def locateChild(self, request, segments):
"""Serve Resources depending on users Authentication status.
Initial logic occurs here to decide the
authentication status of a given user.
"""
if segments and segments[0] == "login":
#log.msg("Login")
#get the username and password in the postdata
#the callback function needs no args because the parsing
#of the POSTData just updates the request args.
l = server.parsePOSTData(request)
l.addCallback(lambda _: self.requestPasswordAuthentication(request, segments))
return l
if segments and segments[0] == "":
if request.args.get('startup_token', [''])[0]:
return self.requestPasswordAuthentication(request, segments)
#see if the user already has a session going
session = self.getSession(request)
#log.msg("session: %s" % session)
if session is None:
#log.msg("unknown session")
return self.requestAnonymousAuthentication(request, segments)
else:
if segments and segments[0] == "logout":
#log.msg("Logout")
return self.logout(session, request, segments)
else:
#log.msg("session found ... locateResource")
creds = session.get_authCreds()
return self.locateResource(request, segments, session, creds)
def locateChild(self, ctx, segments):
from twisted.web2.server import parsePOSTData
request = iweb.IRequest(ctx)
if request.method == "POST":
return parsePOSTData(request).addCallback(
lambda x: self.__original.locateChild(ctx, segments))
return self.__original.locateChild(ctx, segments)
def locateChild(self, request, segments):
"""Serve Resources depending on users Authentication status.
Initial logic occurs here to decide the
authentication status of a given user.
"""
if segments and segments[0] == "login":
#log.msg("Login")
#get the username and password in the postdata
#the callback function needs no args because the parsing
#of the POSTData just updates the request args.
l = server.parsePOSTData(request)
l.addCallback(lambda _: self.requestPasswordAuthentication(
request, segments))
return l
if segments and segments[0] == "":
if request.args.get('startup_token', [''])[0]:
return self.requestPasswordAuthentication(request, segments)
#see if the user already has a session going
session = self.getSession(request)
#log.msg("session: %s" % session)
if session is None:
#log.msg("unknown session")
return self.requestAnonymousAuthentication(request, segments)
else:
if segments and segments[0] == "logout":
#log.msg("Logout")
return self.logout(session, request, segments)
else:
#log.msg("session found ... locateResource")
creds = session.get_authCreds()
return self.locateResource(request, segments, session, creds)
def locateChild(self, ctx, segments):
from twisted.web2.server import parsePOSTData
request = iweb.IRequest(ctx)
if request.method == "POST":
return parsePOSTData(request).addCallback(
lambda x: self.__original.locateChild(ctx, segments))
return self.__original.locateChild(ctx, segments)
def test_maxFields(self):
"""
Check that the C{maxSize} parameter makes the parsing raise an
exception if the data contains too many fields.
"""
ctype = http_headers.MimeType("multipart", "form-data", (("boundary", "---xyz"),))
content = """-----xyz\r
Content-Disposition: form-data; name="foo"\r
\r
Foo Bar\r
-----xyz\r
Content-Disposition: form-data; name="foo"\r
\r
Baz\r
-----xyz\r
Content-Disposition: form-data; name="file"; filename="filename"\r
Content-Type: text/html\r
\r
blah\r
-----xyz\r
Content-Disposition: form-data; name="file"; filename="filename"\r
Content-Type: text/plain\r
\r
bleh\r
-----xyz--\r
"""
root = resource.Resource()
request = SimpleRequest(server.Site(root), "GET", "/", http_headers.Headers({"content-type": ctype}), content)
def cb(res):
self.assertEquals(res.response.description, "Maximum number of fields 3 exceeded")
return self.assertFailure(server.parsePOSTData(request, maxFields=3), http.HTTPError).addCallback(cb)
def test_maxFields(self):
"""
Check that the C{maxSize} parameter makes the parsing raise an
exception if the data contains too many fields.
"""
ctype = http_headers.MimeType('multipart', 'form-data',
(('boundary', '---xyz'),))
content = """-----xyz\r
Content-Disposition: form-data; name="foo"\r
\r
Foo Bar\r
-----xyz\r
Content-Disposition: form-data; name="foo"\r
\r
Baz\r
-----xyz\r
Content-Disposition: form-data; name="file"; filename="filename"\r
Content-Type: text/html\r
\r
blah\r
-----xyz\r
Content-Disposition: form-data; name="file"; filename="filename"\r
Content-Type: text/plain\r
\r
bleh\r
-----xyz--\r
"""
root = resource.Resource()
request = SimpleRequest(server.Site(root), "GET", "/",
http_headers.Headers({'content-type': ctype}), content)
def cb(res):
self.assertEquals(res.response.description,
"Maximum number of fields 3 exceeded")
return self.assertFailure(server.parsePOSTData(request, maxFields=3),
http.HTTPError).addCallback(cb)
def test_multipart(self):
"""
Test parsing data in multipart format: it should fill the C{files}
attribute.
"""
ctype = http_headers.MimeType('multipart', 'form-data',
(('boundary', '---weeboundary'),))
content="""-----weeboundary\r
Content-Disposition: form-data; name="FileNameOne"; filename="myfilename"\r
Content-Type: text/html\r
\r
my great content wooo\r
-----weeboundary--\r
"""
root = resource.Resource()
request = SimpleRequest(server.Site(root), "GET", "/",
http_headers.Headers({'content-type': ctype}), content)
def cb(ign):
self.assertEquals(request.args, {})
self.assertEquals(request.files.keys(), ['FileNameOne'])
self.assertEquals(request.files.values()[0][0][:2],
('myfilename', http_headers.MimeType('text', 'html', {})))
f = request.files.values()[0][0][2]
self.assertEquals(f.read(), "my great content wooo")
return server.parsePOSTData(request).addCallback(cb)
def test_multipart(self):
"""
Test parsing data in multipart format: it should fill the C{files}
attribute.
"""
ctype = http_headers.MimeType("multipart", "form-data", (("boundary", "---weeboundary"),))
content = """-----weeboundary\r
Content-Disposition: form-data; name="FileNameOne"; filename="myfilename"\r
Content-Type: text/html\r
\r
my great content wooo\r
-----weeboundary--\r
"""
root = resource.Resource()
request = SimpleRequest(server.Site(root), "GET", "/", http_headers.Headers({"content-type": ctype}), content)
def cb(ign):
self.assertEquals(request.args, {})
self.assertEquals(request.files.keys(), ["FileNameOne"])
self.assertEquals(
request.files.values()[0][0][:2], ("myfilename", http_headers.MimeType("text", "html", {}))
)
f = request.files.values()[0][0][2]
self.assertEquals(f.read(), "my great content wooo")
return server.parsePOSTData(request).addCallback(cb)
def test_wrongContentType(self):
"""
Check that a content-type not handled raise a C{http.HTTPError}.
"""
ctype = http_headers.MimeType("application", "foobar")
content = "key=value&multiple=two+words&multiple=more%20words"
root = resource.Resource()
request = SimpleRequest(server.Site(root), "GET", "/", http_headers.Headers({"content-type": ctype}), content)
return self.assertFailure(server.parsePOSTData(request), http.HTTPError)
def http_POST(self, request):
"""
Respond to a POST request.
Reads and parses the incoming body data then calls L{render}.
@param request: the request to process.
@return: an object adaptable to L{iweb.IResponse}.
"""
return server.parsePOSTData(request).addCallback(
lambda res: self.render(request))
def http_POST(self, request):
"""
Respond to a POST request.
Reads and parses the incoming body data then calls L{render}.
@param request: the request to process.
@return: an object adaptable to L{iweb.IResponse}.
"""
return server.parsePOSTData(request,
self.maxMem, self.maxFields, self.maxSize
).addCallback(lambda res: self.render(request))
def test_wrongContentType(self):
"""
Check that a content-type not handled raise a C{http.HTTPError}.
"""
ctype = http_headers.MimeType('application', 'foobar')
content = "key=value&multiple=two+words&multiple=more%20words"
root = resource.Resource()
request = SimpleRequest(server.Site(root), "GET", "/",
http_headers.Headers({'content-type': ctype}), content)
return self.assertFailure(server.parsePOSTData(request),
http.HTTPError)
def test_noContentType(self):
"""
Parsing a request without content-type should succeed but should not
fill the C{args} and C{files} attributes of the request.
"""
root = resource.Resource()
request = SimpleRequest(server.Site(root), "GET", "/", content="foo")
def cb(ign):
self.assertEquals(request.args, {})
self.assertEquals(request.files, {})
return server.parsePOSTData(request).addCallback(cb)
def http_POST(self, request):
ctype = request.headers.getHeader('content-type')
if ctype.mediaType == 'text' and ctype.mediaSubtype == 'json':
out = []
d = stream.readStream(request.stream, lambda x: out.append(x))
d.addCallback(lambda _: simplejson.loads(''.join(out)))
d.addCallback(lambda res: self.render(request, res))
else:
d = server.parsePOSTData(
request, self.maxMem, self.maxFields, self.maxSize)
d.addCallback(lambda res: self.render(request))
return d
def test_noContentType(self):
"""
Parsing a request without content-type should succeed but should not
fill the C{args} and C{files} attributes of the request.
"""
root = resource.Resource()
request = SimpleRequest(server.Site(root), "GET", "/", content="foo")
def cb(ign):
self.assertEquals(request.args, {})
self.assertEquals(request.files, {})
return server.parsePOSTData(request).addCallback(cb)
def test_urlencoded(self):
"""
Test parsing data in urlencoded format: it should end in the C{args}
attribute.
"""
ctype = http_headers.MimeType('application', 'x-www-form-urlencoded')
content = "key=value&multiple=two+words&multiple=more%20words"
root = resource.Resource()
request = SimpleRequest(server.Site(root), "GET", "/",
http_headers.Headers({'content-type': ctype}), content)
def cb(ign):
self.assertEquals(request.files, {})
self.assertEquals(request.args,
{'multiple': ['two words', 'more words'], 'key': ['value']})
return server.parsePOSTData(request).addCallback(cb)
def test_otherErrors(self):
"""
Test that errors durign parsing other than C{MimeFormatError} are
propagated.
"""
ctype = http_headers.MimeType("multipart", "form-data", (("boundary", "---weeboundary"),))
# XXX: maybe this is not a good example
# parseContentDispositionFormData could handle this problem
content = """-----weeboundary\r
Content-Disposition: form-data; name="FileNameOne"; filename="myfilename and invalid data \r
-----weeboundary--\r
"""
root = resource.Resource()
request = SimpleRequest(server.Site(root), "GET", "/", http_headers.Headers({"content-type": ctype}), content)
return self.assertFailure(server.parsePOSTData(request), ValueError)
def test_urlencoded(self):
"""
Test parsing data in urlencoded format: it should end in the C{args}
attribute.
"""
ctype = http_headers.MimeType("application", "x-www-form-urlencoded")
content = "key=value&multiple=two+words&multiple=more%20words"
root = resource.Resource()
request = SimpleRequest(server.Site(root), "GET", "/", http_headers.Headers({"content-type": ctype}), content)
def cb(ign):
self.assertEquals(request.files, {})
self.assertEquals(request.args, {"multiple": ["two words", "more words"], "key": ["value"]})
return server.parsePOSTData(request).addCallback(cb)
def test_multipartWithNoBoundary(self):
"""
If the boundary type is not specified, parsing should fail with a
C{http.HTTPError}.
"""
ctype = http_headers.MimeType("multipart", "form-data")
content = """-----weeboundary\r
Content-Disposition: form-data; name="FileNameOne"; filename="myfilename"\r
Content-Type: text/html\r
\r
my great content wooo\r
-----weeboundary--\r
"""
root = resource.Resource()
request = SimpleRequest(server.Site(root), "GET", "/", http_headers.Headers({"content-type": ctype}), content)
return self.assertFailure(server.parsePOSTData(request), http.HTTPError)
def test_mimeParsingError(self):
"""
A malformed content should result in a C{http.HTTPError}.
The tested content has an invalid closing boundary.
"""
ctype = http_headers.MimeType("multipart", "form-data", (("boundary", "---weeboundary"),))
content = """-----weeboundary\r
Content-Disposition: form-data; name="FileNameOne"; filename="myfilename"\r
Content-Type: text/html\r
\r
my great content wooo\r
-----weeoundary--\r
"""
root = resource.Resource()
request = SimpleRequest(server.Site(root), "GET", "/", http_headers.Headers({"content-type": ctype}), content)
return self.assertFailure(server.parsePOSTData(request), http.HTTPError)
def test_otherErrors(self):
"""
Test that errors durign parsing other than C{MimeFormatError} are
propagated.
"""
ctype = http_headers.MimeType('multipart', 'form-data',
(('boundary', '---weeboundary'),))
# XXX: maybe this is not a good example
# parseContentDispositionFormData could handle this problem
content="""-----weeboundary\r
Content-Disposition: form-data; name="FileNameOne"; filename="myfilename and invalid data \r
-----weeboundary--\r
"""
root = resource.Resource()
request = SimpleRequest(server.Site(root), "GET", "/",
http_headers.Headers({'content-type': ctype}), content)
return self.assertFailure(server.parsePOSTData(request),
ValueError)
def test_multipartWithNoBoundary(self):
"""
If the boundary type is not specified, parsing should fail with a
C{http.HTTPError}.
"""
ctype = http_headers.MimeType('multipart', 'form-data')
content="""-----weeboundary\r
Content-Disposition: form-data; name="FileNameOne"; filename="myfilename"\r
Content-Type: text/html\r
\r
my great content wooo\r
-----weeboundary--\r
"""
root = resource.Resource()
request = SimpleRequest(server.Site(root), "GET", "/",
http_headers.Headers({'content-type': ctype}), content)
return self.assertFailure(server.parsePOSTData(request),
http.HTTPError)
def test_mimeParsingError(self):
"""
A malformed content should result in a C{http.HTTPError}.
The tested content has an invalid closing boundary.
"""
ctype = http_headers.MimeType('multipart', 'form-data',
(('boundary', '---weeboundary'),))
content="""-----weeboundary\r
Content-Disposition: form-data; name="FileNameOne"; filename="myfilename"\r
Content-Type: text/html\r
\r
my great content wooo\r
-----weeoundary--\r
"""
root = resource.Resource()
request = SimpleRequest(server.Site(root), "GET", "/",
http_headers.Headers({'content-type': ctype}), content)
return self.assertFailure(server.parsePOSTData(request),
http.HTTPError)
def test_multipartMaxSize(self):
"""
Check that the C{maxSize} parameter makes the parsing raise an
exception if the data is too big.
"""
ctype = http_headers.MimeType("multipart", "form-data", (("boundary", "---weeboundary"),))
content = """-----weeboundary\r
Content-Disposition: form-data; name="FileNameOne"; filename="myfilename"\r
Content-Type: text/html\r
\r
my great content wooo
and even more and more\r
-----weeboundary--\r
"""
root = resource.Resource()
request = SimpleRequest(server.Site(root), "GET", "/", http_headers.Headers({"content-type": ctype}), content)
def cb(res):
self.assertEquals(res.response.description, "Maximum length of 10 bytes exceeded.")
return self.assertFailure(server.parsePOSTData(request, maxSize=10), http.HTTPError).addCallback(cb)
def test_multipartMaxSize(self):
"""
Check that the C{maxSize} parameter makes the parsing raise an
exception if the data is too big.
"""
ctype = http_headers.MimeType('multipart', 'form-data',
(('boundary', '---weeboundary'),))
content="""-----weeboundary\r
Content-Disposition: form-data; name="FileNameOne"; filename="myfilename"\r
Content-Type: text/html\r
\r
my great content wooo
and even more and more\r
-----weeboundary--\r
"""
root = resource.Resource()
request = SimpleRequest(server.Site(root), "GET", "/",
http_headers.Headers({'content-type': ctype}), content)
def cb(res):
self.assertEquals(res.response.description,
"Maximum length of 10 bytes exceeded.")
return self.assertFailure(server.parsePOSTData(request, maxSize=10),
http.HTTPError).addCallback(cb)
def renderHTTP(self, ctx):
from twisted.web2.server import parsePOSTData
request = iweb.IRequest(ctx)
if request.method == "POST":
return parsePOSTData(request).addCallback(self.__reallyRender, ctx)
return self.__reallyRender(None, ctx)
def renderHTTP(self, ctx):
from twisted.web2.server import parsePOSTData
request = iweb.IRequest(ctx)
if request.method == "POST":
return parsePOSTData(request).addCallback(self.__reallyRender, ctx)
return self.__reallyRender(None, ctx)
