From 25cdbd76b59119bfe4b0b5b8352dc79acfef01d9 Mon Sep 17 00:00:00 2001 From: Theron Luhn Date: Sat, 7 Nov 2020 11:08:31 -0800 Subject: Remove `request.user` from wiki2 authentication tutorial. --- docs/tutorials/wiki2/src/authentication/tutorial/security.py | 2 -- .../wiki2/src/authentication/tutorial/templates/layout.jinja2 | 4 ++-- docs/tutorials/wiki2/src/authentication/tutorial/views/auth.py | 2 +- docs/tutorials/wiki2/src/authentication/tutorial/views/default.py | 6 +++--- 4 files changed, 6 insertions(+), 8 deletions(-) (limited to 'docs/tutorials/wiki2/src/authentication') diff --git a/docs/tutorials/wiki2/src/authentication/tutorial/security.py b/docs/tutorials/wiki2/src/authentication/tutorial/security.py index a4843f286..e0d8ed965 100644 --- a/docs/tutorials/wiki2/src/authentication/tutorial/security.py +++ b/docs/tutorials/wiki2/src/authentication/tutorial/security.py @@ -40,5 +40,3 @@ def includeme(config): config.set_default_csrf_options(require_csrf=True) config.set_security_policy(MySecurityPolicy(settings['auth.secret'])) - config.add_request_method( - lambda request: request.identity, 'user', property=True) diff --git a/docs/tutorials/wiki2/src/authentication/tutorial/templates/layout.jinja2 b/docs/tutorials/wiki2/src/authentication/tutorial/templates/layout.jinja2 index 64a1db0c5..5d6a23410 100644 --- a/docs/tutorials/wiki2/src/authentication/tutorial/templates/layout.jinja2 +++ b/docs/tutorials/wiki2/src/authentication/tutorial/templates/layout.jinja2 @@ -33,13 +33,13 @@
- {% if request.user is none %} + {% if request.identity is none %}

Login

{% else %}
- {{request.user.name}} + {{request.identity.name}}
diff --git a/docs/tutorials/wiki2/src/authentication/tutorial/views/auth.py b/docs/tutorials/wiki2/src/authentication/tutorial/views/auth.py index e1a564415..e66c68a34 100644 --- a/docs/tutorials/wiki2/src/authentication/tutorial/views/auth.py +++ b/docs/tutorials/wiki2/src/authentication/tutorial/views/auth.py @@ -53,7 +53,7 @@ def logout(request): @forbidden_view_config(renderer='tutorial:templates/403.jinja2') def forbidden_view(exc, request): - if request.user is None: + if request.identity is None: next_url = request.route_url('login', _query={'next': request.url}) return HTTPSeeOther(location=next_url) diff --git a/docs/tutorials/wiki2/src/authentication/tutorial/views/default.py b/docs/tutorials/wiki2/src/authentication/tutorial/views/default.py index 378ce0ae9..4fb715737 100644 --- a/docs/tutorials/wiki2/src/authentication/tutorial/views/default.py +++ b/docs/tutorials/wiki2/src/authentication/tutorial/views/default.py @@ -45,7 +45,7 @@ def view_page(request): def edit_page(request): pagename = request.matchdict['pagename'] page = request.dbsession.query(models.Page).filter_by(name=pagename).one() - user = request.user + user = request.identity if user is None or (user.role != 'editor' and page.creator != user): raise HTTPForbidden if request.method == 'POST': @@ -60,7 +60,7 @@ def edit_page(request): @view_config(route_name='add_page', renderer='tutorial:templates/edit.jinja2') def add_page(request): - user = request.user + user = request.identity if user is None or user.role not in ('editor', 'basic'): raise HTTPForbidden pagename = request.matchdict['pagename'] @@ -70,7 +70,7 @@ def add_page(request): if request.method == 'POST': body = request.params['body'] page = models.Page(name=pagename, data=body) - page.creator = request.user + page.creator = request.identity request.dbsession.add(page) next_url = request.route_url('view_page', pagename=pagename) return HTTPSeeOther(location=next_url) -- cgit v1.2.3 From 042a2b9967f23757393ee099f5c2016d6fb68107 Mon Sep 17 00:00:00 2001 From: Theron Luhn Date: Wed, 11 Nov 2020 21:48:41 -0800 Subject: Backport conftest changes to prior steps. --- docs/tutorials/wiki2/src/authentication/tests/conftest.py | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'docs/tutorials/wiki2/src/authentication') diff --git a/docs/tutorials/wiki2/src/authentication/tests/conftest.py b/docs/tutorials/wiki2/src/authentication/tests/conftest.py index 2db65f887..347180600 100644 --- a/docs/tutorials/wiki2/src/authentication/tests/conftest.py +++ b/docs/tutorials/wiki2/src/authentication/tests/conftest.py @@ -4,7 +4,7 @@ import alembic.command import os from pyramid.paster import get_appsettings from pyramid.scripting import prepare -from pyramid.testing import DummyRequest +from pyramid.testing import DummyRequest, testConfig import pytest import transaction from webob.cookies import Cookie @@ -103,7 +103,7 @@ def app_request(app, tm, dbsession): env['closer']() @pytest.fixture -def dummy_request(app, tm, dbsession): +def dummy_request(tm, dbsession): """ A lightweight dummy request. @@ -117,9 +117,13 @@ def dummy_request(app, tm, dbsession): """ request = DummyRequest() - request.registry = app.registry request.host = 'example.com' request.dbsession = dbsession request.tm = tm return request + +@pytest.yield_fixture +def dummy_config(dummy_request): + with testConfig(request=dummy_request) as config: + yield config -- cgit v1.2.3 From 86cb46d4d977d3a948308326bee628421cab93ea Mon Sep 17 00:00:00 2001 From: Theron Luhn Date: Wed, 11 Nov 2020 21:53:35 -0800 Subject: Remove `app_request` from wiki2 tests. --- .../wiki2/src/authentication/tests/conftest.py | 23 ---------------------- 1 file changed, 23 deletions(-) (limited to 'docs/tutorials/wiki2/src/authentication') diff --git a/docs/tutorials/wiki2/src/authentication/tests/conftest.py b/docs/tutorials/wiki2/src/authentication/tests/conftest.py index 347180600..57e86ac1c 100644 --- a/docs/tutorials/wiki2/src/authentication/tests/conftest.py +++ b/docs/tutorials/wiki2/src/authentication/tests/conftest.py @@ -3,7 +3,6 @@ import alembic.config import alembic.command import os from pyramid.paster import get_appsettings -from pyramid.scripting import prepare from pyramid.testing import DummyRequest, testConfig import pytest import transaction @@ -80,28 +79,6 @@ def testapp(app, tm, dbsession): return testapp -@pytest.fixture -def app_request(app, tm, dbsession): - """ - A real request. - - This request is almost identical to a real request but it has some - drawbacks in tests as it's harder to mock data and is heavier. - - """ - env = prepare(registry=app.registry) - request = env['request'] - request.host = 'example.com' - - # without this, request.dbsession will be joined to the same transaction - # manager but it will be using a different sqlalchemy.orm.Session using - # a separate database transaction - request.dbsession = dbsession - request.tm = tm - - yield request - env['closer']() - @pytest.fixture def dummy_request(tm, dbsession): """ -- cgit v1.2.3 From ea25ec5cd5715ab3dcf266a968166425e279927a Mon Sep 17 00:00:00 2001 From: Theron Luhn Date: Fri, 11 Dec 2020 09:22:15 -0800 Subject: Revert "Remove `app_request` from wiki2 tests." This reverts commit 86cb46d4d977d3a948308326bee628421cab93ea. --- .../wiki2/src/authentication/tests/conftest.py | 23 ++++++++++++++++++++++ 1 file changed, 23 insertions(+) (limited to 'docs/tutorials/wiki2/src/authentication') diff --git a/docs/tutorials/wiki2/src/authentication/tests/conftest.py b/docs/tutorials/wiki2/src/authentication/tests/conftest.py index 57e86ac1c..347180600 100644 --- a/docs/tutorials/wiki2/src/authentication/tests/conftest.py +++ b/docs/tutorials/wiki2/src/authentication/tests/conftest.py @@ -3,6 +3,7 @@ import alembic.config import alembic.command import os from pyramid.paster import get_appsettings +from pyramid.scripting import prepare from pyramid.testing import DummyRequest, testConfig import pytest import transaction @@ -79,6 +80,28 @@ def testapp(app, tm, dbsession): return testapp +@pytest.fixture +def app_request(app, tm, dbsession): + """ + A real request. + + This request is almost identical to a real request but it has some + drawbacks in tests as it's harder to mock data and is heavier. + + """ + env = prepare(registry=app.registry) + request = env['request'] + request.host = 'example.com' + + # without this, request.dbsession will be joined to the same transaction + # manager but it will be using a different sqlalchemy.orm.Session using + # a separate database transaction + request.dbsession = dbsession + request.tm = tm + + yield request + env['closer']() + @pytest.fixture def dummy_request(tm, dbsession): """ -- cgit v1.2.3 From 0416521c1c95cb8739b65906c1c3cced1b9163dc Mon Sep 17 00:00:00 2001 From: Theron Luhn Date: Fri, 11 Dec 2020 09:41:05 -0800 Subject: Install new cookiecutter conftests. --- .../wiki2/src/authentication/tests/conftest.py | 35 ++++++++++++---------- 1 file changed, 19 insertions(+), 16 deletions(-) (limited to 'docs/tutorials/wiki2/src/authentication') diff --git a/docs/tutorials/wiki2/src/authentication/tests/conftest.py b/docs/tutorials/wiki2/src/authentication/tests/conftest.py index 347180600..4ac4c60a8 100644 --- a/docs/tutorials/wiki2/src/authentication/tests/conftest.py +++ b/docs/tutorials/wiki2/src/authentication/tests/conftest.py @@ -7,7 +7,6 @@ from pyramid.scripting import prepare from pyramid.testing import DummyRequest, testConfig import pytest import transaction -from webob.cookies import Cookie import webtest from tutorial import main @@ -89,28 +88,26 @@ def app_request(app, tm, dbsession): drawbacks in tests as it's harder to mock data and is heavier. """ - env = prepare(registry=app.registry) - request = env['request'] - request.host = 'example.com' + with prepare(registry=app.registry) as env: + request = env['request'] + request.host = 'example.com' - # without this, request.dbsession will be joined to the same transaction - # manager but it will be using a different sqlalchemy.orm.Session using - # a separate database transaction - request.dbsession = dbsession - request.tm = tm + # without this, request.dbsession will be joined to the same transaction + # manager but it will be using a different sqlalchemy.orm.Session using + # a separate database transaction + request.dbsession = dbsession + request.tm = tm - yield request - env['closer']() + yield request @pytest.fixture def dummy_request(tm, dbsession): """ A lightweight dummy request. - This request is ultra-lightweight and should be used only when the - request itself is not a large focus in the call-stack. - - It is way easier to mock and control side-effects using this object. + This request is ultra-lightweight and should be used only when the request + itself is not a large focus in the call-stack. It is much easier to mock + and control side-effects using this object, however: - It does not have request extensions applied. - Threadlocals are not properly pushed. @@ -123,7 +120,13 @@ def dummy_request(tm, dbsession): return request -@pytest.yield_fixture +@pytest.fixture def dummy_config(dummy_request): + """ + A dummy :class:`pyramid.config.Configurator` object. This allows for + mock configuration, including configuration for ``dummy_request``, as well + as pushing the appropriate threadlocals. + + """ with testConfig(request=dummy_request) as config: yield config -- cgit v1.2.3 From 2ce552b73fc40bd35565be0e4599bf2189ea6e09 Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Sat, 12 Dec 2020 00:21:14 -0600 Subject: change identity checks to use request.is_authenticated --- .../tutorials/wiki2/src/authentication/tutorial/templates/layout.jinja2 | 2 +- docs/tutorials/wiki2/src/authentication/tutorial/views/auth.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'docs/tutorials/wiki2/src/authentication') diff --git a/docs/tutorials/wiki2/src/authentication/tutorial/templates/layout.jinja2 b/docs/tutorials/wiki2/src/authentication/tutorial/templates/layout.jinja2 index 5d6a23410..55f4a85dc 100644 --- a/docs/tutorials/wiki2/src/authentication/tutorial/templates/layout.jinja2 +++ b/docs/tutorials/wiki2/src/authentication/tutorial/templates/layout.jinja2 @@ -33,7 +33,7 @@
- {% if request.identity is none %} + {% if not request.is_authenticated %}

Login

diff --git a/docs/tutorials/wiki2/src/authentication/tutorial/views/auth.py b/docs/tutorials/wiki2/src/authentication/tutorial/views/auth.py index e66c68a34..807ff3464 100644 --- a/docs/tutorials/wiki2/src/authentication/tutorial/views/auth.py +++ b/docs/tutorials/wiki2/src/authentication/tutorial/views/auth.py @@ -53,7 +53,7 @@ def logout(request): @forbidden_view_config(renderer='tutorial:templates/403.jinja2') def forbidden_view(exc, request): - if request.identity is None: + if not request.is_authenticated: next_url = request.route_url('login', _query={'next': request.url}) return HTTPSeeOther(location=next_url) -- cgit v1.2.3