plain 0.24.1__py3-none-any.whl → 0.26.0__py3-none-any.whl

plain/assets/README.md

@@ -30,7 +30,7 @@ Now in your template you can use the `asset()` function to get the URL:
 
 ## Local development
 
-When you're working with `settings.DEBUG = True`, the assets will be served directly from their original location. You don't need to run `plain compile` or configure anything else.
+When you're working with `settings.DEBUG = True`, the assets will be served directly from their original location. You don't need to run `plain build` or configure anything else.
 
 
 ## Production deployment
@@ -38,7 +38,7 @@ When you're working with `settings.DEBUG = True`, the assets will be served dire
 In production, one of your deployment steps should be to compile the assets.
 
 ```bash
-plain compile
+plain build
 ```
 
 By default, this generates "fingerprinted" and compressed versions of the assets, which are then served by your app. This means that a file like `main.css` will result in two new files, like `main.d0db67b.css` and `main.d0db67b.css.gz`.
@@ -61,7 +61,7 @@ url = get_asset_url("css/style.css")
 The generated/copied files are stored in `{repo}/.plain/assets/compiled`. If you need them to be somewhere else, try simply moving them after compilation.
 
 ```bash
-plain compile
+plain build
 mv .plain/assets/compiled /path/to/your/static
 ```
 
@@ -70,7 +70,7 @@ mv .plain/assets/compiled /path/to/your/static
 The steps for this will vary, but the general idea is to compile them, and then upload the compiled assets.
 
 ```bash
-plain compile
+plain build
 ./example-upload-to-cdn-script
 ```
 
@@ -86,7 +86,7 @@ ASSETS_BASE_URL = "https://cdn.example.com/"
 
 The default behavior is to fingerprint assets, which is an exact copy of the original file but with a different filename. The originals aren't copied over because you should generally always use this fingerprinted path (that automatically uses longer-lived caching).
 
-If you need the originals for any reason, you can use `plain compile --keep-original`, though this will typically be combined with `--no-fingerprint` otherwise the fingerprinted files will still get priority in `{{ asset() }}` template calls.
+If you need the originals for any reason, you can use `plain build --keep-original`, though this will typically be combined with `--no-fingerprint` otherwise the fingerprinted files will still get priority in `{{ asset() }}` template calls.
 
 
 ### What about source maps or imported css files?

plain/cli/README.md

@@ -24,13 +24,11 @@ __all__ = [
 ]
 ```
 
-### `plain compile`
+### `plain build`
 
 Compile static assets (used in the deploy/production process).
 
-Automatically runs `plain tailwind compile` if [plain-tailwind](https://plainframework.com/docs/plain-tailwind/) is installed.
-
-Automatically runs `npm run compile` if you have a `package.json` with `scripts.compile`.
+Automatically runs `plain tailwind build` if [plain-tailwind](https://plainframework.com/docs/plain-tailwind/) is installed.
 
 ### `plain run`
 

plain/cli/cli.py

@@ -276,8 +276,8 @@ def preflight_checks(package_label, deploy, fail_level, databases):
     default=True,
     help="Compress the assets",
 )
-def compile(keep_original, fingerprint, compress):
-    """Compile static assets"""
+def build(keep_original, fingerprint, compress):
+    """Pre-deployment build step (compile assets, css, js, etc.)"""
 
     if not keep_original and not fingerprint:
         click.secho(
@@ -287,7 +287,7 @@ def compile(keep_original, fingerprint, compress):
         )
         sys.exit(1)
 
-    # Run user-defined compile commands first
+    # Run user-defined build commands first
     pyproject_path = plain.runtime.APP_PATH.parent / "pyproject.toml"
     if pyproject_path.exists():
         with pyproject_path.open("rb") as f:
@@ -296,7 +296,7 @@ def compile(keep_original, fingerprint, compress):
         for name, data in (
             pyproject.get("tool", {})
             .get("plain", {})
-            .get("compile", {})
+            .get("build", {})
             .get("run", {})
             .items()
         ):
@@ -307,8 +307,8 @@ def compile(keep_original, fingerprint, compress):
                 click.secho(f"Error in {name} (exit {result.returncode})", fg="red")
                 sys.exit(result.returncode)
 
-    # Then run installed package compile steps (like tailwind, typically should run last...)
-    for entry_point in entry_points(group="plain.assets.compile"):
+    # Then run installed package build steps (like tailwind, typically should run last...)
+    for entry_point in entry_points(group="plain.build"):
         click.secho(f"Running {entry_point.name}", bold=True)
         result = entry_point.load()()
         print()

plain/csrf/middleware.py

@@ -42,7 +42,6 @@ REASON_INVALID_CHARACTERS = "has invalid characters"
 CSRF_SECRET_LENGTH = 32
 CSRF_TOKEN_LENGTH = 2 * CSRF_SECRET_LENGTH
 CSRF_ALLOWED_CHARS = string.ascii_letters + string.digits
-CSRF_SESSION_KEY = "_csrftoken"
 
 
 def _get_new_csrf_string():

plain/exceptions.py

@@ -22,7 +22,7 @@ class PackageRegistryNotReady(Exception):
 class ObjectDoesNotExist(Exception):
     """The requested object does not exist"""
 
-    silent_variable_failure = True
+    pass
 
 
 class MultipleObjectsReturned(Exception):
@@ -86,12 +86,6 @@ class RequestDataTooBig(SuspiciousOperation):
     pass
 
 
-class RequestAborted(Exception):
-    """The request was closed before it was completed, or timed out."""
-
-    pass
-
-
 class BadRequest(Exception):
     """The request is malformed and cannot be processed."""
 
@@ -104,12 +98,6 @@ class PermissionDenied(Exception):
     pass
 
 
-class ViewDoesNotExist(Exception):
-    """The requested view does not exist"""
-
-    pass
-
-
 class ImproperlyConfigured(Exception):
     """Plain is somehow improperly configured"""
 
@@ -171,14 +159,6 @@ class ValidationError(Exception):
             self.params = params
             self.error_list = [self]
 
-    @property
-    def message_dict(self):
-        # Trigger an AttributeError if this ValidationError
-        # doesn't have an error_dict.
-        getattr(self, "error_dict")
-
-        return dict(self)
-
     @property
     def messages(self):
         if hasattr(self, "error_dict"):

plain/forms/fields.py

@@ -819,7 +819,7 @@ class ChoiceField(Field):
         for k, v in self.choices:
             if isinstance(v, list | tuple):
                 # This is an optgroup, so look inside the group for options
-                for k2, v2 in v:
+                for k2, _ in v:
                     if value == k2 or text_value == str(k2):
                         return True
             else:

plain/forms/forms.py

@@ -53,7 +53,6 @@ class BaseForm:
     class.
     """
 
-    field_order = None
     prefix = None
 
     def __init__(

plain/http/multipartparser.py

@@ -399,8 +399,6 @@ class MultiPartParser:
             return None
         return file_name
 
-    IE_sanitize = sanitize_file_name
-
     def _close_files(self):
         # Free up all file handles.
         # FIXME: this currently assumes that upload handlers store the file as 'file'

plain/http/request.py

@@ -5,7 +5,6 @@ from io import BytesIO
 from itertools import chain
 from urllib.parse import parse_qsl, quote, urlencode, urljoin, urlsplit
 
-from plain import signing
 from plain.exceptions import (
     DisallowedHost,
     ImproperlyConfigured,
@@ -24,12 +23,11 @@ from plain.utils.datastructures import (
     ImmutableList,
     MultiValueDict,
 )
-from plain.utils.encoding import escape_uri_path, iri_to_uri
+from plain.utils.encoding import iri_to_uri
 from plain.utils.functional import cached_property
 from plain.utils.http import is_same_domain, parse_header_parameters
 from plain.utils.regex_helper import _lazy_re_compile
 
-RAISE_ERROR = object()
 host_validation_re = _lazy_re_compile(
     r"^([a-z0-9.-]+|\[[a-f0-9]*:[a-f0-9\.:]+\])(:[0-9]+)?$"
 )
@@ -177,12 +175,26 @@ class HttpRequest:
     def get_full_path(self, force_append_slash=False):
         return self._get_full_path(self.path, force_append_slash)
 
-    def get_full_path_info(self, force_append_slash=False):
-        return self._get_full_path(self.path_info, force_append_slash)
-
     def _get_full_path(self, path, force_append_slash):
         # RFC 3986 requires query string arguments to be in the ASCII range.
         # Rather than crash if this doesn't happen, we encode defensively.
+
+        def escape_uri_path(path):
+            """
+            Escape the unsafe characters from the path portion of a Uniform Resource
+            Identifier (URI).
+            """
+            # These are the "reserved" and "unreserved" characters specified in RFC
+            # 3986 Sections 2.2 and 2.3:
+            #   reserved    = ";" | "/" | "?" | ":" | "@" | "&" | "=" | "+" | "$" | ","
+            #   unreserved  = alphanum | mark
+            #   mark        = "-" | "_" | "." | "!" | "~" | "*" | "'" | "(" | ")"
+            # The list of safe characters here is constructed subtracting ";", "=",
+            # and "?" according to RFC 3986 Section 3.3.
+            # The reason for not subtracting and escaping "/" is that we are escaping
+            # the entire path, not a path segment.
+            return quote(path, safe="/:@&+$,-_.!~*'()")
+
         return "{}{}{}".format(
             escape_uri_path(path),
             "/" if force_append_slash and not path.endswith("/") else "",
@@ -191,30 +203,6 @@ class HttpRequest:
             else "",
         )
 
-    def get_signed_cookie(self, key, default=RAISE_ERROR, salt="", max_age=None):
-        """
-        Attempt to return a signed cookie. If the signature fails or the
-        cookie has expired, raise an exception, unless the `default` argument
-        is provided,  in which case return that value.
-        """
-        try:
-            cookie_value = self.COOKIES[key]
-        except KeyError:
-            if default is not RAISE_ERROR:
-                return default
-            else:
-                raise
-        try:
-            value = signing.get_cookie_signer(salt=key + salt).unsign(
-                cookie_value, max_age=max_age
-            )
-        except signing.BadSignature:
-            if default is not RAISE_ERROR:
-                return default
-            else:
-                raise
-        return value
-
     def build_absolute_uri(self, location=None):
         """
         Build an absolute URI from the location and the variables available in
@@ -469,10 +457,6 @@ class HttpHeaders(CaseInsensitiveMapping):
             return header
         return f"{cls.HTTP_PREFIX}{header}"
 
-    @classmethod
-    def to_asgi_name(cls, header):
-        return header.replace("-", "_").upper()
-
     @classmethod
     def to_wsgi_names(cls, headers):
         return {
@@ -480,13 +464,6 @@ class HttpHeaders(CaseInsensitiveMapping):
             for header_name, value in headers.items()
         }
 
-    @classmethod
-    def to_asgi_names(cls, headers):
-        return {
-            cls.to_asgi_name(header_name): value
-            for header_name, value in headers.items()
-        }
-
 
 class QueryDict(MultiValueDict):
     """

plain/internal/files/base.py

@@ -1,5 +1,5 @@
 import os
-from io import BytesIO, StringIO, UnsupportedOperation
+from io import UnsupportedOperation
 
 from plain.internal.files.utils import FileProxyMixin
 from plain.utils.functional import cached_property
@@ -118,34 +118,6 @@ class File(FileProxyMixin):
         self.file.close()
 
 
-class ContentFile(File):
-    """
-    A File-like object that takes just raw content, rather than an actual file.
-    """
-
-    def __init__(self, content, name=None):
-        stream_class = StringIO if isinstance(content, str) else BytesIO
-        super().__init__(stream_class(content), name=name)
-        self.size = len(content)
-
-    def __str__(self):
-        return "Raw content"
-
-    def __bool__(self):
-        return True
-
-    def open(self, mode=None):
-        self.seek(0)
-        return self
-
-    def close(self):
-        pass
-
-    def write(self, data):
-        self.__dict__.pop("size", None)  # Clear the computed size.
-        return self.file.write(data)
-
-
 def endswith_cr(line):
     """Return True if line (a text or bytestring) ends with '\r'."""
     return line.endswith("\r" if isinstance(line, str) else b"\r")

plain/internal/handlers/wsgi.py

@@ -1,10 +1,10 @@
 import uuid
 from io import IOBase
+from urllib.parse import quote
 
 from plain import signals
 from plain.http import HttpRequest, QueryDict, parse_cookie
 from plain.internal.handlers import base
-from plain.utils.encoding import repercent_broken_unicode
 from plain.utils.functional import cached_property
 from plain.utils.regex_helper import _lazy_re_compile
 
@@ -161,6 +161,23 @@ def get_path_info(environ):
     """Return the HTTP request's PATH_INFO as a string."""
     path_info = get_bytes_from_wsgi(environ, "PATH_INFO", "/")
 
+    def repercent_broken_unicode(path):
+        """
+        As per RFC 3987 Section 3.2, step three of converting a URI into an IRI,
+        repercent-encode any octet produced that is not part of a strictly legal
+        UTF-8 octet sequence.
+        """
+        while True:
+            try:
+                path.decode()
+            except UnicodeDecodeError as e:
+                # CVE-2019-14235: A recursion shouldn't be used since the exception
+                # handling uses massive amounts of memory
+                repercent = quote(path[e.start : e.end], safe=b"/#%[]=:;$&()+,!?*@'~")
+                path = path[: e.start] + repercent.encode() + path[e.end :]
+            else:
+                return path
+
     return repercent_broken_unicode(path_info).decode()
 
 

plain/packages/__init__.py

@@ -1,4 +1,4 @@
 from .config import PackageConfig
-from .registry import packages_registry
+from .registry import packages_registry, register_config
 
-__all__ = ["PackageConfig", "packages_registry"]
+__all__ = ["PackageConfig", "packages_registry", "register_config"]

plain/packages/config.py

@@ -1,9 +1,8 @@
-import inspect
 import os
+from functools import cached_property
 from importlib import import_module
 
 from plain.exceptions import ImproperlyConfigured
-from plain.utils.module_loading import import_string, module_has_submodule
 
 CONFIG_MODULE_NAME = "config"
 
@@ -13,13 +12,9 @@ class PackageConfig:
 
     migrations_module = "migrations"
 
-    def __init__(self, package_name, package_module):
+    def __init__(self, name, *, label=""):
         # Full Python path to the application e.g. 'plain.admin.admin'.
-        self.name = package_name
-
-        # Root module for the application e.g. <module 'plain.admin.admin'
-        # from 'admin/__init__.py'>.
-        self.module = package_module
+        self.name = name
 
         # Reference to the Packages registry that holds this PackageConfig. Set by the
         # registry when it registers the PackageConfig instance.
@@ -27,168 +22,61 @@ class PackageConfig:
 
         # The following attributes could be defined at the class level in a
         # subclass, hence the test-and-set pattern.
+        if label and hasattr(self, "label"):
+            raise ImproperlyConfigured(
+                "PackageConfig class should not define a class label attribute and an init label"
+            )
+
+        if label:
+            # Set the label explicitly from the init
+            self.label = label
+        elif not hasattr(self, "label"):
+            # Last component of the Python path to the application e.g. 'admin'.
+            # This value must be unique across a Plain project.
+            self.label = self.name.rpartition(".")[2]
 
-        # Last component of the Python path to the application e.g. 'admin'.
-        # This value must be unique across a Plain project.
-        if not hasattr(self, "label"):
-            self.label = package_name.rpartition(".")[2]
         if not self.label.isidentifier():
             raise ImproperlyConfigured(
                 f"The app label '{self.label}' is not a valid Python identifier."
             )
 
-        # Filesystem path to the application directory e.g.
-        # '/path/to/admin'.
-        if not hasattr(self, "path"):
-            self.path = self._path_from_module(package_module)
-
     def __repr__(self):
         return f"<{self.__class__.__name__}: {self.label}>"
 
-    def _path_from_module(self, module):
-        """Attempt to determine app's filesystem path from its module."""
-        # See #21874 for extended discussion of the behavior of this method in
-        # various cases.
-        # Convert to list because __path__ may not support indexing.
-        paths = list(getattr(module, "__path__", []))
-        if len(paths) != 1:
-            filename = getattr(module, "__file__", None)
-            if filename is not None:
-                paths = [os.path.dirname(filename)]
-            else:
-                # For unknown reasons, sometimes the list returned by __path__
-                # contains duplicates that must be removed (#25246).
-                paths = list(set(paths))
-        if len(paths) > 1:
-            raise ImproperlyConfigured(
-                f"The app module {module!r} has multiple filesystem locations ({paths!r}); "
-                "you must configure this app with an PackageConfig subclass "
-                "with a 'path' class attribute."
-            )
-        elif not paths:
-            raise ImproperlyConfigured(
-                f"The app module {module!r} has no filesystem location, "
-                "you must configure this app with an PackageConfig subclass "
-                "with a 'path' class attribute."
-            )
-        return paths[0]
-
-    @classmethod
-    def create(cls, entry):
-        """
-        Factory that creates an app config from an entry in INSTALLED_PACKAGES.
-        """
-        # create() eventually returns package_config_class(package_name, package_module).
-        package_config_class = None
-        package_name = None
-        package_module = None
-
-        # If import_module succeeds, entry points to the app module.
-        try:
-            package_module = import_module(entry)
-        except Exception:
-            pass
-        else:
-            # If package_module has an packages submodule that defines a single
-            # PackageConfig subclass, use it automatically.
-            # To prevent this, an PackageConfig subclass can declare a class
-            # variable default = False.
-            # If the packages module defines more than one PackageConfig subclass,
-            # the default one can declare default = True.
-            if module_has_submodule(package_module, CONFIG_MODULE_NAME):
-                mod_path = f"{entry}.{CONFIG_MODULE_NAME}"
-                mod = import_module(mod_path)
-                # Check if there's exactly one PackageConfig candidate,
-                # excluding those that explicitly define default = False.
-                package_configs = [
-                    (name, candidate)
-                    for name, candidate in inspect.getmembers(mod, inspect.isclass)
-                    if (
-                        issubclass(candidate, cls)
-                        and candidate is not cls
-                        and getattr(candidate, "default", True)
-                    )
-                ]
-                if len(package_configs) == 1:
-                    package_config_class = package_configs[0][1]
+    @cached_property
+    def path(self):
+        # Filesystem path to the application directory e.g.
+        # '/path/to/admin'.
+        def _path_from_module(module):
+            """Attempt to determine app's filesystem path from its module."""
+            # See #21874 for extended discussion of the behavior of this method in
+            # various cases.
+            # Convert to list because __path__ may not support indexing.
+            paths = list(getattr(module, "__path__", []))
+            if len(paths) != 1:
+                filename = getattr(module, "__file__", None)
+                if filename is not None:
+                    paths = [os.path.dirname(filename)]
                 else:
-                    # Check if there's exactly one PackageConfig subclass,
-                    # among those that explicitly define default = True.
-                    package_configs = [
-                        (name, candidate)
-                        for name, candidate in package_configs
-                        if getattr(candidate, "default", False)
-                    ]
-                    if len(package_configs) > 1:
-                        candidates = [repr(name) for name, _ in package_configs]
-                        raise RuntimeError(
-                            "{!r} declares more than one default PackageConfig: "
-                            "{}.".format(mod_path, ", ".join(candidates))
-                        )
-                    elif len(package_configs) == 1:
-                        package_config_class = package_configs[0][1]
-
-            # Use the default app config class if we didn't find anything.
-            if package_config_class is None:
-                package_config_class = cls
-                package_name = entry
-
-        # If import_string succeeds, entry is an app config class.
-        if package_config_class is None:
-            try:
-                package_config_class = import_string(entry)
-            except Exception:
-                pass
-        # If both import_module and import_string failed, it means that entry
-        # doesn't have a valid value.
-        if package_module is None and package_config_class is None:
-            # If the last component of entry starts with an uppercase letter,
-            # then it was likely intended to be an app config class; if not,
-            # an app module. Provide a nice error message in both cases.
-            mod_path, _, cls_name = entry.rpartition(".")
-            if mod_path and cls_name[0].isupper():
-                # We could simply re-trigger the string import exception, but
-                # we're going the extra mile and providing a better error
-                # message for typos in INSTALLED_PACKAGES.
-                # This may raise ImportError, which is the best exception
-                # possible if the module at mod_path cannot be imported.
-                mod = import_module(mod_path)
-                candidates = [
-                    repr(name)
-                    for name, candidate in inspect.getmembers(mod, inspect.isclass)
-                    if issubclass(candidate, cls) and candidate is not cls
-                ]
-                msg = f"Module '{mod_path}' does not contain a '{cls_name}' class."
-                if candidates:
-                    msg += " Choices are: {}.".format(", ".join(candidates))
-                raise ImportError(msg)
-            else:
-                # Re-trigger the module import exception.
-                import_module(entry)
-
-        # Check for obvious errors. (This check prevents duck typing, but
-        # it could be removed if it became a problem in practice.)
-        if not issubclass(package_config_class, PackageConfig):
-            raise ImproperlyConfigured(f"'{entry}' isn't a subclass of PackageConfig.")
-
-        # Obtain package name here rather than in PackageClass.__init__ to keep
-        # all error checking for entries in INSTALLED_PACKAGES in one place.
-        if package_name is None:
-            try:
-                package_name = package_config_class.name
-            except AttributeError:
-                raise ImproperlyConfigured(f"'{entry}' must supply a name attribute.")
-
-        # Ensure package_name points to a valid module.
-        try:
-            package_module = import_module(package_name)
-        except ImportError:
-            raise ImproperlyConfigured(
-                f"Cannot import '{package_name}'. Check that '{package_config_class.__module__}.{package_config_class.__qualname__}.name' is correct."
-            )
-
-        # Entry is a path to an app config class.
-        return package_config_class(package_name, package_module)
+                    # For unknown reasons, sometimes the list returned by __path__
+                    # contains duplicates that must be removed (#25246).
+                    paths = list(set(paths))
+            if len(paths) > 1:
+                raise ImproperlyConfigured(
+                    f"The app module {module!r} has multiple filesystem locations ({paths!r}); "
+                    "you must configure this app with an PackageConfig subclass "
+                    "with a 'path' class attribute."
+                )
+            elif not paths:
+                raise ImproperlyConfigured(
+                    f"The app module {module!r} has no filesystem location, "
+                    "you must configure this app with an PackageConfig subclass "
+                    "with a 'path' class attribute."
+                )
+            return paths[0]
+
+        module = import_module(self.name)
+        return _path_from_module(module)
 
     def ready(self):
         """