From 48b1d9f4d3ee5bc03d229774546860d72de22834 Mon Sep 17 00:00:00 2001 From: Emmanuel Cazenave Date: Wed, 18 Jul 2018 19:48:42 +0200 Subject: [PATCH] don't use context_instance in rendering functions (#25346) --- src/authentic2/auth2_auth/auth2_ssl/views.py | 14 +++---- src/authentic2/auth_frontends.py | 9 ++-- src/authentic2/idp/interactions.py | 13 +++--- src/authentic2/registration_backend/views.py | 15 +++---- src/authentic2/saml/common.py | 23 +++++------ src/authentic2/views.py | 43 ++++++++++---------- src/authentic2_auth_oidc/auth_frontends.py | 9 ++-- src/authentic2_auth_saml/auth_frontends.py | 13 +++--- 8 files changed, 59 insertions(+), 80 deletions(-) diff --git a/src/authentic2/auth2_auth/auth2_ssl/views.py b/src/authentic2/auth2_auth/auth2_ssl/views.py index bce8b3e3..7ca8d519 100644 --- a/src/authentic2/auth2_auth/auth2_ssl/views.py +++ b/src/authentic2/auth2_auth/auth2_ssl/views.py @@ -1,10 +1,9 @@ import logging from django.utils.translation import ugettext as _ -from django.shortcuts import render_to_response, render +from django.shortcuts import render from django.views.decorators.csrf import csrf_exempt from django.views.generic.base import TemplateView -from django.template import RequestContext from django.template.loader import render_to_string from django.contrib import messages from django.contrib.auth.forms import AuthenticationForm @@ -57,8 +56,7 @@ def handle_request(request): # No SSL entries and no user session, redirect account linking page if not user and not request.user.is_authenticated(): - return render_to_response('auth/account_linking_ssl.html', - context_instance=RequestContext(request)) + return render(request, 'auth/account_linking_ssl.html') # No SSL entries but active user session, perform account linking if not user and request.user.is_authenticated(): @@ -128,12 +126,10 @@ def post_account_linking(request): return render(request, 'auth/account_linking_ssl.html') def profile(request, template_name='ssl/profile.html', *args, **kwargs): - context_instance = kwargs.pop('context_instance', None) or \ - RequestContext(request) + context = kwargs.pop('context', {}) certificates = models.ClientCertificate.objects.filter(user=request.user) - ctx = { 'certificates': certificates } - return render_to_string(template_name, ctx, - context_instance=context_instance) + context.update({'certificates': certificates}) + return render_to_string(template_name, context, request=request) def delete_certificate(request, certificate_pk): qs = models.ClientCertificate.objects.filter(pk=certificate_pk) diff --git a/src/authentic2/auth_frontends.py b/src/authentic2/auth_frontends.py index d75a22db..36917dc5 100644 --- a/src/authentic2/auth_frontends.py +++ b/src/authentic2/auth_frontends.py @@ -17,7 +17,7 @@ class LoginPasswordBackend(object): return 'password' def login(self, request, *args, **kwargs): - context_instance = kwargs.get('context_instance', None) + context = kwargs.get('context', {}) is_post = request.method == 'POST' and self.submit_name in request.POST data = request.POST if is_post else None form = forms.AuthenticationForm(request=request, data=data) @@ -26,9 +26,7 @@ class LoginPasswordBackend(object): if app_settings.A2_USERNAME_LABEL: form.fields['username'].label = app_settings.A2_USERNAME_LABEL is_secure = request.is_secure - context = { - 'submit_name': self.submit_name, - } + context['submit_name'] = self.submit_name if is_post: utils.csrf_token_check(request, form) if form.is_valid(): @@ -39,8 +37,7 @@ class LoginPasswordBackend(object): return utils.login(request, form.get_user(), how, service_slug=request.GET.get(constants.SERVICE_FIELD_NAME)) context['form'] = form - return render(request, 'authentic2/login_password_form.html', context, - context_instance=context_instance) + return render(request, 'authentic2/login_password_form.html', context) def profile(self, request, *args, **kwargs): return views.login_password_profile(request, *args, **kwargs) diff --git a/src/authentic2/idp/interactions.py b/src/authentic2/idp/interactions.py index 39758b86..2df88db1 100644 --- a/src/authentic2/idp/interactions.py +++ b/src/authentic2/idp/interactions.py @@ -1,7 +1,6 @@ from django.contrib.auth.decorators import login_required from django.http import HttpResponseRedirect -from django.template import RequestContext -from django.shortcuts import render_to_response +from django.shortcuts import render from authentic2.saml.models import LibertyProvider @@ -11,11 +10,10 @@ def consent_federation(request, nonce = '', next = None, provider_id = None): '''On a GET produce a form asking for consentment, On a POST handle the form and redirect to next''' if request.method == "GET": - return render_to_response('interaction/consent_federation.html', + return render(request, 'interaction/consent_federation.html', {'provider_id': request.GET.get('provider_id', ''), 'nonce': request.GET.get('nonce', ''), - 'next': request.GET.get('next', '')}, - context_instance=RequestContext(request)) + 'next': request.GET.get('next', '')}) else: next = '/' if 'next' in request.POST: @@ -57,13 +55,12 @@ def consent_attributes(request, nonce = '', next = None, provider_id = None): name = request.GET.get('provider_id', '') if provider: name = provider.name or name - return render_to_response('interaction/consent_attributes.html', + return render(request, 'interaction/consent_attributes.html', {'provider_id': name, 'attributes': attributes, 'allow_selection': request.session['allow_attributes_selection'], 'nonce': request.GET.get('nonce', ''), - 'next': next}, - context_instance=RequestContext(request)) + 'next': next}) elif request.method == "POST": if request.session['allow_attributes_selection']: diff --git a/src/authentic2/registration_backend/views.py b/src/authentic2/registration_backend/views.py index ef6699b3..c4771406 100644 --- a/src/authentic2/registration_backend/views.py +++ b/src/authentic2/registration_backend/views.py @@ -14,7 +14,6 @@ from django.views.generic.edit import FormView, CreateView from django.contrib.auth import get_user_model from django.forms import CharField, Form from django.core.urlresolvers import reverse_lazy -from django.template import RequestContext from django.http import Http404, HttpResponseBadRequest from authentic2.utils import (import_module_or_class, redirect, make_url, get_fields_and_labels, @@ -92,17 +91,15 @@ class BaseRegistrationView(FormView): return redirect(self.request, 'registration_complete') def get_context_data(self, **kwargs): - ctx = super(BaseRegistrationView, self).get_context_data(**kwargs) - request_context = RequestContext(self.request) - request_context.push(ctx) - request_context['add_to_blocks'] = collections.defaultdict(lambda: []) + context = super(BaseRegistrationView, self).get_context_data(**kwargs) + context['add_to_blocks'] = collections.defaultdict(lambda: []) parameters = {'request': self.request, - 'context_instance': request_context} + 'context': context} blocks = [utils.get_backend_method(backend, 'registration', parameters) for backend in utils.get_backends('AUTH_FRONTENDS')] - request_context['frontends'] = collections.OrderedDict((block['id'], block) - for block in blocks if block) - return request_context + context['frontends'] = collections.OrderedDict((block['id'], block) + for block in blocks if block) + return context class RegistrationView(cbv.ValidateCSRFMixin, BaseRegistrationView): diff --git a/src/authentic2/saml/common.py b/src/authentic2/saml/common.py index 0f632b0f..d1052c98 100644 --- a/src/authentic2/saml/common.py +++ b/src/authentic2/saml/common.py @@ -9,10 +9,9 @@ import datetime import requests from authentic2.compat_lasso import lasso -from django.template import RequestContext from django.conf import settings from django.http import HttpResponseRedirect, Http404, HttpResponse -from django.shortcuts import render_to_response +from django.shortcuts import render from django.core.exceptions import ValidationError from authentic2.saml.models import (LibertyFederation, LibertyProvider, @@ -181,14 +180,14 @@ def return_saml2_request(request, profile, title=''): def return_saml2(request, profile, field_name, title=''): '''Helper to handle SAMLv2 bindings to emit request and responses''' - context_instance = RequestContext(request) logger.debug('profile.msgBody: %r', profile.msgBody) logger.debug('profile.msgUrl: %r', profile.msgUrl) logger.debug('profile.msgRelayState: %r', profile.msgRelayState) logger.debug('field_name: %s', field_name) if profile.msgBody: if profile.msgUrl: - return render_to_response( + return render( + request, 'saml/post_form.html', { 'title': title, @@ -196,8 +195,7 @@ def return_saml2(request, profile, field_name, title=''): 'fieldname': field_name, 'body': profile.msgBody, 'relay_state': profile.msgRelayState - }, - context_instance=context_instance) + }) return HttpResponse(profile.msgBody, content_type='text/xml') elif profile.msgUrl: return HttpResponseRedirect(profile.msgUrl) @@ -503,13 +501,12 @@ def error_page(request, message, back=None, logger=None, warning=False): back = '/' redirection_timeout = getattr(settings, 'REDIRECTION_TIMEOUT_AFTER_ERROR', 2000) - return render_to_response('error.html', - { - 'msg': message, - 'back': back, - 'redir_timeout': redirection_timeout - }, - context_instance=RequestContext(request)) + return render(request, 'error.html', + { + 'msg': message, + 'back': back, + 'redir_timeout': redirection_timeout + }) def redirect_next(request, next): diff --git a/src/authentic2/views.py b/src/authentic2/views.py index e5f5e7bb..34c5369c 100644 --- a/src/authentic2/views.py +++ b/src/authentic2/views.py @@ -9,7 +9,6 @@ import collections from django.conf import settings from django.shortcuts import render_to_response, render -from django.template import RequestContext from django.template.loader import render_to_string, select_template from django.views.generic.edit import UpdateView, FormView from django.views.generic import RedirectView, TemplateView @@ -290,13 +289,13 @@ def login(request, template_name='authentic2/login.html', registration_url = utils.get_registration_url( request, service_slug=request.GET.get(constants.SERVICE_FIELD_NAME)) - context_instance = RequestContext(request, { + context = { 'cancel': nonce is not None, 'can_reset_password': app_settings.A2_CAN_RESET_PASSWORD, 'registration_authorized': getattr(settings, 'REGISTRATION_OPEN', True), 'registration_url': registration_url, - }) - context_instance['add_to_blocks'] = collections.defaultdict(lambda: []) + } + context['add_to_blocks'] = collections.defaultdict(lambda: []) # Cancel button if request.method == "POST" \ @@ -328,7 +327,7 @@ def login(request, template_name='authentic2/login.html', blocks.append(block) else: # New frontends API parameters = {'request': request, - 'context_instance': context_instance} + 'context': context} block = utils.get_backend_method(frontend, 'login', parameters) # If a login frontend method returns an HttpResponse with a status code != 200 # this response is returned. @@ -348,29 +347,29 @@ def login(request, template_name='authentic2/login.html', if not 'form' in block: continue frontend = block['frontend'] - context = { + context.update({ 'submit_name': 'submit-%s' % fid, redirect_field_name: redirect_to, 'form': block['form'] - } + }) if hasattr(frontend, 'get_context'): context.update(frontend.get_context()) sub_template_name = frontend.template() block['content'] = render_to_string( sub_template_name, context, - context_instance=context_instance) + request=request) request.session.set_test_cookie() # legacy context variable rendered_forms = [(block['name'], block['content']) for block in blocks] - - return render_to_response(template_name, { + context.update({ 'methods': rendered_forms, # new definition 'blocks': collections.OrderedDict((block['id'], block) for block in blocks), redirect_field_name: redirect_to, - }, context_instance=context_instance) + }) + return render(request, template_name, context) def service_list(request): @@ -405,13 +404,12 @@ class ProfileView(cbv.TemplateNamesMixin, TemplateView): return super(ProfileView, self).dispatch(request, *args, **kwargs) def get_context_data(self, **kwargs): - ctx = super(ProfileView, self).get_context_data(**kwargs) + context = super(ProfileView, self).get_context_data(**kwargs) frontends = utils.get_backends('AUTH_FRONTENDS') request = self.request - context_instance = RequestContext(request, ctx) - context_instance['add_to_blocks'] = collections.defaultdict(lambda: []) + context['add_to_blocks'] = collections.defaultdict(lambda: []) if request.method == "POST": for frontend in frontends: if 'submit-%s' % frontend.id in request.POST: @@ -481,7 +479,7 @@ class ProfileView(cbv.TemplateNamesMixin, TemplateView): # Credentials management parameters = {'request': request, - 'context_instance': context_instance} + 'context': context} profiles = [utils.get_backend_method(frontend, 'profile', parameters) for frontend in frontends] # Old frontends data structure for templates @@ -496,7 +494,7 @@ class ProfileView(cbv.TemplateNamesMixin, TemplateView): for idp_backend in idp_backends: if hasattr(idp_backend, 'federation_management'): federation_management.extend(idp_backend.federation_management(request)) - context_instance.update({ + context.update({ 'frontends_block': blocks, 'frontends_block_by_id': blocks_by_id, 'profile': profile, @@ -508,8 +506,8 @@ class ProfileView(cbv.TemplateNamesMixin, TemplateView): 'allow_password_change': request.user.can_change_password(), 'federation_management': federation_management, }) - hooks.call_hooks('modify_context_data', self, context_instance) - return context_instance + hooks.call_hooks('modify_context_data', self, context) + return context profile = login_required(ProfileView.as_view()) @@ -583,14 +581,15 @@ def logout(request, next_url=None, default_next_url='auth_homepage', def login_password_profile(request, *args, **kwargs): - context_instance = kwargs.pop('context_instance', None) or RequestContext(request) + context = kwargs.pop('context', {}) can_change_password = app_settings.A2_REGISTRATION_CAN_CHANGE_PASSWORD has_usable_password = request.user.has_usable_password() + context.update( + {'can_change_password': can_change_password, + 'has_usable_password': has_usable_password}) return render_to_string(['auth/login_password_profile.html', 'authentic2/login_password_profile.html'], - {'can_change_password' : can_change_password, - 'has_usable_password' : has_usable_password}, - context_instance=context_instance) + context, request=request) class LoggedInView(View): diff --git a/src/authentic2_auth_oidc/auth_frontends.py b/src/authentic2_auth_oidc/auth_frontends.py index 28d5b019..3b47260d 100644 --- a/src/authentic2_auth_oidc/auth_frontends.py +++ b/src/authentic2_auth_oidc/auth_frontends.py @@ -15,9 +15,6 @@ class OIDCFrontend(object): return 'oidc' def login(self, request, *args, **kwargs): - context_instance = kwargs.get('context_instance', None) - ctx = { - 'providers': utils.get_providers(shown=True), - } - return render(request, 'authentic2_auth_oidc/login.html', ctx, - context_instance=context_instance) + context = kwargs.get('context', {}) + context['providers'] = utils.get_providers(shown=True) + return render(request, 'authentic2_auth_oidc/login.html', context) diff --git a/src/authentic2_auth_saml/auth_frontends.py b/src/authentic2_auth_saml/auth_frontends.py index 6ec530ce..11ae6e0b 100644 --- a/src/authentic2_auth_saml/auth_frontends.py +++ b/src/authentic2_auth_saml/auth_frontends.py @@ -1,6 +1,5 @@ from django.utils.translation import gettext_noop from django.template.loader import render_to_string -from django.template import RequestContext from django.shortcuts import render from mellon.utils import get_idp, get_idps @@ -19,20 +18,20 @@ class SAMLFrontend(object): return gettext_noop('SAML') def login(self, request, *args, **kwargs): - context_instance = kwargs.pop('context_instance', None) or RequestContext(request) + context = kwargs.pop('context', {}) submit_name = 'login-%s' % self.id + context['submit_name'] = submit_name if request.method == 'POST' and submit_name in request.POST: return redirect_to_login(request, login_url='mellon_login') - return render(request, 'authentic2_auth_saml/login.html', {'submit_name': submit_name}, - context_instance=context_instance) + return render(request, 'authentic2_auth_saml/login.html', context) def profile(self, request, *args, **kwargs): - context_instance = kwargs.pop('context_instance', None) or RequestContext(request) + context = kwargs.pop('context', {}) user_saml_identifiers = request.user.saml_identifiers.all() if not user_saml_identifiers: return '' for user_saml_identifier in user_saml_identifiers: user_saml_identifier.idp = get_idp(user_saml_identifier.issuer) + context['user_saml_identifiers'] = user_saml_identifiers return render_to_string('authentic2_auth_saml/profile.html', - {'user_saml_identifiers': user_saml_identifiers}, - context_instance=context_instance) + context, request=request) -- 2.18.0