def open(self, secure=False, **kwargs): """Make a request using werkzeug.test.Client""" base = copy.copy(self.environ_base) base_url = utils.abs_url(secure=secure) base.update(base_url=base_url) base.update(kwargs) return self.client.open(**base)
def setUp(self): self.environ_base = { 'base_url': utils.abs_url() , 'method': 'GET' } self.client = Client(application, Response) self.logged_in = False
def serve_expr(self, tdata, expr): meta = {} resp = { 'expr_id': expr.id, 'content_url': abs_url(domain=self.config.content_domain, secure=tdata.request.is_secure) + expr.id, 'expr': expr.client_view(viewer=tdata.user, activity=10), 'title': expr.get('title', '[Untitled]') } if (not tdata.user.can_view(expr) and not expr.cmp_password(tdata.request.form.get('password')) and not expr.cmp_password(tdata.request.args.get('pw'))): resp['expr'] = dfilter(resp['expr'], ['owner', 'auth', 'id', 'name']) resp['expr']['title'] = '[password required]' resp['error'] = 'password' else: snap_url = expr.snapshot_name('big') if snap_url and not snap_url.startswith("http"): meta['img_url'] = "http:" + snap_url else: meta['img_url'] = snap_url expr_owner = expr.get_owner() if expr_owner and expr_owner['analytics'].get('views_by'): expr_owner.increment({'analytics.views_by': 1}) if not expr.get('views'): expr['views'] = 0 if expr_owner.id != tdata.user.id: expr.increment({'views': 1}) resp['meta'] = meta return resp
def expr(self, tdata, id=None, owner_name=None, expr_name='', **args): expr = (self.db.Expr.fetch(id) if id else self.db.Expr.named( owner_name, expr_name)) if not expr: if args.get('route_name') == 'user_home': return self.redirect( tdata.response, abs_url('/' + owner_name + '/profile/feed')) return None return self.serve_expr(tdata, expr)
def deactivate(self, tdata, request, response, **args): if request.form.get('deactivate')=='': if not tdata.user.logged_in: return { 'error': 'need_login'} # log them out auth.handle_logout(self.db, tdata.user, request, response) # delete user data tdata.user.delete() # redirect to home return self.redirect(response, abs_url('/'))
def oembed(self, tdata, request, response, **args): format = request.args.get('format', 'json') if format != 'json': return self.serve_500(request, response, status=501) url = URL(request.args.get('url')) params = url.query user_and_page = url.path[1:].split('/', 1) user = lget(user_and_page, 0) page = lget(user_and_page, 1, '') r = self.db.Expr.named(user, page) if not r: return self.serve_404(tdata) if r['auth'] == 'password': return self.serve_forbidden(tdata, request, response, status=401) type(required) resp = dict(title=r.get('title', r.get('name', '')), author_name=r['owner_name'], author_url=r.owner.url) # ultra snapshot doesn't exist on any old page max_w = min(715, int(request.args.get('maxwidth', 715))) max_h = min(430, int(request.args.get('maxheight', 430))) size = r.snapshot_max_size(max_w, max_h) dims = r.snapshot_dims(size) if size: snapshot = r.snapshot_name_http(size=size) resp.update(type='rich', version='1.0', thumbnail_url=snapshot, thumbnail_width=dims[0], thumbnail_height=dims[1], width=dims[0], height=dims[1]) if request.args.get('template', 'iframe') == 'iframe': # default click to play view # params['viewport'] = '{0}x{1}'.format(*dims) resp.update( html=("<iframe src='{0}' " + "width='{1}' height='{2}' allowfullscreen></iframe>" ).format(abs_url('e/' + r.id), *dims)) else: # linked snapshot img target = request.args.get('link_target', '_new') resp.update(html=("<a href='{0}?{1}' target='{2}'><img " + "src='{3}' width='{4}' height='{5}'></a>" ).format(r.url, urllib.urlencode(params), target, snapshot, *dims)) else: # uh-oh, missing snapshot, give a simple link resp.update(type='link') return self.serve_json(response, resp)
def url(self, name, abs=False, return_debug=True, http=False): if not name: return self.base_url props = self.assets.get(name) # TODO: return path of special logging 404 page if asset not found if props: url = ((self.local_base_url + name) if props[2] else (self.base_url + name + '.' + props[1])) if abs and re.match(r'/[^/]', url): url = abs_url() + url[1:] if http and url.startswith('//'): url = 'http:' + url return url elif return_debug: return '/not_found:' + name
def log_in(self, admin=False): """The werkzeug request Client saves cookies included in response, so you can log in using this method before performing any test cases that require a logged in user""" user = {'username': '******', 'secret': 'triangle22'} if self.logged_in: return True data = {'action': 'login', 'url': utils.abs_url()} data.update(user) resp = self.open(method='POST', secure=True, data=data) if resp.status == '303 SEE OTHER': self.user = db.User.named(user['username']) self.logged_in = True else: raise Exception("login failed, status {}".format(resp.status)) if admin: config.admins.append(user['username']) return self.logged_in
def test_request_invite(self): """Test the request invite form""" email = 'test+{}@thenewhive.com'.format(utils.junkstr(8).lower()) data = { 'action': 'signup_request' , 'name': 'test' , 'email': email , 'referral': 'referral field' , 'message': 'message field' , 'forward': utils.abs_url() } response = self.open(data=data) self.assertStatus(response, 200) # Check newly created contact record record = db.Contact.last() print record self.assertEqual(record['email'], email) return record
def login(self, tdata, request, response, **args): error = False if tdata.user.logged_in: resp = tdata.user.client_view() else: authed = auth.handle_login(self.db, request, response) if type(authed) == self.db.User.entity: resp = authed.client_view() else: resp = { 'error': 'Incorrect username or password.' } error = "login" if request.args.get('json') or request.form.get('json'): return self.serve_json(response, resp) query = "" if error: query = "#error=" + error return self.redirect( response, (request.form.get('from') or abs_url()) + query )
def embed(self, tdata, request, response, owner_name=None, expr_name=None, expr_id=None, **args): expr = (self.db.Expr.fetch(expr_id) if expr_id else self.db.Expr.named( owner_name, expr_name)) if not expr: return self.serve_404(tdata) tdata.context.update( expr=expr, embed=True, content_url=abs_url(domain=self.config.content_domain, secure=tdata.request.is_secure) + expr.id, icon=False, route_args=args, barebones=True) tdata.context.update(self.cards_for_expr(tdata, expr)) return self.serve_page(tdata, 'pages/embed.html')
def password_recover(self, tdata, request, response, **args): resp = {} logged_user = tdata.user email = request.form.get('email') users = list(self.db.User.search({'email': email})) if logged_user and logged_user.id: resp = { 'error': 'Already logged in.' } elif not users: resp = { 'error': 'Sorry, that email address is not in our records.' } else: for user in users: key = junkstr(16) user.recovery_link = (abs_url(secure=True) + "home/password_reset?key=" + key + '&user=' + user.id ) user.update(password_recovery = key) mail.TemporaryPassword(jinja_env=self.jinja_env, db=self.db ).send(users) return self.serve_json(response, resp)
def streamified_login(self, tdata, request, response, **args): streamified_username = request.args['usernames'].split(',')[0] post = { 'code': request.args['code'], 'grant_type': 'authorization_code', 'redirect_uri': abs_url(secure=True) + 'streamified_login', 'scope': streamified_username, 'client_id': config.streamified_client_id, 'client_secret': config.streamified_client_secret, } headers = { 'content-type': 'application/x-www-form-urlencoded', } body = urllib.urlencode(post) print config.streamified_url + 'oauth/access_token', body http = httplib2.Http(timeout=0.5, disable_ssl_certificate_validation=True) resp, content = http.request(config.streamified_url + 'oauth/access_token', method='POST', body=body, headers=headers) print (resp, content) return self.serve_page(tdata, 'pages/streamified_login.html')
def __init__(self, code=None, redirect_uri=None, user=None): self.client_id = config.facebook_app_id self.client_secret = config.facebook_client_secret self.scope = 'email' self.auth_uri = 'https://www.facebook.com/dialog/oauth' self.token_uri = 'https://graph.facebook.com/oauth/access_token' self.default_redirect_uri = abs_url(secure=True) self.user_agent = None self._access_token = None self.redirect_uri = redirect_uri self.code = code self.user = user if code and redirect_uri != None: self.auth = [{'code': code, 'redirect_uri': redirect_uri}] else: self.auth = [] self._credentials = None self.flow = OAuth2WebServerFlow( client_id=self.client_id , client_secret=self.client_secret , scope=self.scope , auth_uri = self.auth_uri , token_uri = self.token_uri )
def user_tag_redirect(self, tdata, owner_name='', tag_name='', **kwargs): return self.redirect( tdata.response, abs_url('/' + owner_name + ('/collection/' + tag_name if tag_name else '')))
def my_home(self, tdata, **kwargs): return self.redirect( tdata.response, abs_url('/' + tdata.user['name'] + '/profile/feed' + Community.parse_query(tdata.request.query_string)))
def profile_redirect(self, tdata, owner_name='', **kwargs): return self.redirect( tdata.response, abs_url('/' + owner_name + ('/profile/feed' if owner_name else '')))