django-cookie-consent 0.4.0__tar.gz → 0.5.0b0__tar.gz

{django-cookie-consent-0.4.0/django_cookie_consent.egg-info → django-cookie-consent-0.5.0b0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: django-cookie-consent
-Version: 0.4.0
+Version: 0.5.0b0
 Summary: Django cookie consent application
 Home-page: https://github.com/jazzband/django-cookie-consent
 Author: Informatika Mihelac
@@ -11,7 +11,7 @@ Project-URL: Changelog, https://github.com/jazzband/django-cookie-consent/blob/m
 Project-URL: Bug Tracker, https://github.com/jazzband/django-cookie-consent/issues
 Project-URL: Source Code, https://github.com/jazzband/django-cookie-consent
 Keywords: cookies,cookie-consent,cookie bar
-Classifier: Development Status :: 3 - Alpha
+Classifier: Development Status :: 4 - Beta
 Classifier: Framework :: Django
 Classifier: Framework :: Django :: 3.2
 Classifier: Framework :: Django :: 4.1
@@ -28,13 +28,28 @@ Classifier: Programming Language :: Python :: 3.10
 Classifier: Programming Language :: Python :: 3.11
 Classifier: Topic :: Software Development :: Libraries :: Python Modules
 Description-Content-Type: text/markdown
+License-File: LICENSE
+License-File: AUTHORS
+Requires-Dist: django>=3.2
+Requires-Dist: django-appconf
 Provides-Extra: tests
+Requires-Dist: pytest; extra == "tests"
+Requires-Dist: pytest-django; extra == "tests"
+Requires-Dist: pytest-playwright; extra == "tests"
+Requires-Dist: tox; extra == "tests"
+Requires-Dist: isort; extra == "tests"
+Requires-Dist: black; extra == "tests"
+Requires-Dist: flake8; extra == "tests"
 Provides-Extra: pep8
+Requires-Dist: flake8; extra == "pep8"
 Provides-Extra: coverage
+Requires-Dist: pytest-cov; extra == "coverage"
 Provides-Extra: docs
+Requires-Dist: sphinx; extra == "docs"
+Requires-Dist: sphinx-rtd-theme; extra == "docs"
 Provides-Extra: release
-License-File: LICENSE
-License-File: AUTHORS
+Requires-Dist: tbump; extra == "release"
+Requires-Dist: twine; extra == "release"
 
 Django cookie consent
 =====================

django-cookie-consent-0.5.0b0/cookie_consent/__init__.py

@@ -0,0 +1 @@
+__version__ = "0.5.0b0"

{django-cookie-consent-0.4.0 → django-cookie-consent-0.5.0b0}/cookie_consent/cache.py

@@ -31,7 +31,10 @@ def all_cookie_groups():
 
         qs = CookieGroup.objects.filter(is_required=False)
         qs = qs.prefetch_related("cookie_set")
-        items = dict([(g.varname, g) for g in qs])
+        # items = qs.in_bulk(field_name="varname")
+        # FIXME -> doesn't work because varname is not a unique fieldl, we need to
+        # make this unique
+        items = {group.varname: group for group in qs}
         cache.set(CACHE_KEY, items, CACHE_TIMEOUT)
     return items
 

{django-cookie-consent-0.4.0 → django-cookie-consent-0.5.0b0}/cookie_consent/compat.py

@@ -9,3 +9,5 @@ except ImportError:
     from django.contrib.auth.views import (
         SuccessURLAllowedHostsMixin as RedirectURLMixin,
     )
+
+__all__ = ["url_has_allowed_host_and_scheme", "RedirectURLMixin"]

{django-cookie-consent-0.4.0 → django-cookie-consent-0.5.0b0}/cookie_consent/models.py

@@ -1,5 +1,6 @@
 # -*- coding: utf-8 -*-
 import re
+from typing import TypedDict
 
 from django.core.validators import RegexValidator
 from django.db import models
@@ -18,6 +19,16 @@ validate_cookie_name = RegexValidator(
 )
 
 
+class CookieGroupDict(TypedDict):
+    varname: str
+    name: str
+    description: str
+    is_required: bool
+    # TODO: should we output this? page cache busting would be
+    # required if we do this. Alternatively, set up a JSONView to output these?
+    # version: str
+
+
 class CookieGroup(models.Model):
     varname = models.CharField(
         _("Variable name"), max_length=32, validators=[validate_cookie_name]
@@ -45,7 +56,7 @@ class CookieGroup(models.Model):
     def __str__(self):
         return self.name
 
-    def get_version(self):
+    def get_version(self) -> str:
         try:
             return str(self.cookie_set.all()[0].get_version())
         except IndexError:
@@ -59,6 +70,15 @@ class CookieGroup(models.Model):
         super(CookieGroup, self).save(*args, **kwargs)
         delete_cache()
 
+    def for_json(self) -> CookieGroupDict:
+        return {
+            "varname": self.varname,
+            "name": self.name,
+            "description": self.description,
+            "is_required": self.is_required,
+            # "version": self.get_version(),
+        }
+
 
 class Cookie(models.Model):
     cookiegroup = models.ForeignKey(

{django-cookie-consent-0.4.0 → django-cookie-consent-0.5.0b0}/cookie_consent/static/cookie_consent/cookiebar.js

@@ -10,7 +10,7 @@ function evalXCookieConsent(script) {
   script.remove();
 }
 
-function showCookieBar (options) {
+function lecacyShowCookieBar (options) {
   const defaults = {
     content: '',
     cookie_groups: [],
@@ -64,3 +64,4 @@ function showCookieBar (options) {
   });
 }
 
+window.legacyShowCookieBar = window.showCookieBar = lecacyShowCookieBar;

django-cookie-consent-0.5.0b0/cookie_consent/static/cookie_consent/cookiebar.module.js

@@ -0,0 +1,203 @@
+/**
+ * Cookiebar functionality, as a Javascript module.
+ *
+ * About modules: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Modules
+ *
+ * The code is organized here in a way to make the templates work with Django's page
+ * cache. This means that anything user-specific (so different django session and even
+ * cookie consent cookies) cannot be baked into the templates, as that breaks caches.
+ *
+ * The cookie bar operates on the following principles:
+ *
+ * - The developer using the library includes the desired template in their django
+ *   templates, using the HTML <template> element. This contains the content for the
+ *   cookie bar.
+ * - The developer is responsible for loading some Javascript that loads this script.
+ * - The main export of this script needs to be called (showCookieBar), with the
+ *   appropriate options.
+ * - The options include the backend URLs where the retrieve data, which selectors/DOM
+ *   nodes to use for various functionality and the hooks to tap into the accept/decline
+ *   life-cycle.
+ * - When a user accepts or declines (all) cookies, the call to the backend is made via
+ *   a fetch request, bypassing any page caches and preventing full-page reloads.
+ */
+const DEFAULTS = {
+  statusUrl: undefined,
+  // TODO: also accept element rather than selector?
+  templateSelector: '#cookie-consent__cookie-bar',
+  cookieGroupsSelector: '#cookie-consent__cookie-groups',
+  acceptSelector: '.cookie-consent__accept',
+  declineSelector: '.cookie-consent__decline',
+  /**
+   * Either a string (selector), DOMNode or null.
+   *
+   * If null, the bar is appended to the body. If provided, the node is used or looked
+   * up.
+   */
+  insertBefore: null,
+  onShow: null, // callback when the cookie bar is being shown -> add class to body...
+  onAccept: null, // callback when cookies are accepted
+  onDecline: null, // callback when cookies are declined
+  csrfHeaderName: 'X-CSRFToken', // Django's default, can be overridden with settings.CSRF_HEADER_NAME
+};
+
+const DEFAULT_HEADERS = {'X-Cookie-Consent-Fetch': '1'};
+
+let CONFIGURATION = DEFAULTS;
+/**
+ * Cookie accept status, including the accept/decline URLs, csrftoken... See
+ * backend view CookieStatusView.
+ */
+let COOKIE_STATUS = null;
+
+export const loadCookieGroups = (selector) => {
+  const node = document.querySelector(selector);
+  if (!node) {
+    throw new Error(`No cookie groups (script) tag found, using selector: '${selector}'`);
+  }
+  return JSON.parse(node.innerText);
+};
+
+const doInsertBefore = (beforeNode, newNode) => {
+  const parent = beforeNode.parentNode;
+  parent.insertBefore(newNode, beforeNode);
+}
+
+/**
+ * Register the accept/decline event handlers.
+ *
+ * Note that we can't just set the decline or accept cookie purely client-side, as the
+ * cookie possibly has the httpOnly flag set.
+ *
+ * @param  {HTMLEelement} cookieBarNode The DOM node containing the cookiebar markup.
+ * @param  {Array}        cookieGroups  The array of all configured cookie groups.
+ * @return {Void}
+ */
+const registerEvents = (cookieBarNode, cookieGroups) => {
+  const {acceptSelector, onAccept, declineSelector, onDecline} = CONFIGURATION;
+  const {
+    acceptedCookieGroups: accepted,
+    declinedCookieGroups: declined,
+    notAcceptedOrDeclinedCookieGroups: undecided,
+} = COOKIE_STATUS;
+
+  cookieBarNode
+    .querySelector(acceptSelector)
+    .addEventListener('click', event => {
+      event.preventDefault();
+      const acceptedGroups = filterCookieGroups(cookieGroups, accepted.concat(undecided));
+      onAccept?.(acceptedGroups, event);
+      acceptCookiesBackend();
+      cookieBarNode.parentNode.removeChild(cookieBarNode);
+    });
+
+  cookieBarNode
+    .querySelector(declineSelector)
+    .addEventListener('click', event => {
+      event.preventDefault();
+      const declinedGroups = filterCookieGroups(cookieGroups, declined.concat(undecided));
+      onDecline?.(declinedGroups, event);
+      declineCookiesBackend();
+      cookieBarNode.parentNode.removeChild(cookieBarNode);
+    });
+};
+
+const loadCookieStatus = async () => {
+  const {statusUrl} = CONFIGURATION;
+  if (!statusUrl) console.error('Missing status URL option, did you forget to pass the statusUrl option?');
+  const response = await window.fetch(
+    CONFIGURATION.statusUrl,
+    {
+      method: 'GET',
+      credentials: 'same-origin',
+      headers: DEFAULT_HEADERS
+    }
+  );
+  // assign to module level variable, once the page is loaded these details should
+  // not change.
+  COOKIE_STATUS = await response.json();
+};
+
+const saveCookiesStatusBackend = async (urlProperty) => {
+  const status = COOKIE_STATUS || {};
+  const url = status[urlProperty];
+  if (!url) {
+    console.error(`Missing url for ${urlProperty} - was the cookie status not loaded properly?`);
+    return;
+  }
+  await window.fetch(url, {
+    method: 'POST',
+    credentials: 'same-origin',
+    headers: {
+      ...DEFAULT_HEADERS,
+      [CONFIGURATION.csrfHeaderName]: status.csrftoken
+    }
+  });
+}
+
+/**
+ * Make the call to the backend to accept the cookies.
+ */
+const acceptCookiesBackend = async () => await saveCookiesStatusBackend('acceptUrl');
+/**
+ * Make the call to the backend to decline the cookies.
+ */
+const declineCookiesBackend = async () => await saveCookiesStatusBackend('declineUrl');
+
+/**
+ * Filter the cookie groups down to a subset of specified varnames.
+ */
+const filterCookieGroups = (cookieGroups, varNames) => {
+  return cookieGroups.filter(group => varNames.includes(group.varname));
+};
+
+export const showCookieBar = async (options={}) => {
+  // merge defaults and provided options
+  CONFIGURATION = {...DEFAULTS, ...options};
+  const {
+    cookieGroupsSelector,
+    templateSelector,
+    insertBefore,
+    onShow,
+    onAccept,
+    onDecline,
+  } = CONFIGURATION;
+  const cookieGroups = loadCookieGroups(cookieGroupsSelector);
+
+  // no cookie groups -> abort
+  if (!cookieGroups.length) return;
+
+  const templateNode = document.querySelector(templateSelector);
+
+  // insert before a given node, if specified, or append to the body as default behaviour
+  const doInsert = insertBefore === null
+    ? (cookieBarNode) => document.querySelector('body').appendChild(cookieBarNode)
+    : typeof insertBefore === 'string'
+      ? (cookieBarNode) => doInsertBefore(document.querySelector(insertBefore), cookieBarNode)
+      : (cookieBarNode) => doInsertBefore(insertBefore, cookieBarNode)
+  ;
+  await loadCookieStatus();
+
+  // calculate the cookie groups to invoke the callbacks. We deliberately fire those
+  // without awaiting so that our cookie bar is shown/hidden as soon as possible.
+  const {
+    acceptedCookieGroups: accepted,
+    declinedCookieGroups: declined,
+    notAcceptedOrDeclinedCookieGroups
+  } = COOKIE_STATUS;
+
+  const acceptedGroups = filterCookieGroups(cookieGroups, accepted);
+  if (acceptedGroups.length) onAccept?.(acceptedGroups);
+  const declinedGroups = filterCookieGroups(cookieGroups, declined);
+  if (declinedGroups.length) onDecline?.(declinedGroups);
+
+  // there are no (more) cookie groups to accept, don't show the bar
+  if (!notAcceptedOrDeclinedCookieGroups.length) return;
+
+  // grab the contents from the template node and add them to the DOM, optionally
+  // calling the onShow callback
+  const cookieBarNode = templateNode.content.firstElementChild.cloneNode(true);
+  registerEvents(cookieBarNode, cookieGroups);
+  onShow?.();
+  doInsert(cookieBarNode);
+};

{django-cookie-consent-0.4.0 → django-cookie-consent-0.5.0b0}/cookie_consent/templatetags/cookie_consent_tags.py

@@ -1,13 +1,12 @@
-# -*- coding: utf-8 -*-
-from django import template
+import warnings
 
-try:
-    from django.urls import reverse
-except ImportError:
-    from django.core.urlresolvers import reverse
+from django import template
+from django.urls import reverse
+from django.utils.html import json_script
 
-from cookie_consent.conf import settings
-from cookie_consent.util import (
+from ..cache import all_cookie_groups as get_all_cookie_groups
+from ..conf import settings
+from ..util import (
     are_all_cookies_accepted,
     get_accepted_cookies,
     get_cookie_dict_from_request,
@@ -90,10 +89,15 @@ def cookie_consent_decline_url(cookie_groups):
 
 
 @register.simple_tag
-def get_accept_cookie_groups_cookie_string(request, cookie_groups):
+def get_accept_cookie_groups_cookie_string(request, cookie_groups):  # pragma: no cover
     """
     Tag returns accept cookie string suitable to use in javascript.
     """
+    warnings.warn(
+        "Cookie string template tags for JS are deprecated and will be removed "
+        "in django-cookie-consent 1.0",
+        DeprecationWarning,
+    )
     cookie_dic = get_cookie_dict_from_request(request)
     for cookie_group in cookie_groups:
         cookie_dic[cookie_group.varname] = cookie_group.get_version()
@@ -105,6 +109,11 @@ def get_decline_cookie_groups_cookie_string(request, cookie_groups):
     """
     Tag returns decline cookie string suitable to use in javascript.
     """
+    warnings.warn(
+        "Cookie string template tags for JS are deprecated and will be removed "
+        "in django-cookie-consent 1.0",
+        DeprecationWarning,
+    )
     cookie_dic = get_cookie_dict_from_request(request)
     for cookie_group in cookie_groups:
         cookie_dic[cookie_group.varname] = settings.COOKIE_CONSENT_DECLINE
@@ -124,6 +133,13 @@ def js_type_for_cookie_consent(request, varname, cookie=None):
         alert("Social cookie accepted");
       </script>
     """
+    # This approach doesn't work with page caches and/or strict Content-Security-Policies
+    # (unless you use nonces, which again doesn't work with aggressive page caching).
+    warnings.warn(
+        "Template tags for use in/with JS are deprecated and will be removed "
+        "in django-cookie-consent 1.0",
+        DeprecationWarning,
+    )
     enabled = is_cookie_consent_enabled(request)
     if not enabled:
         res = True
@@ -147,3 +163,17 @@ def accepted_cookies(request):
 
     """
     return [c.varname for c in get_accepted_cookies(request)]
+
+
+@register.simple_tag
+def all_cookie_groups(element_id: str):
+    """
+    Serialize all cookie groups to JSON and output them in a script tag.
+
+    :param element_id: The ID for the script tag so you can look it up in JS later.
+
+    This uses Django's core json_script filter under the hood.
+    """
+    groups = get_all_cookie_groups()
+    value = [group.for_json() for group in groups.values()]
+    return json_script(value, element_id)

{django-cookie-consent-0.4.0 → django-cookie-consent-0.5.0b0}/cookie_consent/urls.py

@@ -1,31 +1,37 @@
 # -*- coding: utf-8 -*-
-from django.urls import re_path
+from django.urls import path, re_path
 from django.views.decorators.csrf import csrf_exempt
 
-from .views import CookieGroupAcceptView, CookieGroupDeclineView, CookieGroupListView
+from .views import (
+    CookieGroupAcceptView,
+    CookieGroupDeclineView,
+    CookieGroupListView,
+    CookieStatusView,
+)
 
 urlpatterns = [
-    re_path(
-        r"^accept/$",
+    path(
+        "accept/",
         csrf_exempt(CookieGroupAcceptView.as_view()),
         name="cookie_consent_accept_all",
     ),
+    # TODO: use form or query string params for this instead?
     re_path(
         r"^accept/(?P<varname>.*)/$",
         csrf_exempt(CookieGroupAcceptView.as_view()),
         name="cookie_consent_accept",
     ),
+    # TODO: use form or query string params for this instead?
     re_path(
         r"^decline/(?P<varname>.*)/$",
         csrf_exempt(CookieGroupDeclineView.as_view()),
         name="cookie_consent_decline",
     ),
-    re_path(
-        r"^decline/$",
+    path(
+        "decline/",
         csrf_exempt(CookieGroupDeclineView.as_view()),
         name="cookie_consent_decline_all",
     ),
-    re_path(
-        r"^$", CookieGroupListView.as_view(), name="cookie_consent_cookie_group_list"
-    ),
+    path("status/", CookieStatusView.as_view(), name="cookie_consent_status"),
+    path("", CookieGroupListView.as_view(), name="cookie_consent_cookie_group_list"),
 ]

{django-cookie-consent-0.4.0 → django-cookie-consent-0.5.0b0}/cookie_consent/util.py

@@ -1,11 +1,10 @@
 # -*- coding: utf-8 -*-
 import datetime
+from typing import Union
 
-from django.utils.encoding import smart_str
-
-from cookie_consent.cache import all_cookie_groups, get_cookie, get_cookie_group
-from cookie_consent.conf import settings
-from cookie_consent.models import ACTION_ACCEPTED, ACTION_DECLINED, LogItem
+from .cache import all_cookie_groups, get_cookie, get_cookie_group
+from .conf import settings
+from .models import ACTION_ACCEPTED, ACTION_DECLINED, LogItem
 
 
 def parse_cookie_str(cookie):
@@ -100,7 +99,7 @@ def accept_cookies(request, response, varname=None):
 def delete_cookies(response, cookie_group):
     if cookie_group.is_deletable:
         for cookie in cookie_group.cookie_set.all():
-            response.delete_cookie(smart_str(cookie.name), cookie.path, cookie.domain)
+            response.delete_cookie(cookie.name, cookie.path, cookie.domain)
 
 
 def decline_cookies(request, response, varname=None):
@@ -132,17 +131,35 @@ def are_all_cookies_accepted(request):
     )
 
 
-def get_not_accepted_or_declined_cookie_groups(request):
-    """
-    Returns all cookie groups that are neither accepted or declined.
-    """
+def _get_cookie_groups_by_state(request, state: Union[bool, None]):
     return [
         cookie_group
         for cookie_group in get_cookie_groups()
-        if get_cookie_value_from_request(request, cookie_group.varname) is None
+        if get_cookie_value_from_request(request, cookie_group.varname) is state
     ]
 
 
+def get_not_accepted_or_declined_cookie_groups(request):
+    """
+    Returns all cookie groups that are neither accepted or declined.
+    """
+    return _get_cookie_groups_by_state(request, state=None)
+
+
+def get_accepted_cookie_groups(request):
+    """
+    Returns all cookie groups that are accepted.
+    """
+    return _get_cookie_groups_by_state(request, state=True)
+
+
+def get_declined_cookie_groups(request):
+    """
+    Returns all cookie groups that are declined.
+    """
+    return _get_cookie_groups_by_state(request, state=False)
+
+
 def is_cookie_consent_enabled(request):
     """
     Returns if django-cookie-consent is enabled for given request.

django-cookie-consent-0.5.0b0/cookie_consent/views.py

@@ -0,0 +1,116 @@
+# -*- coding: utf-8 -*-
+from django.core.exceptions import SuspiciousOperation
+from django.http import HttpRequest, HttpResponse, HttpResponseRedirect, JsonResponse
+from django.middleware.csrf import get_token as get_csrf_token
+from django.urls import reverse
+from django.views.generic import ListView, View
+
+from .compat import RedirectURLMixin, url_has_allowed_host_and_scheme
+from .models import CookieGroup
+from .util import (
+    accept_cookies,
+    decline_cookies,
+    get_accepted_cookie_groups,
+    get_declined_cookie_groups,
+    get_not_accepted_or_declined_cookie_groups,
+)
+
+
+def is_ajax_like(request: HttpRequest) -> bool:
+    # legacy ajax, removed in Django 4.0 (used to be request.is_ajax())
+    ajax_header = request.headers.get("X-Requested-With")
+    if ajax_header == "XMLHttpRequest":
+        return True
+
+    # module-js uses fetch and a custom header
+    return bool(request.headers.get("X-Cookie-Consent-Fetch"))
+
+
+class CookieGroupListView(ListView):
+    """
+    Display all cookies.
+    """
+
+    model = CookieGroup
+
+
+class CookieGroupBaseProcessView(RedirectURLMixin, View):
+    def get_success_url(self):
+        """
+        If user adds a 'next' as URL parameter or hidden input,
+        redirect to the value of 'next'. Otherwise, redirect to
+        cookie consent group list
+        """
+        redirect_to = self.request.POST.get("next", self.request.GET.get("next"))
+        if redirect_to and not url_has_allowed_host_and_scheme(
+            url=redirect_to,
+            allowed_hosts=self.get_success_url_allowed_hosts(),
+            require_https=self.request.is_secure(),
+        ):
+            raise SuspiciousOperation("Unsafe open redirect suspected.")
+        return redirect_to or reverse("cookie_consent_cookie_group_list")
+
+    def process(self, request, response, varname):  # pragma: no cover
+        raise NotImplementedError()
+
+    def post(self, request, *args, **kwargs):
+        varname = kwargs.get("varname", None)
+        if is_ajax_like(request):
+            response = HttpResponse()
+        else:
+            response = HttpResponseRedirect(self.get_success_url())
+        self.process(request, response, varname)
+        return response
+
+
+class CookieGroupAcceptView(CookieGroupBaseProcessView):
+    """
+    View to accept CookieGroup.
+    """
+
+    def process(self, request, response, varname):
+        accept_cookies(request, response, varname)
+
+
+class CookieGroupDeclineView(CookieGroupBaseProcessView):
+    """
+    View to decline CookieGroup.
+    """
+
+    def process(self, request, response, varname):
+        decline_cookies(request, response, varname)
+
+    def delete(self, request, *args, **kwargs):
+        return self.post(request, *args, **kwargs)
+
+
+class CookieStatusView(View):
+    """
+    Check the current accept/decline status for cookies.
+
+    The returned accept and decline URLs are specific to this user and include the
+    cookie groups that weren't accepted or declined yet.
+
+    Note that this endpoint also returns a CSRF Token to be used by the frontend,
+    as baking a CSRFToken into a cached page will not reliably work.
+    """
+
+    def get(self, request: HttpRequest) -> JsonResponse:
+        accepted = get_accepted_cookie_groups(request)
+        declined = get_declined_cookie_groups(request)
+        not_accepted_or_declined = get_not_accepted_or_declined_cookie_groups(request)
+        # TODO: change this csv URL param into proper POST params
+        varnames = ",".join([group.varname for group in not_accepted_or_declined])
+        data = {
+            "csrftoken": get_csrf_token(request),
+            "acceptUrl": reverse("cookie_consent_accept", kwargs={"varname": varnames}),
+            "declineUrl": reverse(
+                "cookie_consent_decline", kwargs={"varname": varnames}
+            ),
+            "acceptedCookieGroups": [group.varname for group in accepted],
+            "declinedCookieGroups": [group.varname for group in declined],
+            "notAcceptedOrDeclinedCookieGroups": [
+                group.varname for group in not_accepted_or_declined
+            ],
+        }
+        return JsonResponse(data)

{django-cookie-consent-0.4.0 → django-cookie-consent-0.5.0b0/django_cookie_consent.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: django-cookie-consent
-Version: 0.4.0
+Version: 0.5.0b0
 Summary: Django cookie consent application
 Home-page: https://github.com/jazzband/django-cookie-consent
 Author: Informatika Mihelac
@@ -11,7 +11,7 @@ Project-URL: Changelog, https://github.com/jazzband/django-cookie-consent/blob/m
 Project-URL: Bug Tracker, https://github.com/jazzband/django-cookie-consent/issues
 Project-URL: Source Code, https://github.com/jazzband/django-cookie-consent
 Keywords: cookies,cookie-consent,cookie bar
-Classifier: Development Status :: 3 - Alpha
+Classifier: Development Status :: 4 - Beta
 Classifier: Framework :: Django
 Classifier: Framework :: Django :: 3.2
 Classifier: Framework :: Django :: 4.1
@@ -28,13 +28,28 @@ Classifier: Programming Language :: Python :: 3.10
 Classifier: Programming Language :: Python :: 3.11
 Classifier: Topic :: Software Development :: Libraries :: Python Modules
 Description-Content-Type: text/markdown
+License-File: LICENSE
+License-File: AUTHORS
+Requires-Dist: django>=3.2
+Requires-Dist: django-appconf
 Provides-Extra: tests
+Requires-Dist: pytest; extra == "tests"
+Requires-Dist: pytest-django; extra == "tests"
+Requires-Dist: pytest-playwright; extra == "tests"
+Requires-Dist: tox; extra == "tests"
+Requires-Dist: isort; extra == "tests"
+Requires-Dist: black; extra == "tests"
+Requires-Dist: flake8; extra == "tests"
 Provides-Extra: pep8
+Requires-Dist: flake8; extra == "pep8"
 Provides-Extra: coverage
+Requires-Dist: pytest-cov; extra == "coverage"
 Provides-Extra: docs
+Requires-Dist: sphinx; extra == "docs"
+Requires-Dist: sphinx-rtd-theme; extra == "docs"
 Provides-Extra: release
-License-File: LICENSE
-License-File: AUTHORS
+Requires-Dist: tbump; extra == "release"
+Requires-Dist: twine; extra == "release"
 
 Django cookie consent
 =====================

{django-cookie-consent-0.4.0 → django-cookie-consent-0.5.0b0}/django_cookie_consent.egg-info/SOURCES.txt

@@ -20,6 +20,7 @@ cookie_consent/migrations/0001_initial.py
 cookie_consent/migrations/0002_auto__add_logitem.py
 cookie_consent/migrations/__init__.py
 cookie_consent/static/cookie_consent/cookiebar.js
+cookie_consent/static/cookie_consent/cookiebar.module.js
 cookie_consent/templates/cookie_consent/_cookie_group.html
 cookie_consent/templates/cookie_consent/base.html
 cookie_consent/templates/cookie_consent/cookiegroup_list.html
@@ -32,6 +33,8 @@ django_cookie_consent.egg-info/not-zip-safe
 django_cookie_consent.egg-info/requires.txt
 django_cookie_consent.egg-info/top_level.txt
 tests/test_cache.py
+tests/test_javascript_cookiebar.py
+tests/test_legacy_javascript_cookiebar.py
 tests/test_middleware.py
 tests/test_models.py
 tests/test_settings.py

{django-cookie-consent-0.4.0 → django-cookie-consent-0.5.0b0}/django_cookie_consent.egg-info/requires.txt

@@ -18,6 +18,7 @@ twine
 [tests]
 pytest
 pytest-django
+pytest-playwright
 tox
 isort
 black

{django-cookie-consent-0.4.0 → django-cookie-consent-0.5.0b0}/setup.cfg

@@ -1,6 +1,6 @@
 [metadata]
 name = django-cookie-consent
-version = 0.4.0
+version = 0.5.0b0
 description = Django cookie consent application
 long_description = file: README.md
 long_description_content_type = text/markdown
@@ -15,7 +15,7 @@ author = Informatika Mihelac
 author_email = bmihelac@mihelac.org
 keywords = cookies, cookie-consent, cookie bar
 classifiers = 
-	Development Status :: 3 - Alpha
+	Development Status :: 4 - Beta
 	Framework :: Django
 	Framework :: Django :: 3.2
 	Framework :: Django :: 4.1
@@ -42,6 +42,7 @@ install_requires =
 tests_require = 
 	pytest
 	pytest-django
+	pytest-playwright
 	tox
 	isort
 	black
@@ -56,6 +57,7 @@ include =
 tests = 
 	pytest
 	pytest-django
+	pytest-playwright
 	tox
 	isort
 	black
@@ -89,6 +91,8 @@ sections = FUTURE,STDLIB,DJANGO,THIRDPARTY,FIRSTPARTY,LOCALFOLDER
 [tool:pytest]
 testpaths = tests
 DJANGO_SETTINGS_MODULE = testapp.settings
+markers = 
+	e2e: mark tests as end-to-end tests, using playwright (deselect with '-m "not e2e"')
 
 [pep8]
 
@@ -96,6 +100,15 @@ DJANGO_SETTINGS_MODULE = testapp.settings
 max-line-length = 88
 exclude = env,.tox,docs
 
+[coverage:run]
+branch = True
+source = cookie_consent
+omit = 
+	*/migrations/*
+
+[coverage:report]
+skip_covered = True
+
 [egg_info]
 tag_build = 
 tag_date = 0

{django-cookie-consent-0.4.0 → django-cookie-consent-0.5.0b0}/tests/test_cache.py

@@ -1,12 +1,15 @@
 # -*- coding: utf-8 -*-
 from django.test import TestCase, override_settings
 
-from cookie_consent.cache import get_cookie, get_cookie_group
+from cookie_consent.cache import delete_cache, get_cookie, get_cookie_group
 from cookie_consent.models import Cookie, CookieGroup
 
 
 class CacheTest(TestCase):
     def setUp(self):
+        super().setUp()
+        self.addCleanup(delete_cache)
+
         self.cookie_group = CookieGroup.objects.create(
             varname="optional",
             name="Optional",

django-cookie-consent-0.5.0b0/tests/test_javascript_cookiebar.py

@@ -0,0 +1,76 @@
+"""
+Test the behaviour of the dynamic (JS based) cookiebar module.
+
+See docs: https://playwright.dev/python/docs/test-runners for CLI options.
+"""
+from django.urls import reverse
+
+import pytest
+from playwright.sync_api import Page, expect
+
+pytestmark = [pytest.mark.django_db, pytest.mark.e2e]
+
+
+COOKIE_BAR_CONTENT = """
+This site uses Social, Optional cookies for better performance and user experience.
+Do you agree to use these cookies?
+"""
+
+
+@pytest.fixture(scope="function", autouse=True)
+def before_each_after_each(live_server, page: Page, load_testapp_fixture):
+    test_page_url = f"{live_server.url}{reverse('test_page')}"
+    page.goto(test_page_url)
+    yield
+
+
+def test_cookiebar_shows_initially(page: Page):
+    cookiebar = page.get_by_text(COOKIE_BAR_CONTENT)
+    expect(cookiebar).to_be_visible()
+
+
+def test_cookiebar_accept_all(page: Page):
+    accept_button = page.get_by_role("button", name="Accept")
+    expect(accept_button).to_be_visible()
+
+    accept_button.click()
+
+    expect(page.get_by_text(COOKIE_BAR_CONTENT)).not_to_be_visible()
+    share_button = page.get_by_role("button", name="SHARE")
+    expect(share_button).to_be_visible()
+
+
+def test_cookiebar_decline_all(page: Page):
+    decline_button = page.get_by_role("button", name="Decline")
+    expect(decline_button).to_be_visible()
+
+    decline_button.click()
+
+    expect(page.get_by_text(COOKIE_BAR_CONTENT)).not_to_be_visible()
+    share_button = page.get_by_role("button", name="SHARE")
+    expect(share_button).not_to_be_visible()
+
+
+@pytest.mark.parametrize("btn_text", ["Accept", "Decline"])
+def test_cookiebar_not_shown_anymore_after_accept_or_decline(btn_text: str, page: Page):
+    expect(page.get_by_text(COOKIE_BAR_CONTENT)).to_be_visible()
+
+    button = page.get_by_role("button", name=btn_text)
+    expect(button).to_be_visible()
+
+    button.click()
+    expect(page.get_by_text(COOKIE_BAR_CONTENT)).not_to_be_visible()
+
+    page.reload()
+    expect(page.get_by_text(COOKIE_BAR_CONTENT)).not_to_be_visible()
+
+
+def test_on_accept_handler_runs_on_load(page: Page, live_server):
+    accept_button = page.get_by_role("button", name="Accept")
+    accept_button.click()
+
+    test_page_url = f"{live_server.url}{reverse('test_page')}"
+    page.goto(test_page_url)
+
+    share_button = page.get_by_role("button", name="SHARE")
+    expect(share_button).to_be_visible()

django-cookie-consent-0.5.0b0/tests/test_legacy_javascript_cookiebar.py

@@ -0,0 +1,77 @@
+"""
+These tests mostly exist to assert code coverage while giving library users time
+to transition to the new implementation.
+
+TODO: remove in django-cookie-consent 1.0
+"""
+from django.urls import reverse
+
+import pytest
+from playwright.sync_api import Page, expect
+
+pytestmark = [pytest.mark.django_db, pytest.mark.e2e]
+
+
+COOKIE_BAR_CONTENT = """
+This site uses Social, Optional cookies for better performance and user experience.
+Do you agree to use cookies?
+"""
+
+
+@pytest.fixture(scope="function", autouse=True)
+def before_each_after_each(live_server, page: Page, load_testapp_fixture):
+    test_page_url = f"{live_server.url}{reverse('legacy_test_page')}"
+    page.goto(test_page_url)
+    yield
+
+
+def test_cookiebar_shows_initially(page: Page):
+    cookiebar = page.get_by_text(COOKIE_BAR_CONTENT)
+    expect(cookiebar).to_be_visible()
+
+
+def test_cookiebar_accept_all(page: Page):
+    accept_link = page.get_by_role("link", name="Accept")
+    expect(accept_link).to_be_visible()
+
+    accept_link.click()
+
+    expect(page.get_by_text(COOKIE_BAR_CONTENT)).not_to_be_visible()
+    share_button = page.get_by_role("button", name="SHARE")
+    expect(share_button).to_be_visible()
+
+
+def test_cookiebar_decline_all(page: Page):
+    decline_link = page.get_by_role("link", name="Decline")
+    expect(decline_link).to_be_visible()
+
+    decline_link.click()
+
+    expect(page.get_by_text(COOKIE_BAR_CONTENT)).not_to_be_visible()
+    share_button = page.get_by_role("button", name="SHARE")
+    expect(share_button).not_to_be_visible()
+
+
+@pytest.mark.parametrize("btn_text", ["Accept", "Decline"])
+def test_cookiebar_not_shown_anymore_after_accept_or_decline(btn_text: str, page: Page):
+    expect(page.get_by_text(COOKIE_BAR_CONTENT)).to_be_visible()
+
+    link = page.get_by_role("link", name=btn_text)
+    expect(link).to_be_visible()
+
+    link.click()
+    expect(page.get_by_text(COOKIE_BAR_CONTENT)).not_to_be_visible()
+
+    page.reload()
+    expect(page.get_by_text(COOKIE_BAR_CONTENT)).not_to_be_visible()
+
+
+def test_on_accept_handler_runs_on_load(page: Page, live_server):
+    accept_link = page.get_by_role("link", name="Accept")
+    accept_link.click()
+
+    test_page_url = f"{live_server.url}{reverse('legacy_test_page')}"
+    page.goto(test_page_url)
+
+    share_button = page.get_by_role("button", name="SHARE")
+    expect(share_button).to_be_visible()

{django-cookie-consent-0.4.0 → django-cookie-consent-0.5.0b0}/tests/test_models.py

@@ -2,11 +2,14 @@
 from django.core.exceptions import ValidationError
 from django.test import TestCase
 
+from cookie_consent.cache import delete_cache
 from cookie_consent.models import Cookie, CookieGroup, validate_cookie_name
 
 
 class CookieGroupTest(TestCase):
     def setUp(self):
+        self.addCleanup(delete_cache)
+
         self.cookie_group = CookieGroup.objects.create(
             varname="optional",
             name="Optional",
@@ -24,6 +27,8 @@ class CookieGroupTest(TestCase):
 
 class CookieTest(TestCase):
     def setUp(self):
+        self.addCleanup(delete_cache)
+
         self.cookie_group = CookieGroup.objects.create(
             varname="optional",
             name="Optional",

django-cookie-consent-0.4.0/cookie_consent/__init__.py

@@ -1 +0,0 @@
-__version__ = "0.4.0"

django-cookie-consent-0.4.0/cookie_consent/views.py

@@ -1,67 +0,0 @@
-# -*- coding: utf-8 -*-
-from django.core.exceptions import SuspiciousOperation
-from django.http import HttpResponse, HttpResponseRedirect
-from django.urls import reverse
-from django.views.generic import ListView, View
-
-from .compat import RedirectURLMixin, url_has_allowed_host_and_scheme
-from .models import CookieGroup
-from .util import accept_cookies, decline_cookies
-
-
-class CookieGroupListView(ListView):
-    """
-    Display all cookies.
-    """
-
-    model = CookieGroup
-
-
-class CookieGroupBaseProcessView(RedirectURLMixin, View):
-    def get_success_url(self):
-        """
-        If user adds a 'next' as URL parameter or hidden input,
-        redirect to the value of 'next'. Otherwise, redirect to
-        cookie consent group list
-        """
-        redirect_to = self.request.POST.get("next", self.request.GET.get("next"))
-        if redirect_to and not url_has_allowed_host_and_scheme(
-            url=redirect_to,
-            allowed_hosts=self.get_success_url_allowed_hosts(),
-            require_https=self.request.is_secure(),
-        ):
-            raise SuspiciousOperation("Unsafe open redirect suspected.")
-        return redirect_to or reverse("cookie_consent_cookie_group_list")
-
-    def process(self, request, response, varname):
-        raise NotImplementedError()
-
-    def post(self, request, *args, **kwargs):
-        varname = kwargs.get("varname", None)
-        if request.META.get("HTTP_X_REQUESTED_WITH") == "XMLHttpRequest":
-            response = HttpResponse()
-        else:
-            response = HttpResponseRedirect(self.get_success_url())
-        self.process(request, response, varname)
-        return response
-
-
-class CookieGroupAcceptView(CookieGroupBaseProcessView):
-    """
-    View to accept CookieGroup.
-    """
-
-    def process(self, request, response, varname):
-        accept_cookies(request, response, varname)
-
-
-class CookieGroupDeclineView(CookieGroupBaseProcessView):
-    """
-    View to decline CookieGroup.
-    """
-
-    def process(self, request, response, varname):
-        decline_cookies(request, response, varname)
-
-    def delete(self, request, *args, **kwargs):
-        return self.post(request, *args, **kwargs)