You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

700 line
26 KiB

  1. from __future__ import unicode_literals
  2. import json
  3. import mimetypes
  4. import os
  5. import re
  6. import sys
  7. from copy import copy
  8. from importlib import import_module
  9. from io import BytesIO
  10. from django.apps import apps
  11. from django.conf import settings
  12. from django.core import urlresolvers
  13. from django.core.handlers.base import BaseHandler
  14. from django.core.handlers.wsgi import ISO_8859_1, UTF_8, WSGIRequest
  15. from django.core.signals import (
  16. got_request_exception, request_finished, request_started,
  17. )
  18. from django.db import close_old_connections
  19. from django.http import HttpRequest, QueryDict, SimpleCookie
  20. from django.template import TemplateDoesNotExist
  21. from django.test import signals
  22. from django.test.utils import ContextList
  23. from django.utils import six
  24. from django.utils.encoding import force_bytes, force_str, uri_to_iri
  25. from django.utils.functional import SimpleLazyObject, curry
  26. from django.utils.http import urlencode
  27. from django.utils.itercompat import is_iterable
  28. from django.utils.six.moves.urllib.parse import urljoin, urlparse, urlsplit
  29. __all__ = ('Client', 'RedirectCycleError', 'RequestFactory', 'encode_file', 'encode_multipart')
  30. BOUNDARY = 'BoUnDaRyStRiNg'
  31. MULTIPART_CONTENT = 'multipart/form-data; boundary=%s' % BOUNDARY
  32. CONTENT_TYPE_RE = re.compile('.*; charset=([\w\d-]+);?')
  33. class RedirectCycleError(Exception):
  34. """
  35. The test client has been asked to follow a redirect loop.
  36. """
  37. def __init__(self, message, last_response):
  38. super(RedirectCycleError, self).__init__(message)
  39. self.last_response = last_response
  40. self.redirect_chain = last_response.redirect_chain
  41. class FakePayload(object):
  42. """
  43. A wrapper around BytesIO that restricts what can be read since data from
  44. the network can't be seeked and cannot be read outside of its content
  45. length. This makes sure that views can't do anything under the test client
  46. that wouldn't work in Real Life.
  47. """
  48. def __init__(self, content=None):
  49. self.__content = BytesIO()
  50. self.__len = 0
  51. self.read_started = False
  52. if content is not None:
  53. self.write(content)
  54. def __len__(self):
  55. return self.__len
  56. def read(self, num_bytes=None):
  57. if not self.read_started:
  58. self.__content.seek(0)
  59. self.read_started = True
  60. if num_bytes is None:
  61. num_bytes = self.__len or 0
  62. assert self.__len >= num_bytes, "Cannot read more than the available bytes from the HTTP incoming data."
  63. content = self.__content.read(num_bytes)
  64. self.__len -= num_bytes
  65. return content
  66. def write(self, content):
  67. if self.read_started:
  68. raise ValueError("Unable to write a payload after he's been read")
  69. content = force_bytes(content)
  70. self.__content.write(content)
  71. self.__len += len(content)
  72. def closing_iterator_wrapper(iterable, close):
  73. try:
  74. for item in iterable:
  75. yield item
  76. finally:
  77. request_finished.disconnect(close_old_connections)
  78. close() # will fire request_finished
  79. request_finished.connect(close_old_connections)
  80. class ClientHandler(BaseHandler):
  81. """
  82. A HTTP Handler that can be used for testing purposes. Uses the WSGI
  83. interface to compose requests, but returns the raw HttpResponse object with
  84. the originating WSGIRequest attached to its ``wsgi_request`` attribute.
  85. """
  86. def __init__(self, enforce_csrf_checks=True, *args, **kwargs):
  87. self.enforce_csrf_checks = enforce_csrf_checks
  88. super(ClientHandler, self).__init__(*args, **kwargs)
  89. def __call__(self, environ):
  90. # Set up middleware if needed. We couldn't do this earlier, because
  91. # settings weren't available.
  92. if self._request_middleware is None:
  93. self.load_middleware()
  94. request_started.disconnect(close_old_connections)
  95. request_started.send(sender=self.__class__, environ=environ)
  96. request_started.connect(close_old_connections)
  97. request = WSGIRequest(environ)
  98. # sneaky little hack so that we can easily get round
  99. # CsrfViewMiddleware. This makes life easier, and is probably
  100. # required for backwards compatibility with external tests against
  101. # admin views.
  102. request._dont_enforce_csrf_checks = not self.enforce_csrf_checks
  103. # Request goes through middleware.
  104. response = self.get_response(request)
  105. # Attach the originating request to the response so that it could be
  106. # later retrieved.
  107. response.wsgi_request = request
  108. # We're emulating a WSGI server; we must call the close method
  109. # on completion.
  110. if response.streaming:
  111. response.streaming_content = closing_iterator_wrapper(
  112. response.streaming_content, response.close)
  113. else:
  114. request_finished.disconnect(close_old_connections)
  115. response.close() # will fire request_finished
  116. request_finished.connect(close_old_connections)
  117. return response
  118. def store_rendered_templates(store, signal, sender, template, context, **kwargs):
  119. """
  120. Stores templates and contexts that are rendered.
  121. The context is copied so that it is an accurate representation at the time
  122. of rendering.
  123. """
  124. store.setdefault('templates', []).append(template)
  125. store.setdefault('context', ContextList()).append(copy(context))
  126. def encode_multipart(boundary, data):
  127. """
  128. Encodes multipart POST data from a dictionary of form values.
  129. The key will be used as the form data name; the value will be transmitted
  130. as content. If the value is a file, the contents of the file will be sent
  131. as an application/octet-stream; otherwise, str(value) will be sent.
  132. """
  133. lines = []
  134. to_bytes = lambda s: force_bytes(s, settings.DEFAULT_CHARSET)
  135. # Not by any means perfect, but good enough for our purposes.
  136. is_file = lambda thing: hasattr(thing, "read") and callable(thing.read)
  137. # Each bit of the multipart form data could be either a form value or a
  138. # file, or a *list* of form values and/or files. Remember that HTTP field
  139. # names can be duplicated!
  140. for (key, value) in data.items():
  141. if is_file(value):
  142. lines.extend(encode_file(boundary, key, value))
  143. elif not isinstance(value, six.string_types) and is_iterable(value):
  144. for item in value:
  145. if is_file(item):
  146. lines.extend(encode_file(boundary, key, item))
  147. else:
  148. lines.extend(to_bytes(val) for val in [
  149. '--%s' % boundary,
  150. 'Content-Disposition: form-data; name="%s"' % key,
  151. '',
  152. item
  153. ])
  154. else:
  155. lines.extend(to_bytes(val) for val in [
  156. '--%s' % boundary,
  157. 'Content-Disposition: form-data; name="%s"' % key,
  158. '',
  159. value
  160. ])
  161. lines.extend([
  162. to_bytes('--%s--' % boundary),
  163. b'',
  164. ])
  165. return b'\r\n'.join(lines)
  166. def encode_file(boundary, key, file):
  167. to_bytes = lambda s: force_bytes(s, settings.DEFAULT_CHARSET)
  168. filename = os.path.basename(file.name) if hasattr(file, 'name') else ''
  169. if hasattr(file, 'content_type'):
  170. content_type = file.content_type
  171. elif filename:
  172. content_type = mimetypes.guess_type(filename)[0]
  173. else:
  174. content_type = None
  175. if content_type is None:
  176. content_type = 'application/octet-stream'
  177. if not filename:
  178. filename = key
  179. return [
  180. to_bytes('--%s' % boundary),
  181. to_bytes('Content-Disposition: form-data; name="%s"; filename="%s"'
  182. % (key, filename)),
  183. to_bytes('Content-Type: %s' % content_type),
  184. b'',
  185. to_bytes(file.read())
  186. ]
  187. class RequestFactory(object):
  188. """
  189. Class that lets you create mock Request objects for use in testing.
  190. Usage:
  191. rf = RequestFactory()
  192. get_request = rf.get('/hello/')
  193. post_request = rf.post('/submit/', {'foo': 'bar'})
  194. Once you have a request object you can pass it to any view function,
  195. just as if that view had been hooked up using a URLconf.
  196. """
  197. def __init__(self, **defaults):
  198. self.defaults = defaults
  199. self.cookies = SimpleCookie()
  200. self.errors = BytesIO()
  201. def _base_environ(self, **request):
  202. """
  203. The base environment for a request.
  204. """
  205. # This is a minimal valid WSGI environ dictionary, plus:
  206. # - HTTP_COOKIE: for cookie support,
  207. # - REMOTE_ADDR: often useful, see #8551.
  208. # See http://www.python.org/dev/peps/pep-3333/#environ-variables
  209. environ = {
  210. 'HTTP_COOKIE': self.cookies.output(header='', sep='; '),
  211. 'PATH_INFO': str('/'),
  212. 'REMOTE_ADDR': str('127.0.0.1'),
  213. 'REQUEST_METHOD': str('GET'),
  214. 'SCRIPT_NAME': str(''),
  215. 'SERVER_NAME': str('testserver'),
  216. 'SERVER_PORT': str('80'),
  217. 'SERVER_PROTOCOL': str('HTTP/1.1'),
  218. 'wsgi.version': (1, 0),
  219. 'wsgi.url_scheme': str('http'),
  220. 'wsgi.input': FakePayload(b''),
  221. 'wsgi.errors': self.errors,
  222. 'wsgi.multiprocess': True,
  223. 'wsgi.multithread': False,
  224. 'wsgi.run_once': False,
  225. }
  226. environ.update(self.defaults)
  227. environ.update(request)
  228. return environ
  229. def request(self, **request):
  230. "Construct a generic request object."
  231. return WSGIRequest(self._base_environ(**request))
  232. def _encode_data(self, data, content_type):
  233. if content_type is MULTIPART_CONTENT:
  234. return encode_multipart(BOUNDARY, data)
  235. else:
  236. # Encode the content so that the byte representation is correct.
  237. match = CONTENT_TYPE_RE.match(content_type)
  238. if match:
  239. charset = match.group(1)
  240. else:
  241. charset = settings.DEFAULT_CHARSET
  242. return force_bytes(data, encoding=charset)
  243. def _get_path(self, parsed):
  244. path = force_str(parsed[2])
  245. # If there are parameters, add them
  246. if parsed[3]:
  247. path += str(";") + force_str(parsed[3])
  248. path = uri_to_iri(path).encode(UTF_8)
  249. # Under Python 3, non-ASCII values in the WSGI environ are arbitrarily
  250. # decoded with ISO-8859-1. We replicate this behavior here.
  251. # Refs comment in `get_bytes_from_wsgi()`.
  252. return path.decode(ISO_8859_1) if six.PY3 else path
  253. def get(self, path, data=None, secure=False, **extra):
  254. "Construct a GET request."
  255. data = {} if data is None else data
  256. r = {
  257. 'QUERY_STRING': urlencode(data, doseq=True),
  258. }
  259. r.update(extra)
  260. return self.generic('GET', path, secure=secure, **r)
  261. def post(self, path, data=None, content_type=MULTIPART_CONTENT,
  262. secure=False, **extra):
  263. "Construct a POST request."
  264. data = {} if data is None else data
  265. post_data = self._encode_data(data, content_type)
  266. return self.generic('POST', path, post_data, content_type,
  267. secure=secure, **extra)
  268. def head(self, path, data=None, secure=False, **extra):
  269. "Construct a HEAD request."
  270. data = {} if data is None else data
  271. r = {
  272. 'QUERY_STRING': urlencode(data, doseq=True),
  273. }
  274. r.update(extra)
  275. return self.generic('HEAD', path, secure=secure, **r)
  276. def trace(self, path, secure=False, **extra):
  277. "Construct a TRACE request."
  278. return self.generic('TRACE', path, secure=secure, **extra)
  279. def options(self, path, data='', content_type='application/octet-stream',
  280. secure=False, **extra):
  281. "Construct an OPTIONS request."
  282. return self.generic('OPTIONS', path, data, content_type,
  283. secure=secure, **extra)
  284. def put(self, path, data='', content_type='application/octet-stream',
  285. secure=False, **extra):
  286. "Construct a PUT request."
  287. return self.generic('PUT', path, data, content_type,
  288. secure=secure, **extra)
  289. def patch(self, path, data='', content_type='application/octet-stream',
  290. secure=False, **extra):
  291. "Construct a PATCH request."
  292. return self.generic('PATCH', path, data, content_type,
  293. secure=secure, **extra)
  294. def delete(self, path, data='', content_type='application/octet-stream',
  295. secure=False, **extra):
  296. "Construct a DELETE request."
  297. return self.generic('DELETE', path, data, content_type,
  298. secure=secure, **extra)
  299. def generic(self, method, path, data='',
  300. content_type='application/octet-stream', secure=False,
  301. **extra):
  302. """Constructs an arbitrary HTTP request."""
  303. parsed = urlparse(force_str(path))
  304. data = force_bytes(data, settings.DEFAULT_CHARSET)
  305. r = {
  306. 'PATH_INFO': self._get_path(parsed),
  307. 'REQUEST_METHOD': str(method),
  308. 'SERVER_PORT': str('443') if secure else str('80'),
  309. 'wsgi.url_scheme': str('https') if secure else str('http'),
  310. }
  311. if data:
  312. r.update({
  313. 'CONTENT_LENGTH': len(data),
  314. 'CONTENT_TYPE': str(content_type),
  315. 'wsgi.input': FakePayload(data),
  316. })
  317. r.update(extra)
  318. # If QUERY_STRING is absent or empty, we want to extract it from the URL.
  319. if not r.get('QUERY_STRING'):
  320. query_string = force_bytes(parsed[4])
  321. # WSGI requires latin-1 encoded strings. See get_path_info().
  322. if six.PY3:
  323. query_string = query_string.decode('iso-8859-1')
  324. r['QUERY_STRING'] = query_string
  325. return self.request(**r)
  326. class Client(RequestFactory):
  327. """
  328. A class that can act as a client for testing purposes.
  329. It allows the user to compose GET and POST requests, and
  330. obtain the response that the server gave to those requests.
  331. The server Response objects are annotated with the details
  332. of the contexts and templates that were rendered during the
  333. process of serving the request.
  334. Client objects are stateful - they will retain cookie (and
  335. thus session) details for the lifetime of the Client instance.
  336. This is not intended as a replacement for Twill/Selenium or
  337. the like - it is here to allow testing against the
  338. contexts and templates produced by a view, rather than the
  339. HTML rendered to the end-user.
  340. """
  341. def __init__(self, enforce_csrf_checks=False, **defaults):
  342. super(Client, self).__init__(**defaults)
  343. self.handler = ClientHandler(enforce_csrf_checks)
  344. self.exc_info = None
  345. def store_exc_info(self, **kwargs):
  346. """
  347. Stores exceptions when they are generated by a view.
  348. """
  349. self.exc_info = sys.exc_info()
  350. def _session(self):
  351. """
  352. Obtains the current session variables.
  353. """
  354. if apps.is_installed('django.contrib.sessions'):
  355. engine = import_module(settings.SESSION_ENGINE)
  356. cookie = self.cookies.get(settings.SESSION_COOKIE_NAME)
  357. if cookie:
  358. return engine.SessionStore(cookie.value)
  359. else:
  360. s = engine.SessionStore()
  361. s.save()
  362. self.cookies[settings.SESSION_COOKIE_NAME] = s.session_key
  363. return s
  364. return {}
  365. session = property(_session)
  366. def request(self, **request):
  367. """
  368. The master request method. Composes the environment dictionary
  369. and passes to the handler, returning the result of the handler.
  370. Assumes defaults for the query environment, which can be overridden
  371. using the arguments to the request.
  372. """
  373. environ = self._base_environ(**request)
  374. # Curry a data dictionary into an instance of the template renderer
  375. # callback function.
  376. data = {}
  377. on_template_render = curry(store_rendered_templates, data)
  378. signal_uid = "template-render-%s" % id(request)
  379. signals.template_rendered.connect(on_template_render, dispatch_uid=signal_uid)
  380. # Capture exceptions created by the handler.
  381. exception_uid = "request-exception-%s" % id(request)
  382. got_request_exception.connect(self.store_exc_info, dispatch_uid=exception_uid)
  383. try:
  384. try:
  385. response = self.handler(environ)
  386. except TemplateDoesNotExist as e:
  387. # If the view raises an exception, Django will attempt to show
  388. # the 500.html template. If that template is not available,
  389. # we should ignore the error in favor of re-raising the
  390. # underlying exception that caused the 500 error. Any other
  391. # template found to be missing during view error handling
  392. # should be reported as-is.
  393. if e.args != ('500.html',):
  394. raise
  395. # Look for a signalled exception, clear the current context
  396. # exception data, then re-raise the signalled exception.
  397. # Also make sure that the signalled exception is cleared from
  398. # the local cache!
  399. if self.exc_info:
  400. exc_info = self.exc_info
  401. self.exc_info = None
  402. six.reraise(*exc_info)
  403. # Save the client and request that stimulated the response.
  404. response.client = self
  405. response.request = request
  406. # Add any rendered template detail to the response.
  407. response.templates = data.get("templates", [])
  408. response.context = data.get("context")
  409. response.json = curry(self._parse_json, response)
  410. # Attach the ResolverMatch instance to the response
  411. response.resolver_match = SimpleLazyObject(
  412. lambda: urlresolvers.resolve(request['PATH_INFO']))
  413. # Flatten a single context. Not really necessary anymore thanks to
  414. # the __getattr__ flattening in ContextList, but has some edge-case
  415. # backwards-compatibility implications.
  416. if response.context and len(response.context) == 1:
  417. response.context = response.context[0]
  418. # Update persistent cookie data.
  419. if response.cookies:
  420. self.cookies.update(response.cookies)
  421. return response
  422. finally:
  423. signals.template_rendered.disconnect(dispatch_uid=signal_uid)
  424. got_request_exception.disconnect(dispatch_uid=exception_uid)
  425. def get(self, path, data=None, follow=False, secure=False, **extra):
  426. """
  427. Requests a response from the server using GET.
  428. """
  429. response = super(Client, self).get(path, data=data, secure=secure,
  430. **extra)
  431. if follow:
  432. response = self._handle_redirects(response, **extra)
  433. return response
  434. def post(self, path, data=None, content_type=MULTIPART_CONTENT,
  435. follow=False, secure=False, **extra):
  436. """
  437. Requests a response from the server using POST.
  438. """
  439. response = super(Client, self).post(path, data=data,
  440. content_type=content_type,
  441. secure=secure, **extra)
  442. if follow:
  443. response = self._handle_redirects(response, **extra)
  444. return response
  445. def head(self, path, data=None, follow=False, secure=False, **extra):
  446. """
  447. Request a response from the server using HEAD.
  448. """
  449. response = super(Client, self).head(path, data=data, secure=secure,
  450. **extra)
  451. if follow:
  452. response = self._handle_redirects(response, **extra)
  453. return response
  454. def options(self, path, data='', content_type='application/octet-stream',
  455. follow=False, secure=False, **extra):
  456. """
  457. Request a response from the server using OPTIONS.
  458. """
  459. response = super(Client, self).options(path, data=data,
  460. content_type=content_type,
  461. secure=secure, **extra)
  462. if follow:
  463. response = self._handle_redirects(response, **extra)
  464. return response
  465. def put(self, path, data='', content_type='application/octet-stream',
  466. follow=False, secure=False, **extra):
  467. """
  468. Send a resource to the server using PUT.
  469. """
  470. response = super(Client, self).put(path, data=data,
  471. content_type=content_type,
  472. secure=secure, **extra)
  473. if follow:
  474. response = self._handle_redirects(response, **extra)
  475. return response
  476. def patch(self, path, data='', content_type='application/octet-stream',
  477. follow=False, secure=False, **extra):
  478. """
  479. Send a resource to the server using PATCH.
  480. """
  481. response = super(Client, self).patch(path, data=data,
  482. content_type=content_type,
  483. secure=secure, **extra)
  484. if follow:
  485. response = self._handle_redirects(response, **extra)
  486. return response
  487. def delete(self, path, data='', content_type='application/octet-stream',
  488. follow=False, secure=False, **extra):
  489. """
  490. Send a DELETE request to the server.
  491. """
  492. response = super(Client, self).delete(path, data=data,
  493. content_type=content_type,
  494. secure=secure, **extra)
  495. if follow:
  496. response = self._handle_redirects(response, **extra)
  497. return response
  498. def trace(self, path, data='', follow=False, secure=False, **extra):
  499. """
  500. Send a TRACE request to the server.
  501. """
  502. response = super(Client, self).trace(path, data=data, secure=secure, **extra)
  503. if follow:
  504. response = self._handle_redirects(response, **extra)
  505. return response
  506. def login(self, **credentials):
  507. """
  508. Sets the Factory to appear as if it has successfully logged into a site.
  509. Returns True if login is possible; False if the provided credentials
  510. are incorrect, or the user is inactive, or if the sessions framework is
  511. not available.
  512. """
  513. from django.contrib.auth import authenticate
  514. user = authenticate(**credentials)
  515. if (user and user.is_active and
  516. apps.is_installed('django.contrib.sessions')):
  517. self._login(user)
  518. return True
  519. else:
  520. return False
  521. def force_login(self, user, backend=None):
  522. if backend is None:
  523. backend = settings.AUTHENTICATION_BACKENDS[0]
  524. user.backend = backend
  525. self._login(user)
  526. def _login(self, user):
  527. from django.contrib.auth import login
  528. engine = import_module(settings.SESSION_ENGINE)
  529. # Create a fake request to store login details.
  530. request = HttpRequest()
  531. if self.session:
  532. request.session = self.session
  533. else:
  534. request.session = engine.SessionStore()
  535. login(request, user)
  536. # Save the session values.
  537. request.session.save()
  538. # Set the cookie to represent the session.
  539. session_cookie = settings.SESSION_COOKIE_NAME
  540. self.cookies[session_cookie] = request.session.session_key
  541. cookie_data = {
  542. 'max-age': None,
  543. 'path': '/',
  544. 'domain': settings.SESSION_COOKIE_DOMAIN,
  545. 'secure': settings.SESSION_COOKIE_SECURE or None,
  546. 'expires': None,
  547. }
  548. self.cookies[session_cookie].update(cookie_data)
  549. def logout(self):
  550. """
  551. Removes the authenticated user's cookies and session object.
  552. Causes the authenticated user to be logged out.
  553. """
  554. from django.contrib.auth import get_user, logout
  555. request = HttpRequest()
  556. engine = import_module(settings.SESSION_ENGINE)
  557. if self.session:
  558. request.session = self.session
  559. request.user = get_user(request)
  560. else:
  561. request.session = engine.SessionStore()
  562. logout(request)
  563. self.cookies = SimpleCookie()
  564. def _parse_json(self, response, **extra):
  565. if 'application/json' not in response.get('Content-Type'):
  566. raise ValueError(
  567. 'Content-Type header is "{0}", not "application/json"'
  568. .format(response.get('Content-Type'))
  569. )
  570. return json.loads(response.content.decode(), **extra)
  571. def _handle_redirects(self, response, **extra):
  572. "Follows any redirects by requesting responses from the server using GET."
  573. response.redirect_chain = []
  574. while response.status_code in (301, 302, 303, 307):
  575. response_url = response.url
  576. redirect_chain = response.redirect_chain
  577. redirect_chain.append((response_url, response.status_code))
  578. url = urlsplit(response_url)
  579. if url.scheme:
  580. extra['wsgi.url_scheme'] = url.scheme
  581. if url.hostname:
  582. extra['SERVER_NAME'] = url.hostname
  583. if url.port:
  584. extra['SERVER_PORT'] = str(url.port)
  585. # Prepend the request path to handle relative path redirects
  586. path = url.path
  587. if not path.startswith('/'):
  588. path = urljoin(response.request['PATH_INFO'], path)
  589. response = self.get(path, QueryDict(url.query), follow=False, **extra)
  590. response.redirect_chain = redirect_chain
  591. if redirect_chain[-1] in redirect_chain[:-1]:
  592. # Check that we're not redirecting to somewhere we've already
  593. # been to, to prevent loops.
  594. raise RedirectCycleError("Redirect loop detected.", last_response=response)
  595. if len(redirect_chain) > 20:
  596. # Such a lengthy chain likely also means a loop, but one with
  597. # a growing path, changing view, or changing query argument;
  598. # 20 is the value of "network.http.redirection-limit" from Firefox.
  599. raise RedirectCycleError("Too many redirects.", last_response=response)
  600. return response