Mercurial > p > roundup > code

view test/tx_Source_detector.py @ 5643:a60cbbcc9309

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added support for accepting application/json payload in addition to the existing application/x-www-form-urlencoded. The key for this is that the third element of the FieldStorage is a string as opposed to a list. So the code checks for the string and that the Content-Type is exactly application/json. I do a string match for the Content-Type. This code also adds testing for the dispatch method of RestfulInstance. It tests dispatch using GET, PUT, POST, PATCH methods with json and form data payloads. Existing tests bypass the dispatch method. It moves check for pretty printing till after the input payload is checked to see if it's json. So you can set pretty in the json payload if wanted. Adds a new class: SimulateFieldStorageFromJson. This class emulates the calling interface of FieldStorage. The json payload is parsed into this class. Then the new object is passed off to the code that expects a FieldStorage class. Note that this may or may not work for file uploads, but for issue creation, setting properties, patching objects, it seems to work. Also refactored/replaced the etag header checks to use a more generic method that will work for any header (e.g. Content-Type). Future enhancements are to parse the full form of the Content-Type mime type so something like: application/vnd.roundup.v1+json will also work. Also the SimulateFieldStorageFromJson could be used to represent XML format input, if so need to rename the class dropping FromJson. But because of the issues with native xml parsers in python parsing untrusted data, we may not want to go that route. curl examples for my tracker is: curl -s -u user:pass -X POST --header 'Content-Type: application/json' \ --header 'Accept: application/json' \ --data '{"title": "foo bar", "fyi": "text", "private": "true", "priority": "high" }' \ -w "http status: %{http_code}\n" \ "https://example.net/demo/rest/data/issue" { "data": { "link": "https://example.net/demo/rest/data/issue/2229", "id": "2229" } } http status: 201
author John Rouillard <rouilj@ieee.org>
date Sun, 10 Mar 2019 17:35:25 -0400
parents 64b05e24dbd8
children 9938c40e03bc
line wrap: on
line source

#
# Example output when the web interface changes item 3 and the email
# (non pgp) interface changes item 4:
#
# tx_SourceCheckAudit(3) pre db.tx_Source: cgi
# tx_SourceCheckAudit(4) pre db.tx_Source: email
# tx_SourceCheckAudit(3) post db.tx_Source: cgi
# tx_SourceCheckAudit(4) post db.tx_Source: email
# tx_SourceCheckReact(4) pre db.tx_Source: email
# tx_SourceCheckReact(4) post db.tx_Source: email
# tx_SourceCheckReact(3) pre db.tx_Source: cgi
# tx_SourceCheckReact(3) post db.tx_Source: cgi
#
# Note that the calls are interleaved, but the proper
# tx_Source is associated with the same ticket.

from __future__ import print_function
import time as time

def tx_SourceCheckAudit(db, cl, nodeid, newvalues):
    ''' An auditor to print the value of the source of the
        transaction that trigger this change. The sleep call
        is used to delay the transaction so that multiple changes will
        overlap. The expected output from this detector are 2 lines
        with the same value for tx_Source. Tx source is:
          None - Reported when using a script or it is an error if
                 the change arrives by another method.
          "cli" - reported when using roundup-admin
          "web" - reported when using any web based technique
          "email" - reported when using an unautheticated email based technique
          "email-sig-openpgp" - reported when email with a valid pgp
                                signature is used
    '''
    if __debug__ and False:
        print("\n  tx_SourceCheckAudit(%s) db.tx_Source: %s"%(nodeid, db.tx_Source))

    newvalues['tx_Source'] = db.tx_Source

    # example use for real to prevent a change from happening if it's
    # submited via email
    #
    # if db.tx_Source == "email":
    #    raise Reject, 'Change not allowed via email'

def tx_SourceCheckReact(db, cl, nodeid, oldvalues):
    ''' An reactor to print the value of the source of the
        transaction that trigger this change. The sleep call
        is used to delay the transaction so that multiple changes will
        overlap. The expected output from this detector are 2 lines
        with the same value for tx_Source. Tx source is:
          None - Reported when using a script or it is an error if
                 the change arrives by another method.
          "cli" - reported when using roundup-admin
          "web" - reported when using any web based technique
          "email" - reported when using an unautheticated email based technique
          "email-sig-openpgp" - reported when email with a valid pgp
                                signature is used
    '''

    if __debug__ and False:
        print("  tx_SourceCheckReact(%s) db.tx_Source: %s"%(nodeid, db.tx_Source))



def init(db):
    db.issue.audit('create', tx_SourceCheckAudit)
    db.issue.audit('set', tx_SourceCheckAudit)

    db.issue.react('set', tx_SourceCheckReact)
    db.issue.react('create', tx_SourceCheckReact)

    db.msg.audit('create', tx_SourceCheckAudit)
Roundup Issue Tracker: http://roundup-tracker.org/