def test_some_internal(self):
with self.app.app.test_request_context():
res = safe_redirect('/')
self.assertEqual(res.location, '/')
res = safe_redirect('/user/1')
self.assertEqual(res.location, '/user/1')
self.assertRaises(Forbidden, safe_redirect,
'http://localhost:67/user/1')
url = request.host_url + '/user/1'
res = safe_redirect(url)
self.assertEqual(res.location, url)
def login():
if session.get('access_token') is None:
session['destination'] = '/login'
return auth.app.oidc._authenticate()
oidc_user = session['userinfo']
try:
db_user = oidc2dbuser(oidc_user)
except NotRegisteredError:
return safe_redirect('/registration')
session['user_id'] = db_user['id']
# cache busting when user data changes?
session['user'] = db_user
flash('Logged in as ' + str(db_user))
return safe_redirect('/')
def users_delete(user_id):
try:
g.db.get_entry('user', user_id)
except ResourceError:
return abort(404)
g.db.delete_entry('user', user_id)
return safe_redirect('/user')
def add_relation(table_name, entry_id, relname, target):
tmpl = "add_relation.html"
relation = request.args.get('relation')
entry = g.db.get_entry(table_name, entry_id)
if relation:
filters = [{'name': relation, 'op': 'eq', 'val': entry_id}]
existing = g.db.get_entries(target, filters=filters)
else:
existing = g.db.get_entries(target)
checked = [item['id'] for item in entry[relname]]
for item in existing:
item['checked'] = item['id'] in checked
form = get_form(target)(request.form)
action = '/%s/%d/add_relation/%s/%s' % (table_name, entry_id, relname,
target)
if relation:
action += '?relation=%s' % relation
if request.method == 'POST':
if 'pick' in request.form:
picked_entries = request.form.getlist('picked_entry')
entry[relname] = [{'id': e} for e in picked_entries]
# TODO check if changed
g.db.update_entry(table_name, entry)
else:
# creation
if form.validate():
new_relation = objdict()
form.populate_obj(new_relation)
if relation:
new_relation[relation] = entry_id
res = g.db.create_entry(target, new_relation)
# XXX is that the best way ?
entry[relname].append({'id': res.id})
g.db.update_entry(table_name, entry)
g.db.bust_cache(table_name, entry_id)
return safe_redirect('/%s/%d/edit' % (table_name, entry_id))
if request.args.get('inline') is not None:
form_id = 'subForm'
else:
form_id = 'generalForm'
return render_template(tmpl,
form=form,
form_action=action,
form_id=form_id,
existing=existing,
target=target)
def add_deployment(project_id):
form = DeploymentForm(request.form)
project = g.db.get_entry('project', project_id)
if request.method == 'POST' and form.validate():
deployment = objdict({'project_id': project_id})
form.populate_obj(deployment)
g.db.create_entry('deployment', deployment)
return safe_redirect('/project/%d' % project_id)
action = 'Add a new deployment for %s' % project.name
return render_template("edit.html", form=form, action=action,
form_action="/project/%s/deployments" % project_id)
def edit_deployment(project_id, depl_id):
depl = g.db.get_entry('deployment', depl_id)
project = depl.project
form = DeploymentForm(request.form, depl)
if request.method == 'POST' and form.validate():
form.populate_obj(depl)
g.db.update_entry('deployment', depl)
return safe_redirect('/project/%d' % (project_id))
form_action = '/project/%d/deployments/%d/edit'
backlink = '/project/%d' % project_id
action = 'Edit %r for %s' % (depl.name, project['name'])
return render_template("edit.html", form=form, action=action,
project=project, backlink=backlink,
form_action=form_action % (project_id, depl.id))
def edit_table(table_name, entry_id):
inline = request.args.get('inline')
ajax = request.args.get('ajax')
bust_cache = request.args.get('bust_cache')
if request.method == 'POST':
bust_cache = request.form.get('bust_cache', bust_cache)
bust_cache = bust_cache is not None
entry = g.db.get_entry(table_name, entry_id, bust_cache=bust_cache)
fields = '/%s/%d/fields' % (table_name, entry_id)
form = get_form(table_name)(request.form, entry)
form.meta.fields_url = fields
from_ = request.args.get('from_', '/%s/%d' % (table_name, entry_id))
if request.method == 'POST' and form.validate():
form.populate_obj(entry)
g.db.update_entry(table_name, entry)
from_ = request.form.get('from_', from_)
if bust_cache:
from_ += '?bust_cache=1'
return safe_redirect(from_)
action = 'Edit %r' % form.label(entry)
backlink = '/%s/%d' % (table_name, entry_id)
if inline is not None:
tmpl = "inline_edit.html"
form_id = 'subForm'
else:
tmpl = "edit.html"
form_id = 'generalForm'
return render_template(tmpl,
form=form,
action=action,
backlink=backlink,
form_action='/%s/%d/edit' % (table_name, entry_id),
from_=from_,
bust_cache=bust_cache,
ajax=ajax,
form_id=form_id)
def remove_deployment(project_id, depl_id):
g.db.delete_entry('deployment', depl_id)
return safe_redirect('/project/%d' % (project_id))
def logout():
for field in ('access_token', 'token', 'user_id', 'user', 'userinfo'):
if field in session:
del session[field]
flash('Logged out')
return safe_redirect('/')