# HG changeset patch
# User Marcin Kuzminski <marcin@rhodecode.com>
# Date 2017-07-12 20:54:14
# Node ID 1eaf71e3fbff24593eb191ff6614e52e9b1356a8
# Parent  741dca9b27244945a956391897dc5aae6a13776d

dependencies: bumped pyramid to 1.9 webob to 1.7.3 and webtest to 2.0.27

- fixed some core tests for new webob/webtest
- changed core methods to make them more pyramid compat.

diff --git a/pkgs/python-packages.nix b/pkgs/python-packages.nix
--- a/pkgs/python-packages.nix
+++ b/pkgs/python-packages.nix
@@ -302,26 +302,26 @@
     };
   };
   WebOb = super.buildPythonPackage {
-    name = "WebOb-1.3.1";
+    name = "WebOb-1.7.3";
     buildInputs = with self; [];
     doCheck = false;
     propagatedBuildInputs = with self; [];
     src = fetchurl {
-      url = "https://pypi.python.org/packages/16/78/adfc0380b8a0d75b2d543fa7085ba98a573b1ae486d9def88d172b81b9fa/WebOb-1.3.1.tar.gz";
-      md5 = "20918251c5726956ba8fef22d1556177";
+      url = "https://pypi.python.org/packages/46/87/2f96d8d43b2078fae6e1d33fa86b95c228cebed060f4e3c7576cc44ea83b/WebOb-1.7.3.tar.gz";
+      md5 = "350028baffc508e3d23c078118e35316";
     };
     meta = {
       license = [ pkgs.lib.licenses.mit ];
     };
   };
   WebTest = super.buildPythonPackage {
-    name = "WebTest-1.4.3";
+    name = "WebTest-2.0.27";
     buildInputs = with self; [];
     doCheck = false;
-    propagatedBuildInputs = with self; [WebOb];
+    propagatedBuildInputs = with self; [six WebOb waitress beautifulsoup4];
     src = fetchurl {
-      url = "https://pypi.python.org/packages/51/3d/84fd0f628df10b30c7db87895f56d0158e5411206b721ca903cb51bfd948/WebTest-1.4.3.zip";
-      md5 = "631ce728bed92c681a4020a36adbc353";
+      url = "https://pypi.python.org/packages/80/fa/ca3a759985c72e3a124cbca3e1f8a2e931a07ffd31fd45d8f7bf21cb95cf/WebTest-2.0.27.tar.gz";
+      md5 = "54e6515ac71c51b6fc90179483c749ad";
     };
     meta = {
       license = [ pkgs.lib.licenses.mit ];
@@ -431,6 +431,19 @@
       license = [ pkgs.lib.licenses.mit ];
     };
   };
+  beautifulsoup4 = super.buildPythonPackage {
+    name = "beautifulsoup4-4.6.0";
+    buildInputs = with self; [];
+    doCheck = false;
+    propagatedBuildInputs = with self; [];
+    src = fetchurl {
+      url = "https://pypi.python.org/packages/fa/8d/1d14391fdaed5abada4e0f63543fef49b8331a34ca60c88bd521bcf7f782/beautifulsoup4-4.6.0.tar.gz";
+      md5 = "c17714d0f91a23b708a592cb3c697728";
+    };
+    meta = {
+      license = [ pkgs.lib.licenses.mit ];
+    };
+  };
   bleach = super.buildPythonPackage {
     name = "bleach-1.5.0";
     buildInputs = with self; [];
@@ -990,6 +1003,19 @@
       license = [ pkgs.lib.licenses.bsdOriginal ];
     };
   };
+  hupper = super.buildPythonPackage {
+    name = "hupper-1.0";
+    buildInputs = with self; [];
+    doCheck = false;
+    propagatedBuildInputs = with self; [];
+    src = fetchurl {
+      url = "https://pypi.python.org/packages/2e/07/df892c564dc09bb3cf6f6deb976c26adf9117db75ba218cb4353dbc9d826/hupper-1.0.tar.gz";
+      md5 = "26e77da7d5ac5858f59af050d1a6eb5a";
+    };
+    meta = {
+      license = [ pkgs.lib.licenses.mit ];
+    };
+  };
   kombu = super.buildPythonPackage {
     name = "kombu-1.5.1";
     buildInputs = with self; [];
@@ -1211,6 +1237,32 @@
       license = [ pkgs.lib.licenses.mit ];
     };
   };
+  plaster = super.buildPythonPackage {
+    name = "plaster-0.5";
+    buildInputs = with self; [];
+    doCheck = false;
+    propagatedBuildInputs = with self; [setuptools];
+    src = fetchurl {
+      url = "https://pypi.python.org/packages/99/b3/d7ca1fe31d2b56dba68a238721fda6820770f9c2a3de17a582d4b5b2edcc/plaster-0.5.tar.gz";
+      md5 = "c59345a67a860cfcaa1bd6a81451399d";
+    };
+    meta = {
+      license = [ pkgs.lib.licenses.mit ];
+    };
+  };
+  plaster-pastedeploy = super.buildPythonPackage {
+    name = "plaster-pastedeploy-0.4.1";
+    buildInputs = with self; [];
+    doCheck = false;
+    propagatedBuildInputs = with self; [PasteDeploy plaster];
+    src = fetchurl {
+      url = "https://pypi.python.org/packages/9d/6e/f8be01ed41c94e6c54ac97cf2eb142a702aae0c8cce31c846f785e525b40/plaster_pastedeploy-0.4.1.tar.gz";
+      md5 = "f48d5344b922e56c4978eebf1cd2e0d3";
+    };
+    meta = {
+      license = [ pkgs.lib.licenses.mit ];
+    };
+  };
   prompt-toolkit = super.buildPythonPackage {
     name = "prompt-toolkit-1.0.14";
     buildInputs = with self; [];
@@ -1368,13 +1420,13 @@
     };
   };
   pyramid = super.buildPythonPackage {
-    name = "pyramid-1.7.4";
+    name = "pyramid-1.9";
     buildInputs = with self; [];
     doCheck = false;
-    propagatedBuildInputs = with self; [setuptools WebOb repoze.lru zope.interface zope.deprecation venusian translationstring PasteDeploy];
+    propagatedBuildInputs = with self; [setuptools WebOb repoze.lru zope.interface zope.deprecation venusian translationstring PasteDeploy plaster plaster-pastedeploy hupper];
     src = fetchurl {
-      url = "https://pypi.python.org/packages/33/91/55f5c661f8923902cd1f68d75f2b937c45e7682857356cf18f0be5493899/pyramid-1.7.4.tar.gz";
-      md5 = "6ef1dfdcff9136d04490410757c4c446";
+      url = "https://pypi.python.org/packages/b0/73/715321e129334f3e41430bede877620175a63ed075fd5d1fd2c25b7cb121/pyramid-1.9.tar.gz";
+      md5 = "aa6c7c568f83151af51eb053ac633bc4";
     };
     meta = {
       license = [ { fullName = "Repoze Public License"; } { fullName = "BSD-derived (http://www.repoze.org/LICENSE.txt)"; } ];
diff --git a/requirements.txt b/requirements.txt
--- a/requirements.txt
+++ b/requirements.txt
@@ -58,7 +58,7 @@ pyramid-beaker==0.8
 pyramid-debugtoolbar==3.0.5
 pyramid-jinja2==2.5
 pyramid-mako==1.0.2
-pyramid==1.7.4
+pyramid==1.9.0
 pysqlite==2.8.3
 python-dateutil==2.1
 python-ldap==2.4.40
@@ -86,7 +86,7 @@ venusian==1.1.0
 WebError==0.10.3
 WebHelpers2==2.0
 WebHelpers==1.3
-WebOb==1.3.1
+WebOb==1.7.3
 Whoosh==2.7.4
 wsgiref==0.1.2
 zope.cachedescriptors==4.0.0
diff --git a/requirements_test.txt b/requirements_test.txt
--- a/requirements_test.txt
+++ b/requirements_test.txt
@@ -10,6 +10,6 @@ gprof2dot==2016.10.13
 pytest-timeout==1.2.0
 
 mock==1.0.1
-WebTest==1.4.3
+WebTest==2.0.27
 cov-core==1.15.0
 coverage==3.7.1
diff --git a/rhodecode/config/middleware.py b/rhodecode/config/middleware.py
--- a/rhodecode/config/middleware.py
+++ b/rhodecode/config/middleware.py
@@ -111,14 +111,6 @@ def make_app(global_conf, static_files=T
 
     # The Pylons WSGI app
     app = PylonsApp(config=config)
-    if rhodecode.is_test:
-        app = csrf.CSRFDetector(app)
-
-    expected_origin = config.get('expected_origin')
-    if expected_origin:
-        # The API can be accessed from other Origins.
-        app = csrf.OriginChecker(app, expected_origin,
-                                 skip_urls=[routes.util.url_for('api')])
 
     # Establish the Registry for this application
     app = RegistryManager(app)
diff --git a/rhodecode/lib/auth.py b/rhodecode/lib/auth.py
--- a/rhodecode/lib/auth.py
+++ b/rhodecode/lib/auth.py
@@ -1105,6 +1105,9 @@ def get_csrf_token(session=None, force_n
     :param save_if_missing: save the newly generated token if it's missing in
         session
     """
+    # NOTE(marcink): probably should be replaced with below one from pyramid 1.9
+    # from pyramid.csrf import get_csrf_token
+
     if not session:
         from pylons import session
 
diff --git a/rhodecode/lib/base.py b/rhodecode/lib/base.py
--- a/rhodecode/lib/base.py
+++ b/rhodecode/lib/base.py
@@ -33,7 +33,7 @@ import pyramid.threadlocal
 from paste.auth.basic import AuthBasicAuthenticator
 from paste.httpexceptions import HTTPUnauthorized, HTTPForbidden, get_exception
 from paste.httpheaders import WWW_AUTHENTICATE, AUTHORIZATION
-from pylons import config, tmpl_context as c, request, session, url
+from pylons import config, tmpl_context as c, request, url
 from pylons.controllers import WSGIController
 from pylons.controllers.util import redirect
 from pylons.i18n import translation
@@ -403,11 +403,25 @@ def attach_context_attributes(context, r
     if request.session.get('diffmode') != diffmode:
         request.session['diffmode'] = diffmode
 
-    context.csrf_token = auth.get_csrf_token()
+    context.csrf_token = auth.get_csrf_token(session=request.session)
     context.backends = rhodecode.BACKENDS.keys()
     context.backends.sort()
     context.unread_notifications = NotificationModel().get_unread_cnt_for_user(user_id)
-    context.pyramid_request = pyramid.threadlocal.get_current_request()
+
+    # NOTE(marcink): when migrated to pyramid we don't need to set this anymore,
+    # given request will ALWAYS be pyramid one
+    pyramid_request = pyramid.threadlocal.get_current_request()
+    context.pyramid_request = pyramid_request
+
+    # web case
+    if hasattr(pyramid_request, 'user'):
+        context.auth_user = pyramid_request.user
+        context.rhodecode_user = pyramid_request.user
+
+    # api case
+    if hasattr(pyramid_request, 'rpc_user'):
+        context.auth_user = pyramid_request.rpc_user
+        context.rhodecode_user = pyramid_request.rpc_user
 
     # attach the whole call context to the request
     request.call_context = context
@@ -463,7 +477,7 @@ class BaseController(WSGIController):
         """
         # on each call propagate settings calls into global settings.
         set_rhodecode_config(config)
-        attach_context_attributes(c, request, c.rhodecode_user.user_id)
+        attach_context_attributes(c, request, self._rhodecode_user.user_id)
 
         # TODO: Remove this when fixed in attach_context_attributes()
         c.repo_name = get_repo_slug(request)  # can be empty
@@ -510,7 +524,7 @@ class BaseController(WSGIController):
 
         # set globals for auth user
         request.user = auth_user
-        c.rhodecode_user = self._rhodecode_user = auth_user
+        self._rhodecode_user = auth_user
 
         log.info('IP: %s User: %s accessed %s [%s]' % (
             self.ip_addr, auth_user, safe_unicode(get_access_path(environ)),
diff --git a/rhodecode/subscribers.py b/rhodecode/subscribers.py
--- a/rhodecode/subscribers.py
+++ b/rhodecode/subscribers.py
@@ -48,10 +48,11 @@ log = logging.getLogger(__name__)
 
 
 def add_renderer_globals(event):
+    from rhodecode.lib import helpers
+
+    # NOTE(marcink):
     # Put pylons stuff into the context. This will be removed as soon as
     # migration to pyramid is finished.
-    conf = pylons.config._current_obj()
-    event['h'] = conf.get('pylons.h')
     event['c'] = pylons.tmpl_context
     event['url'] = pylons.url
 
@@ -62,6 +63,7 @@ def add_renderer_globals(event):
     # Add Pyramid translation as '_' to context
     event['_'] = request.translate
     event['_ungettext'] = request.plularize
+    event['h'] = helpers
 
 
 def add_localizer(event):
diff --git a/rhodecode/tests/functional/test_files.py b/rhodecode/tests/functional/test_files.py
--- a/rhodecode/tests/functional/test_files.py
+++ b/rhodecode/tests/functional/test_files.py
@@ -414,15 +414,15 @@ class TestRepositoryArchival(object):
                                         fname=fname))
 
             assert response.status == '200 OK'
-            headers = {
-                'Pragma': 'no-cache',
-                'Cache-Control': 'no-cache',
-                'Content-Disposition': 'attachment; filename=%s' % filename,
-                'Content-Type': '%s; charset=utf-8' % mime_type,
-            }
+            headers = [
+                ('Pragma', 'no-cache'),
+                ('Cache-Control', 'no-cache'),
+                ('Content-Disposition', 'attachment; filename=%s' % filename),
+                ('Content-Type', '%s' % mime_type),
+            ]
             if 'Set-Cookie' in response.response.headers:
                 del response.response.headers['Set-Cookie']
-            assert response.response.headers == headers
+            assert response.response.headers.items() == headers
 
     def test_archival_wrong_ext(self, backend):
         backend.enable_downloads()
diff --git a/rhodecode/tests/lib/middleware/test_simplevcs.py b/rhodecode/tests/lib/middleware/test_simplevcs.py
--- a/rhodecode/tests/lib/middleware/test_simplevcs.py
+++ b/rhodecode/tests/lib/middleware/test_simplevcs.py
@@ -56,7 +56,10 @@ class StubVCSController(simplevcs.Simple
 
     def _create_wsgi_app(self, repo_path, repo_name, config):
         def fake_app(environ, start_response):
-            start_response('200 OK', [])
+            headers = [
+                ('Http-Accept', 'application/mercurial')
+            ]
+            start_response('200 OK', headers)
             return self.stub_response_body
         return fake_app
 
@@ -92,8 +95,6 @@ def _remove_default_user_from_query_cach
     Session().expire(user)
 
 
-
-
 def test_handles_exceptions_during_permissions_checks(
         vcscontroller, disable_anonymous_user):
     user_and_pass = '%s:%s' % (TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS)
@@ -220,6 +221,7 @@ class TestShadowRepoExposure(object):
         controller.stub_response_body = 'dummy body value'
         environ_stub = {
             'HTTP_HOST': 'test.example.com',
+            'HTTP_ACCEPT': 'application/mercurial',
             'REQUEST_METHOD': 'GET',
             'wsgi.url_scheme': 'http',
         }
@@ -241,6 +243,7 @@ class TestShadowRepoExposure(object):
         controller.stub_response_body = 'dummy body value'
         environ_stub = {
             'HTTP_HOST': 'test.example.com',
+            'HTTP_ACCEPT': 'application/mercurial',
             'REQUEST_METHOD': 'GET',
             'wsgi.url_scheme': 'http',
         }
diff --git a/rhodecode/tests/utils.py b/rhodecode/tests/utils.py
--- a/rhodecode/tests/utils.py
+++ b/rhodecode/tests/utils.py
@@ -29,9 +29,10 @@ from lxml.html import fromstring, tostri
 from lxml.cssselect import CSSSelector
 from urlparse import urlparse, parse_qsl
 from urllib import unquote_plus
+import webob
 
-from webtest.app import (
-    Request, TestResponse, TestApp, print_stderr, string_types)
+from webtest.app import TestResponse, TestApp, string_types
+from webtest.compat import print_stderr
 
 import pytest
 import rc_testdata
@@ -103,7 +104,7 @@ class CustomTestResponse(TestResponse):
         return self.request.environ['beaker.session']
 
 
-class TestRequest(Request):
+class TestRequest(webob.BaseRequest):
 
     # for py.test
     disabled = True