django-cookie-consent 0.9.0__tar.gz → 1.0.0__tar.gz

{django_cookie_consent-0.9.0 → django_cookie_consent-1.0.0}/MANIFEST.in

@@ -1,6 +1,7 @@
 include LICENSE
 include AUTHORS
 include README.md
+include cookie_consent/py.typed
 recursive-include cookie_consent/templates *
 recursive-include cookie_consent/static *
 recursive-include cookie_consent/fixtures *

{django_cookie_consent-0.9.0/django_cookie_consent.egg-info → django_cookie_consent-1.0.0}/PKG-INFO

@@ -1,19 +1,19 @@
 Metadata-Version: 2.4
 Name: django-cookie-consent
-Version: 0.9.0
+Version: 1.0.0
 Summary: Django cookie consent application
 Author-email: Informatika Mihelac <bmihelac@mihelac.org>
 License-Expression: BSD-2-Clause-first-lines
 Project-URL: Documentation, https://django-cookie-consent.readthedocs.io/en/latest/
-Project-URL: Changelog, https://github.com/django-commons/django-cookie-consent/blob/master/docs/changelog.rst
+Project-URL: Changelog, https://github.com/django-commons/django-cookie-consent/blob/main/docs/changelog.rst
 Project-URL: Bug Tracker, https://github.com/django-commons/django-cookie-consent/issues
 Project-URL: Source Code, https://github.com/django-commons/django-cookie-consent
 Keywords: cookies,cookie-consent,cookie bar
-Classifier: Development Status :: 4 - Beta
+Classifier: Development Status :: 5 - Production/Stable
 Classifier: Framework :: Django
 Classifier: Framework :: Django :: 4.2
-Classifier: Framework :: Django :: 5.1
 Classifier: Framework :: Django :: 5.2
+Classifier: Framework :: Django :: 6.0
 Classifier: Intended Audience :: Developers
 Classifier: Operating System :: Unix
 Classifier: Operating System :: MacOS
@@ -23,6 +23,7 @@ Classifier: Programming Language :: Python :: 3.10
 Classifier: Programming Language :: Python :: 3.11
 Classifier: Programming Language :: Python :: 3.12
 Classifier: Programming Language :: Python :: 3.13
+Classifier: Programming Language :: Python :: 3.14
 Classifier: Topic :: Software Development :: Libraries :: Python Modules
 Requires-Python: >=3.10
 Description-Content-Type: text/markdown
@@ -41,7 +42,7 @@ Provides-Extra: docs
 Requires-Dist: sphinx; extra == "docs"
 Requires-Dist: sphinx-rtd-theme; extra == "docs"
 Provides-Extra: release
-Requires-Dist: tbump; extra == "release"
+Requires-Dist: bump-my-version; extra == "release"
 Dynamic: license-file
 
 Django cookie consent
@@ -86,7 +87,7 @@ from the `docs` directory in this repository.
 [ruff]: https://github.com/astral-sh/ruff
 [badge:ruff]: https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/ruff/main/assets/badge/v2.json
 [codecov]: https://codecov.io/gh/django-commons/django-cookie-consent
-[badge:codecov]: https://codecov.io/gh/django-commons/django-cookie-consent/branch/master/graph/badge.svg
+[badge:codecov]: https://codecov.io/gh/django-commons/django-cookie-consent/branch/main/graph/badge.svg
 [docs]: https://django-cookie-consent.readthedocs.io/en/latest/?badge=latest
 [badge:docs]: https://readthedocs.org/projects/django-cookie-consent/badge/?version=latest
 [pypi]: https://pypi.org/project/django-cookie-consent/

{django_cookie_consent-0.9.0 → django_cookie_consent-1.0.0}/README.md

@@ -40,7 +40,7 @@ from the `docs` directory in this repository.
 [ruff]: https://github.com/astral-sh/ruff
 [badge:ruff]: https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/ruff/main/assets/badge/v2.json
 [codecov]: https://codecov.io/gh/django-commons/django-cookie-consent
-[badge:codecov]: https://codecov.io/gh/django-commons/django-cookie-consent/branch/master/graph/badge.svg
+[badge:codecov]: https://codecov.io/gh/django-commons/django-cookie-consent/branch/main/graph/badge.svg
 [docs]: https://django-cookie-consent.readthedocs.io/en/latest/?badge=latest
 [badge:docs]: https://readthedocs.org/projects/django-cookie-consent/badge/?version=latest
 [pypi]: https://pypi.org/project/django-cookie-consent/

django_cookie_consent-1.0.0/cookie_consent/__init__.py

@@ -0,0 +1 @@
+__version__ = "1.0.0"

{django_cookie_consent-0.9.0 → django_cookie_consent-1.0.0}/cookie_consent/admin.py

@@ -1,5 +1,6 @@
 from django.contrib import admin
 from django.db.models import Count
+from django.http.request import HttpRequest
 from django.templatetags.l10n import localize
 from django.templatetags.static import static
 from django.utils.html import format_html
@@ -9,6 +10,7 @@ from .conf import settings
 from .models import Cookie, CookieGroup, LogItem
 
 
+@admin.register(Cookie)
 class CookieAdmin(admin.ModelAdmin):
     list_display = ("varname", "name", "cookiegroup", "path", "domain", "get_version")
     search_fields = ("name", "domain", "cookiegroup__varname", "cookiegroup__name")
@@ -16,6 +18,7 @@ class CookieAdmin(admin.ModelAdmin):
     list_filter = ("cookiegroup",)
 
 
+@admin.register(CookieGroup)
 class CookieGroupAdmin(admin.ModelAdmin):
     list_display = (
         "varname",
@@ -34,12 +37,12 @@ class CookieGroupAdmin(admin.ModelAdmin):
         "is_deletable",
     )
 
-    def get_queryset(self, request):
+    def get_queryset(self, request: HttpRequest):
         qs = super().get_queryset(request)
         return qs.annotate(num_cookies=Count("cookie"))
 
     @admin.display(ordering="num_cookies", description=_("# cookies"))
-    def num_cookies(self, obj):
+    def num_cookies(self, obj: CookieGroup):
         if (count := obj.num_cookies) > 0:
             return localize(count)
 
@@ -58,7 +61,5 @@ class LogItemAdmin(admin.ModelAdmin):
     date_hierarchy = "created"
 
 
-admin.site.register(Cookie, CookieAdmin)
-admin.site.register(CookieGroup, CookieGroupAdmin)
 if settings.COOKIE_CONSENT_LOG_ENABLED:
     admin.site.register(LogItem, LogItemAdmin)

{django_cookie_consent-0.9.0 → django_cookie_consent-1.0.0}/cookie_consent/cache.py

@@ -1,7 +1,9 @@
+from collections.abc import Mapping
+
 from django.core.cache import caches
 
 from .conf import settings
-from .models import CookieGroup
+from .models import Cookie, CookieGroup
 
 CACHE_KEY = "cookie_consent_cache"
 CACHE_TIMEOUT = 60 * 60  # 60 minutes
@@ -18,17 +20,17 @@ def _get_cache():
     return caches[settings.COOKIE_CONSENT_CACHE_BACKEND]
 
 
-def delete_cache():
+def delete_cache() -> None:
     cache = _get_cache()
     cache.delete(CACHE_KEY)
 
 
-def _get_cookie_groups_from_db():
+def _get_cookie_groups_from_db() -> Mapping[str, CookieGroup]:
     qs = CookieGroup.objects.filter(is_required=False).prefetch_related("cookie_set")
     return qs.in_bulk(field_name="varname")
 
 
-def all_cookie_groups():
+def all_cookie_groups() -> Mapping[str, CookieGroup]:
     """
     Get all cookie groups that are optional.
 
@@ -36,16 +38,20 @@ def all_cookie_groups():
     cache miss.
     """
     cache = _get_cache()
-    return cache.get_or_set(
+    result = cache.get_or_set(
         CACHE_KEY, _get_cookie_groups_from_db, timeout=CACHE_TIMEOUT
     )
+    assert result is not None
+    return result
 
 
-def get_cookie_group(varname):
+def get_cookie_group(varname: str) -> CookieGroup | None:
     return all_cookie_groups().get(varname)
 
 
-def get_cookie(cookie_group, name, domain):
+def get_cookie(cookie_group: CookieGroup, name: str, domain: str) -> Cookie | None:
+    # loop over cookie set relation instead of doing a lookup query, as this should
+    # come from the cache and avoid hitting the database
     for cookie in cookie_group.cookie_set.all():
         if cookie.name == name and cookie.domain == domain:
             return cookie

django_cookie_consent-1.0.0/cookie_consent/conf.py

@@ -0,0 +1,35 @@
+from typing import Literal
+
+from django.conf import settings
+from django.urls import reverse_lazy
+from django.utils.functional import Promise
+
+from appconf import AppConf
+
+__all__ = ["settings"]
+
+
+class CookieConsentConf(AppConf):
+    # django-cookie-consent cookie settings that store the configuration
+    NAME: str = "cookie_consent"
+    # TODO: rename to AGE for parity with django settings
+    MAX_AGE: int = 60 * 60 * 24 * 365 * 1  # 1 year,
+    DOMAIN: str | None = None
+    SECURE: bool = False
+    HTTPONLY: bool = True
+    SAMESITE: Literal["Strict", "Lax", "None", False] = "Lax"
+
+    DECLINE: str = "-1"
+
+    ENABLED: bool = True
+
+    OPT_OUT: bool = False
+
+    CACHE_BACKEND: str = "default"
+
+    LOG_ENABLED: bool = True
+    """
+    DeprecationWarning: in future versions the default may switch to log disabled.
+    """
+
+    SUCCESS_URL: str | Promise = reverse_lazy("cookie_consent_cookie_group_list")

django_cookie_consent-1.0.0/cookie_consent/forms.py

@@ -0,0 +1,50 @@
+from collections.abc import Collection, Iterator
+
+from django import forms
+from django.utils.translation import gettext_lazy as _
+
+from .cache import all_cookie_groups
+from .models import CookieGroup
+
+
+def iter_cookie_group_choices() -> Iterator[tuple[str, str]]:
+    """
+    Use the cached cookie group instances to get a list of choices.
+    """
+    for varname, cookie_group in all_cookie_groups().items():
+        yield varname, cookie_group.name
+
+
+class CookieGroupsChoiceField(forms.TypedMultipleChoiceField):
+    def __init__(self, **kwargs):
+        kwargs["coerce"] = self._coerce_choice
+        kwargs["choices"] = iter_cookie_group_choices
+        super().__init__(**kwargs)
+
+    def _coerce_choice(self, varname: str) -> CookieGroup:
+        all_groups = all_cookie_groups()
+        return all_groups[varname]
+
+
+class ProcessCookiesForm(forms.Form):
+    all_groups = forms.BooleanField(
+        label=_("Apply to all cookie groups"),
+        required=False,
+    )
+    cookie_groups = CookieGroupsChoiceField(
+        label=_("Cookie group varnames"),
+        choices=iter_cookie_group_choices,
+        required=False,
+    )
+
+    def get_cookie_groups(self) -> Collection[CookieGroup]:
+        """
+        Build the collection of specified cookies.
+        """
+        match self.cleaned_data:
+            case {"all_groups": True}:
+                return all_cookie_groups().values()
+            case {"cookie_groups": [*groups]}:
+                return groups
+            case _:
+                return []

{django_cookie_consent-0.9.0 → django_cookie_consent-1.0.0}/cookie_consent/middleware.py

@@ -1,3 +1,7 @@
+from collections.abc import Callable
+
+from django.http import HttpRequest, HttpResponseBase
+
 from .cache import all_cookie_groups
 from .conf import settings
 from .util import get_cookie_dict_from_request, is_cookie_consent_enabled
@@ -28,16 +32,16 @@ class CleanCookiesMiddleware:
     Note that this only applies if COOKIE_CONSENT_OPT_OUT is not set.
     """
 
-    def __init__(self, get_response):
+    def __init__(self, get_response: Callable[[HttpRequest], HttpResponseBase]):
         self.get_response = get_response
 
-    def __call__(self, request):
+    def __call__(self, request: HttpRequest):
         response = self.get_response(request)
         if is_cookie_consent_enabled(request):
             self.process_response(request, response)
         return response
 
-    def process_response(self, request, response):
+    def process_response(self, request: HttpRequest, response: HttpResponseBase):
         cookie_dic = get_cookie_dict_from_request(request)
 
         cookies_to_delete = []

{django_cookie_consent-0.9.0 → django_cookie_consent-1.0.0}/cookie_consent/models.py

@@ -1,5 +1,8 @@
+from __future__ import annotations
+
 import re
-from typing import TypedDict
+from collections.abc import Callable
+from typing import ClassVar, ParamSpec, TypedDict, TypeVar
 
 from django.core.validators import RegexValidator
 from django.db import models
@@ -15,9 +18,12 @@ validate_cookie_name = RegexValidator(
     "invalid",
 )
 
+P = ParamSpec("P")
+T = TypeVar("T")
+
 
-def clear_cache_after(func):
-    def wrapper(*args, **kwargs):
+def clear_cache_after(func: Callable[P, T]) -> Callable[P, T]:
+    def wrapper(*args: P.args, **kwargs: P.kwargs):
         from .cache import delete_cache
 
         return_value = func(*args, **kwargs)
@@ -32,9 +38,8 @@ class CookieGroupDict(TypedDict):
     name: str
     description: str
     is_required: bool
-    # TODO: should we output this? page cache busting would be
-    # required if we do this. Alternatively, set up a JSONView to output these?
-    # version: str
+    # The version is deliberately not included because it requires page/view cache
+    # busting if a new cookie gets added to the group, which we don't control.
 
 
 class BaseQueryset(models.query.QuerySet):
@@ -48,7 +53,7 @@ class BaseQueryset(models.query.QuerySet):
 
 
 class CookieGroupManager(models.Manager.from_queryset(BaseQueryset)):
-    def get_by_natural_key(self, varname):
+    def get_by_natural_key(self, varname: str) -> CookieGroup:
         return self.get(varname=varname)
 
 
@@ -74,7 +79,8 @@ class CookieGroup(models.Model):
     ordering = models.IntegerField(_("Ordering"), default=0)
     created = models.DateTimeField(_("Created"), auto_now_add=True, blank=True)
 
-    objects = CookieGroupManager()
+    objects: ClassVar[CookieGroupManager] = CookieGroupManager()  # pyright: ignore[reportIncompatibleVariableOverride]
+    cookie_set: ClassVar[CookieManager]
 
     class Meta:
         verbose_name = _("Cookie Group")
@@ -92,11 +98,15 @@ class CookieGroup(models.Model):
     def delete(self, *args, **kwargs):
         return super().delete(*args, **kwargs)
 
-    def natural_key(self):
+    def natural_key(self) -> tuple[str]:
         return (self.varname,)
 
     def get_version(self) -> str:
         try:
+            # this relies on the cookie set being ordered by most-recently created
+            # first.
+            # Note that we don't use `.first()` as that's a new query and bypasses
+            # the cache.
             return str(self.cookie_set.all()[0].get_version())
         except IndexError:
             return ""
@@ -112,7 +122,7 @@ class CookieGroup(models.Model):
 
 
 class CookieManager(models.Manager.from_queryset(BaseQueryset)):
-    def get_by_natural_key(self, name, domain, cookiegroup):
+    def get_by_natural_key(self, name: str, domain: str, cookiegroup: str) -> Cookie:
         group = CookieGroup.objects.get_by_natural_key(cookiegroup)
         return self.get(cookiegroup=group, name=name, domain=domain)
 
@@ -153,17 +163,17 @@ class Cookie(models.Model):
     def delete(self, *args, **kwargs):
         return super().delete(*args, **kwargs)
 
-    def natural_key(self):
+    def natural_key(self) -> tuple[str, str, str]:
         return (self.name, self.domain) + self.cookiegroup.natural_key()
 
-    natural_key.dependencies = ["cookie_consent.cookiegroup"]
+    natural_key.dependencies = ["cookie_consent.cookiegroup"]  # pyright: ignore[reportFunctionMemberAccess]
 
     @property
-    def varname(self):
+    def varname(self) -> str:
         group_varname = self.cookiegroup.varname
         return f"{group_varname}={self.name}:{self.domain}"
 
-    def get_version(self):
+    def get_version(self) -> str:
         return self.created.isoformat()
 
 

django_cookie_consent-1.0.0/cookie_consent/processor.py

@@ -0,0 +1,77 @@
+from collections.abc import Collection
+from typing import Literal
+
+from django.http import HttpRequest, HttpResponseBase
+
+from .conf import settings
+from .models import ACTION_ACCEPTED, ACTION_DECLINED, CookieGroup, LogItem
+from .util import get_cookie_dict_from_request, set_cookie_dict_to_response
+
+
+class CookiesProcessor:
+    """
+    Process the accept/decline logic for cookie groups.
+    """
+
+    def __init__(self, request: HttpRequest, response: HttpResponseBase):
+        self.request = request
+        self.response = response
+
+    def process(
+        self,
+        cookie_groups: Collection[CookieGroup],
+        action: Literal["accept", "decline"],
+    ) -> None:
+        """
+        Apply ``action`` to the specified ``cookie_groups``.
+
+        Mutates the response by updating the cookie tracking the cookie group status. If
+        there are no cookie groups provided, nothing happens.
+        """
+        if not cookie_groups:
+            return
+
+        cookie_dic = get_cookie_dict_from_request(self.request)
+
+        match action:
+            case "accept":
+                for cookie_group in cookie_groups:
+                    cookie_dic[cookie_group.varname] = cookie_group.get_version()
+            case "decline":
+                self._delete_cookies(cookie_groups)
+                for cookie_group in cookie_groups:
+                    cookie_dic[cookie_group.varname] = settings.COOKIE_CONSENT_DECLINE
+
+        self._log_action(cookie_groups, action)
+        set_cookie_dict_to_response(self.response, cookie_dic)
+
+    def _log_action(
+        self,
+        cookie_groups: Collection[CookieGroup],
+        action: Literal["accept", "decline"],
+    ) -> None:
+        if not settings.COOKIE_CONSENT_LOG_ENABLED:
+            return
+        # TODO: replace with stdlib logging call/helper instead of creating DB records
+        # directly.
+
+        action_map: dict[Literal["accept", "decline"], int] = {
+            "accept": ACTION_ACCEPTED,
+            "decline": ACTION_DECLINED,
+        }
+        log_items: list[LogItem] = [
+            LogItem(
+                action=action_map[action],
+                cookiegroup=cookie_group,
+                version=cookie_group.get_version(),
+            )
+            for cookie_group in cookie_groups
+        ]
+        LogItem.objects.bulk_create(log_items)
+
+    def _delete_cookies(self, cookie_groups: Collection[CookieGroup]) -> None:
+        for cookie_group in cookie_groups:
+            if not cookie_group.is_deletable:
+                continue
+            for cookie in cookie_group.cookie_set.all():
+                self.response.delete_cookie(cookie.name, cookie.path, cookie.domain)

{django_cookie_consent-0.9.0 → django_cookie_consent-1.0.0}/cookie_consent/static/cookie_consent/cookiebar.module.js

@@ -25,14 +25,19 @@ var FetchClient = class {
     }
     return this.cookieStatus;
   }
-  async saveCookiesStatusBackend(urlProperty) {
+  async saveCookiesStatusBackend(urlProperty, cookieGroups) {
     const cookieStatus = await this.getCookieStatus();
     const url = cookieStatus[urlProperty];
     if (!url) {
       throw new Error(`Missing url for ${urlProperty} - was the cookie status not loaded properly?`);
     }
+    const formData = new FormData();
+    for (const group of cookieGroups) {
+      formData.append("cookie_groups", group.varname);
+    }
     await window.fetch(url, {
       method: "POST",
+      body: formData,
       credentials: "same-origin",
       headers: {
         ...DEFAULT_FETCH_HEADERS,
@@ -71,7 +76,7 @@ var registerEvents = ({
       event.preventDefault();
       const acceptedGroups = filterCookieGroups(cookieGroups, accepted.concat(undecided));
       onAccept == null ? void 0 : onAccept(acceptedGroups, event);
-      client.saveCookiesStatusBackend("acceptUrl");
+      client.saveCookiesStatusBackend("acceptUrl", acceptedGroups);
       cookieBarNode.parentNode.removeChild(cookieBarNode);
     });
   }
@@ -81,7 +86,7 @@ var registerEvents = ({
       event.preventDefault();
       const declinedGroups = filterCookieGroups(cookieGroups, declined.concat(undecided));
       onDecline == null ? void 0 : onDecline(declinedGroups, event);
-      client.saveCookiesStatusBackend("declineUrl");
+      client.saveCookiesStatusBackend("declineUrl", declinedGroups);
       cookieBarNode.parentNode.removeChild(cookieBarNode);
     });
   }

django_cookie_consent-1.0.0/cookie_consent/static/cookie_consent/cookiebar.module.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../js/src/cookiebar.ts"],
+  "sourcesContent": ["/**\n * Cookiebar functionality, as a TS/JS module.\n *\n * About modules: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Modules\n *\n * The code is organized here in a way to make the templates work with Django's page\n * cache. This means that anything user-specific (so different django session and even\n * cookie consent cookies) cannot be baked into the templates, as that breaks caches.\n *\n * The cookie bar operates on the following principles:\n *\n * - The developer using the library includes the desired template in their django\n *   templates, using the HTML <template> element. This contains the content for the\n *   cookie bar.\n * - The developer is responsible for loading some Javascript that loads this script.\n * - The main export of this script needs to be called (showCookieBar), with the\n *   appropriate options.\n * - The options include the backend URLs where the retrieve data, which selectors/DOM\n *   nodes to use for various functionality and the hooks to tap into the accept/decline\n *   life-cycle.\n * - When a user accepts or declines (all) cookies, the call to the backend is made via\n *   a fetch request, bypassing any page caches and preventing full-page reloads.\n */\n\n/**\n * A serialized cookie group.\n *\n * See the backend model method `CookieGroup.as_json()`.\n */\nexport interface CookieGroup {\n  varname: string;\n  name: string;\n  description: string;\n  is_required: boolean;\n}\n\nexport interface Options {\n  statusUrl: string;\n  // TODO: also accept element rather than selector?\n  templateSelector: string;\n  /**\n   * DOM selector to the (script) tag holding the JSON-serialized cookie groups.\n   *\n   * This is typically rendered in a template with a template tag, e.g.\n   *\n   * ```django\n   * {% all_cookie_groups 'cookie-consent__cookie-groups' %}\n   * ```\n   *\n   * resulting in the selector: `'#cookie-consent__cookie-groups'`.\n   */\n  cookieGroupsSelector: string;\n  acceptSelector: string;\n  declineSelector: string;\n  /**\n   * Either a string (selector), DOMNode or null.\n   *\n   * If null, the bar is appended to the body. If provided, the node is used or looked\n   * up.\n   */\n  insertBefore: string | HTMLElement | null;\n  /**\n   * Optional callback for when the cookie bar is being shown.\n   *\n   * You can use this to add a CSS class name to the body, for example.\n   */\n  onShow?: () => void;\n  /**\n   * Optional callback called when cookies are accepted.\n   */\n  onAccept?: (acceptedGroups: CookieGroup[], event?: MouseEvent) => void;\n  /**\n   * Optional callback called when cookies are accepted.\n   */\n  onDecline?: (declinedGroups: CookieGroup[], event?: MouseEvent) => void;\n  /**\n   * Name of the header to use for the CSRF token.\n   *\n   * If needed, this can be read/set via `settings.CSRF_HEADER_NAME` in the backend.\n   */\n  csrfHeaderName: string;\n};\n\nexport interface CookieStatus {\n  csrftoken: string;\n  /**\n   * Backend endpoint to POST to to accept the cookie groups.\n   */\n  acceptUrl: string;\n  /**\n   * Backend endpoint to POST to to decline the cookie groups.\n   */\n  declineUrl: string;\n  /**\n   * Array of accepted cookie group varnames.\n   */\n  acceptedCookieGroups: string[];\n  /**\n   * Array of declined cookie group varnames.\n   */\n  declinedCookieGroups: string[];\n  /**\n   * Array of undecided cookie group varnames.\n   */\n  notAcceptedOrDeclinedCookieGroups: string[];\n}\n\nconst DEFAULT_FETCH_HEADERS: Record<string, string> = {\n  'X-Cookie-Consent-Fetch': '1'\n};\n\n/**\n * A simple wrapper around window.fetch that understands the django-cookie-consent\n * backend endpoints.\n *\n * @private - while exported, use at your own risk. This class is not part of the\n * public API covered by SemVer.\n */\nexport class FetchClient {\n  protected statusUrl: string;\n  protected csrfHeaderName: string;\n  protected cookieStatus: CookieStatus | null;\n\n  constructor(statusUrl: string, csrfHeaderName: string) {\n    this.statusUrl = statusUrl;\n    this.csrfHeaderName = csrfHeaderName;\n    this.cookieStatus = null;\n  }\n\n  async getCookieStatus(): Promise<CookieStatus> {\n    if (this.cookieStatus === null) {\n      const response = await window.fetch(\n        this.statusUrl,\n        {\n          method: 'GET',\n          credentials: 'same-origin',\n          headers: DEFAULT_FETCH_HEADERS,\n        }\n      );\n      this.cookieStatus = await response.json();\n    }\n\n    // type checker sanity check\n    if (this.cookieStatus === null) {\n      throw new Error('Unexpectedly received null cookie status');\n    }\n    return this.cookieStatus;\n  };\n\n  async saveCookiesStatusBackend (\n    urlProperty: 'acceptUrl' | 'declineUrl',\n    cookieGroups: CookieGroup[],\n  ) {\n    const cookieStatus = await this.getCookieStatus();\n    const url = cookieStatus[urlProperty];\n    if (!url) {\n      throw new Error(`Missing url for ${urlProperty} - was the cookie status not loaded properly?`);\n    }\n\n    const formData = new FormData();\n    for (const group of cookieGroups) {\n      formData.append('cookie_groups', group.varname);\n    }\n\n    await window.fetch(url, {\n      method: 'POST',\n      body: formData,\n      credentials: 'same-origin',\n      headers: {\n        ...DEFAULT_FETCH_HEADERS,\n        [this.csrfHeaderName]: cookieStatus.csrftoken\n      }\n    });\n  }\n}\n\n/**\n * Read the JSON script node contents and parse the content as JSON.\n *\n * The result is the list of available/configured cookie groups.\n * Use the status URL to get the accepted/declined status for an individual user.\n */\nexport const loadCookieGroups = (selector: string): CookieGroup[] => {\n  const node = document.querySelector<HTMLScriptElement>(selector);\n  if (!node) {\n    throw new Error(`No cookie groups (script) tag found, using selector: '${selector}'`);\n  }\n  return JSON.parse(node.innerText);\n};\n\nconst doInsertBefore = (beforeNode: HTMLElement, newNode: Node): void => {\n  const parent = beforeNode.parentNode;\n  if (parent === null) throw new Error('Reference node doesn\\'t have a parent.');\n  parent.insertBefore(newNode, beforeNode);\n}\n\ntype RegisterEventsOptions = Pick<\n  Options,\n  'acceptSelector' | 'onAccept' | 'declineSelector' | 'onDecline'\n> & Pick<\n  CookieStatus,\n  'acceptedCookieGroups' | 'declinedCookieGroups' | 'notAcceptedOrDeclinedCookieGroups'\n> & {\n  client: FetchClient,\n  cookieBarNode: Element;\n  cookieGroups: CookieGroup[];\n}\n\n/**\n * Register the accept/decline event handlers.\n *\n * Note that we can't just set the decline or accept cookie purely client-side, as the\n * cookie possibly has the httpOnly flag set.\n */\nconst registerEvents = ({\n  client,\n  cookieBarNode,\n  cookieGroups,\n  acceptSelector,\n  onAccept,\n  declineSelector,\n  onDecline,\n  acceptedCookieGroups: accepted,\n  declinedCookieGroups: declined,\n  notAcceptedOrDeclinedCookieGroups: undecided,\n}: RegisterEventsOptions): void => {\n\n  const acceptNode = cookieBarNode.querySelector<HTMLElement>(acceptSelector);\n  if (acceptNode) {\n    acceptNode.addEventListener('click', event => {\n      event.preventDefault();\n      const acceptedGroups = filterCookieGroups(cookieGroups, accepted.concat(undecided));\n      onAccept?.(acceptedGroups, event);\n      // trigger async action, but don't wait for completion\n      client.saveCookiesStatusBackend('acceptUrl', acceptedGroups);\n      cookieBarNode.parentNode!.removeChild(cookieBarNode);\n    });\n  }\n\n  const declineNode = cookieBarNode.querySelector<HTMLElement>(declineSelector);\n  if (declineNode) {\n    declineNode.addEventListener('click', event => {\n      event.preventDefault();\n      const declinedGroups = filterCookieGroups(cookieGroups, declined.concat(undecided));\n      onDecline?.(declinedGroups, event);\n      // trigger async action, but don't wait for completion\n      client.saveCookiesStatusBackend('declineUrl', declinedGroups);\n      cookieBarNode.parentNode!.removeChild(cookieBarNode);\n    });\n  }\n};\n\n/**\n * Filter the cookie groups down to a subset of specified varnames.\n */\nconst filterCookieGroups = (cookieGroups: CookieGroup[], varNames: string[]) => {\n  return cookieGroups.filter(group => varNames.includes(group.varname));\n};\n\n// See https://github.com/microsoft/TypeScript/issues/283\nfunction cloneNode<T extends Node>(node: T) {\n  return <T>node.cloneNode(true);\n}\n\nexport const showCookieBar = async (options: Partial<Options> = {}): Promise<void> => {\n  const {\n    templateSelector = '#cookie-consent__cookie-bar',\n    cookieGroupsSelector = '#cookie-consent__cookie-groups',\n    acceptSelector = '.cookie-consent__accept',\n    declineSelector = '.cookie-consent__decline',\n    insertBefore = null,\n    onShow,\n    onAccept,\n    onDecline,\n    statusUrl = '',\n    csrfHeaderName = 'X-CSRFToken', // Django's default, can be overridden with settings.CSRF_HEADER_NAME\n  } = options;\n\n  const cookieGroups = loadCookieGroups(cookieGroupsSelector);\n\n  // no cookie groups -> abort, nothing to do\n  if (!cookieGroups.length) return;\n\n  const templateNode = document.querySelector<HTMLTemplateElement>(templateSelector);\n  if (!templateNode) {\n    throw new Error(`No (template) element found for selector '${templateSelector}'.`)\n  }\n\n  // insert before a given node, if specified, or append to the body as default behaviour\n  const doInsert = insertBefore === null\n    ? (cookieBarNode: Node) => document.querySelector('body')!.appendChild(cookieBarNode)\n    : typeof insertBefore === 'string'\n      ? (cookieBarNode: Node) => {\n        const referenceNode = document.querySelector<HTMLElement>(insertBefore);\n        if (referenceNode === null) throw new Error(`No element found for selector '${insertBefore}'.`)\n        doInsertBefore(referenceNode, cookieBarNode);\n      }\n      : (cookieBarNode: Node) => doInsertBefore(insertBefore, cookieBarNode)\n  ;\n\n  if (!statusUrl) throw new Error('Missing status URL option, did you forget to pass the `statusUrl` option?');\n\n  const client = new FetchClient(statusUrl, csrfHeaderName);\n  const cookieStatus = await client.getCookieStatus();\n\n  // calculate the cookie groups to invoke the callbacks. We deliberately fire those\n  // without awaiting so that our cookie bar is shown/hidden as soon as possible.\n  const {\n    acceptedCookieGroups,\n    declinedCookieGroups,\n    notAcceptedOrDeclinedCookieGroups\n  } = cookieStatus;\n\n  const acceptedGroups = filterCookieGroups(cookieGroups, acceptedCookieGroups);\n  if (acceptedGroups.length) onAccept?.(acceptedGroups);\n  const declinedGroups = filterCookieGroups(cookieGroups, declinedCookieGroups);\n  if (declinedGroups.length) onDecline?.(declinedGroups);\n\n  // there are no (more) cookie groups to accept, don't show the bar\n  if (!notAcceptedOrDeclinedCookieGroups.length) return;\n\n  // grab the contents from the template node and add them to the DOM, optionally\n  // calling the onShow callback\n  const childToClone = templateNode.content.firstElementChild;\n  if (childToClone === null) throw new Error('The cookie bar template element may not be empty.');\n  const cookieBarNode = cloneNode(childToClone);\n  registerEvents({\n    client,\n    cookieBarNode,\n    cookieGroups,\n    acceptSelector,\n    onAccept,\n    declineSelector,\n    onDecline,\n    acceptedCookieGroups,\n    declinedCookieGroups,\n    notAcceptedOrDeclinedCookieGroups,\n  });\n  doInsert(cookieBarNode);\n  onShow?.();\n};\n"],
+  "mappings": ";AA2GA,IAAM,wBAAgD;AAAA,EACpD,0BAA0B;AAC5B;AASO,IAAM,cAAN,MAAkB;AAAA,EAKvB,YAAY,WAAmB,gBAAwB;AACrD,SAAK,YAAY;AACjB,SAAK,iBAAiB;AACtB,SAAK,eAAe;AAAA,EACtB;AAAA,EAEA,MAAM,kBAAyC;AAC7C,QAAI,KAAK,iBAAiB,MAAM;AAC9B,YAAM,WAAW,MAAM,OAAO;AAAA,QAC5B,KAAK;AAAA,QACL;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,QACX;AAAA,MACF;AACA,WAAK,eAAe,MAAM,SAAS,KAAK;AAAA,IAC1C;AAGA,QAAI,KAAK,iBAAiB,MAAM;AAC9B,YAAM,IAAI,MAAM,0CAA0C;AAAA,IAC5D;AACA,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,MAAM,yBACJ,aACA,cACA;AACA,UAAM,eAAe,MAAM,KAAK,gBAAgB;AAChD,UAAM,MAAM,aAAa,WAAW;AACpC,QAAI,CAAC,KAAK;AACR,YAAM,IAAI,MAAM,mBAAmB,WAAW,+CAA+C;AAAA,IAC/F;AAEA,UAAM,WAAW,IAAI,SAAS;AAC9B,eAAW,SAAS,cAAc;AAChC,eAAS,OAAO,iBAAiB,MAAM,OAAO;AAAA,IAChD;AAEA,UAAM,OAAO,MAAM,KAAK;AAAA,MACtB,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,aAAa;AAAA,MACb,SAAS;AAAA,QACP,GAAG;AAAA,QACH,CAAC,KAAK,cAAc,GAAG,aAAa;AAAA,MACtC;AAAA,IACF,CAAC;AAAA,EACH;AACF;AAQO,IAAM,mBAAmB,CAAC,aAAoC;AACnE,QAAM,OAAO,SAAS,cAAiC,QAAQ;AAC/D,MAAI,CAAC,MAAM;AACT,UAAM,IAAI,MAAM,yDAAyD,QAAQ,GAAG;AAAA,EACtF;AACA,SAAO,KAAK,MAAM,KAAK,SAAS;AAClC;AAEA,IAAM,iBAAiB,CAAC,YAAyB,YAAwB;AACvE,QAAM,SAAS,WAAW;AAC1B,MAAI,WAAW,KAAM,OAAM,IAAI,MAAM,uCAAwC;AAC7E,SAAO,aAAa,SAAS,UAAU;AACzC;AAoBA,IAAM,iBAAiB,CAAC;AAAA,EACtB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,sBAAsB;AAAA,EACtB,sBAAsB;AAAA,EACtB,mCAAmC;AACrC,MAAmC;AAEjC,QAAM,aAAa,cAAc,cAA2B,cAAc;AAC1E,MAAI,YAAY;AACd,eAAW,iBAAiB,SAAS,WAAS;AAC5C,YAAM,eAAe;AACrB,YAAM,iBAAiB,mBAAmB,cAAc,SAAS,OAAO,SAAS,CAAC;AAClF,2CAAW,gBAAgB;AAE3B,aAAO,yBAAyB,aAAa,cAAc;AAC3D,oBAAc,WAAY,YAAY,aAAa;AAAA,IACrD,CAAC;AAAA,EACH;AAEA,QAAM,cAAc,cAAc,cAA2B,eAAe;AAC5E,MAAI,aAAa;AACf,gBAAY,iBAAiB,SAAS,WAAS;AAC7C,YAAM,eAAe;AACrB,YAAM,iBAAiB,mBAAmB,cAAc,SAAS,OAAO,SAAS,CAAC;AAClF,6CAAY,gBAAgB;AAE5B,aAAO,yBAAyB,cAAc,cAAc;AAC5D,oBAAc,WAAY,YAAY,aAAa;AAAA,IACrD,CAAC;AAAA,EACH;AACF;AAKA,IAAM,qBAAqB,CAAC,cAA6B,aAAuB;AAC9E,SAAO,aAAa,OAAO,WAAS,SAAS,SAAS,MAAM,OAAO,CAAC;AACtE;AAGA,SAAS,UAA0B,MAAS;AAC1C,SAAU,KAAK,UAAU,IAAI;AAC/B;AAEO,IAAM,gBAAgB,OAAO,UAA4B,CAAC,MAAqB;AACpF,QAAM;AAAA,IACJ,mBAAmB;AAAA,IACnB,uBAAuB;AAAA,IACvB,iBAAiB;AAAA,IACjB,kBAAkB;AAAA,IAClB,eAAe;AAAA,IACf;AAAA,IACA;AAAA,IACA;AAAA,IACA,YAAY;AAAA,IACZ,iBAAiB;AAAA;AAAA,EACnB,IAAI;AAEJ,QAAM,eAAe,iBAAiB,oBAAoB;AAG1D,MAAI,CAAC,aAAa,OAAQ;AAE1B,QAAM,eAAe,SAAS,cAAmC,gBAAgB;AACjF,MAAI,CAAC,cAAc;AACjB,UAAM,IAAI,MAAM,6CAA6C,gBAAgB,IAAI;AAAA,EACnF;AAGA,QAAM,WAAW,iBAAiB,OAC9B,CAACA,mBAAwB,SAAS,cAAc,MAAM,EAAG,YAAYA,cAAa,IAClF,OAAO,iBAAiB,WACtB,CAACA,mBAAwB;AACzB,UAAM,gBAAgB,SAAS,cAA2B,YAAY;AACtE,QAAI,kBAAkB,KAAM,OAAM,IAAI,MAAM,kCAAkC,YAAY,IAAI;AAC9F,mBAAe,eAAeA,cAAa;AAAA,EAC7C,IACE,CAACA,mBAAwB,eAAe,cAAcA,cAAa;AAGzE,MAAI,CAAC,UAAW,OAAM,IAAI,MAAM,2EAA2E;AAE3G,QAAM,SAAS,IAAI,YAAY,WAAW,cAAc;AACxD,QAAM,eAAe,MAAM,OAAO,gBAAgB;AAIlD,QAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA;AAAA,EACF,IAAI;AAEJ,QAAM,iBAAiB,mBAAmB,cAAc,oBAAoB;AAC5E,MAAI,eAAe,OAAQ,sCAAW;AACtC,QAAM,iBAAiB,mBAAmB,cAAc,oBAAoB;AAC5E,MAAI,eAAe,OAAQ,wCAAY;AAGvC,MAAI,CAAC,kCAAkC,OAAQ;AAI/C,QAAM,eAAe,aAAa,QAAQ;AAC1C,MAAI,iBAAiB,KAAM,OAAM,IAAI,MAAM,mDAAmD;AAC9F,QAAM,gBAAgB,UAAU,YAAY;AAC5C,iBAAe;AAAA,IACb;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACD,WAAS,aAAa;AACtB;AACF;",
+  "names": ["cookieBarNode"]
+}

{django_cookie_consent-0.9.0 → django_cookie_consent-1.0.0}/cookie_consent/templates/cookie_consent/_cookie_group.html

@@ -11,8 +11,9 @@
        {% if request|cookie_group_accepted:cookie_group.varname %}
          <span class="cookie-consent-accepted">{% trans "Accepted" %}</span>
        {% else %}
-         <form class="cookie-consent-accept" action="{% url "cookie_consent_accept" cookie_group.varname %}" method="POST">
+         <form class="cookie-consent-accept" action="{% url "cookie_consent_accept" %}" method="post">
            {% csrf_token %}
+           <input type="hidden" name="cookie_groups" value="{{ cookie_group.varname }}">
            <input type="submit" value="{% trans "Accept" %}">
          </form>
        {% endif %}
@@ -20,8 +21,9 @@
        {% if request|cookie_group_declined:cookie_group.varname %}
          <span class="cookie-consent-declined">{% trans "Declined" %}</span>
        {% else %}
-         <form class="cookie-consent-decline" action="{% url "cookie_consent_decline" cookie_group.varname %}" method="POST">
+         <form class="cookie-consent-decline" action="{% url "cookie_consent_decline" %}" method="post">
            {% csrf_token %}
+           <input type="hidden" name="cookie_groups" value="{{ cookie_group.varname }}">
            <input type="submit" value="{% trans "Decline" %}">
          </form>
        {% endif %}

django_cookie_consent-1.0.0/cookie_consent/templatetags/cookie_consent_tags.py

@@ -0,0 +1,88 @@
+from collections.abc import Collection
+
+from django import template
+from django.http import HttpRequest
+from django.utils.html import json_script
+
+from ..cache import all_cookie_groups as get_all_cookie_groups
+from ..models import CookieGroup
+from ..util import (
+    are_all_cookies_accepted,
+    get_cookie_value_from_request,
+    get_not_accepted_or_declined_cookie_groups,
+    is_cookie_consent_enabled,
+)
+
+register = template.Library()
+
+
+@register.filter
+def cookie_group_accepted(request: HttpRequest, group_or_cookie: str) -> bool:
+    """
+    Return ``True`` if the cookie group/cookie is accepted.
+
+    Examples:
+
+    .. code-block:: django
+
+        {{ request|cookie_group_accepted:"analytics" }}
+        {{ request|cookie_group_accepted:"analytics=*:.google.com" }}
+    """
+    value = get_cookie_value_from_request(request, *group_or_cookie.split("="))
+    return value is True
+
+
+@register.filter
+def cookie_group_declined(request: HttpRequest, group_or_cookie: str) -> bool:
+    """
+    Return ``True`` if the cookie group/cookie is declined.
+
+    Examples:
+
+    .. code-block:: django
+
+        {{ request|cookie_group_declined:"analytics" }}
+        {{ request|cookie_group_declined:"analytics=*:.google.com" }}
+    """
+    value = get_cookie_value_from_request(request, *group_or_cookie.split("="))
+    return value is False
+
+
+@register.filter
+def all_cookies_accepted(request: HttpRequest) -> bool:
+    """
+    Filter returns if all cookies are accepted.
+    """
+    return are_all_cookies_accepted(request)
+
+
+@register.simple_tag
+def not_accepted_or_declined_cookie_groups(
+    request: HttpRequest,
+) -> Collection[CookieGroup]:
+    """
+    Return the cookie groups for which no explicit accept or decline has been given.
+    """
+    return get_not_accepted_or_declined_cookie_groups(request)
+
+
+@register.filter
+def cookie_consent_enabled(request: HttpRequest) -> bool:
+    """
+    Indicate whether the cookie-consent app is enabled or not.
+    """
+    return is_cookie_consent_enabled(request)
+
+
+@register.simple_tag
+def all_cookie_groups(element_id: str):
+    """
+    Serialize all cookie groups to JSON and output them in a script tag.
+
+    :param element_id: The ID for the script tag so you can look it up in JS later.
+
+    This uses Django's core json_script filter under the hood.
+    """
+    groups = get_all_cookie_groups()
+    value = [group.for_json() for group in groups.values()]
+    return json_script(value, element_id)