Ticket #1628: no_cookie_patch_2_branch_1_0.patch

turbogears/qstemplates/quickstart/+package+/controllers.py_tmpl

@@ -1 @@
-from turbogears import controllers, expose, flash
+from turbogears import controllers, expose, flash, config
 # from ${package} import model
 #if $sqlobject == 'True'
 import pkg_resources
@@ -46 +46 @@
 
     ${b}expose(template="${package}.templates.login")${e}
     def login(self, forward_url=None, previous_url=None, *args, **kw):
-
-        if not identity.current.anonymous \
-            and identity.was_login_attempted() \
-            and not identity.get_identity_errors():
-            raise redirect(forward_url)
-
-        forward_url=None
-        previous_url= request.path
-
+        cookie_name = config.get("visit.cookie.name", "tg-visit")
+        if (not identity.current.anonymous
+                and identity.was_login_attempted()
+                and not identity.get_identity_errors()
+                and request.simple_cookie.has_key(cookie_name)):
+            raise redirect(forward_url or request.headers.get("Referer", "/"))
+        forward_url = None
+        previous_url = request.path
         if identity.was_login_attempted():
-            msg=_("The credentials you supplied were not correct or "
-                   "did not grant access to this resource.")
+            if request.simple_cookie.has_key(cookie_name):
+                msg = _("The credentials you supplied were not correct"
+                    " or did not grant access to this resource.")
+            else:
+                msg = _("Cannot log in because your browser "
+                    " does not support session cookies.")
         elif identity.get_identity_errors():
-            msg=_("You must provide your credentials before accessing "
-                   "this resource.")
+            if request.simple_cookie.has_key(cookie_name):
+                msg = _("You must provide your credentials"
+                       " before accessing this resource.")
         else:
-            msg=_("Please log in.")
-            forward_url= request.headers.get("Referer", "/")
-
-        response.status=403
+            msg = _("Please log in.")
+            forward_url = request.headers.get("Referer", "/")
+        response.status = 403
         return dict(message=msg, previous_url=previous_url, logging_in=True,
                     original_parameters=request.params,
                     forward_url=forward_url)

turbogears/qstemplates/quickstart/+package+/tests/test_controllers.py_tmpl

@@ -1 +1 @@
 import unittest
-import turbogears
-from turbogears import testutil
+import cherrypy
+from turbogears import testutil, startup
 from ${package}.controllers import Root
-import cherrypy
+#if $identity != "none"
+from ${package}.model import User
+#end if
 
 cherrypy.root = Root()
 
 class TestPages(unittest.TestCase):
 
     def setUp(self):
-        turbogears.startup.startTurboGears()
+        startup.startTurboGears()
 
     def tearDown(self):
-        """Tests for apps using identity need to stop CP/TG after each test to
-        stop the VisitManager thread. 
-        See http://trac.turbogears.org/turbogears/ticket/1217 for details.
-        """
-        turbogears.startup.stopTurboGears()
+#if $identity != "none"
+        # Tests for apps using identity need to stop TurboGears
+        # after each test to stop the VisitManager thread.
+#end if
+        startup.stopTurboGears()
 
     def test_method(self):
-        "the index method should return a string called now"
-        import types
+        """The index method should return a string called now."""
         result = testutil.call(cherrypy.root.index)
-        assert type(result["now"]) == types.StringType
+        assert isinstance(result["now"], str)
 
-    def test_indextitle(self):
-        "The indexpage should have the right title"
+    def test_index_title(self):
+        """The index page should have the right title."""
         testutil.createRequest("/")
-        response = cherrypy.response.body[0].lower() 
+        response = cherrypy.response.body[0].lower()
         assert "<title>welcome to turbogears</title>" in response
 
 #if $identity != "none"
-    def test_logintitle(self):
-        "login page should have the right title"
+    def test_login_title(self):
+        """The login page should have the right title."""
         testutil.createRequest("/login")
         response = cherrypy.response.body[0].lower()
         assert "<title>login</title>" in response
+        assert "please log in" in response
+        assert "session cookies" not in response
+        assert "credentials" not in response
+        assert "not correct" not in response
+
+    def test_login_errors(self):
+        """The login page should display the right errors."""
+        login = "/login?user_name=nobody&password=wrong&login=Login"
+        testutil.createRequest(login)
+        response = cherrypy.response.body[0].lower()
+        assert "<title>login</title>" in response
+        assert "session cookies" in response
+        cookie = ', '.join(map(str, cherrypy.response.simple_cookie.values()))
+        testutil.create_request(login, headers=dict(Cookie=cookie))
+        response = cherrypy.response.body[0].lower()
+        assert "<title>login</title>" in response
+        assert "credentials" in response
+        assert "not correct" in response
+
+    def test_login_and_logout(self):
+        """Login with correct credentials and then logout."""
+        User(user_name = "scott", password = "tiger",
+            display_name = "Bruce Scott",
+            email_address = "scott@enterprise.com")
+        testutil.createRequest("/")
+        response = cherrypy.response.body[0].lower()
+        assert "<title>welcome to turbogears</title>" in response
+        assert 'href="/login"' in response
+        assert 'href="/logout"' not in response
+        testutil.createRequest("/login")
+        response = cherrypy.response.body[0].lower()
+        assert "<title>login</title>" in response
+        assert 'please log in' in response
+        cookie = ', '.join(map(str, cherrypy.response.simple_cookie.values()))
+        login = "/login?user_name=scott&password=tiger&login=Login"
+        testutil.create_request(login, headers=dict(Cookie=cookie))
+        assert cherrypy.response.status, startswith('302 ')
+        location = cherrypy.response.headers['Location']
+        testutil.create_request(location, headers=dict(Cookie=cookie))
+        response = cherrypy.response.body[0].lower()
+        assert "<title>welcome to turbogears</title>" in response
+        assert "welcome bruce scott" in response
+        assert 'href="/login"' not in response
+        assert 'href="/logout"' in response
+        testutil.create_request("/", headers=dict(Cookie=cookie))
+        assert "<title>welcome to turbogears</title>" in response
+        assert "welcome bruce scott" in response
+        assert 'href="/login"' not in response
+        assert 'href="/logout"' in response
+        testutil.create_request("/logout", headers=dict(Cookie=cookie))
+        assert cherrypy.response.status, startswith('302 ')
+        location = cherrypy.response.headers['Location']
+        testutil.create_request(location, headers=dict(Cookie=cookie))
+        response = cherrypy.response.body[0].lower()
+        assert "<title>welcome to turbogears</title>" in response
+        assert 'href="/login"' in response
+        assert 'href="/logout"' not in response
 #end if

turbogears/qstemplates/quickstart/+package+/tests/test_model.py_tmpl

@@ -1 +1 @@
 # If your project uses a database, you can set up database tests
-# similar to what you see below. Be sure to set the db_uri to
-# an appropriate uri for your testing database. sqlite is a good
+# similar to what you see below. Be sure to set the db_uri in test.cfg
+# to an appropriate uri for your testing database. sqlite is a good
 # choice for testing, because you can use an in-memory database
 # which is very fast.
 
 from turbogears import testutil, database
+#if $identity != "none"
+from foo.model import User
+# from foo.model import YourDataClass
+
+class TestUser(testutil.DBTest):
+
+    def get_model(self):
+        return User
+
+    def test_creation(self):
+        """Object creation should set the name"""
+        obj = User(user_name = "creosote",
+                email_address = "spam@python.not",
+                display_name = "Mr Creosote",
+                password = "Wafer-thin Mint")
+        assert obj.display_name == "Mr Creosote"
+
+#else
 # from ${package}.model import YourDataClass, User
 
-# database.set_db_uri("sqlite:///:memory:")
-
 # class TestUser(testutil.DBTest):
+#
 #     def get_model(self):
 #         return User
 #
 #     def test_creation(self):
-#         "Object creation should set the name"
+#         """Object creation should set the name"""
 #         obj = User(user_name = "creosote",
-#                       email_address = "spam@python.not",
-#                       display_name = "Mr Creosote",
-#                       password = "Wafer-thin Mint")
+#                 email_address = "spam@python.not",
+#                 display_name = "Mr Creosote",
+#                 password = "Wafer-thin Mint")
 #         assert obj.display_name == "Mr Creosote"
-
+#end if
+ Kein Zeilenvorschub am Ende der Datei

turbogears/qstemplates/quickstartbig/+package+/controllers/root.py_tmpl

@@ -1 @@
-from turbogears import controllers, expose, flash
+from turbogears import controllers, expose, flash, config
 # from ${package} import model
 #if $sqlobject == 'True'
 import pkg_resources
@@ -46 +46 @@
 
     ${b}expose(template="${package}.templates.login")${e}
     def login(self, forward_url=None, previous_url=None, *args, **kw):
-
-        if not identity.current.anonymous \
-            and identity.was_login_attempted() \
-            and not identity.get_identity_errors():
-            raise redirect(forward_url)
-
-        forward_url=None
-        previous_url= request.path
-
+        cookie_name = config.get("visit.cookie.name", "tg-visit")
+        if (not identity.current.anonymous
+                and identity.was_login_attempted()
+                and not identity.get_identity_errors()
+                and request.simple_cookie.has_key(cookie_name)):
+            raise redirect(forward_url or request.headers.get("Referer", "/"))
+        forward_url = None
+        previous_url = request.path
         if identity.was_login_attempted():
-            msg=_("The credentials you supplied were not correct or "
-                   "did not grant access to this resource.")
+            if request.simple_cookie.has_key(cookie_name):
+                msg = _("The credentials you supplied were not correct"
+                    " or did not grant access to this resource.")
+            else:
+                msg = _("Cannot log in because your browser "
+                    " does not support session cookies.")
         elif identity.get_identity_errors():
-            msg=_("You must provide your credentials before accessing "
-                   "this resource.")
+            if request.simple_cookie.has_key(cookie_name):
+                msg = _("You must provide your credentials"
+                       " before accessing this resource.")
         else:
-            msg=_("Please log in.")
-            forward_url= request.headers.get("Referer", "/")
-
-        response.status=403
+            msg = _("Please log in.")
+            forward_url = request.headers.get("Referer", "/")
+        response.status = 403
         return dict(message=msg, previous_url=previous_url, logging_in=True,
                     original_parameters=request.params,
                     forward_url=forward_url)