當前位置: 首頁>>代碼示例>>Python>>正文


Python AuthenticatorView.split方法代碼示例

本文整理匯總了Python中plone.protect.authenticator.AuthenticatorView.split方法的典型用法代碼示例。如果您正苦於以下問題:Python AuthenticatorView.split方法的具體用法?Python AuthenticatorView.split怎麽用?Python AuthenticatorView.split使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在plone.protect.authenticator.AuthenticatorView的用法示例。


在下文中一共展示了AuthenticatorView.split方法的4個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。

示例1: testCSRF

# 需要導入模塊: from plone.protect.authenticator import AuthenticatorView [as 別名]
# 或者: from plone.protect.authenticator.AuthenticatorView import split [as 別名]
    def testCSRF(self):
        """ test csrf protection """

        # for this test, we need a bit more serious request simulation
        from ZPublisher.HTTPRequest import HTTPRequest
        from ZPublisher.HTTPResponse import HTTPResponse

        environ = {}
        environ.setdefault("SERVER_NAME", "foo")
        environ.setdefault("SERVER_PORT", "80")
        environ.setdefault("REQUEST_METHOD", "POST")
        request = HTTPRequest(sys.stdin, environ, HTTPResponse(stdout=sys.stdout))

        request.form = {"topic": "test subject", "replyto": "[email protected]", "comments": "test comments"}

        self.ff1.checkAuthenticator = True

        self.assertRaises(zExceptions.Forbidden, self.ff1.fgvalidate, request)

        # with authenticator... no error
        tag = AuthenticatorView("context", "request").authenticator()
        token = tag.split('"')[5]
        request.form["_authenticator"] = token
        errors = self.ff1.fgvalidate(REQUEST=request)
        self.assertEqual(errors, {})

        # sneaky GET request
        environ["REQUEST_METHOD"] = "GET"
        request = HTTPRequest(sys.stdin, environ, HTTPResponse(stdout=sys.stdout))
        self.assertRaises(zExceptions.Forbidden, self.ff1.fgvalidate, request)

        # bad authenticator
        request.form["_authenticator"] = "inauthentic"
        request = HTTPRequest(sys.stdin, environ, HTTPResponse(stdout=sys.stdout))
        self.assertRaises(zExceptions.Forbidden, self.ff1.fgvalidate, request)
開發者ID:hvelarde,項目名稱:collective.easyform,代碼行數:37,代碼來源:testFunctions.py

示例2: testCSRF

# 需要導入模塊: from plone.protect.authenticator import AuthenticatorView [as 別名]
# 或者: from plone.protect.authenticator.AuthenticatorView import split [as 別名]
    def testCSRF(self):
        """ test CSRF check on data clear """

        # create a saver and add a record
        self.ff1.invokeFactory('FormSaveDataAdapter', 'saver')
        saver = self.ff1.saver
        self.ff1.setActionAdapter( ('saver',) )
        request = FakeRequest(topic = 'test subject', replyto='[email protected]', comments='test comments')
        errors = self.ff1.fgvalidate(REQUEST=request)
        self.assertEqual( errors, {} )

        # for the rest of this test, we need a bit more serious request simulation
        environ = {}
        environ.setdefault('SERVER_NAME', 'foo')
        environ.setdefault('SERVER_PORT', '80')
        environ.setdefault('REQUEST_METHOD',  'POST')
        request = HTTPRequest(sys.stdin,
                    environ,
                    HTTPResponse(stdout=sys.stdout))

        # clearSavedFormInput is part of the API, so it should work if there's no
        # request
        saver.clearSavedFormInput()

        # But, if this is from a form, we should need a valid authenticator
        request.form = {'clearSavedFormInput':'1',}
        self.assertRaises(zExceptions.Forbidden, saver.clearSavedFormInput, **{'request':request})

        # with authenticator... no error
        tag = AuthenticatorView('context', 'request').authenticator()
        token = tag.split('"')[5]
        request.form['_authenticator'] = token
        saver.clearSavedFormInput(request=request)
開發者ID:Manca,項目名稱:Products.PloneFormGen,代碼行數:35,代碼來源:testSaver.py

示例3: checkAuthenticator

# 需要導入模塊: from plone.protect.authenticator import AuthenticatorView [as 別名]
# 或者: from plone.protect.authenticator.AuthenticatorView import split [as 別名]
 def checkAuthenticator(self, path, query='', status=200):
     credentials = '%s:%s' % (ptc.default_user, ptc.default_password)
     path = '/' + self.portal.absolute_url(relative=True) + path
     data = StringIO(query)
     # without authenticator...
     response = self.publish(path=path, basic=credentials, env={},
                             request_method='POST', stdin=data)
     self.assertEqual(response.getStatus(), 403)
     # with authenticator...
     tag = AuthenticatorView('context', 'request').authenticator()
     token = tag.split('"')[5]
     data = StringIO(query + '&_authenticator=%s' % token)
     response = self.publish(path=path, basic=credentials, env={},
                             request_method='POST', stdin=data)
     self.assertEqual(response.getStatus(), status)
開發者ID:CGTIC,項目名稱:Plone_SP,代碼行數:17,代碼來源:testCSRFProtection.py

示例4: testCSRF

# 需要導入模塊: from plone.protect.authenticator import AuthenticatorView [as 別名]
# 或者: from plone.protect.authenticator.AuthenticatorView import split [as 別名]
    def testCSRF(self):
        """ test csrf protection """

        # for this test, we need a bit more serious request simulation
        from ZPublisher.HTTPRequest import HTTPRequest
        from ZPublisher.HTTPResponse import HTTPResponse
        environ = {}
        environ.setdefault('SERVER_NAME', 'foo')
        environ.setdefault('SERVER_PORT', '80')
        environ.setdefault('REQUEST_METHOD', 'POST')
        request = HTTPRequest(sys.stdin,
                              environ,
                              HTTPResponse(stdout=sys.stdout))

        request.form = {
            'topic': 'test subject',
            'replyto': '[email protected]',
            'comments': 'test comments',
        }

        self.ff1.CSRFProtection = True

        self.assertRaises(zExceptions.Forbidden, self.ff1.fgvalidate, request)

        # with authenticator... no error
        tag = AuthenticatorView('context', 'request').authenticator()
        token = tag.split('"')[5]
        request.form['_authenticator'] = token
        errors = self.ff1.fgvalidate(REQUEST=request)
        self.assertEqual(errors, {})

        # sneaky GET request
        environ['REQUEST_METHOD'] = 'GET'
        request = HTTPRequest(sys.stdin,
                              environ,
                              HTTPResponse(stdout=sys.stdout))
        self.assertRaises(zExceptions.Forbidden, self.ff1.fgvalidate, request)

        # bad authenticator
        request.form['_authenticator'] = 'inauthentic'
        request = HTTPRequest(sys.stdin,
                              environ,
                              HTTPResponse(stdout=sys.stdout))
        self.assertRaises(zExceptions.Forbidden, self.ff1.fgvalidate, request)
開發者ID:collective,項目名稱:collective.easyform,代碼行數:46,代碼來源:testFunctions.py


注:本文中的plone.protect.authenticator.AuthenticatorView.split方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。