def test_200_with_authorization_header(client, access_token): headers = Headers() headers.set('Authorization', 'Bearer ' + access_token) response = client.get('/secrets', headers=headers) assert response.status_code == 200 assert isinstance(response.json.get('secrets'), list)
def test_401_with_invalid_credentials(client): headers = Headers() headers.set('Authorization', 'Basic ' + base64.b64encode('invalid-username:invalid-password')) response = client.get('/user', headers=headers) assert response.status_code == 401 assert response.json.get('error') == 'invalid_token'
def test_401_with_unsupported_authorization_header(client): headers = Headers() headers.set("Authorization", "MAC 123456789") response = client.get("/secrets", headers=headers) assert response.status_code == 401 assert response.json.get("error") == "invalid_token"
def test_401_with_invalid_token(client): headers = Headers() headers.set("Authorization", "Bearer invalid-token") response = client.get("/secrets", headers=headers) assert response.status_code == 401 assert response.json.get("error") == "invalid_token"
def test_200_with_credentials(client, test_user): headers = Headers() headers.set('Authorization', 'Basic ' + base64.b64encode('[email protected]:secret123')) response = client.get('/user', headers=headers) assert response.status_code == 200 assert response.json.get('user') == test_user.id
def test_401_with_unsupported_authorization_header(client): headers = Headers() headers.set('Authorization', 'MAC 123456789') response = client.get('/user', headers=headers) assert response.status_code == 401 assert response.json.get('error') == 'invalid_token'
def test_200_with_authorization_header(client, access_token, test_user): headers = Headers() headers.set('Authorization', 'Bearer ' + access_token) response = client.get('/user', headers=headers) assert response.status_code == 200 assert response.json.get('user') == test_user.id
def test_401_with_invalid_token(client): headers = Headers() headers.set('Authorization', 'Bearer invalid-token') response = client.get('/user', headers=headers) assert response.status_code == 401 assert response.json.get('error') == 'invalid_token'
def test_200_with_authorization_header(client, access_token, test_user): headers = Headers() headers.set("Authorization", "Bearer " + access_token) response = client.get("/user", headers=headers) assert response.status_code == 200 assert response.json.get("user") == test_user.id
def test_200_with_credentials(client, test_user): headers = Headers() headers.set("Authorization", basic_auth_encode("*****@*****.**", "secret123")) response = client.get("/user", headers=headers) assert response.status_code == 200 assert response.json.get("user") == test_user.id
def test_200_with_credentials(client): headers = Headers() headers.set("Authorization", basic_auth_encode("*****@*****.**", "secret123")) response = client.get("/secrets", headers=headers) assert response.status_code == 200 assert isinstance(response.json.get("secrets"), list)
def test_200_with_credentials(client): headers = Headers() headers.set('Authorization', basic_auth_encode('*****@*****.**', 'secret123')) response = client.get('/secrets', headers=headers) assert response.status_code == 200 assert isinstance(response.json.get('secrets'), list)
def test_200_with_authorization_header(client, access_token): headers = Headers() headers.set("Authorization", "Bearer " + access_token) response = client.get("/secrets", headers=headers) assert response.status_code == 200 assert isinstance(response.json.get("secrets"), list)
def test_401_with_expired_token(client, access_token): headers = Headers() headers.set("Authorization", "Bearer " + access_token) with immobilus("2099-01-14"): response = client.get("/secrets", headers=headers) assert response.status_code == 401 assert response.json.get("error") == "invalid_token"
def test_401_with_expired_token(client, access_token): headers = Headers() headers.set('Authorization', 'Bearer ' + access_token) with freeze_time('2099-01-14'): response = client.get('/user', headers=headers) assert response.status_code == 401 assert response.json.get('error') == 'invalid_token'
def test_400_without_grant_type(client): headers = Headers() headers.set("Origin", ORIGIN) response = client.post("/oauth/token", headers=headers) assert response.status_code == 400 assert response.headers.get("Access-Control-Allow-Origin") == ORIGIN assert response.headers.get("Access-Control-Allow-Credentials") == "true" assert response.json.get("error") == "unsupported_grant_type"
def test_cors(client): headers = Headers() headers.set('Origin', ORIGIN) response = client.get('/', headers=headers) assert response.headers.get('Access-Control-Allow-Origin') == ORIGIN assert response.headers.get('Access-Control-Allow-Credentials') == 'true' assert 'Access-Control-Allow-Methods' not in response.headers assert 'Access-Control-Allow-Headers' not in response.headers
def test_401_with_invalid_credentials(client): headers = Headers() headers.set( "Authorization", basic_auth_encode("invalid-username", "invalid-password") ) response = client.get("/secrets", headers=headers) assert response.status_code == 401 assert response.json.get("error") == "invalid_token"
def test_400_without_grant_type(client): headers = Headers() headers.set('Origin', ORIGIN) response = client.post('/oauth/token', headers=headers) assert response.status_code == 400 assert response.headers.get('Access-Control-Allow-Origin') == ORIGIN assert response.headers.get('Access-Control-Allow-Credentials') == 'true' assert response.json.get('error') == 'unsupported_grant_type'
def test_cors(client, app): cors.init_app(app) headers = Headers() headers.set("Origin", ORIGIN) response = client.get("/", headers=headers) assert response.headers.get("Access-Control-Allow-Origin") == ORIGIN assert response.headers.get("Access-Control-Allow-Credentials") == "true" assert "Access-Control-Allow-Methods" not in response.headers assert "Access-Control-Allow-Headers" not in response.headers
def test_missing_user_agent_returns_403(client): headers = Headers() headers.set('User-Agent', '') res = client.get('/', headers=headers) assert res.status_code == 403 json = res.json assert isinstance(json, dict) assert 'User-Agent header' in json.get('message')
def download_file(id): # add a filename headers = Headers() headers.set('Content-Disposition', 'attachment', filename='data.csv') # stream the response as the data is generated return Response(stream_with_context(getCsvFile(id)), mimetype='text/csv', headers=headers)
def test_auth_decorated_link_good_token_wrong_authority(client): user1 = default_config() user2 = User(name='second user', password='******', roles=['user']) user2.save() headers = Headers() headers.set('Authorization', 'Bearer {}'.format(user2.auth_token)) post_data = json.dumps({'current_password': '******', 'new_password': '******'}) rsp = client.post('/users/{}/change_password'.format(user1.id), data=post_data, headers=headers) print('\nResponse: {} -> {}'.format(rsp.status, rsp.data)) assert rsp.status_code == 403, 'should be ok'
def test_cors_with_methods(client): headers = Headers() headers.set("Origin", ORIGIN) headers.set("Access-Control-Request-Methods", "get, post") response = client.get("/", headers=headers) assert response.headers.get("Access-Control-Allow-Origin") == ORIGIN assert response.headers.get("Access-Control-Allow-Credentials") == "true" assert response.headers.get("Access-Control-Allow-Methods") == "get, post" assert "Access-Control-Allow-Headers" not in response.headers
def get_headers(self) -> "Optional[HeadersType]": headers = Headers() headers.set('Content-Type', 'application/octet-stream') headers.set('Access-Control-Allow-Origin', request.environ.get('HTTP_ORIGIN')) headers.set('Access-Control-Allow-Headers', request.environ.get('HTTP_ACCESS_CONTROL_REQUEST_HEADERS')) headers.set('Access-Control-Allow-Methods', '*') headers.set('Access-Control-Allow-Credentials', 'true') return headers
def test_cors_with_methods(client): headers = Headers() headers.set('Origin', ORIGIN) headers.set('Access-Control-Request-Methods', 'get, post') response = client.get('/', headers=headers) assert response.headers.get('Access-Control-Allow-Origin') == ORIGIN assert response.headers.get('Access-Control-Allow-Credentials') == 'true' assert response.headers.get('Access-Control-Allow-Methods') == 'get, post' assert 'Access-Control-Allow-Headers' not in response.headers
def get_headers(self) -> "Optional[HeadersType]": headers = Headers() headers.set('Access-Control-Allow-Origin', request.environ.get('HTTP_ORIGIN')) headers.set('Access-Control-Allow-Headers', request.environ.get('HTTP_ACCESS_CONTROL_REQUEST_HEADERS')) headers.set('Access-Control-Allow-Methods', '*') headers.set('Access-Control-Allow-Credentials', 'true') headers.set('Access-Control-Expose-Headers', 'X-Rucio-Auth-Token') return headers
def test_default_state_with_enabled_security(client): user_service = kernel.register(User, methods=['GET', 'PUT', 'POST', 'PATCH', 'DELETE']) user_service.deny_all() user = create_basic_user() user.update(roles=['user', 'admin']) headers = Headers() headers.set('Authorization', 'Bearer {}'.format(user.auth_token)) rsp = client.get('/users/{}'.format(user.id), headers=headers) print('\nResponse: {} -> {}'.format(rsp.status, rsp.data.decode())) assert rsp.status_code == 403, 'should be accepted' assert rsp.json.get('message') == 'Not allowed to access method.'
def download_batch(id): content = StringIO() for record in Record.query.filter(Record.batch_id == id): content.write(record.as_original()) content.seek(0) headers = Headers() headers.set("Content-Disposition", "attachment", filename="data.txt") return Response(content, mimetype="text/plain", headers=headers)
def return_hydro_info(scenario_id): ''' This function is used to return all the hydro information ''' # TODO extract hydro data based on id # the id is an list separate by --- final_csv_raw_data = [] id_list = scenario_id.split('---') for temp_id in id_list: scenarios = Scenario.objects(id=temp_id).first() hydro_data_list = scenarios.hydrograph.streamflow_array hydro_time_list = scenarios.hydrograph.time_array final_csv_raw_data.append([temp_id, hydro_time_list, hydro_data_list]) if len(hydro_time_list) != len(hydro_data_list): return 'time and data arrays are not the same length' else: # idea is from # http://stackoverflow.com/questions/28011341/create-and-download-a-csv-file def generate(): data = StringIO.StringIO() w = csv.writer(data) # write header w.writerow(('timestamp', 'HydroValue')) yield data.getvalue() data.seek(0) data.truncate(0) # write each log item # TODO this part final_csv_raw_data[0], coz create a csv file only based on # the first scenario for count in range(len(final_csv_raw_data[0][1])): w.writerow(( # format datetime as string final_csv_raw_data[0][1][count].isoformat(), final_csv_raw_data[0][2][count] )) yield data.getvalue() data.seek(0) data.truncate(0) # add a filename headers = Headers() headers.set('Content-Disposition', 'attachment', filename='hydro.csv') # stream the response as the data is generated return Response( stream_with_context(generate()), mimetype='text/csv', headers=headers )
def admin_scio_stats(): from werkzeug.datastructures import Headers from werkzeug.wrappers import Response from flask import stream_with_context def generate(): import io import csv A = ApplicationForm \ .query \ .filter(ApplicationForm.submitted_at.isnot(None)) \ .all() data = io.StringIO() w = csv.writer(data, delimiter='\t') w.writerow( ('name', 'surname', 'birth_no', 'scio_percentile', 'scio_date')) yield data.getvalue() data.seek(0) data.truncate(0) for application in A: sess = flask.json.loads(application.application) if 'further_study_info' not in sess: continue if 'scio_date' not in sess['further_study_info'] and \ 'scio_percentile' not in sess['further_study_info']: continue name = sess['basic_personal_data']['name'] surname = sess['basic_personal_data']['surname'] birth_no = sess['birth_no'] scio_percentile = sess['further_study_info']['scio_percentile'] scio_date = sess['further_study_info']['scio_date'] if scio_date.strip() == scio_percentile.strip() == '': continue w.writerow((name, surname, birth_no, scio_percentile, scio_date)) yield data.getvalue() data.seek(0) data.truncate(0) headers = Headers() headers.set('Content-Disposition', 'attachment', filename='scio_stats.tsv') return Response(stream_with_context(generate()), mimetype='text/tsv', headers=headers)
def download_file(id): file_name, file_content = getDataBaseFile(id) # add a filename - HTTP headers = Headers() headers.set('Content-Disposition', 'attachment', filename=file_name) # stream the response as the data is generated return Response( stream_with_context(file_content), mimetype='application/pdf', headers=headers #https://developer.mozilla.org/pt-BR/docs/Web/HTTP/Basico_sobre_HTTP/MIME_types/Complete_list_of_MIME_types )
def options(self): """ Allow cross-site scripting. Explicit for Authentication. :status 200: OK """ headers = Headers() headers.set('Access-Control-Allow-Origin', request.environ.get('HTTP_ORIGIN')) headers.set('Access-Control-Allow-Headers', request.environ.get('HTTP_ACCESS_CONTROL_REQUEST_HEADERS')) headers.set('Access-Control-Allow-Methods', '*') headers.set('Access-Control-Allow-Credentials', 'true') headers.set('Access-Control-Expose-Headers', 'X-Rucio-Auth-Token') return '', 200, headers
def create_csv_response(transactions: list) -> Response: csv_data = StringIO(newline='') writer = csv.writer(csv_data) column_names = [ 'timestamp', 'description', 'transaction_category', 'amount' ] writer.writerow(column_names) for transaction in transactions: writer.writerow([transaction[key] for key in column_names]) headers = Headers() headers.set('Content-Disposition', 'attachment', filename='transactions.csv') return Response(generator(csv_data), mimetype='text/csv', headers=headers)
def test_auth_decorated_link_good_token_correct_authority(client): user = default_config() headers = Headers() headers.add('X-Tenant', 'rockee') headers.set('Authorization', 'Bearer {}'.format(user.auth_token)) post_data = json.dumps({ 'current_password': '******', 'new_password': '******' }) rsp = client.post('/users/{}/change_password'.format(user.id), data=post_data, headers=headers) print('\nResponse: {} -> {}'.format(rsp.status, rsp.data.decode())) assert rsp.status_code == 200, 'should be ok'
def index(): form = CSVUploadForm() if form.validate_on_submit(): form_input = io.StringIO(form.file.data.stream.read().decode('utf-8')) input_csv = csv.reader(form_input, delimiter=',', dialect='excel', lineterminator='\r\n') def remove_slash(d): return d.replace('/', '') def join_date_numb(d, m): return d + m def format_amount(a): a1 = a.replace('$', '') a2 = a1.replace('.', '') return a2.replace(',', '') row_num = 0 ce_num = 525627 txt_filename = Date.today().format('%m%d%Y') + '.txt' with open(txt_filename, 'w+') as output_text: for row in input_csv: if row_num >= 1: date = remove_slash(row[0]) date_memb = join_date_numb(date, row[2]) last_name = row[3].split(',') amount = format_amount(row[7]) ce_num_final = str(ce_num) + 'CE' line = '{date_memb} {last_name}{ce_num_final}{amount}\n'.format( date_memb=date_memb.ljust(13), last_name=last_name[0].ljust(33), ce_num_final=ce_num_final.ljust(12), amount=amount) output_text.write(line) ce_num += 1 row_num += 1 output_text.close() headers = Headers() headers.set('Content-Disposition', 'attachment', filename=txt_filename) return send_from_directory(basedir, txt_filename, mimetype='text/css', as_attachment=True) return render_template('index.html', form=form)
def post(self): """ Trace endpoint used by the pilot and CLI clients to post data access information. .. :quickref: Trace; Send trace. :<json dict payload: Dictionary contain the trace information. :status 201: Created. :status 400: Cannot decode json data. :status 500: Internal Error. """ headers = Headers() headers.set('Content-Type', 'application/octet-stream') headers.set('Access-Control-Allow-Origin', request.environ.get('HTTP_ORIGIN')) headers.set('Access-Control-Allow-Headers', request.environ.get('HTTP_ACCESS_CONTROL_REQUEST_HEADERS')) headers.set('Access-Control-Allow-Methods', '*') headers.set('Access-Control-Allow-Credentials', 'true') try: payload = json.loads(request.data) # generate entry timestamp payload['traceTimeentry'] = datetime.datetime.utcnow() payload['traceTimeentryUnix'] = calendar.timegm( payload['traceTimeentry'].timetuple( )) + payload['traceTimeentry'].microsecond / 1e6 # guess client IP payload['traceIp'] = request.headers.get( 'X-Forwarded-For', default=request.remote_addr) # generate unique ID payload['traceId'] = str(uuid.uuid4()).replace('-', '').lower() trace(payload=payload) except ValueError: return generate_http_error_flask( 400, 'ValueError', 'Cannot decode json parameter list', headers=headers) except Exception as error: print(traceback.format_exc()) return str(error), 500, headers return 'Created', 201, headers
def stream_result_as_csv(cursor): """Takes one argument, SQLite3 query result, which is streamed out as CSV file.""" import io # for StringIO import csv # Generator object for the Response() to use def generate(cursor): data = io.StringIO() writer = csv.writer(data) # Yield header writer.writerow( (key[0] for key in cursor.description) ) yield data.getvalue() data.seek(0) data.truncate(0) # Yeild data for row in cursor: writer.writerow(row) yield data.getvalue() data.seek(0) data.truncate(0) from werkzeug.datastructures import Headers from werkzeug.wrappers import Response from flask import stream_with_context # # Response header # headers = Headers() headers.set( 'Content-Disposition', 'attachment', filename = time.strftime( "%Y-%m-%d %H.%M.%S.csv", time.localtime(time.time()) ) ) # RFC 7111 (wich updates RFC 4180) states that the MIME type for # CSV is "text/csv". (Google Chrome can shut the hell up). # # Stream the response using the local generate() -generator function. return Response( stream_with_context(generate(cursor)), mimetype='text/csv', headers=headers )
def csv_response(rows): """ :type rows: list :param rows: list of lists to be written into csv :rtype: :class:`~werkzeug.wrappers.Response` :return: csv file as a html response """ headers = Headers() headers.set('Content-Disposition', 'attachment', filename='summary.csv') return Response( stream_with_context(generate_csv(rows)), mimetype='text/csv', headers=headers, )
def export(): if current_user.role != Role.admin: abort(401, 'User needs to be an admin to access this route') ranked_applications = Application.rank_participants() Action.log_action(ActionType.export, current_user.id) headers = Headers() headers.set('Content-Disposition', 'attachment', filename='export.csv') # stream the response as the data is generated return Response(stream_with_context(generate_csv(ranked_applications)), mimetype='text/csv', headers=headers)
def downloadFile(theName, theID): logger.info('Preparing downloading data for %s with ID %s ...' % (theName, theID)) try: if request.args.get('extension', '') == 'txt': logger.info('Preparing txt file contents...') def generate(): try: contentsBody = StringIO() contentsBody.write('"ItemID", "Name","Available"\n') yield contentsBody.getvalue() contentsBody.seek(0) contentsBody.truncate(0) for item in range(10): row = [] row.append(str(item)) row.append("Item Name Is " + str(item)) row.append("Yes") contentsBody.write('"' + '","'.join(row) + '"\n') yield contentsBody.getvalue() contentsBody.seek(0) contentsBody.truncate(0) except: logger.error('File creation exception: %s' % (traceback.format_exc())) headers = Headers() headers.set('Content-Disposition', 'attachment', filename='%s.txt' % (str(theID))) return Response(stream_with_context(generate()), mimetype='text/txt', headers=headers) else: raise Exception('None txt files are not supported.') except: logger.warning('Exception in downloadFile. Stack trace is: %s' % (traceback.format_exc())) abort(404)
def clara_responses_download(): items = (get_internal('clara_responses')[0])['_items'] # print(items) def generate(): data = StringIO() w = csv.writer(data, delimiter=';') for item in ['main_scale', 'clara_item']: header = [] for res in items[0]['clara_items']: header.append(res['clara_item'][item]) # write header w.writerow(header) yield data.getvalue() data.seek(0) data.truncate(0) # write each log item for item in items: # resH = [] resA = [] for res in item['clara_items']: # resH.append(res['clara_item']['itembank_id']) resA.append(res['response_option']['response_value']) # w.writerow(resH) w.writerow(resA) yield data.getvalue() data.seek(0) data.truncate(0) # add a filename headers = Headers() try: headers.set('Content-Disposition', 'attachment', filename='{}.csv'.format( items[0]['student_class']['student_class'])) except IndexError: headers.set('Content-Disposition', 'attachment', filename='empty.csv') # stream the response as the data is generated return Response(stream_with_context(generate()), mimetype='text/csv', headers=headers)
def admin_submitted_stats(): from werkzeug.datastructures import Headers from werkzeug.wrappers import Response from flask import stream_with_context def generate(): import io import csv A = ApplicationForm \ .query \ .filter(ApplicationForm.submitted_at.isnot(None)) \ .all() data = io.StringIO() w = csv.writer(data, delimiter='\t') w.writerow(('school', 'started_at', 'submitted_at')) yield data.getvalue() data.seek(0) data.truncate(0) for application in A: sess = flask.json.loads(application.application) if not sess['finished_highschool_check'] == 'SK': continue user = User.query.filter_by(id=application.user_id).first() hs_code = sess['studies_in_sr']['highschool'] highschool = LISTS['highschool'][hs_code] w.writerow( (highschool, user.registered_at, application.submitted_at)) yield data.getvalue() data.seek(0) data.truncate(0) headers = Headers() headers.set('Content-Disposition', 'attachment', filename='submitted_applications_stats.tsv') return Response(stream_with_context(generate()), mimetype='text/tsv', headers=headers)
def csv_download(): def generate(): data = get_data() output = "date, actual, prediction\n" for date in data: output += "{},{},{}\n".format( datetime.datetime.utcfromtimestamp(date).strftime('%Y-%m-%d'), data[date]['actual'], data[date]['prediction']) return output headers = Headers() headers.set('Content-Disposition', 'attachment', filename='stock_price_predictions.csv') return Response(stream_with_context(generate()), mimetype='text/csv', headers=headers)
def download(): def generate(): data = StringIO() w = csv.writer(data, delimiter=';') # write header w.writerow(('Id', 'Login', 'Vinculo', 'Cargo', 'SIAPE/MATR', 'CPF', 'Localização', 'Telefone Funcional', 'Telefone Celular' , 'Data de Nascimento', 'Lotação', 'Atualizado Em')) yield data.getvalue() data.seek(0) data.truncate(0) cur = mysql.connection.cursor() cur.execute("SELECT * FROM users") data_user = cur.fetchall() data_user_l = list(data_user) # write each data_user_l item for item in data_user_l: w.writerow(( item[0], item[1], item[2], item[3], item[4], item[5], item[6], item[7], item[8], item[9], item[10], item[11] )) yield data.getvalue() data.seek(0) data.truncate(0) # add a filename headers = Headers() headers.set('Content-Disposition', 'attachment', filename='usuarios.csv') # stream the response as the data is generated return Response( stream_with_context(generate()), mimetype='text/csv', headers=headers )
def tokens(client, test_user): headers = Headers() headers.set('Origin', ORIGIN) response = client.post('/oauth/token', headers=headers, data={ 'grant_type': 'password', 'username': '******', 'password': '******', }) assert response.status_code == 200 assert response.headers.get('Access-Control-Allow-Origin') == ORIGIN assert response.headers.get('Access-Control-Allow-Credentials') == 'true' assert response.json.get('access_token') assert response.json.get('expires_in') assert response.json.get('token_type') == 'Bearer' assert response.json.get('refresh_token') return response.json
def werkzeug_headers(): from werkzeug.datastructures import Headers Headers({"Access-Control-Allow-Origin": "*"}) # Noncompliant # ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ headers = Headers({"Access-Control-Allow-Origin": "trustedwebsite.com"}) # Compliant headers.set("Access-Control-Allow-Origin", "*") # Noncompliant # ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ headers.setdefault("Access-Control-Allow-Origin", "*") # Noncompliant headers["Access-Control-Allow-Origin"] = "*" # Noncompliant headers.__setitem__("Access-Control-Allow-Origin", "*") # Noncompliant headers.set("Access-Control-Allow-Credentials", "") # Compliant headers.set("Access-Control-Expose-Headers", "") # Compliant headers.set("Access-Control-Max-Age", "") # Compliant headers.set("Access-Control-Allow-Methods", "") # Compliant headers.set("Access-Control-Allow-Headers", "") # Compliant Headers(1, 2)
def post(self): """ Trace endpoint used by the XAOD framework to post data access information. .. :quickref: XAODTrace; Send XAOD trace. :<json dict payload: Dictionary contain the trace information. :status 201: Created. :status 400: Cannot decode json data. :status 500: Internal Error. """ headers = Headers() headers.set('Content-Type', 'application/octet-stream') headers.set('Access-Control-Allow-Origin', request.environ.get('HTTP_ORIGIN')) headers.set('Access-Control-Allow-Headers', request.environ.get('HTTP_ACCESS_CONTROL_REQUEST_HEADERS')) headers.set('Access-Control-Allow-Methods', '*') headers.set('Access-Control-Allow-Credentials', 'true') try: payload = json.loads(request.data) # generate entry timestamp payload['timeentry'] = int(time.time()) # guess client IP payload['ip'] = request.headers.get('X-Forwarded-For', default=request.remote_addr) trace(payload=payload) except ValueError: return generate_http_error_flask( 400, 'ValueError', 'Cannot decode json parameter list', headers=headers) except Exception as error: print(traceback.format_exc()) return str(error), 500, headers return 'Created', 201, headers
def download(): search_option = session.get("search_option") search_address = session.get("search_address") user_lng = session.get("user_lng") user_lat = session.get("user_lat") unregistered_addresses = handle_search(user_lng, user_lat, search_option) unregistered_addresses = unregistered_addresses[['oa_number', 'oa_street']] unregistered_addresses.columns = ['street_number', 'street_name'] unregistered_addresses = unregistered_addresses.sort_values( ['street_name', 'street_number']) csv = unregistered_addresses.to_csv(index=False) filename = search_address + " " + search_option + ".csv" headers = Headers() headers.set('Content-Disposition', 'attachment', filename=filename) return Response(csv, mimetype="text/csv", headers=headers)
def compute_csv(urls, filters, excludes): """Generate a streamed CSV of all data, optionally filtered.""" def generate(): """A generator is required to stream the actual CSV.""" fake_file = StringIO() w = csv.writer(fake_file) # Write the header. w.writerow(('URL', 'Status', 'Content-Type', 'Updated')) yield fake_file.getvalue() fake_file.seek(0) fake_file.truncate(0) for url_hash, data in urls: # Filtering. data = apply_filters(data, filters, excludes) if not data: continue # Statuses. status = data.get('final-status-code', '') if not status: continue url = data['checked-url'] content_type = data.get('content-type', '') updated = data.get('updated', '') w.writerow((url, status, content_type, updated)) yield fake_file.getvalue() fake_file.seek(0) fake_file.truncate(0) # Set headers with the appropriated filename. headers = Headers() headers.set('Content-Disposition', 'attachment', filename='croquemort-{date_iso}.csv'.format( date_iso=datetime.now().date().isoformat())) # Stream the response as the data is generated. return Response(generate(), mimetype='text/csv', headers=headers)
def csv_download(): now = datetime.datetime.now() filename = "{}.csv".format( get_local_dt(now, human=True, format='%Y-%m-%d_%H.%M.%S')) def generate(): data = StringIO() writer = csv.writer(data) writer.writerow(('predictor dt', 'predictor', 'outcome dt', 'outcome', 'difference (min)')) yield data.getvalue() data.seek(0) data.truncate(0) current_user.sessions.sort(key=lambda session: session.updated_at, reverse=False) for session in current_user.sessions: session.responses.sort(key=lambda response: response.updated_at, reverse=False) if len(session.responses) == 1: writer.writerow((get_local_dt(session.responses[0].updated_at), session.responses[0].message, '', '', '')) elif len(session.responses) == 2: diff = relativedelta.relativedelta( session.responses[1].updated_at, session.responses[0].updated_at) writer.writerow((get_local_dt(session.responses[0].updated_at), session.responses[0].message, get_local_dt(session.responses[1].updated_at), session.responses[1].message, diff.minutes)) yield data.getvalue() data.seek(0) data.truncate(0) headers = Headers() headers.set('Content-Disposition', 'attachment', filename=filename) return wrappers.Response(stream_with_context(generate()), mimetype='text/csv', headers=headers)
def tokens(client, test_user): headers = Headers() headers.set("Origin", ORIGIN) response = client.post( "/oauth/token", headers=headers, data={ "grant_type": "password", "username": "******", "password": "******", }, ) assert response.status_code == 200 assert response.headers.get("Access-Control-Allow-Origin") == ORIGIN assert response.headers.get("Access-Control-Allow-Credentials") == "true" assert response.json.get("access_token") assert response.json.get("expires_in") assert response.json.get("token_type") == "Bearer" assert response.json.get("refresh_token") return response.json
def test_headers(): # simple header tests headers = Headers() headers.add('Content-Type', 'text/plain') headers.add('X-Foo', 'bar') assert 'x-Foo' in headers assert 'Content-type' in headers headers['Content-Type'] = 'foo/bar' assert headers['Content-Type'] == 'foo/bar' assert len(headers.getlist('Content-Type')) == 1 # list conversion assert headers.to_list() == [ ('Content-Type', 'foo/bar'), ('X-Foo', 'bar') ] assert str(headers) == ( "Content-Type: foo/bar\r\n" "X-Foo: bar\r\n" "\r\n") assert str(Headers()) == "\r\n" # extended add headers.add('Content-Disposition', 'attachment', filename='foo') assert headers['Content-Disposition'] == 'attachment; filename=foo' headers.add('x', 'y', z='"') assert headers['x'] == r'y; z="\""' # defaults headers = Headers([ ('Content-Type', 'text/plain'), ('X-Foo', 'bar'), ('X-Bar', '1'), ('X-Bar', '2') ]) assert headers.getlist('x-bar') == ['1', '2'] assert headers.get('x-Bar') == '1' assert headers.get('Content-Type') == 'text/plain' assert headers.setdefault('X-Foo', 'nope') == 'bar' assert headers.setdefault('X-Bar', 'nope') == '1' assert headers.setdefault('X-Baz', 'quux') == 'quux' assert headers.setdefault('X-Baz', 'nope') == 'quux' headers.pop('X-Baz') # type conversion assert headers.get('x-bar', type=int) == 1 assert headers.getlist('x-bar', type=int) == [1, 2] # list like operations assert headers[0] == ('Content-Type', 'text/plain') assert headers[:1] == Headers([('Content-Type', 'text/plain')]) del headers[:2] del headers[-1] assert headers == Headers([('X-Bar', '1')]) # copying a = Headers([('foo', 'bar')]) b = a.copy() a.add('foo', 'baz') assert a.getlist('foo') == ['bar', 'baz'] assert b.getlist('foo') == ['bar'] headers = Headers([('a', 1)]) assert headers.pop('a') == 1 assert headers.pop('b', 2) == 2 assert_raises(KeyError, headers.pop, 'c') # set replaces and accepts same arguments as add a = Headers() a.set('Content-Disposition', 'useless') a.set('Content-Disposition', 'attachment', filename='foo') assert a['Content-Disposition'] == 'attachment; filename=foo'
def test_headers(): # simple header tests headers = Headers() headers.add("Content-Type", "text/plain") headers.add("X-Foo", "bar") assert "x-Foo" in headers assert "Content-type" in headers headers["Content-Type"] = "foo/bar" assert headers["Content-Type"] == "foo/bar" assert len(headers.getlist("Content-Type")) == 1 # list conversion assert headers.to_list() == [("Content-Type", "foo/bar"), ("X-Foo", "bar")] assert str(headers) == ("Content-Type: foo/bar\r\n" "X-Foo: bar\r\n" "\r\n") assert str(Headers()) == "\r\n" # extended add headers.add("Content-Disposition", "attachment", filename="foo") assert headers["Content-Disposition"] == "attachment; filename=foo" headers.add("x", "y", z='"') assert headers["x"] == r'y; z="\""' # defaults headers = Headers([("Content-Type", "text/plain"), ("X-Foo", "bar"), ("X-Bar", "1"), ("X-Bar", "2")]) assert headers.getlist("x-bar") == ["1", "2"] assert headers.get("x-Bar") == "1" assert headers.get("Content-Type") == "text/plain" assert headers.setdefault("X-Foo", "nope") == "bar" assert headers.setdefault("X-Bar", "nope") == "1" assert headers.setdefault("X-Baz", "quux") == "quux" assert headers.setdefault("X-Baz", "nope") == "quux" headers.pop("X-Baz") # type conversion assert headers.get("x-bar", type=int) == 1 assert headers.getlist("x-bar", type=int) == [1, 2] # list like operations assert headers[0] == ("Content-Type", "text/plain") assert headers[:1] == Headers([("Content-Type", "text/plain")]) del headers[:2] del headers[-1] assert headers == Headers([("X-Bar", "1")]) # copying a = Headers([("foo", "bar")]) b = a.copy() a.add("foo", "baz") assert a.getlist("foo") == ["bar", "baz"] assert b.getlist("foo") == ["bar"] headers = Headers([("a", 1)]) assert headers.pop("a") == 1 assert headers.pop("b", 2) == 2 assert_raises(KeyError, headers.pop, "c") # set replaces and accepts same arguments as add a = Headers() a.set("Content-Disposition", "useless") a.set("Content-Disposition", "attachment", filename="foo") assert a["Content-Disposition"] == "attachment; filename=foo"