Пример #1
0
def csrf_app(request):
    """py.test fixture to set up a dummy app for CSRF testing.

    :param request: pytest's FixtureRequest (internal class, cannot be hinted on a signature)
    """

    session = DummySession()

    config = testing.setUp()
    config.set_default_csrf_options(require_csrf=True)
    config.add_route("home", "/")
    config.add_route("csrf_sample", "/csrf_sample")
    config.add_route("csrf_exempt_sample", "/csrf_exempt_sample")
    config.add_route("csrf_exempt_sample_context", "/csrf_exempt_sample_context")
    config.add_route("csrf_sample_double_argument", "/csrf_sample_double_argument/{arg}")
    config.add_route("csrf_exempt_sample_double_argument", "/csrf_exempt_sample_double_argument/{arg}")
    config.scan(csrfsamples)

    # We need sessions in order to use CSRF feature

    def dummy_session_factory(secret):
        # Return the same session over and over again
        return session

    config.set_session_factory(dummy_session_factory)

    def teardown():
        testing.tearDown()

    app = TestApp(config.make_wsgi_app())
    # Expose session data for tests to read
    app.session = session
    return app
Пример #2
0
    def _makeOne(self):
        from pyramid.testing import DummySession

        return DummySession()
Пример #3
0
def test_csrf_by_default(csrf_app: App, session: DummySession):
    """CSRF goes throgh if we have a proper token."""

    resp = csrf_app.post("/csrf_sample",
                         {"csrf_token": session.get_csrf_token()})
    assert resp.status_code == 200
Пример #4
0
def test_csrf_by_default(csrf_app: TestApp, session: DummySession):
    """CSRF goes throgh if we have a proper token."""

    resp = csrf_app.post("/csrf_sample", {"csrf_token": session.get_csrf_token()})
    assert resp.status_code == 200
Пример #5
0
from formencode import ForEach, Schema, NestedVariables, validators
from pyramid.testing import DummySession

# This always stays the same.
dummy_csrf_token = DummySession().get_csrf_token()


class DummySchema(Schema):
    allow_extra_fields = False
    foo = validators.String(not_empty=True)


class LooseDummySchema(DummySchema):
    allow_extra_fields = True


class DummyObject(object):
    pass


class NestedDummySchema(Schema):
    allow_extra_fields = False
    pre_validators = [NestedVariables]
    items = ForEach(DummySchema)
    subfields = DummySchema
    name = validators.String(not_empty=True)
    qty = validators.Int(min=4, max=100)