def test_version_file_missing(self):
"""If no VERSION file exists, the default SDK version is used."""
self.mox.StubOutWithMock(sdk_update_checker, 'GetVersionObject')
sdk_update_checker.GetVersionObject().AndReturn(None)
self.mox.ReplayAll()
self.assertEqual(util._DEFAULT_SDK_VERSION, util.get_sdk_version())
self.mox.VerifyAll()
def test_version_file_missing(self):
"""If no VERSION file exists, the default SDK version is used."""
self.mox.StubOutWithMock(sdk_update_checker, 'GetVersionObject')
sdk_update_checker.GetVersionObject().AndReturn(None)
self.mox.ReplayAll()
self.assertEqual(util._DEFAULT_SDK_VERSION,
util.get_sdk_version())
self.mox.VerifyAll()
class AdminRequestHandler(webapp2.RequestHandler):
"""Base class for all admin UI request handlers."""
_SDK_VERSION = util.get_sdk_version()
@classmethod
def init_xsrf(cls, xsrf_path):
"""Load the XSRF token from the given path."""
if os.path.exists(xsrf_path):
with open(xsrf_path, 'r') as token_file:
cls.xsrf_token = token_file.read().strip()
else:
cls.xsrf_token = ''.join(
random.choice(string.ascii_letters) for _ in range(10))
with open(xsrf_path, 'w') as token_file:
token_file.write(cls.xsrf_token)
def dispatch(self):
if self.request.method in [
'PATCH', 'POST', 'PUT', 'DELETE'
] and (self.request.get('xsrf_token') != self.xsrf_token):
self.response.set_status(403, 'Invalid XSRF token')
self.response.out.write('<h1>Invalid XSRF token</h1>')
else:
super(AdminRequestHandler, self).dispatch()
def render(self, template, context):
"""Returns a rendered version of the given jinja2 template.
Args:
template: The file name of the template file to use e.g.
"memcache_viewer.html".
context: A dict of values to use when rendering the template.
Returns:
A Unicode object containing the rendered template.
"""
template = admin_template_environment.get_template(template)
values = self._get_default_template_values()
values.update(context)
return template.render(values)
def _get_default_template_values(self):
"""Returns default values supplied to all rendered templates."""
return {
'app_id': self.configuration.app_id,
'request': self.request,
'sdk_version': self._SDK_VERSION,
'xsrf_token': self.xsrf_token,
'enable_console': self.enable_console
}
def _construct_url(self, remove=None, add=None):
"""Returns a URL referencing the current resource with the same params.
For example, if the request URL is
"http://foo/bar?animal=cat&color=redirect" then
_construct_url(['animal'], {'vehicle': 'car'}) will return
"http://foo/bar?color=redirect&vehicle=car"
Args:
remove: A sequence of query parameters to remove from the query string.
add: A mapping of query parameters to add to the query string.
Returns:
A new query string suitable for use in "GET" requests.
"""
remove = remove or []
add = add or {}
params = dict(self.request.params)
for arg in remove:
if arg in params:
del params[arg]
params.update(add)
return str(
'%s?%s' %
(self.request.path, urllib.urlencode(sorted(params.iteritems()))))
@property
def dispatcher(self):
return self.request.app.dispatcher
@property
def configuration(self):
return self.request.app.configuration
@property
def enable_console(self):
return self.request.app.enable_console
@metrics.LogHandlerRequest('admin-console')
def get(self, *args, **kwargs):
"""Base method for all get requests."""
self.response.headers.add('X-Frame-Options', 'SAMEORIGIN')
self.response.headers.add('X-XSS-Protection', '1; mode=block')
self.response.headers.add('Content-Security-Policy',
"default-src 'self'")
self.response.headers.add('Content-Security-Policy',
"frame-ancestors 'none'")
@metrics.LogHandlerRequest('admin-console')
def post(self, *args, **kwargs):
"""Base method for all post requests."""
def test_version_file_exists(self):
"""If a VERSION file exists, the default SDK version is not used."""
self.assertNotEqual(util._DEFAULT_SDK_VERSION,
util.get_sdk_version())
