def process(): responseBody = { 'version': '1.1', 'error': None, 'result': None } requestBody = None try: # init/clear fossil cache clearCache() # read request try: requestBody = request.get_json() Logger.get('rpc').info('json rpc request. request: {0}'.format(requestBody)) except BadRequest: raise RequestError('ERR-R1', 'Invalid mime-type.') if not requestBody: raise RequestError('ERR-R2', 'Empty request.') if 'id' in requestBody: responseBody['id'] = requestBody['id'] # run request responseBody['result'] = ServiceRunner().invokeMethod(str(requestBody['method']), requestBody.get('params', [])) except CausedError as e: try: errorInfo = fossilize(e) except NonFossilizableException as e2: # catch Exceptions that are not registered as Fossils # and log them errorInfo = {'code': '', 'message': str(e2)} Logger.get('dev').exception('Exception not registered as fossil') # NoReport errors (i.e. not logged in) shouldn't be logged if not isinstance(e, NoReportError): Logger.get('rpc').exception('Service request failed. ' 'Request text:\r\n{0}\r\n\r\n'.format(requestBody)) if requestBody: params = requestBody.get('params', []) Sanitization._escapeHTML(params) errorInfo["requestInfo"] = { 'method': str(requestBody['method']), 'params': params, 'origin': str(requestBody.get('origin', 'unknown')) } Logger.get('rpc').debug('Arguments: {0}'.format(errorInfo['requestInfo'])) responseBody['error'] = errorInfo try: jsonResponse = dumps(responseBody, ensure_ascii=True) except UnicodeError: Logger.get('rpc').exception('Problem encoding JSON response') # This is to avoid exceptions due to old data encodings (based on iso-8859-1) responseBody['result'] = fix_broken_obj(responseBody['result']) jsonResponse = encode(responseBody) return app.response_class(jsonResponse, mimetype='application/json')
def _process_retry_setup(self): # clear the fossile cache at the start of each request fossilize.clearCache() # clear after-commit queue flush_after_commit_queue(False) # delete all queued emails GenericMailer.flushQueue(False) # clear the existing redis pipeline if self._redisPipeline: self._redisPipeline.reset()
def process(): responseBody = {"version": "1.1", "error": None, "result": None} requestBody = None try: # init/clear fossil cache clearCache() # read request try: requestBody = request.get_json() Logger.get("rpc").info("json rpc request. request: {0}".format(requestBody)) except BadRequest: raise RequestError("ERR-R1", "Invalid mime-type.") if not requestBody: raise RequestError("ERR-R2", "Empty request.") if "id" in requestBody: responseBody["id"] = requestBody["id"] # run request responseBody["result"] = ServiceRunner().invokeMethod(str(requestBody["method"]), requestBody.get("params", [])) except CausedError as e: try: errorInfo = fossilize(e) except NonFossilizableException as e2: # catch Exceptions that are not registered as Fossils # and log them errorInfo = {"code": "", "message": str(e2)} Logger.get("dev").exception("Exception not registered as fossil") # NoReport errors (i.e. not logged in) shouldn't be logged if not isinstance(e, NoReportError): Logger.get("rpc").exception("Service request failed. " "Request text:\r\n{0}\r\n\r\n".format(requestBody)) if requestBody: params = requestBody.get("params", []) Sanitization._escapeHTML(params) errorInfo["requestInfo"] = { "method": str(requestBody["method"]), "params": params, "origin": str(requestBody.get("origin", "unknown")), } Logger.get("rpc").debug("Arguments: {0}".format(errorInfo["requestInfo"])) responseBody["error"] = errorInfo try: jsonResponse = dumps(responseBody, ensure_ascii=True) except UnicodeError: Logger.get("rpc").exception("Problem encoding JSON response") # This is to avoid exceptions due to old data encodings (based on iso-8859-1) responseBody["result"] = fix_broken_obj(responseBody["result"]) jsonResponse = encode(responseBody) return app.response_class(jsonResponse, mimetype="application/json")
def process(): responseBody = { "version": "1.1", "error": None, "result": None } requestBody = None try: # check content type (if the users know what they are using) #if req.content_type != "application/json": # raise RequestError("Invalid content type. It must be 'application/json'.") # init/clear fossil cache clearCache() # read request requestText = request.data # TODO: use request.json! Logger.get('rpc').info('json rpc request. request text= ' + str(requestText)) if requestText == "": raise RequestError("ERR-R2", "Empty request.") # decode json try: requestBody = decode(requestText) except Exception, e: raise RequestError("ERR-R3", "Error parsing json request.", e) if "id" in requestBody: responseBody["id"] = requestBody["id"] result = ServiceRunner().invokeMethod(str(requestBody["method"]), requestBody.get("params", [])) # serialize result try: responseBody["result"] = result except Exception: raise ProcessError("ERR-P1", "Error during serialization.")
def process( self, params ): """ """ profile = Config.getInstance().getProfile() proffilename = "" res = "" MAX_RETRIES = 10 retry = MAX_RETRIES textLog = [] self._startTime = datetime.now() # clear the context ContextManager.destroy() ContextManager.set('currentRH', self) #redirect to https if necessary if self._checkHttpsRedirect(): return DBMgr.getInstance().startRequest() self._startRequestSpecific2RH() # I.e. implemented by Room Booking request handlers textLog.append("%s : Database request started"%(datetime.now() - self._startTime)) Logger.get('requestHandler').info('[pid=%s] Request %s started (%s)' % (os.getpid(),id(self._req), self._req.unparsed_uri)) # notify components that the request has started self._notify('requestStarted', self._req) forcedConflicts = Config.getInstance().getForceConflicts() try: while retry>0: if retry < MAX_RETRIES: # notify components that the request is being retried self._notify('requestRetry', self._req, MAX_RETRIES - retry) try: Logger.get('requestHandler').info('\t[pid=%s] from host %s' % (os.getpid(), self.getHostIP())) try: # clear the fossile cache at the start of each request fossilize.clearCache() # delete all queued emails GenericMailer.flushQueue(False) DBMgr.getInstance().sync() # keep a link to the web session in the access wrapper # this is used for checking access/modification key existence # in the user session self._aw.setIP( self.getHostIP() ) self._aw.setSession(self._getSession()) #raise(str(dir(self._websession))) self._setSessionUser() self._setLang(params) if self._getAuth(): if self._getUser(): Logger.get('requestHandler').info('Request %s identified with user %s (%s)' % (id(self._req), self._getUser().getFullName(), self._getUser().getId())) if not self._tohttps and Config.getInstance().getAuthenticatedEnforceSecure(): self._tohttps = True if self._checkHttpsRedirect(): return #if self._getUser() != None and self._getUser().getId() == "893": # profile = True self._reqParams = copy.copy( params ) self._checkParams( self._reqParams ) self._checkProtection() security.Sanitization.sanitizationCheck(self._target, self._reqParams, self._aw, self._doNotSanitizeFields) if self._doProcess: if profile: import profile, pstats proffilename = os.path.join(Config.getInstance().getTempDir(), "stone%s.prof" % str(random.random())) result = [None] profile.runctx("result[0] = self._process()", globals(), locals(), proffilename) res = result[0] else: res = self._process() # Save web session, just when needed sm = session.getSessionManager() sm.maintain_session(self._req, self._websession) # notify components that the request has finished self._notify('requestFinished', self._req) # Raise a conflict error if enabled. This allows detecting conflict-related issues easily. if retry > (MAX_RETRIES - forcedConflicts): raise ConflictError self._endRequestSpecific2RH( True ) # I.e. implemented by Room Booking request handlers DBMgr.getInstance().endRequest( True ) Logger.get('requestHandler').info('Request %s successful' % (id(self._req))) #request succesfull, now, doing tas that must be done only once try: GenericMailer.flushQueue(True) # send emails self._deleteTempFiles() except: Logger.get('mail').exception('Mail sending operation failed') pass break except MaKaCError, e: #DBMgr.getInstance().endRequest(False) res = self._processError(e) except (ConflictError, POSKeyError): import traceback # only log conflict if it wasn't forced if retry <= (MAX_RETRIES - forcedConflicts): Logger.get('requestHandler').warning('Conflict in Database! (Request %s)\n%s' % (id(self._req), traceback.format_exc())) self._abortSpecific2RH() DBMgr.getInstance().abort() retry -= 1 continue except ClientDisconnected: Logger.get('requestHandler').warning('Client Disconnected! (Request %s)' % id(self._req) ) self._abortSpecific2RH() DBMgr.getInstance().abort() retry -= 1 time.sleep(10-retry) continue except KeyAccessError, e: #Key Access error treatment res = self._processKeyAccessError( e ) self._endRequestSpecific2RH( False ) DBMgr.getInstance().endRequest(False)
def handler(prefix, path): path = posixpath.join('/', prefix, path) ContextManager.destroy() clearCache() # init fossil cache logger = Logger.get('httpapi') if request.method == 'POST': # Convert POST data to a query string queryParams = [(key, [x.encode('utf-8') for x in values]) for key, values in request.form.iterlists()] query = urllib.urlencode(queryParams, doseq=1) # we only need/keep multiple values so we can properly validate the signature. # the legacy code below expects a dict with just the first value. # if you write a new api endpoint that needs multiple values get them from # ``request.values.getlist()`` directly queryParams = {key: values[0] for key, values in queryParams} else: # Parse the actual query string queryParams = dict((key, value.encode('utf-8')) for key, value in request.args.iteritems()) query = request.query_string dbi = DBMgr.getInstance() dbi.startRequest() apiKey = get_query_parameter(queryParams, ['ak', 'apikey'], None) cookieAuth = get_query_parameter(queryParams, ['ca', 'cookieauth'], 'no') == 'yes' signature = get_query_parameter(queryParams, ['signature']) timestamp = get_query_parameter(queryParams, ['timestamp'], 0, integer=True) noCache = get_query_parameter(queryParams, ['nc', 'nocache'], 'no') == 'yes' pretty = get_query_parameter(queryParams, ['p', 'pretty'], 'no') == 'yes' onlyPublic = get_query_parameter(queryParams, ['op', 'onlypublic'], 'no') == 'yes' onlyAuthed = get_query_parameter(queryParams, ['oa', 'onlyauthed'], 'no') == 'yes' scope = 'read:legacy_api' if request.method == 'GET' else 'write:legacy_api' try: oauth_valid, oauth_request = oauth.verify_request([scope]) if not oauth_valid and oauth_request and oauth_request.error_message != 'Bearer token not found.': raise BadRequest('OAuth error: {}'.format( oauth_request.error_message)) elif g.get( 'received_oauth_token' ) and oauth_request.error_message == 'Bearer token not found.': raise BadRequest('OAuth error: Invalid token') except ValueError: # XXX: Dirty hack to workaround a bug in flask-oauthlib that causes it # not to properly urlencode request query strings # Related issue (https://github.com/lepture/flask-oauthlib/issues/213) oauth_valid = False # Get our handler function and its argument and response type hook, dformat = HTTPAPIHook.parseRequest(path, queryParams) if hook is None or dformat is None: raise NotFound # Disable caching if we are not just retrieving data (or the hook requires it) if request.method == 'POST' or hook.NO_CACHE: noCache = True ak = error = result = None ts = int(time.time()) typeMap = {} responseUtil = ResponseUtil() is_response = False try: used_session = None if cookieAuth: used_session = session if not used_session.user: # ignore guest sessions used_session = None if apiKey or oauth_valid or not used_session: if not oauth_valid: # Validate the API key (and its signature) ak, enforceOnlyPublic = checkAK(apiKey, signature, timestamp, path, query) if enforceOnlyPublic: onlyPublic = True # Create an access wrapper for the API key's user aw = buildAW(ak, onlyPublic) else: # Access Token (OAuth) at = load_token(oauth_request.access_token.access_token) aw = buildAW(at, onlyPublic) # Get rid of API key in cache key if we did not impersonate a user if ak and aw.getUser() is None: cacheKey = normalizeQuery( path, query, remove=('_', 'ak', 'apiKey', 'signature', 'timestamp', 'nc', 'nocache', 'oa', 'onlyauthed')) else: cacheKey = normalizeQuery(path, query, remove=('_', 'signature', 'timestamp', 'nc', 'nocache', 'oa', 'onlyauthed')) if signature: # in case the request was signed, store the result under a different key cacheKey = 'signed_' + cacheKey else: # We authenticated using a session cookie. if Config.getInstance().getCSRFLevel() >= 2: token = request.headers.get( 'X-CSRF-Token', get_query_parameter(queryParams, ['csrftoken'])) if used_session.csrf_protected and used_session.csrf_token != token: raise HTTPAPIError('Invalid CSRF token', 403) aw = AccessWrapper() if not onlyPublic: aw.setUser(used_session.avatar) userPrefix = 'user-{}_'.format(used_session.user.id) cacheKey = userPrefix + normalizeQuery( path, query, remove=('_', 'nc', 'nocache', 'ca', 'cookieauth', 'oa', 'onlyauthed', 'csrftoken')) # Bail out if the user requires authentication but is not authenticated if onlyAuthed and not aw.getUser(): raise HTTPAPIError('Not authenticated', 403) addToCache = not hook.NO_CACHE cache = GenericCache('HTTPAPI') cacheKey = RE_REMOVE_EXTENSION.sub('', cacheKey) if not noCache: obj = cache.get(cacheKey) if obj is not None: result, extra, ts, complete, typeMap = obj addToCache = False if result is None: ContextManager.set("currentAW", aw) # Perform the actual exporting res = hook(aw) if isinstance(res, current_app.response_class): addToCache = False is_response = True result, extra, complete, typeMap = res, {}, True, {} elif isinstance(res, tuple) and len(res) == 4: result, extra, complete, typeMap = res else: result, extra, complete, typeMap = res, {}, True, {} if result is not None and addToCache: ttl = api_settings.get('cache_ttl') if ttl > 0: cache.set(cacheKey, (result, extra, ts, complete, typeMap), ttl) except HTTPAPIError, e: error = e if e.getCode(): responseUtil.status = e.getCode() if responseUtil.status == 405: responseUtil.headers[ 'Allow'] = 'GET' if request.method == 'POST' else 'POST'
def handler(prefix, path): path = posixpath.join('/', prefix, path) ContextManager.destroy() clearCache() # init fossil cache logger = Logger.get('httpapi') if request.method == 'POST': # Convert POST data to a query string queryParams = dict((key, value.encode('utf-8')) for key, value in request.form.iteritems()) query = urllib.urlencode(queryParams) else: # Parse the actual query string queryParams = dict((key, value.encode('utf-8')) for key, value in request.args.iteritems()) query = request.query_string dbi = DBMgr.getInstance() dbi.startRequest() minfo = HelperMaKaCInfo.getMaKaCInfoInstance() if minfo.getRoomBookingModuleActive(): Factory.getDALManager().connect() apiKey = get_query_parameter(queryParams, ['ak', 'apikey'], None) cookieAuth = get_query_parameter(queryParams, ['ca', 'cookieauth'], 'no') == 'yes' signature = get_query_parameter(queryParams, ['signature']) timestamp = get_query_parameter(queryParams, ['timestamp'], 0, integer=True) noCache = get_query_parameter(queryParams, ['nc', 'nocache'], 'no') == 'yes' pretty = get_query_parameter(queryParams, ['p', 'pretty'], 'no') == 'yes' onlyPublic = get_query_parameter(queryParams, ['op', 'onlypublic'], 'no') == 'yes' onlyAuthed = get_query_parameter(queryParams, ['oa', 'onlyauthed'], 'no') == 'yes' oauthToken = 'oauth_token' in queryParams # Get our handler function and its argument and response type hook, dformat = HTTPAPIHook.parseRequest(path, queryParams) if hook is None or dformat is None: raise NotFound # Disable caching if we are not just retrieving data (or the hook requires it) if request.method == 'POST' or hook.NO_CACHE: noCache = True ak = error = result = None ts = int(time.time()) typeMap = {} responseUtil = ResponseUtil() try: used_session = None if cookieAuth: used_session = session if not used_session.user: # ignore guest sessions used_session = None if apiKey or oauthToken or not used_session: if not oauthToken: # Validate the API key (and its signature) ak, enforceOnlyPublic = checkAK(apiKey, signature, timestamp, path, query) if enforceOnlyPublic: onlyPublic = True # Create an access wrapper for the API key's user aw = buildAW(ak, onlyPublic) else: # Access Token (OAuth) at = OAuthUtils.OAuthCheckAccessResource() aw = buildAW(at, onlyPublic) # Get rid of API key in cache key if we did not impersonate a user if ak and aw.getUser() is None: cacheKey = normalizeQuery(path, query, remove=('_', 'ak', 'apiKey', 'signature', 'timestamp', 'nc', 'nocache', 'oa', 'onlyauthed')) else: cacheKey = normalizeQuery(path, query, remove=('_', 'signature', 'timestamp', 'nc', 'nocache', 'oa', 'onlyauthed')) if signature: # in case the request was signed, store the result under a different key cacheKey = 'signed_' + cacheKey else: # We authenticated using a session cookie. if Config.getInstance().getCSRFLevel() >= 2: token = request.headers.get('X-CSRF-Token', get_query_parameter(queryParams, ['csrftoken'])) if used_session.csrf_protected and used_session.csrf_token != token: raise HTTPAPIError('Invalid CSRF token', 403) aw = AccessWrapper() if not onlyPublic: aw.setUser(used_session.user) userPrefix = 'user-' + used_session.user.getId() + '_' cacheKey = userPrefix + normalizeQuery(path, query, remove=('_', 'nc', 'nocache', 'ca', 'cookieauth', 'oa', 'onlyauthed', 'csrftoken')) # Bail out if the user requires authentication but is not authenticated if onlyAuthed and not aw.getUser(): raise HTTPAPIError('Not authenticated', 403) addToCache = not hook.NO_CACHE cache = GenericCache('HTTPAPI') cacheKey = RE_REMOVE_EXTENSION.sub('', cacheKey) if not noCache: obj = cache.get(cacheKey) if obj is not None: result, extra, ts, complete, typeMap = obj addToCache = False if result is None: # Perform the actual exporting res = hook(aw) if isinstance(res, tuple) and len(res) == 4: result, extra, complete, typeMap = res else: result, extra, complete, typeMap = res, {}, True, {} if result is not None and addToCache: ttl = HelperMaKaCInfo.getMaKaCInfoInstance().getAPICacheTTL() cache.set(cacheKey, (result, extra, ts, complete, typeMap), ttl) except HTTPAPIError, e: error = e if e.getCode(): responseUtil.status = e.getCode() if responseUtil.status == 405: responseUtil.headers['Allow'] = 'GET' if request.method == 'POST' else 'POST'
def handler(prefix, path): path = posixpath.join('/', prefix, path) ContextManager.destroy() clearCache() # init fossil cache logger = Logger.get('httpapi') if request.method == 'POST': # Convert POST data to a query string queryParams = dict((key, value.encode('utf-8')) for key, value in request.form.iteritems()) query = urllib.urlencode(queryParams) else: # Parse the actual query string queryParams = dict((key, value.encode('utf-8')) for key, value in request.args.iteritems()) query = request.query_string dbi = DBMgr.getInstance() dbi.startRequest() apiKey = get_query_parameter(queryParams, ['ak', 'apikey'], None) cookieAuth = get_query_parameter(queryParams, ['ca', 'cookieauth'], 'no') == 'yes' signature = get_query_parameter(queryParams, ['signature']) timestamp = get_query_parameter(queryParams, ['timestamp'], 0, integer=True) noCache = get_query_parameter(queryParams, ['nc', 'nocache'], 'no') == 'yes' pretty = get_query_parameter(queryParams, ['p', 'pretty'], 'no') == 'yes' onlyPublic = get_query_parameter(queryParams, ['op', 'onlypublic'], 'no') == 'yes' onlyAuthed = get_query_parameter(queryParams, ['oa', 'onlyauthed'], 'no') == 'yes' oauthToken = 'oauth_token' in queryParams # Check if OAuth data is supplied in the Authorization header if not oauthToken and request.headers.get('Authorization') is not None: oauthToken = 'oauth_token' in request.headers.get('Authorization') # Get our handler function and its argument and response type hook, dformat = HTTPAPIHook.parseRequest(path, queryParams) if hook is None or dformat is None: raise NotFound # Disable caching if we are not just retrieving data (or the hook requires it) if request.method == 'POST' or hook.NO_CACHE: noCache = True ak = error = result = None ts = int(time.time()) typeMap = {} responseUtil = ResponseUtil() try: used_session = None if cookieAuth: used_session = session if not used_session.avatar: # ignore guest sessions used_session = None if apiKey or oauthToken or not used_session: if not oauthToken: # Validate the API key (and its signature) ak, enforceOnlyPublic = checkAK(apiKey, signature, timestamp, path, query) if enforceOnlyPublic: onlyPublic = True # Create an access wrapper for the API key's user aw = buildAW(ak, onlyPublic) else: # Access Token (OAuth) at = OAuthUtils.OAuthCheckAccessResource() aw = buildAW(at, onlyPublic) # Get rid of API key in cache key if we did not impersonate a user if ak and aw.getUser() is None: cacheKey = normalizeQuery( path, query, remove=('_', 'ak', 'apiKey', 'signature', 'timestamp', 'nc', 'nocache', 'oa', 'onlyauthed')) else: cacheKey = normalizeQuery(path, query, remove=('_', 'signature', 'timestamp', 'nc', 'nocache', 'oa', 'onlyauthed')) if signature: # in case the request was signed, store the result under a different key cacheKey = 'signed_' + cacheKey else: # We authenticated using a session cookie. if Config.getInstance().getCSRFLevel() >= 2: token = request.headers.get( 'X-CSRF-Token', get_query_parameter(queryParams, ['csrftoken'])) if used_session.csrf_protected and used_session.csrf_token != token: raise HTTPAPIError('Invalid CSRF token', 403) aw = AccessWrapper() if not onlyPublic: aw.setUser(used_session.avatar) userPrefix = 'user-' + used_session.avatar.getId() + '_' cacheKey = userPrefix + normalizeQuery( path, query, remove=('_', 'nc', 'nocache', 'ca', 'cookieauth', 'oa', 'onlyauthed', 'csrftoken')) # Bail out if the user requires authentication but is not authenticated if onlyAuthed and not aw.getUser(): raise HTTPAPIError('Not authenticated', 403) addToCache = not hook.NO_CACHE cache = GenericCache('HTTPAPI') cacheKey = RE_REMOVE_EXTENSION.sub('', cacheKey) if not noCache: obj = cache.get(cacheKey) if obj is not None: result, extra, ts, complete, typeMap = obj addToCache = False if result is None: ContextManager.set("currentAW", aw) # Perform the actual exporting res = hook(aw) if isinstance(res, tuple) and len(res) == 4: result, extra, complete, typeMap = res else: result, extra, complete, typeMap = res, {}, True, {} if result is not None and addToCache: ttl = api_settings.get('cache_ttl') cache.set(cacheKey, (result, extra, ts, complete, typeMap), ttl) except HTTPAPIError, e: error = e if e.getCode(): responseUtil.status = e.getCode() if responseUtil.status == 405: responseUtil.headers[ 'Allow'] = 'GET' if request.method == 'POST' else 'POST'
def handler(prefix, path): path = posixpath.join('/', prefix, path) ContextManager.destroy() clearCache() # init fossil cache logger = Logger.get('httpapi') if request.method == 'POST': # Convert POST data to a query string queryParams = dict((key, value.encode('utf-8')) for key, value in request.form.iteritems()) query = urllib.urlencode(queryParams) else: # Parse the actual query string queryParams = dict((key, value.encode('utf-8')) for key, value in request.args.iteritems()) query = request.query_string dbi = DBMgr.getInstance() dbi.startRequest() apiKey = get_query_parameter(queryParams, ['ak', 'apikey'], None) cookieAuth = get_query_parameter(queryParams, ['ca', 'cookieauth'], 'no') == 'yes' signature = get_query_parameter(queryParams, ['signature']) timestamp = get_query_parameter(queryParams, ['timestamp'], 0, integer=True) noCache = get_query_parameter(queryParams, ['nc', 'nocache'], 'no') == 'yes' pretty = get_query_parameter(queryParams, ['p', 'pretty'], 'no') == 'yes' onlyPublic = get_query_parameter(queryParams, ['op', 'onlypublic'], 'no') == 'yes' onlyAuthed = get_query_parameter(queryParams, ['oa', 'onlyauthed'], 'no') == 'yes' scope = 'read:legacy_api' if request.method == 'GET' else 'write:legacy_api' try: oauth_valid, oauth_request = oauth.verify_request([scope]) if not oauth_valid and oauth_request and oauth_request.error_message != 'Bearer token not found.': raise BadRequest('OAuth error: {}'.format(oauth_request.error_message)) elif g.get('received_oauth_token') and oauth_request.error_message == 'Bearer token not found.': raise BadRequest('OAuth error: Invalid token') except ValueError: # XXX: Dirty hack to workaround a bug in flask-oauthlib that causes it # not to properly urlencode request query strings # Related issue (https://github.com/lepture/flask-oauthlib/issues/213) oauth_valid = False # Get our handler function and its argument and response type hook, dformat = HTTPAPIHook.parseRequest(path, queryParams) if hook is None or dformat is None: raise NotFound # Disable caching if we are not just retrieving data (or the hook requires it) if request.method == 'POST' or hook.NO_CACHE: noCache = True ak = error = result = None ts = int(time.time()) typeMap = {} responseUtil = ResponseUtil() try: used_session = None if cookieAuth: used_session = session if not used_session.user: # ignore guest sessions used_session = None if apiKey or oauth_valid or not used_session: if not oauth_valid: # Validate the API key (and its signature) ak, enforceOnlyPublic = checkAK(apiKey, signature, timestamp, path, query) if enforceOnlyPublic: onlyPublic = True # Create an access wrapper for the API key's user aw = buildAW(ak, onlyPublic) else: # Access Token (OAuth) at = load_token(oauth_request.access_token.access_token) aw = buildAW(at, onlyPublic) # Get rid of API key in cache key if we did not impersonate a user if ak and aw.getUser() is None: cacheKey = normalizeQuery(path, query, remove=('_', 'ak', 'apiKey', 'signature', 'timestamp', 'nc', 'nocache', 'oa', 'onlyauthed')) else: cacheKey = normalizeQuery(path, query, remove=('_', 'signature', 'timestamp', 'nc', 'nocache', 'oa', 'onlyauthed')) if signature: # in case the request was signed, store the result under a different key cacheKey = 'signed_' + cacheKey else: # We authenticated using a session cookie. if Config.getInstance().getCSRFLevel() >= 2: token = request.headers.get('X-CSRF-Token', get_query_parameter(queryParams, ['csrftoken'])) if used_session.csrf_protected and used_session.csrf_token != token: raise HTTPAPIError('Invalid CSRF token', 403) aw = AccessWrapper() if not onlyPublic: aw.setUser(used_session.avatar) userPrefix = 'user-{}_'.format(used_session.user.id) cacheKey = userPrefix + normalizeQuery(path, query, remove=('_', 'nc', 'nocache', 'ca', 'cookieauth', 'oa', 'onlyauthed', 'csrftoken')) # Bail out if the user requires authentication but is not authenticated if onlyAuthed and not aw.getUser(): raise HTTPAPIError('Not authenticated', 403) addToCache = not hook.NO_CACHE cache = GenericCache('HTTPAPI') cacheKey = RE_REMOVE_EXTENSION.sub('', cacheKey) if not noCache: obj = cache.get(cacheKey) if obj is not None: result, extra, ts, complete, typeMap = obj addToCache = False if result is None: ContextManager.set("currentAW", aw) # Perform the actual exporting res = hook(aw) if isinstance(res, tuple) and len(res) == 4: result, extra, complete, typeMap = res else: result, extra, complete, typeMap = res, {}, True, {} if result is not None and addToCache: ttl = api_settings.get('cache_ttl') cache.set(cacheKey, (result, extra, ts, complete, typeMap), ttl) except HTTPAPIError, e: error = e if e.getCode(): responseUtil.status = e.getCode() if responseUtil.status == 405: responseUtil.headers['Allow'] = 'GET' if request.method == 'POST' else 'POST'
def invokeMethod(self, method, params): MAX_RETRIES = 10 # clear the context ContextManager.destroy() DBMgr.getInstance().startRequest() # room booking database _startRequestSpecific2RH() # notify components that the request has started self._notify('requestStarted') forcedConflicts = Config.getInstance().getForceConflicts() retry = MAX_RETRIES try: while retry > 0: if retry < MAX_RETRIES: # notify components that the request is being retried self._notify('requestRetry', MAX_RETRIES - retry) # clear/init fossil cache fossilize.clearCache() try: # delete all queued emails GenericMailer.flushQueue(False) DBMgr.getInstance().sync() try: result = processRequest(method, copy.deepcopy(params)) except MaKaC.errors.NoReportError, e: raise NoReportError(e.getMsg()) rh = ContextManager.get('currentRH') # notify components that the request has ended self._notify('requestFinished') # Raise a conflict error if enabled. This allows detecting conflict-related issues easily. if retry > (MAX_RETRIES - forcedConflicts): raise ConflictError _endRequestSpecific2RH( True ) DBMgr.getInstance().endRequest(True) GenericMailer.flushQueue(True) # send emails if rh._redisPipeline: try: rh._redisPipeline.execute() except RedisError: Logger.get('redis').exception('Could not execute pipeline') break except ConflictError: _abortSpecific2RH() DBMgr.getInstance().abort() retry -= 1 continue except ClientDisconnected: _abortSpecific2RH() DBMgr.getInstance().abort() retry -= 1 time.sleep(MAX_RETRIES - retry) continue
def process(self, params): """ """ profile = Config.getInstance().getProfile() proffilename = "" res = "" MAX_RETRIES = 10 retry = MAX_RETRIES textLog = [] self._startTime = datetime.now() # clear the context ContextManager.destroy() ContextManager.set('currentRH', self) #redirect to https if necessary if self._checkHttpsRedirect(): return DBMgr.getInstance().startRequest() self._startRequestSpecific2RH( ) # I.e. implemented by Room Booking request handlers textLog.append("%s : Database request started" % (datetime.now() - self._startTime)) Logger.get('requestHandler').info( '[pid=%s] Request %s started (%s)' % (os.getpid(), id(self._req), self._req.unparsed_uri)) # notify components that the request has started self._notify('requestStarted', self._req) forcedConflicts = Config.getInstance().getForceConflicts() try: while retry > 0: if retry < MAX_RETRIES: # notify components that the request is being retried self._notify('requestRetry', self._req, MAX_RETRIES - retry) try: Logger.get('requestHandler').info( '\t[pid=%s] from host %s' % (os.getpid(), self.getHostIP())) try: # clear the fossile cache at the start of each request fossilize.clearCache() # delete all queued emails GenericMailer.flushQueue(False) DBMgr.getInstance().sync() # keep a link to the web session in the access wrapper # this is used for checking access/modification key existence # in the user session self._aw.setIP(self.getHostIP()) self._aw.setSession(self._getSession()) #raise(str(dir(self._websession))) self._setSessionUser() self._setLang(params) if self._getAuth(): if self._getUser(): Logger.get('requestHandler').info( 'Request %s identified with user %s (%s)' % (id(self._req), self._getUser().getFullName(), self._getUser().getId())) if not self._tohttps and Config.getInstance( ).getAuthenticatedEnforceSecure(): self._tohttps = True if self._checkHttpsRedirect(): return #if self._getUser() != None and self._getUser().getId() == "893": # profile = True self._reqParams = copy.copy(params) self._checkParams(self._reqParams) self._checkProtection() security.Sanitization.sanitizationCheck( self._target, self._reqParams, self._aw, self._doNotSanitizeFields) if self._doProcess: if profile: import profile, pstats proffilename = os.path.join( Config.getInstance().getTempDir(), "stone%s.prof" % str(random.random())) result = [None] profile.runctx("result[0] = self._process()", globals(), locals(), proffilename) res = result[0] else: res = self._process() # Save web session, just when needed sm = session.getSessionManager() sm.maintain_session(self._req, self._websession) # notify components that the request has finished self._notify('requestFinished', self._req) # Raise a conflict error if enabled. This allows detecting conflict-related issues easily. if retry > (MAX_RETRIES - forcedConflicts): raise ConflictError self._endRequestSpecific2RH( True ) # I.e. implemented by Room Booking request handlers DBMgr.getInstance().endRequest(True) Logger.get('requestHandler').info( 'Request %s successful' % (id(self._req))) #request succesfull, now, doing tas that must be done only once try: GenericMailer.flushQueue(True) # send emails self._deleteTempFiles() except: Logger.get('mail').exception( 'Mail sending operation failed') pass break except MaKaCError, e: #DBMgr.getInstance().endRequest(False) res = self._processError(e) except (ConflictError, POSKeyError): import traceback # only log conflict if it wasn't forced if retry <= (MAX_RETRIES - forcedConflicts): Logger.get('requestHandler').warning( 'Conflict in Database! (Request %s)\n%s' % (id(self._req), traceback.format_exc())) self._abortSpecific2RH() DBMgr.getInstance().abort() retry -= 1 continue except ClientDisconnected: Logger.get('requestHandler').warning( 'Client Disconnected! (Request %s)' % id(self._req)) self._abortSpecific2RH() DBMgr.getInstance().abort() retry -= 1 time.sleep(10 - retry) continue except KeyAccessError, e: #Key Access error treatment res = self._processKeyAccessError(e) self._endRequestSpecific2RH(False) DBMgr.getInstance().endRequest(False)