def field_converter(field, value, context):
field.field.__name__ = field.__name__
if isinstance(value, dict) and "op" in value:
if not isinstance(value, dict):
raise ValueDeserializationError(field, value, "Not an object")
operation_name = value.get("op", "undefined")
if operation_name == "multi":
operation = query_adapter(field,
field.operation_type,
name=operation_name)
if operation is None:
raise ValueDeserializationError(
field, value, f'"{operation_name}" not a valid operation')
value = operation(context, value.get("value"))
else:
bound_field = field.field.bind(context)
operation = query_adapter(bound_field,
field.operation_type,
name=operation_name)
if operation is None:
raise ValueDeserializationError(
field, value, f'"{operation_name}" not a valid operation')
value = operation(context, value.get("value"))
elif isinstance(value, (dict, list)):
value = get_adapter(field.field, IJSONToValue, args=[value, context])
return value
async def test_fhir_field_deserializer(dummy_request):
""" """
with open(str(FHIR_EXAMPLE_RESOURCES / "Organization.json"), "r") as fp:
fhir_json = json.load(fp)
fhir_field = FhirField(
title="Organization resource",
resource_type="Organization",
required=False,
fhir_release="R4",
)
deserialized = query_adapter(fhir_field,
IJSONToValue,
args=[fhir_json, None])
assert IFhirFieldValue.providedBy(deserialized) is True
assert deserialized.as_json() == fhir_json
deserialized = query_adapter(fhir_field,
IJSONToValue,
args=[json.dumps(fhir_json), None])
assert IFhirFieldValue.providedBy(deserialized) is True
deserialized = query_adapter(fhir_field, IJSONToValue, args=[None, None])
assert deserialized is None
async def workflow_object_added(obj, event):
workflow = query_adapter(obj, IWorkflowBehavior)
wkf = query_adapter(obj, IWorkflow)
if workflow is not None and wkf is not None:
user_id = get_authenticated_user_id()
await workflow.load(create=True)
state = workflow.review_state
if "set_permission" in wkf.states[state]:
await apply_sharing(obj, wkf.states[state]["set_permission"])
setattr(workflow, "history", [])
workflow.history.append({
"actor": user_id,
"comments": "",
"time": datetime.datetime.now(),
"title": "Created",
"type": "workflow",
"data": {
"action": None,
"review_state": state
},
})
workflow.register()
def __init__(self, context):
self.context = context
self.utility = get_utility(IWorkflowUtility)
adapter = None
if not IResource.providedBy(context):
adapter = query_adapter(context.context, IWorkflow)
else:
adapter = query_adapter(context, IWorkflow)
if adapter is not None:
self.states = adapter.states
else:
self.states = {}
async def test_fhir_field_value_serializer(dummy_request):
""" """
with open(str(FHIR_FIXTURE_PATH / "Organization.json"), "r") as f:
fhir_json = json.load(f)
model = resource_type_to_resource_cls(fhir_json["resourceType"])
fhir_resource = model(fhir_json)
value = FhirFieldValue(obj=fhir_resource)
serialized = query_adapter(value, IValueToJson)
assert serialized == value.as_json()
serialized = query_adapter(FhirFieldValue(), IValueToJson)
assert serialized is None
async def __call__(self):
obj_url = IAbsoluteURL(self.context, self.request)()
workflow = {
"@id": obj_url + "/@workflow",
"history": [],
"transitions": []
}
workflow_obj = IWorkflow(self.context)
if workflow_obj is None:
return workflow
async for action_name, action in workflow_obj.available_actions(
self.request):
workflow["transitions"].append({
"@id": obj_url + "/@workflow/" + action_name,
"title": action["title"]
})
workflow_obj = query_adapter(self.context, IWorkflowBehavior)
if workflow_obj is not None:
await workflow_obj.load()
workflow["history"] = workflow_obj.history
return workflow
async def cms_object_added(obj, event):
cms = query_adapter(obj, ICMSBehavior)
if cms is not None:
request = get_current_request()
user_id = get_authenticated_user_id(request)
workflow = IWorkflow(obj)
await cms.load(create=True)
state = cms.review_state
if 'set_permission' in workflow.states[state]:
await apply_sharing(obj, workflow.states[state]['set_permission'])
setattr(cms, 'history', [])
cms.history.append({
'actor': user_id,
'comments': '',
'time': datetime.datetime.now(),
'title': 'Created',
'type': 'workflow',
'data': {
'action': None,
'review_state': state,
}
})
cms._p_register()
if hasattr(obj, 'title') and obj.title is None:
obj.title = obj.id
async def __call__(self, scope, receive, send):
"""
This method always returns a response object or raises a Exception for
unhandled errors
"""
request_settings = {
k: v for k, v in self.asgi_app.server_settings.items() if k in ("client_max_size",)
}
request = Request.factory(scope, send, receive, **request_settings)
task_vars.request.set(request)
try:
return await self.request_handler(request)
except Response as exc:
return exc
except Exception as exc:
# Try to render exception using IErrorResponseException
eid = uuid.uuid4().hex
view_result = query_adapter(
exc, IErrorResponseException, kwargs={"error": "ServiceError", "eid": eid}
)
if view_result is not None:
return await apply_rendering(View(None, request), request, view_result)
# Raise unhandled exceptions to ErrorMiddleware
raise
async def default_get(context, request):
"""We show the available schemas."""
result = {}
factory = get_cached_factory(context.type_name)
result["static"] = []
for schema in factory.behaviors or ():
result["static"].append(schema.__identifier__)
# convert to list, could be frozenset
result["dynamic"] = [b for b in context.__behaviors__]
result["available"] = []
factory = get_cached_factory(context.type_name)
for name, utility in get_utilities_for(IBehavior):
serialize = False
if name not in result["dynamic"] and name not in result["static"]:
adaptable = query_adapter(context,
utility.interface,
name="",
default=None)
if adaptable:
result["available"].append(name)
serialize = True
schema_serializer = get_multi_adapter(
(utility.interface, request), ISchemaSerializeToJson)
result[name] = await schema_serializer()
else:
serialize = True
if serialize:
schema_serializer = get_multi_adapter((utility.interface, request),
ISchemaSerializeToJson)
result[name] = await schema_serializer()
return result
async def default_get(context, request):
"""We show the available schemas."""
result = {}
factory = get_cached_factory(context.type_name)
result['static'] = []
for schema in factory.behaviors or ():
result['static'].append(schema.__identifier__)
# convert to list, could be frozenset
result['dynamic'] = [b for b in context.__behaviors__]
result['available'] = []
factory = get_cached_factory(context.type_name)
for name, utility in get_utilities_for(IBehavior):
serialize = False
if name not in result['dynamic'] and name not in result['static']:
adaptable = query_adapter(
context, utility.interface,
name='', default=None)
if adaptable:
result['available'].append(name)
serialize = True
schema_serializer = get_multi_adapter(
(utility.interface, request),
ISchemaSerializeToJson)
result[name] = await schema_serializer()
else:
serialize = True
if serialize:
schema_serializer = get_multi_adapter(
(utility.interface, request), ISchemaSerializeToJson)
result[name] = await schema_serializer()
return result
async def index_object(obj, indexes=None, modified=False, security=False):
uid = getattr(obj, 'uuid', None)
if uid is None:
return
type_name = getattr(obj, 'type_name', None)
if type_name is None or IContainer.providedBy(obj):
return
search = query_utility(ICatalogUtility)
if search is None:
return
fut = get_future()
if fut is None:
return
if modified:
data = {}
if security:
adapter = query_adapter(obj, ISecurityInfo)
if adapter is not None:
data = await apply_coroutine(adapter)
else:
if indexes is not None and len(indexes) > 0:
data = await search.get_data(obj, indexes)
if len(data) > 0:
if uid in fut.update:
fut.update[uid].update(data)
else:
fut.update[uid] = data
else:
fut.index[uid] = await search.get_data(obj)
async def index_object(obj, indexes=None, modified=False, security=False):
uid = getattr(obj, 'uuid', None)
if uid is None:
return
type_name = getattr(obj, 'type_name', None)
if type_name is None or IContainer.providedBy(obj):
return
search = query_utility(ICatalogUtility)
if search is None:
return
fut = get_future()
if fut is None:
return
if modified:
data = {}
if security:
adapter = query_adapter(obj, ISecurityInfo)
if adapter is not None:
data = await apply_coroutine(adapter)
else:
if indexes is not None and len(indexes) > 0:
data = await search.get_data(obj, indexes)
if len(data) > 0:
if uid in fut.update:
fut.update[uid].update(data)
else:
fut.update[uid] = data
else:
fut.index[uid] = await search.get_data(obj)
async def test_fhir_field_value_serializer(dummy_request):
""" """
with open(str(FHIR_EXAMPLE_RESOURCES / "Organization.json"), "r") as fp:
fhir_json = json.load(fp)
model = implementer(IFhirResource)(lookup_fhir_class(
fhir_json["resourceType"]))
fhir_resource = model(fhir_json)
value = FhirFieldValue(obj=fhir_resource)
serialized = query_adapter(value, IValueToJson)
assert serialized == value.as_json()
serialized = query_adapter(FhirFieldValue(), IValueToJson)
assert serialized is None
def initialize(
self, read_only, cache=None, strategy=None,
):
self._read_only = read_only
self._txn_time = None
self._tid = None
self.status = Status.ACTIVE
self.user = None
# List of objects added
# needs to be ordered because content inserted after other might
# reference each other
self.added = OrderedDict()
self.added_children = {}
self.modified = {}
self.deleted = {}
# List of (hook, args, kws) tuples added by addBeforeCommitHook().
self._before_commit = []
# List of (hook, args, kws) tuples added by addAfterCommitHook().
self._after_commit = []
self._cache = cache or query_adapter(self, ITransactionCache, name=app_settings["cache"]["strategy"])
self._strategy = strategy or get_adapter(
self, ITransactionStrategy, name=self._manager._storage._transaction_strategy
)
self._query_count_start = self._query_count_end = 0
def __call__(self, context: IResource) -> Optional[str]:
if context is None:
return None
workflow = query_adapter(context.context, IWorkflow)
if workflow is not None:
return workflow.initial_state
else:
return None
def cached_roles(parent: Optional[IBaseObject], permission: str, level: str) -> Dict[str, int]:
"""
Get the roles for a specific permission.
Global + Local + Code
"""
if parent is None:
roles = dict(
[(role, 1) for (role, setting) in code_roles_for_permission(permission) if setting is Allow]
)
return roles
try:
cache = parent.__volatile__.setdefault("security_cache", {})
except AttributeError:
cache = {}
try:
cache_roles = cache["roles"]
except KeyError:
cache_roles = cache["roles"] = {}
try:
return cache_roles[permission + level]
except KeyError:
pass
perminhe = query_adapter(parent, IInheritPermissionMap)
if perminhe is None or perminhe.get_inheritance(permission) is Allow:
roles = cached_roles(getattr(parent, "__parent__", None), permission, "p")
else:
# We don't apply global permissions also
# Its dangerous as may lead to an object who nobody can see
roles = dict()
roleper = query_adapter(parent, IRolePermissionMap)
if roleper is not None:
roles = roles.copy()
for role, setting in roleper.get_roles_for_permission(permission):
if setting is Allow:
roles[role] = 1
elif setting is AllowSingle and level == "o":
roles[role] = 1
elif setting is Deny and role in roles:
del roles[role]
cache_roles[permission + level] = roles
return roles
async def vacuum(self, db):
vacuumer = query_adapter(db._storage, IVacuumProvider)
if vacuumer is None:
logger.warning(
f"No vacuum provider found for storage: {db._storage}")
return
logger.warning(f"Starting vacuum on db: {db.id}")
await vacuumer()
logger.warning(f"Finished vacuum on db: {db.id}")
def field_converter(field, value, context):
if not isinstance(value, dict):
raise ValueDeserializationError(field, value, 'Not an object')
operation_name = value.get('op', 'undefined')
operation = query_adapter(field, IPatchFieldOperation, name=operation_name)
if operation is None:
raise ValueDeserializationError(
field, value, f'"{operation_name}" not a valid operation')
if 'value' not in value:
raise ValueDeserializationError(field, value, f'Mising value')
return value
def field_converter(field, value, context):
if not isinstance(value, dict):
raise ValueDeserializationError(field, value, 'Not an object')
operation_name = value.get('op', 'undefined')
operation = query_adapter(field, IPatchFieldOperation, name=operation_name)
if operation is None:
raise ValueDeserializationError(
field, value, f'"{operation_name}" not a valid operation')
if 'value' not in value:
raise ValueDeserializationError(
field, value, f'Mising value')
return value
def field_converter(field, value, context):
if not isinstance(value, dict):
raise ValueDeserializationError(
field, value, "Not valid patch operation definition")
operation_name = value.get("op", "undefined")
operation = query_adapter(field, IPatchFieldOperation, name=operation_name)
if operation is None:
raise ValueDeserializationError(
field, value, f'"{operation_name}" not a valid operation')
if "value" not in value:
raise ValueDeserializationError(field, value, f"Missing value")
return value
async def set(self, obj, value):
obj._p_register()
if IContentBehavior.providedBy(obj):
anno_context = obj.__dict__['context']
self.__key_name__ = obj.__dict__['schema'].__identifier__ + '.' + self.__name__
else:
anno_context = obj
self.__key_name__ = self.__name__
operation_name = value['op']
bound_field = self.bind(obj)
operation = query_adapter(bound_field, IPatchFieldOperation, name=operation_name)
await operation(obj, anno_context, value['value'])
def json_compatible(value):
if value is None:
return value
type_ = type(value)
if type_ in (str, bool, int, float):
return value
result_value = query_adapter(value, IValueToJson, default=_MISSING)
if result_value is _MISSING:
raise TypeError(
'No converter for making'
' {0!r} ({1}) JSON compatible.'.format(value, type(value)))
else:
return result_value
def json_compatible(value):
if value is None:
return value
type_ = type(value)
if type_ in (str, bool, int, float):
return value
result_value = query_adapter(value, IValueToJson, default=_MISSING)
if result_value is _MISSING:
raise TypeError("No converter for making"
" {0!r} ({1}) JSON compatible.".format(
value, type(value)))
else:
return result_value
async def test_fhir_field_deserializer(dummy_request):
""" """
with open(str(FHIR_FIXTURE_PATH / "Organization.json"), "r") as f:
fhir_json = json.load(f)
fhir_field = FhirField(
title="Organization resource",
resource_class="fhir.resources.organization.Organization",
required=False,
)
deserialized = query_adapter(fhir_field,
IJSONToValue,
args=[fhir_json, None])
assert IFhirFieldValue.providedBy(deserialized) is True
assert deserialized.as_json() == fhir_json
deserialized = query_adapter(fhir_field,
IJSONToValue,
args=[json.dumps(fhir_json), None])
assert IFhirFieldValue.providedBy(deserialized) is True
deserialized = query_adapter(fhir_field, IJSONToValue, args=[None, None])
assert deserialized is None
def __init__(self, manager=None):
if manager is None:
manager = MockTransactionManager()
self._manager = self.manager = manager
self._tid = 1
self.modified = {}
self.request = None
self._strategy = query_adapter(
self, ITransactionStrategy,
name=manager._storage._transaction_strategy)
self._cache = DummyCache(self)
self._lock = asyncio.Lock()
self._status = 'started'
self._db_conn = None
self.storage = MockStorage()
def field_converter(field, value, context):
field.field.__name__ = field.__name__
if isinstance(value, dict) and 'op' in value:
if not isinstance(value, dict):
raise ValueDeserializationError(field, value, 'Not an object')
operation_name = value.get('op', 'undefined')
bound_field = field.field.bind(context)
operation = query_adapter(
bound_field, field.operation_type, name=operation_name)
if operation is None:
raise ValueDeserializationError(
field, value, f'"{operation_name}" not a valid operation')
value = operation(context, value.get('value'))
elif isinstance(value, (dict, list)):
value = get_adapter(field.field, IJSONToValue, args=[value, context])
return value
def field_converter(field, value, context):
field.field.__name__ = field.__name__
if isinstance(value, dict) and 'op' in value:
if not isinstance(value, dict):
raise ValueDeserializationError(field, value, 'Not an object')
operation_name = value.get('op', 'undefined')
bound_field = field.field.bind(context)
operation = query_adapter(
bound_field, field.operation_type, name=operation_name)
if operation is None:
raise ValueDeserializationError(
field, value, f'"{operation_name}" not a valid operation')
value = operation(context, value.get('value'))
elif isinstance(value, (dict, list)):
value = get_adapter(field.field, IJSONToValue, args=[value, context])
return value
async def set(self, obj, value):
obj._p_register()
if IContentBehavior.providedBy(obj):
anno_context = obj.__dict__['context']
self.__key_name__ = obj.__dict__[
'schema'].__identifier__ + '.' + self.__name__
else:
anno_context = obj
self.__key_name__ = self.__name__
operation_name = value['op']
bound_field = self.bind(obj)
operation = query_adapter(bound_field,
IPatchFieldOperation,
name=operation_name)
await operation(obj, anno_context, value['value'])
async def cms_object_added(obj, event):
cms = query_adapter(obj, ICMSBehavior)
if cms is not None:
await cms.load(create=True)
txn = get_transaction()
if supports_ordering(txn.storage):
pos = await get_next_order()
cms.position_in_parent = pos
indexer = index.get_indexer()
if indexer is None:
return
if obj.uuid not in indexer.index:
indexer.index[obj.uuid] = {}
indexer.index[
obj.uuid]["position_in_parent"] = cms.position_in_parent
if hasattr(obj, "title") and obj.title is None:
obj.title = obj.id
def generate_error_response(e, request, error, status=500):
# We may need to check the roles of the users to show the real error
eid = uuid.uuid4().hex
http_response = query_adapter(
e, IErrorResponseException, kwargs={
'error': error,
'eid': eid
})
if http_response is not None:
return http_response
message = _('Error on execution of view') + ' ' + eid
logger.error(message, exc_info=e, eid=eid, request=request)
return response.HTTPInternalServerError(content={
'message': message,
'reason': error_reasons.UNKNOWN.name,
'details': error_reasons.UNKNOWN.details,
'eid': eid
})
def generate_error_response(e, request, error, status=500):
# We may need to check the roles of the users to show the real error
eid = uuid.uuid4().hex
http_response = query_adapter(
e, IErrorResponseException, kwargs={
'error': error,
'eid': eid
})
if http_response is not None:
return http_response
message = _('Error on execution of view') + ' ' + eid
logger.error(message, exc_info=e, eid=eid, request=request)
return response.HTTPInternalServerError(content={
'message': message,
'reason': error_reasons.UNKNOWN.name,
'details': error_reasons.UNKNOWN.details,
'eid': eid
})
def __init__(self, manager, loop=None, read_only=False):
self._read_only = read_only
self._txn_time = None
self._tid = None
self.status = Status.ACTIVE
# Transaction Manager
self._manager = manager
# List of objects added
# needs to be ordered because content inserted after other might
# reference each other
self.added = OrderedDict()
self.modified = {}
self.deleted = {}
# List of (hook, args, kws) tuples added by addBeforeCommitHook().
self._before_commit = []
# List of (hook, args, kws) tuples added by addAfterCommitHook().
self._after_commit = []
logger.debug("new transaction")
# Connection to DB
self._db_conn = None
# Transaction on DB
self._db_txn = None
# Lock on the transaction
# some databases need to lock during queries
# this provides a lock for each transaction
# which would correspond with one connection
self._lock = asyncio.Lock(loop=loop)
self._strategy = get_adapter(
self,
ITransactionStrategy,
name=manager._storage._transaction_strategy)
self._cache = query_adapter(self,
ITransactionCache,
name=app_settings['cache']['strategy'])
self._query_count_start = self._query_count_end = 0
async def set(self, obj, value):
try:
obj.register()
if IContentBehavior.providedBy(obj):
anno_context = obj.__dict__["context"]
self.__key_name__ = obj.__dict__[
"schema"].__identifier__ + "." + self.__name__
else:
anno_context = obj
self.__key_name__ = self.__name__
operation_name = value["op"]
bound_field = self.bind(obj)
operation = query_adapter(bound_field,
IPatchFieldOperation,
name=operation_name)
await operation(obj, anno_context, value["value"])
except Exception:
logger.warning("Unhandled error setting value", exc_info=True)
raise ValueDeserializationError(self, value, "Unhandled error")
async def handle(self, message):
payload = message.get("payload") or {}
if not isinstance(payload, str):
payload = orjson.dumps(payload)
headers = dict(self.request.headers)
headers.update(message.get("headers") or {})
request = await self.clone_request(message["method"],
message["endpoint"], payload,
headers)
try:
task_vars.request.set(request)
errored: bool = True
try:
result = await self._handle(request, message)
errored = False
except ErrorResponse as err:
result = self._gen_result(err)
except Exception as exc:
logger.warning("Error executing batch item", exc_info=True)
# Attempt to get error response from exception
error_resp = query_adapter(
exc,
IErrorResponseException,
kwargs={
"error": "ServiceError",
"eid": uuid.uuid4().hex
},
)
if error_resp is None:
# If that didn't work, default to generic error response
error_resp = generate_error_response(exc, request)
result = self._gen_result(error_resp)
finally:
if errored and self.eager_commit:
tm = get_tm()
await tm.abort()
return result
finally:
task_vars.request.set(self.request)
def generate_error_response(e, request, error, status=500):
# We may need to check the roles of the users to show the real error
eid = uuid.uuid4().hex
http_response = query_adapter(e,
IErrorResponseException,
kwargs={
"error": error,
"eid": eid
})
if http_response is not None:
return http_response
message = _("Error on execution of view") + " " + eid
logger.error(message, exc_info=e, eid=eid, request=request)
data = {
"message": message,
"reason": error_reasons.UNKNOWN.name,
"details": error_reasons.UNKNOWN.details,
"eid": eid,
}
if app_settings.get("debug"):
data["traceback"] = traceback.format_exc()
return response.HTTPInternalServerError(content=data)
async def cms_object_added(obj, event):
cms = query_adapter(obj, ICMSBehavior)
if cms is not None:
user_id = get_authenticated_user_id()
workflow = IWorkflow(obj)
await cms.load(create=True)
state = cms.review_state
if 'set_permission' in workflow.states[state]:
await apply_sharing(obj, workflow.states[state]['set_permission'])
setattr(cms, 'history', [])
cms.history.append({
'actor': user_id,
'comments': '',
'time': datetime.datetime.now(),
'title': 'Created',
'type': 'workflow',
'data': {
'action': None,
'review_state': state,
}
})
cms.register()
txn = get_transaction()
if supports_ordering(txn.storage):
pos = await get_next_order()
cms.position_in_parent = pos
indexer = index.get_indexer()
if indexer is None:
return
if obj.uuid not in indexer.index:
indexer.index[obj.uuid] = {}
indexer.index[
obj.uuid]['position_in_parent'] = cms.position_in_parent
if hasattr(obj, 'title') and obj.title is None:
obj.title = obj.id
async def add_object(self,
obj,
indexes=None,
modified=False,
security=False):
uid = obj.uuid
search = query_utility(ICatalogUtility)
if modified:
data = {}
if security:
adapter = query_adapter(obj, ISecurityInfo)
if adapter is not None:
data = await apply_coroutine(adapter)
else:
if indexes is not None and len(indexes) > 0:
data = await search.get_data(obj, indexes)
if len(data) > 0:
if uid in self.update:
self.update[uid].update(data)
else:
self.update[uid] = data
else:
self.index[uid] = await search.get_data(obj)
async def real_resolve(self, request: IRequest) -> Optional[MatchInfo]:
"""Main function to resolve a request."""
security = get_adapter(request, IInteraction)
if request.method not in app_settings['http_methods']:
raise HTTPMethodNotAllowed(
method=request.method,
allowed_methods=[k for k in app_settings['http_methods'].keys()])
method = app_settings['http_methods'][request.method]
try:
resource, tail = await self.traverse(request)
except ConflictError:
# can also happen from connection errors so we bubble this...
raise
except Exception as _exc:
logger.error('Unhandled exception occurred', exc_info=True)
request.resource = request.tail = None
request.exc = _exc
data = {
'success': False,
'exception_message': str(_exc),
'exception_type': getattr(type(_exc), '__name__', str(type(_exc))), # noqa
}
if app_settings.get('debug'):
data['traceback'] = traceback.format_exc()
raise HTTPBadRequest(content={
'reason': data
})
request.record('traversed')
await notify(ObjectLoadedEvent(resource))
request.resource = resource
request.tail = tail
if request.resource is None:
await notify(TraversalResourceMissEvent(request, tail))
raise HTTPNotFound(content={
"reason": 'Resource not found'
})
if tail and len(tail) > 0:
# convert match lookups
view_name = routes.path_to_view_name(tail)
elif not tail:
view_name = ''
request.record('beforeauthentication')
await self.apply_authorization(request)
request.record('authentication')
for language in get_acceptable_languages(request):
translator = query_adapter((resource, request), ILanguage,
name=language)
if translator is not None:
resource = translator.translate()
break
# Add anonymous participation
if len(security.participations) == 0:
security.add(AnonymousParticipation(request))
# container registry lookup
try:
view = query_multi_adapter(
(resource, request), method, name=view_name)
except AttributeError:
view = None
if view is None and method == IOPTIONS:
view = DefaultOPTIONS(resource, request)
# Check security on context to AccessContent unless
# is view allows explicit or its OPTIONS
permission = get_utility(IPermission, name='guillotina.AccessContent')
if not security.check_permission(permission.id, resource):
# Check if its a CORS call:
if IOPTIONS != method:
# Check if the view has permissions explicit
if view is None or not view.__allow_access__:
logger.info(
"No access content {content} with {auths}".format(
content=resource,
auths=str([x.principal.id
for x in security.participations])),
request=request)
raise HTTPUnauthorized(
content={
"reason": "You are not authorized to access content",
"content": str(resource),
"auths": [x.principal.id
for x in security.participations]
}
)
if not view and len(tail) > 0:
# we should have a view in this case because we are matching routes
await notify(TraversalViewMissEvent(request, tail))
return None
request.found_view = view
request.view_name = view_name
request.record('viewfound')
ViewClass = view.__class__
view_permission = get_view_permission(ViewClass)
if not security.check_permission(view_permission, view):
if IOPTIONS != method:
raise HTTPUnauthorized(
content={
"reason": "You are not authorized to view",
"content": str(resource),
"auths": [x.principal.id
for x in security.participations]
}
)
try:
view.__route__.matches(request, tail or [])
except (KeyError, IndexError):
await notify(TraversalRouteMissEvent(request, tail))
return None
except AttributeError:
pass
if hasattr(view, 'prepare'):
view = (await view.prepare()) or view
request.record('authorization')
return MatchInfo(resource, request, view)
def _callFUT(self, *args, **kw):
from guillotina.component import query_adapter
return query_adapter(*args, **kw)
async def get_json(self):
if not app_settings.get('store_json', False):
return {}
adapter = query_adapter(self._obj, IJSONDBSerializer)
if adapter is not None:
return await adapter()
