miniblog.models

miniblog.models.pretty_date(time=None)

Get a datetime object or a int() Epoch timestamp and return a pretty string like ‘an hour ago’, ‘Yesterday’, ‘3 months ago’, ‘just now’, etc

miniblog.models.get_categories(*arg, **kw)

Get a list of all categories. Uses caching for quicker results.

miniblog.models.get_recent_posts(*arg, **kw)

Get a list of recent posts. Uses caching for quicker results.

Args:

count: Number of recent posts to retrieve. Default: 7

Returns:

A list of Entry which are the most recent posts.

miniblog.models.userfinder(id_, request)

Pass in the email address and only return the administrator principal if id_ matches the configuration value admin_email

class miniblog.models.Entry(title, text, category_name=None)

A single blog entry.

Attrs:

id: ID of the entry, used in URLs for instance.

title: The title of the entry, rendered as <h1>-Tag in template.

_text: The raw markdown text. Use Entry.text instead.

entry_time: The the entry was made.

category_name: Primary key of Category and the name of the category this article belongs to.

category: Full access to the associated Category.

pretty_date

Return a date string according to the :func:pretty_date function.

text

A markdown rendered html string as the article text.

The markdown text from the database is first escaped and then parsed by markdown. Is a property, thus usage is entry.text _not_ entry.text()

trimmed_text

Same as Entry.text but only the first two paragraphs.

class miniblog.models.Category(name)

A category in the blog.

Attrs:

name: The name of the category.

class miniblog.models.RootFactory(request)

A simple factory for the ACL/Authorization system.

miniblog.models.mutated_additional_data(func)

A decorator to track mutation and propagate it to the database.

The decorator is to be used on all functions that change the value of the Session.additional_data dict. Functions like set or pop need this decorator to ensure the changes are afterwards propagated into the database.

From an implementation point it just sets the complete dictionary as a new value.

class miniblog.models.MutableDict

Make a mutable dict for SQLAlchemy’s PickleType.

Usage:

class MyModel(Base):
    my_data = Column('additional_data',
                     MutableDict.as_mutable(PickleType))

class miniblog.models.Session(request)

A session object for pyramid sessions.

Implements the pyramid.interfaces.ISession interface. While it uses a database to store the session, the session id is stored in the cookie. Howevever, under certain conditions the data might be accessed after the request was processed and then the object may be detached from the database session. Thus a caching mechanism is implemented that locally keeps the relevant copies. It tries to fetch values from the database and if a sqlalchemy.orm.exc.DetachedInstanceError occurs, it just returns a default (empty) value.

Attrs:

id: The session id, a 20 byte hex string matching the one stored on the users end in a cookie, e.g. 298f74562fa2c2abfd158725d6e40fdb88cc6503.

created: A unix timestamp of when the cookie was created. The database stores a datetime.datetime object that can be accessed through the internal _created attribute if needed.

csrf_token: On creation a CSRF token is automatically created. This can be used to prevent CSRF attacks (see OWASP for details).

Note

Make sure this is used where needed as it prevents security problems.

additional_data: Don’t access this directy, use the session object itself as a dictionary (as specified by the ISession interface).

message_queue: A list of flash messages of type SessionMessage. Use it as per interface definition.

Note

This does not implement the caching mechanism so lazy loading might be a problem. However, since all messages are eagerly loaded, it should not be a problem.

new: Whether this is a new session.

cache_*: These attributes are cache managed. Don’t access them directly. Ever.

changed()

Does not need to be implemented as mutation tracking is automatic.

configure(cookie, on_exception, secure, httponly, path, name, max_age, domain)

Store configuration for cookie

db_names = ['id', 'csrf_token', 'additional_data']

List of names that are handled dynamically by a cache

defaults = {'csrf_token': '', 'additional_data': {}, 'id': ''}

Default values for specific attributes to be returned if the session is detached.

flash(msg, queue='', allow_duplicate=True)

Store a given message in the flash queue.

Args:

msg: unicode string to be stored as the message.

queue: Optionally a queue name. This may be used to implement a different error queue. By default it is empty ('').

allow_duplicate: Whether the same message is allowed. If set to False, the message will not be added a second time if it is already present.

get_csrf_token()

Return the current csrf token.

invalidate()

Invalidate the current session.

Remove the object from the database and delete the cookie on the client side. The actual deletion is done by _set_cookie() with a request callback. Here, only the _delete_cookie value is set to True.

new_csrf_token()

Generate a new csrf token and store it in the database.

peek_flash(queue='')

Same as pop_flash() but does not delete elements.

pop_flash(queue='')

Retrieve a list of messages for a given queue.

Messages are removed from the database after they were retrieved.

Args:

queue: A specific queue from which the messages should be fetched. If not specified, the default queue is used.

class miniblog.models.SessionMessage(msg, queue='')

A single message from a specific queue and a specific session.

Attrs:

id: ID of the message. Only needed as primary key

session_id: Foreign key of the session.id column.

message: String with the message to display to the user.

queue: The queue to which the message belongs. Default: ''

miniblog.models.get_session(request)

Session factory for use in app configuration.

Usage:

from mtc3.models.session import get_session
config = Configurator(session_factory=get_session)

miniblog.models.create_session(secret, request)

For a secret and a request create a new session and cookie.

Args:

secret: A unicode string with the configured secret.

request: The current request.

Returns:

A tuple (session, cookie) where session is of type Session and cookie is the cookie value which should be set on the client side cookie.

miniblog.models.calc_digest(secret, session_id, timestamp)

Calculate a signature in the form of an HMAC for the cookie.

Args:

secret: Configured secret for session signature.

session_id: The id of the user’s session.

timestamp: An int denoting the Session.created value.

Returns:

A hex-string with the calculated HMAC hash.

miniblog.models.get_cookie_settings(request)

Retrieve settings from configuration.

Only mandatory setting: session.secret.