class BasicAuthLogoutView(LogoutView):
context(OmsRoot)
name('basicauthlogout')
require('oms.nothing')
def render_GET(self, request):
super(BasicAuthLogoutView, self).render_GET(request)
raise Unauthorized()
class OncRootView(HttpRestView):
"""This view will never render, it's just used to attach the ONCViewFactory
which will create a new OncView depending on the sub-path.
"""
context(OncPlugin)
# html and js have to be open.
# We'll be able to close some parts of javascripts
# but core stuff has to be open otherwise we cannot render
# the Onc login window
require('oms.nothing')
class AuthView(HttpRestView):
context(OmsRoot)
name('auth')
require('oms.nothing')
realm = 'OMS'
BASIC_AUTH_DEFAULT = 'false'
# Should be render_GET but ONC (i.e. ExtJS) cannot attach a request body to GET requests
def render(self, request):
log.info('Incoming authentication request from %s' %
request.getClientIP())
authentication_utility = getUtility(IHttpRestAuthenticationUtility)
# enable basic auth only if explicitly requested
basic_auth = request.args.get('basic_auth',
[self.BASIC_AUTH_DEFAULT])[0] != 'false'
body = request.content.getvalue()
if request.args.get('username') and request.args.get('password'):
credentials = UsernamePassword(
request.args.get('username')[0],
request.args.get('password')[0])
elif body:
try:
params = json.loads(body)
except ValueError:
raise BadRequest("The request body not JSON-parsable")
# cannot be unicode
username = str(params['username'])
password = str(params['password'])
credentials = UsernamePassword(username, password)
else:
credentials = authentication_utility.get_basic_auth_credentials(
request)
# if already authenticated, return success even if the request didn't provide auth credentials
if not credentials and request.interaction.checkPermission(
'rest', object):
return {'status': 'success'}
# XXX: refactor HttpRestServer.handle_request so that it's not a db.transact
# so that we can use a defer.inlineCallback here
return blocking_yield(
authentication_utility.authenticate(request, credentials,
basic_auth))
class OncView(object):
implements(IHttpRestView)
require('oms.nothing')
def __init__(self, resource):
self.resource = resource
def rw_transaction(self, request):
return False
def render(self, request):
res = self.resource.render(request)
# if twisted returns '' it means that there was some http error
# status code like 304 in case of If-Modified-Since header the file hasn't been modified
# Twisted File resource doesn't close the connection, so we have to close it.
if not res:
request.finish()
return NOT_DONE_YET
class OncConfigView(object):
implements(IHttpRestView)
require('oms.nothing')
def __init__(self, path):
self.path = path
def rw_transaction(self, request):
return False
def render(self, request):
cfg = ''
if os.path.exists(self.path):
cfg = open(self.path, 'r').read()
if not re.match('^BACKEND_PREFIX =', cfg, re.MULTILINE):
cfg += "BACKEND_PREFIX='/'"
request.write(cfg)
request.finish()
return NOT_DONE_YET
class HttpRestView(Adapter):
implements(IHttpRestView)
baseclass()
require('rest')
__builtin_attributes__ = ['id', 'children']
def filter_attributes(self, request, data):
"""Handle the filtering of attributes according to the 'attrs' parameter in the request"""
attrs = request.args.get('attrs', [''])[0]
if attrs:
filtered_data = {}
for a in attrs.decode('utf-8').split(
',') + self.__builtin_attributes__:
if a in data:
filtered_data[a] = data[a]
return filtered_data
return data
def render_recursive(self, request, depth):
for method in ('render_' + request.method, 'render'):
if hasattr(self, method):
return self.filter_attributes(request,
getattr(self, method)(request))
raise NotImplemented("method %s not implemented\n" % request.method)
def render_OPTIONS(self, request):
all_methods = ['GET', 'POST', 'PUT', 'DELETE', 'HEAD']
has_methods = [
m for m in all_methods if hasattr(self, 'render_%s' % m)
] + ['OPTIONS']
request.setHeader('Allow', ', '.join(has_methods))
from opennode.oms.endpoint.httprest.root import EmptyResponse
return EmptyResponse
def rw_transaction(self, request):
return request.method != 'GET'
class MultipleView(grok.Context):
grok.require(One)
grok.require(Two)
class BasicAuthView(AuthView):
context(OmsRoot)
name('basicauth')
require('oms.nothing')
BASIC_AUTH_DEFAULT = 'true'
class MissingPermission(grok.Context):
grok.require('doesnt.exist')
class ProtectedObject(grok.Context):
grok.require(ThePermission)
protected = 'this is protected'