Last active
August 29, 2015 14:12
-
-
Save pawl/5f28c3af3c757551913b to your computer and use it in GitHub Desktop.
Test CSRF on new editable list view feature for flask-admin
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from flask.ext.mongoengine import MongoEngine | |
| import flask_wtf | |
| from datetime import date, datetime, time | |
| from flask import Flask, request | |
| from flask.ext.admin.contrib.mongoengine import ModelView | |
| from flask.ext.admin import expose, Admin, AdminIndexView | |
| app = Flask(__name__) | |
| app.config['CSRF_ENABLED'] = True | |
| app.config['SECRET_KEY'] = 'secret' | |
| app.config['MONGODB_SETTINGS'] = {'DB': 'testing'} | |
| # Create models | |
| db = MongoEngine() | |
| db.init_app(app) | |
| class Model1(db.Document): | |
| test1 = db.StringField(max_length=20) | |
| test2 = db.StringField(max_length=20) | |
| test3 = db.StringField() | |
| test4 = db.StringField() | |
| datetime_field = db.DateTimeField() | |
| int_field = db.IntField() | |
| bool_field = db.BooleanField() | |
| def __str__(self): | |
| return self.test1 | |
| class ModelAdmin(ModelView): | |
| column_filters = ['test1', 'test2', 'test3', 'test4', 'datetime_field', 'int_field', 'bool_field'] | |
| column_editable_list = ['test1', 'test2', 'test3', 'test4', 'datetime_field', 'int_field', 'bool_field'] | |
| form_base_class = flask_wtf.Form | |
| admin = Admin(app, template_mode="bootstrap3") | |
| admin.add_view(ModelAdmin(Model1)) | |
| def build_sample_db(): | |
| Model1('model_bool', bool_field=True).save() | |
| Model1('model1_obj2',).save() | |
| Model1('model1_obj3', test2=u"blah").save() | |
| Model1('model1_obj4', test3="blah").save() | |
| Model1('model1_obj5', test4=u"blah").save() | |
| Model1('datetime_obj1', datetime_field=datetime(2014,4,3,1,9,0)).save() | |
| Model1('int_obj1', int_field=5000).save() | |
| Model1('int_obj2', int_field=9000).save() | |
| if __name__ == '__main__': | |
| build_sample_db() | |
| app.run(host="0.0.0.0", port=5001, debug=True) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import peewee | |
| import flask_wtf | |
| from datetime import date, datetime, time | |
| from flask import Flask, request | |
| from flask.ext.sqlalchemy import SQLAlchemy | |
| from flask.ext.admin.contrib.peewee import ModelView | |
| from flask.ext.admin import expose, Admin, AdminIndexView | |
| app = Flask(__name__) | |
| app.config['CSRF_ENABLED'] = True | |
| app.config['SECRET_KEY'] = 'secret' | |
| db = peewee.SqliteDatabase('test_peewee.sqlite', check_same_thread=False) | |
| class BaseModel(peewee.Model): | |
| class Meta: | |
| database = db | |
| class Model1(BaseModel): | |
| def __init__(self, test1=None, test2=None, test3=None, test4=None, | |
| date_field=None, timeonly_field=None, | |
| datetime_field=None, int_field=None, bool_field=0): | |
| super(Model1, self).__init__() | |
| self.test1 = test1 | |
| self.test2 = test2 | |
| self.test3 = test3 | |
| self.test4 = test4 | |
| self.date_field = date_field | |
| self.timeonly_field = timeonly_field | |
| self.datetime_field = datetime_field | |
| self.int_field = int_field | |
| self.bool_field = bool_field | |
| test1 = peewee.CharField(max_length=20) | |
| test2 = peewee.CharField(max_length=20, null=True) | |
| test3 = peewee.TextField(null=True) | |
| test4 = peewee.TextField(null=True) | |
| date_field = peewee.DateField(null=True) | |
| timeonly_field = peewee.TimeField(null=True) | |
| datetime_field = peewee.DateTimeField(null=True) | |
| int_field = peewee.IntegerField(null=True) | |
| bool_field = peewee.BooleanField() | |
| def __str__(self): | |
| return self.test1 | |
| class Model2(BaseModel): | |
| def __init__(self, char_field=None, int_field=None, float_field=None, | |
| bool_field=0): | |
| super(Model2, self).__init__() | |
| self.char_field = char_field | |
| self.int_field = int_field | |
| self.float_field = float_field | |
| self.bool_field = bool_field | |
| char_field = peewee.CharField(max_length=20) | |
| int_field = peewee.IntegerField(null=True) | |
| float_field = peewee.FloatField(null=True) | |
| bool_field = peewee.BooleanField(null=True) | |
| # Relation | |
| model1 = peewee.ForeignKeyField(Model1, null=True) | |
| class ModelAdmin(ModelView): | |
| column_filters = ['datetime_field', 'date_field', 'test1', 'test2', 'test3', 'test4', 'timeonly_field'] | |
| column_editable_list = ['test1', 'test2', 'test3', 'test4', 'int_field', 'timeonly_field', 'date_field', 'datetime_field'] | |
| form_base_class = flask_wtf.Form | |
| class Model2Admin(ModelView): | |
| column_editable_list = ['char_field', 'int_field', 'bool_field', 'enum_field', 'float_field', 'model1'] | |
| admin = Admin(app, template_mode="bootstrap3") | |
| admin.add_view(ModelAdmin(Model1)) | |
| admin.add_view(Model2Admin(Model2)) | |
| def build_sample_db(): | |
| try: | |
| Model1.create_table() | |
| except: | |
| pass | |
| try: | |
| Model2.create_table() | |
| except: | |
| pass | |
| Model1('model_bool', bool_field=True).save() | |
| Model1('model1_obj2',).save() | |
| Model1('model1_obj3', test2=u"blah").save() | |
| Model1('model1_obj4', test3="blah").save() | |
| Model1('model1_obj5', test4=u"blah").save() | |
| Model1('date_obj1', date_field=date(2014,11,17)).save() | |
| Model1('time_obj1', timeonly_field=time(11,10,9)).save() | |
| Model1('datetime_obj1', datetime_field=datetime(2014,4,3,1,9,0)).save() | |
| Model1('int_obj1', int_field=5000).save() | |
| Model1('int_obj2', int_field=9000).save() | |
| Model2('char_field_val_1', None, None).save() | |
| Model2('char_field_val_2', None, None).save() | |
| Model2('char_field_val_3', 5000, 25.9).save() | |
| Model2('char_field_val_4', 9000, 75.5).save() | |
| if __name__ == '__main__': | |
| build_sample_db() | |
| app.run(host="0.0.0.0", port=5001, debug=True) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import flask_wtf | |
| from datetime import date, datetime, time | |
| from flask import Flask, request | |
| from flask.ext.sqlalchemy import SQLAlchemy | |
| from flask.ext.admin.contrib import sqla | |
| from flask.ext.admin import expose, Admin, AdminIndexView | |
| app = Flask(__name__) | |
| app.config['DATABASE_FILE'] = 'sample_db.sqlite' | |
| app.config['SECRET_KEY'] = 'secret' | |
| app.config['CSRF_ENABLED'] = True | |
| app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///' + app.config['DATABASE_FILE'] | |
| db = SQLAlchemy(app) | |
| class Model1(db.Model): | |
| def __init__(self, test1=None, test2=None, test3=None, test4=None, | |
| bool_field=False, date_field=None, time_field=None, datetime_field=None, | |
| int_field=None, enum_field=None): | |
| self.test1 = test1 | |
| self.test2 = test2 | |
| self.test3 = test3 | |
| self.test4 = test4 | |
| self.bool_field = bool_field | |
| self.date_field = date_field | |
| self.time_field = time_field | |
| self.datetime_field = datetime_field | |
| self.int_field = int_field | |
| self.enum_field = enum_field | |
| id = db.Column(db.Integer, primary_key=True) | |
| test1 = db.Column(db.String(20)) | |
| test2 = db.Column(db.Unicode(20)) | |
| test3 = db.Column(db.Text) | |
| test4 = db.Column(db.UnicodeText) | |
| date_field = db.Column(db.Date) | |
| time_field = db.Column(db.Time) | |
| datetime_field = db.Column(db.DateTime) | |
| bool_field = db.Column(db.Boolean) | |
| enum_field = db.Column(db.Enum('model1_v1', 'model1_v2'), nullable=True) | |
| int_field = db.Column(db.Integer) | |
| def __unicode__(self): | |
| return self.test1 | |
| def __str__(self): | |
| return self.test1 | |
| class Model2(db.Model): | |
| def __init__(self, string_field=None, int_field=None, bool_field=None, | |
| model1=None, float_field=None): | |
| self.string_field = string_field | |
| self.int_field = int_field | |
| self.bool_field = bool_field | |
| self.model1 = model1 | |
| self.float_field = float_field | |
| id = db.Column(db.Integer, primary_key=True) | |
| string_field = db.Column(db.String) | |
| int_field = db.Column(db.Integer) | |
| bool_field = db.Column(db.Boolean) | |
| enum_field = db.Column(db.Enum('model2_v1', 'model2_v2'), nullable=True) | |
| float_field = db.Column(db.Float) | |
| # Relation | |
| model1_id = db.Column(db.Integer, db.ForeignKey(Model1.id)) | |
| model1 = db.relationship(Model1, backref='model2') | |
| class ModelAdmin(sqla.ModelView): | |
| column_filters = ['datetime_field', 'date_field', 'test1', 'test2', 'test3', 'test4', 'bool_field', 'time_field', 'int_field'] | |
| column_editable_list = ['test1', 'test2', 'test3', 'test4', 'int_field', 'bool_field', 'enum_field', 'time_field', 'date_field', 'datetime_field'] | |
| form_base_class = flask_wtf.Form | |
| class Model2Admin(sqla.ModelView): | |
| column_editable_list = ['string_field', 'int_field', 'bool_field', 'enum_field', 'float_field', 'model1'] | |
| admin = Admin(app, template_mode="bootstrap3") | |
| admin.add_view(ModelAdmin(Model1, db.session)) | |
| admin.add_view(Model2Admin(Model2, db.session)) | |
| def build_sample_db(): | |
| db.drop_all() | |
| db.create_all() | |
| model_bool = Model1('model_bool', bool_field=True) | |
| model1_obj2 = Model1('model1_obj2',) | |
| model1_obj3 = Model1('model1_obj3', test2=u"blah") | |
| model1_obj4 = Model1('model1_obj4', test3="blah") | |
| model1_obj5 = Model1('model1_obj5', test4=u"blah") | |
| date_obj1 = Model1('date_obj1', date_field=date(2014,11,17)) | |
| time_obj1 = Model1('time_obj1', time_field=time(11,10,9)) | |
| datetime_obj1 = Model1('datetime_obj1', datetime_field=datetime(2014,4,3,1,9,0)) | |
| int_obj1 = Model1('int_obj1', int_field=5000) | |
| int_obj2 = Model1('int_obj2', int_field=9000) | |
| model2_obj1 = Model2('test2_val_1', model1=model1_obj2, float_field=None) | |
| model2_obj2 = Model2('test2_val_2', model1=model1_obj3, float_field=None) | |
| model2_obj3 = Model2('test2_val_3', int_field=5000, float_field=25.9) | |
| model2_obj4 = Model2('test2_val_4', int_field=9000, float_field=75.5) | |
| enum_obj1 = Model1('enum_obj1', enum_field="model1_v1") | |
| enum_obj2 = Model1('enum_obj2', enum_field="model1_v2") | |
| db.session.add_all([ | |
| model_bool, model1_obj2, model1_obj3, model1_obj4, model1_obj5, | |
| model2_obj1, model2_obj2, model2_obj3, model2_obj4, enum_obj1, enum_obj2, | |
| date_obj1, time_obj1, datetime_obj1, int_obj1, int_obj2 | |
| ]) | |
| db.session.commit() | |
| if __name__ == '__main__': | |
| build_sample_db() | |
| app.run(host="0.0.0.0", port=5001, debug=True) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment