0001-wcs-add-support-for-linking-displaying-card-file-fie.patch

Frédéric Péters, 08 novembre 2021 19:06

Voir les différences: en ligne côte à côte

Subject: [PATCH] wcs: add support for linking/displaying card file fields
 (#51994)

 combo/apps/wcs/models.py                      |  2 +-
 .../templates/combo/wcs/card-field-value.html |  8 ++++-
 combo/apps/wcs/templates/combo/wcs/card.html  |  2 +-
 combo/apps/wcs/templatetags/wcs.py            | 19 ++++++++++++
 combo/apps/wcs/urls.py                        |  7 ++++-
 combo/apps/wcs/views.py                       | 22 +++++++++++--
 combo/utils/misc.py                           | 17 ++++++----
 combo/utils/requests_wrapper.py               | 17 ++--------
 tests/test_wcs.py                             | 31 +++++++++++++++++--
 9 files changed, 95 insertions(+), 30 deletions(-)

             if not card_id:
                 return extra_context
             card_slug = self.carddef_reference.split(':')[1]
             api_url = '/api/cards/%s/%s/' % (card_slug, card_id)
             api_url = '/api/cards/%s/%s/?include-files-content=off' % (card_slug, card_id)
             wcs_site = get_wcs_services().get(self.wcs_site)

     {% spaceless %}
     {% load combo wcs %}{% spaceless %}
     {% if field.type == "text" and mode != 'inline' and value %}
     <div class="value">{{ field|format_text:value }}</div>
     {% else %}
-...
       {{ value|date }}
     {% elif field.type == "bool" and value is not None %}
       {{ value|yesno }}
     {% elif field.type == 'file' and value %}
       {% if value.content_type|startswith:"image/" %}
         <img alt="" src="{% make_public_url url=value.url %}">
       {% else %}
         <a href="{% make_public_url url=value.url %}" download="{{ value.filename }}">{{ value.filename }}</a>
       {% endif %}
     {% else %}
       {{ value|default:"" }}
     {% endif %}

     {% else %}
     {% for field in schema.fields %}
       {% if 'varname' in field and field.varname and field.type != 'file' %}
       {% if 'varname' in field and field.varname %}
       {% with card.fields|get:field.varname as value %}
       <div class="card--auto-field">
         <span class="label">{{ field.label }}</span>

     # along with this program.  If not, see <http://www.gnu.org/licenses/>.
     from django import template
     from django.conf import settings
     from django.urls import reverse
     from django.utils.encoding import force_bytes
     from django.utils.html import escape
     from django.utils.safestring import mark_safe
     from combo.utils import aes_hex_encrypt
     register = template.Library()
-...
         if field.get('pre'):
             return mark_safe('<pre>%s</pre>' % escape(value))
         return mark_safe('<p>' + '\n'.join([(escape(x) or '</p><p>') for x in value.splitlines()]) + '</p>')
     @register.simple_tag(takes_context=True)
     def make_public_url(context, url):
         if not context.request.session.session_key:
             context.request.session.cycle_key()
         session_key = context.request.session.session_key
         return reverse(
             'wcs-redirect-crypto-url',
             kwargs={
                 'session_key': session_key,
                 'crypto_url': aes_hex_encrypt(settings.SECRET_KEY, force_bytes(url)),
             },
+        )

     from django.conf.urls import url
     from .views import TrackingCodeView, tracking_code_search
     from .views import TrackingCodeView, redirect_crypto_url, tracking_code_search
     urlpatterns = [
         url(r'^tracking-code/$', TrackingCodeView.as_view(), name='wcs-tracking-code'),
         url(r'^api/search/tracking-code/$', tracking_code_search, name='wcs-tracking-code-search'),
         url(
             r'^api/wcs/file/(?P<session_key>\w+)/(?P<crypto_url>[\w,-]+)/$',
             redirect_crypto_url,
             name='wcs-redirect-crypto-url',
         ),
+    ]

     from django.conf import settings
     from django.contrib import messages
     from django.core.exceptions import DisallowedRedirect, PermissionDenied
     from django.http import HttpResponseBadRequest, HttpResponseRedirect, JsonResponse
     from django.http import HttpResponseBadRequest, HttpResponseForbidden, HttpResponseRedirect, JsonResponse
     from django.utils.http import urlquote
     from django.utils.translation import ugettext_lazy as _
     from django.views.decorators.csrf import csrf_exempt
     from django.views.generic import View
     from combo.utils import requests
     from combo.utils.misc import is_url_from_known_service
     from combo.utils import DecryptionError, aes_hex_decrypt, requests, sign_url
     from combo.utils.misc import get_known_service_for_url, is_url_from_known_service
     from .models import TrackingCodeInputCell
     from .utils import get_wcs_services
-...
+                        }
+                    )
         return JsonResponse(response)
     def redirect_crypto_url(request, session_key, crypto_url):
         if session_key != request.session.session_key:
             return HttpResponseForbidden()
         try:
             real_url = aes_hex_decrypt(settings.SECRET_KEY, crypto_url)
         except DecryptionError:
             return HttpResponseForbidden('invalid crypto url')
         service = get_known_service_for_url(real_url)
         if '?' not in real_url:
             real_url += '?'
         real_url += '&orig=%s' % service['orig']
         redirect_url = sign_url(real_url, service['secret'])
         return HttpResponseRedirect(redirect_url)

         return flat_context
     def get_known_service_for_url(url):
         netloc = urllib.parse.urlparse(url).netloc
         for services in settings.KNOWN_SERVICES.values():
             for service in services.values():
                 remote_url = service.get('url')
                 if urllib.parse.urlparse(remote_url).netloc == netloc:
                     return service
         return None
     def is_url_from_known_service(url):
         netloc = urllib.parse.urlparse(url).netloc
         if not netloc:
             return True
         for service_id in settings.KNOWN_SERVICES or {}:
             for service_key in settings.KNOWN_SERVICES[service_id]:
                 service = settings.KNOWN_SERVICES[service_id][service_key]
                 if urllib.parse.urlparse(service.get('url')).netloc == netloc:
                     return True
         return False
         return bool(get_known_service_for_url(url))

     from requests import Session as RequestsSession
     from requests.auth import AuthBase
     from .misc import get_known_service_for_url
     from .signature import sign_url
-...
             self.cookies.clear()
             if remote_service == 'auto':
                 remote_service = None
                 scheme, netloc, path, params, query, fragment = urllib.parse.urlparse(url)
                 for services in settings.KNOWN_SERVICES.values():
                     for service in services.values():
                         remote_url = service.get('url')
                         remote_scheme, remote_netloc, dummy, dummy, dummy, dummy = urllib.parse.urlparse(
                             remote_url
+                        )
                         if remote_scheme == scheme and remote_netloc == netloc:
                             remote_service = service
                             break
                     else:
                         continue
                     break
                 remote_service = get_known_service_for_url(url)
                 if remote_service:
                     # only keeps the path (URI) in url parameter, scheme and netloc are
                     # in remote_service
                     scheme, netloc, path, params, query, fragment = urllib.parse.urlparse(url)
                     url = urllib.parse.urlunparse(('', '', path, params, query, fragment))
                 else:
                     logging.warning('service not found in settings.KNOWN_SERVICES for %s', url)

     import json
     import re
     import urllib.parse
     from importlib import import_module
     from unittest import mock
     import pytest
-...
             'fielda': 'a',
             'fieldb': True,
             'fieldc': '2020-09-28',
             'fieldd': {'filename': 'file.pdf', 'url': 'http://some-url.com/download?f=42'},
             'fieldd': {'filename': 'file.pdf', 'url': 'http://127.0.0.1:8999/download?f=42'},
             'fielde': 'lorem<strong>ipsum\n\nhello world',
             'fieldf': 'lorem<strong>ipsum\n\nhello world',
             'related': 'Foo Bar',
-...
     def context():
         ctx = {'request': RequestFactory().get('/')}
         ctx['request'].user = None
         ctx['request'].session = {}
         session_engine = import_module(settings.SESSION_ENGINE)
         ctx['request'].session = session_engine.SessionStore()
         return ctx
-...
         assert PyQuery(result).find('span.label:contains("Related") + span').text() == 'Foo Bar'
         assert 'related_raw' not in result
         assert 'related_structured' not in result
         assert 'Field D' not in result
         assert PyQuery(result).find('span.label:contains("Field D") + span a').text() == 'file.pdf'
         context.pop('title')
         cell.title_type = 'manual'
-...
         request.user = AnonymousUser()
         hits = search_site(request, 'form')
         assert len(hits) == 2
     @mock.patch('combo.apps.wcs.utils.requests.send', side_effect=mocked_requests_send)
     def test_card_file_redirection(mock_send, app):
         page = Page(title='One', slug='one', template_name='standard')
         page.save()
         cell = WcsCardInfosCell(page=page, placeholder='content', order=0)
         cell.carddef_reference = 'default:card_model_1'
         cell.card_id = '11'
         cell.save()
         resp = app.get('/one/')
         ajax_cell_url = PyQuery(resp.text).find('[data-ajax-cell-url]').attr['data-ajax-cell-url']
         resp = app.get(ajax_cell_url)
         file_url = PyQuery(resp.text).find('[download]').attr['href']
         resp = app.get(file_url)
         assert 'download?f=42' in resp.location
         assert '&signature=' in resp.location
         # invalid crypto
         resp = app.get(file_url[:-2] + 'X/', status=403)
         # invalid session key
         resp = app.get(file_url.replace('file/', 'file/X'), status=403)
+    -

Projet

Général

Profil

Produits Entr'ouvert » Combo

0001-wcs-add-support-for-linking-displaying-card-file-fie.patch