cherrypy-foundation 1.0.0a1__py3-none-any.whl → 1.0.0a3__py3-none-any.whl

cherrypy_foundation/plugins/tests/test_smtp.py

@@ -63,12 +63,15 @@ class SmtpPluginTest(helper.CPWebCase):
 
     @skipUnless(hasattr(cherrypy, 'scheduler'), reason='Required scheduler')
     def test_queue_mail(self):
-        # Given a paused scheduler plugin
-        cherrypy.scheduler._scheduler.pause()
-        # When queueing a email
-        cherrypy.engine.publish('queue_mail', to='target@test.com', subject='subjet', message='body')
-        # Then a new job get schedule
-        self.assertEqual(1, len(cherrypy.scheduler.list_tasks()))
+        with mock.patch(smtp.__name__ + '.smtplib') as smtplib:
+            # Given a mail being queued.
+            cherrypy.engine.publish('queue_mail', to='target@test.com', subject='subjet', message='body')
+            # When waiting for all task to be processed
+            cherrypy.scheduler.wait_for_jobs()
+            # Then smtplib is called to send the mail.
+            smtplib.SMTP.assert_called_once_with('__default__', 25)
+            smtplib.SMTP.return_value.send_message.assert_called_once_with(mock.ANY)
+            smtplib.SMTP.return_value.quit.assert_called_once_with()
 
     def test_html2plaintext(self):
         """

cherrypy_foundation/tests/templates/test_form.html

@@ -0,0 +1,10 @@
+<html>
+    <head>
+        <title>test-form</title>
+    </head>
+    <body>
+        <form method="post" action="/">
+            <Fields form={{ form }} />
+        </form>
+    </body>
+</html>

cherrypy_foundation/tests/test_form.py

@@ -0,0 +1,119 @@
+# CherryPy Foundation
+# Copyright (C) 2025 IKUS Software
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+import importlib
+from unittest import skipUnless
+
+import cherrypy
+from cherrypy.test import helper
+from wtforms.fields import BooleanField, PasswordField, StringField, SubmitField
+from wtforms.validators import InputRequired, Length
+
+import cherrypy_foundation.tools.jinja2  # noqa
+from cherrypy_foundation.form import CherryForm
+from cherrypy_foundation.tools.i18n import gettext_lazy as _
+
+HAS_JINJAX = importlib.util.find_spec("jinjax") is not None
+
+env = cherrypy.tools.jinja2.create_env(
+    package_name=__package__,
+    globals={
+        'const1': 'STATIC VALUE',
+    },
+)
+
+
+class LoginForm(CherryForm):
+    login = StringField(
+        _('User'),
+        validators=[
+            InputRequired(),
+            Length(max=256, message=_('User too long.')),
+        ],
+        render_kw={
+            "placeholder": _('User'),
+            "autocorrect": "off",
+            "autocapitalize": "none",
+            "autocomplete": "off",
+            "autofocus": "autofocus",
+        },
+    )
+    password = PasswordField(
+        _('Password'),
+        validators=[
+            InputRequired(),
+            Length(max=256, message=_('Password too long.')),
+        ],
+        render_kw={"placeholder": _("Password")},
+    )
+    persistent = BooleanField(
+        _('Remember me'),
+        # All `label-*` are assigned to the label tag.
+        render_kw={'container_class': 'col-sm-6', 'label-attr': 'FOO'},
+    )
+    submit = SubmitField(
+        _('Login'),
+        # All `container-*` are assigned to the container tag.
+        render_kw={"class": "btn-primary float-end", 'container_class': 'col-sm-6', 'container-attr': 'BAR'},
+    )
+
+
+@cherrypy.tools.jinja2(env=env)
+class Root:
+
+    @cherrypy.expose
+    @cherrypy.tools.jinja2(template='test_form.html')
+    def index(self):
+        form = LoginForm()
+        return {'form': form}
+
+
+@skipUnless(HAS_JINJAX, reason='Required jinjax')
+class FormTest(helper.CPWebCase):
+    default_lang = None
+    interactive = False
+
+    @classmethod
+    def setup_server(cls):
+        cherrypy.tree.mount(Root(), '/')
+
+    def test_get_form(self):
+        # Given a form
+        # When querying the page that include this form
+        self.getPage("/")
+        self.assertStatus(200)
+        # Then each field is render properly.
+        # 1. Check title
+        self.assertInBody('test-form')
+        # 2. Check user field
+        self.assertInBody('<label class="form-label" for="login">User</label>')
+        self.assertInBody(
+            '<input autocapitalize="none" autocomplete="off" autocorrect="off" autofocus="autofocus" class="form-control" id="login" maxlength="256" name="login" placeholder="User" required type="text" value="">'
+        )
+        # 3. Check password
+        self.assertInBody('<label class="form-label" for="password">Password</label>')
+        self.assertInBody(
+            '<input class="form-control" id="password" maxlength="256" name="password" placeholder="Password" required type="password" value="">'
+        )
+        # 4 Check remember me
+        self.assertInBody(
+            '<input class="form-check-input" container-class="col-sm-6" id="persistent" label-attr="FOO" name="persistent" type="checkbox" value="y">'
+        )
+        self.assertInBody('<label attr="FOO" class="form-check-label" for="persistent">Remember me</label>')
+        # 5. check submit button
+        self.assertInBody('<div  attr="BAR" class="mb-2 form-field col-sm-6">')
+        self.assertInBody(
+            '<input class="btn-primary float-end btn" container-attr="BAR" container-class="col-sm-6" id="submit" name="submit" type="submit" value="Login">'
+        )

cherrypy_foundation/tools/auth.py

@@ -29,9 +29,6 @@ AUTH_DEFAULT_SESSION_KEY = "_auth_session_key"
 AUTH_DEFAULT_REAUTH_TIMEOUT = 60  # minutes
 
 
-logger = logging.getLogger(__name__)
-
-
 class AuthManager(cherrypy.Tool):
     """
     CherryPy tool handling authentication.
@@ -102,7 +99,12 @@ class AuthManager(cherrypy.Tool):
             try:
                 currentuser = user_from_key_func(user_key)
             except Exception:
-                logger.exception('error while resolving user from key')
+                cherrypy.log(
+                    f'unexpected error searching for user_key={user_key}',
+                    context='AUTH',
+                    severity=logging.ERROR,
+                    traceback=True,
+                )
                 currentuser = None
 
             if currentuser:
@@ -122,7 +124,7 @@ class AuthManager(cherrypy.Tool):
         Validate credentials with configured checkers; on success, call login_with_result.
         """
         if not login or not password:
-            logger.warning('empty login or password provided')
+            cherrypy.log('authentication failed reason=empty_credentials', context='AUTH', severity=logging.WARNING)
             return None
         # Validate credentials using checkpassword function(s).
         conf = self._merged_args()
@@ -143,15 +145,23 @@ class AuthManager(cherrypy.Tool):
                     login, user_info = login, None
                 # If authentication is successful, initiate login process.
                 return self.login_with_result(login=login, user_info=user_info)
-            except Exception as e:
-                logger.exception(
-                    'unexpected error during authentication for [%s] with [%s]: %s', login, func.__qualname__, e
+            except Exception:
+                cherrypy.log(
+                    f'unexpected error checking password login={login} checkpassword={func.__qualname__} - continue with next function',
+                    context='AUTH',
+                    severity=logging.ERROR,
+                    traceback=True,
                 )
         # If we reach here, authentication failed
         if hasattr(cherrypy.serving, 'session'):
             cherrypy.serving.session.regenerate()  # Prevent session analysis
 
-        logger.warning('Failed login attempt for user=%s from ip=%s', login, cherrypy.serving.request.remote.ip)
+        remote_ip = cherrypy.serving.request.remote.ip
+        cherrypy.log(
+            f'authentication failed login={login} ip={remote_ip} reason=wrong_credentials',
+            context='AUTH',
+            severity=logging.WARNING,
+        )
 
         return None
 
@@ -166,11 +176,18 @@ class AuthManager(cherrypy.Tool):
         try:
             user_key, userobj = user_lookup_func(login=login, user_info=user_info or {})
         except Exception:
-            logger.exception('failed to lookup user object for login=%s', login)
+            cherrypy.log(
+                f"unexpected error searching user login={login} user_info={user_info}",
+                context='AUTH',
+                severity=logging.ERROR,
+                traceback=True,
+            )
             return None
 
         if not userobj:
-            logger.warning('failed to lookup user object for login=%s', login)
+            cherrypy.log(
+                f"authentication failed login={login} reason=not_found", context='AUTH', severity=logging.WARNING
+            )
             return None
 
         # Notify plugins about user login

cherrypy_foundation/tools/auth_mfa.py

@@ -23,14 +23,12 @@ import cherrypy
 
 from ..passwd import check_password, hash_password
 
-logger = logging.getLogger(__name__)
-
 MFA_CODE = '_auth_mfa_code'
 MFA_CODE_TIME = '_auth_mfa_code_time'
 MFA_CODE_ATTEMPT = '_auth_mfa_code_attempt'
 MFA_REDIRECT_URL = '_auth_mfa_redirect_url'
 MFA_TRUSTED_IP_LIST = '_auth_mfa_trusted_ip_list'
-MFA_USERNAME = '_auth_mfa_username'
+MFA_USER_KEY = '_auth_mfa_user_key'
 MFA_VERIFICATION_TIME = '_auth_mfa_time'
 
 MFA_DEFAULT_CODE_TIMEOUT = 10  # minutes
@@ -86,7 +84,7 @@ class CheckAuthMfa(cherrypy.Tool):
         length = self._code_length()
         code = ''.join(secrets.choice(string.digits) for _ in range(length))
         session = cherrypy.serving.session
-        session[MFA_USERNAME] = cherrypy.request.login
+        session[MFA_USER_KEY] = cherrypy.request.login
         session[MFA_CODE] = hash_password(code)
         session[MFA_CODE_TIME] = session.now()
         session[MFA_CODE_ATTEMPT] = 0
@@ -99,7 +97,7 @@ class CheckAuthMfa(cherrypy.Tool):
 
         # Check if our username match current login user.
         session = cherrypy.serving.session
-        if session.get(MFA_USERNAME) != cherrypy.request.login:
+        if session.get(MFA_USER_KEY) != cherrypy.request.login:
             return False
 
         # Check if the current IP is trusted
@@ -128,7 +126,7 @@ class CheckAuthMfa(cherrypy.Tool):
             return True
 
         session = cherrypy.serving.session
-        if session.get(MFA_USERNAME) != cherrypy.request.login:
+        if session.get(MFA_USER_KEY) != cherrypy.request.login:
             return True
 
         # Check if code is defined.
@@ -208,11 +206,10 @@ class CheckAuthMfa(cherrypy.Tool):
         if is_expired or not code_valid:
             if not is_expired:  # Only increment if not expired
                 session[MFA_CODE_ATTEMPT] = attempts = int(session.get(MFA_CODE_ATTEMPT, 0)) + 1
-            logger.warning(
-                'MFA code verification failed for user=%s from ip=%s, attempt=%d',
-                cherrypy.request.login,
-                cherrypy.request.remote.ip,
-                attempts,
+            cherrypy.log(
+                f'verification failed user={cherrypy.request.login} ip={cherrypy.request.remote.ip} attempts={attempts}',
+                context='MFA',
+                severity=logging.WARNING,
             )
             return False
 
@@ -239,8 +236,8 @@ class CheckAuthMfa(cherrypy.Tool):
 
         # Rotate session id to prevent fixation
         session.regenerate()
-        logger.info(
-            'Successful MFA verification for user=%s from ip=%s', cherrypy.request.login, cherrypy.request.remote.ip
+        cherrypy.log(
+            f'verification successful user={cherrypy.request.login} ip={cherrypy.request.remote.ip}', context='MFA'
         )
         return True
 

cherrypy_foundation/tools/errors.py

@@ -1,4 +1,4 @@
-# udb, A web interface to manage IT network
+# Cherrypy Foundation
 # Copyright (C) 2025 IKUS Software inc.
 #
 # This program is free software: you can redistribute it and/or modify

cherrypy_foundation/tools/i18n.py

@@ -105,6 +105,15 @@ from babel.support import LazyProxy, NullTranslations, Translations
 _current = threading.local()
 
 
+def _get_config(key, default=None):
+    """
+    Lookup configuration from request, if available. Fallback to global config.
+    """
+    if getattr(cherrypy, 'request') and getattr(cherrypy.request, 'config') and key in cherrypy.request.config:
+        return cherrypy.request.config[key]
+    return cherrypy.config.get(key, default)
+
+
 @contextmanager
 def preferred_lang(lang):
     """
@@ -199,7 +208,7 @@ def get_timezone():
         return tzinfo
     # Otherwise search for a valid timezone.
     tzinfo = None
-    default_timezone = cherrypy.config.get('tools.i18n.default_timezone')
+    default_timezone = _get_config('tools.i18n.default_timezone')
     preferred_timezone = getattr(_current, 'preferred_timezone', [default_timezone])
     for timezone in preferred_timezone:
         try:
@@ -226,10 +235,10 @@ def get_translation():
     # Otherwise, we need to search the translation.
     # `preferred_lang` should always has a sane value within a cherrypy request because of hooks
     # But we also need to support calls outside cherrypy.
-    default = cherrypy.config.get('tools.i18n.default')
+    default = _get_config('tools.i18n.default')
     preferred_lang = getattr(_current, 'preferred_lang', [default])
-    mo_dir = cherrypy.config.get('tools.i18n.mo_dir')
-    domain = cherrypy.config.get('tools.i18n.domain')
+    mo_dir = _get_config('tools.i18n.mo_dir')
+    domain = _get_config('tools.i18n.domain')
     trans = _search_translation(mo_dir, domain, *preferred_lang)
     if trans is None:
         trans = NullTranslations()
@@ -242,8 +251,8 @@ def list_available_locales():
     """
     Return a list of available translations.
     """
-    mo_dir = cherrypy.config.get('tools.i18n.mo_dir', False)
-    domain = cherrypy.config.get('tools.i18n.domain')
+    mo_dir = _get_config('tools.i18n.mo_dir', False)
+    domain = _get_config('tools.i18n.domain')
     if not mo_dir:
         return
     for lang in os.listdir(mo_dir):

cherrypy_foundation/tools/jinja2.py

@@ -15,6 +15,7 @@
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 
 import importlib
+import logging
 import time
 
 import cherrypy
@@ -51,15 +52,15 @@ class Jinja2Tool(cherrypy.Tool):
 
         def wrap(*args, **kwargs):
             # Call original handler
-            vars = self.oldhandler(*args, **kwargs)
+            context = self.oldhandler(*args, **kwargs)
             # Render template.
-            return self.render_request(env=env, template=template, vars=vars, extra_processor=extra_processor)
+            return self.render_request(env=env, template=template, context=context, extra_processor=extra_processor)
 
         request = cherrypy.serving.request
         if request.handler is not None:
             # Replace request.handler with self
             if debug:
-                cherrypy.log('Replacing request.handler', 'TOOLS.JINJA2')
+                cherrypy.log('replacing request handler', context='TOOLS.JINJA2', severity=logging.DEBUG)
             self.oldhandler = request.handler
             request.handler = wrap
 
@@ -79,12 +80,14 @@ class Jinja2Tool(cherrypy.Tool):
 
         # Enable translation if available
         if hasattr(cherrypy.tools, 'i18n'):
-            from .i18n import format_datetime, get_language_name, ugettext, ungettext
+            from .i18n import format_date, format_datetime, get_language_name, get_translation, ugettext, ungettext
 
             env.add_extension('jinja2.ext.i18n')
             env.install_gettext_callables(ugettext, ungettext, newstyle=True)
+            env.filters['format_date'] = format_date
             env.filters['format_datetime'] = format_datetime
             env.globals['get_language_name'] = get_language_name
+            env.globals['get_translation'] = get_translation
 
         # Update globals, filters and tests
         env.globals.update(globals)
@@ -104,7 +107,7 @@ class Jinja2Tool(cherrypy.Tool):
 
         return env
 
-    def render_request(self, template, vars={}, env=_UNDEFINED, extra_processor=_UNDEFINED):
+    def render_request(self, template, context={}, env=_UNDEFINED, extra_processor=_UNDEFINED):
         """
         Render template for a given cherrypy request.
         """
@@ -114,24 +117,24 @@ class Jinja2Tool(cherrypy.Tool):
         if extra_processor is _UNDEFINED:
             extra_processor = request.config.get('tools.jinja2.extra_processor')
         # Execute extra processor if defined.
-        all_vars = {}
+        new_context = {}
         if extra_processor:
-            all_vars.update(extra_processor())
-        all_vars.update(vars)
+            new_context.update(extra_processor())
+        new_context.update(context)
         # Render templates
-        return self.render(env=env, template=template, vars=all_vars)
+        return self.render(env=env, template=template, context=new_context)
 
-    def render(self, env, template, vars={}):
+    def render(self, env, template, context={}):
         """
         Lower level function used to render a template using the given jinja2 environment, template(s) and variable context.
         """
         # Get the right templates
         if isinstance(template, (list, tuple)):
-            names = [t.format(**vars) for t in template]
+            names = [t.format(**context) for t in template]
             tmpl = env.select_template(names)
         else:
             tmpl = env.get_template(template)
-        out = tmpl.render(vars)
+        out = tmpl.render(context)
 
         # With JinjaX > 0.60 render explicitly here.
         if 'catalog' in env.globals and getattr(env.globals['catalog'], '_emit_assets_later', False):

cherrypy_foundation/tools/ratelimit.py

@@ -146,6 +146,8 @@ class FileRateLimit(_DataStore):
 
 
 class Ratelimit(cherrypy.Tool):
+    CONTEXT = 'TOOLS.RATELIMIT'
+
     def __init__(self, priority=60):
         super().__init__('before_handler', self.check_ratelimit, 'ratelimit', priority)
 
@@ -182,10 +184,7 @@ class Ratelimit(cherrypy.Tool):
         request = cherrypy.request
         if methods is not None and request.method not in methods:
             if debug:
-                cherrypy.log(
-                    'skip rate limit for HTTP method %s' % (request.method,),
-                    'TOOLS.RATELIMIT',
-                )
+                cherrypy.log(f'skip rate limit for HTTP method {request.method}', context=self.CONTEXT)
             return
 
         # If datastore is not pass as configuration, create it for the first time.
@@ -213,10 +212,7 @@ class Ratelimit(cherrypy.Tool):
         # Get hits count using datastore.
         hits, timeout = datastore.get_and_increment(token, delay, hit)
         if debug:
-            cherrypy.log(
-                'check and increase rate limit for scope %s, limit %s, hits %s' % (token, limit, hits),
-                'TOOLS.RATELIMIT',
-            )
+            cherrypy.log(f'check and increase limit token={token} limit={limit} hits={hits}', context=self.CONTEXT)
 
         # Verify user has not exceeded rate limit
         remaining = max(0, limit - hits)
@@ -227,7 +223,7 @@ class Ratelimit(cherrypy.Tool):
         cherrypy.response.headers['X-RateLimit-Reset'] = str(timeout)
 
         if limit < hits:  # block only after 'limit' successful requests
-            cherrypy.log('ratelimit access to `%s`' % request.path_info, 'TOOLS.RATELIMIT')
+            cherrypy.log(f'block access to path_info={request.path_info}', context=self.CONTEXT)
             if logout:
                 if hasattr(cherrypy.serving, 'session'):
                     cherrypy.serving.session.clear()

cherrypy_foundation/tools/secure_headers.py

@@ -15,13 +15,9 @@
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 
 import http.cookies
-import logging
 
 import cherrypy
 
-# Define the logger
-logger = logging.getLogger(__name__)
-
 DEFAULT_CSP = {
     'default-src': 'self',
     'style-src': ('self', 'unsafe-inline'),

cherrypy_foundation/tools/tests/components/Button.jinja

@@ -0,0 +1,2 @@
+{# def label, link #}
+<a {{ attrs.render(class='btn btn-primary', href=link) }}>{{ label }}</a>

cherrypy_foundation/tools/tests/templates/test_jinja2.html

@@ -0,0 +1,10 @@
+<html>
+    <head>
+        <title>test-jinja2</title>
+    </head>
+    <body>
+        var1: {{ var1 }}<br/>
+        var2: {{ var2 }}<br/>
+        const1: {{ const1 }}<br/>
+    </body>
+</html>

cherrypy_foundation/tools/tests/templates/test_jinja2_i18n.html

@@ -0,0 +1,11 @@
+<html lang="{{ get_translation().locale }}">
+    <head>
+        <title>test-jinja2</title>
+    </head>
+    <body>
+        {{ get_language_name(get_translation().locale) }}<br/>
+        {% trans %}Some text to translate{% endtrans %}<br/>
+        {{ my_datetime | format_datetime(format='full') }}<br/>
+        {{ my_date | format_date(format='full') }}
+    </body>
+</html>

cherrypy_foundation/tools/tests/templates/test_jinjax.html

@@ -0,0 +1,8 @@
+<html>
+    <head>
+        <title>test-jinja2</title>
+    </head>
+    <body>
+        <Button link="http://example.com" label="foo" />
+    </body>
+</html>

cherrypy_foundation/tools/tests/test_auth.py

@@ -83,7 +83,7 @@ class AuthManagerTest(helper.CPWebCase):
     def test_auth_login(self):
         # Given unauthenticated user
         # When posting valid login
-        self.getPage('/login/', method='POST', body=urlencode([('username', 'myuser'), ('password', 'changeme')]))
+        self.getPage('/login/', method='POST', body=urlencode({'username': 'myuser', 'password': 'changeme'}))
         # Then user is redirect to index.
         self.assertStatus(303)
         self.assertHeaderItemValue('Location', f'http://{self.HOST}:{self.PORT}/')