def database_connection():
try:
server = Server('http://localhost:5984/')
server.version()
return server
except Exception:
print('Cannot connect to the database')
def main(global_config, **settings):
""" This function returns a Pyramid WSGI application.
"""
config = Configurator(settings=settings)
config.add_subscriber(add_logging_context, ContextFound)
config.include('pyramid_exclog')
config.add_route('home', '/')
config.add_route('resync_all', '/resync_all')
config.add_route('resync_back', '/resync_back')
config.add_route('resync', '/resync/{auction_id}')
config.add_route('recheck', '/recheck/{auction_id}')
config.add_route('calendar', '/calendar')
config.add_route('calendar_entry', '/calendar/{date}')
config.add_route('streams', '/streams')
config.scan(ignore='openprocurement.chronograph.tests')
config.add_subscriber(start_scheduler, ApplicationCreated)
config.registry.api_token = os.environ.get('API_TOKEN',
settings.get('api.token'))
db_name = os.environ.get('DB_NAME', settings['couchdb.db_name'])
server = Server(settings.get('couchdb.url'),
session=Session(retry_delays=range(60)))
if 'couchdb.admin_url' not in settings and server.resource.credentials:
try:
server.version()
except Unauthorized:
server = Server(extract_credentials(
settings.get('couchdb.url'))[0],
session=Session(retry_delays=range(60)))
config.registry.couchdb_server = server
if 'couchdb.admin_url' in settings and server.resource.credentials:
aserver = Server(settings.get('couchdb.admin_url'),
session=Session(retry_delays=range(10)))
users_db = aserver['_users']
if SECURITY != users_db.security:
LOGGER.info("Updating users db security",
extra={'MESSAGE_ID': 'update_users_security'})
users_db.security = SECURITY
username, password = server.resource.credentials
user_doc = users_db.get(
'org.couchdb.user:{}'.format(username),
{'_id': 'org.couchdb.user:{}'.format(username)})
if not user_doc.get(
'derived_key', '') or PBKDF2(password, user_doc.get(
'salt', ''), user_doc.get('iterations', 10)).hexread(
int(len(user_doc.get('derived_key', '')) /
2)) != user_doc.get('derived_key', ''):
user_doc.update({
"name": username,
"roles": [],
"type": "user",
"password": password
})
LOGGER.info("Updating chronograph db main user",
extra={'MESSAGE_ID': 'update_chronograph_main_user'})
users_db.save(user_doc)
security_users = [
username,
]
if db_name not in aserver:
aserver.create(db_name)
db = aserver[db_name]
SECURITY[u'members'][u'names'] = security_users
if SECURITY != db.security:
LOGGER.info("Updating chronograph db security",
extra={'MESSAGE_ID': 'update_chronograph_security'})
db.security = SECURITY
auth_doc = db.get(VALIDATE_DOC_ID, {'_id': VALIDATE_DOC_ID})
if auth_doc.get(
'validate_doc_update') != VALIDATE_DOC_UPDATE % username:
auth_doc['validate_doc_update'] = VALIDATE_DOC_UPDATE % username
LOGGER.info(
"Updating chronograph db validate doc",
extra={'MESSAGE_ID': 'update_chronograph_validate_doc'})
db.save(auth_doc)
# sync couchdb views
sync_design(db)
db = server[db_name]
else:
if db_name not in server:
server.create(db_name)
db = server[db_name]
# sync couchdb views
sync_design(db)
config.registry.db = db
jobstores = {
#'default': CouchDBJobStore(database=db_name, client=server)
}
#executors = {
#'default': ThreadPoolExecutor(5),
#'processpool': ProcessPoolExecutor(5)
#}
job_defaults = {'coalesce': False, 'max_instances': 3}
config.registry.api_url = settings.get('api.url')
config.registry.callback_url = settings.get('callback.url')
scheduler = Scheduler(
jobstores=jobstores,
#executors=executors,
job_defaults=job_defaults,
timezone=TZ)
if 'jobstore_db' in settings:
scheduler.add_jobstore('sqlalchemy', url=settings['jobstore_db'])
config.registry.scheduler = scheduler
# scheduler.remove_all_jobs()
# scheduler.start()
resync_all_job = scheduler.get_job('resync_all')
now = datetime.now(TZ)
if not resync_all_job or resync_all_job.next_run_time < now - timedelta(
hours=1):
if resync_all_job:
args = resync_all_job.args
else:
args = [settings.get('callback.url') + 'resync_all', None]
run_date = now + timedelta(seconds=60)
scheduler.add_job(push,
'date',
run_date=run_date,
timezone=TZ,
id='resync_all',
args=args,
replace_existing=True,
misfire_grace_time=60 * 60)
return config.make_wsgi_app()
def main(global_config, **settings):
config = Configurator(
settings=settings,
root_factory=factory,
authentication_policy=AuthenticationPolicy(settings['auth.file'], __name__),
authorization_policy=AuthorizationPolicy(),
route_prefix=ROUTE_PREFIX,
)
config.add_forbidden_view(forbidden)
config.add_request_method(authenticated_role, reify=True)
config.add_renderer('prettyjson', JSON(indent=4))
config.add_renderer('jsonp', JSONP(param_name='opt_jsonp'))
config.add_renderer('prettyjsonp', JSONP(indent=4, param_name='opt_jsonp'))
config.add_subscriber(add_logging_context, NewRequest)
config.add_subscriber(set_logging_context, ContextFound)
config.add_subscriber(set_renderer, NewRequest)
config.add_subscriber(beforerender, BeforeRender)
config.include('pyramid_exclog')
config.include("cornice")
config.scan("openprocurement.api.views")
# CouchDB connection
db_name = os.environ.get('DB_NAME', settings['couchdb.db_name'])
server = Server(settings.get('couchdb.url'), session=Session(retry_delays=range(10)))
if 'couchdb.admin_url' not in settings and server.resource.credentials:
try:
server.version()
except Unauthorized:
server = Server(extract_credentials(settings.get('couchdb.url'))[0])
config.registry.couchdb_server = server
if 'couchdb.admin_url' in settings and server.resource.credentials:
aserver = Server(settings.get('couchdb.admin_url'), session=Session(retry_delays=range(10)))
users_db = aserver['_users']
if SECURITY != users_db.security:
LOGGER.info("Updating users db security", extra={'MESSAGE_ID': 'update_users_security'})
users_db.security = SECURITY
username, password = server.resource.credentials
user_doc = users_db.get('org.couchdb.user:{}'.format(username), {'_id': 'org.couchdb.user:{}'.format(username)})
if not user_doc.get('derived_key', '') or PBKDF2(password, user_doc.get('salt', ''), user_doc.get('iterations', 10)).hexread(int(len(user_doc.get('derived_key', '')) / 2)) != user_doc.get('derived_key', ''):
user_doc.update({
"name": username,
"roles": [],
"type": "user",
"password": password
})
LOGGER.info("Updating api db main user", extra={'MESSAGE_ID': 'update_api_main_user'})
users_db.save(user_doc)
security_users = [username, ]
if 'couchdb.reader_username' in settings and 'couchdb.reader_password' in settings:
reader_username = settings.get('couchdb.reader_username')
reader = users_db.get('org.couchdb.user:{}'.format(reader_username), {'_id': 'org.couchdb.user:{}'.format(reader_username)})
if not reader.get('derived_key', '') or PBKDF2(settings.get('couchdb.reader_password'), reader.get('salt', ''), reader.get('iterations', 10)).hexread(int(len(reader.get('derived_key', '')) / 2)) != reader.get('derived_key', ''):
reader.update({
"name": reader_username,
"roles": ['reader'],
"type": "user",
"password": settings.get('couchdb.reader_password')
})
LOGGER.info("Updating api db reader user", extra={'MESSAGE_ID': 'update_api_reader_user'})
users_db.save(reader)
security_users.append(reader_username)
if db_name not in aserver:
aserver.create(db_name)
db = aserver[db_name]
SECURITY[u'members'][u'names'] = security_users
if SECURITY != db.security:
LOGGER.info("Updating api db security", extra={'MESSAGE_ID': 'update_api_security'})
db.security = SECURITY
auth_doc = db.get(VALIDATE_DOC_ID, {'_id': VALIDATE_DOC_ID})
if auth_doc.get('validate_doc_update') != VALIDATE_DOC_UPDATE % username:
auth_doc['validate_doc_update'] = VALIDATE_DOC_UPDATE % username
LOGGER.info("Updating api db validate doc", extra={'MESSAGE_ID': 'update_api_validate_doc'})
db.save(auth_doc)
# sync couchdb views
sync_design(db)
db = server[db_name]
else:
if db_name not in server:
server.create(db_name)
db = server[db_name]
# sync couchdb views
sync_design(db)
config.registry.db = db
# migrate data
migrate_data(config.registry.db)
# S3 connection
if 'aws.access_key' in settings and 'aws.secret_key' in settings and 'aws.s3_bucket' in settings:
connection = S3Connection(settings['aws.access_key'], settings['aws.secret_key'])
config.registry.s3_connection = connection
bucket_name = settings['aws.s3_bucket']
if bucket_name not in [b.name for b in connection.get_all_buckets()]:
connection.create_bucket(bucket_name, location=Location.EU)
config.registry.bucket_name = bucket_name
config.registry.server_id = settings.get('id', '')
return config.make_wsgi_app()
def main(global_config, **settings):
""" This function returns a Pyramid WSGI application.
"""
config = Configurator(settings=settings)
if JournalHandler:
config.add_subscriber(set_journal_handler, ContextFound)
config.add_subscriber(clear_journal_handler, BeforeRender)
config.include('pyramid_exclog')
config.add_route('home', '/')
config.add_route('resync_all', '/resync_all')
config.add_route('resync', '/resync/{tender_id}')
config.add_route('calendar', '/calendar')
config.add_route('calendar_entry', '/calendar/{date}')
config.add_route('streams', '/streams')
config.scan(ignore='openprocurement.chronograph.tests')
config.add_subscriber(start_scheduler, ApplicationCreated)
config.registry.api_token = os.environ.get('API_TOKEN', settings.get('api.token'))
db_name = os.environ.get('DB_NAME', settings['couchdb.db_name'])
server = Server(settings.get('couchdb.url'), session=Session(retry_delays=range(60)))
if 'couchdb.admin_url' not in settings and server.resource.credentials:
try:
server.version()
except Unauthorized:
server = Server(extract_credentials(settings.get('couchdb.url'))[0])
config.registry.couchdb_server = server
if 'couchdb.admin_url' in settings and server.resource.credentials:
aserver = Server(settings.get('couchdb.admin_url'), session=Session(retry_delays=range(10)))
users_db = aserver['_users']
if SECURITY != users_db.security:
INIT_LOGGER.info("Updating users db security", extra={'MESSAGE_ID': 'update_users_security'})
users_db.security = SECURITY
username, password = server.resource.credentials
user_doc = users_db.get('org.couchdb.user:{}'.format(username), {'_id': 'org.couchdb.user:{}'.format(username)})
if not user_doc.get('derived_key', '') or PBKDF2(password, user_doc.get('salt', ''), user_doc.get('iterations', 10)).hexread(int(len(user_doc.get('derived_key', '')) / 2)) != user_doc.get('derived_key', ''):
user_doc.update({
"name": username,
"roles": [],
"type": "user",
"password": password
})
INIT_LOGGER.info("Updating chronograph db main user", extra={'MESSAGE_ID': 'update_chronograph_main_user'})
users_db.save(user_doc)
security_users = [username, ]
if db_name not in aserver:
aserver.create(db_name)
db = aserver[db_name]
SECURITY[u'members'][u'names'] = security_users
if SECURITY != db.security:
INIT_LOGGER.info("Updating chronograph db security", extra={'MESSAGE_ID': 'update_chronograph_security'})
db.security = SECURITY
auth_doc = db.get(VALIDATE_DOC_ID, {'_id': VALIDATE_DOC_ID})
if auth_doc.get('validate_doc_update') != VALIDATE_DOC_UPDATE % username:
auth_doc['validate_doc_update'] = VALIDATE_DOC_UPDATE % username
INIT_LOGGER.info("Updating chronograph db validate doc", extra={'MESSAGE_ID': 'update_chronograph_validate_doc'})
db.save(auth_doc)
else:
if db_name not in server:
server.create(db_name)
config.registry.db = server[db_name]
jobstores = {
#'default': CouchDBJobStore(database=db_name, client=server)
}
#executors = {
#'default': ThreadPoolExecutor(5),
#'processpool': ProcessPoolExecutor(5)
#}
job_defaults = {
'coalesce': False,
'max_instances': 5
}
config.registry.api_url = settings.get('api.url')
config.registry.callback_url = settings.get('callback.url')
scheduler = Scheduler(jobstores=jobstores,
#executors=executors,
job_defaults=job_defaults,
timezone=TZ)
if 'jobstore_db' in settings:
scheduler.add_jobstore('sqlalchemy', url=settings['jobstore_db'])
config.registry.scheduler = scheduler
# scheduler.remove_all_jobs()
# scheduler.start()
resync_all_job = scheduler.get_job('resync_all')
now = datetime.now(TZ)
if not resync_all_job or resync_all_job.next_run_time < now - timedelta(hours=1):
if resync_all_job:
args = resync_all_job.args
else:
args = [settings.get('callback.url') + 'resync_all', None]
run_date = now + timedelta(seconds=60)
scheduler.add_job(push, 'date', run_date=run_date, timezone=TZ,
id='resync_all', args=args,
replace_existing=True, misfire_grace_time=60 * 60)
return config.make_wsgi_app()
def set_chronograph_security(settings):
db_name = os.environ.get('DB_NAME', settings['couchdb.db_name'])
server = Server(settings.get('couchdb.url'),
session=Session(retry_delays=range(60)))
if 'couchdb.admin_url' not in settings and server.resource.credentials:
try:
server.version()
except Unauthorized:
server = Server(extract_credentials(
settings.get('couchdb.url'))[0],
session=Session(retry_delays=range(60)))
if 'couchdb.admin_url' in settings and server.resource.credentials:
aserver = Server(settings.get('couchdb.admin_url'),
session=Session(retry_delays=range(10)))
users_db = aserver['_users']
if SECURITY != users_db.security:
LOGGER.info('Updating users db security',
extra={'MESSAGE_ID': 'update_users_security'})
users_db.security = SECURITY
username, password = server.resource.credentials
user_doc = users_db.get(
'org.couchdb.user:{}'.format(username),
{'_id': 'org.couchdb.user:{}'.format(username)})
if (not user_doc.get('derived_key', '') or
PBKDF2(password, user_doc.get('salt', ''),
user_doc.get('iterations', 10)).hexread(
int(len(user_doc.get('derived_key', '')) / 2)) !=
user_doc.get('derived_key', '')):
user_doc.update({
'name': username,
'roles': [],
'type': 'user',
'password': password
})
LOGGER.info('Updating chronograph db main user',
extra={'MESSAGE_ID': 'update_chronograph_main_user'})
users_db.save(user_doc)
security_users = [username, ]
if db_name not in aserver:
aserver.create(db_name)
db = aserver[db_name]
SECURITY['members']['names'] = security_users
if SECURITY != db.security:
LOGGER.info('Updating chronograph db security',
extra={'MESSAGE_ID': 'update_chronograph_security'})
db.security = SECURITY
auth_doc = db.get(VALIDATE_DOC_ID, {'_id': VALIDATE_DOC_ID})
if auth_doc.get('validate_doc_update') != VALIDATE_DOC_UPDATE % username:
auth_doc['validate_doc_update'] = VALIDATE_DOC_UPDATE % username
LOGGER.info('Updating chronograph db validate doc',
extra={'MESSAGE_ID': 'update_chronograph_validate_doc'})
db.save(auth_doc)
# sync couchdb views
sync_design(db)
db = server[db_name]
else:
if db_name not in server:
server.create(db_name)
db = server[db_name]
# sync couchdb views
sync_design(db)
return server, db
def main(global_config, **settings):
config = Configurator(
settings=settings,
root_factory=factory,
authentication_policy=AuthenticationPolicy(settings['auth.file'],
__name__),
authorization_policy=AuthorizationPolicy(),
route_prefix=ROUTE_PREFIX,
)
config.add_forbidden_view(forbidden)
config.add_request_method(authenticated_role, reify=True)
config.add_renderer('prettyjson', JSON(indent=4))
config.add_renderer('jsonp', JSONP(param_name='opt_jsonp'))
config.add_renderer('prettyjsonp', JSONP(indent=4, param_name='opt_jsonp'))
if JournalHandler:
config.add_subscriber(set_journal_handler, NewRequest)
config.add_subscriber(update_journal_handler_role, ContextFound)
config.add_subscriber(cleanup_journal_handler, BeforeRender)
config.add_subscriber(set_renderer, NewRequest)
config.add_subscriber(beforerender, BeforeRender)
config.include('pyramid_exclog')
config.include("cornice")
config.scan("openprocurement.api.views")
# CouchDB connection
db_name = os.environ.get('DB_NAME', settings['couchdb.db_name'])
server = Server(settings.get('couchdb.url'),
session=Session(retry_delays=range(10)))
if 'couchdb.admin_url' not in settings and server.resource.credentials:
try:
server.version()
except Unauthorized:
server = Server(
extract_credentials(settings.get('couchdb.url'))[0])
config.registry.couchdb_server = server
if 'couchdb.admin_url' in settings and server.resource.credentials:
aserver = Server(settings.get('couchdb.admin_url'),
session=Session(retry_delays=range(10)))
users_db = aserver['_users']
if SECURITY != users_db.security:
LOGGER.info("Updating users db security",
extra={'MESSAGE_ID': 'update_users_security'})
users_db.security = SECURITY
username, password = server.resource.credentials
user_doc = users_db.get(
'org.couchdb.user:{}'.format(username),
{'_id': 'org.couchdb.user:{}'.format(username)})
if not user_doc.get(
'derived_key', '') or PBKDF2(password, user_doc.get(
'salt', ''), user_doc.get('iterations', 10)).hexread(
int(len(user_doc.get('derived_key', '')) /
2)) != user_doc.get('derived_key', ''):
user_doc.update({
"name": username,
"roles": [],
"type": "user",
"password": password
})
LOGGER.info("Updating api db main user",
extra={'MESSAGE_ID': 'update_api_main_user'})
users_db.save(user_doc)
security_users = [
username,
]
if 'couchdb.reader_username' in settings and 'couchdb.reader_password' in settings:
reader_username = settings.get('couchdb.reader_username')
reader = users_db.get(
'org.couchdb.user:{}'.format(reader_username),
{'_id': 'org.couchdb.user:{}'.format(reader_username)})
if not reader.get('derived_key', '') or PBKDF2(
settings.get('couchdb.reader_password'),
reader.get('salt', ''), reader.get(
'iterations', 10)).hexread(
int(len(reader.get('derived_key', '')) /
2)) != reader.get('derived_key', ''):
reader.update({
"name":
reader_username,
"roles": ['reader'],
"type":
"user",
"password":
settings.get('couchdb.reader_password')
})
LOGGER.info("Updating api db reader user",
extra={'MESSAGE_ID': 'update_api_reader_user'})
users_db.save(reader)
security_users.append(reader_username)
if db_name not in aserver:
aserver.create(db_name)
db = aserver[db_name]
SECURITY[u'members'][u'names'] = security_users
if SECURITY != db.security:
LOGGER.info("Updating api db security",
extra={'MESSAGE_ID': 'update_api_security'})
db.security = SECURITY
auth_doc = db.get(VALIDATE_DOC_ID, {'_id': VALIDATE_DOC_ID})
if auth_doc.get(
'validate_doc_update') != VALIDATE_DOC_UPDATE % username:
auth_doc['validate_doc_update'] = VALIDATE_DOC_UPDATE % username
LOGGER.info("Updating api db validate doc",
extra={'MESSAGE_ID': 'update_api_validate_doc'})
db.save(auth_doc)
# sync couchdb views
sync_design(db)
db = server[db_name]
else:
if db_name not in server:
server.create(db_name)
db = server[db_name]
# sync couchdb views
sync_design(db)
config.registry.db = db
# migrate data
migrate_data(config.registry.db)
# S3 connection
if 'aws.access_key' in settings and 'aws.secret_key' in settings and 'aws.s3_bucket' in settings:
connection = S3Connection(settings['aws.access_key'],
settings['aws.secret_key'])
config.registry.s3_connection = connection
bucket_name = settings['aws.s3_bucket']
if bucket_name not in [b.name for b in connection.get_all_buckets()]:
connection.create_bucket(bucket_name, location=Location.EU)
config.registry.bucket_name = bucket_name
return config.make_wsgi_app()
