PyPI - arthexis - Versions diffs - 0.1.21__py3-none-any.whl → 0.1.22__py3-none-any.whl - Mend

arthexis 0.1.21py3-none-any.whl → 0.1.22py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of arthexis might be problematic. Click here for more details.

Files changed (31) hide show

{arthexis-0.1.21.dist-info → arthexis-0.1.22.dist-info}/METADATA +8 -8
{arthexis-0.1.21.dist-info → arthexis-0.1.22.dist-info}/RECORD +31 -31
config/settings.py +4 -0
config/urls.py +5 -0
core/admin.py +139 -19
core/environment.py +2 -239
core/models.py +419 -2
core/system.py +76 -0
core/tests.py +152 -8
core/views.py +35 -1
nodes/admin.py +148 -38
nodes/apps.py +11 -0
nodes/models.py +26 -6
nodes/tests.py +214 -1
nodes/views.py +1 -0
ocpp/admin.py +20 -1
ocpp/consumers.py +1 -0
ocpp/models.py +23 -1
ocpp/tasks.py +99 -1
ocpp/tests.py +227 -2
ocpp/views.py +281 -3
pages/admin.py +112 -15
pages/apps.py +32 -0
pages/forms.py +31 -8
pages/models.py +42 -2
pages/tests.py +361 -22
pages/urls.py +5 -0
pages/views.py +264 -11
{arthexis-0.1.21.dist-info → arthexis-0.1.22.dist-info}/WHEEL +0 -0
{arthexis-0.1.21.dist-info → arthexis-0.1.22.dist-info}/licenses/LICENSE +0 -0
{arthexis-0.1.21.dist-info → arthexis-0.1.22.dist-info}/top_level.txt +0 -0

pages/views.py CHANGED Viewed

@@ -1,5 +1,6 @@
 import base64
 import logging
+import mimetypes
 from pathlib import Path
 from types import SimpleNamespace
 import datetime
@@ -21,9 +22,11 @@ from django import forms
 from django.apps import apps as django_apps
 from utils.decorators import security_group_required
 from utils.sites import get_site
-from django.http import Http404, HttpResponse, JsonResponse
+from django.contrib.staticfiles import finders
+from django.http import FileResponse, Http404, HttpResponse, JsonResponse
 from django.shortcuts import get_object_or_404, redirect, render
 from nodes.models import Node
+from nodes.utils import capture_screenshot, save_screenshot
 from django.template import loader
 from django.template.response import TemplateResponse
 from django.test import RequestFactory, signals as test_signals
@@ -33,14 +36,19 @@ from django.utils.encoding import force_bytes, force_str
 from django.utils.http import urlsafe_base64_decode, urlsafe_base64_encode
 from core import mailer, public_wifi
 from core.backends import TOTP_DEVICE_NAME
-from django.utils.translation import gettext as _
+from django.utils.translation import get_language, gettext as _
+try:  # pragma: no cover - compatibility shim for Django versions without constant
+    from django.utils.translation import LANGUAGE_SESSION_KEY
+except ImportError:  # pragma: no cover - fallback when constant is unavailable
+    LANGUAGE_SESSION_KEY = "_language"
 from django.views.decorators.csrf import csrf_exempt, ensure_csrf_cookie
 from django.views.decorators.http import require_POST
 from django.core.cache import cache
 from django.views.decorators.cache import never_cache
-from django.utils.cache import patch_vary_headers
-from django.core.exceptions import PermissionDenied
-from django.utils.text import slugify
+from django.utils.cache import patch_cache_control, patch_vary_headers
+from django.core.exceptions import PermissionDenied, SuspiciousFileOperation
+from django.utils.text import slugify, Truncator
 from django.core.validators import EmailValidator
 from django.db.models import Q
 from core.models import (
@@ -48,6 +56,7 @@ from core.models import (
     ClientReport,
     ClientReportSchedule,
     SecurityGroup,
+    Todo,
 )
 try:  # pragma: no cover - optional dependency guard
@@ -58,16 +67,34 @@ except ImportError:  # pragma: no cover - handled gracefully in views
     CalledProcessError = ExecutableNotFound = None
 import markdown
+from django.utils._os import safe_join
 MARKDOWN_EXTENSIONS = ["toc", "tables", "mdx_truly_sane_lists"]
+MARKDOWN_IMAGE_PATTERN = re.compile(
+    r"(?P<prefix><img\b[^>]*\bsrc=[\"\'])(?P<scheme>(?:static|work))://(?P<path>[^\"\']+)(?P<suffix>[\"\'])",
+    re.IGNORECASE,
+)
+ALLOWED_IMAGE_EXTENSIONS = {
+    ".apng",
+    ".avif",
+    ".gif",
+    ".jpg",
+    ".jpeg",
+    ".png",
+    ".svg",
+    ".webp",
+}
 def _render_markdown_with_toc(text: str) -> tuple[str, str]:
     """Render ``text`` to HTML and return the HTML and stripped TOC."""
     md = markdown.Markdown(extensions=MARKDOWN_EXTENSIONS)
     html = md.convert(text)
+    html = _rewrite_markdown_asset_links(html)
     toc_html = md.toc
     toc_html = _strip_toc_wrapper(toc_html)
     return html, toc_html
@@ -82,6 +109,86 @@ def _strip_toc_wrapper(toc_html: str) -> str:
         if toc_html.endswith("</div>"):
             toc_html = toc_html[: -len("</div>")]
     return toc_html.strip()
+def _rewrite_markdown_asset_links(html: str) -> str:
+    """Rewrite asset links that reference local asset schemes."""
+    def _replace(match: re.Match[str]) -> str:
+        scheme = match.group("scheme").lower()
+        asset_path = match.group("path").lstrip("/")
+        if not asset_path:
+            return match.group(0)
+        extension = Path(asset_path).suffix.lower()
+        if extension not in ALLOWED_IMAGE_EXTENSIONS:
+            return match.group(0)
+        try:
+            asset_url = reverse(
+                "pages:readme-asset",
+                kwargs={"source": scheme, "asset": asset_path},
+            )
+        except NoReverseMatch:
+            return match.group(0)
+        return f"{match.group('prefix')}{escape(asset_url)}{match.group('suffix')}"
+    return MARKDOWN_IMAGE_PATTERN.sub(_replace, html)
+def _resolve_static_asset(path: str) -> Path:
+    normalized = path.lstrip("/")
+    if not normalized:
+        raise Http404("Asset not found")
+    resolved = finders.find(normalized)
+    if not resolved:
+        raise Http404("Asset not found")
+    if isinstance(resolved, (list, tuple)):
+        resolved = resolved[0]
+    file_path = Path(resolved)
+    if file_path.is_dir():
+        raise Http404("Asset not found")
+    return file_path
+def _resolve_work_asset(user, path: str) -> Path:
+    if not (user and getattr(user, "is_authenticated", False)):
+        raise PermissionDenied
+    normalized = path.lstrip("/")
+    if not normalized:
+        raise Http404("Asset not found")
+    username = getattr(user, "get_username", None)
+    if callable(username):
+        username = username()
+    else:
+        username = getattr(user, "username", "")
+    username_component = Path(str(username or user.pk)).name
+    base_work = Path(settings.BASE_DIR) / "work"
+    try:
+        user_dir = Path(safe_join(str(base_work), username_component))
+        asset_path = Path(safe_join(str(user_dir), normalized))
+    except SuspiciousFileOperation as exc:
+        logger.warning("Rejected suspicious work asset path: %s", normalized, exc_info=exc)
+        raise Http404("Asset not found") from exc
+    try:
+        user_dir_resolved = user_dir.resolve(strict=True)
+    except FileNotFoundError as exc:
+        logger.warning(
+            "Work directory missing for asset request: %s", user_dir, exc_info=exc
+        )
+        raise Http404("Asset not found") from exc
+    try:
+        asset_resolved = asset_path.resolve(strict=True)
+    except FileNotFoundError as exc:
+        raise Http404("Asset not found") from exc
+    try:
+        asset_resolved.relative_to(user_dir_resolved)
+    except ValueError as exc:
+        logger.warning(
+            "Rejected work asset outside directory: %s", asset_resolved, exc_info=exc
+        )
+        raise Http404("Asset not found") from exc
+    if asset_resolved.is_dir():
+        raise Http404("Asset not found")
+    return asset_resolved
 from pages.utils import landing
 from core.liveupdate import live_update
 from django_otp import login as otp_login
@@ -487,19 +594,33 @@ def _locate_readme_document(role, doc: str | None, lang: str) -> SimpleNamespace
                     continue
                 candidates.append(candidate)
     else:
+        default_readme = readme_base / "README.md"
+        root_default: Path | None = None
         if lang:
             candidates.append(readme_base / f"README.{lang}.md")
             short = lang.split("-")[0]
             if short != lang:
                 candidates.append(readme_base / f"README.{short}.md")
-        candidates.append(readme_base / "README.md")
         if readme_base != root_base:
+            candidates.append(default_readme)
             if lang:
                 candidates.append(root_base / f"README.{lang}.md")
                 short = lang.split("-")[0]
                 if short != lang:
                     candidates.append(root_base / f"README.{short}.md")
-            candidates.append(root_base / "README.md")
+            root_default = root_base / "README.md"
+        else:
+            root_default = default_readme
+        locale_base = root_base / "locale"
+        if locale_base.exists():
+            if lang:
+                candidates.append(locale_base / f"README.{lang}.md")
+                short = lang.split("-")[0]
+                if short != lang:
+                    candidates.append(locale_base / f"README.{short}.md")
+            candidates.append(locale_base / "README.md")
+        if root_default is not None:
+            candidates.append(root_default)
     readme_file = next((p for p in candidates if p.exists()), None)
     if readme_file is None:
@@ -552,6 +673,44 @@ def _render_readme(request, role, doc: str | None = None):
     return response
+def readme_asset(request, source: str, asset: str):
+    source_normalized = (source or "").lower()
+    if source_normalized == "static":
+        file_path = _resolve_static_asset(asset)
+    elif source_normalized == "work":
+        file_path = _resolve_work_asset(getattr(request, "user", None), asset)
+    else:
+        raise Http404("Asset not found")
+    if not file_path.exists() or not file_path.is_file():
+        raise Http404("Asset not found")
+    extension = file_path.suffix.lower()
+    if extension not in ALLOWED_IMAGE_EXTENSIONS:
+        raise Http404("Asset not found")
+    try:
+        file_handle = file_path.open("rb")
+    except OSError as exc:  # pragma: no cover - unexpected filesystem error
+        logger.warning("Unable to open asset %s", file_path, exc_info=exc)
+        raise Http404("Asset not found") from exc
+    content_type = mimetypes.guess_type(str(file_path))[0] or "application/octet-stream"
+    response = FileResponse(file_handle, content_type=content_type)
+    try:
+        response["Content-Length"] = str(file_path.stat().st_size)
+    except OSError:  # pragma: no cover - filesystem race
+        pass
+    if source_normalized == "work":
+        patch_cache_control(response, private=True, no_store=True)
+        patch_vary_headers(response, ["Cookie"])
+    else:
+        patch_cache_control(response, public=True, max_age=3600)
+    return response
 class MarkdownDocumentForm(forms.Form):
     content = forms.CharField(
         widget=forms.Textarea(
@@ -1269,6 +1428,25 @@ def client_report(request):
     return render(request, "pages/client_report.html", context)
+def _get_request_language_code(request) -> str:
+    language_code = ""
+    if hasattr(request, "session"):
+        language_code = request.session.get(LANGUAGE_SESSION_KEY, "")
+    if not language_code:
+        cookie_name = getattr(settings, "LANGUAGE_COOKIE_NAME", "django_language")
+        language_code = request.COOKIES.get(cookie_name, "")
+    if not language_code:
+        language_code = getattr(request, "LANGUAGE_CODE", "") or ""
+    if not language_code:
+        language_code = get_language() or ""
+    language_code = language_code.strip()
+    if not language_code:
+        return ""
+    return language_code.replace("_", "-").lower()[:15]
 @require_POST
 def submit_user_story(request):
     throttle_seconds = getattr(settings, "USER_STORY_THROTTLE_SECONDS", 300)
@@ -1290,12 +1468,12 @@ def submit_user_story(request):
             )
     data = request.POST.copy()
-    if request.user.is_authenticated and not data.get("name"):
+    if request.user.is_authenticated:
         data["name"] = request.user.get_username()[:40]
     if not data.get("path"):
         data["path"] = request.get_full_path()
-    form = UserStoryForm(data)
+    form = UserStoryForm(data, user=request.user)
     if request.user.is_authenticated:
         form.instance.user = request.user
@@ -1304,8 +1482,7 @@ def submit_user_story(request):
         if request.user.is_authenticated:
             story.user = request.user
             story.owner = request.user
-            if not story.name:
-                story.name = request.user.get_username()[:40]
+            story.name = request.user.get_username()[:40]
         if not story.name:
             story.name = str(_("Anonymous"))[:40]
         story.path = (story.path or request.get_full_path())[:500]
@@ -1313,7 +1490,83 @@ def submit_user_story(request):
         story.user_agent = request.META.get("HTTP_USER_AGENT", "")
         story.ip_address = client_ip or None
         story.is_user_data = True
+        language_code = _get_request_language_code(request)
+        if language_code:
+            story.language_code = language_code
         story.save()
+        if request.user.is_authenticated and request.user.is_superuser:
+            comment_text = (story.comments or "").strip()
+            prefix = "Triage "
+            request_field = Todo._meta.get_field("request")
+            available_length = max(request_field.max_length - len(prefix), 0)
+            if available_length > 0 and comment_text:
+                summary = Truncator(comment_text).chars(
+                    available_length, truncate="…"
+                )
+            else:
+                summary = comment_text[:available_length]
+            todo_request = f"{prefix}{summary}".strip()
+            user_is_authenticated = request.user.is_authenticated
+            node = Node.get_local()
+            existing_todo = (
+                Todo.objects.filter(request__iexact=todo_request, is_deleted=False)
+                .order_by("pk")
+                .first()
+            )
+            if existing_todo:
+                update_fields: set[str] = set()
+                if node and existing_todo.origin_node_id != node.pk:
+                    existing_todo.origin_node = node
+                    update_fields.add("origin_node")
+                if existing_todo.original_user_id != request.user.pk:
+                    existing_todo.original_user = request.user
+                    update_fields.add("original_user")
+                if (
+                    existing_todo.original_user_is_authenticated
+                    != user_is_authenticated
+                ):
+                    existing_todo.original_user_is_authenticated = (
+                        user_is_authenticated
+                    )
+                    update_fields.add("original_user_is_authenticated")
+                if not existing_todo.is_user_data:
+                    existing_todo.is_user_data = True
+                    update_fields.add("is_user_data")
+                if update_fields:
+                    existing_todo.save(update_fields=tuple(update_fields))
+            else:
+                Todo.objects.create(
+                    request=todo_request,
+                    origin_node=node,
+                    original_user=request.user,
+                    original_user_is_authenticated=user_is_authenticated,
+                    is_user_data=True,
+                )
+        if story.take_screenshot:
+            screenshot_url = request.META.get("HTTP_REFERER", "")
+            parsed = urlparse(screenshot_url)
+            if not (parsed.scheme and parsed.netloc):
+                target_path = story.path or request.get_full_path() or "/"
+                screenshot_url = request.build_absolute_uri(target_path)
+            try:
+                screenshot_path = capture_screenshot(screenshot_url)
+            except Exception:  # pragma: no cover - best effort capture
+                logger.exception("Failed to capture screenshot for user story %s", story.pk)
+            else:
+                try:
+                    sample = save_screenshot(
+                        screenshot_path,
+                        method="USER_STORY",
+                        user=story.user if story.user_id else None,
+                    )
+                except Exception:  # pragma: no cover - best effort persistence
+                    logger.exception(
+                        "Failed to persist screenshot for user story %s", story.pk
+                    )
+                else:
+                    if sample is not None:
+                        story.screenshot = sample
+                        story.save(update_fields=["screenshot"])
         return JsonResponse({"success": True})
     return JsonResponse({"success": False, "errors": form.errors}, status=400)

{arthexis-0.1.21.dist-info → arthexis-0.1.22.dist-info}/WHEEL RENAMED Viewed

File without changes

{arthexis-0.1.21.dist-info → arthexis-0.1.22.dist-info}/licenses/LICENSE RENAMED Viewed

File without changes

{arthexis-0.1.21.dist-info → arthexis-0.1.22.dist-info}/top_level.txt RENAMED Viewed

File without changes

arthexis 0.1.21__py3-none-any.whl → 0.1.22__py3-none-any.whl

Potentially problematic release.

arthexis 0.1.21py3-none-any.whl → 0.1.22py3-none-any.whl