commit | author | age
|
c7974f
|
1 |
import re |
MM |
2 |
|
|
3 |
from pyramid.exceptions import ConfigurationError |
|
4 |
|
|
5 |
from pyramid.compat import is_nonstr_iter |
|
6 |
|
a2c7c7
|
7 |
from pyramid.csrf import check_csrf_token |
c7974f
|
8 |
from pyramid.traversal import ( |
MM |
9 |
find_interface, |
|
10 |
traversal_path, |
|
11 |
resource_path_tuple |
|
12 |
) |
|
13 |
|
|
14 |
from pyramid.urldispatch import _compile_route |
52fde9
|
15 |
from pyramid.util import ( |
MM |
16 |
as_sorted_tuple, |
|
17 |
object_description, |
|
18 |
) |
c7974f
|
19 |
|
MM |
20 |
_marker = object() |
|
21 |
|
|
22 |
class XHRPredicate(object): |
|
23 |
def __init__(self, val, config): |
|
24 |
self.val = bool(val) |
|
25 |
|
|
26 |
def text(self): |
|
27 |
return 'xhr = %s' % self.val |
|
28 |
|
|
29 |
phash = text |
|
30 |
|
|
31 |
def __call__(self, context, request): |
|
32 |
return bool(request.is_xhr) is self.val |
|
33 |
|
|
34 |
class RequestMethodPredicate(object): |
|
35 |
def __init__(self, val, config): |
|
36 |
request_method = as_sorted_tuple(val) |
|
37 |
if 'GET' in request_method and 'HEAD' not in request_method: |
|
38 |
# GET implies HEAD too |
|
39 |
request_method = as_sorted_tuple(request_method + ('HEAD',)) |
|
40 |
self.val = request_method |
|
41 |
|
|
42 |
def text(self): |
|
43 |
return 'request_method = %s' % (','.join(self.val)) |
|
44 |
|
|
45 |
phash = text |
|
46 |
|
|
47 |
def __call__(self, context, request): |
|
48 |
return request.method in self.val |
|
49 |
|
|
50 |
class PathInfoPredicate(object): |
|
51 |
def __init__(self, val, config): |
|
52 |
self.orig = val |
|
53 |
try: |
|
54 |
val = re.compile(val) |
|
55 |
except re.error as why: |
|
56 |
raise ConfigurationError(why.args[0]) |
|
57 |
self.val = val |
|
58 |
|
|
59 |
def text(self): |
|
60 |
return 'path_info = %s' % (self.orig,) |
|
61 |
|
|
62 |
phash = text |
|
63 |
|
|
64 |
def __call__(self, context, request): |
|
65 |
return self.val.match(request.upath_info) is not None |
|
66 |
|
|
67 |
class RequestParamPredicate(object): |
|
68 |
def __init__(self, val, config): |
|
69 |
val = as_sorted_tuple(val) |
|
70 |
reqs = [] |
|
71 |
for p in val: |
|
72 |
k = p |
|
73 |
v = None |
|
74 |
if p.startswith('='): |
|
75 |
if '=' in p[1:]: |
|
76 |
k, v = p[1:].split('=', 1) |
|
77 |
k = '=' + k |
|
78 |
k, v = k.strip(), v.strip() |
|
79 |
elif '=' in p: |
|
80 |
k, v = p.split('=', 1) |
|
81 |
k, v = k.strip(), v.strip() |
|
82 |
reqs.append((k, v)) |
|
83 |
self.val = val |
|
84 |
self.reqs = reqs |
|
85 |
|
|
86 |
def text(self): |
|
87 |
return 'request_param %s' % ','.join( |
|
88 |
['%s=%s' % (x,y) if y else x for x, y in self.reqs] |
|
89 |
) |
|
90 |
|
|
91 |
phash = text |
|
92 |
|
|
93 |
def __call__(self, context, request): |
|
94 |
for k, v in self.reqs: |
|
95 |
actual = request.params.get(k) |
|
96 |
if actual is None: |
|
97 |
return False |
|
98 |
if v is not None and actual != v: |
|
99 |
return False |
|
100 |
return True |
|
101 |
|
|
102 |
class HeaderPredicate(object): |
|
103 |
def __init__(self, val, config): |
|
104 |
name = val |
|
105 |
v = None |
|
106 |
if ':' in name: |
|
107 |
name, val_str = name.split(':', 1) |
|
108 |
try: |
|
109 |
v = re.compile(val_str) |
|
110 |
except re.error as why: |
|
111 |
raise ConfigurationError(why.args[0]) |
|
112 |
if v is None: |
|
113 |
self._text = 'header %s' % (name,) |
|
114 |
else: |
|
115 |
self._text = 'header %s=%s' % (name, val_str) |
|
116 |
self.name = name |
|
117 |
self.val = v |
|
118 |
|
|
119 |
def text(self): |
|
120 |
return self._text |
|
121 |
|
|
122 |
phash = text |
|
123 |
|
|
124 |
def __call__(self, context, request): |
|
125 |
if self.val is None: |
|
126 |
return self.name in request.headers |
|
127 |
val = request.headers.get(self.name) |
|
128 |
if val is None: |
|
129 |
return False |
|
130 |
return self.val.match(val) is not None |
|
131 |
|
|
132 |
class AcceptPredicate(object): |
4a9f4f
|
133 |
_is_using_deprecated_ranges = False |
MM |
134 |
|
|
135 |
def __init__(self, values, config): |
|
136 |
if not is_nonstr_iter(values): |
|
137 |
values = (values,) |
|
138 |
# deprecated media ranges were only supported in versions of the |
|
139 |
# predicate that didn't support lists, so check it here |
|
140 |
if len(values) == 1 and '*' in values[0]: |
|
141 |
self._is_using_deprecated_ranges = True |
|
142 |
self.values = values |
c7974f
|
143 |
|
MM |
144 |
def text(self): |
30f79d
|
145 |
return 'accept = %s' % (', '.join(self.values),) |
c7974f
|
146 |
|
MM |
147 |
phash = text |
|
148 |
|
|
149 |
def __call__(self, context, request): |
4a9f4f
|
150 |
if self._is_using_deprecated_ranges: |
MM |
151 |
return self.values[0] in request.accept |
2497d0
|
152 |
return bool(request.accept.acceptable_offers(self.values)) |
c7974f
|
153 |
|
MM |
154 |
class ContainmentPredicate(object): |
|
155 |
def __init__(self, val, config): |
|
156 |
self.val = config.maybe_dotted(val) |
|
157 |
|
|
158 |
def text(self): |
|
159 |
return 'containment = %s' % (self.val,) |
|
160 |
|
|
161 |
phash = text |
|
162 |
|
|
163 |
def __call__(self, context, request): |
|
164 |
ctx = getattr(request, 'context', context) |
|
165 |
return find_interface(ctx, self.val) is not None |
|
166 |
|
|
167 |
class RequestTypePredicate(object): |
|
168 |
def __init__(self, val, config): |
|
169 |
self.val = val |
|
170 |
|
|
171 |
def text(self): |
|
172 |
return 'request_type = %s' % (self.val,) |
|
173 |
|
|
174 |
phash = text |
|
175 |
|
|
176 |
def __call__(self, context, request): |
|
177 |
return self.val.providedBy(request) |
|
178 |
|
|
179 |
class MatchParamPredicate(object): |
|
180 |
def __init__(self, val, config): |
|
181 |
val = as_sorted_tuple(val) |
|
182 |
self.val = val |
|
183 |
reqs = [ p.split('=', 1) for p in val ] |
|
184 |
self.reqs = [ (x.strip(), y.strip()) for x, y in reqs ] |
|
185 |
|
|
186 |
def text(self): |
|
187 |
return 'match_param %s' % ','.join( |
|
188 |
['%s=%s' % (x,y) for x, y in self.reqs] |
|
189 |
) |
|
190 |
|
|
191 |
phash = text |
|
192 |
|
|
193 |
def __call__(self, context, request): |
|
194 |
if not request.matchdict: |
|
195 |
# might be None |
|
196 |
return False |
|
197 |
for k, v in self.reqs: |
|
198 |
if request.matchdict.get(k) != v: |
|
199 |
return False |
|
200 |
return True |
|
201 |
|
|
202 |
class CustomPredicate(object): |
|
203 |
def __init__(self, func, config): |
|
204 |
self.func = func |
|
205 |
|
|
206 |
def text(self): |
|
207 |
return getattr( |
|
208 |
self.func, |
|
209 |
'__text__', |
|
210 |
'custom predicate: %s' % object_description(self.func) |
|
211 |
) |
|
212 |
|
|
213 |
def phash(self): |
|
214 |
# using hash() here rather than id() is intentional: we |
|
215 |
# want to allow custom predicates that are part of |
|
216 |
# frameworks to be able to define custom __hash__ |
|
217 |
# functions for custom predicates, so that the hash output |
|
218 |
# of predicate instances which are "logically the same" |
|
219 |
# may compare equal. |
|
220 |
return 'custom:%r' % hash(self.func) |
|
221 |
|
|
222 |
def __call__(self, context, request): |
|
223 |
return self.func(context, request) |
|
224 |
|
|
225 |
|
|
226 |
class TraversePredicate(object): |
|
227 |
# Can only be used as a *route* "predicate"; it adds 'traverse' to the |
|
228 |
# matchdict if it's specified in the routing args. This causes the |
|
229 |
# ResourceTreeTraverser to use the resolved traverse pattern as the |
|
230 |
# traversal path. |
|
231 |
def __init__(self, val, config): |
|
232 |
_, self.tgenerate = _compile_route(val) |
|
233 |
self.val = val |
|
234 |
|
|
235 |
def text(self): |
|
236 |
return 'traverse matchdict pseudo-predicate' |
|
237 |
|
|
238 |
def phash(self): |
|
239 |
# This isn't actually a predicate, it's just a infodict modifier that |
|
240 |
# injects ``traverse`` into the matchdict. As a result, we don't |
|
241 |
# need to update the hash. |
|
242 |
return '' |
|
243 |
|
|
244 |
def __call__(self, context, request): |
|
245 |
if 'traverse' in context: |
|
246 |
return True |
|
247 |
m = context['match'] |
|
248 |
tvalue = self.tgenerate(m) # tvalue will be urlquoted string |
|
249 |
m['traverse'] = traversal_path(tvalue) |
|
250 |
# This isn't actually a predicate, it's just a infodict modifier that |
|
251 |
# injects ``traverse`` into the matchdict. As a result, we just |
|
252 |
# return True. |
|
253 |
return True |
|
254 |
|
|
255 |
class CheckCSRFTokenPredicate(object): |
|
256 |
|
|
257 |
check_csrf_token = staticmethod(check_csrf_token) # testing |
|
258 |
|
|
259 |
def __init__(self, val, config): |
|
260 |
self.val = val |
|
261 |
|
|
262 |
def text(self): |
|
263 |
return 'check_csrf = %s' % (self.val,) |
|
264 |
|
|
265 |
phash = text |
|
266 |
|
|
267 |
def __call__(self, context, request): |
|
268 |
val = self.val |
|
269 |
if val: |
|
270 |
if val is True: |
|
271 |
val = 'csrf_token' |
|
272 |
return self.check_csrf_token(request, val, raises=False) |
|
273 |
return True |
|
274 |
|
|
275 |
class PhysicalPathPredicate(object): |
|
276 |
def __init__(self, val, config): |
|
277 |
if is_nonstr_iter(val): |
|
278 |
self.val = tuple(val) |
|
279 |
else: |
|
280 |
val = tuple(filter(None, val.split('/'))) |
|
281 |
self.val = ('',) + val |
|
282 |
|
|
283 |
def text(self): |
|
284 |
return 'physical_path = %s' % (self.val,) |
|
285 |
|
|
286 |
phash = text |
|
287 |
|
|
288 |
def __call__(self, context, request): |
|
289 |
if getattr(context, '__name__', _marker) is not _marker: |
|
290 |
return resource_path_tuple(context) == self.val |
|
291 |
return False |
|
292 |
|
|
293 |
class EffectivePrincipalsPredicate(object): |
|
294 |
def __init__(self, val, config): |
|
295 |
if is_nonstr_iter(val): |
|
296 |
self.val = set(val) |
|
297 |
else: |
|
298 |
self.val = set((val,)) |
|
299 |
|
|
300 |
def text(self): |
|
301 |
return 'effective_principals = %s' % sorted(list(self.val)) |
|
302 |
|
|
303 |
phash = text |
|
304 |
|
|
305 |
def __call__(self, context, request): |
|
306 |
req_principals = request.effective_principals |
|
307 |
if is_nonstr_iter(req_principals): |
|
308 |
rpset = set(req_principals) |
|
309 |
if self.val.issubset(rpset): |
|
310 |
return True |
|
311 |
return False |
|
312 |
|
52fde9
|
313 |
class Notted(object): |
MM |
314 |
def __init__(self, predicate): |
|
315 |
self.predicate = predicate |
|
316 |
|
|
317 |
def _notted_text(self, val): |
|
318 |
# if the underlying predicate doesnt return a value, it's not really |
|
319 |
# a predicate, it's just something pretending to be a predicate, |
|
320 |
# so dont update the hash |
|
321 |
if val: |
|
322 |
val = '!' + val |
|
323 |
return val |
|
324 |
|
|
325 |
def text(self): |
|
326 |
return self._notted_text(self.predicate.text()) |
|
327 |
|
|
328 |
def phash(self): |
|
329 |
return self._notted_text(self.predicate.phash()) |
|
330 |
|
|
331 |
def __call__(self, context, request): |
|
332 |
result = self.predicate(context, request) |
|
333 |
phash = self.phash() |
|
334 |
if phash: |
|
335 |
result = not result |
|
336 |
return result |