pywebtools.formencode – Utilities for use with Formencode

This module provides a number of Schema and FancyValidator.

Of particular note is the CSRFSchema which can be used as a base-class instead of Schema to automatically include CSRF validation.

class pywebtools.formencode.CSRFSchema(*args, **kw)
The class:~pywebtools.formencode.CSRFSchema is a base formencode.Schema

that includes Cross-Site Request Forgery detection.

It should be used as the base class for all specific request schemas.

Messages

badDictType:
The input must be dict-like (not a %(type)s: %(value)r)
badType:
The input must be a string (not a %(type)s: %(value)r)
empty:
Please enter a value
missingValue:
Missing value
noneType:
The input must be a string (not None)
notExpected:
The input field %(name)s was not expected.
singleValueExpected:
Please provide only one value
class pywebtools.formencode.CSRFValidator(*args, **kw)
Validator that checks a value against the Cross-Site Request Forgery
token stored in the user’s session.

Messages

badType:
The input must be a string (not a %(type)s: %(value)r)
empty:
An empty CSRF token was provided. This might indicate a malicious attack.
invalid_csrf_token:
The CSRF token is invalid. This might indicate a malicious attack.
missing:
No CSRF token was provided. This might indicate a malicious attack.
no_request:
No request was specified to validate the CSRFToken
noneType:
The input must be a string (not None)
class pywebtools.formencode.DateValidator(*args, **kw)
The DateValidator provides date validation and
conversion from the formats “YYYY-MM-DD” or “DD/MM/YYYY” to a python datetime.date.

Messages

badType:
The input must be a string (not a %(type)s: %(value)r)
empty:
Please enter a value
invalid_format:
Please enter a date either as YYYY-MM-DD or DD/MM/YYYY
noneType:
The input must be a string (not None)
class pywebtools.formencode.DictValidator(*args, **kw)
The DictValidator validates that the value
is a dict.

Messages

badType:
The input must be a string (not a %(type)s: %(value)r)
empty:
Please enter a value
noneType:
The input must be a string (not None)
not_dict:
The value is not a dict
class pywebtools.formencode.DynamicSchema(fields=None, **kwargs)
The DynamicSchema provides a dynamic
Schema for which the validation fields are defined from the list of (field-name, FancyValidator) pairs passed to the constructor.

Messages

badDictType:
The input must be dict-like (not a %(type)s: %(value)r)
badType:
The input must be a string (not a %(type)s: %(value)r)
empty:
Please enter a value
missingValue:
Missing value
noneType:
The input must be a string (not None)
notExpected:
The input field %(name)s was not expected.
singleValueExpected:
Please provide only one value
class pywebtools.formencode.EmailDomainValidator(*args, **kw)
The EmailDomainValidator checks that the given

e-mail address is in the list of allowed e-mail address domains.

Requires that the list of allowed domains is available via the state.email_domains attribute. If nothing is provided in the state, then all e-mail addresses are seen as valid.

Messages

badType:
The input must be a string (not a %(type)s: %(value)r)
empty:
Please enter a value
noneType:
The input must be a string (not None)
wrongdomain:
Only e-mail address in the following domains can be used: %(domains)s
class pywebtools.formencode.PasswordValidator(*args, **kw)
The PasswordValidator handles the checking of

user-provided passwords against the database to allow / dissallow login.

Requires a SQLAlchemy database session to be available via state.dbsession.

Messages

badType:
The input must be a string (not a %(type)s: %(value)r)
empty:
Please enter a value
nologin:
No user exists with the given e-mail address or the password does not match
noneType:
The input must be a string (not None)
class pywebtools.formencode.State(**kwargs)

The State provides a blank state object for use with Formencode validation. Any parameters passed to the constructor are automatically set as attributes of the State.

class pywebtools.formencode.TimeValidator(*args, **kw)
The DateValidator provides time validation and
conversion from the format “HH:MM” to a python datetime.time.

Messages

badType:
The input must be a string (not a %(type)s: %(value)r)
empty:
Please enter a value
invalid_format:
Please enter a time as HH:MM
noneType:
The input must be a string (not None)
class pywebtools.formencode.UniqueEmailValidator(*args, **kw)
The UniqueEmailValidator checks that the given

e-mail address is not already used.

Requires a SQLAlchemy database session to be available via state.dbsession and the user class to be available via state.user_class. If a state.userid is provided, then the user_class with that id can have the same e-mail address.

Messages

badType:
The input must be a string (not a %(type)s: %(value)r)
empty:
Please enter a value
existing:
A user with this e-mail address already exists
noneType:
The input must be a string (not None)