def process_request(self, request):
#added by slzhu
if is_pay_request(request) or is_wapi_request(request):
return None
#获取访问目标
is_access_pay_domain = ('pay.weapp.com'
in request.META.get('HTTP_HOST', ''))
request.is_access_webapp = is_request_for_webapp(request)
request.is_access_webapp_api = is_request_for_webapp_api(request)
request.is_access_pcmall = is_request_for_pcmall(request)
request.is_access_pay = is_pay_request(request) or is_access_pay_domain
request.is_access_mock_pay = is_access_pay_domain
request.is_access_paynotify_callback = is_paynotify_request(
request) or is_access_pay_domain
request.is_access_temporary_qrcode_image = is_request_for_temporary_qrcode_image(
request)
#检查用户来源
is_from_simulator = request_source_detector.is_from_simulator(request)
if is_request_for_webapp or is_request_for_webapp_api or request.user.is_authenticated(
):
return None
if request.is_access_webapp and not is_from_simulator:
#阻止auth从数据库获取request.user
request._cached_user = AnonymousUser()
return None
def process_request(self, request):
if is_pay_request(request) or is_wapi_request(request):
return None
#对于支付请求,不处理
if request.is_access_pay or request.is_access_paynotify_callback:
return None
# 不处理临时二维码请求 by liupeiyu
if request.is_access_temporary_qrcode_image:
return None
#webapp 请求不处理 add by bert
if request.is_access_webapp or request.is_access_pcmall or request.is_access_webapp_api:
return None
if '/weixin/js/config' in request.get_full_path():
return None
request.cloud_user = get_request_cloud_user(request)
if request.cloud_user is None:
user_id = get_cloud_user_from_cookie(request)
user = None
if user_id:
try:
user = CloudUser.objects.get(id=user_id)
except:
request.META[
self.NEED_REMOVE_CLOUD_USER_SESSION_FLAG] = True
request.cloud_user = user
return None
def process_request(self, request):
if is_pay_request(request) or is_wapi_request(request):
return None
if request.is_access_webapp or is_varnish_url(request):
return None
if hasattr(request,
'sub_user') and request.sub_user and User.objects.filter(
id=id).count() == 0:
auth.logout(request)
return HttpResponseRedirect('/login/')
try:
id = request.session['sub_user_id']
if id:
try:
request.sub_user = User.objects.get(
id=request.session['sub_user_id'])
except:
request.sub_user = None
auth.logout(request)
return HttpResponseRedirect('/login/')
else:
request.sub_user = None
except:
request.sub_user = None
return None
def process_request(self, request):
#added by slzhu
if is_pay_request(request):
return None
token = request.REQUEST.get('token', None)
if token is None:
return None
request_host = request.get_host()
authorized_user = get_logined_user_from_token(
token, request_host=request_host)
if authorized_user is None:
return None
auth.login(request, authorized_user)
#用于money系统登录
is_money = int(request.GET.get('is_money', 0))
if is_money:
path_info = '?' + request.META['QUERY_STRING'].split('&')[0]
else:
if request.path_info.endswith('GET'):
path_info = request.path_info[:request.path_info.find('GET')]
else:
path_info = request.path_info
return HttpResponseRedirect(path_info)
def process_request(self, request):
if is_product_stocks_request(request) or is_wapi_request(
request) or is_pay_request(request):
return None
if request.user.is_superuser:
request.app = None
return None
# app_id = get_webappid_from_request(request)
# if app_id:
# try:
# from webapp import cache_util as webapp_cache_util
# app = webapp_cache_util.get_webapp_by_appid(app_id) #WebApp.objects.get(appid=app_id)
# except:
# watchdog_error(u"根据url信息获取app失败,url:{}, appid:{}, 原因:\n{}".format(
# request.get_full_path(), app_id, unicode_full_stack()))
# if app is None:
# #如果从url中没有获取到appid信息,那么尝试从登陆信息中获取
# if request.user.is_authenticated():
# try:
# app = WebApp.objects.get(owner=request.user)
# except:
# watchdog_error(u"根据用户获取app失败,username:{}, appid:{}, 原因:\n{}".format(
# request.user.username, app_id, unicode_full_stack()))
if request.webapp_owner_info:
request.app = request.webapp_owner_info.app
else:
request.app = None
return None
def process_request(self, request):
user = request.user
manager = user
if "page_id=preview" in request.get_full_path():
if isinstance(request.user, User):
#更改manager获取方式 duhao 20151016
if not user.is_superuser:
profile = user.get_profile()
if profile.manager_id != user.id and profile.manager_id > 2:
manager = User.objects.get(id=profile.manager_id)
# departmentUser = auth_models.DepartmentHasUser.objects.filter(user=request.user)
# if len(departmentUser) == 1:
# manager = User.objects.get(id=departmentUser[0].owner_id)
request.manager = manager
if is_pay_request(request) or is_wapi_request(
request
) or request.is_access_webapp or request.is_access_webapp_api:
return None
if isinstance(request.user, User):
#更改manager获取方式 duhao 20151016
if not user.is_superuser:
profile = user.get_profile()
if profile.manager_id != user.id and profile.manager_id > 2:
manager = User.objects.get(id=profile.manager_id)
# departmentUser = auth_models.DepartmentHasUser.objects.filter(user=request.user)
# if len(departmentUser) == 1:
# manager = User.objects.get(id=departmentUser[0].owner_id)
request.manager = manager
return None
def process_request(self, request):
remote_addr = request.META['REMOTE_ADDR']
if remote_addr == '127.0.0.1':
#支持bdd测试
return None
# if not settings.MODE == 'deploy':
# return None
if is_request_for_weixin(request):
return None
if is_paynotify_request(request):
return None
if is_request_for_api(request):
#对于API的访问不进行任何处理
return None
#如果是支付请求
if is_pay_request(request):
return None
#非支付请求
if is_request_for_webapp(request):
#如果是对webapp的请求,不进行任何处理
return None
if is_request_for_cloud_housekeeper(request):
# 如果是微众云商通,不进行任何处理
return None
user_agent_str = request.META.get('HTTP_USER_AGENT', '')
if user_agent_str.find('Flash') >= 0:
#对于Flash的请求不做任何处理
return None
if user_agent_str.find('ApacheBench') >= 0 and (
remote_addr in ['1.202.255.198', '118.26.196.238']
or remote_addr.find('192.168.') == 0):
# 对于公司内部ab命令不做任何处理
return None
user_agent = parse(user_agent_str)
user_agent_browser_family = user_agent.browser.family
if not ((user_agent_browser_family.find('Firefox') >= 0) or \
(user_agent_browser_family.find('Chrome') >= 0) or \
(user_agent_browser_family.find('Safari') >= 0)) and ('/mobile_app/' not in request.path):
#如果请求的浏览器不是Firefox、Chrome和Safari
#那么直接显示提示信息,不允许进行任何其他操作
return render_to_response('account/browser_forbidden.html',
Context({}))
return None
def process_request(self, request):
#added by duhao
if is_product_stocks_request(request):
return None
#added by slzhu
if is_pay_request(request):
return None
if not url_util.is_request_for_webapp(request):
return None
if request.user.is_from_weixin:
return None
if request.user.is_authenticated():
return None
if is_request_for_api(request):
return None
# jz test for varnish
if is_varnish_url(request):
return None
if settings.MODE == 'develop':
return None
else:
if request.user.is_from_simulator:
#不处理来自模拟器中的点击
return None
# if 'webapp_page' in request.get_full_path():
# return None
try:
nick_name = request.webapp_owner_info.auth_appid_info.nick_name
head_img = request.webapp_owner_info.auth_appid_info.head_img
except:
nick_name = ''
head_img = ''
# webapp_owner_id = int(request.GET.get('webapp_owner_id', '0'))
# if webapp_owner_id == 0:
# webapp_owner_id = int(request.GET.get('woid', '0'))
# if webapp_owner_id > 0:
# not_from_weixin_article = SpecialArticle.objects.get(owner_id=webapp_owner_id, name='not_from_weixin')
# c = Context({
# 'qrcode_image': not_from_weixin_article.content
# })
# else:
# c = Context({
# })
c = Context({'head_img': head_img, 'nick_name': nick_name})
return render_to_response('webapp/qrcode.html', c)
def process_request(self, request):
if not settings.MODE == 'deploy':
return None
# 泰兴大厦可以用浏览器访问
remote_addr = request.META.get('REMOTE_ADDR', '')
if remote_addr == '111.202.10.158' or remote_addr == '1.202.255.198':
return
#added by duhao
if is_product_stocks_request(request):
return None
#added by slzhu
if is_pay_request(request):
return None
if not is_request_for_webapp(request):
return None
if is_request_for_apiserver(request):
return None
if request.user.is_from_weixin:
return None
if request.method == 'POST':
if is_pay_request(request):
return None
else:
from core.jsonresponse import create_response
response = create_response(600)
response.errMsg = 'post in pc browser is not allowed under "deploy" MODE'
return response.get_response()
else:
return None
def process_request(self, request):
#added by duhao
if is_product_stocks_request(request):
return None
#added by slzhu
if is_pay_request(request):
return None
username = request.user.username
if username == 'manager' or username == 'product_support':
request.user.is_manager = True
else:
request.user.is_manager = False
return None
def process_request(self, request):
#added by duhao
if is_product_stocks_request(request) or is_wapi_request(
request) or is_pay_request(request):
return None
# todo 微众商城代码
# if request.user_profile:
# request.user.is_weizoom_mall = request.user_profile.webapp_type == WEBAPP_TYPE_WEIZOOM_MALL#WeizoomMall.is_weizoom_mall(request.user_profile.webapp_id)
# if hasattr(request, 'manager'):
# request.manager.is_weizoom_mall = request.user.is_weizoom_mall
# request.is_access_weizoom_mall = request.user.is_weizoom_mall
# else:
request.user.is_weizoom_mall = False
if hasattr(request, 'manager'):
request.manager.is_weizoom_mall = False
request.is_access_weizoom_mall = False
return None
def process_request(self, request):
if is_pay_request(request) or is_wapi_request(request):
return None
if self.__is_request_for_webapp_market_tools_page(request):
request.should_hide_footer = True
if (not request.is_access_webapp) and request.user.is_authenticated():
request.user.market_tool_modules = weapp_product_api.get_market_tool_modules_for_user(
request.user)
request.user.has_market_tool_modules = (len(
request.user.market_tool_modules) > 0)
if not weapp_product_api.has_permission_to_access(
request.user, request.path):
#无访问权限,调回market_tools首页
return HttpResponseRedirect('/market_tools/')
return None
def process_request(self, request):
#added by slzhu
if is_pay_request(request):
return None
request.module_name = None
module = request.GET.get('module', None)
if module:
if module == 'cms':
request.module_name = u'文章管理'
elif module == 'mall':
request.module_name = u'微商城'
elif module == 'user_center':
request.module_name = u'用户中心'
else:
pass
return None
def process_request(self, request):
#added by duhao
if is_product_stocks_request(request) or is_wapi_request(request):
return None
#added by slzhu
if is_pay_request(request):
return None
if not request.user.is_authenticated() or request.user_profile is None:
return None
if request.user_profile.force_logout_date > 0 and\
('LAST_LOGIN_DATE' not in request.session or \
request.session['LAST_LOGIN_DATE'] < request.user_profile.force_logout_date):
auth.logout(request)
return None
def process_response(self, request, response):
if is_pay_request(request) or is_wapi_request(request):
return response
if 'api' in request.get_full_path(
) or 'resource_js' in request.get_full_path():
#不处理对api的访问
return response
try:
if hasattr(request, 'member') and request.member:
page_title = ''
if hasattr(request, 'context_dict'):
page_title = request.context_dict.get('page_title', '')
from modules.member.tasks import record_member_pv
record_member_pv.delay(request.member.id,
request.get_full_path(), page_title)
except:
pass
return response
def process_request(self, request):
#added by duhao
if is_product_stocks_request(request) or is_wapi_request(request):
return None
#added by slzhu
if is_pay_request(request):
return None
request.user.is_from_simulator = request_source_detector.is_from_simulator(
request)
request.user.is_from_weixin = request_source_detector.is_from_weixin(
request)
request.user.is_from_android = request_source_detector.is_from_android(
request)
request.user.is_from_mobile = request_source_detector.is_from_mobile(
request)
request.user.is_from_iphone = request_source_detector.is_from_iphone(
request)
return None
def process_request(self, request):
if is_pay_request(request) or is_wapi_request(request):
return None
if (not request.is_access_webapp):
#对于非webapp的请求不进行记录
return None
if request.is_access_webapp_api:
#不处理对api的访问
return None
if request.app is None:
return None
if request.user.is_from_simulator:
#不处理来自模拟器中的点击
return None
from webapp.handlers import event_handler_util
request.event_data = event_handler_util.extract_data(request)
#if not is_varnish_url(request):
event_handler_util.handle(request, 'page_visit')
return None
def process_request(self, request):
#added by duhao
if is_product_stocks_request(request):
return None
# 如果是支付、WAPI等场景,则跳过
if is_pay_request(request) or is_wapi_request(request):
return None
#根据module判断访问的页面类型
module = request.GET.get('module', None)
if not module:
request.page_type = 'home_page'
else:
if 'market_tool:' in module:
request.page_type = 'market_tool'
elif 'apps' in module:
request.page_type = 'apps'
else:
request.page_type = 'webapp'
#支付宝在同步和异步回调属于webapp add by bert
if request.get_full_path().find(
'mall/pay_notify_result/get') != -1 or request.get_full_path(
).find('mall/pay_result/get') != -1:
request.page_type = 'webapp'
#处理user profile
webapp_owner_id = -1
request.user_profile = None
if request.user.is_authenticated(
) and not request.user.is_superuser and not request.is_access_webapp and not request.is_access_webapp_api:
if hasattr(request, 'manager'):
request.user_profile = request.manager.get_profile()
# else:
# # request.user_profile = request.user.get_profile()
# request.user_profile = request.webapp_owner_info.user_profile
webapp_owner_id = request.user_profile.user_id
else:
webapp_owner_id = request.REQUEST.get('woid', -1)
if webapp_owner_id == -1:
webapp_owner_id = request.REQUEST.get('webapp_owner_id', -1)
if webapp_owner_id == -1:
#TODO: 消除project_id
project_id = request.REQUEST.get('project_id', None)
if project_id:
if 'market_tool:' in project_id:
_, market_tool, webapp_owner_id = project_id.split(':')
elif 'apps' in project_id:
_, app, webapp_owner_id = project_id.split(':')
elif 'fake:wepage' in project_id:
_, wepage, webapp_owner_id, _, page_id = project_id.split(
':')
elif 'sign' in project_id:
_, app_name, related_page_id = project_id.split(':')
project = Sign.objects.get(
related_page_id=related_page_id)
webapp_owner_id = project.owner_id
else:
project = Project.objects.get(id=project_id)
webapp_owner_id = project.owner_id
if (webapp_owner_id == -1) and request.get_full_path().find(
'message/material/news_detail/mshow/') > -1:
try:
query_list = request.get_full_path().split('/')
user = News.objects.get(
id=query_list[query_list.index('mshow') +
1]).material.owner
webapp_owner_id = user.id
except:
pass
if (webapp_owner_id == -1) and request.get_full_path().find(
'mall/pay_notify_result/get') != -1 or request.get_full_path(
).find('mall/pay_result/get') != -1:
try:
request_url_split_list = request.get_full_path().split('/')
webapp_owner_id = int(
request_url_split_list[request_url_split_list.index('get')
+ 1])
except:
error_msg = u"UserProfileMiddleware: get webapp_owner_id from pay url failed. {}: cause:\n{}"\
.format(int(request_url_split_list[request_url_split_list.index('get')+1]),unicode_full_stack())
watchdog_info(error_msg)
#记录webapp_owner_id
request.webapp_owner_id = webapp_owner_id
if request.webapp_owner_id:
request.webapp_owner_id = int(request.webapp_owner_id)
#根据webapp_owner_id获取user_profile以及webapp_owner_info
if request.webapp_owner_id != -1:
if request.is_access_webapp or request.is_access_pay or request.is_access_paynotify_callback:
try:
request.webapp_owner_info = webapp_owner_cache.get_webapp_owner_info(
webapp_owner_id)
request.mall_data = webapp_cache.get_webapp_mall_data(
webapp_owner_id)
request.webapp_owner_info.mall_data = request.mall_data
if not request.user_profile:
request.user_profile = request.webapp_owner_info.user_profile
except:
if settings.DEBUG:
raise
else:
alert_message = u"获取缓存信息失败, cause:\n{}".format(
unicode_full_stack())
watchdog_alert(alert_message, type='WEB')
request.webapp_owner_info = None
request.mall_data = None
request.user_profile = UserProfile.objects.get(
user_id=webapp_owner_id)
else:
request.user_profile = UserProfile.objects.get(
user_id=webapp_owner_id)
request.webapp_owner_info = None
else:
request.webapp_owner_info = None
request.user_profile = None
#add by duhao 20150519
from account.account_util import get_token_for_logined_user
request.user_token = get_token_for_logined_user(request.user)
assert hasattr(request, 'user_token')
assert hasattr(request, 'webapp_owner_id')
assert hasattr(request, 'user_profile')
assert hasattr(request, 'webapp_owner_info')
return None
