/servicios_web/gae/django-guestbook/src/django/contrib/formtools/utils.py

https://github.com/crisbar/curso_python_dga_11 · Python · 63 lines · 38 code · 9 blank · 16 comment · 16 complexity · c824cef34e0b9aa3ee262428786a936d MD5 · raw file 

    

  1. try:

    2. 

  2.     import cPickle as pickle

    3. 

  3. except ImportError:

    4. 

  4.     import pickle

    5. 

  5. 

    6. 

  6. from django.conf import settings

    7. 

  7. from django.forms import BooleanField

    8. 

  8. from django.utils.crypto import salted_hmac

    9. 

  9. from django.utils.hashcompat import md5_constructor

    10. 

  10. 

    11. 

  11. 

    12. 

  12. def security_hash(request, form, *args):

    13. 

  13.     """

    14. 

  14.     Calculates a security hash for the given Form instance.

    15. 

  15. 

    16. 

  16.     This creates a list of the form field names/values in a deterministic

    17. 

  17.     order, pickles the result with the SECRET_KEY setting, then takes an md5

    18. 

  18.     hash of that.

    19. 

  19.     """

    20. 

  20.     import warnings

    21. 

  21.     warnings.warn("security_hash is deprecated; use form_hmac instead",

    22. 

  22.                   PendingDeprecationWarning)

    23. 

  23.     data = []

    24. 

  24.     for bf in form:

    25. 

  25.         # Get the value from the form data. If the form allows empty or hasn't

    26. 

  26.         # changed then don't call clean() to avoid trigger validation errors.

    27. 

  27.         if form.empty_permitted and not form.has_changed():

    28. 

  28.             value = bf.data or ''

    29. 

  29.         else:

    30. 

  30.             value = bf.field.clean(bf.data) or ''

    31. 

  31.         if isinstance(value, basestring):

    32. 

  32.             value = value.strip()

    33. 

  33.         data.append((bf.name, value))

    34. 

  34.         

    35. 

  35.     data.extend(args)

    36. 

  36.     data.append(settings.SECRET_KEY)

    37. 

  37. 

    38. 

  38.     # Use HIGHEST_PROTOCOL because it's the most efficient. It requires

    39. 

  39.     # Python 2.3, but Django requires 2.4 anyway, so that's OK.

    40. 

  40.     pickled = pickle.dumps(data, pickle.HIGHEST_PROTOCOL)

    41. 

  41. 

    42. 

  42.     return md5_constructor(pickled).hexdigest()

    43. 

  43. 

    44. 

  44. 

    45. 

  45. def form_hmac(form):

    46. 

  46.     """

    47. 

  47.     Calculates a security hash for the given Form instance.

    48. 

  48.     """

    49. 

  49.     data = []

    50. 

  50.     for bf in form:

    51. 

  51.         # Get the value from the form data. If the form allows empty or hasn't

    52. 

  52.         # changed then don't call clean() to avoid trigger validation errors.

    53. 

  53.         if form.empty_permitted and not form.has_changed():

    54. 

  54.             value = bf.data or ''

    55. 

  55.         else:

    56. 

  56.             value = bf.field.clean(bf.data) or ''

    57. 

  57.         if isinstance(value, basestring):

    58. 

  58.             value = value.strip()

    59. 

  59.         data.append((bf.name, value))

    60. 

  60. 

    61. 

  61.     pickled = pickle.dumps(data, pickle.HIGHEST_PROTOCOL)

    62. 

  62.     key_salt = 'django.contrib.formtools'

    63. 

  63.     return salted_hmac(key_salt, pickled).hexdigest()
    64.