def get_workspace_data(workspace, user):
user_workspace = None
if user.is_authenticated():
try:
user_workspace = UserWorkspace.objects.get(user=user, workspace=workspace)
except UserWorkspace.DoesNotExist:
pass
longdescription = workspace.longdescription
if longdescription != '':
longdescription = clean_html(markdown.markdown(longdescription, output_format='xhtml5'))
else:
longdescription = workspace.description
return {
'id': workspace.id,
'name': workspace.name,
'shared': workspace.is_shared(),
'creator': workspace.creator.username,
'owned': workspace.creator == user,
'removable': workspace.creator == user and (user_workspace is None or user_workspace.manager == ''),
'active': user_workspace is not None and user_workspace.active,
'lastmodified': workspace.last_modified,
'description': workspace.description,
'longdescription': longdescription,
}
def test_links_are_forced_to_target_blank(self):
self.assertEqual(
clean_html(
'<div class="alert">Follow this <a href="http://example.com">link</a></div>'
),
'<div class="alert">Follow this <a href="http://example.com" target="_blank">link</a></div>'
)
def read(self, request, vendor, name, version):
resource = get_object_or_404(CatalogueResource, vendor=vendor, short_name=name, version=version)
resource_info = json.loads(resource.json_description)
if resource_info['doc'] == '':
raise Http404
doc_base_url = None
if resource_info['doc'].startswith(('http://', 'https://')):
doc_code = _('You can find the userguide of this component in this external <a target="_blank" href="%s">link</a>') % resource_info['doc']
doc_code = '<div style="margin-top: 10px"><p>%s</p></div>' % doc_code
else:
doc_relative_path = url2pathname(resource_info['doc'])
doc_base_url = force_trailing_slash(urljoin(resource.get_template_url(request=request, for_base=True), pathname2url(os.path.dirname(doc_relative_path))))
doc_path = os.path.join(catalogue_utils.wgt_deployer.get_base_dir(vendor, name, version), doc_relative_path)
(doc_filename_root, doc_filename_ext) = os.path.splitext(doc_path)
localized_doc_path = doc_filename_root + '.' + get_language() + doc_filename_ext
try:
doc_code = download_local_file(localized_doc_path).decode('utf-8')
except:
try:
doc_code = download_local_file(doc_path).decode('utf-8')
except:
msg = _('Error opening the userguide file')
doc_code = '<div class="margin-top: 10px"><p>%s</p></div>' % msg
doc_pre_html = markdown.markdown(doc_code, output_format='xhtml5', extensions=['codehilite', 'fenced_code'])
doc = clean_html(doc_pre_html, base_url=doc_base_url)
return HttpResponse(doc, content_type='application/xhtml+xml; charset=UTF-8')
def read(self, request, vendor, name, version):
from_version = request.GET.get('from')
if from_version is not None:
try:
from_version = Version(from_version)
except:
return build_error_response(
request, 422, _("Missing parameter: template_uri or file"))
resource = get_object_or_404(CatalogueResource,
vendor=vendor,
short_name=name,
version=version)
resource_info = resource.get_processed_info(process_urls=False)
if resource_info['changelog'] == '':
raise Http404
doc_relative_path = url2pathname(resource_info['changelog'])
doc_base_url = force_trailing_slash(
urljoin(resource.get_template_url(request=request, for_base=True),
pathname2url(os.path.dirname(doc_relative_path))))
doc_path = os.path.join(
catalogue_utils.wgt_deployer.get_base_dir(vendor, name, version),
doc_relative_path)
(doc_filename_root, doc_filename_ext) = os.path.splitext(doc_path)
localized_doc_path = doc_filename_root + '.' + get_language(
) + doc_filename_ext
try:
doc_code = download_local_file(localized_doc_path).decode('utf-8')
except:
try:
doc_code = download_local_file(doc_path).decode('utf-8')
except:
msg = _('Error opening the changelog file')
doc_code = '<div class="margin-top: 10px"><p>%s</p></div>' % msg
doc_pre_html = markdown.markdown(doc_code,
output_format='xhtml5',
extensions=[
'markdown.extensions.codehilite',
'markdown.extensions.fenced_code'
])
if from_version:
doc_pre_html = filter_changelog(doc_pre_html, from_version)
if doc_pre_html.strip() == '':
raise Http404
doc = clean_html(doc_pre_html, base_url=doc_base_url)
return HttpResponse(
doc, content_type='application/xhtml+xml; charset=UTF-8')
def read(self, request, vendor, name, version):
resource = get_object_or_404(CatalogueResource,
vendor=vendor,
short_name=name,
version=version)
resource_info = resource.json_description
if resource_info['doc'] == '':
raise Http404
doc_base_url = None
if resource_info['doc'].startswith(('http://', 'https://')):
doc_code = _(
'You can find the userguide of this component in this external <a target="_blank" href="%s">link</a>'
) % resource_info['doc']
doc_code = '<div style="margin-top: 10px"><p>%s</p></div>' % doc_code
else:
doc_relative_path = url2pathname(resource_info['doc'])
doc_base_url = force_trailing_slash(
urljoin(
resource.get_template_url(request=request, for_base=True),
pathname2url(os.path.dirname(doc_relative_path))))
doc_path = os.path.join(
catalogue_utils.wgt_deployer.get_base_dir(
vendor, name, version), doc_relative_path)
(doc_filename_root, doc_filename_ext) = os.path.splitext(doc_path)
localized_doc_path = doc_filename_root + '.' + get_language(
) + doc_filename_ext
try:
doc_code = download_local_file(localized_doc_path).decode(
'utf-8')
except:
try:
doc_code = download_local_file(doc_path).decode('utf-8')
except:
msg = _('Error opening the userguide file')
doc_code = '<div class="margin-top: 10px"><p>%s</p></div>' % msg
doc_pre_html = markdown.markdown(doc_code,
output_format='xhtml5',
extensions=[
'markdown.extensions.codehilite',
'markdown.extensions.fenced_code'
])
doc = clean_html(doc_pre_html, base_url=doc_base_url)
return HttpResponse(
doc, content_type='application/xhtml+xml; charset=UTF-8')
def get_workspace_data(workspace, user):
user_workspace = None
if user.is_authenticated():
try:
user_workspace = UserWorkspace.objects.get(user=user,
workspace=workspace)
except UserWorkspace.DoesNotExist:
pass
longdescription = workspace.longdescription
if longdescription != '':
longdescription = clean_html(
markdown.markdown(longdescription, output_format='xhtml5'))
else:
longdescription = workspace.description
return {
'id':
"%s" % workspace.id,
'name':
workspace.name,
'title':
workspace.title if workspace.title is not None
and workspace.title.strip() != "" else workspace.name,
'public':
workspace.public,
'shared':
workspace.is_shared(),
'owner':
workspace.creator.username,
'removable':
workspace.creator == user
and (user_workspace is None or user_workspace.manager == ''),
'lastmodified':
workspace.last_modified,
'description':
workspace.description,
'longdescription':
longdescription,
}
def read(self, request, vendor, name, version):
from_version = request.GET.get('from')
if from_version is not None:
try:
from_version = Version(from_version)
except:
return build_error_response(request, 422, _("Missing parameter: template_uri or file"))
resource = get_object_or_404(CatalogueResource, vendor=vendor, short_name=name, version=version)
resource_info = resource.get_processed_info(process_urls=False)
if resource_info['changelog'] == '':
raise Http404
doc_relative_path = url2pathname(resource_info['changelog'])
doc_base_url = force_trailing_slash(urljoin(resource.get_template_url(request=request, for_base=True), pathname2url(os.path.dirname(doc_relative_path))))
doc_path = os.path.join(catalogue_utils.wgt_deployer.get_base_dir(vendor, name, version), doc_relative_path)
(doc_filename_root, doc_filename_ext) = os.path.splitext(doc_path)
localized_doc_path = doc_filename_root + '.' + get_language() + doc_filename_ext
try:
doc_code = download_local_file(localized_doc_path).decode('utf-8')
except:
try:
doc_code = download_local_file(doc_path).decode('utf-8')
except:
msg = _('Error opening the changelog file')
doc_code = '<div class="margin-top: 10px"><p>%s</p></div>' % msg
doc_pre_html = markdown.markdown(doc_code, output_format='xhtml5', extensions=['codehilite', 'fenced_code'])
if from_version:
doc_pre_html = filter_changelog(doc_pre_html, from_version)
if doc_pre_html.strip() == '':
raise Http404
doc = clean_html(doc_pre_html, base_url=doc_base_url)
return HttpResponse(doc, content_type='application/xhtml+xml; charset=UTF-8')
def test_links_are_forced_to_target_blank(self):
self.assertEqual(clean_html('<div class="alert">Follow this <a href="http://example.com">link</a></div>'), '<div class="alert">Follow this <a href="http://example.com" target="_blank">link</a></div>')
def test_video_elements_need_controls(self):
initial_code = '<video><source src="movie.mp4" type="video/mp4"/><source src="movie.ogg" type="video/ogg"/>Your browser does not support the video tag.</video>content'
expected_code = '<video controls="controls"><source src="movie.mp4" type="video/mp4"/><source src="movie.ogg" type="video/ogg"/>Your browser does not support the video tag.</video>content'
self.assertEqual(clean_html(initial_code), expected_code)
def test_audio_elements_are_removed(self):
initial_code = '<div class="alert"><audio controls="controls"><source src="sound.ogg" type="audio/ogg"/><source src="sound.mp3" type="audio/mpeg"/>Your browser does not support the audio tag.</audio>content</div>'
self.assertEqual(clean_html(initial_code), '<div class="alert">content</div>')
def test_processing_instructions_are_removed(self):
self.assertEqual(clean_html('<div class="alert"><?php echo "<p>Hello World</p>"; ?>content</div>'), '<div class="alert">content</div>')
def test_event_attributes_are_removed(self):
self.assertEqual(clean_html('<div onclick="evil_script();" class="alert">content</div>'), '<div class="alert">content</div>')
def test_audio_elements_are_removed(self):
initial_code = '<div class="alert"><audio controls="controls"><source src="sound.ogg" type="audio/ogg"/><source src="sound.mp3" type="audio/mpeg"/>Your browser does not support the audio tag.</audio>content</div>'
self.assertEqual(clean_html(initial_code),
'<div class="alert">content</div>')
def test_event_attributes_are_removed(self):
self.assertEqual(
clean_html(
'<div onclick="evil_script();" class="alert">content</div>'),
'<div class="alert">content</div>')
def test_processing_instructions_are_removed(self):
self.assertEqual(
clean_html(
'<div class="alert"><?php echo "<p>Hello World</p>"; ?>content</div>'
), '<div class="alert">content</div>')
def get_resource_data(resource, user, request=None):
"""Gets all the information related to the given resource."""
resource_info = resource.get_processed_info(request)
template_uri = get_absolute_reverse_url(
"wirecloud_catalogue.media",
kwargs={
"vendor": resource.vendor,
"name": resource.short_name,
"version": resource.version,
"file_path": resource.template_uri,
},
request=request,
)
wgt_path = os.path.join(
wgt_deployer.get_base_dir(resource.vendor, resource.short_name, resource.version), resource.template_uri
)
size = os.path.getsize(wgt_path)
cdate = resource.creation_date
creation_timestamp = time.mktime(cdate.timetuple()) * 1e3 + cdate.microsecond / 1e3
longdescription = resource_info["longdescription"]
if longdescription != "":
longdescription_relative_path = url2pathname(longdescription)
longdescription_base_url = force_trailing_slash(
urljoin(
resource.get_template_url(request=request, for_base=True),
pathname2url(os.path.dirname(longdescription_relative_path)),
)
)
longdescription_path = os.path.join(
wgt_deployer.get_base_dir(resource.vendor, resource.short_name, resource.version),
longdescription_relative_path,
)
(filename_root, filename_ext) = os.path.splitext(longdescription_path)
localized_longdescription_path = filename_root + "." + get_language() + filename_ext
try:
description_code = download_local_file(localized_longdescription_path)
longdescription = clean_html(
markdown.markdown(description_code, output_format="xhtml5"), base_url=longdescription_base_url
)
except:
try:
description_code = download_local_file(longdescription_path)
longdescription = clean_html(
markdown.markdown(description_code, output_format="xhtml5"), base_url=longdescription_base_url
)
except:
longdescription = resource_info["description"]
else:
longdescription = resource_info["description"]
return {
"id": resource.pk,
"vendor": resource.vendor,
"name": resource.short_name,
"version": resource.version,
"type": resource_info["type"],
"date": creation_timestamp,
"permissions": {
"delete": user.is_superuser,
"uninstall": resource.public is False and resource.users.filter(pk=user.pk).exists(),
},
"authors": resource_info["authors"],
"contributors": resource_info["contributors"],
"title": resource_info["title"],
"description": resource_info["description"],
"longdescription": longdescription,
"email": resource_info["email"],
"image": resource_info["image"],
"homepage": resource_info["homepage"],
"doc": resource_info["doc"],
"changelog": resource_info["changelog"],
"size": size,
"uriTemplate": template_uri,
"license": resource_info["license"],
"licenseurl": resource_info["licenseurl"],
"issuetracker": resource_info["issuetracker"],
}
def get_resource_data(resource, user, request=None):
"""Gets all the information related to the given resource."""
resource_info = resource.get_processed_info(request)
template_uri = get_absolute_reverse_url('wirecloud_catalogue.media', kwargs={
'vendor': resource.vendor,
'name': resource.short_name,
'version': resource.version,
'file_path': resource.template_uri
}, request=request)
wgt_path = os.path.join(wgt_deployer.get_base_dir(resource.vendor, resource.short_name, resource.version), resource.template_uri)
size = os.path.getsize(wgt_path)
cdate = resource.creation_date
creation_timestamp = time.mktime(cdate.timetuple()) * 1e3 + cdate.microsecond / 1e3
longdescription = resource_info['longdescription']
if longdescription != '':
longdescription_relative_path = url2pathname(longdescription)
longdescription_base_url = force_trailing_slash(urljoin(resource.get_template_url(request=request, for_base=True), pathname2url(os.path.dirname(longdescription_relative_path))))
longdescription_path = os.path.join(wgt_deployer.get_base_dir(resource.vendor, resource.short_name, resource.version), longdescription_relative_path)
(filename_root, filename_ext) = os.path.splitext(longdescription_path)
localized_longdescription_path = filename_root + '.' + get_language() + filename_ext
try:
description_code = download_local_file(localized_longdescription_path).decode('utf-8')
longdescription = clean_html(markdown.markdown(description_code, output_format='xhtml5'), base_url=longdescription_base_url)
except:
try:
description_code = download_local_file(longdescription_path).decode('utf-8')
longdescription = clean_html(markdown.markdown(description_code, output_format='xhtml5'), base_url=longdescription_base_url)
except:
longdescription = resource_info['description']
else:
longdescription = resource_info['description']
return {
'id': resource.pk,
'vendor': resource.vendor,
'name': resource.short_name,
'version': resource.version,
'type': resource_info['type'],
'date': creation_timestamp,
'permissions': {
'delete': user.is_superuser,
'uninstall': resource.public is False and resource.users.filter(pk=user.pk).exists(),
},
'authors': resource_info['authors'],
'contributors': resource_info['contributors'],
'title': resource_info['title'],
'description': resource_info['description'],
'longdescription': longdescription,
'email': resource_info['email'],
'image': resource_info['image'],
'homepage': resource_info['homepage'],
'doc': resource_info['doc'],
'changelog': resource_info['changelog'],
'size': size,
'uriTemplate': template_uri,
'license': resource_info['license'],
'licenseurl': resource_info['licenseurl'],
'issuetracker': resource_info['issuetracker'],
}
def test_relative_image_urls(self):
initial_code = 'Example image: <img src="images/example.png"/>'
expected_code = 'Example image: <img src="http://example.com/images/example.png"/>'
self.assertEqual(
clean_html(initial_code, base_url='http://example.com'),
expected_code)
def test_relative_links_are_removed(self):
initial_code = '<div class="alert">Follow this <a href="files/insecure_content.exe">link</a></div>'
expected_code = '<div class="alert">Follow this link</div>'
self.assertEqual(clean_html(initial_code), expected_code)
def test_relative_links_are_removed(self):
initial_code = '<div class="alert">Follow this <a href="files/insecure_content.exe">link</a></div>'
expected_code = '<div class="alert">Follow this link</div>'
self.assertEqual(clean_html(initial_code), expected_code)
def test_scripts_are_removed(self):
self.assertEqual(clean_html('<script>asdfas</script>'), '')
self.assertEqual(
clean_html('start content <script>asdfas</script> valid content'),
'start content valid content')
def test_relative_image_urls(self):
initial_code = 'Example image: <img src="images/example.png"/>'
expected_code = 'Example image: <img src="http://example.com/images/example.png"/>'
self.assertEqual(clean_html(initial_code, base_url='http://example.com'), expected_code)
def test_scripts_are_removed(self):
self.assertEqual(clean_html('<script>asdfas</script>'), '')
self.assertEqual(clean_html('start content <script>asdfas</script> valid content'), 'start content valid content')
def get_resource_data(resource, user, request=None):
"""Gets all the information related to the given resource."""
resource_info = resource.get_processed_info(request)
template_uri = get_absolute_reverse_url('wirecloud_catalogue.media',
kwargs={
'vendor': resource.vendor,
'name': resource.short_name,
'version': resource.version,
'file_path':
resource.template_uri
},
request=request)
wgt_path = os.path.join(
wgt_deployer.get_base_dir(resource.vendor, resource.short_name,
resource.version), resource.template_uri)
size = os.path.getsize(wgt_path)
cdate = resource.creation_date
creation_timestamp = time.mktime(
cdate.timetuple()) * 1e3 + cdate.microsecond / 1e3
longdescription = resource_info['longdescription']
if longdescription != '':
longdescription_relative_path = url2pathname(longdescription)
longdescription_base_url = force_trailing_slash(
urljoin(
resource.get_template_url(request=request, for_base=True),
pathname2url(os.path.dirname(longdescription_relative_path))))
longdescription_path = os.path.join(
wgt_deployer.get_base_dir(resource.vendor, resource.short_name,
resource.version),
longdescription_relative_path)
(filename_root, filename_ext) = os.path.splitext(longdescription_path)
localized_longdescription_path = filename_root + '.' + get_language(
) + filename_ext
try:
description_code = download_local_file(
localized_longdescription_path).decode('utf-8')
longdescription = clean_html(markdown.markdown(
description_code, output_format='xhtml5'),
base_url=longdescription_base_url)
except Exception:
try:
description_code = download_local_file(
longdescription_path).decode('utf-8')
longdescription = clean_html(markdown.markdown(
description_code, output_format='xhtml5'),
base_url=longdescription_base_url)
except Exception:
longdescription = resource_info['description']
else:
longdescription = resource_info['description']
return {
'vendor': resource.vendor,
'name': resource.short_name,
'version': resource.version,
'type': resource_info['type'],
'date': creation_timestamp,
'permissions': {
'delete':
user.is_superuser,
'uninstall':
resource.public is False
and resource.users.filter(pk=user.pk).exists(),
},
'authors': resource_info['authors'],
'contributors': resource_info['contributors'],
'title': resource_info['title'],
'description': resource_info['description'],
'longdescription': longdescription,
'email': resource_info['email'],
'image': resource_info['image'],
'homepage': resource_info['homepage'],
'doc': resource_info['doc'],
'changelog': resource_info['changelog'],
'size': size,
'uriTemplate': template_uri,
'license': resource_info['license'],
'licenseurl': resource_info['licenseurl'],
'issuetracker': resource_info['issuetracker'],
}
def test_video_elements_need_controls(self):
initial_code = '<video><source src="movie.mp4" type="video/mp4"/><source src="movie.ogg" type="video/ogg"/>Your browser does not support the video tag.</video>content'
expected_code = '<video controls="controls"><source src="movie.mp4" type="video/mp4"/><source src="movie.ogg" type="video/ogg"/>Your browser does not support the video tag.</video>content'
self.assertEqual(clean_html(initial_code), expected_code)