def request_json(silent=False): """Return the JSON from the current request. Args: silent (bool): Silence parsing errors and return None instead. """ request = flask.request encoding = str(request.content_encoding).lower() data = None bad_request = werkzeug_exc.BadRequest( 'The browser (or proxy) sent a request that this server could not understand.' ) try: if encoding == 'gzip': data = json.loads( gzip.decompress(request.get_data()).decode('utf-8')) elif encoding in ('identity', 'none'): data = request.get_json(force=True) else: raise werkzeug_exc.UnsupportedMediaType( f'unsupported encoding: "{encoding}"') if data is None: raise bad_request except (OSError, UnicodeDecodeError, json.JSONDecodeError, werkzeug_exc.BadRequest) as err: if not silent: raise bad_request from err return data
def post(self): args = reqparser.parse_args() if not args.content_type: args.content_type = 'sparql-query' # default content type if args.content_type != 'sparql-query': raise exceptions.UnsupportedMediaType() qstr = request.data.decode('utf-8') raw_res = self.db.query(qstr) return raw_res, 200, {'Content-Type': 'application/json'}
def assert_content_type(): """Assert that the Content-Type is :mimetype:`application/json`. :raises: werkzeug.exceptions.UnsupportedMediaType """ if not request.is_json: raise exceptions.UnsupportedMediaType( f"Expected Content-Type: 'application/json'; " f"got: '{request.headers.environ.get('CONTENT_TYPE')}'")
def set_all_vars(): req = request.get_json() if not isinstance(req, dict): raise wexc.UnsupportedMediaType("Not a JSON object") with db.transact("set_all_vars") as conn: vars = _get_vars(db.get_state(conn)) vars.clear() vars.update(req) return util.empty_response
def set_var(var): meth = request.method try: with db.transact("set_var") as conn: vars = _get_vars(db.get_state(conn)) if meth == 'DELETE': del vars[var] else: val = request.get_json() if val is None: raise wexc.UnsupportedMediaType("Not JSON data") vars[var] = val return util.empty_response except KeyError as e: raise wexc.NotFound from e
def post_job(): current_app.logger.debug("post_job: %s", request.data) req = request.get_json() if not isinstance(req, dict): raise wexc.UnsupportedMediaType("Not a JSON object") with db.transact("post_job") as conn: jid, j = db.create_job(conn, req) try: wd = current_app.config['WORK_DIR'] j.workdir = tempfile.mkdtemp(dir=wd) if wd else None tasks.launch(jid, j) except: j.close() raise return jsonify(jid), HTTPStatus.CREATED, { "Location": url_for('.get_job', job=jid) }
def allowed_file(image): """ Check if image satisfies the constraints of Custom Vision. """ if image.filename == "": raise excp.BadRequest("No image submitted") # Check that the file is a png is_png = image.content_type == "image/png" # Ensure the file isn't too large too_large = len(image.read()) > setup.MAX_IMAGE_SIZE # Ensure the file has correct resolution height, width = get_image_resolution(image) MIN_RES = setup.MIN_RESOLUTION correct_res = (height >= MIN_RES) and (width >= MIN_RES) if not is_png or too_large or not correct_res: raise excp.UnsupportedMediaType("Wrong image format") image.seek(0)
def _rpc_handle(self, request: werkzeug.Request) -> werkzeug.Response: """ Handles JSON-RPC request. :returns: werkzeug response """ if request.content_type not in pjrpc.common.REQUEST_CONTENT_TYPES: raise exceptions.UnsupportedMediaType() try: request_text = request.get_data(as_text=True) except UnicodeDecodeError as e: raise exceptions.BadRequest() from e response_text = self._dispatcher.dispatch(request_text, context=request) if response_text is None: return werkzeug.Response() else: return werkzeug.Response( response_text, mimetype=pjrpc.common.DEFAULT_CONTENT_TYPE)
def _rpc_handle(self, dispatcher: pjrpc.server.Dispatcher) -> flask.Response: """ Handles JSON-RPC request. :returns: flask response """ if not flask.request.is_json: raise exceptions.UnsupportedMediaType() try: flask.request.encoding_errors = 'strict' request_text = flask.request.get_data(as_text=True) except UnicodeDecodeError as e: raise exceptions.BadRequest() from e response_text = dispatcher.dispatch(request_text) if response_text is None: return current_app.response_class() else: return current_app.response_class( response_text, mimetype=pjrpc.common.DEFAULT_CONTENT_TYPE)
def image(): logger.debug(request.method + ' ' + request.url) try: logged_in = session_logged_in() allow_uncache = app.config['BENCHMARKING'] or app.config['DEBUG'] args = request.args # Get URL parameters for the image src = args.get('src', '') page = args.get('page', None) iformat = args.get('format', None) template = args.get('tmp', None) width = args.get('width', None) height = args.get('height', None) halign = args.get('halign', None) valign = args.get('valign', None) autosizefit = args.get('autosizefit', None) rotation = args.get('angle', None) flip = args.get('flip', None) top = args.get('top', None) left = args.get('left', None) bottom = args.get('bottom', None) right = args.get('right', None) autocropfit = args.get('autocropfit', None) fill = args.get('fill', None) quality = args.get('quality', None) sharpen = args.get('sharpen', None) ov_src = args.get('overlay', None) ov_size = args.get('ovsize', None) ov_opacity = args.get('ovopacity', None) ov_pos = args.get('ovpos', None) icc_profile = args.get('icc', None) icc_intent = args.get('intent', None) icc_bpc = args.get('bpc', None) colorspace = args.get('colorspace', None) strip = args.get('strip', None) dpi = args.get('dpi', None) tile = args.get('tile', None) # Get URL parameters for handling options attach = args.get('attach', None) xref = args.get('xref', None) stats = args.get('stats', None) # Get protected admin/internal parameters cache = args.get('cache', '1') if logged_in or allow_uncache else '1' recache = args.get('recache', None) if allow_uncache else None # eRez compatibility mode src = erez_params_compat(src) # Convert non-string parameters to the correct data types try: # Image options if page is not None: page = parse_int(page) if width is not None: width = parse_int(width) if height is not None: height = parse_int(height) if autosizefit is not None: autosizefit = parse_boolean(autosizefit) if rotation is not None: rotation = parse_float(rotation) if top is not None: top = parse_float(top) if left is not None: left = parse_float(left) if bottom is not None: bottom = parse_float(bottom) if right is not None: right = parse_float(right) if autocropfit is not None: autocropfit = parse_boolean(autocropfit) if fill is not None: fill = parse_colour(fill) if quality is not None: quality = parse_int(quality) if sharpen is not None: sharpen = parse_int(sharpen) if ov_size is not None: ov_size = parse_float(ov_size) if ov_opacity is not None: ov_opacity = parse_float(ov_opacity) if icc_bpc is not None: icc_bpc = parse_boolean(icc_bpc) if strip is not None: strip = parse_boolean(strip) if dpi is not None: dpi = parse_int(dpi) if tile is not None: tile = parse_tile_spec(tile) # Handling options if attach is not None: attach = parse_boolean(attach) if xref is not None: validate_string(xref, 0, 1024) if stats is not None: stats = parse_boolean(stats) # Admin/internal options if cache is not None: cache = parse_boolean(cache) if recache is not None: recache = parse_boolean(recache) except (ValueError, TypeError) as e: raise httpexc.BadRequest(safe_error_str(e)) # Package and validate the parameters try: # #2694 Enforce public image limits - perform easy parameter checks if not logged_in: width, height, autosizefit = _public_image_limits_pre_image_checks( width, height, autosizefit, tile, template ) # Store and normalise all the parameters image_attrs = ImageAttrs(src, -1, page, iformat, template, width, height, halign, valign, rotation, flip, top, left, bottom, right, autocropfit, autosizefit, fill, quality, sharpen, ov_src, ov_size, ov_pos, ov_opacity, icc_profile, icc_intent, icc_bpc, colorspace, strip, dpi, tile) image_engine.finalise_image_attrs(image_attrs) except ValueError as e: raise httpexc.BadRequest(safe_error_str(e)) # Get/create the database ID (from cache, validating path on create) image_id = data_engine.get_or_create_image_id( image_attrs.filename(), return_deleted=False, on_create=on_image_db_create_anon_history ) if (image_id == 0): raise DoesNotExistError() # Deleted elif (image_id < 0): raise DBError('Failed to add image to database') image_attrs.set_database_id(image_id) # Require view permission or file admin permissions_engine.ensure_folder_permitted( image_attrs.folder_path(), FolderPermission.ACCESS_VIEW, get_session_user() ) # Ditto for overlays if ov_src: permissions_engine.ensure_folder_permitted( filepath_parent(ov_src), FolderPermission.ACCESS_VIEW, get_session_user() ) # v1.17 If this is a conditional request with an ETag, see if we can just return a 304 if 'If-None-Match' in request.headers and not recache: etag_valid, modified_time = _etag_is_valid( image_attrs, request.headers['If-None-Match'], False ) if etag_valid: # Success HTTP 304 return make_304_response(image_attrs, False, modified_time) # Get the requested image data image_wrapper = image_engine.get_image( image_attrs, 'refresh' if recache else cache ) if (image_wrapper is None): raise DoesNotExistError() # #2694 Enforce public image limits - check the dimensions # of images that passed the initial parameter checks if not logged_in: try: _public_image_limits_post_image_checks( image_attrs.width(), image_attrs.height(), image_attrs.template(), image_wrapper.data(), image_wrapper.attrs().format() ) except ValueError as e: raise httpexc.BadRequest(safe_error_str(e)) # As for the pre-check # Success HTTP 200 return make_image_response(image_wrapper, False, stats, attach, xref) except httpexc.HTTPException: # Pass through HTTP 4xx and 5xx raise except ServerTooBusyError: logger.warning('503 Too busy for ' + request.url) raise httpexc.ServiceUnavailable() except ImageError as e: logger.warning('415 Invalid image file \'' + src + '\' : ' + str(e)) raise httpexc.UnsupportedMediaType(safe_error_str(e)) except SecurityError as e: if app.config['DEBUG']: raise log_security_error(e, request) raise httpexc.Forbidden() except DoesNotExistError as e: # First time around the ID will be set. Next time around it # won't but we should check whether the disk file now exists. if image_attrs.database_id() > 0 or path_exists(image_attrs.filename(), require_file=True): image_engine.reset_image(image_attrs) logger.warning('404 Not found: ' + str(e)) raise httpexc.NotFound(safe_error_str(e)) except Exception as e: if app.config['DEBUG']: raise logger.error('500 Error for ' + request.url + '\n' + str(e)) raise httpexc.InternalServerError(safe_error_str(e))
def original(): logger.debug('GET ' + request.url) try: # Get URL parameters for the image src = request.args.get('src', '') # Get URL parameters for handling options attach = request.args.get('attach', None) xref = request.args.get('xref', None) stats = request.args.get('stats', None) # Validate the parameters try: if attach is not None: attach = parse_boolean(attach) if xref is not None: validate_string(xref, 0, 1024) if stats is not None: stats = parse_boolean(stats) image_attrs = ImageAttrs(src) image_attrs.validate() except ValueError as e: raise httpexc.BadRequest(safe_error_str(e)) # Get/create the database ID (from cache, validating path on create) image_id = data_engine.get_or_create_image_id( image_attrs.filename(), return_deleted=False, on_create=on_image_db_create_anon_history ) if (image_id == 0): raise DoesNotExistError() # Deleted elif (image_id < 0): raise DBError('Failed to add image to database') image_attrs.set_database_id(image_id) # Require download permission or file admin permissions_engine.ensure_folder_permitted( image_attrs.folder_path(), FolderPermission.ACCESS_DOWNLOAD, get_session_user() ) # v1.17 If this is a conditional request with an ETag, see if we can just return a 304 if 'If-None-Match' in request.headers: etag_valid, modified_time = _etag_is_valid( image_attrs, request.headers['If-None-Match'], True ) if etag_valid: # Success HTTP 304 return make_304_response(image_attrs, True, modified_time) # Read the image file image_wrapper = image_engine.get_image_original( image_attrs ) if (image_wrapper is None): raise DoesNotExistError() # Success HTTP 200 return make_image_response(image_wrapper, True, stats, attach, xref) except httpexc.HTTPException: # Pass through HTTP 4xx and 5xx raise except ServerTooBusyError: logger.warning('503 Too busy for ' + request.url) raise httpexc.ServiceUnavailable() except ImageError as e: logger.warning('415 Invalid image file \'' + src + '\' : ' + str(e)) raise httpexc.UnsupportedMediaType(safe_error_str(e)) except SecurityError as e: if app.config['DEBUG']: raise log_security_error(e, request) raise httpexc.Forbidden() except DoesNotExistError as e: # First time around the ID will be set. Next time around it # won't but we should check whether the disk file now exists. if image_attrs.database_id() > 0 or path_exists(image_attrs.filename(), require_file=True): image_engine.reset_image(image_attrs) logger.warning('404 Not found: ' + src) raise httpexc.NotFound(src) except Exception as e: if app.config['DEBUG']: raise logger.error('500 Error for ' + request.url + '\n' + str(e)) raise httpexc.InternalServerError(safe_error_str(e))
def _assert_415(self, response, messages=None): self.__assert_error( response, exceptions.UnsupportedMediaType(), messages, )