def post(self, request, organization=None, *args, **kwargs):
"""
Process a login request via username/password. SSO login is handled
elsewhere.
"""
login_form = AuthenticationForm(request, request.data)
# Rate limit logins
is_limited = ratelimiter.is_limited(
"auth:login:username:{}".format(
md5_text(
login_form.clean_username(
request.data.get("username"))).hexdigest()),
limit=10,
window=60, # 10 per minute should be enough for anyone
)
if is_limited:
errors = {"__all__": [login_form.error_messages["rate_limited"]]}
metrics.incr("login.attempt",
instance="rate_limited",
skip_internal=True,
sample_rate=1.0)
return self.respond_with_error(errors)
if not login_form.is_valid():
metrics.incr("login.attempt",
instance="failure",
skip_internal=True,
sample_rate=1.0)
return self.respond_with_error(login_form.errors)
user = login_form.get_user()
auth.login(request,
user,
organization_id=organization.id if organization else None)
metrics.incr("login.attempt",
instance="success",
skip_internal=True,
sample_rate=1.0)
if not user.is_active:
return Response({
"nextUri":
"/auth/reactivate/",
"user":
serialize(user, user, DetailedUserSerializer()),
})
active_org = self.get_active_organization(request)
redirect_url = auth.get_org_redirect_url(request, active_org)
return Response({
"nextUri":
auth.get_login_redirect(request, redirect_url),
"user":
serialize(user, user, DetailedUserSerializer()),
})
def get_default_context(request, existing_context=None, team=None):
from sentry import options
from sentry.plugins import plugins
context = {
"URL_PREFIX": options.get("system.url-prefix"),
"SINGLE_ORGANIZATION": settings.SENTRY_SINGLE_ORGANIZATION,
"PLUGINS": plugins,
"ONPREMISE": settings.SENTRY_ONPREMISE,
}
if existing_context:
if team is None and "team" in existing_context:
team = existing_context["team"]
if "project" in existing_context:
project = existing_context["project"]
else:
project = None
else:
project = None
if team:
organization = team.organization
elif project:
organization = project.organization
else:
organization = None
if request:
context.update({"request": request})
if (not existing_context
or "TEAM_LIST" not in existing_context) and team:
context["TEAM_LIST"] = Team.objects.get_for_user(
organization=team.organization,
user=request.user,
with_projects=True)
user = request.user
else:
user = AnonymousUser()
if organization:
context["selectedOrganization"] = serialize(organization, user)
if team:
context["selectedTeam"] = serialize(team, user)
if project:
context["selectedProject"] = serialize(project, user)
if not existing_context or "ACCESS" not in existing_context:
if request:
context["ACCESS"] = access.from_request(
request=request,
organization=organization).to_django_context()
else:
context["ACCESS"] = access.from_user(
user=user, organization=organization).to_django_context()
return context
def post(self, request, organization=None, *args, **kwargs):
"""
Process a login request via username/password. SSO login is handled
elsewhere.
"""
login_form = AuthenticationForm(request, request.DATA)
# Rate limit logins
is_limited = ratelimiter.is_limited(
u'auth:login:username:{}'.format(
md5_text(request.DATA.get('username').lower()).hexdigest()),
limit=10,
window=60, # 10 per minute should be enough for anyone
)
if is_limited:
errors = {'__all__': [login_form.error_messages['rate_limited']]}
metrics.incr('login.attempt',
instance='rate_limited',
skip_internal=True,
sample_rate=1.0)
return self.respond_with_error(errors)
if not login_form.is_valid():
metrics.incr('login.attempt',
instance='failure',
skip_internal=True,
sample_rate=1.0)
return self.respond_with_error(login_form.errors)
user = login_form.get_user()
auth.login(
request,
user,
organization_id=organization.id if organization else None,
)
metrics.incr('login.attempt',
instance='success',
skip_internal=True,
sample_rate=1.0)
if not user.is_active:
return Response({
'nextUri':
'/auth/reactivate/',
'user':
serialize(user, user, DetailedUserSerializer()),
})
active_org = self.get_active_organization(request)
redirect_url = auth.get_org_redirect_url(request, active_org)
return Response({
'nextUri':
auth.get_login_redirect(request, redirect_url),
'user':
serialize(user, user, DetailedUserSerializer()),
})
def get_default_context(request, existing_context=None, team=None):
from sentry.plugins import plugins
context = {
'EVENTS_PER_PAGE': EVENTS_PER_PAGE,
'URL_PREFIX': settings.SENTRY_URL_PREFIX,
'SINGLE_ORGANIZATION': settings.SENTRY_SINGLE_ORGANIZATION,
'PLUGINS': plugins,
'ALLOWED_HOSTS': settings.ALLOWED_HOSTS,
'SENTRY_RAVEN_JS_URL': settings.SENTRY_RAVEN_JS_URL,
}
if existing_context:
if team is None and 'team' in existing_context:
team = existing_context['team']
if 'project' in existing_context:
project = existing_context['project']
else:
project = None
else:
project = None
if team:
organization = team.organization
elif project:
organization = project.organization
else:
organization = None
if request:
context.update({
'request': request,
})
if (not existing_context or 'TEAM_LIST' not in existing_context) and team:
context['TEAM_LIST'] = Team.objects.get_for_user(
organization=team.organization,
user=request.user,
with_projects=True,
)
user = request.user
else:
user = AnonymousUser()
if organization:
context['selectedOrganization'] = serialize(organization, user)
if team:
context['selectedTeam'] = serialize(team, user)
if project:
context['selectedProject'] = serialize(project, user)
if not existing_context or 'ACCESS' not in existing_context:
context['ACCESS'] = access.from_user(
user=user,
organization=organization,
).to_django_context()
return context
def get_default_context(request, existing_context=None, team=None):
from sentry.plugins import plugins
context = {
'EVENTS_PER_PAGE': EVENTS_PER_PAGE,
'URL_PREFIX': settings.SENTRY_URL_PREFIX,
'SINGLE_ORGANIZATION': settings.SENTRY_SINGLE_ORGANIZATION,
'PLUGINS': plugins,
'ALLOWED_HOSTS': settings.ALLOWED_HOSTS,
'SENTRY_RAVEN_JS_URL': settings.SENTRY_RAVEN_JS_URL,
}
if existing_context:
if team is None and 'team' in existing_context:
team = existing_context['team']
if 'project' in existing_context:
project = existing_context['project']
else:
project = None
else:
project = None
if team:
organization = team.organization
elif project:
organization = project.organization
else:
organization = None
if request:
context.update({
'request': request,
})
if (not existing_context or 'TEAM_LIST' not in existing_context) and team:
context['TEAM_LIST'] = Team.objects.get_for_user(
organization=team.organization,
user=request.user,
with_projects=True,
)
user = request.user
else:
user = AnonymousUser()
if organization:
context['selectedOrganization'] = serialize(organization, user)
if team:
context['selectedTeam'] = serialize(team, user)
if project:
context['selectedProject'] = serialize(project, user)
if not existing_context or 'ACCESS' not in existing_context:
context['ACCESS'] = access.from_user(
user=user,
organization=organization,
).to_django_context()
return context
def test_view_avatar_for_superuser(self):
"""
Tests that superusers can see all doc integration avatars
"""
self.login_as(user=self.superuser, superuser=True)
for doc in [self.published_doc, self.draft_doc]:
response = self.get_success_response(
doc.slug, status_code=status.HTTP_200_OK)
assert serialize(doc) == response.data
assert serialize(doc.avatar.get()) == response.data["avatar"]
def test_view_avatar_for_user(self):
"""
Tests that regular users can see only published doc integration avatars
"""
self.login_as(user=self.user)
response = self.get_success_response(self.published_doc.slug,
status_code=status.HTTP_200_OK)
assert serialize(self.published_doc) == response.data
assert serialize(
self.published_doc.avatar.get()) == response.data["avatar"]
response = self.get_error_response(
self.draft_doc.slug, status_code=status.HTTP_403_FORBIDDEN)
def test_upload_avatar_for_superuser(self):
"""
Tests that superusers can upload avatars
"""
self.login_as(user=self.superuser, superuser=True)
for doc in [self.published_doc, self.draft_doc]:
prev_avatar = doc.avatar.get()
response = self.get_success_response(
doc.slug,
status_code=status.HTTP_200_OK,
**self.avatar_payload)
assert serialize(doc) == response.data
assert serialize(doc.avatar.get()) == response.data["avatar"]
assert serialize(prev_avatar) != response.data["avatar"]
assert prev_avatar.file_id != doc.avatar.get().file_id
def get_react_config(context):
if 'request' in context:
user = context['request'].user
else:
user = None
if user:
user = extract_lazy_object(user)
enabled_features = []
if features.has('organizations:create', actor=user):
enabled_features.append('organizations:create')
if features.has('auth:register', actor=user):
enabled_features.append('auth:register')
context = {
'singleOrganization': settings.SENTRY_SINGLE_ORGANIZATION,
'urlPrefix': settings.SENTRY_URL_PREFIX,
'version': _get_version_info(),
'features': enabled_features,
'mediaUrl': reverse('sentry-media', args=['sentry', '']),
}
if user and user.is_authenticated():
context.update({
'isAuthenticated': True,
'user': serialize(user, user),
})
else:
context.update({
'isAuthenticated': False,
'user': None,
})
return mark_safe(json.dumps(context))
def get_react_config(context):
if 'request' in context:
user = getattr(context['request'], 'user', None) or AnonymousUser()
messages = get_messages(context['request'])
try:
is_superuser = context['request'].is_superuser()
except AttributeError:
is_superuser = False
else:
user = None
messages = []
is_superuser = False
if user:
user = extract_lazy_object(user)
enabled_features = []
if features.has('organizations:create', actor=user):
enabled_features.append('organizations:create')
if auth.has_user_registration():
enabled_features.append('auth:register')
version_info = _get_version_info()
needs_upgrade = False
if is_superuser:
needs_upgrade = _needs_upgrade()
context = {
'singleOrganization': settings.SENTRY_SINGLE_ORGANIZATION,
'supportEmail': get_support_mail(),
'urlPrefix': options.get('system.url-prefix'),
'version': version_info,
'features': enabled_features,
'mediaUrl': get_asset_url('sentry', ''),
'needsUpgrade': needs_upgrade,
'dsn': _get_public_dsn(),
'statuspage': _get_statuspage(),
'messages': [{
'message': msg.message,
'level': msg.tags,
} for msg in messages],
'isOnPremise': settings.SENTRY_ONPREMISE,
'invitesEnabled': settings.SENTRY_ENABLE_INVITES,
'gravatarBaseUrl': settings.SENTRY_GRAVATAR_BASE_URL,
}
if user and user.is_authenticated():
context.update({
'isAuthenticated': True,
'user': serialize(user, user),
})
context['user']['isSuperuser'] = is_superuser
else:
context.update({
'isAuthenticated': False,
'user': None,
})
return json.dumps_htmlsafe(context)
def test_update_publish_without_avatar(self):
"""
Tests that the DocIntegration cannot be published without an
associated DocIntegrationAvatar.
"""
self.login_as(user=self.superuser, superuser=True)
response = self.get_error_response(
self.doc_1.slug,
status_code=status.HTTP_400_BAD_REQUEST,
**self.payload)
assert "avatar" in response.data.keys()
avatar = self.create_doc_integration_avatar(doc_integration=self.doc_1)
response = self.get_success_response(self.doc_1.slug,
status_code=status.HTTP_200_OK,
**self.payload)
self.doc_1.refresh_from_db()
assert serialize(self.doc_1) == response.data
assert serialize(avatar) == response.data["avatar"]
def test_read_doc_for_public(self):
"""
Tests that only non-draft DocIntegrations (with all the expected data)
are visible for those without superuser permissions
"""
self.login_as(user=self.user)
# Non-draft DocIntegration, with features and an avatar
response = self.get_success_response(self.doc_2.slug,
status_code=status.HTTP_200_OK)
assert serialize(self.doc_2) == response.data
features = IntegrationFeature.objects.filter(
target_id=self.doc_2.id,
target_type=IntegrationTypes.DOC_INTEGRATION.value)
for feature in features:
assert serialize(feature) in serialize(self.doc_2)["features"]
assert serialize(self.doc_2.avatar.get()) == response.data["avatar"]
# Draft DocIntegration, without features or an avatar
self.get_error_response(self.doc_1.slug,
status_code=status.HTTP_403_FORBIDDEN)
def get_react_config(context):
if 'request' in context:
user = context['request'].user
messages = get_messages(context['request'])
try:
is_superuser = context['request'].is_superuser()
except AttributeError:
is_superuser = False
else:
user = None
messages = []
is_superuser = False
if user:
user = extract_lazy_object(user)
enabled_features = []
if features.has('organizations:create', actor=user):
enabled_features.append('organizations:create')
if features.has('auth:register', actor=user):
enabled_features.append('auth:register')
version_info = _get_version_info()
needs_upgrade = False
if is_superuser:
needs_upgrade = _needs_upgrade()
context = {
'singleOrganization': settings.SENTRY_SINGLE_ORGANIZATION,
'urlPrefix': options.get('system.url-prefix'),
'version': version_info,
'features': enabled_features,
'mediaUrl': get_asset_url('sentry', ''),
'needsUpgrade': needs_upgrade,
'dsn': _get_public_dsn(),
'statuspage': _get_statuspage(),
'messages': [{
'message': msg.message,
'level': msg.tags,
} for msg in messages],
}
if user and user.is_authenticated():
context.update({
'isAuthenticated': True,
'user': serialize(user, user),
})
context['user']['isSuperuser'] = is_superuser
else:
context.update({
'isAuthenticated': False,
'user': None,
})
return mark_safe(json.dumps(context))
def test_create_doc_for_superuser(self):
"""
Tests that a draft DocIntegration is created for superuser requests along
with all the appropriate IntegrationFeatures
"""
self.login_as(user=self.superuser, superuser=True)
response = self.get_success_response(status_code=status.HTTP_201_CREATED, **self.payload)
doc = DocIntegration.objects.get(name=self.payload["name"], author=self.payload["author"])
assert serialize(doc) == response.data
assert doc.is_draft
features = IntegrationFeature.objects.filter(
target_id=doc.id, target_type=IntegrationTypes.DOC_INTEGRATION.value
)
assert features.exists()
assert len(features) == 3
for feature in features:
# Ensure payload features are in the database
assert feature.feature in self.payload["features"]
# Ensure they are also serialized in the response
assert serialize(feature) in response.data["features"]
def test_read_docs_public(self):
"""
Tests that only non-draft DocIntegrations are returned for users,
along with serialized versions of their avatars and IntegrationFeatures
"""
self.login_as(user=self.user)
response = self.get_success_response(status_code=status.HTTP_200_OK)
assert len(response.data) == 2
for doc in [self.doc_1, self.doc_3]:
assert serialize(doc) in response.data
# Check that the DocIntegrationAvatar was serialized
assert self.doc_1.avatar.exists()
assert serialize(self.doc_1.avatar.get()) in self.get_avatars(response)
# Check that IntegrationFeatures were also serialized
features = IntegrationFeature.objects.filter(
target_id=self.doc_3.id, target_type=IntegrationTypes.DOC_INTEGRATION.value
)
assert len(features) == 3
for feature in features:
assert serialize(feature) in serialize(self.doc_3)["features"]
def test_update_doc_for_superuser(self):
"""
Tests that a DocIntegration can be updated by superuser requests
"""
self.login_as(user=self.superuser, superuser=True)
response = self.get_success_response(self.doc_2.slug,
status_code=status.HTTP_200_OK,
**self.payload)
self.doc_2.refresh_from_db()
assert serialize(self.doc_2) == response.data
features = IntegrationFeature.objects.filter(
target_id=self.doc_2.id,
target_type=IntegrationTypes.DOC_INTEGRATION.value)
assert features.exists()
assert len(features) == 3
for feature in features:
# Ensure payload features are in the database
assert feature.feature in self.payload["features"]
# Ensure they are also serialized in the response
assert serialize(feature) in response.data["features"]
def test_read_doc_for_superuser(self):
"""
Tests that any DocIntegration is visible (with all the expected data)
for those with superuser permissions
"""
self.login_as(user=self.superuser, superuser=True)
# Non-draft DocIntegration, with features and an avatar
response = self.get_success_response(self.doc_2.slug,
status_code=status.HTTP_200_OK)
assert serialize(self.doc_2) == response.data
features = IntegrationFeature.objects.filter(
target_id=self.doc_2.id,
target_type=IntegrationTypes.DOC_INTEGRATION.value)
for feature in features:
assert serialize(feature) in response.data["features"]
assert serialize(self.doc_2.avatar.get()) == response.data["avatar"]
# Draft DocIntegration, without features or an avatar
response = self.get_success_response(self.doc_1.slug,
status_code=status.HTTP_200_OK)
assert serialize(self.doc_1) == response.data
assert not response.data["avatar"]
def test_update_simple_without_avatar(self):
"""
Tests that the DocIntegration can be edited without an
associated DocIntegrationAvatar.
"""
self.login_as(user=self.superuser, superuser=True)
payload = {**self.payload, "is_draft": True}
response = self.get_success_response(self.doc_1.slug,
status_code=status.HTTP_200_OK,
**payload)
self.doc_1.refresh_from_db()
assert serialize(self.doc_1) == response.data
def get_react_config(context):
if 'request' in context:
user = context['request'].user
messages = get_messages(context['request'])
try:
is_superuser = context['request'].is_superuser()
except AttributeError:
is_superuser = False
else:
user = None
messages = []
is_superuser = False
if user:
user = extract_lazy_object(user)
enabled_features = []
if features.has('organizations:create', actor=user):
enabled_features.append('organizations:create')
if features.has('auth:register', actor=user):
enabled_features.append('auth:register')
context = {
'singleOrganization':
settings.SENTRY_SINGLE_ORGANIZATION,
'urlPrefix':
settings.SENTRY_URL_PREFIX,
'version':
_get_version_info(),
'features':
enabled_features,
'mediaUrl':
get_asset_url('sentry', ''),
'messages': [{
'message': msg.message,
'level': msg.tags,
} for msg in messages],
}
if user and user.is_authenticated():
context.update({
'isAuthenticated': True,
'user': serialize(user, user),
})
context['user']['isSuperuser'] = is_superuser
else:
context.update({
'isAuthenticated': False,
'user': None,
})
return mark_safe(json.dumps(context))
def serialize(self, obj, attrs, user):
return {
"uuid": str(obj.uuid),
"type": obj.type,
"schema": obj.schema,
"sentryApp": {
"uuid":
obj.sentry_app.uuid,
"slug":
obj.sentry_app.slug,
"name":
obj.sentry_app.name,
"avatars":
[serialize(avatar) for avatar in obj.sentry_app.avatar.all()],
},
}
def get_react_config(context):
if 'request' in context:
user = context['request'].user
messages = get_messages(context['request'])
is_superuser = context['request'].is_superuser()
else:
user = None
messages = []
is_superuser = False
if user:
user = extract_lazy_object(user)
enabled_features = []
if features.has('organizations:create', actor=user):
enabled_features.append('organizations:create')
if features.has('auth:register', actor=user):
enabled_features.append('auth:register')
context = {
'singleOrganization': settings.SENTRY_SINGLE_ORGANIZATION,
'urlPrefix': settings.SENTRY_URL_PREFIX,
'version': _get_version_info(),
'features': enabled_features,
'mediaUrl': get_asset_url('sentry', ''),
'messages': [{
'message': msg.message,
'level': msg.tags,
} for msg in messages],
}
if user and user.is_authenticated():
context.update({
'isAuthenticated': True,
'user': serialize(user, user),
})
context['user']['isSuperuser'] = is_superuser
else:
context.update({
'isAuthenticated': False,
'user': None,
})
return mark_safe(json.dumps(context))
def test_superuser_has_access(self):
self.login_as(user=self.superuser, superuser=True)
response = self.client.get(self.url, format="json")
assert response.status_code == 200
assert {
"id": self.app_2.id,
"uuid": self.app_2.uuid,
"slug": self.app_2.slug,
"name": self.app_2.name,
"installs": 1,
"avatars": [],
} in json.loads(response.content)
assert {
"id": self.app_1.id,
"uuid": self.app_1.uuid,
"slug": self.app_1.slug,
"name": self.app_1.name,
"installs": 1,
"avatars": [serialize(self.app_1_avatar)],
} in json.loads(response.content)
def get_client_config(request=None):
"""
Provides initial bootstrap data needed to boot the frontend application.
"""
if request is not None:
user = getattr(request, "user", None) or AnonymousUser()
messages = get_messages(request)
session = getattr(request, "session", None)
is_superuser = is_active_superuser(request)
language_code = getattr(request, "LANGUAGE_CODE", "en")
# User identity is used by the sentry SDK
user_identity = {"ip_address": request.META["REMOTE_ADDR"]}
if user and user.is_authenticated():
user_identity.update({
"email": user.email,
"id": user.id,
"isStaff": user.is_staff
})
if user.name:
user_identity["name"] = user.name
else:
user = None
user_identity = {}
messages = []
session = None
is_superuser = False
language_code = "en"
enabled_features = []
if features.has("organizations:create", actor=user):
enabled_features.append("organizations:create")
if auth.has_user_registration():
enabled_features.append("auth:register")
version_info = _get_version_info()
needs_upgrade = False
if is_superuser:
needs_upgrade = _needs_upgrade()
public_dsn = _get_public_dsn()
context = {
"singleOrganization":
settings.SENTRY_SINGLE_ORGANIZATION,
"supportEmail":
get_support_mail(),
"urlPrefix":
options.get("system.url-prefix"),
"version":
version_info,
"features":
enabled_features,
"distPrefix":
get_asset_url("sentry", "dist/"),
"needsUpgrade":
needs_upgrade,
"dsn":
public_dsn,
"dsn_requests":
_get_dsn_requests(),
"statuspage":
_get_statuspage(),
"messages": [{
"message": msg.message,
"level": msg.tags
} for msg in messages],
"apmSampling":
float(settings.SENTRY_FRONTEND_APM_SAMPLING or 0),
"isOnPremise":
settings.SENTRY_ONPREMISE,
"invitesEnabled":
settings.SENTRY_ENABLE_INVITES,
"gravatarBaseUrl":
settings.SENTRY_GRAVATAR_BASE_URL,
"termsUrl":
settings.TERMS_URL,
"privacyUrl":
settings.PRIVACY_URL,
# Note `lastOrganization` should not be expected to update throughout frontend app lifecycle
# It should only be used on a fresh browser nav to a path where an
# organization is not in context
"lastOrganization":
session["activeorg"] if session and "activeorg" in session else None,
"languageCode":
language_code,
"userIdentity":
user_identity,
"csrfCookieName":
settings.CSRF_COOKIE_NAME,
"sentryConfig": {
"dsn":
public_dsn,
"release":
settings.SENTRY_SDK_CONFIG["release"],
"environment":
settings.SENTRY_SDK_CONFIG["environment"],
# By default `ALLOWED_HOSTS` is [*], however the JS SDK does not support globbing
"whitelistUrls": (settings.SENTRY_FRONTEND_WHITELIST_URLS
if settings.SENTRY_FRONTEND_WHITELIST_URLS else
list("" if settings.ALLOWED_HOSTS ==
["*"] else settings.ALLOWED_HOSTS)),
},
}
if user and user.is_authenticated():
context.update({
"isAuthenticated": True,
"user": serialize(user, user, DetailedUserSerializer())
})
if request.user.is_superuser:
# Note: This intentionally does not use the "active" superuser flag as
# the frontend should only ever use this flag as a hint that the user can be a superuser
# the API will always need to check for active superuser.
#
# This is needed in the case where you access a different org and get denied, but the UI
# can open the sudo dialog if you are an "inactive" superuser
context["user"]["isSuperuser"] = request.user.is_superuser
else:
context.update({"isAuthenticated": False, "user": None})
return context
def get_sentry_app_avatars(sentry_app: SentryApp):
return [serialize(avatar) for avatar in sentry_app.avatar.all()]
def get_default_context(request, existing_context=None, team=None):
from sentry import options
from sentry.plugins import plugins
context = {
'CSRF_COOKIE_NAME': settings.CSRF_COOKIE_NAME,
'URL_PREFIX': options.get('system.url-prefix'),
'SINGLE_ORGANIZATION': settings.SENTRY_SINGLE_ORGANIZATION,
'PLUGINS': plugins,
'ALLOWED_HOSTS': list(settings.ALLOWED_HOSTS),
'ONPREMISE': settings.SENTRY_ONPREMISE,
}
if existing_context:
if team is None and 'team' in existing_context:
team = existing_context['team']
if 'project' in existing_context:
project = existing_context['project']
else:
project = None
else:
project = None
if team:
organization = team.organization
elif project:
organization = project.organization
else:
organization = None
if request:
context.update({
'request': request,
})
if (not existing_context or 'TEAM_LIST' not in existing_context) and team:
context['TEAM_LIST'] = Team.objects.get_for_user(
organization=team.organization,
user=request.user,
with_projects=True,
)
user = request.user
else:
user = AnonymousUser()
if organization:
context['selectedOrganization'] = serialize(organization, user)
if team:
context['selectedTeam'] = serialize(team, user)
if project:
context['selectedProject'] = serialize(project, user)
if not existing_context or 'ACCESS' not in existing_context:
if request:
context['ACCESS'] = access.from_request(
request=request,
organization=organization,
).to_django_context()
else:
context['ACCESS'] = access.from_user(
user=user,
organization=organization,
).to_django_context()
return context
def get_client_config(request=None):
"""
Provides initial bootstrap data needed to boot the frontend application.
"""
if request is not None:
user = getattr(request, "user", None) or AnonymousUser()
messages = get_messages(request)
session = getattr(request, "session", None)
is_superuser = is_active_superuser(request)
language_code = getattr(request, "LANGUAGE_CODE", "en")
# User identity is used by the sentry SDK
user_identity = {"ip_address": request.META["REMOTE_ADDR"]}
if user and user.is_authenticated():
user_identity.update({"email": user.email, "id": user.id})
if user.name:
user_identity["name"] = user.name
else:
user = None
user_identity = {}
messages = []
is_superuser = False
language_code = "en"
enabled_features = []
if features.has("organizations:create", actor=user):
enabled_features.append("organizations:create")
if auth.has_user_registration():
enabled_features.append("auth:register")
version_info = _get_version_info()
needs_upgrade = False
if is_superuser:
needs_upgrade = _needs_upgrade()
context = {
"singleOrganization":
settings.SENTRY_SINGLE_ORGANIZATION,
"supportEmail":
get_support_mail(),
"urlPrefix":
options.get("system.url-prefix"),
"version":
version_info,
"features":
enabled_features,
"distPrefix":
get_asset_url("sentry", "dist/"),
"needsUpgrade":
needs_upgrade,
"dsn":
_get_public_dsn(),
"statuspage":
_get_statuspage(),
"messages": [{
"message": msg.message,
"level": msg.tags
} for msg in messages],
"isOnPremise":
settings.SENTRY_ONPREMISE,
"invitesEnabled":
settings.SENTRY_ENABLE_INVITES,
"gravatarBaseUrl":
settings.SENTRY_GRAVATAR_BASE_URL,
"termsUrl":
settings.TERMS_URL,
"privacyUrl":
settings.PRIVACY_URL,
# Note `lastOrganization` should not be expected to update throughout frontend app lifecycle
# It should only be used on a fresh browser nav to a path where an
# organization is not in context
"lastOrganization":
session["activeorg"] if session and "activeorg" in session else None,
"languageCode":
language_code,
"userIdentity":
user_identity,
"csrfCookieName":
settings.CSRF_COOKIE_NAME,
"sentryConfig": {
"dsn": _get_public_dsn(),
"release": version_info["build"],
"whitelistUrls": list(settings.ALLOWED_HOSTS),
},
}
if user and user.is_authenticated():
context.update({
"isAuthenticated": True,
"user": serialize(user, user, DetailedUserSerializer())
})
context["user"]["isSuperuser"] = is_superuser
else:
context.update({"isAuthenticated": False, "user": None})
return context
def get_react_config(context):
if 'request' in context:
user = getattr(context['request'], 'user', None) or AnonymousUser()
messages = get_messages(context['request'])
session = getattr(context['request'], 'session', None)
try:
is_superuser = context['request'].is_superuser()
except AttributeError:
is_superuser = False
else:
user = None
messages = []
is_superuser = False
if user:
user = extract_lazy_object(user)
is_superuser = user.is_superuser
enabled_features = []
if features.has('organizations:create', actor=user):
enabled_features.append('organizations:create')
if auth.has_user_registration():
enabled_features.append('auth:register')
version_info = _get_version_info()
needs_upgrade = False
if is_superuser:
needs_upgrade = _needs_upgrade()
context = {
'singleOrganization': settings.SENTRY_SINGLE_ORGANIZATION,
'supportEmail': get_support_mail(),
'urlPrefix': options.get('system.url-prefix'),
'version': version_info,
'features': enabled_features,
'mediaUrl': get_asset_url('sentry', ''),
'needsUpgrade': needs_upgrade,
'dsn': get_public_dsn(),
'statuspage': _get_statuspage(),
'messages': [{
'message': msg.message,
'level': msg.tags,
} for msg in messages],
'isOnPremise': settings.SENTRY_ONPREMISE,
'invitesEnabled': settings.SENTRY_ENABLE_INVITES,
'gravatarBaseUrl': settings.SENTRY_GRAVATAR_BASE_URL,
'termsUrl': settings.TERMS_URL,
'privacyUrl': settings.PRIVACY_URL,
# Note `lastOrganization` should not be expected to update throughout frontend app lifecycle
# It should only be used on a fresh browser nav to a path where an
# organization is not in context
'lastOrganization': session['activeorg'] if session and 'activeorg' in session else None,
}
if user and user.is_authenticated():
context.update({
'isAuthenticated': True,
'user': serialize(user, user, DetailedUserSerializer()),
})
context['user']['isSuperuser'] = is_superuser
else:
context.update({
'isAuthenticated': False,
'user': None,
})
return json.dumps_htmlsafe(context)
def get_default_context(request, existing_context=None, team=None):
from sentry import options
from sentry.plugins import plugins
context = {
'URL_PREFIX': options.get('system.url-prefix'),
'SINGLE_ORGANIZATION': settings.SENTRY_SINGLE_ORGANIZATION,
'PLUGINS': plugins,
'ONPREMISE': settings.SENTRY_ONPREMISE,
}
if existing_context:
if team is None and 'team' in existing_context:
team = existing_context['team']
if 'project' in existing_context:
project = existing_context['project']
else:
project = None
else:
project = None
if team:
organization = team.organization
elif project:
organization = project.organization
else:
organization = None
if request:
context.update({
'request': request,
})
if (not existing_context
or 'TEAM_LIST' not in existing_context) and team:
context['TEAM_LIST'] = Team.objects.get_for_user(
organization=team.organization,
user=request.user,
with_projects=True,
)
user = request.user
else:
user = AnonymousUser()
if organization:
context['selectedOrganization'] = serialize(organization, user)
if team:
context['selectedTeam'] = serialize(team, user)
if project:
context['selectedProject'] = serialize(project, user)
if not existing_context or 'ACCESS' not in existing_context:
if request:
context['ACCESS'] = access.from_request(
request=request,
organization=organization,
).to_django_context()
else:
context['ACCESS'] = access.from_user(
user=user,
organization=organization,
).to_django_context()
return context
def get_default_context(request, existing_context=None, team=None):
from sentry import options
from clims.services import ioc
from django.contrib.auth.models import AnonymousUser # Django 1.9 setup issue
from sentry.api.serializers.base import serialize # Django 1.9 setup issue
from sentry.models import Team # Django 1.9 setup issue
context = {
'CSRF_COOKIE_NAME': settings.CSRF_COOKIE_NAME,
'URL_PREFIX': options.get('system.url-prefix'),
'SINGLE_ORGANIZATION': settings.SENTRY_SINGLE_ORGANIZATION,
'PLUGINS': ioc.app.plugins,
'ALLOWED_HOSTS': list(settings.ALLOWED_HOSTS),
'ONPREMISE': settings.SENTRY_ONPREMISE,
}
if existing_context:
if team is None and 'team' in existing_context:
team = existing_context['team']
if 'project' in existing_context:
project = existing_context['project']
else:
project = None
else:
project = None
if team:
organization = team.organization
elif project:
organization = project.organization
else:
organization = None
if request:
context.update({
'request': request,
})
if (not existing_context or 'TEAM_LIST' not in existing_context) and team:
context['TEAM_LIST'] = Team.objects.get_for_user(
organization=team.organization,
user=request.user,
with_projects=True,
)
user = request.user
else:
user = AnonymousUser()
if organization:
context['selectedOrganization'] = serialize(organization, user)
if team:
context['selectedTeam'] = serialize(team, user)
if project:
context['selectedProject'] = serialize(project, user)
if not existing_context or 'ACCESS' not in existing_context:
if request:
context['ACCESS'] = access.from_request(
request=request,
organization=organization,
).to_django_context()
else:
context['ACCESS'] = access.from_user(
user=user,
organization=organization,
).to_django_context()
return context
def get_react_config(context):
if 'request' in context:
request = context['request']
user = getattr(request, 'user', None) or AnonymousUser()
messages = get_messages(request)
session = getattr(request, 'session', None)
is_superuser = is_active_superuser(request)
else:
user = None
messages = []
is_superuser = False
enabled_features = []
if features.has('organizations:create', actor=user):
enabled_features.append('organizations:create')
if auth.has_user_registration():
enabled_features.append('auth:register')
version_info = _get_version_info()
needs_upgrade = False
if is_superuser:
needs_upgrade = _needs_upgrade()
context = {
'singleOrganization':
settings.SENTRY_SINGLE_ORGANIZATION,
'supportEmail':
get_support_mail(),
'urlPrefix':
options.get('system.url-prefix'),
'version':
version_info,
'features':
enabled_features,
'needsUpgrade':
needs_upgrade,
'dsn':
get_public_dsn(),
'statuspage':
_get_statuspage(),
'messages': [{
'message': msg.message,
'level': msg.tags,
} for msg in messages],
'isOnPremise':
settings.SENTRY_ONPREMISE,
'invitesEnabled':
settings.SENTRY_ENABLE_INVITES,
'gravatarBaseUrl':
settings.SENTRY_GRAVATAR_BASE_URL,
'termsUrl':
settings.TERMS_URL,
'privacyUrl':
settings.PRIVACY_URL,
# Note `lastOrganization` should not be expected to update throughout frontend app lifecycle
# It should only be used on a fresh browser nav to a path where an
# organization is not in context
'lastOrganization':
session['activeorg'] if session and 'activeorg' in session else None,
}
if user and user.is_authenticated():
context.update({
'isAuthenticated': True,
'user': serialize(user, user, DetailedUserSerializer()),
})
context['user']['isSuperuser'] = is_superuser
else:
context.update({
'isAuthenticated': False,
'user': None,
})
return json.dumps_htmlsafe(context)
def get_react_config(context):
if 'request' in context:
request = context['request']
user = getattr(request, 'user', None) or AnonymousUser()
messages = get_messages(request)
session = getattr(request, 'session', None)
is_superuser = is_active_superuser(request)
language_code = getattr(request, 'LANGUAGE_CODE', 'en')
else:
user = None
messages = []
is_superuser = False
language_code = 'en'
# User identity is used by the sentry SDK
if request and user:
user_identity = {'ip_address': request.META['REMOTE_ADDR']}
if user and user.is_authenticated():
user_identity.update({
'email': user.email,
'id': user.id,
})
if user.name:
user_identity['name'] = user.name
else:
user_identity = {}
enabled_features = []
if features.has('organizations:create', actor=user):
enabled_features.append('organizations:create')
if auth.has_user_registration():
enabled_features.append('auth:register')
version_info = _get_version_info()
needs_upgrade = False
if is_superuser:
needs_upgrade = _needs_upgrade()
context = {
'singleOrganization': settings.SENTRY_SINGLE_ORGANIZATION,
'supportEmail': get_support_mail(),
'urlPrefix': options.get('system.url-prefix'),
'version': version_info,
'features': enabled_features,
'distPrefix': get_asset_url('sentry', 'dist/'),
'needsUpgrade': needs_upgrade,
'dsn': _get_public_dsn(),
'statuspage': _get_statuspage(),
'messages': [{
'message': msg.message,
'level': msg.tags,
} for msg in messages],
'isOnPremise': settings.SENTRY_ONPREMISE,
'invitesEnabled': settings.SENTRY_ENABLE_INVITES,
'gravatarBaseUrl': settings.SENTRY_GRAVATAR_BASE_URL,
'termsUrl': settings.TERMS_URL,
'privacyUrl': settings.PRIVACY_URL,
# Note `lastOrganization` should not be expected to update throughout frontend app lifecycle
# It should only be used on a fresh browser nav to a path where an
# organization is not in context
'lastOrganization': session['activeorg'] if session and 'activeorg' in session else None,
'languageCode': language_code,
'userIdentity': user_identity,
'csrfCookieName': settings.CSRF_COOKIE_NAME,
'sentryConfig': {
'dsn': _get_public_dsn(),
'release': version_info['build'],
'whitelistUrls': list(settings.ALLOWED_HOSTS),
},
}
if user and user.is_authenticated():
context.update({
'isAuthenticated': True,
'user': serialize(user, user, DetailedUserSerializer()),
})
context['user']['isSuperuser'] = is_superuser
else:
context.update({
'isAuthenticated': False,
'user': None,
})
return json.dumps_htmlsafe(context)
