From a0f2aa23d3d1224bcaafa4131fb66865ecbf37d6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Lombra=C3=B1a=20Gonz=C3=A1lez?= Date: Fri, 24 Aug 2018 09:42:11 +0200 Subject: [PATCH 01/15] Update flask. --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py index 9d5029c4b2..486994fcae 100644 --- a/setup.py +++ b/setup.py @@ -12,7 +12,7 @@ "Flask-OAuthlib>=0.9.1, <0.9.2", "Flask-SQLAlchemy>=2.0, <2.1", "Flask-WTF>=0.9.5, <0.9.6", # was pinned to Flask-WTF==0.9.5 - "Flask>=0.10.1, <0.10.2", # was pinned to Flask==0.10.1 + "Flask>=1.0.2, <1.0.3", # was pinned to Flask==0.10.1 "html2text>=2014.4.5, <2014.9.7", "itsdangerous>=0.24, <1.0", "rsa>=3.4.2", From cee13f39034817c8db2495dc3c8444a323a0289a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Lombra=C3=B1a=20Gonz=C3=A1lez?= Date: Fri, 24 Aug 2018 10:23:24 +0200 Subject: [PATCH 02/15] Fix name. --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py index 486994fcae..70ced892d7 100644 --- a/setup.py +++ b/setup.py @@ -5,7 +5,7 @@ "beautifulsoup4>=4.3.2, <5.0", "blinker>=1.3, <2.0", "Flask-Babel>=0.9, <0.10", - "Flask-Login", # was pinned to Flask-Login==0.2.3 in the past. GitHub version 3.0+ is used now. + "flask-login", # was pinned to Flask-Login==0.2.3 in the past. GitHub version 3.0+ is used now. "Flask-Mail>=0.9.0, <1.0", "misaka>=1.0.0, <2.0.0", "Flask-Misaka>=0.2.0, <0.4.0", From d92b48742b9136e5f5079d0d7842506f3e97e2b1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Lombra=C3=B1a=20Gonz=C3=A1lez?= Date: Fri, 24 Aug 2018 12:23:45 +0200 Subject: [PATCH 03/15] Migrate to new versions. --- pybossa/api/__init__.py | 2 +- pybossa/api/announcement.py | 2 +- pybossa/api/api_base.py | 2 +- pybossa/api/blogpost.py | 2 +- pybossa/api/favorites.py | 2 +- pybossa/api/helpingmaterial.py | 2 +- pybossa/api/project.py | 3 +-- pybossa/api/task_run.py | 2 +- pybossa/api/token.py | 2 +- pybossa/api/user.py | 2 +- pybossa/auth/__init__.py | 2 +- pybossa/cache/project_stats.py | 2 +- pybossa/core.py | 8 ++++---- pybossa/extensions.py | 16 ++++++++-------- pybossa/forms/forms.py | 4 ++-- pybossa/forms/validator.py | 2 +- pybossa/importers/csv.py | 2 +- pybossa/importers/epicollect.py | 2 +- pybossa/importers/importer.py | 2 +- pybossa/importers/youtubeapi.py | 2 +- pybossa/jobs.py | 4 ++-- pybossa/model/user.py | 2 +- pybossa/password_manager.py | 2 +- pybossa/util.py | 4 ++-- pybossa/view/account.py | 4 ++-- pybossa/view/admin.py | 4 ++-- pybossa/view/announcements.py | 2 +- pybossa/view/facebook.py | 2 +- pybossa/view/google.py | 2 +- pybossa/view/home.py | 2 +- pybossa/view/leaderboard.py | 2 +- pybossa/view/projects.py | 4 ++-- pybossa/view/twitter.py | 2 +- setup.py | 2 +- 34 files changed, 50 insertions(+), 51 deletions(-) diff --git a/pybossa/api/__init__.py b/pybossa/api/__init__.py index 338c59826b..b168ee1eda 100644 --- a/pybossa/api/__init__.py +++ b/pybossa/api/__init__.py @@ -33,7 +33,7 @@ import jwt from flask import Blueprint, request, abort, Response, make_response from flask import current_app -from flask.ext.login import current_user +from flask_login import current_user from werkzeug.exceptions import NotFound from pybossa.util import jsonpify, get_user_id_or_ip, fuzzyboolean from pybossa.util import get_disqus_sso_payload diff --git a/pybossa/api/announcement.py b/pybossa/api/announcement.py index a7a1f61a69..ffdbd0932c 100644 --- a/pybossa/api/announcement.py +++ b/pybossa/api/announcement.py @@ -25,7 +25,7 @@ from api_base import APIBase from pybossa.model.announcement import Announcement from pybossa.core import user_repo, project_repo -from flask.ext.login import current_user +from flask_login import current_user from werkzeug.exceptions import BadRequest, NotFound diff --git a/pybossa/api/api_base.py b/pybossa/api/api_base.py index a48db12b16..72e4d6fc61 100644 --- a/pybossa/api/api_base.py +++ b/pybossa/api/api_base.py @@ -28,7 +28,7 @@ """ import json from flask import request, abort, Response, current_app -from flask.ext.login import current_user +from flask_login import current_user from flask.views import MethodView from werkzeug.exceptions import NotFound, Unauthorized, Forbidden from werkzeug.exceptions import MethodNotAllowed diff --git a/pybossa/api/blogpost.py b/pybossa/api/blogpost.py index 24afa47123..c78763ecdf 100644 --- a/pybossa/api/blogpost.py +++ b/pybossa/api/blogpost.py @@ -25,7 +25,7 @@ from api_base import APIBase from pybossa.model.blogpost import Blogpost from pybossa.core import user_repo, project_repo -from flask.ext.login import current_user +from flask_login import current_user from werkzeug.exceptions import BadRequest, NotFound diff --git a/pybossa/api/favorites.py b/pybossa/api/favorites.py index ac20cbe730..7d71d21a0b 100644 --- a/pybossa/api/favorites.py +++ b/pybossa/api/favorites.py @@ -25,7 +25,7 @@ import json from api_base import APIBase from pybossa.core import task_repo -from flask.ext.login import current_user, request +from flask_login import current_user, request from flask import Response, abort from werkzeug.exceptions import MethodNotAllowed, NotFound, Unauthorized from pybossa.core import ratelimits diff --git a/pybossa/api/helpingmaterial.py b/pybossa/api/helpingmaterial.py index 4e301ada37..6ba6558f15 100644 --- a/pybossa/api/helpingmaterial.py +++ b/pybossa/api/helpingmaterial.py @@ -24,7 +24,7 @@ """ from api_base import APIBase from pybossa.model.helpingmaterial import HelpingMaterial -from flask.ext.login import current_user +from flask_login import current_user from werkzeug.exceptions import BadRequest diff --git a/pybossa/api/project.py b/pybossa/api/project.py index 9200d02848..c7bf29e19c 100644 --- a/pybossa/api/project.py +++ b/pybossa/api/project.py @@ -24,7 +24,7 @@ """ import copy from werkzeug.exceptions import BadRequest, Forbidden -from flask.ext.login import current_user +from flask_login import current_user from api_base import APIBase from pybossa.model.project import Project from pybossa.cache.categories import get_all as get_categories @@ -108,4 +108,3 @@ def _select_attributes(self, data): else: data = self._filter_private_data(data) return data - diff --git a/pybossa/api/task_run.py b/pybossa/api/task_run.py index a7d04d6ed8..ff2f396b2e 100644 --- a/pybossa/api/task_run.py +++ b/pybossa/api/task_run.py @@ -24,7 +24,7 @@ """ import json from flask import request, Response, current_app -from flask.ext.login import current_user +from flask_login import current_user from pybossa.model.task_run import TaskRun from werkzeug.exceptions import Forbidden, BadRequest diff --git a/pybossa/api/token.py b/pybossa/api/token.py index 857c46aba4..4015a4be57 100644 --- a/pybossa/api/token.py +++ b/pybossa/api/token.py @@ -25,7 +25,7 @@ import json from werkzeug.exceptions import MethodNotAllowed, NotFound from flask import Response -from flask.ext.login import current_user +from flask_login import current_user from pybossa.util import jsonpify from pybossa.ratelimit import ratelimit from api_base import APIBase, error diff --git a/pybossa/api/user.py b/pybossa/api/user.py index c02b8085c7..c3fa2c57d2 100644 --- a/pybossa/api/user.py +++ b/pybossa/api/user.py @@ -26,7 +26,7 @@ from pybossa.model.user import User from werkzeug.exceptions import MethodNotAllowed from flask import request -from flask.ext.login import current_user +from flask_login import current_user class UserAPI(APIBase): diff --git a/pybossa/auth/__init__.py b/pybossa/auth/__init__.py index a0951c6e61..777e1d4d98 100644 --- a/pybossa/auth/__init__.py +++ b/pybossa/auth/__init__.py @@ -18,7 +18,7 @@ import inspect from flask import abort -from flask.ext.login import current_user +from flask_login import current_user from pybossa.core import announcement_repo, task_repo, project_repo, result_repo from pybossa.core import project_stats_repo from pybossa.auth.errcodes import * diff --git a/pybossa/cache/project_stats.py b/pybossa/cache/project_stats.py index 3111423940..841cba7a5d 100644 --- a/pybossa/cache/project_stats.py +++ b/pybossa/cache/project_stats.py @@ -22,7 +22,7 @@ from pybossa.cache import memoize, ONE_DAY, FIVE_MINUTES import pybossa.cache.projects as cached_projects from pybossa.model.project_stats import ProjectStats -from flask.ext.babel import gettext +from flask_babel import gettext import operator import time diff --git a/pybossa/core.py b/pybossa/core.py index ee112cd48c..33d0de9ddf 100644 --- a/pybossa/core.py +++ b/pybossa/core.py @@ -21,9 +21,9 @@ import humanize from flask import Flask, url_for, request, render_template, \ flash, _app_ctx_stack, abort -from flask.ext.login import current_user -from flask.ext.babel import gettext -from flask.ext.assets import Bundle +from flask_login import current_user +from flask_babel import gettext +from flask_assets import Bundle from flask_json_multidict import get_json_multidict from pybossa import default_settings as settings from pybossa.extensions import * @@ -694,7 +694,7 @@ def setup_newsletter(app): def setup_assets(app): """Setup assets.""" - from flask.ext.assets import Environment + from flask_assets import Environment assets = Environment(app) diff --git a/pybossa/extensions.py b/pybossa/extensions.py index f598505909..dc1a3b31bd 100644 --- a/pybossa/extensions.py +++ b/pybossa/extensions.py @@ -49,7 +49,7 @@ sentinel = Sentinel() # DB -from flask.ext.sqlalchemy import SQLAlchemy +from flask_sqlalchemy import SQLAlchemy db = SQLAlchemy() db.slave_session = db.session @@ -68,15 +68,15 @@ signer = Signer() # Mail -from flask.ext.mail import Mail +from flask_mail import Mail mail = Mail() # Login Manager -from flask.ext.login import LoginManager +from flask_login import LoginManager login_manager = LoginManager() # Debug Toolbar -from flask.ext.debugtoolbar import DebugToolbarExtension +from flask_debugtoolbar import DebugToolbarExtension debug_toolbar = DebugToolbarExtension() # OAuth providers @@ -93,11 +93,11 @@ flickr = Flickr() # Markdown support -from flask.ext.misaka import Misaka +from flask_misaka import Misaka misaka = Misaka() # Babel -from flask.ext.babel import Babel +from flask_babel import Babel babel = Babel() # Uploader @@ -125,10 +125,10 @@ from importers import Importer importer = Importer() -from flask.ext.plugins import PluginManager +from flask_plugins import PluginManager plugin_manager = PluginManager() -from flask.ext.assets import Environment +from flask_assets import Environment assets = Environment() from flask.json import JSONEncoder as BaseEncoder diff --git a/pybossa/forms/forms.py b/pybossa/forms/forms.py index 7ff1349eb5..d008e98e8d 100644 --- a/pybossa/forms/forms.py +++ b/pybossa/forms/forms.py @@ -23,7 +23,7 @@ SelectField, validators, TextAreaField, PasswordField, FieldList, SelectMultipleField from wtforms.fields.html5 import EmailField, URLField from wtforms.widgets import HiddenInput -from flask.ext.babel import lazy_gettext, gettext +from flask_babel import lazy_gettext, gettext from pybossa.core import project_repo, user_repo from pybossa.sched import sched_variants @@ -35,7 +35,7 @@ from pybossa.core import uploader from pybossa.uploader import local from flask import safe_join -from flask.ext.login import current_user +from flask_login import current_user import os from pybossa.forms.fields.time_field import TimeField from validator import TimeFieldsValidator diff --git a/pybossa/forms/validator.py b/pybossa/forms/validator.py index 0bacb96b0d..83a75ecf36 100644 --- a/pybossa/forms/validator.py +++ b/pybossa/forms/validator.py @@ -16,7 +16,7 @@ # You should have received a copy of the GNU Affero General Public License # along with PYBOSSA. If not, see . -from flask.ext.babel import lazy_gettext +from flask_babel import lazy_gettext from wtforms.validators import ValidationError import re import requests diff --git a/pybossa/importers/csv.py b/pybossa/importers/csv.py index 658c60ed87..907211e0f9 100644 --- a/pybossa/importers/csv.py +++ b/pybossa/importers/csv.py @@ -18,7 +18,7 @@ import requests from StringIO import StringIO -from flask.ext.babel import gettext +from flask_babel import gettext from pybossa.util import unicode_csv_reader from .base import BulkTaskImport, BulkImportException diff --git a/pybossa/importers/epicollect.py b/pybossa/importers/epicollect.py index df48745daf..1719591648 100644 --- a/pybossa/importers/epicollect.py +++ b/pybossa/importers/epicollect.py @@ -18,7 +18,7 @@ import json import requests -from flask.ext.babel import gettext +from flask_babel import gettext from .base import BulkTaskImport, BulkImportException diff --git a/pybossa/importers/importer.py b/pybossa/importers/importer.py index 62f3bc5c40..7fc7f3d049 100644 --- a/pybossa/importers/importer.py +++ b/pybossa/importers/importer.py @@ -16,7 +16,7 @@ # You should have received a copy of the GNU Affero General Public License # along with PYBOSSA. If not, see . -from flask.ext.babel import gettext +from flask_babel import gettext from .csv import BulkTaskCSVImport, BulkTaskGDImport, BulkTaskLocalCSVImport from .dropbox import BulkTaskDropboxImport from .flickr import BulkTaskFlickrImport diff --git a/pybossa/importers/youtubeapi.py b/pybossa/importers/youtubeapi.py index 3cd0649afa..3c2256c9b0 100644 --- a/pybossa/importers/youtubeapi.py +++ b/pybossa/importers/youtubeapi.py @@ -16,7 +16,7 @@ # You should have received a copy of the GNU Affero General Public License # along with PYBOSSA. If not, see . from .base import BulkTaskImport, BulkImportException -from flask.ext.babel import gettext +from flask_babel import gettext from apiclient.discovery import build from apiclient.errors import HttpError from urlparse import urlparse, parse_qs diff --git a/pybossa/jobs.py b/pybossa/jobs.py index 76b8c727b0..1b1ad132d2 100644 --- a/pybossa/jobs.py +++ b/pybossa/jobs.py @@ -20,7 +20,7 @@ import math import requests from flask import current_app, render_template -from flask.ext.mail import Message +from flask_mail import Message from pybossa.core import mail, task_repo, importer, create_app from pybossa.model.webhook import Webhook from pybossa.util import with_cache_disabled, publish_channel @@ -466,7 +466,7 @@ def warn_old_project_owners(): from smtplib import SMTPRecipientsRefused from pybossa.core import mail, project_repo from pybossa.cache.projects import clean - from flask.ext.mail import Message + from flask_mail import Message projects = get_non_updated_projects() diff --git a/pybossa/model/user.py b/pybossa/model/user.py index cbcf6f669d..490fa1776a 100644 --- a/pybossa/model/user.py +++ b/pybossa/model/user.py @@ -21,7 +21,7 @@ from sqlalchemy.orm import relationship from sqlalchemy.dialects.postgresql import JSONB from sqlalchemy.ext.mutable import MutableDict -from flask.ext.login import UserMixin +from flask_login import UserMixin from flask import current_app from pybossa.core import db, signer diff --git a/pybossa/password_manager.py b/pybossa/password_manager.py index 5c38e96d91..15b604c6c6 100644 --- a/pybossa/password_manager.py +++ b/pybossa/password_manager.py @@ -16,7 +16,7 @@ # You should have received a copy of the GNU Affero General Public License # along with PYBOSSA. If not, see . """Module for password protect a project.""" -from flask.ext.login import current_user +from flask_login import current_user class ProjectPasswdManager(object): diff --git a/pybossa/util.py b/pybossa/util.py index 357d3ec3bc..057f14d8e2 100644 --- a/pybossa/util.py +++ b/pybossa/util.py @@ -27,7 +27,7 @@ from flask import redirect, render_template, jsonify, get_flashed_messages from flask_wtf.csrf import generate_csrf from functools import wraps -from flask.ext.login import current_user +from flask_login import current_user from sqlalchemy import text from sqlalchemy.exc import ProgrammingError from math import ceil @@ -37,7 +37,7 @@ import hmac import simplejson import time -from flask.ext.babel import lazy_gettext +from flask_babel import lazy_gettext import re import pycountry diff --git a/pybossa/view/account.py b/pybossa/view/account.py index 7bd0621bfa..ad8446f6d5 100644 --- a/pybossa/view/account.py +++ b/pybossa/view/account.py @@ -32,12 +32,12 @@ from flask import Blueprint, request, url_for, flash, redirect, abort from flask import render_template, current_app -from flask.ext.login import login_required, login_user, logout_user, \ +from flask_login import login_required, login_user, logout_user, \ current_user from rq import Queue import pybossa.model as model -from flask.ext.babel import gettext +from flask_babel import gettext from flask_wtf.csrf import generate_csrf from flask import jsonify from pybossa.core import signer, uploader, sentinel, newsletter diff --git a/pybossa/view/admin.py b/pybossa/view/admin.py index a119c9a0b1..8bc8003128 100644 --- a/pybossa/view/admin.py +++ b/pybossa/view/admin.py @@ -27,8 +27,8 @@ from flask import current_app from flask import Response from flask import Markup -from flask.ext.login import login_required, current_user -from flask.ext.babel import gettext +from flask_login import login_required, current_user +from flask_babel import gettext from flask_wtf.csrf import generate_csrf from werkzeug.exceptions import HTTPException from sqlalchemy.exc import ProgrammingError diff --git a/pybossa/view/announcements.py b/pybossa/view/announcements.py index 3097f3bb70..3ed6bddef0 100644 --- a/pybossa/view/announcements.py +++ b/pybossa/view/announcements.py @@ -18,7 +18,7 @@ """Announcements view for PYBOSSA.""" from flask import Blueprint, current_app from flask import render_template -from flask.ext.login import current_user +from flask_login import current_user from pybossa.cache import users as cached_users from pybossa.util import handle_content_type from pybossa.core import announcement_repo diff --git a/pybossa/view/facebook.py b/pybossa/view/facebook.py index 190ab3b0d6..bdebef8b5c 100644 --- a/pybossa/view/facebook.py +++ b/pybossa/view/facebook.py @@ -19,7 +19,7 @@ """Facebook view for PYBOSSA.""" from flask import Blueprint, request, url_for, flash, redirect, session, current_app from flask import abort -from flask.ext.login import login_user, current_user +from flask_login import login_user, current_user from flask_oauthlib.client import OAuthException from pybossa.core import facebook, user_repo, newsletter diff --git a/pybossa/view/google.py b/pybossa/view/google.py index e3d1ed09c6..39c4ab5c3c 100644 --- a/pybossa/view/google.py +++ b/pybossa/view/google.py @@ -19,7 +19,7 @@ """Google view for PYBOSSA.""" from flask import Blueprint, request, url_for, flash, redirect, session, current_app from flask import abort -from flask.ext.login import login_user, current_user +from flask_login import login_user, current_user from flask_oauthlib.client import OAuthException from pybossa.core import google, user_repo, newsletter diff --git a/pybossa/view/home.py b/pybossa/view/home.py index a2e931185b..f2d53c1922 100644 --- a/pybossa/view/home.py +++ b/pybossa/view/home.py @@ -17,7 +17,7 @@ # along with PYBOSSA. If not, see . """Home view for PYBOSSA.""" from flask import current_app, abort -from flask.ext.login import current_user +from flask_login import current_user from pybossa.model.category import Category from flask import Blueprint from flask import render_template diff --git a/pybossa/view/leaderboard.py b/pybossa/view/leaderboard.py index 92a39b829d..62d0c98344 100644 --- a/pybossa/view/leaderboard.py +++ b/pybossa/view/leaderboard.py @@ -17,7 +17,7 @@ # along with PYBOSSA. If not, see . """Leaderboard view for PYBOSSA.""" from flask import Blueprint, current_app, request, abort -from flask.ext.login import current_user +from flask_login import current_user from pybossa.cache import users as cached_users from pybossa.util import handle_content_type diff --git a/pybossa/view/projects.py b/pybossa/view/projects.py index b552ea4791..f0245fbda6 100644 --- a/pybossa/view/projects.py +++ b/pybossa/view/projects.py @@ -27,8 +27,8 @@ from flask import Blueprint, request, url_for, flash, redirect, abort, Response, current_app from flask import render_template, make_response, session from flask import Markup -from flask.ext.login import login_required, current_user -from flask.ext.babel import gettext +from flask_login import login_required, current_user +from flask_babel import gettext from flask_wtf.csrf import generate_csrf from rq import Queue diff --git a/pybossa/view/twitter.py b/pybossa/view/twitter.py index a343ef9d92..62382e4a8a 100644 --- a/pybossa/view/twitter.py +++ b/pybossa/view/twitter.py @@ -19,7 +19,7 @@ """Twitter view for PYBOSSA.""" from flask import Blueprint, request, url_for, redirect, flash, current_app from flask import abort -from flask.ext.login import login_user, current_user +from flask_login import login_user, current_user from flask_oauthlib.client import OAuthException from pybossa.core import twitter, user_repo, newsletter diff --git a/setup.py b/setup.py index 70ced892d7..2657dff158 100644 --- a/setup.py +++ b/setup.py @@ -10,7 +10,7 @@ "misaka>=1.0.0, <2.0.0", "Flask-Misaka>=0.2.0, <0.4.0", "Flask-OAuthlib>=0.9.1, <0.9.2", - "Flask-SQLAlchemy>=2.0, <2.1", + "Flask-SQLAlchemy>=2.3, <2.4", "Flask-WTF>=0.9.5, <0.9.6", # was pinned to Flask-WTF==0.9.5 "Flask>=1.0.2, <1.0.3", # was pinned to Flask==0.10.1 "html2text>=2014.4.5, <2014.9.7", From 945334f5ddeabe3442b9a286ee7a89b41a4d8cf6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Lombra=C3=B1a=20Gonz=C3=A1lez?= Date: Fri, 24 Aug 2018 12:25:30 +0200 Subject: [PATCH 04/15] Fix #1851 --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py index 2657dff158..ca2ab86990 100644 --- a/setup.py +++ b/setup.py @@ -17,7 +17,7 @@ "itsdangerous>=0.24, <1.0", "rsa>=3.4.2", "markdown>=2.4, <3.0", - "psycopg2>=2.5.2, <3.0", + "psycopg2-binary>=2.7.5, <3.0", "python-dateutil>=2.2, <3.0", "raven>=6.9.0, <7.0.0", "pyOpenSSL>=16.2", # fix for python below 2.7.9 From e2e49cf1aa33b5ad6a8a52813679b107e090adf3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Lombra=C3=B1a=20Gonz=C3=A1lez?= Date: Fri, 24 Aug 2018 13:01:55 +0200 Subject: [PATCH 05/15] Fix http to https --- test/test_autoimporter.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/test/test_autoimporter.py b/test/test_autoimporter.py index dca501b5fe..832584068d 100644 --- a/test/test_autoimporter.py +++ b/test/test_autoimporter.py @@ -36,7 +36,7 @@ def test_autoimporter_get_redirects_to_login_if_anonymous(self): url = "/project/%s/tasks/autoimporter" % project.short_name res = self.app.get(url) - redirect_url = 'http://localhost/account/signin?next=' + redirect_url = 'https://localhost/account/signin?next=' assert res.status_code == 302, res.status_code assert redirect_url in res.location, res.location @@ -123,7 +123,7 @@ def test_autoimporter_post_redirects_to_login_if_anonymous(self): url = "/project/%s/tasks/autoimporter" % project.short_name res = self.app.post(url, data={}) - redirect_url = 'http://localhost/account/signin?next=' + redirect_url = 'https://localhost/account/signin?next=' assert res.status_code == 302, res.status_code assert redirect_url in res.location, res.location @@ -214,7 +214,7 @@ def test_delete_autoimporter_post_redirects_to_login_if_anonymous(self): url = "/project/%s/tasks/autoimporter/delete" % project.short_name res = self.app.post(url, data={}) - redirect_url = 'http://localhost/account/signin?next=' + redirect_url = 'https://localhost/account/signin?next=' assert res.status_code == 302, res.status_code assert redirect_url in res.location, res.location From bf4b40473466044e28e97614b7b01a77c8cb5d4c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Lombra=C3=B1a=20Gonz=C3=A1lez?= Date: Fri, 24 Aug 2018 13:17:54 +0200 Subject: [PATCH 06/15] Update uri. --- test/test_hateoas.py | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/test/test_hateoas.py b/test/test_hateoas.py index aa92d930cd..44520b70fc 100644 --- a/test/test_hateoas.py +++ b/test/test_hateoas.py @@ -48,11 +48,11 @@ def test_00_link_object(self): assert output['links'] is not None, err_msg assert len(output['links']) == 1, err_msg project_link = self.hateoas.link(rel='category', title='category', - href='http://localhost/api/category/1') + href='https://localhost/api/category/1') assert project_link == output['links'][0], err_msg project_link = self.hateoas.link(rel='self', title='project', - href='http://localhost/api/project/1') + href='https://localhost/api/project/1') err_msg = "The object link is wrong: %s" % output['link'] assert project_link == output['link'], err_msg @@ -62,7 +62,7 @@ def test_00_link_object(self): err_msg = "There should be a Link with the object URI" assert output['link'] is not None, err_msg task_link = self.hateoas.link(rel='self', title='task', - href='http://localhost/api/task/1') + href='https://localhost/api/task/1') err_msg = "The object link is wrong: %s" % output['link'] assert task_link == output['link'], err_msg err_msg = "There should be one parent link: project" @@ -70,7 +70,7 @@ def test_00_link_object(self): assert len(output.get('links')) == 1, err_msg err_msg = "The parent link is wrong" project_link = self.hateoas.link(rel='parent', title='project', - href='http://localhost/api/project/1') + href='https://localhost/api/project/1') assert output.get('links')[0] == project_link, err_msg # For taskrun @@ -79,7 +79,7 @@ def test_00_link_object(self): err_msg = "There should be a Link with the object URI" assert output['link'] is not None, err_msg task_link = self.hateoas.link(rel='self', title='taskrun', - href='http://localhost/api/taskrun/1') + href='https://localhost/api/taskrun/1') err_msg = "The object link is wrong: %s" % output['link'] assert task_link == output['link'], err_msg err_msg = "There should be two parent links: project and task" @@ -87,12 +87,12 @@ def test_00_link_object(self): assert len(output.get('links')) == 2, err_msg err_msg = "The parent project link is wrong" project_link = self.hateoas.link(rel='parent', title='project', - href='http://localhost/api/project/1') + href='https://localhost/api/project/1') assert output.get('links')[0] == project_link, err_msg err_msg = "The parent task link is wrong" project_link = self.hateoas.link(rel='parent', title='task', - href='http://localhost/api/task/1') + href='https://localhost/api/task/1') assert output.get('links')[1] == project_link, err_msg res = self.app.post("/api/taskrun") @@ -102,7 +102,7 @@ def test_00_link_object(self): err_msg = "There should be a Link with the object URI" assert output['link'] is not None, err_msg category_link = self.hateoas.link(rel='self', title='category', - href='http://localhost/api/category/1') + href='https://localhost/api/category/1') err_msg = "The object link is wrong: %s" % output['link'] assert category_link == output['link'], err_msg err_msg = "There should be no other links" @@ -117,7 +117,7 @@ def test_00_link_object(self): # err_msg = "There should be a Link with the object URI" # assert output['link'] is not None, err_msg # user_link = self.hateoas.link(rel='self', title='user', - # href='http://localhost/api/user/1') + # href='https://localhost/api/user/1') # err_msg = "The object link ir wrong: %s" % output['link'] # assert user_link == output['link'], err_msg # # when the links specification of a user will be set, modify the following @@ -134,7 +134,7 @@ def test_01_link_object(self): err_msg = "There should be a Link with the object URI" assert output['link'] is not None, err_msg project_link = self.hateoas.link(rel='self', title='project', - href='http://localhost/api/project/1') + href='https://localhost/api/project/1') err_msg = "The object link is wrong: %s" % output['link'] assert project_link == output['link'], err_msg @@ -143,7 +143,7 @@ def test_01_link_object(self): assert output['links'] is not None, err_msg assert len(output['links']) == 1, err_msg project_link = self.hateoas.link(rel='category', title='category', - href='http://localhost/api/category/1') + href='https://localhost/api/category/1') assert project_link == output['links'][0], err_msg # For task @@ -152,7 +152,7 @@ def test_01_link_object(self): err_msg = "There should be a Link with the object URI" assert output['link'] is not None, err_msg task_link = self.hateoas.link(rel='self', title='task', - href='http://localhost/api/task/1') + href='https://localhost/api/task/1') err_msg = "The object link is wrong: %s" % output['link'] assert task_link == output['link'], err_msg err_msg = "There should be one parent link: project" @@ -160,7 +160,7 @@ def test_01_link_object(self): assert len(output.get('links')) == 1, err_msg err_msg = "The parent link is wrong" project_link = self.hateoas.link(rel='parent', title='project', - href='http://localhost/api/project/1') + href='https://localhost/api/project/1') assert output.get('links')[0] == project_link, project_link # For taskrun @@ -169,7 +169,7 @@ def test_01_link_object(self): err_msg = "There should be a Link with the object URI" assert output['link'] is not None, err_msg task_link = self.hateoas.link(rel='self', title='taskrun', - href='http://localhost/api/taskrun/1') + href='https://localhost/api/taskrun/1') err_msg = "The object link is wrong: %s" % output['link'] assert task_link == output['link'], err_msg err_msg = "There should be two parent links: project and task" @@ -177,12 +177,12 @@ def test_01_link_object(self): assert len(output.get('links')) == 2, err_msg err_msg = "The parent project link is wrong" project_link = self.hateoas.link(rel='parent', title='project', - href='http://localhost/api/project/1') + href='https://localhost/api/project/1') assert output.get('links')[0] == project_link, err_msg err_msg = "The parent task link is wrong" project_link = self.hateoas.link(rel='parent', title='task', - href='http://localhost/api/task/1') + href='https://localhost/api/task/1') assert output.get('links')[1] == project_link, err_msg # Check that hateoas removes all link and links from item @@ -197,7 +197,7 @@ def test_01_link_object(self): err_msg = "There should be a Link with the object URI" assert output['link'] is not None, err_msg category_link = self.hateoas.link(rel='self', title='category', - href='http://localhost/api/category/1') + href='https://localhost/api/category/1') err_msg = "The object link is wrong: %s" % output['link'] assert category_link == output['link'], err_msg err_msg = "There should be no other links" @@ -212,7 +212,7 @@ def test_01_link_object(self): # err_msg = "There should be a Link with the object URI" # assert output['link'] is not None, err_msg # user_link = self.hateoas.link(rel='self', title='user', - # href='http://localhost/api/user/1') + # href='https://localhost/api/user/1') # err_msg = "The object link ir wrong: %s" % output['link'] # assert user_link == output['link'], err_msg # # when the links specification of a user will be set, modify the following From 4eee10aee2bf58bd80c7fb102805dd35a5a4d556 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Lombra=C3=B1a=20Gonz=C3=A1lez?= Date: Fri, 24 Aug 2018 14:34:15 +0200 Subject: [PATCH 07/15] Fix. --- test/test_jobs/test_export_userdata.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/test_jobs/test_export_userdata.py b/test/test_jobs/test_export_userdata.py index b1a0da127f..9e01948584 100644 --- a/test/test_jobs/test_export_userdata.py +++ b/test/test_jobs/test_export_userdata.py @@ -24,7 +24,7 @@ from pybossa.exporter.json_export import JsonExporter from mock import patch, MagicMock from flask import current_app, render_template, url_for -from flask.ext.mail import Message +from flask_mail import Message #@patch('pybossa.jobs.uploader') class TestExportAccount(Test): From c9b62d67a76390b7ad6cbdbf46a7e978a422c691 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Lombra=C3=B1a=20Gonz=C3=A1lez?= Date: Mon, 27 Aug 2018 09:56:10 +0200 Subject: [PATCH 08/15] Fix CSRF. --- settings_test.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/settings_test.py b/settings_test.py index 6f9d443034..51457f0bb5 100644 --- a/settings_test.py +++ b/settings_test.py @@ -5,7 +5,7 @@ CRYPTOPAN_KEY = '32-char-str-for-AES-key-and-pad.' SECRET = 'foobar' SECRET_KEY = 'my-session-secret' -SQLALCHEMY_DATABASE_TEST_URI = 'postgresql://rtester:rtester@localhost/pybossa_test' +SQLALCHEMY_DATABASE_TEST_URI = 'postgresql://rtester:rtester@localhost:5434/pybossa_test' GOOGLE_CLIENT_ID = 'id' GOOGLE_CLIENT_SECRET = 'secret' TWITTER_CONSUMER_KEY='key' @@ -33,6 +33,7 @@ REDIS_SENTINEL = [('localhost', 26379)] REDIS_KEYPREFIX = 'pybossa_cache' WTF_CSRF_ENABLED = False +WTF_CSRF_SSL_STRICT = False TESTING = True CSRF_ENABLED = False MAIL_SERVER = 'localhost' From fb7fdbf8c6e46a76156ec994d63362752bac5f29 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Lombra=C3=B1a=20Gonz=C3=A1lez?= Date: Mon, 27 Aug 2018 10:15:40 +0200 Subject: [PATCH 09/15] Remove port. --- settings_test.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/settings_test.py b/settings_test.py index 51457f0bb5..5deebb0bc7 100644 --- a/settings_test.py +++ b/settings_test.py @@ -5,7 +5,7 @@ CRYPTOPAN_KEY = '32-char-str-for-AES-key-and-pad.' SECRET = 'foobar' SECRET_KEY = 'my-session-secret' -SQLALCHEMY_DATABASE_TEST_URI = 'postgresql://rtester:rtester@localhost:5434/pybossa_test' +SQLALCHEMY_DATABASE_TEST_URI = 'postgresql://rtester:rtester@localhost/pybossa_test' GOOGLE_CLIENT_ID = 'id' GOOGLE_CLIENT_SECRET = 'secret' TWITTER_CONSUMER_KEY='key' From 2e3816ee2c0c92b83525ef2649d7a483927b759a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Lombra=C3=B1a=20Gonz=C3=A1lez?= Date: Tue, 28 Aug 2018 10:23:40 +0200 Subject: [PATCH 10/15] Add _scheme --- pybossa/util.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pybossa/util.py b/pybossa/util.py index 057f14d8e2..86585284af 100644 --- a/pybossa/util.py +++ b/pybossa/util.py @@ -516,7 +516,9 @@ def get_avatar_url(upload_method, avatar, container, external): container=container) else: filename = container + '/' + avatar - return url_for('uploads.uploaded_file', filename=filename, + return url_for('uploads.uploaded_file', + filename=filename, + _scheme=current_app.config.get('PREFERRED_URL_SCHEME'), _external=external) From f6c0aaf9d833146152be9e91fd5efc3f414d1be6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Lombra=C3=B1a=20Gonz=C3=A1lez?= Date: Tue, 28 Aug 2018 11:50:11 +0200 Subject: [PATCH 11/15] Minor fixes for https scheme --- test/test_util.py | 3 +++ test/test_web.py | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/test/test_util.py b/test/test_util.py index 6e6df5b0f6..1a07bbab6f 100644 --- a/test/test_util.py +++ b/test/test_util.py @@ -911,6 +911,7 @@ def test_rank_by_chosen_attribute_reversed(self): assert ranked[3]['name'] == 'fourth' assert ranked[4]['name'] == 'last' + @with_context @patch('pybossa.util.url_for') def test_get_avatar_url(self, mock_url_for): """Test get_avatar_url works.""" @@ -920,11 +921,13 @@ def test_get_avatar_url(self, mock_url_for): util.get_avatar_url('local', '1.png', '1', True) mock_url_for.assert_called_with('uploads.uploaded_file', _external=True, + _scheme='https', filename='1/1.png') util.get_avatar_url('local', '1.png', '1', False) mock_url_for.assert_called_with('uploads.uploaded_file', _external=False, + _scheme='https', filename='1/1.png') diff --git a/test/test_web.py b/test/test_web.py index 758af1b358..eaa6ea25b8 100644 --- a/test/test_web.py +++ b/test/test_web.py @@ -1742,7 +1742,7 @@ def test_project_upload_thumbnail(self): p = project_repo.get(project.id) assert p.info['thumbnail'] is not None assert p.info['container'] is not None - thumbnail_url = 'http://localhost/uploads/%s/%s' % (p.info['container'], p.info['thumbnail']) + thumbnail_url = 'https://localhost/uploads/%s/%s' % (p.info['container'], p.info['thumbnail']) assert p.info['thumbnail_url'] == thumbnail_url @with_context @@ -1762,7 +1762,7 @@ def test_account_upload_avatar(self): u = user_repo.get(owner.id) assert u.info['avatar'] is not None assert u.info['container'] is not None - avatar_url = 'http://localhost/uploads/%s/%s' % (u.info['container'], u.info['avatar']) + avatar_url = 'https://localhost/uploads/%s/%s' % (u.info['container'], u.info['avatar']) assert u.info['avatar_url'] == avatar_url, u.info['avatar_url'] @with_context From 544b14f78b577ea42f8abc344c2c9a659dcf17cc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Lombra=C3=B1a=20Gonz=C3=A1lez?= Date: Tue, 28 Aug 2018 12:22:18 +0200 Subject: [PATCH 12/15] Handle scheme for non SPA. --- pybossa/view/account.py | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/pybossa/view/account.py b/pybossa/view/account.py index ad8446f6d5..12d04ea25b 100644 --- a/pybossa/view/account.py +++ b/pybossa/view/account.py @@ -263,7 +263,14 @@ def signout(): def get_email_confirmation_url(account): """Return confirmation url for a given user email.""" key = signer.dumps(account, salt='account-validation') - return url_for_app_type('.confirm_account', key=key, _external=True) + scheme = current_app.config.get('PREFERRED_URL_SCHEME') + if (scheme): + return url_for_app_type('.confirm_account', + key=key, + _scheme=scheme, + _external=True) + else: + return url_for_app_type('.confirm_account', key=key, _external=True) @blueprint.route('/confirm-email') From 8cd6c1f94bf73eb7d71cd133d9e7a3b05bb753cd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Lombra=C3=B1a=20Gonz=C3=A1lez?= Date: Tue, 28 Aug 2018 12:22:53 +0200 Subject: [PATCH 13/15] Use https --- test/test_web.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/test_web.py b/test/test_web.py index eaa6ea25b8..45c7d51e26 100644 --- a/test/test_web.py +++ b/test/test_web.py @@ -725,7 +725,7 @@ def test_register_post_creates_email_with_link(self, signer, render, queue): signer.dumps.assert_called_with(data, salt='account-validation') render.assert_any_call('/account/email/validate_account.md', user=data, - confirm_url='http://localhost/account/register/confirmation?key=') + confirm_url='https://localhost/account/register/confirmation?key=') assert send_mail == queue.enqueue.call_args[0][0], "send_mail not called" mail_data = queue.enqueue.call_args[0][1] assert 'subject' in mail_data.keys() From a851d0be6f8fac6199c63d36f53eb7e95989db8f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Lombra=C3=B1a=20Gonz=C3=A1lez?= Date: Tue, 28 Aug 2018 13:22:08 +0200 Subject: [PATCH 14/15] Use https. --- test/test_web.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/test_web.py b/test/test_web.py index 45c7d51e26..8fea80f71e 100644 --- a/test/test_web.py +++ b/test/test_web.py @@ -759,7 +759,7 @@ def test_register_post_json_creates_email_with_link(self, signer, render, queue) signer.dumps.assert_called_with(data, salt='account-validation') render.assert_any_call('/account/email/validate_account.md', user=data, - confirm_url='http://localhost/account/register/confirmation?key=') + confirm_url='https://localhost/account/register/confirmation?key=') assert send_mail == queue.enqueue.call_args[0][0], "send_mail not called" mail_data = queue.enqueue.call_args[0][1] assert 'subject' in mail_data.keys() From a8c7ced5b83ba1b3da142170d986375cce8f8cd0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Lombra=C3=B1a=20Gonz=C3=A1lez?= Date: Tue, 28 Aug 2018 13:41:39 +0200 Subject: [PATCH 15/15] Fix https. --- test/test_web.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/test/test_web.py b/test/test_web.py index 8fea80f71e..c707a4d6ce 100644 --- a/test/test_web.py +++ b/test/test_web.py @@ -788,7 +788,7 @@ def test_update_email_validates_email(self, signer, render, queue): signer.dumps.assert_called_with(data, salt='account-validation') render.assert_any_call('/account/email/validate_email.md', user=data, - confirm_url='http://localhost/account/register/confirmation?key=') + confirm_url='https://localhost/account/register/confirmation?key=') assert send_mail == queue.enqueue.call_args[0][0], "send_mail not called" mail_data = queue.enqueue.call_args[0][1] assert 'subject' in mail_data.keys() @@ -871,7 +871,7 @@ def test_validate_email(self, signer, render, queue): signer.dumps.assert_called_with(data, salt='account-validation') render.assert_any_call('/account/email/validate_email.md', user=data, - confirm_url='http://localhost/account/register/confirmation?key=') + confirm_url='https://localhost/account/register/confirmation?key=') assert send_mail == queue.enqueue.call_args[0][0], "send_mail not called" mail_data = queue.enqueue.call_args[0][1] assert 'subject' in mail_data.keys() @@ -909,7 +909,7 @@ def test_validate_email_json(self, signer, render, queue): signer.dumps.assert_called_with(data, salt='account-validation') render.assert_any_call('/account/email/validate_email.md', user=data, - confirm_url='http://localhost/account/register/confirmation?key=') + confirm_url='https://localhost/account/register/confirmation?key=') assert send_mail == queue.enqueue.call_args[0][0], "send_mail not called" mail_data = queue.enqueue.call_args[0][1] assert 'subject' in mail_data.keys()