c2cgeoportal-commons 2.6.0__py3-none-any.whl → 2.8.1.180__py3-none-any.whl

c2cgeoportal_commons/models/sqlalchemy.py

@@ -1,6 +1,4 @@
-# -*- coding: utf-8 -*-
-
-# Copyright (c) 2012-2021, Camptocamp SA
+# Copyright (c) 2012-2023, Camptocamp SA
 # All rights reserved.
 
 # Redistribution and use in source and binary forms, with or without
@@ -27,7 +25,7 @@
 # of the authors and should not be interpreted as representing official policies,
 # either expressed or implied, of the FreeBSD Project.
 import json
-from typing import Any, Optional, Type
+from typing import Any, Dict, Optional, Type
 
 from sqlalchemy.engine import Dialect
 from sqlalchemy.types import VARCHAR, TypeDecorator, UserDefinedType
@@ -35,37 +33,34 @@ from sqlalchemy.types import VARCHAR, TypeDecorator, UserDefinedType
 
 # get from https://docs.sqlalchemy.org/en/latest/orm/extensions/
 # mutable.html#establishing-mutability-on-scalar-column-values
-class JSONEncodedDict(TypeDecorator):
-    """
-    Represents an immutable structure as a json-encoded string.
-    """
+class JSONEncodedDict(TypeDecorator):  # type: ignore
+    """Represent an immutable structure as a json-encoded string."""
 
     impl = VARCHAR
 
-    @staticmethod
-    def process_bind_param(value: Optional[dict], _: Dialect) -> Optional[str]:
+    def process_bind_param(self, value: Optional[Dict[str, Any]], _: Dialect) -> Optional[str]:
         return json.dumps(value) if value is not None else None
 
-    @staticmethod
-    def process_result_value(value: Optional[str], _: Dialect) -> Optional[dict]:
+    def process_result_value(self, value: Optional[str], _: Dialect) -> Optional[Dict[str, Any]]:
         return json.loads(value) if value is not None else None
 
     @property
-    def python_type(self) -> Type:
+    def python_type(self) -> Type[Any]:
         return dict
 
-    @staticmethod
-    def process_literal_param(value: str, dialect: Any) -> str:
+    def process_literal_param(self, value: str, dialect: Any) -> str:
         del dialect
         return json.dumps(value)
 
 
-class TsVector(UserDefinedType):
+class TsVector(UserDefinedType):  # type: ignore
     """A custom type for PostgreSQL's tsvector type."""
 
-    def get_col_spec(self) -> str:  # pylint: disable=no-self-use
+    cache_ok = True
+
+    def get_col_spec(self) -> str:
         return "TSVECTOR"
 
     @property
-    def python_type(self) -> Type:
+    def python_type(self) -> Type[Any]:
         return dict

c2cgeoportal_commons/models/static.py

@@ -1,6 +1,4 @@
-# -*- coding: utf-8 -*-
-
-# Copyright (c) 2011-2021, Camptocamp SA
+# Copyright (c) 2011-2023, Camptocamp SA
 # All rights reserved.
 
 # Redistribution and use in source and binary forms, with or without
@@ -33,7 +31,7 @@ import logging
 from datetime import datetime
 from hashlib import sha1
 from hmac import compare_digest as compare_hash
-from typing import Any, List
+from typing import Any, List, Optional
 
 import pytz
 import sqlalchemy.schema
@@ -44,8 +42,9 @@ from sqlalchemy.ext.mutable import MutableDict
 from sqlalchemy.orm import backref, relationship
 from sqlalchemy.types import Boolean, DateTime, Integer, String, Unicode
 
+from c2cgeoportal_commons.lib.literal import Literal
 from c2cgeoportal_commons.models import Base, _
-from c2cgeoportal_commons.models.main import Role
+from c2cgeoportal_commons.models.main import AbstractLog, Role
 
 try:
     from c2cgeoform.ext.deform_ext import RelationSelect2Widget
@@ -55,6 +54,8 @@ except ModuleNotFoundError:
     drop = None
 
     class GenericClass:
+        """Generic class."""
+
         def __init__(self, *args: Any, **kwargs: Any):
             pass
 
@@ -79,10 +80,48 @@ user_role = Table(
 )
 
 
-class User(Base):
+class User(Base):  # type: ignore
+    """The user table representation."""
+
     __tablename__ = "user"
     __table_args__ = {"schema": _schema}
-    __colanderalchemy_config__ = {"title": _("User"), "plural": _("Users")}
+    __colanderalchemy_config__ = {
+        "title": _("User"),
+        "plural": _("Users"),
+        "description": Literal(
+            _(
+                """
+            <div class="help-block">
+                <p>Each user may have from 1 to n roles, but each user has a default role from
+                    which are taken some settings. The default role (defined through the
+                    "Settings from role" selection) has an influence on the role extent and on some
+                    functionalities regarding their configuration.</p>
+
+                <p>Role extents for users can only be set in one role, because the application
+                    is currently not able to check multiple extents for one user, thus it is the
+                    default role which defines this unique extent.</p>
+
+                <p>Any functionality specified as <b>single</b> can be defined only once per user.
+                    Hence, these functionalities have to be defined in the default role.</p>
+
+                <p>By default, functionalities are not specified as <b>single</b>. Currently, the
+                    following functionalities are of <b>single</b> type:</p>
+
+                <ul>
+                    <li><code>default_basemap</code></li>
+                    <li><code>default_theme</code></li>
+                    <li><code>preset_layer_filter</code></li>
+                    <li><code>open_panel</code></li>
+                </ul>
+
+                <p>Any other functionality (with <b>single</b> not set or set to <code>false</code>) can
+                    be defined in any role linked to the user.</p>
+                <hr>
+            </div>
+                """
+            )
+        ),
+    }
     __c2cgeoform_config__ = {"duplicate": True}
     item_type = Column(
         "type", String(10), nullable=False, info={"colanderalchemy": {"widget": HiddenWidget()}}
@@ -91,7 +130,15 @@ class User(Base):
 
     id = Column(Integer, primary_key=True, info={"colanderalchemy": {"widget": HiddenWidget()}})
     username = Column(
-        Unicode, unique=True, nullable=False, info={"colanderalchemy": {"title": _("Username")}}
+        Unicode,
+        unique=True,
+        nullable=False,
+        info={
+            "colanderalchemy": {
+                "title": _("Username"),
+                "description": _("Name used for authentication (must be unique)."),
+            }
+        },
     )
     _password = Column("password", Unicode, nullable=False, info={"colanderalchemy": {"exclude": True}})
     temp_password = Column(
@@ -99,10 +146,27 @@ class User(Base):
     )
     tech_data = Column(MutableDict.as_mutable(HSTORE), info={"colanderalchemy": {"exclude": True}})
     email = Column(
-        Unicode, nullable=False, info={"colanderalchemy": {"title": _("Email"), "validator": Email()}}
+        Unicode,
+        nullable=False,
+        info={
+            "colanderalchemy": {
+                "title": _("Email"),
+                "description": _(
+                    "Used to send emails to the user, for example in case of password recovery."
+                ),
+                "validator": Email(),
+            }
+        },
     )
     is_password_changed = Column(
-        Boolean, default=False, info={"colanderalchemy": {"title": _("The user changed his password")}}
+        Boolean,
+        default=False,
+        info={
+            "colanderalchemy": {
+                "title": _("The user changed his password"),
+                "description": _("Indicates if user has changed his password."),
+            }
+        },
     )
 
     settings_role_id = Column(
@@ -110,7 +174,7 @@ class User(Base):
         info={
             "colanderalchemy": {
                 "title": _("Settings from role"),
-                "description": "Only used for settings not for permissions",
+                "description": _("Used to get some settings for the user (not for permissions)."),
                 "widget": RelationSelect2Widget(
                     Role, "id", "name", order_by="name", default_value=("", _("- Select -"))
                 ),
@@ -129,8 +193,24 @@ class User(Base):
         Role,
         secondary=user_role,
         secondaryjoin=Role.id == user_role.c.role_id,
-        backref=backref("users", order_by="User.username", info={"colanderalchemy": {"exclude": True}}),
-        info={"colanderalchemy": {"title": _("Roles"), "exclude": True}},
+        backref=backref(
+            "users",
+            order_by="User.username",
+            info={
+                "colanderalchemy": {
+                    "title": _("Users"),
+                    "description": _("Users granted with this role."),
+                    "exclude": True,
+                }
+            },
+        ),
+        info={
+            "colanderalchemy": {
+                "title": _("Roles"),
+                "description": _("Roles granted to the user."),
+                "exclude": True,
+            }
+        },
     )
 
     last_login = Column(
@@ -138,25 +218,43 @@ class User(Base):
         info={
             "colanderalchemy": {
                 "title": _("Last login"),
+                "description": _("Date of the user's last login."),
                 "missing": drop,
                 "widget": DateTimeInputWidget(readonly=True),
             }
         },
     )
 
-    expire_on = Column(DateTime(timezone=True), info={"colanderalchemy": {"title": _("Expiration date")}})
+    expire_on = Column(
+        DateTime(timezone=True),
+        info={
+            "colanderalchemy": {
+                "title": _("Expiration date"),
+                "description": _("After this date the user will not be able to login anymore."),
+            }
+        },
+    )
 
-    deactivated = Column(Boolean, default=False, info={"colanderalchemy": {"title": _("Deactivated")}})
+    deactivated = Column(
+        Boolean,
+        default=False,
+        info={
+            "colanderalchemy": {
+                "title": _("Deactivated"),
+                "description": _("Deactivate a user without removing it completely."),
+            }
+        },
+    )
 
-    def __init__(
+    def __init__(  # nosec
         self,
         username: str = "",
         password: str = "",
         email: str = "",
         is_password_changed: bool = False,
-        settings_role: Role = None,
-        roles: List[Role] = None,
-        expire_on: datetime = None,
+        settings_role: Optional[Role] = None,
+        roles: Optional[List[Role]] = None,
+        expire_on: Optional[datetime] = None,
         deactivated: bool = False,
     ) -> None:
         self.username = username
@@ -172,16 +270,16 @@ class User(Base):
 
     @property
     def password(self) -> str:
-        """returns password"""
-        return self._password  # pragma: no cover
+        """Get the password."""
+        return self._password  # type: ignore
 
     @password.setter
     def password(self, password: str) -> None:
-        """encrypts password on the fly."""
+        """Encrypt password on the fly."""
         self._password = self.__encrypt_password(password)
 
     def set_temp_password(self, password: str) -> None:
-        """encrypts password on the fly."""
+        """Encrypt password on the fly."""
         self.temp_password = self.__encrypt_password(password)
 
     @staticmethod
@@ -194,8 +292,8 @@ class User(Base):
         return crypt.crypt(password, crypt.METHOD_SHA512)
 
     def validate_password(self, passwd: str) -> bool:
-        """Check the password against existing credentials.
-        this method _MUST_ return a boolean.
+        """
+        Check the password against existing credentials. this method _MUST_ return a boolean.
 
         @param passwd: the password that was provided by the user to
         try and authenticate. This is the clear text version that we will
@@ -214,7 +312,7 @@ class User(Base):
 
         if (
             self.temp_password is not None
-            and self.temp_password != ""
+            and self.temp_password != ""  # nosec
             and compare_hash(self.temp_password, crypt.crypt(passwd, self.temp_password))
         ):
             self._password = self.temp_password
@@ -230,10 +328,12 @@ class User(Base):
         self.last_login = datetime.now(pytz.utc)
 
     def __str__(self) -> str:
-        return self.username or ""  # pragma: no cover
+        return self.username or ""
 
 
-class Shorturl(Base):
+class Shorturl(Base):  # type: ignore
+    """The shorturl table representation."""
+
     __tablename__ = "shorturl"
     __table_args__ = {"schema": _schema}
     id = Column(Integer, primary_key=True)
@@ -245,18 +345,79 @@ class Shorturl(Base):
     nb_hits = Column(Integer)
 
 
-class OAuth2Client(Base):
+class OAuth2Client(Base):  # type: ignore
+    """The oauth2_client table representation."""
+
     __tablename__ = "oauth2_client"
     __table_args__ = {"schema": _schema}
     __colanderalchemy_config__ = {"title": _("OAuth2 Client"), "plural": _("OAuth2 Clients")}
     __c2cgeoform_config__ = {"duplicate": True}
     id = Column(Integer, primary_key=True, info={"colanderalchemy": {"widget": HiddenWidget()}})
-    client_id = Column(Unicode, unique=True, info={"colanderalchemy": {"title": _("Client ID")}})
-    secret = Column(Unicode, info={"colanderalchemy": {"title": _("Secret")}})
-    redirect_uri = Column(Unicode, info={"colanderalchemy": {"title": _("Redirect URI")}})
+    client_id = Column(
+        Unicode,
+        unique=True,
+        info={
+            "colanderalchemy": {
+                "title": _("Client ID"),
+                "description": _("The client identifier as e.-g. 'qgis'."),
+            }
+        },
+    )
+    secret = Column(
+        Unicode,
+        info={
+            "colanderalchemy": {
+                "title": _("Secret"),
+                "description": _("The secret."),
+            }
+        },
+    )
+    redirect_uri = Column(
+        Unicode,
+        info={
+            "colanderalchemy": {
+                "title": _("Redirect URI"),
+                "description": _(
+                    """
+                    URI where user should be redirected after authentication
+                    as e.-g. 'http://127.0.0.1:7070/' in case of QGIS desktop.
+                    """
+                ),
+            }
+        },
+    )
+    state_required = Column(
+        Boolean,
+        default=False,
+        info={
+            "colanderalchemy": {
+                "title": _("State required"),
+                "description": _(
+                    "The state is required for this client (see: "
+                    "https://auth0.com/docs/secure/attack-protection/state-parameters)."
+                ),
+            }
+        },
+    )
+    pkce_required = Column(
+        Boolean,
+        default=False,
+        info={
+            "colanderalchemy": {
+                "title": _("PKCE required"),
+                "description": _(
+                    "PKCE is required for this client (see: "
+                    "https://auth0.com/docs/get-started/authentication-and-authorization-flow/"
+                    "authorization-code-flow-with-proof-key-for-code-exchange-pkce)."
+                ),
+            }
+        },
+    )
 
 
-class OAuth2BearerToken(Base):
+class OAuth2BearerToken(Base):  # type: ignore
+    """The oauth2_bearertoken table representation."""
+
     __tablename__ = "oauth2_bearertoken"
     __table_args__ = (
         sqlalchemy.schema.UniqueConstraint("client_id", "user_id"),
@@ -272,9 +433,12 @@ class OAuth2BearerToken(Base):
     access_token = Column(Unicode(100), unique=True)
     refresh_token = Column(Unicode(100), unique=True)
     expire_at = Column(DateTime(timezone=True))  # in one hour
+    state = Column(String)
+
 
+class OAuth2AuthorizationCode(Base):  # type: ignore
+    """The oauth2_authorizationcode table representation."""
 
-class OAuth2AuthorizationCode(Base):
     __tablename__ = "oauth2_authorizationcode"
     __table_args__ = (
         sqlalchemy.schema.UniqueConstraint("client_id", "user_id"),
@@ -289,4 +453,18 @@ class OAuth2AuthorizationCode(Base):
     user = relationship(User)
     redirect_uri = Column(Unicode)
     code = Column(Unicode(100), unique=True)
+    state = Column(String)
+    challenge = Column(String(128))
+    challenge_method = Column(String(6))
     expire_at = Column(DateTime(timezone=True))  # in 10 minutes
+
+
+class Log(AbstractLog):
+    """The static log table representation."""
+
+    __tablename__ = "log"
+    __table_args__ = {"schema": _schema}
+    __mapper_args__ = {
+        "polymorphic_identity": "static",
+        "concrete": True,
+    }

c2cgeoportal_commons/testing/__init__.py

@@ -1,6 +1,4 @@
-# -*- coding: utf-8 -*-
-
-# Copyright (c) 2018-2020, Camptocamp SA
+# Copyright (c) 2018-2023, Camptocamp SA
 # All rights reserved.
 
 # Redistribution and use in source and binary forms, with or without
@@ -28,6 +26,8 @@
 # either expressed or implied, of the FreeBSD Project.
 
 
+from typing import Any, Dict
+
 import zope.sqlalchemy
 from sqlalchemy import engine_from_config
 from sqlalchemy.engine import Engine
@@ -35,11 +35,13 @@ from sqlalchemy.orm import Session, configure_mappers, sessionmaker
 from transaction import TransactionManager
 
 
-def get_engine(settings: dict, prefix: str = "sqlalchemy.") -> Engine:
+def get_engine(settings: Dict[str, Any], prefix: str = "sqlalchemy.") -> Engine:
+    """Get the engine."""
     return engine_from_config(settings, prefix)
 
 
 def get_session_factory(engine: Engine) -> sessionmaker:
+    """Get the session factory."""
     factory = sessionmaker()
     factory.configure(bind=engine)
     return factory
@@ -64,7 +66,6 @@ def get_tm_session(session_factory: sessionmaker, transaction_manager: Transacti
           session_factory = get_session_factory(engine)
           with transaction.manager:
               dbsession = get_tm_session(session_factory, transaction.manager)
-
     """
     dbsession = session_factory()
     zope.sqlalchemy.register(dbsession, transaction_manager=transaction_manager)
@@ -72,13 +73,12 @@ def get_tm_session(session_factory: sessionmaker, transaction_manager: Transacti
 
 
 def generate_mappers() -> None:
-    """
-    Initialize the model for a Pyramid app.
-    """
+    """Initialize the model for a Pyramid app."""
 
     # import or define all models here to ensure they are attached to the
     # Base.metadata prior to any initialization routines
-    import c2cgeoportal_commons.models.main  # noqa: F401
+    import c2cgeoportal_commons.models.main  # pylint: disable=unused-import,import-outside-toplevel
+    import c2cgeoportal_commons.models.static  # pylint: disable=import-outside-toplevel
 
     # run configure_mappers after defining all of the models to ensure
     # all relationships can be setup
@@ -86,8 +86,9 @@ def generate_mappers() -> None:
 
 
 def get_session(
-    settings: dict, transaction_manager: TransactionManager, prefix: str = "sqlalchemy."
+    settings: Dict[str, Any], transaction_manager: TransactionManager, prefix: str = "sqlalchemy."
 ) -> Session:
+    """Get the session."""
     configure_mappers()
     engine = get_engine(settings, prefix)
     session_factory = get_session_factory(engine)

c2cgeoportal_commons/testing/initializedb.py

@@ -1,6 +1,4 @@
-# -*- coding: utf-8 -*-
-
-# Copyright (c) 2017-2020, Camptocamp SA
+# Copyright (c) 2017-2021, Camptocamp SA
 # All rights reserved.
 
 # Redistribution and use in source and binary forms, with or without
@@ -30,7 +28,7 @@
 
 import os
 import sys
-from typing import List
+from typing import List, cast
 
 from sqlalchemy.engine import Connection
 from sqlalchemy.orm import Session
@@ -39,30 +37,32 @@ from c2cgeoportal_commons.models import Base
 
 
 def usage(argv: List[str]) -> None:
+    """Get the usage."""
     cmd = os.path.basename(argv[0])
-    print("usage: %s <config_uri> [var=value]\n" '(example: "%s development.ini")' % (cmd, cmd))
+    print(f"usage: {cmd} <config_uri> [var=value]\n" '(example: "{cmd} development.ini")')
     sys.exit(1)
 
 
 def schema_exists(connection: Connection, schema_name: str) -> bool:
-    sql = """
+    """Get if the schema exist."""
+    sql = f"""
 SELECT count(*) AS count
 FROM information_schema.schemata
-WHERE schema_name = '{}';
-""".format(
-        schema_name
-    )
+WHERE schema_name = '{schema_name}';
+"""
     result = connection.execute(sql)
     row = result.first()
-    return row[0] == 1
+    return cast(bool, row[0] == 1)
 
 
 def truncate_tables(connection: Connection) -> None:
+    """Truncate all the tables defined in the model."""
     for t in Base.metadata.sorted_tables:
-        connection.execute("TRUNCATE TABLE {}.{} CASCADE;".format(t.schema, t.name))
+        connection.execute(f"TRUNCATE TABLE {t.schema}.{t.name} CASCADE;")
 
 
 def setup_test_data(dbsession: Session) -> None:
+    """Initialize the testing data."""
     from c2cgeoportal_commons.models.main import Role  # pylint: disable=import-outside-toplevel
     from c2cgeoportal_commons.models.static import User  # pylint: disable=import-outside-toplevel
 

{c2cgeoportal_commons-2.6.0.dist-info → c2cgeoportal_commons-2.8.1.180.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: c2cgeoportal-commons
-Version: 2.6.0
+Version: 2.8.1.180
 Summary: c2cgeoportal commons
 Home-page: https://github.com/camptocamp/c2cgeoportal/
 Author: Camptocamp
@@ -8,19 +8,24 @@ Author-email: info@camptocamp.com
 License: UNKNOWN
 Keywords: web gis geoportail c2cgeoportal geocommune pyramid
 Platform: UNKNOWN
-Classifier: Programming Language :: Python
-Classifier: Programming Language :: Python :: 3
-Classifier: Programming Language :: Python :: 3.7
+Classifier: Development Status :: 6 - Mature
+Classifier: Environment :: Web Environment
 Classifier: Framework :: Pyramid
-Classifier: Topic :: Internet :: WWW/HTTP
-Classifier: Topic :: Internet :: WWW/HTTP :: WSGI :: Application
+Classifier: Intended Audience :: Other Audience
 Classifier: License :: OSI Approved :: BSD License
-Classifier: Development Status :: 6 - Mature
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Topic :: Scientific/Engineering :: GIS
+Classifier: Typing :: Typed
 Description-Content-Type: text/markdown
 Requires-Dist: GeoAlchemy2
 Requires-Dist: c2c.template
+Requires-Dist: jinja2 (>=3.1.3)
 Requires-Dist: papyrus
 Requires-Dist: pyramid
+Requires-Dist: setuptools (>=65.5.1)
 Requires-Dist: sqlalchemy
 Requires-Dist: transaction
 Requires-Dist: zope.event
@@ -30,14 +35,16 @@ Provides-Extra: testing
 Requires-Dist: transaction ; extra == 'testing'
 Provides-Extra: upgrade
 Requires-Dist: alembic ; extra == 'upgrade'
-Requires-Dist: psycopg2-binary ; extra == 'upgrade'
+Requires-Dist: psycopg2 ; extra == 'upgrade'
 
 # c2cgeoportal_common
 
 ## Checkout
 
+```
 git clone git@github.com:camptocamp/c2cgeoportal.git
 cd common
+```
 
 ## Create virtual environment
 
@@ -51,11 +58,9 @@ sudo -u postgres psql -c "CREATE USER \"www-data\" WITH PASSWORD 'www-data';"
 DATABASE=geomapfish_tests
 sudo -u postgres psql -c "CREATE DATABASE $DATABASE WITH OWNER \"www-data\";"
 sudo -u postgres psql -d $DATABASE -c "CREATE EXTENSION postgis;"
-
 ```
-use common/testing/initialized.py to create the database (development.ini at admin side)
 
-```
+use `common/testing/initialized.py` to create the database (`development.ini` at admin side)
 
 ## Run the tests