Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def checkAppURI(self,uri,**kw):
util.setup_testing_defaults(kw)
self.assertEqual(util.application_uri(kw),uri)
def checkAppURI(self,uri,**kw):
util.setup_testing_defaults(kw)
self.assertEqual(util.application_uri(kw),uri)
def checkAppURI(self,uri,**kw):
util.setup_testing_defaults(kw)
self.assertEqual(util.application_uri(kw),uri)
def checkAppURI(self,uri,**kw):
util.setup_testing_defaults(kw)
self.assertEqual(util.application_uri(kw),uri)
# AppScale: Here we check to see if our secret hash is in the header which
# authenticates that the task was created from an AppScale deployment and
# not an unauthorized party.
if (constants.FAKE_IS_ADMIN_HEADER in environ and
self._secret_hash == environ[constants.FAKE_IS_ADMIN_HEADER]):
admin = True
if constants.FAKE_LOGGED_IN_HEADER in environ:
email_addr = 'Fake User'
# admin has an effect only with login: admin (not login: required).
if requires_login and not email_addr and not (admin and admin_only):
if auth_fail_action == appinfo.AUTH_FAIL_ACTION_REDIRECT:
logging.debug('login required, redirecting user')
return login.login_redirect(wsgiref.util.application_uri(environ),
wsgiref.util.request_uri(environ),
start_response)
elif auth_fail_action == appinfo.AUTH_FAIL_ACTION_UNAUTHORIZED:
logging.debug('login required, user unauthorized')
start_response('401 Not authorized', [('Content-Type', 'text/html'),
('Cache-Control', 'no-cache')])
return ['Login required to view page.']
elif admin_only and not admin:
logging.debug('admin required, user unauthorized')
start_response('401 Not authorized', [('Content-Type', 'text/html'),
('Cache-Control', 'no-cache')])
return ['Current logged in user %s is not '
'authorized to view this page.'
% email_addr]
# Authorization check succeeded
auth_fail_action = self._url_map.auth_fail_action
cookies = environ.get('HTTP_COOKIE')
email_addr, admin, _ = login.get_user_info(cookies)
if constants.FAKE_IS_ADMIN_HEADER in environ:
admin = True
if constants.FAKE_LOGGED_IN_HEADER in environ:
email_addr = 'Fake User'
# admin has an effect only with login: admin (not login: required).
if requires_login and not email_addr and not (admin and admin_only):
if auth_fail_action == appinfo.AUTH_FAIL_ACTION_REDIRECT:
logging.debug('login required, redirecting user')
return login.login_redirect(wsgiref.util.application_uri(environ),
wsgiref.util.request_uri(environ),
start_response)
elif auth_fail_action == appinfo.AUTH_FAIL_ACTION_UNAUTHORIZED:
logging.debug('login required, user unauthorized')
start_response('401 Not authorized', [('Content-Type', 'text/html'),
('Cache-Control', 'no-cache')])
return ['Login required to view page.']
elif admin_only and not admin:
logging.debug('admin required, user unauthorized')
start_response('401 Not authorized', [('Content-Type', 'text/html'),
('Cache-Control', 'no-cache')])
return ['Current logged in user %s is not '
'authorized to view this page.'
% email_addr]
# Authorization check succeeded
def __call__(self, environ, start_response):
application_uri = wsgiref.util.application_uri(environ)
if application_uri[-1] != '/':
application_uri += '/'
module = wsgiref.util.shift_path_info(environ)
if module == 'machine':
return MachineHandler(self, application_uri, environ, start_response)
elif module == 'sourcefile':
return SourceFileHandler(self, application_uri, environ, start_response)
elif module == 'softwarelist':
return SoftwareListHandler(self, application_uri, environ, start_response)
elif module == 'romident':
return RomIdentHandler(self, application_uri, environ, start_response)
elif module == 'static':
return AssetHandler(self.assetsdir, self, application_uri, environ, start_response)
elif module == 'rpc':
service = wsgiref.util.shift_path_info(environ)
if not service:
def get(self):
cid = str(uuid.uuid4())
token = channel.create_channel(cid)
app_url = wsgiref.util.application_uri(self.request.environ)
self.render_template('index.html', {'token': token, 'cid': cid,
'app_url': app_url})
msg = 'Error: do not have product id.'
url = '/'
linktext = 'Go to product search page.'
self.render_template(
'notification.html',
{'title': 'Error', 'msg': msg,
'goto_url': url, 'linktext': linktext})
return
doc = docs.Product.getDocFromPid(pid)
if not doc:
error_message = ('Document not found for pid %s.' % pid)
return self.abort(404, error_message)
logging.error(error_message)
pdoc = docs.Product(doc)
pname = pdoc.getName()
app_url = wsgiref.util.application_uri(self.request.environ)
rlink = '/reviews?' + urllib.urlencode({'pid': pid, 'pname': pname})
template_values = {
'app_url': app_url,
'pid': pid,
'pname': pname,
'review_link': rlink,
'comment': params['comment'],
'rating': params['rating'],
'category': pdoc.getCategory(),
'prod_doc': doc,
# for this demo, 'admin' status simply equates to being logged in
'user_is_admin': users.get_current_user()}
self.render_template('product.html', template_values)