def _check_upload_file(self, request, file_types, file_type_error_msg, event, file_size_threshold): """ Check the type and size of uploaded file. If the file type is unexpected or the size exceeds the threshold, log the error and return to browser, otherwise, return None. """ # Check invalid file types file_type_error = False file_type = [ ft for ft in file_types if any( str(request.POST['file'].file).lower().endswith(ext) for ext in file_types[ft]['extension']) ] # Check extension if not file_type: file_type_error = True else: file_type = file_type[0] # Check mimetypes if request.POST['file'].file.content_type not in file_types[ file_type]['mimetypes']: file_type_error = True else: if 'magic' in file_types[file_type]: # Check magic number headers = file_types[file_type]['magic'] if request.POST['file'].file.read( len(headers[0]) / 2).encode('hex') not in headers: file_type_error = True request.POST['file'].file.seek(0) if file_type_error: response = Response() tracker.emit(event, {'uploadedFileName': 'FILE_TYPE_ERROR'}) response.status = 415 response.body = json.dumps({'error': file_type_error_msg}) response.headers['Content-Type'] = 'application/json' return response # Check whether file size exceeds threshold (30MB) if request.POST['file'].file.size > file_size_threshold: response = Response() tracker.emit(event, {'uploadedFileName': 'FILE_SIZE_ERROR'}) response.status = 413 response.body = json.dumps({ 'error': self.ugettext('Size of uploaded file exceeds threshold') }) response.headers['Content-Type'] = 'application/json' return response return file_type
def import_resources(self, request, _suffix=''): """ Import resources into the recommender. """ response = Response() response.headers['Content-Type'] = 'application/json' if not self.get_user_is_staff(): response.status = 403 response.body = json.dumps({'error': self.ugettext('Only staff can import resources')}) tracker.emit('import_resources', {'Status': 'NOT_A_STAFF'}) return response # Check invalid file types file_types = { 'json': { 'extension': [".json"], 'mimetypes': ['application/json', 'text/json', 'text/x-json'] } } file_type_error_msg = self.ugettext('Please submit the JSON file obtained with the download resources button') result = self._check_upload_file( request, file_types, file_type_error_msg, 'import_resources', 31457280 ) if isinstance(result, Response): return result try: data = json.load(request.POST['file'].file) self.flagged_accum_resources = data['flagged_accum_resources'] self.endorsed_recommendation_reasons = data['endorsed_recommendation_reasons'] self.endorsed_recommendation_ids = data['endorsed_recommendation_ids'] if 'removed_recommendations' in data: self.removed_recommendations = data_structure_upgrade(data['removed_recommendations']) data['removed_recommendations'] = self.removed_recommendations self.recommendations = data_structure_upgrade(data['recommendations']) data['recommendations'] = self.recommendations tracker.emit('import_resources', {'Status': 'SUCCESS', 'data': data}) response.body = json.dumps(data, sort_keys=True) response.status = 200 return response except (ValueError, KeyError): response.status = 415 response.body = json.dumps( {'error': self.ugettext('Please submit the JSON file obtained with the download resources button')} ) tracker.emit('import_resources', {'Status': 'FILE_FORMAT_ERROR'}) return response except IOError: return self._raise_pyfs_error('import_resources')
def download(path, filename): """ Возвращает клиенту файл. Deprecated. """ res = Response(content_type='text/javascript', app_iter=None) try: res.body = open(path + filename, 'r').read() except: res.body = 'alert("Scenario file not found!");' logger.debug("[MultiEngineXBlock]: " + "Scenario file not found!") return res
def test_md5_etag(): res = Response() res.body = b"""\ In A.D. 2101 War was beginning. Captain: What happen ? Mechanic: Somebody set up us the bomb. Operator: We get signal. Captain: What ! Operator: Main screen turn on. Captain: It's You !! Cats: How are you gentlemen !! Cats: All your base are belong to us. Cats: You are on the way to destruction. Captain: What you say !! Cats: You have no chance to survive make your time. Cats: HA HA HA HA .... Captain: Take off every 'zig' !! Captain: You know what you doing. Captain: Move 'zig'. Captain: For great justice.""" res.md5_etag() assert res.etag assert '\n' not in res.etag assert res.etag == 'pN8sSTUrEaPRzmurGptqmw' assert res.content_md5 is None
def test_body_file_del(): res = Response() res.body = b"123" eq_(res.content_length, 3) eq_(res.app_iter, [b"123"]) del res.body_file eq_(res.body, b"") eq_(res.content_length, 0)
def test_body_file_del(): res = Response() res.body = b'123' eq_(res.content_length, 3) eq_(res.app_iter, [b'123']) del res.body_file eq_(res.body, b'') eq_(res.content_length, 0)
def static(self, request, suffix=''): filename = os.path.join( os.path.dirname(__file__), 'static', suffix ) mime = mimetypes.guess_type(filename)[0] content = None try: content = open(filename,'rb').read() except Exception as e: print e return Response(status=404) else: res = Response(content_type=mime) if mime.startswith('text'): res.body = content.format(self=self) else: res.body = content return res
def _check_upload_file(self, request, file_types, file_type_error_msg, event, file_size_threshold): """ Check the type and size of uploaded file. If the file type is unexpected or the size exceeds the threshold, log the error and return to browser, otherwise, return None. """ # Check invalid file types file_type_error = False file_type = [ft for ft in file_types if any(str(request.POST['file'].file).lower().endswith(ext) for ext in file_types[ft]['extension'])] # Check extension if not file_type: file_type_error = True else: file_type = file_type[0] # Check mimetypes if request.POST['file'].file.content_type not in file_types[file_type]['mimetypes']: file_type_error = True else: if 'magic' in file_types[file_type]: # Check magic number headers = file_types[file_type]['magic'] if request.POST['file'].file.read(len(headers[0]) / 2).encode('hex') not in headers: file_type_error = True request.POST['file'].file.seek(0) if file_type_error: response = Response() tracker.emit(event, {'uploadedFileName': 'FILE_TYPE_ERROR'}) response.status = 415 response.body = json.dumps({'error': file_type_error_msg}) response.headers['Content-Type'] = 'application/json' return response # Check whether file size exceeds threshold (30MB) if request.POST['file'].file.size > file_size_threshold: response = Response() tracker.emit(event, {'uploadedFileName': 'FILE_SIZE_ERROR'}) response.status = 413 response.body = json.dumps({'error': self.ugettext('Size of uploaded file exceeds threshold')}) response.headers['Content-Type'] = 'application/json' return response return file_type
def test_body_file_del(): res = Response() res.body = b'123' assert res.content_length == 3 assert res.app_iter == [b'123'] del res.body_file assert res.body == b'' assert res.content_length == 0
def upload_screenshot(self, request, _suffix=''): # pylint: disable=unused-argument """ Upload a screenshot for an entry of resource as a preview (typically to S3 or filesystem). Args: request: HTTP POST request request.POST['file'].file: the file to be uploaded Returns: response: HTTP response response.body (response.responseText): name of the uploaded file We validate that this is a valid JPG, GIF, or PNG by checking magic number, mimetype, and extension all correspond. We also limit to 30MB. We save the file under its MD5 hash to (1) avoid name conflicts, (2) avoid race conditions and (3) save space. """ # Check invalid file types image_types = { 'jpeg': { 'extension': [".jpeg", ".jpg"], 'mimetypes': ['image/jpeg', 'image/pjpeg'], 'magic': ["ffd8"] }, 'png': { 'extension': [".png"], 'mimetypes': ['image/png'], 'magic': ["89504e470d0a1a0a"] }, 'gif': { 'extension': [".gif"], 'mimetypes': ['image/gif'], 'magic': ["474946383961", "474946383761"] } } file_type_error_msg = 'Please upload an image in GIF/JPG/PNG' result = self._check_upload_file( request, image_types, file_type_error_msg, 'upload_screenshot', 31457280 ) if isinstance(result, Response): return result try: content = request.POST['file'].file.read() file_id = hashlib.md5(content).hexdigest() file_name = u'{}.{}'.format(file_id, result) fhwrite = self.fs.open(file_name, "wb") fhwrite.write(content) fhwrite.close() except IOError: return self._raise_pyfs_error('upload_screenshot') response = Response() response.body = json.dumps({'file_name': str("fs://" + file_name)}) response.headers['Content-Type'] = 'application/json' tracker.emit('upload_screenshot', {'uploadedFileName': response.body}) response.status = 200 return response
def upload_screenshot(self, request, _suffix=''): # pylint: disable=unused-argument """ Upload a screenshot for an entry of resource as a preview (typically to S3 or filesystem). Args: request: HTTP POST request request.POST['file'].file: the file to be uploaded Returns: response: HTTP response response.body (response.responseText): name of the uploaded file We validate that this is a valid JPG, GIF, or PNG by checking magic number, mimetype, and extension all correspond. We also limit to 30MB. We save the file under its MD5 hash to (1) avoid name conflicts, (2) avoid race conditions and (3) save space. """ # Check invalid file types image_types = { 'jpeg': { 'extension': [".jpeg", ".jpg"], 'mimetypes': ['image/jpeg', 'image/pjpeg'], 'magic': ["ffd8"] }, 'png': { 'extension': [".png"], 'mimetypes': ['image/png'], 'magic': ["89504e470d0a1a0a"] }, 'gif': { 'extension': [".gif"], 'mimetypes': ['image/gif'], 'magic': ["474946383961", "474946383761"] } } file_type_error_msg = 'Please upload an image in GIF/JPG/PNG' result = self._check_upload_file( request, image_types, file_type_error_msg, 'upload_screenshot', 31457280 ) if isinstance(result, Response): return result try: content = request.POST['file'].file.read() file_id = hashlib.md5(content).hexdigest() file_name = (file_id + '.' + result) fhwrite = self.fs.open(file_name, "wb") fhwrite.write(content) fhwrite.close() except IOError: return self._raise_pyfs_error('upload_screenshot') response = Response() response.body = json.dumps({'file_name': str("fs://" + file_name)}) response.headers['Content-Type'] = 'application/json' tracker.emit('upload_screenshot', {'uploadedFileName': response.body}) response.status = 200 return response
def test_decode_content_with_deflate(): res = Response() body = b"Hey Hey Hey" # Simulate inflate by chopping the headers off # the gzip encoded data res.body = zlib.compress(body)[2:-4] res.content_encoding = "deflate" res.decode_content() eq_(res.body, body) eq_(res.content_encoding, None)
def test_decode_content_with_deflate(): res = Response() body = b'Hey Hey Hey' # Simulate inflate by chopping the headers off # the gzip encoded data res.body = zlib.compress(body)[2:-4] res.content_encoding = 'deflate' res.decode_content() assert res.body == body assert res.content_encoding is None
def test_unicode_body(): res = Response() res.charset = "utf-8" bbody = b"La Pe\xc3\xb1a" # binary string ubody = text_(bbody, "utf-8") # unicode string res.body = bbody eq_(res.unicode_body, ubody) res.ubody = ubody eq_(res.body, bbody) del res.ubody eq_(res.body, b"")
def _raise_pyfs_error(self, event): """ Log and return an error if the pyfs is not properly set. """ response = Response() error = self.ugettext('The configuration of pyfs is not properly set') tracker.emit(event, {'uploadedFileName': 'IMPROPER_FS_SETUP'}) response.status = 404 response.body = json.dumps({'error': error}) response.headers['Content-Type'] = 'application/json' return response
def test_unicode_body(): res = Response() res.charset = "utf-8" bbody = b"La Pe\xc3\xb1a" # binary string ubody = text_(bbody, "utf-8") # unicode string res.body = bbody assert res.unicode_body == ubody res.ubody = ubody assert res.body == bbody del res.ubody assert res.body == b""
def test_unicode_body(): res = Response() res.charset = 'utf-8' bbody = b'La Pe\xc3\xb1a' # binary string ubody = text_(bbody, 'utf-8') # unicode string res.body = bbody eq_(res.unicode_body, ubody) res.ubody = ubody eq_(res.body, bbody) del res.ubody eq_(res.body, b'')
def test_unicode_body(): res = Response() res.charset = 'utf-8' bbody = b'La Pe\xc3\xb1a' # binary string ubody = text_(bbody, 'utf-8') # unicode string res.body = bbody assert res.unicode_body == ubody res.ubody = ubody assert res.body == bbody del res.ubody assert res.body == b''
def test_decode_content_with_deflate_and_zlib_header(): res = Response() body = b"Hey Hey Hey" # don't chop off the zlib container # https://tools.ietf.org/html/rfc7230#section-4.2.2 says # that chopping it exists but is non-conformant res.body = zlib.compress(body) res.content_encoding = "deflate" res.decode_content() assert res.body == body assert res.content_encoding is None
def test_decode_content_gzip(): from gzip import GzipFile io_ = io.BytesIO() gzip_f = GzipFile(filename='', mode='w', fileobj=io_) gzip_f.write(b'abc') gzip_f.close() body = io_.getvalue() res = Response() res.content_encoding = 'gzip' res.body = body res.decode_content() assert res.body == b'abc'
def test_decode_content_gzip(): from gzip import GzipFile io_ = io.BytesIO() gzip_f = GzipFile(filename="", mode="w", fileobj=io_) gzip_f.write(b"abc") gzip_f.close() body = io_.getvalue() res = Response() res.content_encoding = "gzip" res.body = body res.decode_content() assert res.body == b"abc"
def test_response(): req = BaseRequest.blank("/") res = req.get_response(simple_app) assert res.status == "200 OK" assert res.status_code == 200 assert res.body == "OK" assert res.charset == "UTF-8" assert res.content_type == "text/html" res.status = 404 assert res.status == "404 Not Found" assert res.status_code == 404 res.body = b"Not OK" assert b"".join(res.app_iter) == b"Not OK" res.charset = "iso8859-1" assert "text/html; charset=iso8859-1" == res.headers["content-type"] res.content_type = "text/xml" assert "text/xml; charset=UTF-8" == res.headers["content-type"] res.content_type = "text/xml; charset=UTF-8" assert "text/xml; charset=UTF-8" == res.headers["content-type"] res.headers = {"content-type": "text/html"} assert res.headers["content-type"] == "text/html" assert res.headerlist == [("content-type", "text/html")] res.set_cookie("x", "y") assert res.headers["set-cookie"].strip(";") == "x=y; Path=/" res.set_cookie(text_("x"), text_("y")) assert res.headers["set-cookie"].strip(";") == "x=y; Path=/" res = Response("a body", "200 OK", content_type="text/html") res.encode_content() assert res.content_encoding == "gzip" assert ( res.body == b"\x1f\x8b\x08\x00\x00\x00\x00\x00\x02\xffKTH\xcaO\xa9\x04\x00\xf6\x86GI\x06\x00\x00\x00" ) res.decode_content() assert res.content_encoding is None assert res.body == b"a body" res.set_cookie("x", text_(b"foo")) # test unicode value with pytest.raises(TypeError): Response(app_iter=iter(["a"]), body="somebody") del req.environ with pytest.raises(TypeError): Response(charset=None, content_type="image/jpeg", body=text_(b"unicode body")) with pytest.raises(TypeError): Response(wrong_key="dummy") with pytest.raises(TypeError): resp = Response() resp.body = text_(b"unicode body")
def image(self, request): """Provide shuffled image.""" image_file = cStringIO.StringIO(urllib.urlopen(self.imageURL).read()) img = Image.open(image_file) resized_img = img.resize((self.width, self.height), Image.ANTIALIAS) shuffled_image = shuffle_image(resized_img, self.order, self.rows, self.cols) tmp = StringIO() shuffled_image.save(tmp, 'png') tmp.seek(0) response = Response() response.body = tmp.getvalue() response.headers['Content-Type'] = 'image/png' response.headers['Cache-Control'] = 'max-age=0' tmp.close() return response
def test_response(): req = BaseRequest.blank('/') res = req.get_response(simple_app) assert res.status == '200 OK' assert res.status_code == 200 assert res.body == "OK" assert res.charset == "UTF-8" assert res.content_type == 'text/html' res.status = 404 assert res.status == '404 Not Found' assert res.status_code == 404 res.body = b'Not OK' assert b''.join(res.app_iter) == b'Not OK' res.charset = 'iso8859-1' assert 'text/html; charset=iso8859-1' == res.headers['content-type'] res.content_type = 'text/xml' assert 'text/xml; charset=UTF-8' == res.headers['content-type'] res.content_type = 'text/xml; charset=UTF-8' assert 'text/xml; charset=UTF-8' == res.headers['content-type'] res.headers = {'content-type': 'text/html'} assert res.headers['content-type'] == 'text/html' assert res.headerlist == [('content-type', 'text/html')] res.set_cookie('x', 'y') assert res.headers['set-cookie'].strip(';') == 'x=y; Path=/' res.set_cookie(text_('x'), text_('y')) assert res.headers['set-cookie'].strip(';') == 'x=y; Path=/' res = Response('a body', '200 OK', content_type='text/html') res.encode_content() assert res.content_encoding == 'gzip' assert res.body == b'\x1f\x8b\x08\x00\x00\x00\x00\x00\x02\xffKTH\xcaO\xa9\x04\x00\xf6\x86GI\x06\x00\x00\x00' res.decode_content() assert res.content_encoding is None assert res.body == b'a body' res.set_cookie('x', text_(b'foo')) # test unicode value with pytest.raises(TypeError): Response(app_iter=iter(['a']), body="somebody") del req.environ with pytest.raises(TypeError): Response(charset=None, content_type='image/jpeg', body=text_(b"unicode body")) with pytest.raises(TypeError): Response(wrong_key='dummy') with pytest.raises(TypeError): resp = Response() resp.body = text_(b"unicode body")
def upload_photo(self, request, suffix=''): """ Handle a profile photo upload. * Step 1: Validate that image (magic number, mimetype, and extension all match) * Step 2: Resize to a maximum of 211x211 * Step 3: Save as profile.png with PIL """ (extension, photo) = ValidatePhoto(request) im = Image.open(photo) im.thumbnail((211,211), Image.ANTIALIAS) fp = self.photo_storage.open("profile.png", "wb") im.save(fp, "PNG") fp.close() response = Response() response.body = json.dumps({'status': 'success', 'url': self.photo_storage.get_url("profile.png", 600)}) response.headers['Content-Type'] = 'text/json' return response
def test_response_ok(self): '''Test case that ensures response object behaves as expected. If this pass it guarantees webob version does not break fantastico functionality.''' response = Response() self.assertEqual(200, response.status_code) self.assertEqual("text/html", response.content_type) response.charset = "utf8" self.assertEqual("utf8", response.charset) response.text = "test content" self.assertEqual(b"test content", response.body) response.body = b"test content" self.assertEqual(b"test content", response.body) response.status = 404 self.assertEqual(404, response.status_code) response.content_type = "application/json" self.assertEqual("application/json", response.content_type)
def upload_photo(self, request, suffix=''): """ Handle a profile photo upload. * Step 1: Validate that image (magic number, mimetype, and extension all match) * Step 2: Resize to a maximum of 211x211 * Step 3: Save as profile.png with PIL """ (extension, photo) = ValidatePhoto(request) im = Image.open(photo) im.thumbnail((211, 211), Image.ANTIALIAS) fp = self.photo_storage.open("profile.png", "wb") im.save(fp, "PNG") fp.close() response = Response() response.body = json.dumps({ 'status': 'success', 'url': self.photo_storage.get_url("profile.png", 600) }) response.headers['Content-Type'] = 'text/json' return response
def test_write_text(): res = Response() res.body = b'abc' res.write(text_(b'a')) eq_(res.text, 'abca')
def test_decode_content_defaults_to_identity(): res = Response() res.body = b'There be dragons' res.decode_content() assert res.body == b'There be dragons'
def test_write_text(): res = Response() res.body = b"abc" res.write(text_(b"a")) assert res.text == "abca"
def test_text_get_decode(): res = Response() res.charset = "utf-8" res.body = b"La Pe\xc3\xb1a" assert res.text, text_(b"La Pe\xc3\xb1a")
def test_text_get_decode(): res = Response() res.charset = 'utf-8' res.body = b'La Pe\xc3\xb1a' assert res.text, text_(b'La Pe\xc3\xb1a' == 'utf-8')
def test_write_text(): res = Response() res.body = b"abc" res.write(text_(b"a")) eq_(res.text, "abca")
def test_write_text(): res = Response() res.body = b'abc' res.write(text_(b'a')) assert res.text == 'abca'