Merge pull request #66 from plone/html-renderer-fixes

HTML renderer can now handle html responses correctly

buildout.cfg

@@ -94,4 +94,5 @@ eggs =
 [versions]
 pycodestyle = 2.2.0
 flake8 = 3.2.1
-yarl = 0.9.3
+yarl = 0.9.8
+aiohttp = 1.3.3

docs/source/security.md

@@ -58,8 +58,8 @@ get_principals_with_access_content(obj)
 
 
 # Code to get all the security info
-from plone.server.auth import settingsForObject
-settingsForObject(obj)
+from plone.server.auth import settings_for_object
+settings_for_object(obj)
 
 # Code to get the Interaction object ( security object )
 from zope.security.interfaces import IInteraction

src/plone.server/CHANGELOG.rst

@@ -1,7 +1,13 @@
 1.0a12 (unreleased)
 -------------------
 
-- Nothing changed yet.
+Fixes:
+
+- HTML renderer can now handle html responses correctly
+  [vangheem]
+
+- Renamed settingsForObject to settings_for_object
+  [vangheem]
 
 
 1.0a11 (2017-02-22)

src/plone.server/plone/server/api/content.py

@@ -26,7 +26,7 @@
 from plone.server.interfaces import IResourceSerializeToJson
 from plone.server.utils import get_authenticated_user_id
 from plone.server.utils import iter_parents
-from plone.server.auth import settingsForObject
+from plone.server.auth import settings_for_object
 from zope.component import getMultiAdapter
 from zope.component import queryMultiAdapter
 from plone.server.auth.role import local_roles
@@ -209,7 +209,7 @@ async def sharing_get(context, request):
 @configure.service(context=IResource, method='GET', permission='plone.SeePermissions',
                    name='@all_permissions')
 async def all_permissions(context, request):
-    result = settingsForObject(context)
+    result = settings_for_object(context)
     await notify(ObjectPermissionsViewEvent(context))
     return result
 

src/plone.server/plone/server/auth/__init__.py

@@ -71,7 +71,7 @@ def get_principals_with_access_content(obj, request=None):
     return list(users.keys())
 
 
-def settingsForObject(ob):
+def settings_for_object(ob):
     """Analysis tool to show all of the grants to a process
     """
     result = []
@@ -122,4 +122,4 @@ def settingsForObject(ob):
         {'permission': p, 'role': r, 'setting': s}
         for (p, r, s) in settings]
 
-    return result
+    return result

src/plone.server/plone/server/configure.py

@@ -130,7 +130,7 @@ def load_behavior(_context, behavior):
     real_factory = resolve_or_get(factory)
     schema = resolve_or_get(conf['provides'])
     classImplements(real_factory, schema)
-    
+
     plone.behavior.metaconfigure.behaviorDirective(
         _context,
         conf.get('title', ''),
@@ -402,12 +402,8 @@ def grant_directive(
 def grantAll_directive(_context, principal=None, role=None):
     """Grant all permissions to a role or principal
     """
-    from plone.server.auth import \
-        rolePermissionManager as role_perm_mgr
-    from plone.server.auth import \
-        principalPermissionManager as principal_perm_mgr
-    from plone.server.auth import \
-        principalRoleManager as principal_role_mgr
+    from plone.server.auth import role_permission_manager
+    from plone.server.auth import principal_permission_manager
     nspecified = ((principal is not None)
                   + (role is not None))
 
@@ -420,13 +416,13 @@ def grantAll_directive(_context, principal=None, role=None):
         _context.action(
             discriminator=('grantAllPermissionsToPrincipal',
                            principal),
-            callable=principal_perm_mgr.grantAllPermissionsToPrincipal,
+            callable=principal_permission_manager.grantAllPermissionsToPrincipal,
             args=(principal, ),
         )
     else:
         _context.action(
             discriminator=('grantAllPermissionsToRole', role),
-            callable=role_perm_mgr.grantAllPermissionsToRole,
+            callable=role_permission_manager.grantAllPermissionsToRole,
             args=(role, ),
         )
 

src/plone.server/plone/server/renderers.py

@@ -96,13 +96,17 @@ def __init__(self, renderformat, view, request):
         self.renderformat = renderformat
 
 
+def _is_pserver_response(resp):
+    return hasattr(resp, '__class__') and issubclass(resp.__class__, Response)
+
+
 @configure.adapter(
     for_=(IRendererFormatJson, IView, IRequest),
     provides=IRendered)
 class RendererJson(Renderer):
     async def __call__(self, value):
         headers = {}
-        if hasattr(value, '__class__') and issubclass(value.__class__, Response):
+        if _is_pserver_response(value):
             json_value = value.response
             headers = value.headers
             status = value.status
@@ -131,6 +135,16 @@ async def __call__(self, value):
 class RendererHtml(Renderer):
     async def __call__(self, value):
         # Safe html transformation
+        if _is_pserver_response(value):
+            body = value.response
+            if not isinstance(body, str):
+                body = json.dumps(value.response)
+            value = aioResponse(
+                body=body.encode('utf8'), status=value.status,
+                headers=value.headers)
+        value.headers.update({
+            'content-type': 'text/html'
+        })
         return value
 
 
@@ -145,7 +159,7 @@ def guess_response(self, value):
             resp = aioResponse(body=bytes(json.dumps(resp, cls=PServerJSONEncoder), 'utf-8'))
             resp.headers['Content-Type'] = 'application/json'
         elif isinstance(resp, list):
-            resp = aioResponse(body=bytes(json.dumps(resp, cls=PServerJSONEncoder ), 'utf-8'))
+            resp = aioResponse(body=bytes(json.dumps(resp, cls=PServerJSONEncoder), 'utf-8'))
             resp.headers['Content-Type'] = 'application/json'
         elif isinstance(resp, str):
             resp = aioResponse(body=bytes(resp, 'utf-8'))