Mercurial > p > roundup > code
view test/test_pythonexpr.py @ 7150:72a54826ff4f
better rest Origin check; refactor CORS preflight code.
A previous version allowed requests without an origin that should
require it (e.g. an OPTIONS or PATCH request). Moved the origin
checking logic into the main flow. It looks like this was limited to
OPTIONS/PATCH requests as handle_csrf() (called later in the main
flow) handles POST, PUT, DELETE verbs.
Refactored CORS preflight request code into functions and call them
from main flow. Also return immediately. Prior code processed the
options request a second time due to falling through.
Modified is_origin_header_ok to return True if origin was missing and
it was a get request.
Fixed tests that make OPTIONS requests to supply origin.
Comment fixups.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Tue, 21 Feb 2023 16:42:20 -0500 |
| parents | e70885fe72a4 |
| children |
line wrap: on
line source
""" In Python 3, sometimes TAL "python:" expressions that refer to variables but not all variables are recognized. That is in Python 2.7 all variables used in a TAL "python:" expression are recognized as references. In Python 3.5 (perhaps earlier), some TAL "python:" expressions refer to variables but the reference generates an error like this: <class 'NameError'>: name 'some_tal_variable' is not defined even when the variable is defined. Output after this message lists the variable and its value. """ import unittest from roundup.cgi.PageTemplates.PythonExpr import PythonExpr as PythonExprClass class ExprTest(unittest.TestCase): def testExpr(self): expr = '[x for x in context.assignedto ' \ 'if x.realname not in user_realnames]' pe = PythonExprClass('test', expr, None) # Looking at the expression, only context and user_realnames are # external variables. The names assignedto and realname are members, # and x is local. required_names = ['context', 'user_realnames'] got_names = pe._f_varnames for required_name in required_names: self.assertIn(required_name, got_names)