Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1138 from ambv/issue20126
Fixed #20126 -- XViewMiddleware moved to django.contrib.admindocs.middleware
- Loading branch information
Showing
12 changed files
with
124 additions
and
41 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,23 @@ | |||
from django.conf import settings | |||
from django import http | |||
|
|||
class XViewMiddleware(object): | |||
""" | |||
Adds an X-View header to internal HEAD requests -- used by the documentation system. | |||
""" | |||
def process_view(self, request, view_func, view_args, view_kwargs): | |||
""" | |||
If the request method is HEAD and either the IP is internal or the | |||
user is a logged-in staff member, quickly return with an x-header | |||
indicating the view function. This is used by the documentation module | |||
to lookup the view function for an arbitrary page. | |||
""" | |||
assert hasattr(request, 'user'), ( | |||
"The XView middleware requires authentication middleware to be " | |||
"installed. Edit your MIDDLEWARE_CLASSES setting to insert " | |||
"'django.contrib.auth.middleware.AuthenticationMiddleware'.") | |||
if request.method == 'HEAD' and (request.META.get('REMOTE_ADDR') in settings.INTERNAL_IPS or | |||
(request.user.is_active and request.user.is_staff)): | |||
response = http.HttpResponse() | |||
response['X-View'] = "%s.%s" % (view_func.__module__, view_func.__name__) | |||
return response |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -1,23 +1,6 @@ | |||
from django.conf import settings | """XViewMiddleware has been moved to django.contrib.admindocs.middleware.""" | ||
from django import http | |||
|
|
||
class XViewMiddleware(object): | import warnings | ||
""" | warnings.warn(__doc__, PendingDeprecationWarning, stacklevel=2) | ||
Adds an X-View header to internal HEAD requests -- used by the documentation system. |
|
||
""" | from django.contrib.admindocs.middleware import XViewMiddleware | ||
def process_view(self, request, view_func, view_args, view_kwargs): | |||
""" | |||
If the request method is HEAD and either the IP is internal or the | |||
user is a logged-in staff member, quickly return with an x-header | |||
indicating the view function. This is used by the documentation module | |||
to lookup the view function for an arbitrary page. | |||
""" | |||
assert hasattr(request, 'user'), ( | |||
"The XView middleware requires authentication middleware to be " | |||
"installed. Edit your MIDDLEWARE_CLASSES setting to insert " | |||
"'django.contrib.auth.middleware.AuthenticationMiddleware'.") | |||
if request.method == 'HEAD' and (request.META.get('REMOTE_ADDR') in settings.INTERNAL_IPS or | |||
(request.user.is_active and request.user.is_staff)): | |||
response = http.HttpResponse() | |||
response['X-View'] = "%s.%s" % (view_func.__module__, view_func.__name__) | |||
return response |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,17 @@ | |||
<?xml version="1.0" encoding="utf-8"?> | |||
<django-objects version="1.0"> | |||
<object pk="100" model="auth.user"> | |||
<field type="CharField" name="username">super</field> | |||
<field type="CharField" name="first_name">Super</field> | |||
<field type="CharField" name="last_name">User</field> | |||
<field type="CharField" name="email">super@example.com</field> | |||
<field type="CharField" name="password">sha1$995a3$6011485ea3834267d719b4c801409b8b1ddd0158</field> | |||
<field type="BooleanField" name="is_staff">True</field> | |||
<field type="BooleanField" name="is_active">True</field> | |||
<field type="BooleanField" name="is_superuser">True</field> | |||
<field type="DateTimeField" name="last_login">2007-05-30 13:20:10</field> | |||
<field type="DateTimeField" name="date_joined">2007-05-30 13:20:10</field> | |||
<field to="auth.group" name="groups" rel="ManyToManyRel"></field> | |||
<field to="auth.permission" name="user_permissions" rel="ManyToManyRel"></field> | |||
</object> | |||
</django-objects> |
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,45 @@ | |||
from django.contrib.auth.models import User | |||
from django.test import TestCase | |||
from django.test.utils import override_settings | |||
|
|||
|
|||
@override_settings(PASSWORD_HASHERS=('django.contrib.auth.hashers.SHA1PasswordHasher',)) | |||
class XViewMiddlewareTest(TestCase): | |||
fixtures = ['data.xml'] | |||
urls = 'admin_docs.urls' | |||
|
|||
def test_xview_func(self): | |||
user = User.objects.get(username='super') | |||
response = self.client.head('/xview/func/') | |||
self.assertFalse('X-View' in response) | |||
self.client.login(username='super', password='secret') | |||
response = self.client.head('/xview/func/') | |||
self.assertTrue('X-View' in response) | |||
self.assertEqual(response['X-View'], 'admin_docs.views.xview') | |||
user.is_staff = False | |||
user.save() | |||
response = self.client.head('/xview/func/') | |||
self.assertFalse('X-View' in response) | |||
user.is_staff = True | |||
user.is_active = False | |||
user.save() | |||
response = self.client.head('/xview/func/') | |||
self.assertFalse('X-View' in response) | |||
|
|||
def test_xview_class(self): | |||
user = User.objects.get(username='super') | |||
response = self.client.head('/xview/class/') | |||
self.assertFalse('X-View' in response) | |||
self.client.login(username='super', password='secret') | |||
response = self.client.head('/xview/class/') | |||
self.assertTrue('X-View' in response) | |||
self.assertEqual(response['X-View'], 'admin_docs.views.XViewClass') | |||
user.is_staff = False | |||
user.save() | |||
response = self.client.head('/xview/class/') | |||
self.assertFalse('X-View' in response) | |||
user.is_staff = True | |||
user.is_active = False | |||
user.save() | |||
response = self.client.head('/xview/class/') | |||
self.assertFalse('X-View' in response) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,11 @@ | |||
# coding: utf-8 | |||
from __future__ import absolute_import | |||
|
|||
from django.conf.urls import patterns | |||
|
|||
from . import views | |||
|
|||
urlpatterns = patterns('', | |||
(r'^xview/func/$', views.xview_dec(views.xview)), | |||
(r'^xview/class/$', views.xview_dec(views.XViewClass.as_view())), | |||
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,13 @@ | |||
from django.http import HttpResponse | |||
from django.utils.decorators import decorator_from_middleware | |||
from django.views.generic import View | |||
from django.contrib.admindocs.middleware import XViewMiddleware | |||
|
|||
xview_dec = decorator_from_middleware(XViewMiddleware) | |||
|
|||
def xview(request): | |||
return HttpResponse() | |||
|
|||
class XViewClass(View): | |||
def get(self, request): | |||
return HttpResponse() |