udata 9.1.5.dev31391__py2.py3-none-any.whl → 9.2.2.dev31715__py2.py3-none-any.whl

udata/static/common.js

@@ -1,2 +1,2 @@
-!function(e){function __webpack_require__(a){if(c[a])return c[a].exports;var r=c[a]={exports:{},id:a,loaded:!1};return e[a].call(r.exports,r,r.exports,__webpack_require__),r.loaded=!0,r.exports}var a=window.webpackJsonp;window.webpackJsonp=function(b,f){for(var t,d,_=0,n=[];_<b.length;_++)d=b[_],r[d]&&n.push.apply(n,r[d]),r[d]=0;for(t in f){var i=f[t];switch(typeof i){case"object":e[t]=function(a){var c=a.slice(1),r=a[0];return function(a,b,f){e[r].apply(this,[a,b,f].concat(c))}}(i);break;case"function":e[t]=i;break;default:e[t]=e[i]}}for(a&&a(b,f);n.length;)n.shift().call(null,__webpack_require__);if(f[0])return c[0]=0,__webpack_require__(0)};var c={},r={31:0};__webpack_require__.e=function(e,a){if(0===r[e])return a.call(null,__webpack_require__);if(void 0!==r[e])r[e].push(a);else{r[e]=[a];var c=document.getElementsByTagName("head")[0],b=document.createElement("script");b.type="text/javascript",b.charset="utf-8",b.async=!0,b.src=__webpack_require__.p+"chunks/"+e+"."+{0:"285786eca84d7b7471ac",1:"765e28a442160395e71a",2:"f6372652ce6895fe1fad",3:"31f4515503a814e0e3a3",4:"ef9b48820b09477986b5",5:"3aa55302c802f48db900",6:"0db5d3ff22944de7edd5",7:"b2e2b3f88a04f6b296dd",8:"292c6a157d71f0b21b6f",9:"8ad948dd393d38f07a7a",10:"c1c9496ebfc8949f3de2",11:"18f1cc16362b76373c40",12:"f6b6e770dfe4a5949444",13:"066b4d36814efa6c485f",14:"72a6fc22c9b0cc8bcd14",15:"7de380008f4ec6ea4b5b",16:"cddb601c07a2df6564b2",17:"26a29ec18e773c2be9b2",18:"b7098bfe5401f75973fa",19:"2061dca8438f415029a3",20:"17e9e766625991aa0a7b",21:"2b48c7e5fe59775d5eb3",22:"2a919b7f6014457264e8",23:"18bb4231e440e17f29a2",24:"bb29ce250a1b77491420",25:"6cb865e768a122d52b4d",26:"2bd61452982a0d4de0a3",27:"1872ae081edb64216589",28:"1e240391cc0358805408",29:"556152a9334761b0d972",30:"a2eb870c6d29644ed9b5",32:"92a026dcad120ccdf15f",33:"6636c1fd8aec6fc072b8"}[e]+".js",c.appendChild(b)}},__webpack_require__.m=e,__webpack_require__.c=c,__webpack_require__.p="/static/"}(function(e){for(var a in e)if(Object.prototype.hasOwnProperty.call(e,a))switch(typeof e[a]){case"function":break;case"object":e[a]=function(a){var c=a.slice(1),r=e[a[0]];return function(e,a,b){r.apply(this,[e,a,b].concat(c))}}(e[a]);break;default:e[a]=e[e[a]]}return e}([]));
+!function(e){function __webpack_require__(a){if(c[a])return c[a].exports;var r=c[a]={exports:{},id:a,loaded:!1};return e[a].call(r.exports,r,r.exports,__webpack_require__),r.loaded=!0,r.exports}var a=window.webpackJsonp;window.webpackJsonp=function(b,f){for(var t,_,n=0,d=[];n<b.length;n++)_=b[n],r[_]&&d.push.apply(d,r[_]),r[_]=0;for(t in f){var i=f[t];switch(typeof i){case"object":e[t]=function(a){var c=a.slice(1),r=a[0];return function(a,b,f){e[r].apply(this,[a,b,f].concat(c))}}(i);break;case"function":e[t]=i;break;default:e[t]=e[i]}}for(a&&a(b,f);d.length;)d.shift().call(null,__webpack_require__);if(f[0])return c[0]=0,__webpack_require__(0)};var c={},r={31:0};__webpack_require__.e=function(e,a){if(0===r[e])return a.call(null,__webpack_require__);if(void 0!==r[e])r[e].push(a);else{r[e]=[a];var c=document.getElementsByTagName("head")[0],b=document.createElement("script");b.type="text/javascript",b.charset="utf-8",b.async=!0,b.src=__webpack_require__.p+"chunks/"+e+"."+{0:"285786eca84d7b7471ac",1:"765e28a442160395e71a",2:"f6372652ce6895fe1fad",3:"31f4515503a814e0e3a3",4:"ef9b48820b09477986b5",5:"9049c2001a2f21930f78",6:"ad092769b0983a6eec2a",7:"b2e2b3f88a04f6b296dd",8:"292c6a157d71f0b21b6f",9:"8ad948dd393d38f07a7a",10:"c1c9496ebfc8949f3de2",11:"18f1cc16362b76373c40",12:"f6b6e770dfe4a5949444",13:"066b4d36814efa6c485f",14:"72a6fc22c9b0cc8bcd14",15:"7de380008f4ec6ea4b5b",16:"cddb601c07a2df6564b2",17:"26a29ec18e773c2be9b2",18:"b7098bfe5401f75973fa",19:"2061dca8438f415029a3",20:"17e9e766625991aa0a7b",21:"2b48c7e5fe59775d5eb3",22:"2a919b7f6014457264e8",23:"18bb4231e440e17f29a2",24:"bb29ce250a1b77491420",25:"6cb865e768a122d52b4d",26:"2bd61452982a0d4de0a3",27:"1872ae081edb64216589",28:"1e240391cc0358805408",29:"556152a9334761b0d972",30:"a2eb870c6d29644ed9b5",32:"92a026dcad120ccdf15f",33:"6636c1fd8aec6fc072b8"}[e]+".js",c.appendChild(b)}},__webpack_require__.m=e,__webpack_require__.c=c,__webpack_require__.p="/static/"}(function(e){for(var a in e)if(Object.prototype.hasOwnProperty.call(e,a))switch(typeof e[a]){case"function":break;case"object":e[a]=function(a){var c=a.slice(1),r=e[a[0]];return function(e,a,b){r.apply(this,[e,a,b].concat(c))}}(e[a]);break;default:e[a]=e[e[a]]}return e}([]));
 //# sourceMappingURL=common.js.map

udata/static/common.js.map

@@ -1 +1 @@
-{"version":3,"sources":["webpack:///common.js","webpack:///webpack/bootstrap aae90f74dc2315755797"],"names":["modules","__webpack_require__","moduleId","installedModules","exports","module","id","loaded","call","parentJsonpFunction","window","chunkIds","moreModules","chunkId","i","callbacks","length","installedChunks","push","apply","_m","args","slice","templateId","a","b","c","this","concat","shift","31","e","callback","undefined","head","document","getElementsByTagName","script","createElement","type","charset","async","src","p","0","1","2","3","4","5","6","7","8","9","10","11","12","13","14","15","16","17","18","19","20","21","22","23","24","25","26","27","28","29","30","32","33","appendChild","m","Object","prototype","hasOwnProperty","fn"],"mappings":"CAAS,SAAUA,GCwDnB,QAAAC,qBAAAC,GAGA,GAAAC,EAAAD,GACA,MAAAC,GAAAD,GAAAE,OAGA,IAAAC,GAAAF,EAAAD,IACAE,WACAE,GAAAJ,EACAK,QAAA,EAUA,OANAP,GAAAE,GAAAM,KAAAH,EAAAD,QAAAC,IAAAD,QAAAH,qBAGAI,EAAAE,QAAA,EAGAF,EAAAD,QA3EA,GAAAK,GAAAC,OAAA,YACAA,QAAA,sBAAAC,EAAAC,GAIA,IADA,GAAAV,GAAAW,EAAAC,EAAA,EAAAC,KACQD,EAAAH,EAAAK,OAAoBF,IAC5BD,EAAAF,EAAAG,GACAG,EAAAJ,IACAE,EAAAG,KAAAC,MAAAJ,EAAAE,EAAAJ,IACAI,EAAAJ,GAAA,CAEA,KAAAX,IAAAU,GAAA,CACA,GAAAQ,GAAAR,EAAAV,EAGA,cAAAkB,IACA,aAEApB,EAAAE,GAAA,SAAAkB,GACA,GAAAC,GAAAD,EAAAE,MAAA,GAAAC,EAAAH,EAAA,EACA,iBAAAI,EAAAC,EAAAC,GACA1B,EAAAuB,GAAAJ,MAAAQ,MAAAH,EAAAC,EAAAC,GAAAE,OAAAP,MAEMD,EACN,MACA,gBAEApB,EAAAE,GAAAkB,CACA,MACA,SAEApB,EAAAE,GAAAF,EAAAoB,IAKA,IADAX,KAAAE,EAAAC,GACAG,EAAAC,QACAD,EAAAc,QAAArB,KAAA,KAAAP,oBACA,IAAAW,EAAA,GAEA,MADAT,GAAA,KACAF,oBAAA,GAKA,IAAAE,MAKAc,GACAa,GAAA,EA6BA7B,qBAAA8B,EAAA,SAAAlB,EAAAmB,GAEA,OAAAf,EAAAJ,GACA,MAAAmB,GAAAxB,KAAA,KAAAP,oBAGA,IAAAgC,SAAAhB,EAAAJ,GACAI,EAAAJ,GAAAK,KAAAc,OACI,CAEJf,EAAAJ,IAAAmB,EACA,IAAAE,GAAAC,SAAAC,qBAAA,WACAC,EAAAF,SAAAG,cAAA,SACAD,GAAAE,KAAA,kBACAF,EAAAG,QAAA,QACAH,EAAAI,OAAA,EAEAJ,EAAAK,IAAAzC,oBAAA0C,EAAA,UAAA9B,EAAA,KAAsE+B,EAAA,uBAAAC,EAAA,uBAAAC,EAAA,uBAAAC,EAAA,uBAAAC,EAAA,uBAAAC,EAAA,uBAAAC,EAAA,uBAAAC,EAAA,uBAAAC,EAAA,uBAAAC,EAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,wBAAk5B/D,GAAA,MACx9BqB,EAAA2C,YAAAxC,KAKApC,oBAAA6E,EAAA9E,EAGAC,oBAAAyB,EAAAvB,EAGAF,oBAAA0C,EAAA,YDIW,SAAS3C,GAEnB,IAAI,GAAIc,KAAKd,GACZ,GAAG+E,OAAOC,UAAUC,eAAezE,KAAKR,EAASc,GAChD,aAAcd,GAAQc,IACtB,IAAK,WAAY,KACjB,KAAK,SAEJd,EAAQc,GAAM,SAASM,GACtB,GAAIC,GAAOD,EAAGE,MAAM,GAAI4D,EAAKlF,EAAQoB,EAAG,GACxC,OAAO,UAAUI,EAAEC,EAAEC,GACpBwD,EAAG/D,MAAMQ,MAAOH,EAAEC,EAAEC,GAAGE,OAAOP,MAE9BrB,EAAQc,GACV,MACD,SAECd,EAAQc,GAAKd,EAAQA,EAAQc,IAKhC,MAAOd","file":"common.js","sourcesContent":["/******/ (function(modules) { // webpackBootstrap\n/******/ \t// install a JSONP callback for chunk loading\n/******/ \tvar parentJsonpFunction = window[\"webpackJsonp\"];\n/******/ \twindow[\"webpackJsonp\"] = function webpackJsonpCallback(chunkIds, moreModules) {\n/******/ \t\t// add \"moreModules\" to the modules object,\n/******/ \t\t// then flag all \"chunkIds\" as loaded and fire callback\n/******/ \t\tvar moduleId, chunkId, i = 0, callbacks = [];\n/******/ \t\tfor(;i < chunkIds.length; i++) {\n/******/ \t\t\tchunkId = chunkIds[i];\n/******/ \t\t\tif(installedChunks[chunkId])\n/******/ \t\t\t\tcallbacks.push.apply(callbacks, installedChunks[chunkId]);\n/******/ \t\t\tinstalledChunks[chunkId] = 0;\n/******/ \t\t}\n/******/ \t\tfor(moduleId in moreModules) {\n/******/ \t\t\tvar _m = moreModules[moduleId];\n/******/\n/******/ \t\t\t// Check if module is deduplicated\n/******/ \t\t\tswitch(typeof _m) {\n/******/ \t\t\tcase \"object\":\n/******/ \t\t\t\t// Module can be created from a template\n/******/ \t\t\t\tmodules[moduleId] = (function(_m) {\n/******/ \t\t\t\t\tvar args = _m.slice(1), templateId = _m[0];\n/******/ \t\t\t\t\treturn function (a,b,c) {\n/******/ \t\t\t\t\t\tmodules[templateId].apply(this, [a,b,c].concat(args));\n/******/ \t\t\t\t\t};\n/******/ \t\t\t\t}(_m));\n/******/ \t\t\t\tbreak;\n/******/ \t\t\tcase \"function\":\n/******/ \t\t\t\t// Normal module\n/******/ \t\t\t\tmodules[moduleId] = _m;\n/******/ \t\t\t\tbreak;\n/******/ \t\t\tdefault:\n/******/ \t\t\t\t// Module is a copy of another module\n/******/ \t\t\t\tmodules[moduleId] = modules[_m];\n/******/ \t\t\t\tbreak;\n/******/ \t\t\t}\n/******/ \t\t}\n/******/ \t\tif(parentJsonpFunction) parentJsonpFunction(chunkIds, moreModules);\n/******/ \t\twhile(callbacks.length)\n/******/ \t\t\tcallbacks.shift().call(null, __webpack_require__);\n/******/ \t\tif(moreModules[0]) {\n/******/ \t\t\tinstalledModules[0] = 0;\n/******/ \t\t\treturn __webpack_require__(0);\n/******/ \t\t}\n/******/ \t};\n/******/\n/******/ \t// The module cache\n/******/ \tvar installedModules = {};\n/******/\n/******/ \t// object to store loaded and loading chunks\n/******/ \t// \"0\" means \"already loaded\"\n/******/ \t// Array means \"loading\", array contains callbacks\n/******/ \tvar installedChunks = {\n/******/ \t\t31:0\n/******/ \t};\n/******/\n/******/ \t// The require function\n/******/ \tfunction __webpack_require__(moduleId) {\n/******/\n/******/ \t\t// Check if module is in cache\n/******/ \t\tif(installedModules[moduleId])\n/******/ \t\t\treturn installedModules[moduleId].exports;\n/******/\n/******/ \t\t// Create a new module (and put it into the cache)\n/******/ \t\tvar module = installedModules[moduleId] = {\n/******/ \t\t\texports: {},\n/******/ \t\t\tid: moduleId,\n/******/ \t\t\tloaded: false\n/******/ \t\t};\n/******/\n/******/ \t\t// Execute the module function\n/******/ \t\tmodules[moduleId].call(module.exports, module, module.exports, __webpack_require__);\n/******/\n/******/ \t\t// Flag the module as loaded\n/******/ \t\tmodule.loaded = true;\n/******/\n/******/ \t\t// Return the exports of the module\n/******/ \t\treturn module.exports;\n/******/ \t}\n/******/\n/******/ \t// This file contains only the entry chunk.\n/******/ \t// The chunk loading function for additional chunks\n/******/ \t__webpack_require__.e = function requireEnsure(chunkId, callback) {\n/******/ \t\t// \"0\" is the signal for \"already loaded\"\n/******/ \t\tif(installedChunks[chunkId] === 0)\n/******/ \t\t\treturn callback.call(null, __webpack_require__);\n/******/\n/******/ \t\t// an array means \"currently loading\".\n/******/ \t\tif(installedChunks[chunkId] !== undefined) {\n/******/ \t\t\tinstalledChunks[chunkId].push(callback);\n/******/ \t\t} else {\n/******/ \t\t\t// start chunk loading\n/******/ \t\t\tinstalledChunks[chunkId] = [callback];\n/******/ \t\t\tvar head = document.getElementsByTagName('head')[0];\n/******/ \t\t\tvar script = document.createElement('script');\n/******/ \t\t\tscript.type = 'text/javascript';\n/******/ \t\t\tscript.charset = 'utf-8';\n/******/ \t\t\tscript.async = true;\n/******/\n/******/ \t\t\tscript.src = __webpack_require__.p + \"chunks/\" + chunkId + \".\" + {\"0\":\"285786eca84d7b7471ac\",\"1\":\"765e28a442160395e71a\",\"2\":\"f6372652ce6895fe1fad\",\"3\":\"31f4515503a814e0e3a3\",\"4\":\"ef9b48820b09477986b5\",\"5\":\"3aa55302c802f48db900\",\"6\":\"0db5d3ff22944de7edd5\",\"7\":\"b2e2b3f88a04f6b296dd\",\"8\":\"292c6a157d71f0b21b6f\",\"9\":\"8ad948dd393d38f07a7a\",\"10\":\"c1c9496ebfc8949f3de2\",\"11\":\"18f1cc16362b76373c40\",\"12\":\"f6b6e770dfe4a5949444\",\"13\":\"066b4d36814efa6c485f\",\"14\":\"72a6fc22c9b0cc8bcd14\",\"15\":\"7de380008f4ec6ea4b5b\",\"16\":\"cddb601c07a2df6564b2\",\"17\":\"26a29ec18e773c2be9b2\",\"18\":\"b7098bfe5401f75973fa\",\"19\":\"2061dca8438f415029a3\",\"20\":\"17e9e766625991aa0a7b\",\"21\":\"2b48c7e5fe59775d5eb3\",\"22\":\"2a919b7f6014457264e8\",\"23\":\"18bb4231e440e17f29a2\",\"24\":\"bb29ce250a1b77491420\",\"25\":\"6cb865e768a122d52b4d\",\"26\":\"2bd61452982a0d4de0a3\",\"27\":\"1872ae081edb64216589\",\"28\":\"1e240391cc0358805408\",\"29\":\"556152a9334761b0d972\",\"30\":\"a2eb870c6d29644ed9b5\",\"32\":\"92a026dcad120ccdf15f\",\"33\":\"6636c1fd8aec6fc072b8\"}[chunkId] + \".js\";\n/******/ \t\t\thead.appendChild(script);\n/******/ \t\t}\n/******/ \t};\n/******/\n/******/ \t// expose the modules object (__webpack_modules__)\n/******/ \t__webpack_require__.m = modules;\n/******/\n/******/ \t// expose the module cache\n/******/ \t__webpack_require__.c = installedModules;\n/******/\n/******/ \t// __webpack_public_path__\n/******/ \t__webpack_require__.p = \"/static/\";\n/******/ })\n/************************************************************************/\n/******/ ((function(modules) {\n\t// Check all modules for deduplicated modules\n\tfor(var i in modules) {\n\t\tif(Object.prototype.hasOwnProperty.call(modules, i)) {\n\t\t\tswitch(typeof modules[i]) {\n\t\t\tcase \"function\": break;\n\t\t\tcase \"object\":\n\t\t\t\t// Module can be created from a template\n\t\t\t\tmodules[i] = (function(_m) {\n\t\t\t\t\tvar args = _m.slice(1), fn = modules[_m[0]];\n\t\t\t\t\treturn function (a,b,c) {\n\t\t\t\t\t\tfn.apply(this, [a,b,c].concat(args));\n\t\t\t\t\t};\n\t\t\t\t}(modules[i]));\n\t\t\t\tbreak;\n\t\t\tdefault:\n\t\t\t\t// Module is a copy of another module\n\t\t\t\tmodules[i] = modules[modules[i]];\n\t\t\t\tbreak;\n\t\t\t}\n\t\t}\n\t}\n\treturn modules;\n}([])));\n\n\n/** WEBPACK FOOTER **\n ** common.js\n **/"," \t// install a JSONP callback for chunk loading\n \tvar parentJsonpFunction = window[\"webpackJsonp\"];\n \twindow[\"webpackJsonp\"] = function webpackJsonpCallback(chunkIds, moreModules) {\n \t\t// add \"moreModules\" to the modules object,\n \t\t// then flag all \"chunkIds\" as loaded and fire callback\n \t\tvar moduleId, chunkId, i = 0, callbacks = [];\n \t\tfor(;i < chunkIds.length; i++) {\n \t\t\tchunkId = chunkIds[i];\n \t\t\tif(installedChunks[chunkId])\n \t\t\t\tcallbacks.push.apply(callbacks, installedChunks[chunkId]);\n \t\t\tinstalledChunks[chunkId] = 0;\n \t\t}\n \t\tfor(moduleId in moreModules) {\n \t\t\tvar _m = moreModules[moduleId];\n\n \t\t\t// Check if module is deduplicated\n \t\t\tswitch(typeof _m) {\n \t\t\tcase \"object\":\n \t\t\t\t// Module can be created from a template\n \t\t\t\tmodules[moduleId] = (function(_m) {\n \t\t\t\t\tvar args = _m.slice(1), templateId = _m[0];\n \t\t\t\t\treturn function (a,b,c) {\n \t\t\t\t\t\tmodules[templateId].apply(this, [a,b,c].concat(args));\n \t\t\t\t\t};\n \t\t\t\t}(_m));\n \t\t\t\tbreak;\n \t\t\tcase \"function\":\n \t\t\t\t// Normal module\n \t\t\t\tmodules[moduleId] = _m;\n \t\t\t\tbreak;\n \t\t\tdefault:\n \t\t\t\t// Module is a copy of another module\n \t\t\t\tmodules[moduleId] = modules[_m];\n \t\t\t\tbreak;\n \t\t\t}\n \t\t}\n \t\tif(parentJsonpFunction) parentJsonpFunction(chunkIds, moreModules);\n \t\twhile(callbacks.length)\n \t\t\tcallbacks.shift().call(null, __webpack_require__);\n \t\tif(moreModules[0]) {\n \t\t\tinstalledModules[0] = 0;\n \t\t\treturn __webpack_require__(0);\n \t\t}\n \t};\n\n \t// The module cache\n \tvar installedModules = {};\n\n \t// object to store loaded and loading chunks\n \t// \"0\" means \"already loaded\"\n \t// Array means \"loading\", array contains callbacks\n \tvar installedChunks = {\n \t\t31:0\n \t};\n\n \t// The require function\n \tfunction __webpack_require__(moduleId) {\n\n \t\t// Check if module is in cache\n \t\tif(installedModules[moduleId])\n \t\t\treturn installedModules[moduleId].exports;\n\n \t\t// Create a new module (and put it into the cache)\n \t\tvar module = installedModules[moduleId] = {\n \t\t\texports: {},\n \t\t\tid: moduleId,\n \t\t\tloaded: false\n \t\t};\n\n \t\t// Execute the module function\n \t\tmodules[moduleId].call(module.exports, module, module.exports, __webpack_require__);\n\n \t\t// Flag the module as loaded\n \t\tmodule.loaded = true;\n\n \t\t// Return the exports of the module\n \t\treturn module.exports;\n \t}\n\n \t// This file contains only the entry chunk.\n \t// The chunk loading function for additional chunks\n \t__webpack_require__.e = function requireEnsure(chunkId, callback) {\n \t\t// \"0\" is the signal for \"already loaded\"\n \t\tif(installedChunks[chunkId] === 0)\n \t\t\treturn callback.call(null, __webpack_require__);\n\n \t\t// an array means \"currently loading\".\n \t\tif(installedChunks[chunkId] !== undefined) {\n \t\t\tinstalledChunks[chunkId].push(callback);\n \t\t} else {\n \t\t\t// start chunk loading\n \t\t\tinstalledChunks[chunkId] = [callback];\n \t\t\tvar head = document.getElementsByTagName('head')[0];\n \t\t\tvar script = document.createElement('script');\n \t\t\tscript.type = 'text/javascript';\n \t\t\tscript.charset = 'utf-8';\n \t\t\tscript.async = true;\n\n \t\t\tscript.src = __webpack_require__.p + \"chunks/\" + chunkId + \".\" + {\"0\":\"285786eca84d7b7471ac\",\"1\":\"765e28a442160395e71a\",\"2\":\"f6372652ce6895fe1fad\",\"3\":\"31f4515503a814e0e3a3\",\"4\":\"ef9b48820b09477986b5\",\"5\":\"3aa55302c802f48db900\",\"6\":\"0db5d3ff22944de7edd5\",\"7\":\"b2e2b3f88a04f6b296dd\",\"8\":\"292c6a157d71f0b21b6f\",\"9\":\"8ad948dd393d38f07a7a\",\"10\":\"c1c9496ebfc8949f3de2\",\"11\":\"18f1cc16362b76373c40\",\"12\":\"f6b6e770dfe4a5949444\",\"13\":\"066b4d36814efa6c485f\",\"14\":\"72a6fc22c9b0cc8bcd14\",\"15\":\"7de380008f4ec6ea4b5b\",\"16\":\"cddb601c07a2df6564b2\",\"17\":\"26a29ec18e773c2be9b2\",\"18\":\"b7098bfe5401f75973fa\",\"19\":\"2061dca8438f415029a3\",\"20\":\"17e9e766625991aa0a7b\",\"21\":\"2b48c7e5fe59775d5eb3\",\"22\":\"2a919b7f6014457264e8\",\"23\":\"18bb4231e440e17f29a2\",\"24\":\"bb29ce250a1b77491420\",\"25\":\"6cb865e768a122d52b4d\",\"26\":\"2bd61452982a0d4de0a3\",\"27\":\"1872ae081edb64216589\",\"28\":\"1e240391cc0358805408\",\"29\":\"556152a9334761b0d972\",\"30\":\"a2eb870c6d29644ed9b5\",\"32\":\"92a026dcad120ccdf15f\",\"33\":\"6636c1fd8aec6fc072b8\"}[chunkId] + \".js\";\n \t\t\thead.appendChild(script);\n \t\t}\n \t};\n\n \t// expose the modules object (__webpack_modules__)\n \t__webpack_require__.m = modules;\n\n \t// expose the module cache\n \t__webpack_require__.c = installedModules;\n\n \t// __webpack_public_path__\n \t__webpack_require__.p = \"/static/\";\n\n\n\n/** WEBPACK FOOTER **\n ** webpack/bootstrap aae90f74dc2315755797\n **/"],"sourceRoot":""}
+{"version":3,"sources":["webpack:///common.js","webpack:///webpack/bootstrap 47bc9a5c7fac4343d504"],"names":["modules","__webpack_require__","moduleId","installedModules","exports","module","id","loaded","call","parentJsonpFunction","window","chunkIds","moreModules","chunkId","i","callbacks","length","installedChunks","push","apply","_m","args","slice","templateId","a","b","c","this","concat","shift","31","e","callback","undefined","head","document","getElementsByTagName","script","createElement","type","charset","async","src","p","0","1","2","3","4","5","6","7","8","9","10","11","12","13","14","15","16","17","18","19","20","21","22","23","24","25","26","27","28","29","30","32","33","appendChild","m","Object","prototype","hasOwnProperty","fn"],"mappings":"CAAS,SAAUA,GCwDnB,QAAAC,qBAAAC,GAGA,GAAAC,EAAAD,GACA,MAAAC,GAAAD,GAAAE,OAGA,IAAAC,GAAAF,EAAAD,IACAE,WACAE,GAAAJ,EACAK,QAAA,EAUA,OANAP,GAAAE,GAAAM,KAAAH,EAAAD,QAAAC,IAAAD,QAAAH,qBAGAI,EAAAE,QAAA,EAGAF,EAAAD,QA3EA,GAAAK,GAAAC,OAAA,YACAA,QAAA,sBAAAC,EAAAC,GAIA,IADA,GAAAV,GAAAW,EAAAC,EAAA,EAAAC,KACQD,EAAAH,EAAAK,OAAoBF,IAC5BD,EAAAF,EAAAG,GACAG,EAAAJ,IACAE,EAAAG,KAAAC,MAAAJ,EAAAE,EAAAJ,IACAI,EAAAJ,GAAA,CAEA,KAAAX,IAAAU,GAAA,CACA,GAAAQ,GAAAR,EAAAV,EAGA,cAAAkB,IACA,aAEApB,EAAAE,GAAA,SAAAkB,GACA,GAAAC,GAAAD,EAAAE,MAAA,GAAAC,EAAAH,EAAA,EACA,iBAAAI,EAAAC,EAAAC,GACA1B,EAAAuB,GAAAJ,MAAAQ,MAAAH,EAAAC,EAAAC,GAAAE,OAAAP,MAEMD,EACN,MACA,gBAEApB,EAAAE,GAAAkB,CACA,MACA,SAEApB,EAAAE,GAAAF,EAAAoB,IAKA,IADAX,KAAAE,EAAAC,GACAG,EAAAC,QACAD,EAAAc,QAAArB,KAAA,KAAAP,oBACA,IAAAW,EAAA,GAEA,MADAT,GAAA,KACAF,oBAAA,GAKA,IAAAE,MAKAc,GACAa,GAAA,EA6BA7B,qBAAA8B,EAAA,SAAAlB,EAAAmB,GAEA,OAAAf,EAAAJ,GACA,MAAAmB,GAAAxB,KAAA,KAAAP,oBAGA,IAAAgC,SAAAhB,EAAAJ,GACAI,EAAAJ,GAAAK,KAAAc,OACI,CAEJf,EAAAJ,IAAAmB,EACA,IAAAE,GAAAC,SAAAC,qBAAA,WACAC,EAAAF,SAAAG,cAAA,SACAD,GAAAE,KAAA,kBACAF,EAAAG,QAAA,QACAH,EAAAI,OAAA,EAEAJ,EAAAK,IAAAzC,oBAAA0C,EAAA,UAAA9B,EAAA,KAAsE+B,EAAA,uBAAAC,EAAA,uBAAAC,EAAA,uBAAAC,EAAA,uBAAAC,EAAA,uBAAAC,EAAA,uBAAAC,EAAA,uBAAAC,EAAA,uBAAAC,EAAA,uBAAAC,EAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,uBAAAC,GAAA,wBAAk5B/D,GAAA,MACx9BqB,EAAA2C,YAAAxC,KAKApC,oBAAA6E,EAAA9E,EAGAC,oBAAAyB,EAAAvB,EAGAF,oBAAA0C,EAAA,YDIW,SAAS3C,GAEnB,IAAI,GAAIc,KAAKd,GACZ,GAAG+E,OAAOC,UAAUC,eAAezE,KAAKR,EAASc,GAChD,aAAcd,GAAQc,IACtB,IAAK,WAAY,KACjB,KAAK,SAEJd,EAAQc,GAAM,SAASM,GACtB,GAAIC,GAAOD,EAAGE,MAAM,GAAI4D,EAAKlF,EAAQoB,EAAG,GACxC,OAAO,UAAUI,EAAEC,EAAEC,GACpBwD,EAAG/D,MAAMQ,MAAOH,EAAEC,EAAEC,GAAGE,OAAOP,MAE9BrB,EAAQc,GACV,MACD,SAECd,EAAQc,GAAKd,EAAQA,EAAQc,IAKhC,MAAOd","file":"common.js","sourcesContent":["/******/ (function(modules) { // webpackBootstrap\n/******/ \t// install a JSONP callback for chunk loading\n/******/ \tvar parentJsonpFunction = window[\"webpackJsonp\"];\n/******/ \twindow[\"webpackJsonp\"] = function webpackJsonpCallback(chunkIds, moreModules) {\n/******/ \t\t// add \"moreModules\" to the modules object,\n/******/ \t\t// then flag all \"chunkIds\" as loaded and fire callback\n/******/ \t\tvar moduleId, chunkId, i = 0, callbacks = [];\n/******/ \t\tfor(;i < chunkIds.length; i++) {\n/******/ \t\t\tchunkId = chunkIds[i];\n/******/ \t\t\tif(installedChunks[chunkId])\n/******/ \t\t\t\tcallbacks.push.apply(callbacks, installedChunks[chunkId]);\n/******/ \t\t\tinstalledChunks[chunkId] = 0;\n/******/ \t\t}\n/******/ \t\tfor(moduleId in moreModules) {\n/******/ \t\t\tvar _m = moreModules[moduleId];\n/******/\n/******/ \t\t\t// Check if module is deduplicated\n/******/ \t\t\tswitch(typeof _m) {\n/******/ \t\t\tcase \"object\":\n/******/ \t\t\t\t// Module can be created from a template\n/******/ \t\t\t\tmodules[moduleId] = (function(_m) {\n/******/ \t\t\t\t\tvar args = _m.slice(1), templateId = _m[0];\n/******/ \t\t\t\t\treturn function (a,b,c) {\n/******/ \t\t\t\t\t\tmodules[templateId].apply(this, [a,b,c].concat(args));\n/******/ \t\t\t\t\t};\n/******/ \t\t\t\t}(_m));\n/******/ \t\t\t\tbreak;\n/******/ \t\t\tcase \"function\":\n/******/ \t\t\t\t// Normal module\n/******/ \t\t\t\tmodules[moduleId] = _m;\n/******/ \t\t\t\tbreak;\n/******/ \t\t\tdefault:\n/******/ \t\t\t\t// Module is a copy of another module\n/******/ \t\t\t\tmodules[moduleId] = modules[_m];\n/******/ \t\t\t\tbreak;\n/******/ \t\t\t}\n/******/ \t\t}\n/******/ \t\tif(parentJsonpFunction) parentJsonpFunction(chunkIds, moreModules);\n/******/ \t\twhile(callbacks.length)\n/******/ \t\t\tcallbacks.shift().call(null, __webpack_require__);\n/******/ \t\tif(moreModules[0]) {\n/******/ \t\t\tinstalledModules[0] = 0;\n/******/ \t\t\treturn __webpack_require__(0);\n/******/ \t\t}\n/******/ \t};\n/******/\n/******/ \t// The module cache\n/******/ \tvar installedModules = {};\n/******/\n/******/ \t// object to store loaded and loading chunks\n/******/ \t// \"0\" means \"already loaded\"\n/******/ \t// Array means \"loading\", array contains callbacks\n/******/ \tvar installedChunks = {\n/******/ \t\t31:0\n/******/ \t};\n/******/\n/******/ \t// The require function\n/******/ \tfunction __webpack_require__(moduleId) {\n/******/\n/******/ \t\t// Check if module is in cache\n/******/ \t\tif(installedModules[moduleId])\n/******/ \t\t\treturn installedModules[moduleId].exports;\n/******/\n/******/ \t\t// Create a new module (and put it into the cache)\n/******/ \t\tvar module = installedModules[moduleId] = {\n/******/ \t\t\texports: {},\n/******/ \t\t\tid: moduleId,\n/******/ \t\t\tloaded: false\n/******/ \t\t};\n/******/\n/******/ \t\t// Execute the module function\n/******/ \t\tmodules[moduleId].call(module.exports, module, module.exports, __webpack_require__);\n/******/\n/******/ \t\t// Flag the module as loaded\n/******/ \t\tmodule.loaded = true;\n/******/\n/******/ \t\t// Return the exports of the module\n/******/ \t\treturn module.exports;\n/******/ \t}\n/******/\n/******/ \t// This file contains only the entry chunk.\n/******/ \t// The chunk loading function for additional chunks\n/******/ \t__webpack_require__.e = function requireEnsure(chunkId, callback) {\n/******/ \t\t// \"0\" is the signal for \"already loaded\"\n/******/ \t\tif(installedChunks[chunkId] === 0)\n/******/ \t\t\treturn callback.call(null, __webpack_require__);\n/******/\n/******/ \t\t// an array means \"currently loading\".\n/******/ \t\tif(installedChunks[chunkId] !== undefined) {\n/******/ \t\t\tinstalledChunks[chunkId].push(callback);\n/******/ \t\t} else {\n/******/ \t\t\t// start chunk loading\n/******/ \t\t\tinstalledChunks[chunkId] = [callback];\n/******/ \t\t\tvar head = document.getElementsByTagName('head')[0];\n/******/ \t\t\tvar script = document.createElement('script');\n/******/ \t\t\tscript.type = 'text/javascript';\n/******/ \t\t\tscript.charset = 'utf-8';\n/******/ \t\t\tscript.async = true;\n/******/\n/******/ \t\t\tscript.src = __webpack_require__.p + \"chunks/\" + chunkId + \".\" + {\"0\":\"285786eca84d7b7471ac\",\"1\":\"765e28a442160395e71a\",\"2\":\"f6372652ce6895fe1fad\",\"3\":\"31f4515503a814e0e3a3\",\"4\":\"ef9b48820b09477986b5\",\"5\":\"9049c2001a2f21930f78\",\"6\":\"ad092769b0983a6eec2a\",\"7\":\"b2e2b3f88a04f6b296dd\",\"8\":\"292c6a157d71f0b21b6f\",\"9\":\"8ad948dd393d38f07a7a\",\"10\":\"c1c9496ebfc8949f3de2\",\"11\":\"18f1cc16362b76373c40\",\"12\":\"f6b6e770dfe4a5949444\",\"13\":\"066b4d36814efa6c485f\",\"14\":\"72a6fc22c9b0cc8bcd14\",\"15\":\"7de380008f4ec6ea4b5b\",\"16\":\"cddb601c07a2df6564b2\",\"17\":\"26a29ec18e773c2be9b2\",\"18\":\"b7098bfe5401f75973fa\",\"19\":\"2061dca8438f415029a3\",\"20\":\"17e9e766625991aa0a7b\",\"21\":\"2b48c7e5fe59775d5eb3\",\"22\":\"2a919b7f6014457264e8\",\"23\":\"18bb4231e440e17f29a2\",\"24\":\"bb29ce250a1b77491420\",\"25\":\"6cb865e768a122d52b4d\",\"26\":\"2bd61452982a0d4de0a3\",\"27\":\"1872ae081edb64216589\",\"28\":\"1e240391cc0358805408\",\"29\":\"556152a9334761b0d972\",\"30\":\"a2eb870c6d29644ed9b5\",\"32\":\"92a026dcad120ccdf15f\",\"33\":\"6636c1fd8aec6fc072b8\"}[chunkId] + \".js\";\n/******/ \t\t\thead.appendChild(script);\n/******/ \t\t}\n/******/ \t};\n/******/\n/******/ \t// expose the modules object (__webpack_modules__)\n/******/ \t__webpack_require__.m = modules;\n/******/\n/******/ \t// expose the module cache\n/******/ \t__webpack_require__.c = installedModules;\n/******/\n/******/ \t// __webpack_public_path__\n/******/ \t__webpack_require__.p = \"/static/\";\n/******/ })\n/************************************************************************/\n/******/ ((function(modules) {\n\t// Check all modules for deduplicated modules\n\tfor(var i in modules) {\n\t\tif(Object.prototype.hasOwnProperty.call(modules, i)) {\n\t\t\tswitch(typeof modules[i]) {\n\t\t\tcase \"function\": break;\n\t\t\tcase \"object\":\n\t\t\t\t// Module can be created from a template\n\t\t\t\tmodules[i] = (function(_m) {\n\t\t\t\t\tvar args = _m.slice(1), fn = modules[_m[0]];\n\t\t\t\t\treturn function (a,b,c) {\n\t\t\t\t\t\tfn.apply(this, [a,b,c].concat(args));\n\t\t\t\t\t};\n\t\t\t\t}(modules[i]));\n\t\t\t\tbreak;\n\t\t\tdefault:\n\t\t\t\t// Module is a copy of another module\n\t\t\t\tmodules[i] = modules[modules[i]];\n\t\t\t\tbreak;\n\t\t\t}\n\t\t}\n\t}\n\treturn modules;\n}([])));\n\n\n/** WEBPACK FOOTER **\n ** common.js\n **/"," \t// install a JSONP callback for chunk loading\n \tvar parentJsonpFunction = window[\"webpackJsonp\"];\n \twindow[\"webpackJsonp\"] = function webpackJsonpCallback(chunkIds, moreModules) {\n \t\t// add \"moreModules\" to the modules object,\n \t\t// then flag all \"chunkIds\" as loaded and fire callback\n \t\tvar moduleId, chunkId, i = 0, callbacks = [];\n \t\tfor(;i < chunkIds.length; i++) {\n \t\t\tchunkId = chunkIds[i];\n \t\t\tif(installedChunks[chunkId])\n \t\t\t\tcallbacks.push.apply(callbacks, installedChunks[chunkId]);\n \t\t\tinstalledChunks[chunkId] = 0;\n \t\t}\n \t\tfor(moduleId in moreModules) {\n \t\t\tvar _m = moreModules[moduleId];\n\n \t\t\t// Check if module is deduplicated\n \t\t\tswitch(typeof _m) {\n \t\t\tcase \"object\":\n \t\t\t\t// Module can be created from a template\n \t\t\t\tmodules[moduleId] = (function(_m) {\n \t\t\t\t\tvar args = _m.slice(1), templateId = _m[0];\n \t\t\t\t\treturn function (a,b,c) {\n \t\t\t\t\t\tmodules[templateId].apply(this, [a,b,c].concat(args));\n \t\t\t\t\t};\n \t\t\t\t}(_m));\n \t\t\t\tbreak;\n \t\t\tcase \"function\":\n \t\t\t\t// Normal module\n \t\t\t\tmodules[moduleId] = _m;\n \t\t\t\tbreak;\n \t\t\tdefault:\n \t\t\t\t// Module is a copy of another module\n \t\t\t\tmodules[moduleId] = modules[_m];\n \t\t\t\tbreak;\n \t\t\t}\n \t\t}\n \t\tif(parentJsonpFunction) parentJsonpFunction(chunkIds, moreModules);\n \t\twhile(callbacks.length)\n \t\t\tcallbacks.shift().call(null, __webpack_require__);\n \t\tif(moreModules[0]) {\n \t\t\tinstalledModules[0] = 0;\n \t\t\treturn __webpack_require__(0);\n \t\t}\n \t};\n\n \t// The module cache\n \tvar installedModules = {};\n\n \t// object to store loaded and loading chunks\n \t// \"0\" means \"already loaded\"\n \t// Array means \"loading\", array contains callbacks\n \tvar installedChunks = {\n \t\t31:0\n \t};\n\n \t// The require function\n \tfunction __webpack_require__(moduleId) {\n\n \t\t// Check if module is in cache\n \t\tif(installedModules[moduleId])\n \t\t\treturn installedModules[moduleId].exports;\n\n \t\t// Create a new module (and put it into the cache)\n \t\tvar module = installedModules[moduleId] = {\n \t\t\texports: {},\n \t\t\tid: moduleId,\n \t\t\tloaded: false\n \t\t};\n\n \t\t// Execute the module function\n \t\tmodules[moduleId].call(module.exports, module, module.exports, __webpack_require__);\n\n \t\t// Flag the module as loaded\n \t\tmodule.loaded = true;\n\n \t\t// Return the exports of the module\n \t\treturn module.exports;\n \t}\n\n \t// This file contains only the entry chunk.\n \t// The chunk loading function for additional chunks\n \t__webpack_require__.e = function requireEnsure(chunkId, callback) {\n \t\t// \"0\" is the signal for \"already loaded\"\n \t\tif(installedChunks[chunkId] === 0)\n \t\t\treturn callback.call(null, __webpack_require__);\n\n \t\t// an array means \"currently loading\".\n \t\tif(installedChunks[chunkId] !== undefined) {\n \t\t\tinstalledChunks[chunkId].push(callback);\n \t\t} else {\n \t\t\t// start chunk loading\n \t\t\tinstalledChunks[chunkId] = [callback];\n \t\t\tvar head = document.getElementsByTagName('head')[0];\n \t\t\tvar script = document.createElement('script');\n \t\t\tscript.type = 'text/javascript';\n \t\t\tscript.charset = 'utf-8';\n \t\t\tscript.async = true;\n\n \t\t\tscript.src = __webpack_require__.p + \"chunks/\" + chunkId + \".\" + {\"0\":\"285786eca84d7b7471ac\",\"1\":\"765e28a442160395e71a\",\"2\":\"f6372652ce6895fe1fad\",\"3\":\"31f4515503a814e0e3a3\",\"4\":\"ef9b48820b09477986b5\",\"5\":\"9049c2001a2f21930f78\",\"6\":\"ad092769b0983a6eec2a\",\"7\":\"b2e2b3f88a04f6b296dd\",\"8\":\"292c6a157d71f0b21b6f\",\"9\":\"8ad948dd393d38f07a7a\",\"10\":\"c1c9496ebfc8949f3de2\",\"11\":\"18f1cc16362b76373c40\",\"12\":\"f6b6e770dfe4a5949444\",\"13\":\"066b4d36814efa6c485f\",\"14\":\"72a6fc22c9b0cc8bcd14\",\"15\":\"7de380008f4ec6ea4b5b\",\"16\":\"cddb601c07a2df6564b2\",\"17\":\"26a29ec18e773c2be9b2\",\"18\":\"b7098bfe5401f75973fa\",\"19\":\"2061dca8438f415029a3\",\"20\":\"17e9e766625991aa0a7b\",\"21\":\"2b48c7e5fe59775d5eb3\",\"22\":\"2a919b7f6014457264e8\",\"23\":\"18bb4231e440e17f29a2\",\"24\":\"bb29ce250a1b77491420\",\"25\":\"6cb865e768a122d52b4d\",\"26\":\"2bd61452982a0d4de0a3\",\"27\":\"1872ae081edb64216589\",\"28\":\"1e240391cc0358805408\",\"29\":\"556152a9334761b0d972\",\"30\":\"a2eb870c6d29644ed9b5\",\"32\":\"92a026dcad120ccdf15f\",\"33\":\"6636c1fd8aec6fc072b8\"}[chunkId] + \".js\";\n \t\t\thead.appendChild(script);\n \t\t}\n \t};\n\n \t// expose the modules object (__webpack_modules__)\n \t__webpack_require__.m = modules;\n\n \t// expose the module cache\n \t__webpack_require__.c = installedModules;\n\n \t// __webpack_public_path__\n \t__webpack_require__.p = \"/static/\";\n\n\n\n/** WEBPACK FOOTER **\n ** webpack/bootstrap 47bc9a5c7fac4343d504\n **/"],"sourceRoot":""}

udata/tests/api/test_auth_api.py

@@ -59,6 +59,7 @@ def oauth(app, request):
         name="test-client",
         owner=UserFactory(),
         redirect_uris=["https://test.org/callback"],
+        secret="suchs3cr3t",
     )
     kwargs.update(custom_kwargs)
     return OAuth2Client.objects.create(**kwargs)
@@ -456,6 +457,93 @@ class APIAuthTest:
         assert response.content_type == "application/json"
         assert response.json == {"success": True}
 
+    @pytest.mark.oauth(secret=None)
+    def test_s256_code_challenge_success_no_client_secret(self, client, oauth):
+        """Authenticate through an OAuth client that has no secret associated (public client)"""
+        code_verifier = generate_token(48)
+        code_challenge = create_s256_code_challenge(code_verifier)
+
+        client.login()
+
+        response = client.post(
+            url_for(
+                "oauth.authorize",
+                response_type="code",
+                client_id=oauth.client_id,
+                code_challenge=code_challenge,
+                code_challenge_method="S256",
+            ),
+            {
+                "scope": "default",
+                "accept": "",
+            },
+        )
+        assert "code=" in response.location
+
+        params = dict(url_decode(urlparse.urlparse(response.location).query))
+        code = params["code"]
+
+        response = client.post(
+            url_for("oauth.token"),
+            {
+                "grant_type": "authorization_code",
+                "code": code,
+                "code_verifier": code_verifier,
+                "client_id": oauth.client_id,
+            },
+        )
+
+        assert200(response)
+        assert response.content_type == "application/json"
+        assert "access_token" in response.json
+
+        token = response.json["access_token"]
+
+        response = client.post(
+            url_for("api.fake"), headers={"Authorization": " ".join(["Bearer", token])}
+        )
+
+        assert200(response)
+        assert response.content_type == "application/json"
+        assert response.json == {"success": True}
+
+    def test_s256_code_challenge_missing_client_secret(self, client, oauth):
+        """Fail authentication through an OAuth client with missing secret"""
+        code_verifier = generate_token(48)
+        code_challenge = create_s256_code_challenge(code_verifier)
+
+        client.login()
+
+        response = client.post(
+            url_for(
+                "oauth.authorize",
+                response_type="code",
+                client_id=oauth.client_id,
+                code_challenge=code_challenge,
+                code_challenge_method="S256",
+            ),
+            {
+                "scope": "default",
+                "accept": "",
+            },
+        )
+        assert "code=" in response.location
+
+        params = dict(url_decode(urlparse.urlparse(response.location).query))
+        code = params["code"]
+
+        response = client.post(
+            url_for("oauth.token"),
+            {
+                "grant_type": "authorization_code",
+                "code": code,
+                "code_verifier": code_verifier,
+                "client_id": oauth.client_id,
+            },
+        )
+
+        assert401(response)
+
     def test_authorization_multiple_grant_token(self, client, oauth):
         for i in range(3):
             client.login()

udata/tests/api/test_reuses_api.py

@@ -2,6 +2,7 @@ from datetime import datetime
 
 import pytest
 from flask import url_for
+from werkzeug.test import TestResponse
 
 from udata.core.badges.factories import badge_factory
 from udata.core.dataset.factories import DatasetFactory
@@ -25,6 +26,11 @@ pytestmark = [
 ]
 
 
+def reuse_in_response(response: TestResponse, reuse: Reuse) -> bool:
+    only_reuse = [r for r in response.json["data"] if r["id"] == str(reuse.id)]
+    return len(only_reuse) > 0
+
+
 class ReuseAPITest:
     modules = []
 
@@ -88,6 +94,7 @@ class ReuseAPITest:
         # Keep only featured reuses (if any)
         data = [reuse for reuse in response.json["data"] if reuse["featured"]]
         assert len(data) == 0  # It did not return any featured reuse
+
         # filter on topic
         response = api.get(url_for("api.reuses", topic=topic_reuse.topic))
         assert200(response)
@@ -118,6 +125,104 @@ class ReuseAPITest:
         response = api.get(url_for("api.reuses", organization="org-id"))
         assert400(response)
 
+    def test_reuse_api_list_filter_private(self, api) -> None:
+        """Should filters reuses results based on the `private` filter"""
+        user = UserFactory()
+        public_reuse: Reuse = ReuseFactory()
+        private_reuse: Reuse = ReuseFactory(private=True, owner=user)
+
+        # Only public reuses for non-authenticated user.
+        response: TestResponse = api.get(url_for("api.reuses"))
+        assert200(response)
+        assert len(response.json["data"]) == 1
+        assert reuse_in_response(response, public_reuse)
+
+        # With an authenticated user.
+        api.login(user)
+        # all the reuses (by default)
+        response = api.get(url_for("api.reuses"))
+        assert200(response)
+        assert len(response.json["data"]) == 2  # Return everything
+        assert reuse_in_response(response, public_reuse)
+        assert reuse_in_response(response, private_reuse)
+
+        # only public
+        response = api.get(url_for("api.reuses", private="false"))
+        assert200(response)
+        assert len(response.json["data"]) == 1  # Don't return the private reuse
+        assert reuse_in_response(response, public_reuse)
+
+        # only private
+        response = api.get(url_for("api.reuses", private="true"))
+        assert200(response)
+        assert len(response.json["data"]) == 1  # Return only the private
+        assert reuse_in_response(response, private_reuse)
+
+    def test_reuse_api_list_filter_private_only_owned_by_user(self, api) -> None:
+        """Should only return private reuses that are owned."""
+        user = UserFactory()
+        member = Member(user=user, role="editor")
+        org = OrganizationFactory(members=[member])
+        private_owned: Reuse = ReuseFactory(private=True, owner=user)
+        private_owned_through_org: Reuse = ReuseFactory(private=True, organization=org)
+        private_not_owned: Reuse = ReuseFactory(private=True)
+
+        # Only public reuses for non-authenticated user.
+        response: TestResponse = api.get(url_for("api.reuses"))
+        assert200(response)
+        assert len(response.json["data"]) == 0
+
+        # With an authenticated user.
+        api.login(user)
+        response = api.get(url_for("api.reuses"))
+        assert200(response)
+        assert len(response.json["data"]) == 2  # Only the owned reuses
+        assert reuse_in_response(response, private_owned)
+        assert reuse_in_response(response, private_owned_through_org)
+        assert not reuse_in_response(response, private_not_owned)
+
+        # Still no private returned if `private=False`
+        response = api.get(url_for("api.reuses", private=False))
+        assert200(response)
+        assert len(response.json["data"]) == 0
+
+        # Still only return owned private reuses
+        response = api.get(url_for("api.reuses", private=True))
+        assert200(response)
+        assert len(response.json["data"]) == 2  # Only the owned reuses
+        assert reuse_in_response(response, private_owned)
+        assert reuse_in_response(response, private_owned_through_org)
+        assert not reuse_in_response(response, private_not_owned)
+
+    def test_reuse_api_list_filter_private_only_owned_by_user_no_user(self, api) -> None:
+        """Shouldn't return any private reuses for non logged in users."""
+        user = UserFactory()
+        member = Member(user=user, role="editor")
+        org = OrganizationFactory(members=[member])
+        public_owned: Reuse = ReuseFactory(owner=user)
+        public_not_owned: Reuse = ReuseFactory()
+        _private_owned: Reuse = ReuseFactory(private=True, owner=user)
+        _private_owned_through_org: Reuse = ReuseFactory(private=True, organization=org)
+        _private_not_owned: Reuse = ReuseFactory(private=True)
+
+        response: TestResponse = api.get(url_for("api.reuses"))
+        assert200(response)
+        assert len(response.json["data"]) == 2
+        assert reuse_in_response(response, public_owned)
+        assert reuse_in_response(response, public_not_owned)
+
+        # Still no private returned if `private=False`
+        response = api.get(url_for("api.reuses", private=False))
+        assert200(response)
+        assert len(response.json["data"]) == 2
+        assert reuse_in_response(response, public_owned)
+        assert reuse_in_response(response, public_not_owned)
+
+        # Still no private returned if `private=True`
+        response = api.get(url_for("api.reuses", private=True))
+        assert200(response)
+        assert len(response.json["data"]) == 0
+
     def test_reuse_api_get(self, api):
         """It should fetch a reuse from the API"""
         reuse = ReuseFactory()

udata/tests/test_cors.py

@@ -2,7 +2,8 @@ from datetime import datetime
 
 from flask import url_for
 
-from udata.core.dataset.factories import DatasetFactory
+from udata import assets
+from udata.core.dataset.factories import DatasetFactory, ResourceFactory
 from udata.tests.api import APITestCase
 from udata.tests.helpers import assert_status
 
@@ -10,6 +11,41 @@ from udata.tests.helpers import assert_status
 class CorsTest(APITestCase):
     modules = []
 
+    def test_cors_on_allowed_routes(self):
+        cors_headers = {
+            "Origin": "http://localhost",
+            "Access-Control-Request-Method": "GET",
+        }
+
+        dataset = DatasetFactory(resources=[ResourceFactory()])
+
+        # API Swagger
+        response = self.get(url_for("api.specs"), headers=cors_headers)
+        assert_status(response, 200)
+        assert "Access-Control-Allow-Origin" in response.headers
+
+        # API Dataset
+        response = self.get(url_for("api.dataset", dataset=dataset.id), headers=cors_headers)
+        assert_status(response, 200)
+        assert "Access-Control-Allow-Origin" in response.headers
+
+        # Resource permalink
+        response = self.get(f"/fr/datasets/r/{dataset.resources[0].id}", headers=cors_headers)
+        assert_status(response, 404)  # The route is defined in udata-front
+        assert "Access-Control-Allow-Origin" in response.headers
+
+        # Oauth
+        response = self.get("/oauth/", headers=cors_headers)
+        assert_status(response, 404)  # Oauth is defined in udata-front
+        assert "Access-Control-Allow-Origin" in response.headers
+
+        # Static
+        response = self.get(
+            assets.cdn_for("static", filename="my_static.css"), headers=cors_headers
+        )
+        assert_status(response, 404)  # Not available in APITestCase
+        assert "Access-Control-Allow-Origin" in response.headers
+
     def test_cors_redirects(self):
         dataset = DatasetFactory(title="Old title")
         old_slug = dataset.slug

udata/tests/test_discussions.py

@@ -2,8 +2,11 @@ from datetime import datetime
 
 import pytest
 from flask import url_for
+from werkzeug.test import TestResponse
 
+from udata.core.dataservices.factories import DataserviceFactory
 from udata.core.dataset.factories import DatasetFactory
+from udata.core.discussions.factories import DiscussionFactory
 from udata.core.discussions.metrics import update_discussions_metric  # noqa
 from udata.core.discussions.models import Discussion, Message
 from udata.core.discussions.notifications import discussions_notifications
@@ -19,8 +22,11 @@ from udata.core.discussions.tasks import (
     notify_new_discussion_comment,
 )
 from udata.core.organization.factories import OrganizationFactory
+from udata.core.organization.models import Organization
+from udata.core.reuse.factories import ReuseFactory
 from udata.core.spam.signals import on_new_potential_spam
 from udata.core.user.factories import AdminFactory, UserFactory
+from udata.core.user.models import User
 from udata.models import Dataset, Member
 from udata.tests.helpers import capture_mails
 from udata.utils import faker
@@ -358,6 +364,61 @@ class DiscussionsTest(APITestCase):
 
         self.assertEqual(len(response.json["data"]), len(discussions))
 
+    def assertIdIn(self, json_data: dict, id_: str) -> None:
+        for item in json_data:
+            if item["id"] == id_:
+                return
+        self.fail(f"id {id_} not in {json_data}")
+
+    def test_list_discussions_org_does_not_exist(self) -> None:
+        response: TestResponse = self.get(url_for("api.discussions", org="bad org id"))
+        self.assert404(response)
+
+    def test_list_discussions_org(self) -> None:
+        organization: Organization = OrganizationFactory()
+        user: User = UserFactory()
+        _discussion: Discussion = DiscussionFactory(user=user)
+        dataset = DatasetFactory(organization=organization)
+        dataservice = DataserviceFactory(organization=organization)
+        reuse = ReuseFactory(organization=organization)
+        discussion_for_dataset: Discussion = DiscussionFactory(subject=dataset, user=user)
+        discussion_for_dataservice: Discussion = DiscussionFactory(subject=dataservice, user=user)
+        discussion_for_reuse: Discussion = DiscussionFactory(subject=reuse, user=user)
+
+        response: TestResponse = self.get(url_for("api.discussions", org=organization.id))
+        self.assert200(response)
+        self.assertEqual(len(response.json["data"]), 3)
+        self.assertIdIn(response.json["data"], str(discussion_for_dataset.id))
+        self.assertIdIn(response.json["data"], str(discussion_for_dataservice.id))
+        self.assertIdIn(response.json["data"], str(discussion_for_reuse.id))
+
+    def test_list_discussions_sort(self) -> None:
+        user: User = UserFactory()
+        sorting_keys_dict: dict = {
+            "title": ["aaa", "bbb"],
+            "created": ["2023-12-12", "2024-01-01"],
+            "closed": ["2023-12-12", "2024-01-01"],
+        }
+        for sorting_key, values in sorting_keys_dict.items():
+            discussion1: Discussion = DiscussionFactory(user=user, **{sorting_key: values[0]})
+            discussion2: Discussion = DiscussionFactory(user=user, **{sorting_key: values[1]})
+
+            response: TestResponse = self.get(url_for("api.discussions", sort=sorting_key))
+            self.assert200(response)
+            self.assertEqual(len(response.json["data"]), 2)
+            self.assertEqual(response.json["data"][0]["id"], str(discussion1.id))
+            self.assertEqual(response.json["data"][1]["id"], str(discussion2.id))
+
+            # Reverse sort
+            response: TestResponse = self.get(url_for("api.discussions", sort="-" + sorting_key))
+            self.assert200(response)
+            self.assertEqual(len(response.json["data"]), 2)
+            self.assertEqual(response.json["data"][0]["id"], str(discussion2.id))
+            self.assertEqual(response.json["data"][1]["id"], str(discussion1.id))
+
+            # Clean slate
+            Discussion.objects.delete()
+
     def test_list_discussions_user(self):
         dataset = DatasetFactory()
         discussions = []

udata/tests/test_owned.py

@@ -3,14 +3,25 @@ from mongoengine import post_save
 import udata.core.owned as owned
 from udata.core.organization.factories import OrganizationFactory
 from udata.core.organization.models import Organization
-from udata.core.user.factories import UserFactory
+from udata.core.user.factories import AdminFactory, UserFactory
 from udata.core.user.models import User
+from udata.models import Member
 from udata.mongo import db
 from udata.tests import DBTestMixin, TestCase
 
 
+class CustomQuerySet(owned.OwnedQuerySet):
+    def visible(self):
+        return self(private__ne=True)
+
+
 class Owned(owned.Owned, db.Document):
     name = db.StringField()
+    private = db.BooleanField()
+
+    meta = {
+        "queryset_class": CustomQuerySet,
+    }
 
 
 class OwnedPostSave(owned.Owned, db.Document):
@@ -166,3 +177,91 @@ class OwnedQuerysetTest(DBTestMixin, TestCase):
 
         for owned_ in excluded:
             self.assertNotIn(owned_, result)
+
+    def test_visible_by_user(self) -> None:
+        admin: User = AdminFactory()
+        user: User = UserFactory()
+        member = Member(user=user, role="editor")
+        other_user: User = UserFactory()
+        org: Organization = OrganizationFactory(members=[member])
+        other_org: Organization = OrganizationFactory()
+        owned_by_user: Owned = Owned.objects.create(owner=user, name="owned_by_user")
+        owned_by_org: Owned = Owned.objects.create(organization=org, name="owned_by_org")
+        owned_by_other_user: Owned = Owned.objects.create(
+            owner=other_user, name="owned_by_other_user"
+        )
+        owned_by_other_org: Owned = Owned.objects.create(
+            organization=other_org, name="owned_by_other_org"
+        )
+        private_owned_by_user: Owned = Owned.objects.create(
+            owner=user, private=True, name="private_owned_by_user"
+        )
+        private_owned_by_org: Owned = Owned.objects.create(
+            organization=org, private=True, name="private_owned_by_org"
+        )
+        private_owned_by_other_user: Owned = Owned.objects.create(
+            owner=other_user, private=True, name="private_owned_by_other_user"
+        )
+        private_owned_by_other_org: Owned = Owned.objects.create(
+            organization=other_org, private=True, name="private_owned_by_other_org"
+        )
+
+        visible_by_user: list[Owned] = [
+            owned_by_user,
+            owned_by_org,
+            owned_by_other_user,
+            owned_by_other_org,
+            private_owned_by_user,
+            private_owned_by_org,
+        ]
+        visible_by_other_user: list[Owned] = [
+            private_owned_by_other_user,
+            private_owned_by_other_org,
+        ]
+
+        # Admin can view everything.
+        result: owned.OwnedQuerySet = Owned.objects.visible_by_user(
+            admin, Owned.objects.visible()._query_obj
+        )
+        # 4 public + 1 private owned by user + 1 private owned by the user's org.
+        self.assertEqual(len(result), 8)
+        for owned_ in visible_by_user + visible_by_other_user:
+            self.assertIn(owned_, result)
+
+        result = Owned.objects.visible_by_user(user, Owned.objects.visible()._query_obj)
+        # 4 public + 1 private owned by user + 1 private owned by the user's org.
+        self.assertEqual(len(result), 6)
+        for owned_ in visible_by_user:
+            self.assertIn(owned_, result)
+
+        # `.visible_by_user` does not reset other queries.
+        result = Owned.objects(name="owned_by_user").visible_by_user(
+            user, Owned.objects.visible()._query_obj
+        )
+        self.assertEqual(len(result), 1)
+        self.assertIn(owned_by_user, result)
+        result = Owned.objects.visible_by_user(user, Owned.objects.visible()._query_obj).filter(
+            name="owned_by_user"
+        )
+        self.assertEqual(len(result), 1)
+        self.assertIn(owned_by_user, result)
+
+        result = Owned.objects(name="private_owned_by_user").visible_by_user(
+            user, Owned.objects.visible()._query_obj
+        )
+        self.assertEqual(len(result), 1)
+        self.assertIn(private_owned_by_user, result)
+        result = Owned.objects.visible_by_user(user, Owned.objects.visible()._query_obj).filter(
+            name="private_owned_by_user"
+        )
+        self.assertEqual(len(result), 1)
+        self.assertIn(private_owned_by_user, result)
+
+        result = Owned.objects(name="private_owned_by_other_user").visible_by_user(
+            user, Owned.objects.visible()._query_obj
+        )
+        self.assertEqual(len(result), 0)
+        result = Owned.objects.visible_by_user(user, Owned.objects.visible()._query_obj).filter(
+            name="private_owned_by_other_user"
+        )
+        self.assertEqual(len(result), 0)

{udata-9.1.5.dev31391.dist-info → udata-9.2.2.dev31715.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: udata
-Version: 9.1.5.dev31391
+Version: 9.2.2.dev31715
 Summary: Open data portal
 Home-page: https://github.com/opendatateam/udata
 Author: Opendata Team
@@ -140,7 +140,24 @@ It is collectively taken care of by members of the
 
 ## Current (in progress)
 
+- Add a filter on organization and document sort parameters in the `/discussions` endpoint [#3147](https://github.com/opendatateam/udata/pull/3147)
+- Move discussion catalog creation and add fields [#3152](https://github.com/opendatateam/udata/pull/3152) and [#3154](https://github.com/opendatateam/udata/pull/3154)
+- Add resources formats and harvest remote_url on dataset catalog [#3159](https://github.com/opendatateam/udata/pull/3159)
+
+## 9.2.1 (2024-09-23)
+
+- Enable basic search on dataservices [#3148](https://github.com/opendatateam/udata/pull/3148)
+
+## 9.2.0 (2024-09-13)
+
+- Allow OAuth clients without secrets [#3138](https://github.com/opendatateam/udata/pull/3138)
+- Add a `archived` button for datasets and reuses on frontend admin [#3104](https://github.com/opendatateam/udata/pull/3104)
+- **breaking change** Return all the reuses available to a user on the /reuses endpoint, including the private and deleted ones they own [#3140](https://github.com/opendatateam/udata/pull/3140).
 - Fix undelete reuse and dataservices [#3141](https://github.com/opendatateam/udata/pull/3141)
+- Add a minimal publiccode.yml [#3144](https://github.com/opendatateam/udata/pull/3144)
+- Fix the boolean filters in the API for the "new system" endpoints [#3139](https://github.com/opendatateam/udata/pull/3139)
+- Update authlib dependency from 0.14.3 to 1.3.1 [#3135](https://github.com/opendatateam/udata/pull/3135)
+- Add CORS on resource redirect [#3145](https://github.com/opendatateam/udata/pull/3145)
 
 ## 9.1.4 (2024-08-26)
 
@@ -156,8 +173,6 @@ It is collectively taken care of by members of the
 - Always add Vary even for non CORS requests [#3132](https://github.com/opendatateam/udata/pull/3132)
 - Add acronym in organization csv catalog [#3134](https://github.com/opendatateam/udata/pull/3134)
 - Limit the number of user suggestions [#3131](https://github.com/opendatateam/udata/pull/3131)
-- Update authlib dependency from 0.14.3 to 1.3.1 [#3135](https://github.com/opendatateam/udata/pull/3135)
-- Fix the boolean filters in the API for the "new system" endpoints [#3139](https://github.com/opendatateam/udata/pull/3139)
 
 ## 9.1.3 (2024-08-01)