PyPI - platzky - Versions diffs - 0.3.1__tar.gz → 0.3.4__tar.gz - Mend

platzky 0.3.1tar.gz → 0.3.4tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (44) hide show

{platzky-0.3.1 → platzky-0.3.4}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: platzky
-Version: 0.3.1
+Version: 0.3.4
 Summary: Not only blog engine
 License: MIT
 Requires-Python: >=3.10,<4.0
@@ -21,6 +21,7 @@ Requires-Dist: google-cloud-storage (>=2.5.0,<3.0.0)
 Requires-Dist: gql (>=3.4.0,<4.0.0)
 Requires-Dist: humanize (>=4.9.0,<5.0.0)
 Requires-Dist: pydantic (>=2.7.1,<3.0.0)
+Requires-Dist: pygithub (>=2.6.1,<3.0.0)
 Description-Content-Type: text/markdown
 ![Github Actions](https://github.com/platzky/platzky/actions/workflows/tests.yml/badge.svg?event=push&branch=main)

platzky-0.3.4/platzky/admin/fake_login.py ADDED Viewed

@@ -0,0 +1,104 @@
+"""
+Fake login functionality for development environments only.
+WARNING: This module provides fake login functionality and should NEVER be used in production
+environments as it bypasses proper authentication and authorization controls.
+"""
+import os
+from typing import Any, Callable
+from flask import Blueprint, flash, redirect, render_template_string, session, url_for
+from flask_wtf import FlaskForm
+from markupsafe import Markup
+ROLE_ADMIN = "admin"
+ROLE_NONADMIN = "nonadmin"
+VALID_ROLES = [ROLE_ADMIN, ROLE_NONADMIN]
+class FakeLoginForm(FlaskForm):
+    """
+    Empty form class that inherits CSRF protection from FlaskForm.
+    Used specifically for the fake login functionality to enable
+    CSRF token validation on form submissions.
+    """
+    pass
+def get_fake_login_html() -> Callable[[], str]:
+    """Return a callable that generates HTML for fake login buttons."""
+    def generate_html() -> str:
+        admin_url = url_for("admin.handle_fake_login", role="admin")
+        nonadmin_url = url_for("admin.handle_fake_login", role="nonadmin")
+        # Create a form instance to get the CSRF token
+        form = FakeLoginForm()
+        html = render_template_string(
+            """
+        <div class="col-md-6 mb-4">
+          <div class="card">
+            <div class="card-header">
+              Development Login
+            </div>
+            <div class="card-body">
+              <p class="text-danger"><strong>Warning:</strong> For development only</p>
+              <div class="d-flex justify-content-around">
+                <form method="post" action="{{ admin_url }}" style="display: inline;">
+                  {{ form.csrf_token }}
+                  <button type="submit" class="btn btn-primary">Login as Admin</button>
+                </form>
+                <form method="post" action="{{ nonadmin_url }}" style="display: inline;">
+                  {{ form.csrf_token }}
+                  <button type="submit" class="btn btn-secondary">Login as Non-Admin</button>
+                </form>
+              </div>
+            </div>
+          </div>
+        </div>
+        """,
+            form=form,
+            admin_url=admin_url,
+            nonadmin_url=nonadmin_url,
+        )
+        return Markup(html)
+    return generate_html
+def setup_fake_login_routes(admin_blueprint: Blueprint) -> Blueprint:
+    """Add fake login routes to the provided admin_blueprint."""
+    env = os.environ
+    is_testing = "PYTEST_CURRENT_TEST" in env.keys() or env.get("FLASK_DEBUG") in (
+        "1",
+        "true",
+        "True",
+        True,
+    )
+    if not is_testing:
+        raise RuntimeError(
+            "SECURITY ERROR: Fake login routes are enabled outside of a testing environment! "
+            "This functionality must only be used during development or testing."
+        )
+    @admin_blueprint.route("/fake-login/<role>", methods=["POST"])
+    def handle_fake_login(role: str) -> Any:
+        form = FakeLoginForm()
+        if form.validate_on_submit() and role in VALID_ROLES:
+            if role == ROLE_ADMIN:
+                session["user"] = {"username": ROLE_ADMIN, "role": ROLE_ADMIN}
+            else:
+                session["user"] = {"username": "user", "role": ROLE_NONADMIN}
+            return redirect(url_for("admin.admin_panel_home"))
+        flash(f"Invalid role: {role}. Must be one of: {', '.join(VALID_ROLES)}", "error")
+        return redirect(url_for("admin.admin_panel_home"))
+    return admin_blueprint

{platzky-0.3.1 → platzky-0.3.4}/platzky/admin/templates/admin.html RENAMED Viewed

@@ -17,6 +17,7 @@
 {% block left_panel %}
 <div id="admin-panel">
+  <p>User: {{ user.username }}</p>
   {% for cms_module_name, cms_entries in cms_modules.items() %}
   <div class="cms-module mb-2">
     <p>{{ cms_module_name }}</p>

{platzky-0.3.1 → platzky-0.3.4}/platzky/admin/templates/login.html RENAMED Viewed

@@ -12,9 +12,11 @@
   <div class="row align-items-center">
-{% for login_method in login_methods %}
-    {{ login_method | safe }}
+{% for method in login_methods %}
+        {{ method() }}
 {% endfor %}
   </div>
 </div>

{platzky-0.3.1 → platzky-0.3.4}/platzky/blog/blog.py RENAMED Viewed

@@ -51,7 +51,6 @@ def create_blog_blueprint(db, blog_prefix: str, locale_func):
     @blog.route("/<post_slug>", methods=["GET"])
     def get_post(post_slug):
-        post = db.get_post(post_slug)
         try:
             post = db.get_post(post_slug)
             return render_template(

platzky-0.3.4/platzky/db/README.md ADDED Viewed

@@ -0,0 +1,70 @@
+# Platzky Database Modules
+This directory contains the database abstraction layer for the Platzky application. The database modules provide a consistent interface for accessing content regardless of where it's stored.
+## Architecture
+The database layer is built on an abstract base class (DB) that defines a common interface. Multiple implementations are provided for different storage backends:
+- **Json**: Base implementation for JSON data sources
+- **JsonFile**: Local JSON file storage
+- **GithubJsonDb**: JSON files stored in GitHub repository
+- **GoogleJsonDb**: JSON files stored in Google Cloud Storage
+- **GraphQL**: Content stored in a GraphQL API
+## Configuration
+Database configuration is specified in your application config file. Each database type has its own configuration schema.
+### JSON File Database
+```yaml
+DB:
+  TYPE: json_file
+  PATH: "/path/to/data.json"
+```
+### GitHub JSON Database
+```yaml
+DB:
+  TYPE: github_json
+  REPO_NAME: "username/repository"
+  GITHUB_TOKEN: "your_github_token"
+  BRANCH_NAME: "main"
+  PATH_TO_FILE: "data.json"
+```
+### Google JSON Database
+```yaml
+DB:
+  TYPE: google_json
+  BUCKET_NAME: "your-bucket-name"
+  SOURCE_BLOB_NAME: "data.json"
+```
+### GraphQL Database
+```yaml
+DB:
+  TYPE: graph_ql
+  CMS_ENDPOINT: "https://your-graphql-endpoint.com/api"
+  CMS_TOKEN: "your_graphql_token"
+```
+## Usage
+The database is automatically initialized based on your configuration. The application will use the appropriate database implementation
+```python
+from platzky.db.db_loader import get_db
+# db_config is loaded from your application config
+db = get_db(db_config)
+# Now you can use any of the standard DB methods
+posts = db.get_all_posts("en")
+menu_items = db.get_menu_items_in_lang("en")
+```

platzky-0.3.4/platzky/db/github_json_db.py ADDED Viewed

@@ -0,0 +1,69 @@
+import json
+import requests
+from github import Github
+from pydantic import Field
+from platzky.db.db import DBConfig
+from platzky.db.json_db import Json as JsonDB
+def db_config_type():
+    return GithubJsonDbConfig
+class GithubJsonDbConfig(DBConfig):
+    github_token: str = Field(alias="GITHUB_TOKEN")
+    repo_name: str = Field(alias="REPO_NAME")
+    path_to_file: str = Field(alias="PATH_TO_FILE")
+    branch_name: str = Field(alias="BRANCH_NAME", default="main")
+def db_from_config(config: GithubJsonDbConfig):
+    return GithubJsonDb(
+        config.github_token, config.repo_name, config.branch_name, config.path_to_file
+    )
+def get_db(config):
+    github_json_db_config = GithubJsonDbConfig.model_validate(config)
+    return GithubJsonDb(
+        github_json_db_config.github_token,
+        github_json_db_config.repo_name,
+        github_json_db_config.branch_name,
+        github_json_db_config.path_to_file,
+    )
+class GithubJsonDb(JsonDB):
+    def __init__(self, github_token: str, repo_name: str, branch_name: str, path_to_file: str):
+        self.branch_name = branch_name
+        self.repo = Github(github_token).get_repo(repo_name)
+        self.file_path = path_to_file
+        try:
+            file_content = self.repo.get_contents(self.file_path, ref=self.branch_name)
+            if isinstance(file_content, list):
+                raise ValueError(f"Path '{self.file_path}' points to a directory, not a file")
+            if file_content.content:
+                raw_data = file_content.decoded_content.decode("utf-8")
+            else:
+                download_url = file_content.download_url
+                response = requests.get(download_url, timeout=40)
+                response.raise_for_status()
+                raw_data = response.text
+            self.data = json.loads(raw_data)
+        except (json.JSONDecodeError, requests.RequestException) as e:
+            raise ValueError(f"Error parsing JSON content: {e}")
+        except Exception as e:
+            raise ValueError(f"Error retrieving GitHub content: {e}")
+        super().__init__(self.data)
+        self.module_name = "github_json_db"
+        self.db_name = "GithubJsonDb"

{platzky-0.3.1 → platzky-0.3.4}/platzky/db/google_json_db.py RENAMED Viewed

@@ -3,8 +3,8 @@ import json
 from google.cloud.storage import Client
 from pydantic import Field
-from .db import DBConfig
-from .json_db import Json
+from platzky.db.db import DBConfig
+from platzky.db.json_db import Json
 def db_config_type():

{platzky-0.3.1 → platzky-0.3.4}/platzky/db/json_db.py RENAMED Viewed

@@ -3,8 +3,8 @@ from typing import Any, Dict
 from pydantic import Field
-from ..models import MenuItem, Post
-from .db import DB, DBConfig
+from platzky.db.db import DB, DBConfig
+from platzky.models import MenuItem, Post
 def db_config_type():

{platzky-0.3.1 → platzky-0.3.4}/platzky/db/json_file_db.py RENAMED Viewed

@@ -2,8 +2,8 @@ import json
 from pydantic import Field
-from .db import DBConfig
-from .json_db import Json
+from platzky.db.db import DBConfig
+from platzky.db.json_db import Json
 def db_config_type():

{platzky-0.3.1 → platzky-0.3.4}/platzky/engine.py RENAMED Viewed

@@ -18,7 +18,6 @@ class Engine(Flask):
         directory = os.path.dirname(os.path.realpath(__file__))
         locale_dir = os.path.join(directory, "locale")
         config.translation_directories.append(locale_dir)
         babel_translation_directories = ";".join(config.translation_directories)
         self.babel = Babel(
             self,

{platzky-0.3.1 → platzky-0.3.4}/platzky/platzky.py RENAMED Viewed

@@ -3,6 +3,7 @@ import urllib.parse
 from flask import redirect, render_template, request, session
 from flask_minify import Minify
+from flask_wtf import CSRFProtect
 from platzky.admin import admin
 from platzky.blog import blog
@@ -81,10 +82,19 @@ def create_engine(config: Config, db) -> Engine:
 def create_app_from_config(config: Config) -> Engine:
-    engine = create_engine_from_config(config)
+    db = get_db(config.db)
+    engine = create_engine(config, db)
     admin_blueprint = admin.create_admin_blueprint(
         login_methods=engine.login_methods, db=engine.db, locale_func=engine.get_locale
     )
+    if config.feature_flags and config.feature_flags.get("FAKE_LOGIN", False):
+        from platzky.admin.fake_login import get_fake_login_html, setup_fake_login_routes
+        engine.login_methods.append(get_fake_login_html())
+        admin_blueprint = setup_fake_login_routes(admin_blueprint)
     blog_blueprint = blog.create_blog_blueprint(
         db=engine.db,
         blog_prefix=config.blog_prefix,
@@ -98,15 +108,10 @@ def create_app_from_config(config: Config) -> Engine:
     engine.register_blueprint(seo_blueprint)
     Minify(app=engine, html=True, js=True, cssless=True)
+    CSRFProtect(app=engine)
     return engine
-def create_engine_from_config(config: Config) -> Engine:
-    """Create an engine from a config."""
-    db = get_db(config.db)
-    return create_engine(config, db)
 def create_app(config_path: str) -> Engine:
     config = Config.parse_yaml(config_path)
     return create_app_from_config(config)

{platzky-0.3.1 → platzky-0.3.4}/platzky/templates/base.html RENAMED Viewed

@@ -14,6 +14,17 @@
 {% block body_meta %}
 {% include "body_meta.html" %}
 {% endblock %}
+{% with messages = get_flashed_messages(with_categories=true) %}
+  {% if messages %}
+    <div class="flash-messages">
+      {% for category, message in messages %}
+        <div class="alert alert-{{ category }}">{{ message }}</div>
+      {% endfor %}
+    </div>
+  {% endif %}
+{% endwith %}
 <div class="container-fluid d-flex flex-column h-100 g-0">
   <div class="row header-row bg-light g-0">
     <nav class="navbar navbar-expand-lg navbar-light px-3 py-1" id="mainNav">

{platzky-0.3.1 → platzky-0.3.4}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "platzky"
-version = "0.3.1"
+version = "0.3.4"
 description = "Not only blog engine"
 authors = []
 license = "MIT"
@@ -19,6 +19,7 @@ google-cloud-storage = "^2.5.0"
 humanize = "^4.9.0"
 pydantic = "^2.7.1"
 deprecation = "^2.1.0"
+pygithub = "^2.6.1"
 [tool.poetry.group.dev.dependencies]
 pytest = "^8.2.1"