def handle_object(self, obj): if type(obj) == dict and len(obj.keys()) == 1 and obj.has_key('_ref'): L.info("ReferenceFetcher: Attempting to fetch %r" % obj) url = obj['_ref'] if url.strip() == '': return None data = None try: data = internal_find(url, follow=False, lang=self.token.lang) if data != None: return data except Exception: L.exception("ReferenceFetcher: Failed to fetch %r" % obj) elif type(obj) == dict: return dict([(k, self.handle_object(v)) for k, v in obj.iteritems()]) elif type(obj) == list: return [self.handle_object(el) for el in obj] return obj
def handle_object(self,obj): if type(obj) == dict and len(obj.keys())==1 and obj.has_key('_ref'): L.info("ReferenceFetcher: Attempting to fetch %r" % obj) url = obj['_ref'] if url.strip() == '': return None data = None try: data = internal_find(url,follow=False,lang=self.token.lang) if data != None: return data except Exception: L.exception("ReferenceFetcher: Failed to fetch %r" % obj) elif type(obj) == dict: return dict([ (k,self.handle_object(v)) for k,v in obj.iteritems()]) elif type(obj) == list: return [ self.handle_object(el) for el in obj] return obj
def slug(path, slug): L.info("dbserver::slug::%s:%s, %s, %s" % (request.method, path, slug, request.url)) response, content_type, headers = process(path, slug) return Response(response=response, content_type=content_type, headers=headers)
def process(self): data = json.dumps(self.token.response) if self.token.request.method == "GET": if data != 'null': L.info("CacheSetter: storing in %s <== %s" % (self.token.cache_key, snip(str(data)))) store_in_cache(self.token.cache_key, data)
def noslug(path): L.info("dbserver::noslug::%s:%s, %s" % (request.method, path, request.url)) response, content_type, headers = process(path, None) L.info("%s %s %s" % (snip(response), content_type, headers)) return Response(response=response, content_type=content_type, headers=headers)
def process(self): data = json.dumps(self.token.response) if data != 'null': L.info("CacheSetter: storing in %s <== %s" % (self.token.cache_key, snip(str(data)))) store_in_cache( self.token.cache_key.encode('utf8').encode('hex'), data.encode('utf8').encode('hex'))
def process(self): self.token.cache_key = json.dumps(self.token.path) + '|' + json.dumps(self.token.slug) + '|' + '|'.join([ self.token.request.args.get(arg,'') for arg in self.ARGS_FOR_KEY ]) if self.token.request.args.get('hitcache',"1") == "0": L.info("Skipping cache as requested for %s/%s" % (self.token.path,self.token.slug)) return data = hit_cache(self.token.cache_key.encode('utf8').encode('hex')) L.info("Data for key %s == %s" % (self.token.cache_key,snip(repr(data)))) if data != None: self.token.response = json.loads(data.decode('hex').decode('utf8')) self.should_stop = True self.skip_to = "DataFormatter"
def create_or_login(resp): session['openid'] = resp.identity_url openid_key = urllib.quote(urllib.quote(session['openid'],safe='')) user = internal_find('/data/admin/users/%s' % openid_key) if user != None: L.info(u'Successfully signed in fullname=%s, email=%s (%r)' % (resp.fullname, resp.email, resp.__dict__)) else: data = { "fullname" : resp.fullname, "email" : resp.email, "key" : openid_key } user = internal_save('/data/admin/users/%s' % openid_key, data) L.info(u'Successfully created fullname=%s, email=%s (%r)' % (resp.fullname, resp.email, resp.__dict__)) g.user = user return redirect(oid.get_next_url())
def validate_api(self,api_key): try: L.info('PermissionChecker:: api_key = %s' % api_key) api_key = api_key.decode('base64') api_key = json.loads(api_key) app = api_key['a'] referrer = api_key['r'] request_referrer = self.token.request.referrer request_referrer = urlparse.urlparse(request_referrer).netloc L.info('PermissionChecker:: app = %s, referrer = %s, req.referrer = %s' % (app, referrer, request_referrer)) assert( referrer == request_referrer ) secret = api_key['s'] assert( secret == md5().update("%s:%s:p4tpp" % (app,referrer)).hexdigest()[:8] ) self.app = "%s@%s" % (app,referrer) except: return False
def internal_find(url,follow=True,lang=None,query=None,apikey=None,fields=None): params = { 'o' : 'json', 'limit' : 0 } params['follow'] = "yes" if follow else "no" if lang: params['lang'] = lang if query: params['query'] = json.dumps(query) if apikey: params['apikey'] = apikey if fields: params['fields'] = json.dumps(fields) L.info("internal_find: Attempting to fetch %s with %s" % (url,params)) params = urlencode(params) url += "?" + params data = g.app.test_client().get(url).data data = json.loads(data) return data
def process(self): method = self.token.request.method self.should_stop = False self.app = self.token.request.args.get('apikey', None) if self.app != None: if self.app == "admin": return if not self.validate_api(self.app): return self.user = None ## TODO: '''<<getuser>>''' if self.token.slug != None: fullpath = os.path.join(self.token.path, self.token.slug) else: fullpath = self.token.path L.debug("PermissionChecker: full_path=%r" % fullpath) fullpath = fullpath.split('/') L.debug("PermissionChecker: full_path=%r" % fullpath) perms = set() for i in range(len(fullpath)): partial_path = fullpath[0:i + 1] L.debug("PermissionChecker: partial_path=%r" % partial_path) spec = json.dumps({"ref": "/" + "/".join(partial_path)}) data = internal_find('/data/admin/permissions/', query=spec, apikey='admin') for rec in data: auth = rec.get('auth') if self.match_auth(auth): perms.update(set(rec.get('perms', set()))) L.info("PermissionChecker: rule %s, perms=%r" % (rec.get('_src'), set(rec.get('perms', set())))) if ((method == "POST" and "new" in perms) or (method == "DELETE" and "delete" in perms) or (method == "PUT" and "edit" in perms) or (method == "GET" and "read" in perms)): pass else: self.should_stop = True
def process(self): method = self.token.request.method self.should_stop = False self.app = self.token.request.args.get('apikey',None) if self.app != None: if self.app == "admin": return if not self.validate_api(self.app): return self.user = None ## TODO: '''<<getuser>>''' if self.token.slug != None: fullpath = os.path.join(self.token.path, self.token.slug) else: fullpath = self.token.path L.debug("PermissionChecker: full_path=%r" % fullpath) fullpath = fullpath.split('/') L.debug("PermissionChecker: full_path=%r" % fullpath) perms = set() for i in range(len(fullpath)): partial_path = fullpath[0:i+1] L.debug("PermissionChecker: partial_path=%r" % partial_path) spec = json.dumps({ "ref" : "/" + "/".join(partial_path) }) data = internal_find('/data/admin/permissions/',query=spec,apikey='admin') for rec in data: auth = rec.get('auth') if self.match_auth(auth): perms.update(set(rec.get('perms',set()))) L.info("PermissionChecker: rule %s, perms=%r" % (rec.get('_src'),set(rec.get('perms',set())))) if ( (method == "POST" and "new" in perms) or (method == "DELETE" and "delete" in perms) or (method == "PUT" and "edit" in perms) or (method == "GET" and "read" in perms) ): pass else: self.should_stop = True
def process(self): self.token.cache_key = json.dumps(self.token.path) + '|' + json.dumps( self.token.slug) + '|' + '|'.join([ self.token.request.args.get(arg, '') for arg in self.ARGS_FOR_KEY ]) if self.token.request.args.get('hitcache', "1") == "0": L.info("Skipping cache as requested for %s/%s" % (self.token.path, self.token.slug)) return data = hit_cache(self.token.cache_key.encode('utf8').encode('hex')) L.info("Data for key %s == %s" % (self.token.cache_key, snip(repr(data)))) if data != None: self.token.response = json.loads(data.decode('hex').decode('utf8')) self.should_stop = True self.skip_to = "DataFormatter"
def create_or_login(resp): session['openid'] = resp.identity_url openid_key = urllib.quote(urllib.quote(session['openid'], safe='')) user = internal_find('/data/admin/users/%s' % openid_key) if user != None: L.info(u'Successfully signed in fullname=%s, email=%s (%r)' % (resp.fullname, resp.email, resp.__dict__)) else: data = { "fullname": resp.fullname, "email": resp.email, "key": openid_key } user = internal_save('/data/admin/users/%s' % openid_key, data) L.info(u'Successfully created fullname=%s, email=%s (%r)' % (resp.fullname, resp.email, resp.__dict__)) g.user = user return redirect(oid.get_next_url())
def validate_api(self, api_key): try: L.info('PermissionChecker:: api_key = %s' % api_key) api_key = api_key.decode('base64') api_key = json.loads(api_key) app = api_key['a'] referrer = api_key['r'] request_referrer = self.token.request.referrer request_referrer = urlparse.urlparse(request_referrer).netloc L.info( 'PermissionChecker:: app = %s, referrer = %s, req.referrer = %s' % (app, referrer, request_referrer)) assert (referrer == request_referrer) secret = api_key['s'] assert (secret == md5().update("%s:%s:p4tpp" % (app, referrer)).hexdigest()[:8]) self.app = "%s@%s" % (app, referrer) except: return False
def internal_find(url, follow=True, lang=None, query=None, apikey=None, fields=None): params = {'o': 'json', 'limit': 0} params['follow'] = "yes" if follow else "no" if lang: params['lang'] = lang if query: params['query'] = json.dumps(query) if apikey: params['apikey'] = apikey if fields: params['fields'] = json.dumps(fields) L.info("internal_find: Attempting to fetch %s with %s" % (url, params)) params = urlencode(params) url += "?" + params data = g.app.test_client().get(url).data data = json.loads(data) return data
def process(self): self.token.cache_key = ( json.dumps(self.token.path) + "|" + json.dumps(self.token.slug) + "|" + "|".join([self.token.request.args.get(arg, "") for arg in self.ARGS_FOR_KEY]) ) if self.token.request.args.get("hitcache", "1") == "0": L.info("Skipping cache as requested for %s/%s" % (self.token.path, self.token.slug)) return if self.token.request.method == "GET": data = hit_cache(self.token.cache_key) L.info("Data for key %s == %s" % (self.token.cache_key, snip(repr(data)))) if data != None: self.token.response = json.loads(data) self.should_stop = True self.skip_to = "DataFormatter" else: clear_cache(self.token.cache_key) clear_cache_for_path(self.token.path)
def process(self): self.token.cache_key = json.dumps(self.token.path) + '|' + json.dumps( self.token.slug) + '|' + '|'.join([ self.token.request.args.get(arg, '') for arg in self.ARGS_FOR_KEY ]) if self.token.request.args.get('hitcache', "1") == "0": L.info("Skipping cache as requested for %s/%s" % (self.token.path, self.token.slug)) return if self.token.request.method == "GET": data = hit_cache(self.token.cache_key) L.info("Data for key %s == %s" % (self.token.cache_key, snip(repr(data)))) if data != None: self.token.response = json.loads(data) self.should_stop = True self.skip_to = "DataFormatter" else: clear_cache(self.token.cache_key) clear_cache_for_path(self.token.path)
def slug(path,slug): L.info("dbserver::slug::%s:%s, %s, %s" % (request.method,path,slug,request.url)) response, content_type, headers = process(path,slug) return Response(response=response, content_type=content_type, headers=headers)
import os os.environ["DJANGO_SETTINGS_MODULE"] = "openid_db.settings" from gevent import monkey monkey.patch_all() from gevent.pywsgi import WSGIServer from dbserver import app from log import L L.info("Listening on 5555") http_server = WSGIServer(('', 5555), app) http_server.serve_forever()
def process(self): data = json.dumps(self.token.response) if self.token.request.method == "GET": if data != 'null': L.info("CacheSetter: storing in %s <== %s" % (self.token.cache_key,snip(str(data)))) store_in_cache(self.token.cache_key,data)
import os os.environ["DJANGO_SETTINGS_MODULE"]="openid_db.settings" from gevent import monkey; monkey.patch_all() from gevent.pywsgi import WSGIServer from dbserver import app from log import L L.info("Listening on 5555") http_server = WSGIServer(('', 5555), app) http_server.serve_forever()
def logout(): session.pop('openid', None) L.info(u'You have been signed out') return redirect(oid.get_next_url())
def process(self): data = json.dumps(self.token.response) if data != 'null': L.info("CacheSetter: storing in %s <== %s" % (self.token.cache_key,snip(str(data)))) store_in_cache(self.token.cache_key.encode('utf8').encode('hex'),data.encode('utf8').encode('hex'))
def noslug(path): L.info("dbserver::noslug::%s:%s, %s" % (request.method,path,request.url)) response, content_type, headers = process(path,None) L.info("%s %s %s" % (snip(response), content_type, headers)) return Response(response=response, content_type=content_type, headers=headers)