django-restit 4.2.65__py3-none-any.whl → 4.2.68__py3-none-any.whl

account/models/group.py

@@ -119,12 +119,16 @@ class Group(models.Model, RestModel, MetaDataModel):
                 ("metadata__timezone", "timezone"),
                 ("metadata__eod", "end_of_day"),
                 ("parent__name", "parent"),
-                ("metadata.location.line1", "address_line1"),
-                ("metadata.location.line2", "address_line2"),
-                ("metadata.location.city", "city"),
-                ("metadata.location.state", "state"),
-                ("metadata.location.country", "country"),
-                ("metadata.location.zip", "zipcode")
+                ("location.line1", "address_line1"),
+                ("location.line2", "address_line2"),
+                ("location.city", "city"),
+                ("location.state", "state"),
+                ("location.county", "county"),
+                ("location.country", "country"),
+                ("location.postalcode", "zipcode"),
+                ("location.postalcode_suffix", "zipcode_ext"),
+                ("location.lat", "lat"),
+                ("location.lng", "lng")
             ]
         }
 
@@ -229,6 +233,7 @@ class Group(models.Model, RestModel, MetaDataModel):
             q = q | Q(group__parent=self)
         if great_grand_children:
             q = q | Q(group__parent__parent=self)
+            q = q | Q(group__parent__parent__parent=self)
         if hasattr(Model, "objects"):
             return Model.objects.filter(q)
         return Model.filter(q)
@@ -244,6 +249,7 @@ class Group(models.Model, RestModel, MetaDataModel):
             q = q | Q(parent__parent=self)
         if great_grand_children:
             q = q | Q(parent__parent__parent=self)
+            q = q | Q(group__parent__parent__parent=self)
         return Group.objects.filter(q)
 
     def getAllChildrenIds(self, include_me=False, grand_children=False, great_grand_children=False, depth=0):

account/models/member.py

@@ -284,13 +284,12 @@ class Member(User, RestModel, MetaDataModel):
         # can force login
         if not request:
             request = rh.getActiveRequest()
-        if password:
-            if not self.checkPassword(password):
-                # invalid password
-                self.recordFailedLogin(request)
-                return False
-            else:
-                self.recordSuccessLogin(request)
+        if not self.checkPassword(password):
+            # invalid password
+            self.recordFailedLogin(request)
+            return False
+        else:
+            self.recordSuccessLogin(request)
         if use_jwt:
             self.recordSuccessLogin(request)
             self.locateByIP(request.ip)
@@ -300,6 +299,17 @@ class Member(User, RestModel, MetaDataModel):
         self.locateByIP(request.ip)
         return True
 
+    def loginNoPassword(self, request=None):
+        if not self.is_active or self.is_blocked:
+            return False
+        # can force login
+        if not request:
+            request = rh.getActiveRequest()
+        self.user_ptr.backend = 'django.contrib.auth.backends.ModelBackend'
+        auth_login(request, self.user_ptr)
+        self.locateByIP(request.ip)
+        return True
+
     def canLogin(self, request=None, throw_exception=True):
         if not self.is_active:
             self.log("login_blocked", F"account is not active {self.username}", request, method="login", level=31)
@@ -1213,17 +1223,18 @@ class AuthToken(models.Model, RestModel):
     signature = models.CharField(max_length=128, null=True, default=None, blank=True, db_index=True)
 
     def generateToken(self, commit=True):
-        self.token = str(uuid.uuid1())
+        self.token = None
         self.updateSignature()
         if commit:
             self.save()
 
     def updateSignature(self):
+        if not self.token:
+            self.token = uuid.uuid4().hex
         self.signature = crypto.hashSHA256(self.token)
 
     def on_rest_pre_save(self, request, **kwargs):
         if not self.token:
-            self.token = uuid.uuid4().hex
             self.updateSignature()
         if not self.member_id:
             self.member = request.member

account/passkeys/core.py

@@ -115,7 +115,7 @@ def authComplete(request, fido2_state, rp_id):
         response=credential)
     request.member = upk.member
     request.member.canLogin(request)  # throws exception if cannot login
-    request.member.login(request=request)
+    request.member.loginNoPassword(request=request)
     request.member.log(
         "passkey_login", "passkey login succesful", 
         request, method="login", level=7)

account/rpc/auth.py

@@ -37,6 +37,9 @@ def jwt_login(request):
     member = getMemberByUsername(username)
     if not member:
         return rv.restPermissionDenied(request, error=f"Password and/or Username is incorrect for {username}", error_code=422)
+    auth_code = request.DATA.get(["auth_code", "code", "invite_token"], None)
+    if username and auth_code:
+        return member_login_uname_code(request, username, auth_code)
     password = request.DATA.get('password', None)
     member.canLogin(request)  # throws exception if cannot login
     if member.requires_totp or member.has_totp:
@@ -205,7 +208,6 @@ def member_login_uname_code(request, username, auth_code):
     member.log("code_login", "code login", request, method="login", level=8)
     if request.DATA.get("auth_method") == "basic":
         return rv.restGet(request, dict(id=member.pk, session_key=request.session.session_key))
-
     return on_complete_jwt(request, member)
 
 

{django_restit-4.2.65.dist-info → django_restit-4.2.68.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: django-restit
-Version: 4.2.65
+Version: 4.2.68
 Summary: A Rest Framework for DJANGO
 License: MIT
 Author: Ian Starnes
@@ -12,6 +12,7 @@ Classifier: Programming Language :: Python :: 3.8
 Classifier: Programming Language :: Python :: 3.9
 Classifier: Programming Language :: Python :: 3.10
 Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
 Requires-Dist: boto3 (>=1.26.160,<2.0.0)
 Requires-Dist: django
 Requires-Dist: django-redis-cache (>=3.0.1,<4.0.0)

{django_restit-4.2.65.dist-info → django_restit-4.2.68.dist-info}/RECORD

@@ -26,9 +26,9 @@ account/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuF
 account/models/__init__.py,sha256=cV_lMnT2vL_mjiYtT4hlcIHo52ocFbGSNVkOIHHLXZY,385
 account/models/device.py,sha256=MVWZEYrX_4zJaqmJS_feFplfVXYyqBJ-0_Fm3B1SVg8,5226
 account/models/feeds.py,sha256=vI7fG4ASY1M0Zjke24RdnfDcuWeATl_yR_25jPmT64g,2011
-account/models/group.py,sha256=my4KT71BlS64d-Ozz9n6d57nH429kFpVdJQZZTlMqhs,21723
+account/models/group.py,sha256=fgWWYS69Ll5a1jH7syFQKkEGEU54cO-rn6HTbAvPbRY,21984
 account/models/legacy.py,sha256=zYdtv4LC0ooxPVqWM-uToPwV-lYWQLorSE6p6yn1xDw,2720
-account/models/member.py,sha256=CxxhNnFCQPEw7MGc5147J8eandYqUj6HhhQ_YRyFQX4,50397
+account/models/member.py,sha256=Pp4Np75L8TzVBC1N3g7Vnt5zy4cMBy7W0OG7mZ5Cfqg,50756
 account/models/membership.py,sha256=GJ6bSFLfU1CN9466k0XjSwn1sQIEwFeC8-oUYd2MrSs,9217
 account/models/notify.py,sha256=YnZujSHJHY7B09e6FIyZIEJRWLPYk1Sk1e92tFzB1IA,12078
 account/models/passkeys.py,sha256=TJxITUi4DT4_1tW2K7ZlOcRjJuMVl2NtKz7pKQU8-Tw,1516
@@ -37,10 +37,10 @@ account/models/settings.py,sha256=gOyRWBVd3BQpjfj_hJPtqX3H46ztyRAFxBrPbv11lQg,21
 account/oauth/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 account/oauth/google.py,sha256=q5M6Qhpfp9QslKRVYFZBvtG6kgXV6vYMrR5fp6Xdb9I,2078
 account/passkeys/__init__.py,sha256=FwXYJXwSJXfkLojGBcVpF1dFpgFhzDdd9N_3naYQ0cc,89
-account/passkeys/core.py,sha256=X8y1TCXupZZV-GF10nuPVmdpN0qYuzKe03RnaDlepP4,4116
+account/passkeys/core.py,sha256=xj-vXjSrfWDvc5MYtEmXzwaMkNHl-cXrQKVrN9soRCg,4126
 account/periodic.py,sha256=-u0n-7QTJgDOkasGhBAPwHAwjpqWGA-MZLEFkVTqCGU,874
 account/rpc/__init__.py,sha256=SGF0M_-H0dKh3b1apSX29BotNWAvITYccGQVC0MIjL8,336
-account/rpc/auth.py,sha256=eywdJSjsi_Ds2pM4wnltPJUfjIQqf6r6e99eKS7q3BA,15593
+account/rpc/auth.py,sha256=Vrg8j_bb5jeIahIMlEm86LTKBi-pCKBagpTC4EcN8i0,15770
 account/rpc/device.py,sha256=fbbZFp3cUdhVXvD7gVFOqFWj4hKS3bjZKD_aF5fQxd8,2852
 account/rpc/group.py,sha256=FD9GymgPY68y-gtDLsZxYVdwQJeLGpqcP4hjcDUh-GM,4022
 account/rpc/member.py,sha256=PU-Uz5KUI_BZFy-F-taDqAfnt_AwONYXSzUvfm7eyTw,1264
@@ -368,7 +368,7 @@ pushit/utils.py,sha256=IeTCGa-164nmB1jIsK1lu1O1QzUhS3BKfuXHGjCW-ck,2121
 rest/.gitignore,sha256=TbEvWRMnAiajCTOdhiNrd9eeCAaIjRp9PRjE_VkMM5g,118
 rest/README.md,sha256=V3ETc-cJu8PZIbKr9xSe_pA4JEUpC8Dhw4bQeVCDJPw,5460
 rest/RemoteEvents.py,sha256=nL46U7AuxIrlw2JunphR1tsXyqi-ep_gD9CYGpYbNgE,72
-rest/__init__.py,sha256=kLJs7pPu-4NUImnfU-E_eExXqJUChELhQ1dk5RGu0Gs,121
+rest/__init__.py,sha256=yUGGhaiZHnz8BlV-outvcNP7abr5Samxuo6VesvF84Y,121
 rest/arc4.py,sha256=y644IbF1ec--e4cUJ3KEYsewTCITK0gmlwa5mJruFC0,1967
 rest/cache.py,sha256=1Qg0rkaCJCaVP0-l5hZg2CIblTdeBSlj_0fP6vlKUpU,83
 rest/crypto/__init__.py,sha256=Tl0U11rgj1eBYqd6OXJ2_XSdNLumW_JkBZnaJqI6Ldw,72
@@ -387,7 +387,7 @@ rest/helpers.py,sha256=Af1EXjgf8JYMrP76rkgmB0SsEGES6iF9eam3jipcu48,28213
 rest/joke.py,sha256=0PpKaX2iN7jlS62kgjfmmqkFBYLPURz15aQ8R7OJkJ8,260
 rest/jwtoken.py,sha256=2BjRrnQSzm7ydHgYl6LIjfGW1YPmqjt-gDIo21O0WTk,2388
 rest/log.py,sha256=hd1_4HBOS395sfXJIL6BTw9yekm1SLgBwYx_PdfIhKA,20930
-rest/mail.py,sha256=O9x4ggr5pQjpjJP1zwV6sv5-2_JNTvU877GLih6ceBY,7737
+rest/mail.py,sha256=Rm40hWDYop0tMqxdN-J2NT-dCnP-f4SfCZxSO02ajzs,7965
 rest/mailman.py,sha256=v5O1G5s3HiAKmz-J1z0uT6_q3xsONPpxVl9saEyQQ2I,9174
 rest/management/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 rest/management/commands/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -496,12 +496,12 @@ ws4redis/exceptions.py,sha256=EGLoRTdqJVwz900pwhciqPuSjBBd08hhLgFu6umHrI4,636
 ws4redis/redis.py,sha256=IfT4p3bUtlqso9rryNliH9Ebzlx8-Q2VJcs1kFioeGA,6093
 ws4redis/servers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 ws4redis/servers/base.py,sha256=3nYZF5jSsQxNLbnLtKLFJ82xJs_Mc7N1H2kEOx8wT6o,3747
-ws4redis/servers/django.py,sha256=iNzWtGN4vZ-2ltClayCnPD-OPvB_ZGySnKD2EyXl6l8,4329
+ws4redis/servers/django.py,sha256=EF8sHw4--hes7nbswT8M0R6PobtjEvPOb_M_tDrEoR0,5898
 ws4redis/servers/uwsgi.py,sha256=VyhoCI1DnVFqBiJYHoxqn5Idlf6uJPHvfBKgkjs34mo,1723
 ws4redis/settings.py,sha256=K0yBiLUuY81iDM4Yr-k8hbvjn5VVHu5zQhmMK8Dtz0s,1536
 ws4redis/utf8validator.py,sha256=S0OlfjeGRP75aO6CzZsF4oTjRQAgR17OWE9rgZdMBZA,5122
 ws4redis/websocket.py,sha256=R0TUyPsoVRD7Y_oU7w2I6NL4fPwiz5Vl94-fUkZgLHA,14848
-django_restit-4.2.65.dist-info/LICENSE.md,sha256=VHN4hhEeVOoFjtG-5fVv4jesA4SWi0Z-KgOzzN6a1ps,1068
-django_restit-4.2.65.dist-info/METADATA,sha256=XwmVxTmyV_07GGXG6B0dJ9cuFtCO6VUJeFDEPBXFzcQ,7594
-django_restit-4.2.65.dist-info/WHEEL,sha256=Zb28QaM1gQi8f4VCBhsUklF61CTlNYfs9YAZn-TOGFk,88
-django_restit-4.2.65.dist-info/RECORD,,
+django_restit-4.2.68.dist-info/LICENSE.md,sha256=VHN4hhEeVOoFjtG-5fVv4jesA4SWi0Z-KgOzzN6a1ps,1068
+django_restit-4.2.68.dist-info/METADATA,sha256=E9U9owcQp_3cq2b5YoLRfJDJji83qeVzc70nOCFUvbo,7645
+django_restit-4.2.68.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
+django_restit-4.2.68.dist-info/RECORD,,

{django_restit-4.2.65.dist-info → django_restit-4.2.68.dist-info}/WHEEL

@@ -1,4 +1,4 @@
 Wheel-Version: 1.0
-Generator: poetry-core 1.6.1
+Generator: poetry-core 1.9.0
 Root-Is-Purelib: true
 Tag: py3-none-any

rest/__init__.py

@@ -1,4 +1,4 @@
 from .uberdict import UberDict  # noqa: F401
 from .settings_helper import settings  # noqa: F401
 
-__version__ = "4.2.65"
+__version__ = "4.2.66"

rest/mail.py

@@ -15,6 +15,11 @@ try:
 except Exception:
     inline_css = None
 
+try:
+    from premailer import transform as premailer
+except Exception:
+    premailer = None
+
 from django.template.loader import render_to_string
 from django.template import TemplateDoesNotExist
 
@@ -75,7 +80,9 @@ def renderBody(body, template=None, context=None):
         if template[-4:] not in ["html", ".txt"]:
             template += ".html"
         body = render_to_string(template, context)
-        if inline_css:
+        if premailer:
+            body = premailer(body)
+        elif inline_css:
             body = inline_css(body)
     return body
 
@@ -203,7 +210,9 @@ def render_to_mail(name, context):
 
     try:
         html_content = render_to_string(name + ".html", context)
-        if inline_css:
+        if premailer:
+            html_content = premailer(html_content)
+        elif inline_css:
             html_content = inline_css(html_content)
     except TemplateDoesNotExist:
         html_content = None

ws4redis/servers/django.py

@@ -4,6 +4,7 @@ import base64
 import select
 from hashlib import sha1
 from wsgiref import util
+from django.core.handlers import wsgi as django_wsgi
 from django.core.wsgi import get_wsgi_application
 from django.core.servers.basehttp import WSGIServer, WSGIRequestHandler, ServerHandler
 
@@ -14,12 +15,61 @@ from django.utils.encoding import force_str
 from ws4redis.websocket import WebSocket
 from ws4redis.servers.base import WebsocketServerBase, HandshakeError, UpgradeRequiredError
 
+from io import IOBase
+
+
 from rest.log import getLogger
 logger = getLogger("async", filename="async.log")
 
 util._hoppish = {}.__contains__
 
 
+class LimitedStreamPatched(IOBase):
+    """
+    Wrap another stream to disallow reading it past a number of bytes.
+
+    Based on the implementation from werkzeug.wsgi.LimitedStream
+    See https://github.com/pallets/werkzeug/blob/dbf78f67/src/werkzeug/wsgi.py#L828
+    """
+
+    def __init__(self, stream, limit):
+        self.stream = stream
+        self._read = stream.read
+        self._readline = stream.readline
+        self._pos = 0
+        self.limit = limit
+
+    def read(self, size=-1, /):
+        _pos = self._pos
+        limit = self.limit
+        if _pos >= limit:
+            return b""
+        if size == -1 or size is None:
+            size = limit - _pos
+        else:
+            size = min(size, limit - _pos)
+        data = self._read(size)
+        self._pos += len(data)
+        return data
+
+    def readline(self, size=-1, /):
+        _pos = self._pos
+        limit = self.limit
+        if _pos >= limit:
+            return b""
+        if size == -1 or size is None:
+            size = limit - _pos
+        else:
+            size = min(size, limit - _pos)
+        line = self._readline(size)
+        self._pos += len(line)
+        return line
+
+
+def patchLimitedStream():
+    django_wsgi.LimitedStream = LimitedStreamPatched
+
+
 class WSGIRequestHandlerRunServer(WSGIRequestHandler):
     def handle(self):
         self.raw_requestline = self.rfile.readline(65537)
@@ -81,13 +131,17 @@ class WebsocketRunServer(WebsocketServerBase):
         logger.debug('WebSocket request accepted, switching protocols')
         start_response(force_str('101 Switching Protocols'), headers)
         six.get_method_self(start_response).finish_content()
-        return WebSocket(environ['wsgi.input'].stream)
+        winput = environ['wsgi.input']
+        if not hasattr(winput, "stream"):
+            # hack to get the stream back in later DJANGO
+            winput.stream = winput._read.__self__
+        return WebSocket(winput.stream)
 
     def select(self, rlist, wlist, xlist, timeout=None):
         return select.select(rlist, wlist, xlist, timeout)
 
 
-def run(addr, port, wsgi_handler, ipv6=False, threading=False, server_cls=None):
+def run(addr, port, wsgi_handler, ipv6=False, threading=False, server_cls=None, **kwargs):
     """
     Function to monkey patch the internal Django command: manage.py runserver
     """
@@ -101,6 +155,8 @@ def run(addr, port, wsgi_handler, ipv6=False, threading=False, server_cls=None):
     httpd.serve_forever()
 
 
+patchLimitedStream()
+
 runserver.run = run
 
 _django_app = get_wsgi_application()
@@ -110,6 +166,7 @@ _websocket_url = getattr(settings, 'WEBSOCKET_URL')
 
 def application(environ, start_response):
     if _websocket_url and environ.get('PATH_INFO').startswith(_websocket_url):
+        logger.info("environ", environ)
         return _websocket_app(environ, start_response)
     return _django_app(environ, start_response)