def test_file_scheme_failure(self): url = 'file:///etc/profile' self.m.StubOutWithMock(urlutils, 'urlopen') urlutils.urlopen(url).AndRaise(urlutils.URLError('oops')) self.m.ReplayAll() self.assertRaises(IOError, urlfetch.get, url, allowed_schemes=['file']) self.m.VerifyAll()
def test_file_scheme_failure(self): url = "file:///etc/profile" self.m.StubOutWithMock(urlutils, "urlopen") urlutils.urlopen(url).AndRaise(urlutils.URLError("oops")) self.m.ReplayAll() self.assertRaises(IOError, urlfetch.get, url, allowed_schemes=["file"]) self.m.VerifyAll()
def test_file_scheme_supported(self): data = '{ "foo": "bar" }' url = 'file:///etc/profile' self.m.StubOutWithMock(urlutils, 'urlopen') urlutils.urlopen(url).AndReturn(cStringIO(data)) self.m.ReplayAll() self.assertEqual(data, urlfetch.get(url, allowed_schemes=['file'])) self.m.VerifyAll()
def __call__(self, target, creds, enforcer): """Check http: rules by calling to a remote server. This example implementation simply verifies that the response is exactly 'True'. """ url = ('http:' + self.match) % target data = {'target': jsonutils.dumps(target), 'credentials': jsonutils.dumps(creds)} post_data = urlutils.urlencode(data) f = urlutils.urlopen(url, post_data) return f.read() == "True"
def __call__(self, target, creds, enforcer): """Check http: rules by calling to a remote server. This example implementation simply verifies that the response is exactly 'True'. """ url = ('http:' + self.match) % target data = { 'target': jsonutils.dumps(target), 'credentials': jsonutils.dumps(creds) } post_data = urlutils.urlencode(data) f = urlutils.urlopen(url, post_data) return f.read() == "True"
def get(url, allowed_schemes=('http', 'https')): ''' Get the data at the specifier URL. The URL must use the http: or https: schemes. The file: scheme is also supported if you override the allowed_schemes argument. Raise an IOError if getting the data fails. ''' logger.info(_('Fetching data from %s') % url) components = urlutils.urlparse(url) if components.scheme not in allowed_schemes: raise IOError(_('Invalid URL scheme %s') % components.scheme) if components.scheme == 'file': try: return urlutils.urlopen(url).read() except urlutils.URLError as uex: raise IOError(_('Failed to retrieve template: %s') % str(uex)) try: resp = requests.get(url, stream=True) resp.raise_for_status() # We cannot use resp.text here because it would download the # entire file, and a large enough file would bring down the # engine. The 'Content-Length' header could be faked, so it's # necessary to download the content in chunks to until # max_template_size is reached. The chunk_size we use needs # to balance CPU-intensive string concatenation with accuracy # (eg. it's possible to fetch 1000 bytes greater than # max_template_size with a chunk_size of 1000). reader = resp.iter_content(chunk_size=1000) result = "" for chunk in reader: result += chunk if len(result) > cfg.CONF.max_template_size: raise IOError("Template exceeds maximum allowed size (%s " "bytes)" % cfg.CONF.max_template_size) return result except exceptions.RequestException as ex: raise IOError(_('Failed to retrieve template: %s') % str(ex))