WuttaWeb 0.1.0__tar.gz → 0.3.0__tar.gz

wuttaweb-0.3.0/CHANGELOG.md

@@ -0,0 +1,38 @@
+
+# Changelog
+All notable changes to wuttaweb will be documented in this file.
+
+The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
+and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
+
+## v0.3.0 (2024-08-05)
+
+### Feat
+
+- add support for admin user to become / stop being root
+- add view to change current user password
+- add basic logo, favicon images
+- add auth views, for login/logout
+- add custom security policy, login/logout for pyramid
+- add `wuttaweb.views.essential` module
+- add initial/basic forms support
+- add `wuttaweb.db` module, with `Session`
+- add `util.get_form_data()` convenience function
+
+### Fix
+
+- allow custom user getter for `new_request_set_user()` hook
+
+## v0.2.0 (2024-07-14)
+
+### Feat
+
+- add basic support for menu handler
+
+- add "web handler" feature; it must get the menu handler
+
+## v0.1.0 (2024-07-12)
+
+### Feat
+
+- basic support for WSGI app, views, templates

{wuttaweb-0.1.0 → wuttaweb-0.3.0}/PKG-INFO

@@ -1,10 +1,10 @@
 Metadata-Version: 2.3
 Name: WuttaWeb
-Version: 0.1.0
+Version: 0.3.0
 Summary: Web App for Wutta Framework
-Project-URL: Homepage, https://rattailproject.org/
-Project-URL: Repository, https://kallithea.rattailproject.org/rattail-project/wuttaweb
-Project-URL: Changelog, https://kallithea.rattailproject.org/rattail-project/wuttaweb/files/master/CHANGELOG.md
+Project-URL: Homepage, https://wuttaproject.org/
+Project-URL: Repository, https://forgejo.wuttaproject.org/wutta/wuttaweb
+Project-URL: Changelog, https://forgejo.wuttaproject.org/wutta/wuttaweb/src/branch/master/CHANGELOG.md
 Author-email: Lance Edgar <lance@edbob.org>
 License: GNU GPL v3+
 License-File: COPYING.txt
@@ -25,23 +25,24 @@ Classifier: Topic :: Internet :: WWW/HTTP
 Classifier: Topic :: Software Development :: Libraries :: Python Modules
 Requires-Python: >=3.8
 Requires-Dist: pyramid-beaker
+Requires-Dist: pyramid-deform
 Requires-Dist: pyramid-mako
+Requires-Dist: pyramid-tm
 Requires-Dist: pyramid>=2
 Requires-Dist: waitress
 Requires-Dist: webhelpers2
-Requires-Dist: wuttjamaican[db]>=0.6.1
+Requires-Dist: wuttjamaican[db]>=0.7.0
+Requires-Dist: zope-sqlalchemy>=1.5
 Provides-Extra: docs
 Requires-Dist: furo; extra == 'docs'
 Requires-Dist: sphinx; extra == 'docs'
 Provides-Extra: tests
 Requires-Dist: pytest-cov; extra == 'tests'
 Requires-Dist: tox; extra == 'tests'
-Description-Content-Type: text/x-rst
+Description-Content-Type: text/markdown
 
 
-==========
- wuttaweb
-==========
+# wuttaweb
 
 Web app for Wutta Framework
 

wuttaweb-0.1.0/README.rst → wuttaweb-0.3.0/README.md

@@ -1,7 +1,5 @@
 
-==========
- wuttaweb
-==========
+# wuttaweb
 
 Web app for Wutta Framework
 

wuttaweb-0.3.0/docs/api/wuttaweb/auth.rst

@@ -0,0 +1,6 @@
+
+``wuttaweb.auth``
+=================
+
+.. automodule:: wuttaweb.auth
+   :members:

wuttaweb-0.3.0/docs/api/wuttaweb/db.rst

@@ -0,0 +1,6 @@
+
+``wuttaweb.db``
+===============
+
+.. automodule:: wuttaweb.db
+   :members:

wuttaweb-0.3.0/docs/api/wuttaweb/forms.base.rst

@@ -0,0 +1,6 @@
+
+``wuttaweb.forms.base``
+=======================
+
+.. automodule:: wuttaweb.forms.base
+   :members:

wuttaweb-0.3.0/docs/api/wuttaweb/forms.rst

@@ -0,0 +1,6 @@
+
+``wuttaweb.forms``
+==================
+
+.. automodule:: wuttaweb.forms
+   :members:

wuttaweb-0.3.0/docs/api/wuttaweb/handler.rst

@@ -0,0 +1,6 @@
+
+``wuttaweb.handler``
+====================
+
+.. automodule:: wuttaweb.handler
+   :members:

{wuttaweb-0.1.0 → wuttaweb-0.3.0}/docs/api/wuttaweb/index.rst

@@ -8,10 +8,18 @@
    :maxdepth: 1
 
    app
+   auth
+   db
+   forms
+   forms.base
+   handler
    helpers
+   menus
    static
    subscribers
    util
    views
+   views.auth
    views.base
    views.common
+   views.essential

wuttaweb-0.3.0/docs/api/wuttaweb/menus.rst

@@ -0,0 +1,6 @@
+
+``wuttaweb.menus``
+==================
+
+.. automodule:: wuttaweb.menus
+   :members:

wuttaweb-0.3.0/docs/api/wuttaweb/views.auth.rst

@@ -0,0 +1,6 @@
+
+``wuttaweb.views.auth``
+=======================
+
+.. automodule:: wuttaweb.views.auth
+   :members:

wuttaweb-0.3.0/docs/api/wuttaweb/views.essential.rst

@@ -0,0 +1,6 @@
+
+``wuttaweb.views.essential``
+============================
+
+.. automodule:: wuttaweb.views.essential
+   :members:

{wuttaweb-0.1.0 → wuttaweb-0.3.0}/docs/conf.py

@@ -20,12 +20,15 @@ extensions = [
     'sphinx.ext.autodoc',
     'sphinx.ext.intersphinx',
     'sphinx.ext.viewcode',
+    'sphinx.ext.todo',
 ]
 
 templates_path = ['_templates']
 exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store']
 
 intersphinx_mapping = {
+    'colander': ('https://docs.pylonsproject.org/projects/colander/en/latest/', None),
+    'deform': ('https://docs.pylonsproject.org/projects/deform/en/latest/', None),
     'pyramid': ('https://docs.pylonsproject.org/projects/pyramid/en/latest/', None),
     'python': ('https://docs.python.org/3/', None),
     'webhelpers2': ('https://webhelpers2.readthedocs.io/en/latest/', None),

{wuttaweb-0.1.0 → wuttaweb-0.3.0}/docs/index.rst

@@ -6,6 +6,11 @@ This package provides a "web layer" for custom apps.
 
 It uses traditional server-side rendering with VueJS on the front-end.
 
+Good documentation and 100% `test coverage`_ are priorities for this
+project.
+
+.. _test coverage: https://buildbot.rattailproject.org/coverage/wuttaweb/
+
 .. toctree::
    :maxdepth: 3
    :caption: Contents:

{wuttaweb-0.1.0 → wuttaweb-0.3.0}/pyproject.toml

@@ -6,9 +6,9 @@ build-backend = "hatchling.build"
 
 [project]
 name = "WuttaWeb"
-version = "0.1.0"
+version = "0.3.0"
 description = "Web App for Wutta Framework"
-readme = "README.rst"
+readme = "README.md"
 authors = [{name = "Lance Edgar", email = "lance@edbob.org"}]
 license = {text = "GNU GPL v3+"}
 classifiers = [
@@ -32,10 +32,13 @@ requires-python = ">= 3.8"
 dependencies = [
         "pyramid>=2",
         "pyramid_beaker",
+        "pyramid_deform",
         "pyramid_mako",
+        "pyramid_tm",
         "waitress",
         "WebHelpers2",
-        "WuttJamaican[db]>=0.6.1",
+        "WuttJamaican[db]>=0.7.0",
+        "zope.sqlalchemy>=1.5",
 ]
 
 
@@ -48,10 +51,14 @@ tests = ["pytest-cov", "tox"]
 main = "wuttaweb.app:main"
 
 
+[project.entry-points."wutta.app.providers"]
+wuttaweb = "wuttaweb.app:WebAppProvider"
+
+
 [project.urls]
-Homepage = "https://rattailproject.org/"
-Repository = "https://kallithea.rattailproject.org/rattail-project/wuttaweb"
-Changelog = "https://kallithea.rattailproject.org/rattail-project/wuttaweb/files/master/CHANGELOG.md"
+Homepage = "https://wuttaproject.org/"
+Repository = "https://forgejo.wuttaproject.org/wutta/wuttaweb"
+Changelog = "https://forgejo.wuttaproject.org/wutta/wuttaweb/src/branch/master/CHANGELOG.md"
 
 
 [tool.commitizen]

{wuttaweb-0.1.0 → wuttaweb-0.3.0}/src/wuttaweb/app.py

@@ -26,10 +26,40 @@ Application
 
 import os
 
+from wuttjamaican.app import AppProvider
 from wuttjamaican.conf import make_config
 
 from pyramid.config import Configurator
 
+import wuttaweb.db
+from wuttaweb.auth import WuttaSecurityPolicy
+
+
+class WebAppProvider(AppProvider):
+    """
+    The :term:`app provider` for WuttaWeb.  This adds some methods
+    specific to web apps.
+    """
+
+    def get_web_handler(self, **kwargs):
+        """
+        Get the configured "web" handler for the app.
+
+        Specify a custom handler in your config file like this:
+
+        .. code-block:: ini
+
+           [wutta]
+           web.handler_spec = poser.web.handler:PoserWebHandler
+
+        :returns: Instance of :class:`~wuttaweb.handler.WebHandler`.
+        """
+        if 'web_handler' not in self.__dict__:
+            spec = self.config.get(f'{self.appname}.web.handler_spec',
+                                   default='wuttaweb.handler:WebHandler')
+            self.web_handler = self.app.load_object(spec)(self.config)
+        return self.web_handler
+
 
 def make_wutta_config(settings):
     """
@@ -56,17 +86,21 @@ def make_wutta_config(settings):
 
     If this config file path cannot be discovered, an error is raised.
     """
-    # initialize config and embed in settings dict, to make
-    # available for web requests later
+    # validate config file path
     path = settings.get('wutta.config')
     if not path or not os.path.exists(path):
         raise ValueError("Please set 'wutta.config' in [app:main] "
                          "section of config to the path of your "
                          "config file.  Lame, but necessary.")
 
+    # make config per usual, add to settings
     wutta_config = make_config(path)
-
     settings['wutta_config'] = wutta_config
+
+    # configure database sessions
+    if hasattr(wutta_config, 'appdb_engine'):
+        wuttaweb.db.Session.configure(bind=wutta_config.appdb_engine)
+
     return wutta_config
 
 
@@ -77,10 +111,18 @@ def make_pyramid_config(settings):
     The config is initialized with certain features deemed useful for
     all apps.
     """
+    settings.setdefault('pyramid_deform.template_search_path',
+                        'wuttaweb:templates/deform')
+
     pyramid_config = Configurator(settings=settings)
 
+    # configure user authorization / authentication
+    pyramid_config.set_security_policy(WuttaSecurityPolicy())
+
     pyramid_config.include('pyramid_beaker')
+    pyramid_config.include('pyramid_deform')
     pyramid_config.include('pyramid_mako')
+    pyramid_config.include('pyramid_tm')
 
     return pyramid_config
 

wuttaweb-0.3.0/src/wuttaweb/auth.py

@@ -0,0 +1,150 @@
+# -*- coding: utf-8; -*-
+################################################################################
+#
+#  wuttaweb -- Web App for Wutta Framework
+#  Copyright © 2024 Lance Edgar
+#
+#  This file is part of Wutta Framework.
+#
+#  Wutta Framework is free software: you can redistribute it and/or modify it
+#  under the terms of the GNU General Public License as published by the Free
+#  Software Foundation, either version 3 of the License, or (at your option) any
+#  later version.
+#
+#  Wutta Framework is distributed in the hope that it will be useful, but
+#  WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+#  FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+#  more details.
+#
+#  You should have received a copy of the GNU General Public License along with
+#  Wutta Framework.  If not, see <http://www.gnu.org/licenses/>.
+#
+################################################################################
+"""
+Auth Utility Logic
+"""
+
+import re
+
+from pyramid.authentication import SessionAuthenticationHelper
+from pyramid.request import RequestLocalCache
+from pyramid.security import remember, forget
+
+from wuttaweb.db import Session
+
+
+def login_user(request, user):
+    """
+    Perform the steps necessary to "login" the given user.  This
+    returns a ``headers`` dict which you should pass to the final
+    redirect, like so::
+
+       from pyramid.httpexceptions import HTTPFound
+
+       headers = login_user(request, user)
+       return HTTPFound(location='/', headers=headers)
+
+    .. warning::
+
+       This logic does not "authenticate" the user!  It assumes caller
+       has already authenticated the user and they are safe to login.
+
+    See also :func:`logout_user()`.
+    """
+    headers = remember(request, user.uuid)
+    return headers
+
+
+def logout_user(request):
+    """
+    Perform the logout action for the given request.  This returns a
+    ``headers`` dict which you should pass to the final redirect, like
+    so::
+
+       from pyramid.httpexceptions import HTTPFound
+
+       headers = logout_user(request)
+       return HTTPFound(location='/', headers=headers)
+
+    See also :func:`login_user()`.
+    """
+    request.session.delete()
+    request.session.invalidate()
+    headers = forget(request)
+    return headers
+
+
+class WuttaSecurityPolicy:
+    """
+    Pyramid :term:`security policy` for WuttaWeb.
+
+    For more on the Pyramid details, see :doc:`pyramid:narr/security`.
+
+    But the idea here is that you should be able to just use this,
+    without thinking too hard::
+
+       from pyramid.config import Configurator
+       from wuttaweb.auth import WuttaSecurityPolicy
+
+       pyramid_config = Configurator()
+       pyramid_config.set_security_policy(WuttaSecurityPolicy())
+
+    This security policy will then do the following:
+
+    * use the request "web session" for auth storage (e.g. current
+      ``user.uuid``)
+    * check permissions as needed, by calling
+      :meth:`~wuttjamaican:wuttjamaican.auth.AuthHandler.has_permission()`
+      for current user
+
+    :param db_session: Optional :term:`db session` to use, instead of
+       :class:`wuttaweb.db.Session`.  Probably only useful for tests.
+    """
+
+    def __init__(self, db_session=None):
+        self.session_helper = SessionAuthenticationHelper()
+        self.identity_cache = RequestLocalCache(self.load_identity)
+        self.db_session = db_session or Session()
+
+    def load_identity(self, request):
+        config = request.registry.settings['wutta_config']
+        app = config.get_app()
+        model = app.model
+
+        # fetch user uuid from current session
+        uuid = self.session_helper.authenticated_userid(request)
+        if not uuid:
+            return
+
+        # fetch user object from db
+        user = self.db_session.get(model.User, uuid)
+        if not user:
+            return
+
+        return user
+
+    def identity(self, request):
+        return self.identity_cache.get_or_create(request)
+
+    def authenticated_userid(self, request):
+        user = self.identity(request)
+        if user is not None:
+            return user.uuid
+
+    def remember(self, request, userid, **kw):
+        return self.session_helper.remember(request, userid, **kw)
+
+    def forget(self, request, **kw):
+        return self.session_helper.forget(request, **kw)
+
+    def permits(self, request, context, permission):
+
+        # nb. root user can do anything
+        if getattr(request, 'is_root', False):
+            return True
+
+        config = request.registry.settings['wutta_config']
+        app = config.get_app()
+        auth = app.get_auth_handler()
+        user = self.identity(request)
+        return auth.has_permission(self.db_session, user, permission)

wuttaweb-0.3.0/src/wuttaweb/db.py

@@ -0,0 +1,66 @@
+# -*- coding: utf-8; -*-
+################################################################################
+#
+#  wuttaweb -- Web App for Wutta Framework
+#  Copyright © 2024 Lance Edgar
+#
+#  This file is part of Wutta Framework.
+#
+#  Wutta Framework is free software: you can redistribute it and/or modify it
+#  under the terms of the GNU General Public License as published by the Free
+#  Software Foundation, either version 3 of the License, or (at your option) any
+#  later version.
+#
+#  Wutta Framework is distributed in the hope that it will be useful, but
+#  WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+#  FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+#  more details.
+#
+#  You should have received a copy of the GNU General Public License along with
+#  Wutta Framework.  If not, see <http://www.gnu.org/licenses/>.
+#
+################################################################################
+"""
+Database sessions for web app
+
+The web app uses a different database session than other
+(e.g. console) apps.  The web session is "registered" to the HTTP
+request/response life cycle (aka. transaction) such that the session
+is automatically rolled back on error, and automatically committed if
+the response is finalized without error.
+
+.. class:: Session
+
+   Primary database session class for the web app.
+
+   Note that you often do not need to "instantiate" this session, and
+   can instead call methods directly on the class::
+
+      from wuttaweb.db import Session
+
+      users = Session.query(model.User).all()
+
+   However in certain cases you may still want/need to instantiate it,
+   e.g. when passing a "true/normal" session to other logic.  But you
+   can always call instance methods as well::
+
+      from wuttaweb.db import Session
+      from some_place import some_func
+
+      session = Session()
+
+      # nb. assuming func does not expect a "web" session per se, pass instance
+      some_func(session)
+
+      # nb. these behave the same (instance vs. class method)
+      users = session.query(model.User).all()
+      users = Session.query(model.User).all()
+"""
+
+from sqlalchemy import orm
+from zope.sqlalchemy.datamanager import register
+
+
+Session = orm.scoped_session(orm.sessionmaker())
+
+register(Session)

wuttaweb-0.3.0/src/wuttaweb/forms/__init__.py

@@ -0,0 +1,31 @@
+# -*- coding: utf-8; -*-
+################################################################################
+#
+#  wuttaweb -- Web App for Wutta Framework
+#  Copyright © 2024 Lance Edgar
+#
+#  This file is part of Wutta Framework.
+#
+#  Wutta Framework is free software: you can redistribute it and/or modify it
+#  under the terms of the GNU General Public License as published by the Free
+#  Software Foundation, either version 3 of the License, or (at your option) any
+#  later version.
+#
+#  Wutta Framework is distributed in the hope that it will be useful, but
+#  WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+#  FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+#  more details.
+#
+#  You should have received a copy of the GNU General Public License along with
+#  Wutta Framework.  If not, see <http://www.gnu.org/licenses/>.
+#
+################################################################################
+"""
+Forms Library
+
+The ``wuttaweb.forms`` namespace contains the following:
+
+* :class:`~wuttaweb.forms.base.Form`
+"""
+
+from .base import Form