Mercurial > p > roundup > code

view roundup/cgi/engine_chameleon.py @ 5726:e199d0ae4a25

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
issue2551033: prevent reverse engineering hidden data by using etags as an oracle to identify when the right data has been guessed. Identified by Joseph Myers who also suggested remediation methods. Implemented John Rouillard.
author John Rouillard <rouilj@ieee.org>
date Thu, 23 May 2019 18:56:57 -0400
parents 55f09ca366c4
children 4d20d8251bf2
line wrap: on
line source

"""Templating engine adapter for the Chameleon."""

__docformat__ = 'restructuredtext'

import os.path
import chameleon

from roundup.cgi.templating import context, TALLoaderBase
from roundup.anypy.strings import s2u

class Loader(TALLoaderBase):
    def __init__(self, dir):
        self.dir = dir
        self.loader = chameleon.PageTemplateLoader(dir)

    def load(self, tplname):
        src, filename = self._find(tplname)
        return RoundupPageTemplate(self.loader.load(src))

class RoundupPageTemplate(object):
    def __init__(self, pt):
        self._pt = pt

    def render(self, client, classname, request, **options):
        c = context(client, self, classname, request)
        c.update({'options': options})

        def translate(msgid, domain=None, mapping=None, default=None):
            result = client.translator.translate(domain, msgid,
                         mapping=mapping, default=default)
            return s2u(result)

        output = self._pt.render(None, translate, **c)
        return output.encode(client.charset)

    def __getitem__(self, name):
        return self._pt[name]

    def __getattr__(self, name):
        return getattr(self._pt, name)
Roundup Issue Tracker: http://roundup-tracker.org/