From 981bb8f441946330e462aebf81a3cbec497342bd Mon Sep 17 00:00:00 2001 From: Anton Vlasenko Date: Thu, 4 Oct 2012 21:43:30 +0300 Subject: Updated links to documentation and copyrights year --- .../alchemy/+package+/templates/mytemplate.pt_tmpl | 16 ++++++++-------- .../starter/+package+/templates/mytemplate.pt_tmpl | 16 ++++++++-------- pyramid/scaffolds/zodb/+package+/templates/mytemplate.pt | 16 ++++++++-------- 3 files changed, 24 insertions(+), 24 deletions(-) diff --git a/pyramid/scaffolds/alchemy/+package+/templates/mytemplate.pt_tmpl b/pyramid/scaffolds/alchemy/+package+/templates/mytemplate.pt_tmpl index ac0140789..99606fe0e 100644 --- a/pyramid/scaffolds/alchemy/+package+/templates/mytemplate.pt_tmpl +++ b/pyramid/scaffolds/alchemy/+package+/templates/mytemplate.pt_tmpl @@ -32,7 +32,7 @@
diff --git a/pyramid/scaffolds/starter/+package+/templates/mytemplate.pt_tmpl b/pyramid/scaffolds/starter/+package+/templates/mytemplate.pt_tmpl index 743eab026..4a71dd992 100644 --- a/pyramid/scaffolds/starter/+package+/templates/mytemplate.pt_tmpl +++ b/pyramid/scaffolds/starter/+package+/templates/mytemplate.pt_tmpl @@ -32,7 +32,7 @@
diff --git a/pyramid/scaffolds/zodb/+package+/templates/mytemplate.pt b/pyramid/scaffolds/zodb/+package+/templates/mytemplate.pt index d64f18fca..5391509fe 100644 --- a/pyramid/scaffolds/zodb/+package+/templates/mytemplate.pt +++ b/pyramid/scaffolds/zodb/+package+/templates/mytemplate.pt @@ -32,7 +32,7 @@
-- cgit v1.2.3 From 7cd6b99cba30093604b3344c3cb6d235977f3ae3 Mon Sep 17 00:00:00 2001 From: Chris McDonough Date: Fri, 12 Oct 2012 03:44:43 -0400 Subject: Fix indentation --- pyramid/chameleon_zpt.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/pyramid/chameleon_zpt.py b/pyramid/chameleon_zpt.py index 73203a7cb..d8a8ee1be 100644 --- a/pyramid/chameleon_zpt.py +++ b/pyramid/chameleon_zpt.py @@ -18,10 +18,12 @@ class ZPTTemplateRenderer(object): @reify # avoid looking up reload_templates before manager pushed def template(self): - tf = PageTemplateFile(self.path, - auto_reload=self.lookup.auto_reload, - debug=self.lookup.debug, - translate=self.lookup.translate) + tf = PageTemplateFile( + self.path, + auto_reload=self.lookup.auto_reload, + debug=self.lookup.debug, + translate=self.lookup.translate + ) if self.macro: # render only the portion of the template included in a # define-macro named the value of self.macro -- cgit v1.2.3 From 201596a39fd7c988924586ee9ab2c3c6e4b0387a Mon Sep 17 00:00:00 2001 From: Chris Rossi Date: Fri, 12 Oct 2012 13:50:30 -0400 Subject: Add basic auth authentication policy. --- pyramid/authentication.py | 91 ++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 83 insertions(+), 8 deletions(-) diff --git a/pyramid/authentication.py b/pyramid/authentication.py index 83bdb13d1..7161e1d1f 100644 --- a/pyramid/authentication.py +++ b/pyramid/authentication.py @@ -1,3 +1,4 @@ +import binascii from codecs import utf_8_decode from codecs import utf_8_encode from hashlib import md5 @@ -330,13 +331,13 @@ class AuthTktAuthenticationPolicy(CallbackAuthenticationPolicy): Optional. ``path`` - + Default: ``/``. The path for which the auth_tkt cookie is valid. May be desirable if the application only serves part of a domain. Optional. - + ``http_only`` - + Default: ``False``. Hide cookie from JavaScript by setting the HttpOnly flag. Not honored by all browsers. Optional. @@ -553,7 +554,7 @@ class AuthTktCookieHelper(object): text_type: ('b64unicode', lambda x: b64encode(utf_8_encode(x)[0])), binary_type: ('b64str', lambda x: b64encode(x)), } - + def __init__(self, secret, cookie_name='auth_tkt', secure=False, include_ip=False, timeout=None, reissue_time=None, max_age=None, http_only=False, path="/", wild_domain=True): @@ -632,7 +633,7 @@ class AuthTktCookieHelper(object): remote_addr = environ['REMOTE_ADDR'] else: remote_addr = '0.0.0.0' - + try: timestamp, userid, tokens, user_data = self.parse_ticket( self.secret, cookie, remote_addr) @@ -641,7 +642,7 @@ class AuthTktCookieHelper(object): now = self.now # service tests - if now is None: + if now is None: now = time_mod.time() if self.timeout and ( (timestamp + self.timeout) < now ): @@ -689,7 +690,7 @@ class AuthTktCookieHelper(object): environ = request.environ request._authtkt_reissue_revoked = True return self._get_cookies(environ, '', max_age=EXPIRE) - + def remember(self, request, userid, max_age=None, tokens=()): """ Return a set of Set-Cookie headers; when set into a response, these headers will represent a valid authentication ticket. @@ -783,7 +784,7 @@ class SessionAuthenticationPolicy(CallbackAuthenticationPolicy): Pyramid debug logger about the results of various authentication steps. The output from debugging is useful for reporting to maillist or IRC channels when asking for support. - + """ def __init__(self, prefix='auth.', callback=None, debug=False): @@ -806,3 +807,77 @@ class SessionAuthenticationPolicy(CallbackAuthenticationPolicy): def unauthenticated_userid(self, request): return request.session.get(self.userid_key) + +@implementer(IAuthenticationPolicy) +class BasicAuthAuthenticationPolicy(CallbackAuthenticationPolicy): + """ A :app:`Pyramid` authentication policy which uses HTTP standard basic + authentication protocol to authenticate users. To use this policy you will + need to provide a callback which checks the supplied user credentials + against your source of login data. + + Constructor Arguments + + ``check`` + + A callback function passed a username, password and request, in that + order as positional arguments. Expected to return ``None`` if the + userid doesn't exist or a sequence of principal identifiers (possibly + empty) if the user does exist. + + ``realm`` + + Default: ``Realm``. The Basic Auth Realm string. Usually displayed to + the user by the browser in the login dialog. + + ``debug`` + + Default: ``False``. If ``debug`` is ``True``, log messages to the + Pyramid debug logger about the results of various authentication + steps. The output from debugging is useful for reporting to maillist + or IRC channels when asking for support. + + """ + def __init__(self, check, realm='Realm', debug=False): + self.check = check + self.realm = realm + self.debug = debug + + def unauthenticated_userid(self, request): + credentials = self._get_credentials(request) + if credentials: + return credentials[0] + + def remember(self, request, principal, **kw): + return [] + + def forget(self, request): + return [('WWW-Authenticate', 'Basic realm="%s"' % self.realm)] + + def callback(self, username, request): + # Username arg is ignored. Unfortunately _get_credentials winds up + # getting called twice when authenticated_userid is called. Avoiding + # that, however, winds up duplicating logic from the superclass. + credentials = self._get_credentials(request) + if credentials: + username, password = credentials + return self.check(username, password, request) + + def _get_credentials(self, request): + authorization = request.headers.get('Authorization') + if not authorization: + return None + try: + authmeth, auth = authorization.split(' ', 1) + except ValueError: # not enough values to unpack + return None + if authmeth.lower() != 'basic': + return None + try: + auth = auth.strip().decode('base64') + except binascii.Error: # can't decode + return None + try: + username, password = auth.split(':', 1) + except ValueError: # not enough values to unpack + return None + return username, password -- cgit v1.2.3 From bf902d454a1e567a873bac1c7eb91d76d7e4dbd0 Mon Sep 17 00:00:00 2001 From: Chris Rossi Date: Fri, 12 Oct 2012 17:23:56 -0400 Subject: Test coverage. --- .gitignore | 2 + pyramid/tests/test_authentication.py | 100 ++++++++++++++++++++++++++++++----- 2 files changed, 88 insertions(+), 14 deletions(-) diff --git a/.gitignore b/.gitignore index 8e2f83e7d..5fa2a2ee4 100644 --- a/.gitignore +++ b/.gitignore @@ -5,6 +5,7 @@ *.pt.py *.txt.py *~ +.*.swp .coverage .tox/ nosetests.xml @@ -21,3 +22,4 @@ bookenv/ jyenv/ pypyenv/ env*/ +venv/ diff --git a/pyramid/tests/test_authentication.py b/pyramid/tests/test_authentication.py index e513b9a48..bea62894e 100644 --- a/pyramid/tests/test_authentication.py +++ b/pyramid/tests/test_authentication.py @@ -14,7 +14,7 @@ class TestCallbackAuthenticationPolicyDebugging(unittest.TestCase): def tearDown(self): del self.config - + def debug(self, msg): self.messages.append(msg) @@ -151,7 +151,7 @@ class TestRepozeWho1AuthenticationPolicy(unittest.TestCase): def _makeOne(self, identifier_name='auth_tkt', callback=None): return self._getTargetClass()(identifier_name, callback) - + def test_class_implements_IAuthenticationPolicy(self): from zope.interface.verify import verifyClass from pyramid.interfaces import IAuthenticationPolicy @@ -251,7 +251,7 @@ class TestRepozeWho1AuthenticationPolicy(unittest.TestCase): result = policy.remember(request, 'fred') self.assertEqual(result[0], request.environ) self.assertEqual(result[1], {'repoze.who.userid':'fred'}) - + def test_forget_no_plugins(self): request = DummyRequest({}) policy = self._makeOne() @@ -276,7 +276,7 @@ class TestRemoteUserAuthenticationPolicy(unittest.TestCase): def _makeOne(self, environ_key='REMOTE_USER', callback=None): return self._getTargetClass()(environ_key, callback) - + def test_class_implements_IAuthenticationPolicy(self): from zope.interface.verify import verifyClass from pyramid.interfaces import IAuthenticationPolicy @@ -301,7 +301,7 @@ class TestRemoteUserAuthenticationPolicy(unittest.TestCase): request = DummyRequest({}) policy = self._makeOne() self.assertEqual(policy.authenticated_userid(request), None) - + def test_authenticated_userid(self): request = DummyRequest({'REMOTE_USER':'fred'}) policy = self._makeOne() @@ -326,7 +326,7 @@ class TestRemoteUserAuthenticationPolicy(unittest.TestCase): policy = self._makeOne() result = policy.remember(request, 'fred') self.assertEqual(result, []) - + def test_forget(self): request = DummyRequest({'REMOTE_USER':'fred'}) policy = self._makeOne() @@ -375,7 +375,7 @@ class TestAutkTktAuthenticationPolicy(unittest.TestCase): request = DummyRequest({}) policy = self._makeOne(None, None) self.assertEqual(policy.authenticated_userid(request), None) - + def test_authenticated_userid_callback_returns_None(self): request = DummyRequest({}) def callback(userid, request): @@ -426,7 +426,7 @@ class TestAutkTktAuthenticationPolicy(unittest.TestCase): result = policy.remember(request, 'fred', a=1, b=2) self.assertEqual(policy.cookie.kw, {'a':1, 'b':2}) self.assertEqual(result, []) - + def test_forget(self): request = DummyRequest({}) policy = self._makeOne(None, None) @@ -482,7 +482,7 @@ class TestAuthTktCookieHelper(unittest.TestCase): request = self._makeRequest(None) result = helper.identify(request) self.assertEqual(result, None) - + def test_identify_good_cookie_include_ip(self): helper = self._makeOne('secret', include_ip=True) request = self._makeRequest('ticket') @@ -605,7 +605,7 @@ class TestAuthTktCookieHelper(unittest.TestCase): request = self._makeRequest('ticket') result = helper.identify(request) self.assertEqual(result, None) - + def test_identify_cookie_timed_out(self): helper = self._makeOne('secret', timeout=1) request = self._makeRequest({'HTTP_COOKIE':'auth_tkt=bogus'}) @@ -828,7 +828,7 @@ class TestAuthTktCookieHelper(unittest.TestCase): self.assertEqual(result[1][0], 'Set-Cookie') self.assertTrue(result[1][1].endswith('; Path=/; Domain=example.com')) self.assertTrue(result[1][1].startswith('auth_tkt=')) - + def test_remember_binary_userid(self): import base64 helper = self._makeOne('secret') @@ -1106,6 +1106,78 @@ class TestSessionAuthenticationPolicy(unittest.TestCase): self.assertEqual(request.session.get('userid'), None) self.assertEqual(result, []) +class TestBasicAuthAuthenticationPolicy(unittest.TestCase): + def _getTargetClass(self): + from pyramid.authentication import BasicAuthAuthenticationPolicy as cls + return cls + + def _makeOne(self, check): + return self._getTargetClass()(check, realm='SomeRealm') + + def test_class_implements_IAuthenticationPolicy(self): + from zope.interface.verify import verifyClass + from pyramid.interfaces import IAuthenticationPolicy + verifyClass(IAuthenticationPolicy, self._getTargetClass()) + + def test_unauthenticated_userid(self): + import base64 + request = testing.DummyRequest() + request.headers['Authorization'] = 'Basic %s' % base64.b64encode( + 'chrisr:password') + policy = self._makeOne(None) + self.assertEqual(policy.unauthenticated_userid(request), 'chrisr') + + def test_unauthenticated_userid_no_credentials(self): + request = testing.DummyRequest() + policy = self._makeOne(None) + self.assertEqual(policy.unauthenticated_userid(request), None) + + def test_unauthenticated_bad_header(self): + request = testing.DummyRequest() + request.headers['Authorization'] = '...' + policy = self._makeOne(None) + self.assertEqual(policy.unauthenticated_userid(request), None) + + def test_unauthenticated_userid_not_basic(self): + request = testing.DummyRequest() + request.headers['Authorization'] = 'Complicated things' + policy = self._makeOne(None) + self.assertEqual(policy.unauthenticated_userid(request), None) + + def test_unauthenticated_userid_corrupt_base64(self): + request = testing.DummyRequest() + request.headers['Authorization'] = 'Basic chrisr:password' + policy = self._makeOne(None) + self.assertEqual(policy.unauthenticated_userid(request), None) + + def test_authenticated_userid(self): + import base64 + request = testing.DummyRequest() + request.headers['Authorization'] = 'Basic %s' % base64.b64encode( + 'chrisr:password') + def check(username, password, request): + return [] + policy = self._makeOne(check) + self.assertEqual(policy.authenticated_userid(request), 'chrisr') + + def test_unauthenticated_userid_invalid_payload(self): + import base64 + request = testing.DummyRequest() + request.headers['Authorization'] = 'Basic %s' % base64.b64encode( + 'chrisrpassword') + policy = self._makeOne(None) + self.assertEqual(policy.unauthenticated_userid(request), None) + + def test_remember(self): + policy = self._makeOne(None) + self.assertEqual(policy.remember(None, None), []) + + def test_forget(self): + policy = self._makeOne(None) + self.assertEqual(policy.forget(None), [ + ('WWW-Authenticate', 'Basic realm="SomeRealm"')]) + + class DummyContext: pass @@ -1130,7 +1202,7 @@ class DummyRequest: class DummyWhoPlugin: def remember(self, environ, identity): return environ, identity - + def forget(self, environ, identity): return environ, identity @@ -1164,7 +1236,7 @@ class DummyAuthTktModule(object): raise self.BadTicket() return self.timestamp, self.userid, self.tokens, self.user_data self.parse_ticket = parse_ticket - + class AuthTicket(object): def __init__(self, secret, userid, remote_addr, **kw): self.secret = secret @@ -1186,4 +1258,4 @@ class DummyAuthTktModule(object): class DummyResponse: def __init__(self): self.headerlist = [] - + -- cgit v1.2.3 From 1affe4b98d1d2faf3058f98e1875219c02c68409 Mon Sep 17 00:00:00 2001 From: Nozomu Kaneko Date: Sat, 13 Oct 2012 01:32:48 +0900 Subject: fix typo and markup --- docs/whatsnew-1.4.rst | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/whatsnew-1.4.rst b/docs/whatsnew-1.4.rst index 4e64d8162..6aa390e64 100644 --- a/docs/whatsnew-1.4.rst +++ b/docs/whatsnew-1.4.rst @@ -63,7 +63,7 @@ Partial Mako and Chameleon Template Renderings of rendering the entire template. An example asset spec: ``package:path/to/template#macroname.pt``. This will render the macro defined as ``macroname`` within the ``template.pt`` template instead of the - entire templae. + entire template. Subrequest Support ~~~~~~~~~~~~~~~~~~ @@ -78,7 +78,7 @@ Minor Feature Additions ----------------------- - :meth:`pyramid.config.Configurator.add_directive` now accepts arbitrary - callables like partials or objects implementing ``__call__`` which dont + callables like partials or objects implementing ``__call__`` which don't have ``__name__`` and ``__doc__`` attributes. See https://github.com/Pylons/pyramid/issues/621 and https://github.com/Pylons/pyramid/pull/647. @@ -112,7 +112,7 @@ Minor Feature Additions - An :meth:`pyramid.config.Configurator.add_permission` directive method was added to the Configurator. This directive registers a free-standing permission introspectable into the Pyramid introspection system. - Frameworks built atop Pyramid can thus use the the ``permissions`` + Frameworks built atop Pyramid can thus use the ``permissions`` introspectable category data to build a comprehensive list of permissions supported by a running system. Before this method was added, permissions were already registered in this introspectable category as a side effect of @@ -172,7 +172,7 @@ Backwards Incompatibilities ``bfg.routes.matchdict`` to the request's WSGI environment dictionary. These values were docs-deprecated in ``repoze.bfg`` 1.0 (effectively seven minor releases ago). If your code depended on these values, use - request.matched_route and request.matchdict instead. + ``request.matched_route`` and ``request.matchdict`` instead. - It is no longer possible to pass an environ dictionary directly to ``pyramid.traversal.ResourceTreeTraverser.__call__`` (aka @@ -223,7 +223,7 @@ Backwards Incompatibilities * ``registerEventListener``, use :meth:`pyramid.config.Configurator.testing_add_subscriber` instead. - * ``registerTemplateRenderer`` (aka `registerDummyRenderer``), use + * ``registerTemplateRenderer`` (aka ``registerDummyRenderer``), use :meth:`pyramid.config.Configurator.testing_add_template` instead. * ``registerView``, use :meth:`pyramid.config.Configurator.add_view` instead. -- cgit v1.2.3 From 3fb934e8d600018800932fb66d001f5bacdac2c8 Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Sat, 13 Oct 2012 16:51:35 -0500 Subject: allow request_param predicate to accept a tuple of constraints --- pyramid/config/predicates.py | 39 ++++++++++++++++------------ pyramid/tests/test_config/test_predicates.py | 18 +++++++++++++ 2 files changed, 41 insertions(+), 16 deletions(-) diff --git a/pyramid/config/predicates.py b/pyramid/config/predicates.py index 77b55d9b3..7b77f4766 100644 --- a/pyramid/config/predicates.py +++ b/pyramid/config/predicates.py @@ -64,28 +64,35 @@ class PathInfoPredicate(object): class RequestParamPredicate(object): def __init__(self, val, config): - name = val - v = None - if '=' in name: - name, v = name.split('=', 1) - name, v = name.strip(), v.strip() - if v is None: - self._text = 'request_param %s' % (name,) - else: - self._text = 'request_param %s = %s' % (name, v) - self.name = name - self.val = v + if not is_nonstr_iter(val): + val = (val,) + val = sorted(val) + self.val = val + reqs = [] + for p in val: + k = p + v = None + if '=' in p: + k, v = p.split('=', 1) + k, v = k.strip(), v.strip() + reqs.append((k, v)) + self.reqs = reqs def text(self): - return self._text + return 'request_param %s' % ','.join( + ['%s = %s' % (x,y) if y else x for x, y in self.reqs] + ) phash = text def __call__(self, context, request): - if self.val is None: - return self.name in request.params - return request.params.get(self.name) == self.val - + for k, v in self.reqs: + actual = request.params.get(k) + if actual is None: + return False + if v is not None and actual != v: + return False + return True class HeaderPredicate(object): def __init__(self, val, config): diff --git a/pyramid/tests/test_config/test_predicates.py b/pyramid/tests/test_config/test_predicates.py index 005b1b27a..de7c8241d 100644 --- a/pyramid/tests/test_config/test_predicates.py +++ b/pyramid/tests/test_config/test_predicates.py @@ -117,6 +117,20 @@ class TestRequestParamPredicate(unittest.TestCase): result = inst(None, request) self.assertTrue(result) + def test___call___true_multi(self): + inst = self._makeOne(('abc', 'def =2 ')) + request = Dummy() + request.params = {'abc':'1', 'def': '2'} + result = inst(None, request) + self.assertTrue(result) + + def test___call___false_multi(self): + inst = self._makeOne(('abc=3', 'def =2 ')) + request = Dummy() + request.params = {'abc':'3', 'def': '1'} + result = inst(None, request) + self.assertFalse(result) + def test___call___false(self): inst = self._makeOne('abc') request = Dummy() @@ -132,6 +146,10 @@ class TestRequestParamPredicate(unittest.TestCase): inst = self._makeOne('abc= 1') self.assertEqual(inst.text(), 'request_param abc = 1') + def test_text_multi(self): + inst = self._makeOne(('abc= 1', 'def')) + self.assertEqual(inst.text(), 'request_param abc = 1,def') + def test_phash_exists(self): inst = self._makeOne('abc') self.assertEqual(inst.phash(), 'request_param abc') -- cgit v1.2.3 From 5507b82bcf5e1b9d59216e72ea71a026b72cd255 Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Sat, 13 Oct 2012 16:54:49 -0500 Subject: collapsed request_param text to match the match_param text format --- pyramid/config/predicates.py | 2 +- pyramid/tests/test_config/test_predicates.py | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/pyramid/config/predicates.py b/pyramid/config/predicates.py index 7b77f4766..3a82e8f15 100644 --- a/pyramid/config/predicates.py +++ b/pyramid/config/predicates.py @@ -80,7 +80,7 @@ class RequestParamPredicate(object): def text(self): return 'request_param %s' % ','.join( - ['%s = %s' % (x,y) if y else x for x, y in self.reqs] + ['%s=%s' % (x,y) if y else x for x, y in self.reqs] ) phash = text diff --git a/pyramid/tests/test_config/test_predicates.py b/pyramid/tests/test_config/test_predicates.py index de7c8241d..3be3ef156 100644 --- a/pyramid/tests/test_config/test_predicates.py +++ b/pyramid/tests/test_config/test_predicates.py @@ -144,11 +144,11 @@ class TestRequestParamPredicate(unittest.TestCase): def test_text_withval(self): inst = self._makeOne('abc= 1') - self.assertEqual(inst.text(), 'request_param abc = 1') + self.assertEqual(inst.text(), 'request_param abc=1') def test_text_multi(self): inst = self._makeOne(('abc= 1', 'def')) - self.assertEqual(inst.text(), 'request_param abc = 1,def') + self.assertEqual(inst.text(), 'request_param abc=1,def') def test_phash_exists(self): inst = self._makeOne('abc') @@ -156,7 +156,7 @@ class TestRequestParamPredicate(unittest.TestCase): def test_phash_withval(self): inst = self._makeOne('abc= 1') - self.assertEqual(inst.phash(), "request_param abc = 1") + self.assertEqual(inst.phash(), "request_param abc=1") class TestMatchParamPredicate(unittest.TestCase): def _makeOne(self, val): -- cgit v1.2.3 From 4b8cf2d4e9711189e800dcb470a29773e4269f92 Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Sat, 13 Oct 2012 17:11:01 -0500 Subject: updated request_param and match_param to use as_sorted_tuple --- pyramid/config/predicates.py | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/pyramid/config/predicates.py b/pyramid/config/predicates.py index 3a82e8f15..08299e4bd 100644 --- a/pyramid/config/predicates.py +++ b/pyramid/config/predicates.py @@ -64,10 +64,7 @@ class PathInfoPredicate(object): class RequestParamPredicate(object): def __init__(self, val, config): - if not is_nonstr_iter(val): - val = (val,) - val = sorted(val) - self.val = val + val = as_sorted_tuple(val) reqs = [] for p in val: k = p @@ -76,6 +73,7 @@ class RequestParamPredicate(object): k, v = p.split('=', 1) k, v = k.strip(), v.strip() reqs.append((k, v)) + self.val = val self.reqs = reqs def text(self): @@ -163,9 +161,7 @@ class RequestTypePredicate(object): class MatchParamPredicate(object): def __init__(self, val, config): - if not is_nonstr_iter(val): - val = (val,) - val = sorted(val) + val = as_sorted_tuple(val) self.val = val reqs = [ p.split('=', 1) for p in val ] self.reqs = [ (x.strip(), y.strip()) for x, y in reqs ] -- cgit v1.2.3 From b1d2a373d74a433b247ea2f1186f1e314244490c Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Sat, 13 Oct 2012 17:11:26 -0500 Subject: added tests for header predicate and standardized the text property --- pyramid/config/predicates.py | 6 +-- pyramid/tests/test_config/test_predicates.py | 64 ++++++++++++++++++++++++++++ 2 files changed, 67 insertions(+), 3 deletions(-) diff --git a/pyramid/config/predicates.py b/pyramid/config/predicates.py index 08299e4bd..2b2b57bc3 100644 --- a/pyramid/config/predicates.py +++ b/pyramid/config/predicates.py @@ -97,15 +97,15 @@ class HeaderPredicate(object): name = val v = None if ':' in name: - name, v = name.split(':', 1) + name, val_str = name.split(':', 1) try: - v = re.compile(v) + v = re.compile(val_str) except re.error as why: raise ConfigurationError(why.args[0]) if v is None: self._text = 'header %s' % (name,) else: - self._text = 'header %s = %s' % (name, v) + self._text = 'header %s=%s' % (name, val_str) self.name = name self.val = v diff --git a/pyramid/tests/test_config/test_predicates.py b/pyramid/tests/test_config/test_predicates.py index 3be3ef156..2f0ef4132 100644 --- a/pyramid/tests/test_config/test_predicates.py +++ b/pyramid/tests/test_config/test_predicates.py @@ -317,6 +317,70 @@ class Test_CheckCSRFTokenPredicate(unittest.TestCase): result = inst(None, request) self.assertEqual(result, True) +class TestHeaderPredicate(unittest.TestCase): + def _makeOne(self, val): + from pyramid.config.predicates import HeaderPredicate + return HeaderPredicate(val, None) + + def test___call___true_exists(self): + inst = self._makeOne('abc') + request = Dummy() + request.headers = {'abc':1} + result = inst(None, request) + self.assertTrue(result) + + def test___call___true_withval(self): + inst = self._makeOne('abc:1') + request = Dummy() + request.headers = {'abc':'1'} + result = inst(None, request) + self.assertTrue(result) + + def test___call___true_withregex(self): + inst = self._makeOne(r'abc:\d+') + request = Dummy() + request.headers = {'abc':'1'} + result = inst(None, request) + self.assertTrue(result) + + def test___call___false_withregex(self): + inst = self._makeOne(r'abc:\d+') + request = Dummy() + request.headers = {'abc':'a'} + result = inst(None, request) + self.assertFalse(result) + + def test___call___false(self): + inst = self._makeOne('abc') + request = Dummy() + request.headers = {} + result = inst(None, request) + self.assertFalse(result) + + def test_text_exists(self): + inst = self._makeOne('abc') + self.assertEqual(inst.text(), 'header abc') + + def test_text_withval(self): + inst = self._makeOne('abc:1') + self.assertEqual(inst.text(), 'header abc=1') + + def test_text_withregex(self): + inst = self._makeOne(r'abc:\d+') + self.assertEqual(inst.text(), r'header abc=\d+') + + def test_phash_exists(self): + inst = self._makeOne('abc') + self.assertEqual(inst.phash(), 'header abc') + + def test_phash_withval(self): + inst = self._makeOne('abc:1') + self.assertEqual(inst.phash(), "header abc=1") + + def test_phash_withregex(self): + inst = self._makeOne(r'abc:\d+') + self.assertEqual(inst.phash(), r'header abc=\d+') + class predicate(object): def __repr__(self): return 'predicate' -- cgit v1.2.3 From 06a904f88a64dc0c12b8ed7803287bac8786ff67 Mon Sep 17 00:00:00 2001 From: Chris McDonough Date: Sat, 13 Oct 2012 19:02:01 -0400 Subject: add docs and changelog note --- CHANGES.txt | 10 ++++++++++ docs/narr/viewconfig.rst | 11 ++++++----- pyramid/config/predicates.py | 2 -- pyramid/config/views.py | 9 +++++---- 4 files changed, 21 insertions(+), 11 deletions(-) diff --git a/CHANGES.txt b/CHANGES.txt index e40401528..613be1b80 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -1,9 +1,19 @@ Next release ============ +Features +-------- + +- Allow multiple values to be specified to the ``request_param`` view/route + predicate as a sequence. Previously only a single string value was allowed. + See https://github.com/Pylons/pyramid/pull/705 + Bug Fixes --------- +- The match_param predicate's text method was fixed to sort its values. + Part of https://github.com/Pylons/pyramid/pull/705 + - 1.4a ``pyramid.scripting.prepare`` behaved differently than 1.3 series function of same name. In particular, if passed a request, it would not set the ``registry`` attribute of the request like 1.3 did. A symptom diff --git a/docs/narr/viewconfig.rst b/docs/narr/viewconfig.rst index f65435cc6..3c7897969 100644 --- a/docs/narr/viewconfig.rst +++ b/docs/narr/viewconfig.rst @@ -290,12 +290,13 @@ configured view. of the ``REQUEST_METHOD`` of the :term:`WSGI` environment. ``request_param`` - This value can be any string. A view declaration with this argument - ensures that the view will only be called when the :term:`request` has a - key in the ``request.params`` dictionary (an HTTP ``GET`` or ``POST`` - variable) that has a name which matches the supplied value. + This value can be any string or a sequence of strings. A view declaration + with this argument ensures that the view will only be called when the + :term:`request` has a key in the ``request.params`` dictionary (an HTTP + ``GET`` or ``POST`` variable) that has a name which matches the a + supplied value. - If the value supplied has a ``=`` sign in it, + If any value supplied has a ``=`` sign in it, e.g. ``request_param="foo=123"``, then the key (``foo``) must both exist in the ``request.params`` dictionary, *and* the value must match the right hand side of the expression (``123``) for the view to "match" the current diff --git a/pyramid/config/predicates.py b/pyramid/config/predicates.py index 2b2b57bc3..100c9454e 100644 --- a/pyramid/config/predicates.py +++ b/pyramid/config/predicates.py @@ -1,7 +1,5 @@ import re -from pyramid.compat import is_nonstr_iter - from pyramid.exceptions import ConfigurationError from pyramid.traversal import ( diff --git a/pyramid/config/views.py b/pyramid/config/views.py index 9ace96c1d..15263ad04 100644 --- a/pyramid/config/views.py +++ b/pyramid/config/views.py @@ -904,11 +904,12 @@ class ViewsConfiguratorMixin(object): request_param - This value can be any string. A view declaration with this - argument ensures that the view will only be called when the - :term:`request` has a key in the ``request.params`` + This value can be any string or any sequence of strings. A view + declaration with this argument ensures that the view will only be + called when the :term:`request` has a key in the ``request.params`` dictionary (an HTTP ``GET`` or ``POST`` variable) that has a - name which matches the supplied value. If the value + name which matches the supplied value (if the value is a string) + or values (if the value is a tuple). If any value supplied has a ``=`` sign in it, e.g. ``request_param="foo=123"``, then the key (``foo``) must both exist in the ``request.params`` dictionary, *and* -- cgit v1.2.3 From 9ee14abc85e242cd4afbad66f1eb609108a9bd97 Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Sat, 13 Oct 2012 18:09:31 -0500 Subject: updated ini files with links to documentation --- pyramid/scaffolds/alchemy/development.ini_tmpl | 20 +++++++++++++++++--- pyramid/scaffolds/alchemy/production.ini_tmpl | 12 +++++++++--- pyramid/scaffolds/starter/development.ini_tmpl | 20 +++++++++++++++++--- pyramid/scaffolds/starter/production.ini_tmpl | 16 +++++++++++++--- pyramid/scaffolds/zodb/development.ini_tmpl | 20 +++++++++++++++++--- pyramid/scaffolds/zodb/production.ini_tmpl | 16 +++++++++++++--- 6 files changed, 86 insertions(+), 18 deletions(-) diff --git a/pyramid/scaffolds/alchemy/development.ini_tmpl b/pyramid/scaffolds/alchemy/development.ini_tmpl index eebfbcc3e..bdf08171c 100644 --- a/pyramid/scaffolds/alchemy/development.ini_tmpl +++ b/pyramid/scaffolds/alchemy/development.ini_tmpl @@ -1,3 +1,8 @@ +### +# app configuration +# http://docs.pylonsproject.org/projects/pyramid/en/latest/narr/environment.html +### + [app:main] use = egg:{{project}} @@ -12,12 +17,23 @@ pyramid.includes = sqlalchemy.url = sqlite:///%(here)s/{{project}}.sqlite +# By default, the toolbar only appears for clients from IP addresses +# '127.0.0.1' and '::1'. +# debugtoolbar.hosts = 127.0.0.1 ::1 + +### +# wsgi server configuration +### + [server:main] use = egg:waitress#main host = 0.0.0.0 port = 6543 -# Begin logging configuration +### +# logging configuration +# http://docs.pylonsproject.org/projects/pyramid/en/latest/narr/logging.html +### [loggers] keys = root, {{package_logger}}, sqlalchemy @@ -53,5 +69,3 @@ formatter = generic [formatter_generic] format = %(asctime)s %(levelname)-5.5s [%(name)s][%(threadName)s] %(message)s - -# End logging configuration diff --git a/pyramid/scaffolds/alchemy/production.ini_tmpl b/pyramid/scaffolds/alchemy/production.ini_tmpl index 9488f1811..69b08e458 100644 --- a/pyramid/scaffolds/alchemy/production.ini_tmpl +++ b/pyramid/scaffolds/alchemy/production.ini_tmpl @@ -1,3 +1,8 @@ +### +# app configuration +# http://docs.pylonsproject.org/projects/pyramid/en/latest/narr/environment.html +### + [app:main] use = egg:{{project}} @@ -16,7 +21,10 @@ use = egg:waitress#main host = 0.0.0.0 port = 6543 -# Begin logging configuration +### +# logging configuration +# http://docs.pylonsproject.org/projects/pyramid/en/latest/narr/logging.html +### [loggers] keys = root, {{package_logger}}, sqlalchemy @@ -52,5 +60,3 @@ formatter = generic [formatter_generic] format = %(asctime)s %(levelname)-5.5s [%(name)s][%(threadName)s] %(message)s - -# End logging configuration diff --git a/pyramid/scaffolds/starter/development.ini_tmpl b/pyramid/scaffolds/starter/development.ini_tmpl index c92e13906..33c454086 100644 --- a/pyramid/scaffolds/starter/development.ini_tmpl +++ b/pyramid/scaffolds/starter/development.ini_tmpl @@ -1,3 +1,8 @@ +### +# app configuration +# http://docs.pylonsproject.org/projects/pyramid/en/latest/narr/environment.html +### + [app:main] use = egg:{{project}} @@ -9,12 +14,23 @@ pyramid.default_locale_name = en pyramid.includes = pyramid_debugtoolbar +# By default, the toolbar only appears for clients from IP addresses +# '127.0.0.1' and '::1'. +# debugtoolbar.hosts = 127.0.0.1 ::1 + +### +# wsgi server configuration +### + [server:main] use = egg:waitress#main host = 0.0.0.0 port = 6543 -# Begin logging configuration +### +# logging configuration +# http://docs.pylonsproject.org/projects/pyramid/en/latest/narr/logging.html +### [loggers] keys = root, {{package_logger}} @@ -42,5 +58,3 @@ formatter = generic [formatter_generic] format = %(asctime)s %(levelname)-5.5s [%(name)s][%(threadName)s] %(message)s - -# End logging configuration diff --git a/pyramid/scaffolds/starter/production.ini_tmpl b/pyramid/scaffolds/starter/production.ini_tmpl index 28957b5c1..dd2637e5b 100644 --- a/pyramid/scaffolds/starter/production.ini_tmpl +++ b/pyramid/scaffolds/starter/production.ini_tmpl @@ -1,3 +1,8 @@ +### +# app configuration +# http://docs.pylonsproject.org/projects/pyramid/en/latest/narr/environment.html +### + [app:main] use = egg:{{project}} @@ -7,12 +12,19 @@ pyramid.debug_notfound = false pyramid.debug_routematch = false pyramid.default_locale_name = en +### +# wsgi server configuration +### + [server:main] use = egg:waitress#main host = 0.0.0.0 port = 6543 -# Begin logging configuration +### +# logging configuration +# http://docs.pylonsproject.org/projects/pyramid/en/latest/narr/logging.html +### [loggers] keys = root, {{package_logger}} @@ -40,5 +52,3 @@ formatter = generic [formatter_generic] format = %(asctime)s %(levelname)-5.5s [%(name)s][%(threadName)s] %(message)s - -# End logging configuration diff --git a/pyramid/scaffolds/zodb/development.ini_tmpl b/pyramid/scaffolds/zodb/development.ini_tmpl index 1260b4db3..746f7ded3 100644 --- a/pyramid/scaffolds/zodb/development.ini_tmpl +++ b/pyramid/scaffolds/zodb/development.ini_tmpl @@ -1,3 +1,8 @@ +### +# app configuration +# http://docs.pylonsproject.org/projects/pyramid/en/latest/narr/environment.html +### + [app:main] use = egg:{{project}} @@ -14,12 +19,23 @@ pyramid.includes = tm.attempts = 3 zodbconn.uri = file://%(here)s/Data.fs?connection_cache_size=20000 +# By default, the toolbar only appears for clients from IP addresses +# '127.0.0.1' and '::1'. +# debugtoolbar.hosts = 127.0.0.1 ::1 + +### +# wsgi server configuration +### + [server:main] use = egg:waitress#main host = 0.0.0.0 port = 6543 -# Begin logging configuration +### +# logging configuration +# http://docs.pylonsproject.org/projects/pyramid/en/latest/narr/logging.html +### [loggers] keys = root, {{package_logger}} @@ -47,5 +63,3 @@ formatter = generic [formatter_generic] format = %(asctime)s %(levelname)-5.5s [%(name)s][%(threadName)s] %(message)s - -# End logging configuration diff --git a/pyramid/scaffolds/zodb/production.ini_tmpl b/pyramid/scaffolds/zodb/production.ini_tmpl index 1640009fa..9ce639ec3 100644 --- a/pyramid/scaffolds/zodb/production.ini_tmpl +++ b/pyramid/scaffolds/zodb/production.ini_tmpl @@ -1,3 +1,8 @@ +### +# app configuration +# http://docs.pylonsproject.org/projects/pyramid/en/latest/narr/environment.html +### + [app:main] use = egg:{{project}} @@ -13,12 +18,19 @@ pyramid.includes = tm.attempts = 3 zodbconn.uri = file://%(here)s/Data.fs?connection_cache_size=20000 +### +# wsgi server configuration +### + [server:main] use = egg:waitress#main host = 0.0.0.0 port = 6543 -# Begin logging configuration +### +# logging configuration +# http://docs.pylonsproject.org/projects/pyramid/en/latest/narr/logging.html +### [loggers] keys = root, {{package_logger}} @@ -46,5 +58,3 @@ formatter = generic [formatter_generic] format = %(asctime)s %(levelname)-5.5s [%(name)s][%(threadName)s] %(message)s - -# End logging configuration -- cgit v1.2.3 From de6ec0482e4d9d3d139ccd83edf35f8438470584 Mon Sep 17 00:00:00 2001 From: Chris McDonough Date: Sat, 13 Oct 2012 19:20:11 -0400 Subject: mention comments --- CHANGES.txt | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGES.txt b/CHANGES.txt index 95375e5ba..fbac16117 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -8,6 +8,9 @@ Features predicate as a sequence. Previously only a single string value was allowed. See https://github.com/Pylons/pyramid/pull/705 +- Comments with references to documentation sections placed in scaffold + ``.ini`` files. + Bug Fixes --------- -- cgit v1.2.3 From bdf4519f1fe5e4db0991b0aa2be6d6708472a7f2 Mon Sep 17 00:00:00 2001 From: Chris Rossi Date: Sun, 14 Oct 2012 14:16:09 -0400 Subject: Add BasicAuthAuthenticationPolicy to Sphinx documentation. Move Repoze1AuthenticationPolicy lower in the list. --- docs/api/authentication.rst | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/docs/api/authentication.rst b/docs/api/authentication.rst index 5d4dbd9e3..587026a3b 100644 --- a/docs/api/authentication.rst +++ b/docs/api/authentication.rst @@ -10,12 +10,14 @@ Authentication Policies .. autoclass:: AuthTktAuthenticationPolicy - .. autoclass:: RepozeWho1AuthenticationPolicy - .. autoclass:: RemoteUserAuthenticationPolicy .. autoclass:: SessionAuthenticationPolicy + .. autoclass:: BasicAuthAuthenticationPolicy + + .. autoclass:: RepozeWho1AuthenticationPolicy + Helper Classes ~~~~~~~~~~~~~~ -- cgit v1.2.3 From 9937a4e2d4c575486c04b089141bfbd6325f3711 Mon Sep 17 00:00:00 2001 From: Chris Rossi Date: Sun, 14 Oct 2012 14:16:39 -0400 Subject: Fix rst syntax error which prevented Sphinx docs from building. --- CHANGES.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGES.txt b/CHANGES.txt index df4ada7e9..4221c7071 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -17,7 +17,7 @@ Bug Fixes - When registering a view configuration that named a Chameleon ZPT renderer with a macro name in it (e.g. ``renderer='some/template#somemacro.pt``) as well as a view configuration without a macro name it it that pointed to the - same template (e.g. ``renderer='some/template.pt'), internal caching could + same template (e.g. ``renderer='some/template.pt'``), internal caching could confuse the two, and your code might have rendered one instead of the other. -- cgit v1.2.3 From 0678dec16488928f23ea951d2d5ac44ddbc7935f Mon Sep 17 00:00:00 2001 From: Chris Rossi Date: Sun, 14 Oct 2012 14:17:00 -0400 Subject: Include recipe for issuing challenge. --- pyramid/authentication.py | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/pyramid/authentication.py b/pyramid/authentication.py index 7161e1d1f..50752c96e 100644 --- a/pyramid/authentication.py +++ b/pyramid/authentication.py @@ -826,7 +826,7 @@ class BasicAuthAuthenticationPolicy(CallbackAuthenticationPolicy): ``realm`` - Default: ``Realm``. The Basic Auth Realm string. Usually displayed to + Default: ``"Realm"``. The Basic Auth Realm string. Usually displayed to the user by the browser in the login dialog. ``debug`` @@ -836,6 +836,23 @@ class BasicAuthAuthenticationPolicy(CallbackAuthenticationPolicy): steps. The output from debugging is useful for reporting to maillist or IRC channels when asking for support. + **Issuing a challenge** + + Regular browsers will not send username/password credentials unless they + first receive a challenge from the server. The following recipe will + register a view that will send a Basic Auth challenge to the user whenever + there is an attempt to call a view which results in a Forbidden response:: + + from pyramid.httpexceptions import HTTPForbidden + from pyramid.httpexceptions import HTTPUnauthorized + from pyramid.security import forget + from pyramid.view import view_config + + @view_config(context=HTTPForbidden) + def basic_challenge(request): + response = HTTPUnauthorized() + response.headers.update(forget(request)) + return response """ def __init__(self, check, realm='Realm', debug=False): self.check = check -- cgit v1.2.3 From 1f85ed07248f65ea414dc69d23056e6a15cee23b Mon Sep 17 00:00:00 2001 From: Chris Rossi Date: Sun, 14 Oct 2012 14:22:58 -0400 Subject: Update change log. --- CHANGES.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGES.txt b/CHANGES.txt index 6f1dadc6b..bde6d4f92 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -11,6 +11,8 @@ Features - Comments with references to documentation sections placed in scaffold ``.ini`` files. +- Added an HTTP Basic authentication policy. + Bug Fixes --------- -- cgit v1.2.3 From 407e302250d9020c3c0a13f63f9252e766d3286a Mon Sep 17 00:00:00 2001 From: Chris Rossi Date: Sun, 14 Oct 2012 15:15:47 -0400 Subject: Fixes for Python 3. --- pyramid/authentication.py | 4 ++-- pyramid/tests/test_authentication.py | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/pyramid/authentication.py b/pyramid/authentication.py index 50752c96e..d4fd7ab8b 100644 --- a/pyramid/authentication.py +++ b/pyramid/authentication.py @@ -890,8 +890,8 @@ class BasicAuthAuthenticationPolicy(CallbackAuthenticationPolicy): if authmeth.lower() != 'basic': return None try: - auth = auth.strip().decode('base64') - except binascii.Error: # can't decode + auth = b64decode(auth.strip()).decode('ascii') + except (TypeError, binascii.Error): # can't decode return None try: username, password = auth.split(':', 1) diff --git a/pyramid/tests/test_authentication.py b/pyramid/tests/test_authentication.py index bea62894e..dfe3cf0b0 100644 --- a/pyramid/tests/test_authentication.py +++ b/pyramid/tests/test_authentication.py @@ -1123,7 +1123,7 @@ class TestBasicAuthAuthenticationPolicy(unittest.TestCase): import base64 request = testing.DummyRequest() request.headers['Authorization'] = 'Basic %s' % base64.b64encode( - 'chrisr:password') + bytes_('chrisr:password')).decode('ascii') policy = self._makeOne(None) self.assertEqual(policy.unauthenticated_userid(request), 'chrisr') @@ -1154,7 +1154,7 @@ class TestBasicAuthAuthenticationPolicy(unittest.TestCase): import base64 request = testing.DummyRequest() request.headers['Authorization'] = 'Basic %s' % base64.b64encode( - 'chrisr:password') + bytes_('chrisr:password')).decode('ascii') def check(username, password, request): return [] policy = self._makeOne(check) @@ -1164,7 +1164,7 @@ class TestBasicAuthAuthenticationPolicy(unittest.TestCase): import base64 request = testing.DummyRequest() request.headers['Authorization'] = 'Basic %s' % base64.b64encode( - 'chrisrpassword') + bytes_('chrisrpassword')).decode('ascii') policy = self._makeOne(None) self.assertEqual(policy.unauthenticated_userid(request), None) -- cgit v1.2.3 From 67fa5ad66216b6a1aa71fed639e3d2d82aa4458d Mon Sep 17 00:00:00 2001 From: Chris McDonough Date: Sun, 14 Oct 2012 16:01:09 -0400 Subject: point at policy --- CHANGES.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGES.txt b/CHANGES.txt index bde6d4f92..9b3ce1253 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -11,7 +11,8 @@ Features - Comments with references to documentation sections placed in scaffold ``.ini`` files. -- Added an HTTP Basic authentication policy. +- Added an HTTP Basic authentication policy + at ``pyramid.authentication.BasicAuthAuthenticationPolicy``. Bug Fixes --------- -- cgit v1.2.3 From 2d964c1b983a91ee4d59aa8dc28e33697199a46c Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Sun, 14 Oct 2012 20:10:07 -0500 Subject: pypi support for python 3.3 --- setup.py | 1 + 1 file changed, 1 insertion(+) diff --git a/setup.py b/setup.py index 9af2f2100..40117cf4c 100644 --- a/setup.py +++ b/setup.py @@ -79,6 +79,7 @@ setup(name='pyramid', "Programming Language :: Python :: 2.7", "Programming Language :: Python :: 3", "Programming Language :: Python :: 3.2", + "Programming Language :: Python :: 3.3", "Programming Language :: Python :: Implementation :: CPython", "Programming Language :: Python :: Implementation :: PyPy", "Framework :: Pyramid", -- cgit v1.2.3 From c25a8fd5d2895a117d8eb77162ed8388f0482674 Mon Sep 17 00:00:00 2001 From: Chris McDonough Date: Fri, 26 Oct 2012 00:32:08 -0400 Subject: - New ``physical_path`` view predicate. If specified, this value should be a string or a tuple representing the physical traversal path of the context found via traversal for this predicate to match as true. For example: ``physical_path='/'`` or ``physical_path='/a/b/c'`` or ``physical_path=('', 'a', 'b', 'c')``. This is not a path prefix match or a regex, it's a whole-path match. It's useful when you want to always potentially show a view when some object is traversed to, but you can't be sure about what kind of object it will be, so you can't use the ``context`` predicate. The individual path elements inbetween slash characters or in tuple elements should be the Unicode representation of the name of the resource and should not be encoded in any way. --- CHANGES.txt | 35 +++++++++++------- docs/glossary.rst | 22 +++++++++--- docs/narr/viewconfig.rst | 14 ++++++++ pyramid/config/predicates.py | 21 +++++++++-- pyramid/config/views.py | 17 +++++++++ pyramid/tests/test_config/test_predicates.py | 53 ++++++++++++++++++++++++++++ pyramid/view.py | 2 +- 7 files changed, 144 insertions(+), 20 deletions(-) diff --git a/CHANGES.txt b/CHANGES.txt index 9b3ce1253..4baf81581 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -1,19 +1,6 @@ Next release ============ -Features --------- - -- Allow multiple values to be specified to the ``request_param`` view/route - predicate as a sequence. Previously only a single string value was allowed. - See https://github.com/Pylons/pyramid/pull/705 - -- Comments with references to documentation sections placed in scaffold - ``.ini`` files. - -- Added an HTTP Basic authentication policy - at ``pyramid.authentication.BasicAuthAuthenticationPolicy``. - Bug Fixes --------- @@ -40,6 +27,16 @@ Bug Fixes Features -------- +- Allow multiple values to be specified to the ``request_param`` view/route + predicate as a sequence. Previously only a single string value was allowed. + See https://github.com/Pylons/pyramid/pull/705 + +- Comments with references to documentation sections placed in scaffold + ``.ini`` files. + +- Added an HTTP Basic authentication policy + at ``pyramid.authentication.BasicAuthAuthenticationPolicy``. + - The Configurator ``testing_securitypolicy`` method now returns the policy object it creates. @@ -56,6 +53,18 @@ Features ``remembered`` value on the policy, which is the value of the ``principal`` argument it's called with when its ``remember`` method is called. +- New ``physical_path`` view predicate. If specified, this value should be a + string or a tuple representing the physical traversal path of the context + found via traversal for this predicate to match as true. For example: + ``physical_path='/'`` or ``physical_path='/a/b/c'`` or ``physical_path=('', + 'a', 'b', 'c')``. This is not a path prefix match or a regex, it's a + whole-path match. It's useful when you want to always potentially show a + view when some object is traversed to, but you can't be sure about what kind + of object it will be, so you can't use the ``context`` predicate. The + individual path elements inbetween slash characters or in tuple elements + should be the Unicode representation of the name of the resource and should + not be encoded in any way. + 1.4a2 (2012-09-27) ================== diff --git a/docs/glossary.rst b/docs/glossary.rst index 96dd826d1..adcf36f7c 100644 --- a/docs/glossary.rst +++ b/docs/glossary.rst @@ -481,10 +481,24 @@ Glossary :app:`Pyramid` to form a workflow system. virtual root - A resource object representing the "virtual" root of a request; this - is typically the physical root object (the object returned by the - application root factory) unless :ref:`vhosting_chapter` is in - use. + A resource object representing the "virtual" root of a request; this is + typically the :term:`physical root` object unless :ref:`vhosting_chapter` + is in use. + + physical root + The object returned by the application :term:`root factory`. Unlike the + the :term:`virtual root` of a request, it is not impacted by + :ref:`vhosting_chapter`: it will always be the actual object returned by + the root factory, never a subobject. + + physical path + The path required by a traversal which resolve a :term:`resource` starting + from the :term:`physical root`. For example, the physical path of the + ``abc`` subobject of the physical root object is ``/abc``. Physical paths + can also be specified as tuples where the first element is the empty + string (representing the root), and every other element is a Unicode + object, e.g. ``('', 'abc')``. Physical paths are also sometimes called + "traversal paths". lineage An ordered sequence of objects based on a ":term:`location` -aware" diff --git a/docs/narr/viewconfig.rst b/docs/narr/viewconfig.rst index 3c7897969..752e6ad72 100644 --- a/docs/narr/viewconfig.rst +++ b/docs/narr/viewconfig.rst @@ -417,6 +417,20 @@ configured view. .. versionadded:: 1.4a2 +``physical_path`` + If specified, this value should be a string or a tuple representing the + :term:`physical path` of the context found via traversal for this predicate + to match as true. For example: ``physical_path='/'`` or + ``physical_path='/a/b/c'`` or ``physical_path=('', 'a', 'b', 'c')``. This is + not a path prefix match or a regex, it's a whole-path match. It's useful + when you want to always potentially show a view when some object is traversed + to, but you can't be sure about what kind of object it will be, so you can't + use the ``context`` predicate. The individual path elements inbetween slash + characters or in tuple elements should be the Unicode representation of the + name of the resource and should not be encoded in any way. + + .. versionadded:: 1.4a3 + ``custom_predicates`` If ``custom_predicates`` is specified, it must be a sequence of references to custom predicate callables. Use custom predicates when no set of diff --git a/pyramid/config/predicates.py b/pyramid/config/predicates.py index 100c9454e..adbdcbbc0 100644 --- a/pyramid/config/predicates.py +++ b/pyramid/config/predicates.py @@ -2,15 +2,16 @@ import re from pyramid.exceptions import ConfigurationError +from pyramid.compat import is_nonstr_iter + from pyramid.traversal import ( find_interface, traversal_path, + resource_path_tuple ) from pyramid.urldispatch import _compile_route - from pyramid.util import object_description - from pyramid.session import check_csrf_token from .util import as_sorted_tuple @@ -250,3 +251,19 @@ class CheckCSRFTokenPredicate(object): return self.check_csrf_token(request, val, raises=False) return True +class PhysicalPathPredicate(object): + def __init__(self, val, config): + if is_nonstr_iter(val): + self.val = tuple(val) + else: + val = tuple(filter(None, val.split('/'))) + self.val = ('',) + val + + def text(self): + return 'physical_path = %s' % (self.val,) + + phash = text + + def __call__(self, context, request): + return resource_path_tuple(context) == self.val + diff --git a/pyramid/config/views.py b/pyramid/config/views.py index 15263ad04..e52f9d64b 100644 --- a/pyramid/config/views.py +++ b/pyramid/config/views.py @@ -1014,6 +1014,22 @@ class ViewsConfiguratorMixin(object): .. versionadded:: 1.4a2 + physical_path + + If specified, this value should be a string or a tuple representing + the :term:`physical path` of the context found via traversal for this + predicate to match as true. For example: ``physical_path='/'`` or + ``physical_path='/a/b/c'`` or ``physical_path=('', 'a', 'b', 'c')``. + This is not a path prefix match or a regex, it's a whole-path match. + It's useful when you want to always potentially show a view when some + object is traversed to, but you can't be sure about what kind of + object it will be, so you can't use the ``context`` predicate. The + individual path elements inbetween slash characters or in tuple + elements should be the Unicode representation of the name of the + resource and should not be encoded in any way. + + .. versionadded:: 1.4a3 + custom_predicates This value should be a sequence of references to custom @@ -1370,6 +1386,7 @@ class ViewsConfiguratorMixin(object): ('request_type', p.RequestTypePredicate), ('match_param', p.MatchParamPredicate), ('check_csrf', p.CheckCSRFTokenPredicate), + ('physical_path', p.PhysicalPathPredicate), ('custom', p.CustomPredicate), ): self.add_view_predicate(name, factory) diff --git a/pyramid/tests/test_config/test_predicates.py b/pyramid/tests/test_config/test_predicates.py index 2f0ef4132..84d9b184d 100644 --- a/pyramid/tests/test_config/test_predicates.py +++ b/pyramid/tests/test_config/test_predicates.py @@ -381,6 +381,59 @@ class TestHeaderPredicate(unittest.TestCase): inst = self._makeOne(r'abc:\d+') self.assertEqual(inst.phash(), r'header abc=\d+') +class Test_PhysicalPathPredicate(unittest.TestCase): + def _makeOne(self, val, config): + from pyramid.config.predicates import PhysicalPathPredicate + return PhysicalPathPredicate(val, config) + + def test_text(self): + inst = self._makeOne('/', None) + self.assertEqual(inst.text(), "physical_path = ('',)") + + def test_phash(self): + inst = self._makeOne('/', None) + self.assertEqual(inst.phash(), "physical_path = ('',)") + + def test_it_call_val_tuple_True(self): + inst = self._makeOne(('', 'abc'), None) + root = Dummy() + root.__name__ = '' + root.__parent__ = None + context = Dummy() + context.__name__ = 'abc' + context.__parent__ = root + self.assertTrue(inst(context, None)) + + def test_it_call_val_list_True(self): + inst = self._makeOne(['', 'abc'], None) + root = Dummy() + root.__name__ = '' + root.__parent__ = None + context = Dummy() + context.__name__ = 'abc' + context.__parent__ = root + self.assertTrue(inst(context, None)) + + def test_it_call_val_str_True(self): + inst = self._makeOne('/abc', None) + root = Dummy() + root.__name__ = '' + root.__parent__ = None + context = Dummy() + context.__name__ = 'abc' + context.__parent__ = root + self.assertTrue(inst(context, None)) + + def test_it_call_False(self): + inst = self._makeOne('/', None) + root = Dummy() + root.__name__ = '' + root.__parent__ = None + context = Dummy() + context.__name__ = 'abc' + context.__parent__ = root + self.assertFalse(inst(context, None)) + class predicate(object): def __repr__(self): return 'predicate' diff --git a/pyramid/view.py b/pyramid/view.py index 76f466b83..51ded423c 100644 --- a/pyramid/view.py +++ b/pyramid/view.py @@ -170,7 +170,7 @@ class view_config(object): ``request_type``, ``route_name``, ``request_method``, ``request_param``, ``containment``, ``xhr``, ``accept``, ``header``, ``path_info``, ``custom_predicates``, ``decorator``, ``mapper``, ``http_cache``, - ``match_param``, ``csrf_token``, and ``predicates``. + ``match_param``, ``csrf_token``, ``physical_path``, and ``predicates``. The meanings of these arguments are the same as the arguments passed to :meth:`pyramid.config.Configurator.add_view`. If any argument is left -- cgit v1.2.3 From 4a6cca62ddf33580b1de210ef5ca54bfb2769243 Mon Sep 17 00:00:00 2001 From: Chris McDonough Date: Fri, 26 Oct 2012 01:48:24 -0400 Subject: prep for 1.4a3 --- CHANGES.txt | 4 ++-- RELEASING.txt | 6 +++--- docs/conf.py | 2 +- docs/remake | 2 +- docs/whatsnew-1.4.rst | 31 +++++++++++++++++++++++++++++++ setup.py | 2 +- 6 files changed, 39 insertions(+), 8 deletions(-) diff --git a/CHANGES.txt b/CHANGES.txt index 4baf81581..1eec21fc2 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -1,5 +1,5 @@ -Next release -============ +1.4a3 (2012-10-26) +================== Bug Fixes --------- diff --git a/RELEASING.txt b/RELEASING.txt index c97c8ef60..379965c53 100644 --- a/RELEASING.txt +++ b/RELEASING.txt @@ -13,10 +13,10 @@ Releasing Pyramid Make sure statement coverage is at 100%:: -- Run Windows tests for Python 2.6, 2.7, and 3.2 if feasible. +- Run Windows tests for Python 2.6, 2.7, 3.2, and 3.3 if feasible. -- Make sure all scaffold tests pass (Py 2.6, 2.7, 3.2 and pypy on UNIX; this - doesn't work on Windows): +- Make sure all scaffold tests pass (Py 2.6, 2.7, 3.2, 3.3 and pypy on UNIX; + this doesn't work on Windows): $ python pyramid/scaffolds/tests.py diff --git a/docs/conf.py b/docs/conf.py index 337b1d8bf..9bda4c798 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -81,7 +81,7 @@ copyright = '%s, Agendaless Consulting' % datetime.datetime.now().year # other places throughout the built documents. # # The short X.Y version. -version = '1.4a2' +version = '1.4a3' # The full version, including alpha/beta/rc tags. release = version diff --git a/docs/remake b/docs/remake index b236f2976..eb818289f 100755 --- a/docs/remake +++ b/docs/remake @@ -1 +1 @@ -make clean html SPHINXBUILD=../env26/bin/sphinx-build +make clean html SPHINXBUILD=../env27/bin/sphinx-build diff --git a/docs/whatsnew-1.4.rst b/docs/whatsnew-1.4.rst index 6aa390e64..59e1f7a96 100644 --- a/docs/whatsnew-1.4.rst +++ b/docs/whatsnew-1.4.rst @@ -165,6 +165,37 @@ Minor Feature Additions - Add ``Base.metadata.bind = engine`` to ``alchemy`` scaffold, so that tables defined imperatively will work. +- Comments with references to documentation sections placed in scaffold + ``.ini`` files. + +- Allow multiple values to be specified to the ``request_param`` view/route + predicate as a sequence. Previously only a single string value was allowed. + See https://github.com/Pylons/pyramid/pull/705 + +- Added an HTTP Basic authentication policy + at :class:`pyramid.authentication.BasicAuthAuthenticationPolicy`. + +- The :meth:`pyramid.config.Configurator.testing_securitypolicy` method now + returns the policy object it creates. + +- The DummySecurityPolicy created by + :meth:`pyramid.config.testing_securitypolicy` now sets a ``forgotten`` value + on the policy (the value ``True``) when its ``forget`` method is called. + + +- The DummySecurityPolicy created by + :meth:`pyramid.config.testing_securitypolicy` now sets a + ``remembered`` value on the policy, which is the value of the ``principal`` + argument it's called with when its ``remember`` method is called. + +- New ``physical_path`` view predicate. If specified, this value should be a + string or a tuple representing the physical traversal path of the context + found via traversal for this predicate to match as true. For example: + ``physical_path='/'`` or ``physical_path='/a/b/c'`` or ``physical_path=('', + 'a', 'b', 'c')``. It's useful when you want to always potentially show a + view when some object is traversed to, but you can't be sure about what kind + of object it will be, so you can't use the ``context`` predicate. + Backwards Incompatibilities --------------------------- diff --git a/setup.py b/setup.py index 40117cf4c..4ea63a3ee 100644 --- a/setup.py +++ b/setup.py @@ -68,7 +68,7 @@ testing_extras = tests_require + [ ] setup(name='pyramid', - version='1.4a2', + version='1.4a3', description=('The Pyramid web application development framework, a ' 'Pylons project'), long_description=README + '\n\n' + CHANGES, -- cgit v1.2.3