_revision( f.orig_filename, orig_revision, moved=f.moved, copied=f.copied) assert isinstance(source_filename, bytes), ( '%s.parse_diff_revision() must return a bytes filename, not %r' % (type(tool).__name__, type(source_filename))) assert isinstance(source_revision, (bytes, Revision)), ( '%s.parse_diff_revision() must return a revision which is either ' 'bytes or reviewboard.scmtools.core.Revision, not %r' % (type(tool).__name__, type(source_revision))) dest_filename = _normalize_filename(f.modified_filename, basedir) if limit_to is not None and dest_filename not in limit_to: # This file isn't actually needed for the diff, so save # ourselves a remote file existence check and some storage. continue source_filename = _normalize_filename(source_filename, basedir) # FIXME: this would be a good place to find permissions errors if (source_revision != PRE_CREATION and source_revision != UNKNOWN and not f.binary and not f.deleted and not f.moved and not f.copied and (check_existence and not get_file_exists(force_text(source_filename), force_text(source_revision), base_commit_id=base_commit_id, request=request))): raise FileNotFoundError(force_text(source_filename), force_text(source_revision), base_commit_id) f.orig_filename = source_filename f.orig_file_details = source_revision f.modified_filename = dest_filename yield f
def test_delete_chat_not_owner(self): chat = Chat.objects.create(owner=self.user1, title='test_chat1') response = self.client.get(reverse('delete_chat', kwargs={'pk': chat.pk}), follow=True) self.assertEqual(len(Chat.objects.filter(title='test_chat1')), 1) self.assertIn(force_bytes('You can only delete your own chats'), response.content)
def path(self, name): """Actual file system path to name without any safety checks.""" return os.path.normpath(os.path.join(self.location, force_bytes(name)))
def write(self, content): if self.read_started: raise ValueError("Unable to write a payload after he's been read") content = force_bytes(content) self.__content.write(content) self.__len += len(content)
def test_chat_users_view_user_not_in_chat(self): chat = Chat.objects.create(owner=self.user1, title='test_chat1') response = self.client.get(reverse('chat_users', kwargs={'pk': chat.pk}), follow=True) self.assertEqual(response.status_code, 200) self.assertIn(force_bytes('You can only view users from your own chats'), response.content)
def to_bytes(s): return force_bytes(s, settings.DEFAULT_CHARSET)
def _generate_cache_header_key(key_prefix, request): """Return a cache key for the header cache.""" url = hashlib.md5(force_bytes(iri_to_uri(request.build_absolute_uri()))) cache_key = 'views.decorators.cache.cache_header.%s.%s' % (key_prefix, url.hexdigest()) return _i18n_cache_key_suffix(request, cache_key)
def user_registration(request): if not request.user.is_authenticated: if request.method == "GET": # registration_form = CustomUserCreationForm() # login_form = AuthenticationForm() # context = { # 'registration_form': registration_form, # 'login_form': login_form, # } # return render(request, 'home/templates/home/index.html', context) return render(request, 'templates/404.html') elif request.method == 'POST': # extracting form data for user registration registration_form = CustomUserCreationForm(request.POST) # checking the validity of the form if registration_form.is_valid(): password1 = registration_form.cleaned_data['password1'] password2 = registration_form.cleaned_data['password2'] # password and confirm password mismatch error if password1 != password2: return HttpResponse("Password Mismatch.") username = registration_form.cleaned_data['username'] email = registration_form.cleaned_data['email'] reg_user = User.objects.filter(email=email).first() # checking if email is already registered if reg_user: return HttpResponse( "Email already registered. Try logging in!!") else: reg_user = User.objects.filter(username=username).first() # checking if username is already registered if reg_user: return HttpResponse( "Username already registered. Try another one!!") else: # saving new user details into database with active status as false user = registration_form.save(commit=False) user.is_active = False user.user_type = 'U' user.save() details = UserDetails.objects.create(user=user, wallet_money=0) details.save() # Sending email process starts current_site = get_current_site(request) mail_subject = 'Activate your StrangeFlix account.' email_context = { 'user': user.username, 'domain': current_site.domain, 'uid': urlsafe_base64_encode(force_bytes(user.pk)), 'token': account_activation_token.make_token(user), } # message to be displayed to user is render from a html template html_message = render_to_string( "accounts/acc_activate_email_template.html", context=email_context) to_email_list = [email] # calling the send email function to send verification email and checking if mail is sent successfully if send_email(subject=mail_subject, html_message=html_message, to_email=to_email_list ): # to_email must be a tuple of list response = f'A Confirmation email has been sent to {email}.' \ f' Please visit the confirmation link to complete the registration and activate your account.' else: user.delete() response = 'Mail can\'t be send now. Possible Cause - Connection Issue. Try again later sometime.' return HttpResponse(response) else: # print(registration_form.errors.as_data()) # in case of invalid form submission returning the error to user for e in registration_form.errors: for err in registration_form.errors[e].as_data(): return HttpResponse(err) return HttpResponse("Form InValid") else: return HttpResponse("A user is already Logged In.")
def dispatch_webhook_event(request, webhook_targets, event, payload): """Dispatch the given event and payload to the given WebHook targets. Args: request (django.http.HttpRequest): The HTTP request from the client. webhook_targets (list of reviewboard.notifications.models.WebHookTarget): The list of WebHook targets containing endpoint URLs to dispatch to. event (unicode): The name of the event being dispatched. payload (dict): The payload data to encode for the WebHook payload. Raises: ValueError: There was an error with the payload format. Details are in the log and the exception message. """ encoder = BasicAPIEncoder() bodies = {} raw_norm_payload = None json_norm_payload = None for webhook_target in webhook_targets: use_custom_content = webhook_target.use_custom_content encoding = webhook_target.encoding # See how we need to handle normalizing this payload. If we need # something JSON-safe, then we need to go the more aggressive route # and normalize keys to strings. if raw_norm_payload is None or json_norm_payload is None: try: if (raw_norm_payload is None and (use_custom_content or encoding == webhook_target.ENCODING_XML)): # This payload's going to be provided for XML and custom # templates. We don't want to alter the keys at all. raw_norm_payload = normalize_webhook_payload( payload=payload, request=request) elif (json_norm_payload is None and not use_custom_content and encoding in (webhook_target.ENCODING_JSON, webhook_target.ENCODING_FORM_DATA)): # This payload's going to be provided for JSON or # form-data. We want to normalize all keys to strings. json_norm_payload = normalize_webhook_payload( payload=payload, request=request, use_string_keys=True) except TypeError as e: logging.exception( 'WebHook payload passed to ' 'dispatch_webhook_event containing invalid ' 'data types: %s', e) raise ValueError(six.text_type(e)) if use_custom_content: try: assert raw_norm_payload is not None body = render_custom_content(webhook_target.custom_content, raw_norm_payload) body = force_bytes(body) except Exception as e: logging.exception('Could not render WebHook payload: %s', e) continue else: if encoding not in bodies: try: if encoding == webhook_target.ENCODING_JSON: assert json_norm_payload is not None adapter = JSONEncoderAdapter(encoder) body = adapter.encode(json_norm_payload, request=request) elif encoding == webhook_target.ENCODING_XML: assert raw_norm_payload is not None adapter = XMLEncoderAdapter(encoder) body = adapter.encode(raw_norm_payload, request=request) elif encoding == webhook_target.ENCODING_FORM_DATA: assert json_norm_payload is not None adapter = JSONEncoderAdapter(encoder) body = urlencode({ 'payload': adapter.encode(json_norm_payload, request=request), }) else: logging.error( 'Unexpected WebHookTarget encoding "%s" ' 'for ID %s', encoding, webhook_target.pk) continue except Exception as e: logging.exception('Could not encode WebHook payload: %s', e) continue body = force_bytes(body) bodies[encoding] = body else: body = bodies[encoding] headers = { 'X-ReviewBoard-Event': event, 'Content-Type': webhook_target.encoding, 'Content-Length': '%s' % len(body), 'User-Agent': 'ReviewBoard-WebHook/%s' % get_package_version(), } if webhook_target.secret: signer = hmac.new(webhook_target.secret.encode('utf-8'), body, hashlib.sha1) headers['X-Hub-Signature'] = 'sha1=%s' % signer.hexdigest() logging.info('Dispatching webhook for event %s to %s', event, webhook_target.url) try: url = webhook_target.url url_parts = urlsplit(url) if url_parts.username or url_parts.password: credentials, netloc = url_parts.netloc.split('@', 1) url = urlunsplit((url_parts.scheme, netloc, url_parts.path, url_parts.query, url_parts.fragment)) headers['Authorization'] = \ 'Basic %s' % b64encode(credentials.encode('utf-8')) if six.PY2: headers = { force_str(key): force_str(value) for key, value in six.iteritems(headers) } urlopen(Request(url, body, headers)) except Exception as e: logging.exception('Could not dispatch WebHook to %s: %s', webhook_target.url, e) if isinstance(e, HTTPError): logging.info('Error response from %s: %s %s\n%s', webhook_target.url, e.code, e.reason, e.read())
def test_messages_chat_creation(self): response = self.client.post(reverse('messages'), data={'title': 'test_chat1'}, follow=True) chat = Chat.objects.get(title='test_chat1') self.assertTrue(isinstance(chat, Chat)) self.assertEqual(response.status_code, 200) self.assertIn(force_bytes(chat.title), response.content)
def post_process(self, paths, dry_run=False, **options): """ Post process the given OrderedDict of files (called from collectstatic). Processing is actually two separate operations: 1. renaming files to include a hash of their content for cache-busting, and copying those files to the target storage. 2. adjusting files which contain references to other files so they refer to the cache-busting filenames. If either of these are performed on a file, then that file is considered post-processed. """ # don't even dare to process the files if we're in dry run mode if dry_run: return # where to store the new paths hashed_files = OrderedDict() # build a list of adjustable files matches = lambda path: matches_patterns(path, self._patterns.keys()) adjustable_paths = [path for path in paths if matches(path)] # then sort the files by the directory level path_level = lambda name: len(name.split(os.sep)) for name in sorted(paths.keys(), key=path_level, reverse=True): # use the original, local file, not the copied-but-unprocessed # file, which might be somewhere far away, like S3 storage, path = paths[name] with storage.open(path) as original_file: # generate the hash with the original content, even for # adjustable files. hashed_name = self.hashed_name(name, original_file) # then get the original's file content.. if hasattr(original_file, 'seek'): original_file.seek(0) hashed_file_exists = self.exists(hashed_name) processed = False # ..to apply each replacement pattern to the content if name in adjustable_paths: content = original_file.read().decode( settings.FILE_CHARSET) for patterns in self._patterns.values(): for pattern, template in patterns: converter = self.url_converter(name, template) try: content = pattern.sub(converter, content) except ValueError as exc: yield name, None, exc if hashed_file_exists: self.delete(hashed_name) # then save the processed result content_file = ContentFile(force_bytes(content)) saved_name = self._save(hashed_name, content_file) hashed_name = force_text(self.clean_name(saved_name)) processed = True else: # or handle the case in which neither processing nor # a change to the original file happened if not hashed_file_exists: processed = True saved_name = self._save(hashed_name, original_file) hashed_name = force_text(self.clean_name(saved_name)) # and then set the cache accordingly hashed_files[self.hash_key(name)] = hashed_name yield name, hashed_name, processed # Finally store the processed paths self.hashed_files.update(hashed_files)
def hash_key(self, name): key = hashlib.md5(force_bytes(self.clean_name(name))).hexdigest() return 'staticfiles:%s' % key
import hashlib import hmac import struct from colorsys import hsv_to_rgb from django.utils.encoding import force_bytes from django.conf import settings STYLE_SECRET_SAUCE = force_bytes( getattr(settings, 'PAIKKALA_STYLE_SECRET_SAUCE', '')) def decimal_rgb_to_hex(rgb): return '#%02x%02x%02x' % ( int(rgb[0] * 255), int(rgb[1] * 255), int(rgb[2] * 255), ) def compute_program_style(program): noise = hmac.HMAC(key=STYLE_SECRET_SAUCE, msg=force_bytes(program.name), digestmod=hashlib.sha256).digest() random_values = [v / (2 << 31) for v in struct.unpack('<IIIIIIII', noise)] hue1 = random_values[0] hue2 = (hue1 + 0.8) % 1.0 sat1 = 0.6 + random_values[1] * 0.4 sat2 = 0.6 + random_values[2] * 0.4 val1 = 0.6 + random_values[3] * 0.3 val2 = 0.6 + random_values[4] * 0.3
def dispatch(self, request, project_id=None, *args, **kwargs): helper = self.helper_cls( agent=request.META.get('HTTP_USER_AGENT'), project_id=project_id, ip_address=request.META['REMOTE_ADDR'], ) origin = None try: origin = helper.origin_from_request(request) response = self._dispatch(request, helper, project_id=project_id, origin=origin, *args, **kwargs) except APIError as e: context = { 'error': force_bytes(e.msg, errors='replace'), } if e.name: context['error_name'] = e.name response = HttpResponse(json.dumps(context), content_type='application/json', status=e.http_status) # Set X-Sentry-Error as in many cases it is easier to inspect the headers response['X-Sentry-Error'] = context['error'] if isinstance(e, APIRateLimited) and e.retry_after is not None: response['Retry-After'] = six.text_type(e.retry_after) except Exception as e: # TODO(dcramer): test failures are not outputting the log message # here if settings.DEBUG: content = traceback.format_exc() else: content = '' logger.exception(e) response = HttpResponse(content, content_type='text/plain', status=500) # TODO(dcramer): it'd be nice if we had an incr_multi method so # tsdb could optimize this metrics.incr('client-api.all-versions.requests') metrics.incr('client-api.all-versions.responses.%s' % (response.status_code, )) metrics.incr('client-api.all-versions.responses.%sxx' % (six.text_type(response.status_code)[0], )) if helper.context.version: metrics.incr('client-api.v%s.requests' % (helper.context.version, )) metrics.incr('client-api.v%s.responses.%s' % (helper.context.version, response.status_code)) metrics.incr('client-api.v%s.responses.%sxx' % (helper.context.version, six.text_type(response.status_code)[0])) if response.status_code != 200 and origin: # We allow all origins on errors response['Access-Control-Allow-Origin'] = '*' if origin: response['Access-Control-Allow-Headers'] = \ 'X-Sentry-Auth, X-Requested-With, Origin, Accept, ' \ 'Content-Type, Authentication' response['Access-Control-Allow-Methods'] = \ ', '.join(self._allowed_methods()) response['Access-Control-Expose-Headers'] = \ 'X-Sentry-Error, Retry-After' return response
def test_chat_new_message(self): data = {'from_user': self.user, 'chat': self.chat, 'body': 'test'} response = self.client.post(reverse('chat', kwargs={'pk': self.chat.pk}), data=data) message = Message.objects.filter(from_user=self.user, chat=self.chat, body='test').first() self.assertTrue(isinstance(message, Message)) self.assertIn(force_bytes(message.body), response.content)
def get_cookie_signer(salt='django.core.signing.get_cookie_signer'): Signer = import_string(settings.SIGNING_BACKEND) key = force_bytes(settings.SECRET_KEY) return Signer(b'django.http.cookies' + key, salt=salt)