def default_bucket(request):
if request.method.lower() == 'options':
path = request.path.replace('default', 'unknown')
subrequest = build_request(request, {
'method': 'OPTIONS',
'path': path
})
return request.invoke_subrequest(subrequest)
if getattr(request, 'prefixed_userid', None) is None:
# Pass through the forbidden_view_config
raise httpexceptions.HTTPForbidden()
settings = request.registry.settings
if asbool(settings['readonly']):
raise httpexceptions.HTTPMethodNotAllowed()
hmac_secret = settings['userid_hmac_secret']
# Build the user unguessable bucket_id UUID from its user_id
digest = hmac_digest(hmac_secret, request.prefixed_userid)
bucket_id = text_type(UUID(digest[:32]))
path = request.path.replace('/buckets/default', '/buckets/%s' % bucket_id)
querystring = request.url[(request.url.index(request.path) +
len(request.path)):]
# Make sure bucket exists
create_bucket(request, bucket_id)
# Make sure the collection exists
create_collection(request, bucket_id)
subrequest = build_request(request, {
'method': request.method,
'path': path + querystring,
'body': request.body
})
subrequest.bound_data = request.bound_data
try:
response = request.invoke_subrequest(subrequest)
except httpexceptions.HTTPException as error:
if error.content_type == 'application/json':
response = reapply_cors(subrequest, error)
else:
# Ask the upper level to format the error.
raise error
return response
def create_collection(request, bucket_id):
subpath = request.matchdict.get('subpath')
if subpath and subpath.startswith('collections/'):
collection_id = subpath.split('/')[1]
collection_put = (request.method.lower() == 'put'
and request.path.endswith(collection_id))
if not collection_put:
subrequest = build_request(
request, {
'method':
'PUT',
'path':
'/buckets/%s/collections/%s' % (bucket_id, collection_id),
'body': {
"data": {}
},
'headers': {
'If-None-Match': '*'.encode('utf-8')
}
})
try:
request.invoke_subrequest(subrequest)
except HTTPPreconditionFailed:
# The collection already exists
pass
def default_bucket(request):
if request.method.lower() == 'options':
path = request.path.replace('default', 'unknown')
subrequest = build_request(request, {
'method': 'OPTIONS',
'path': path
})
return request.invoke_subrequest(subrequest)
if Authenticated not in request.effective_principals:
# Pass through the forbidden_view_config
raise httpexceptions.HTTPForbidden()
settings = request.registry.settings
if asbool(settings['readonly']):
raise httpexceptions.HTTPMethodNotAllowed()
bucket_id = request.default_bucket_id
path = request.path.replace('/buckets/default', '/buckets/%s' % bucket_id)
querystring = request.url[(request.url.index(request.path) +
len(request.path)):]
# Make sure bucket exists
create_bucket(request, bucket_id)
# Make sure the collection exists
create_collection(request, bucket_id)
subrequest = build_request(request, {
'method': request.method,
'path': path + querystring,
'body': request.body
})
subrequest.bound_data = request.bound_data
try:
response = request.invoke_subrequest(subrequest)
except httpexceptions.HTTPException as error:
is_redirect = error.status_code < 400
if error.content_type == 'application/json' or is_redirect:
response = reapply_cors(subrequest, error)
else:
# Ask the upper level to format the error.
raise error
return response
def default_bucket(request):
if request.method.lower() == 'options':
path = request.path.replace('default', 'unknown')
subrequest = build_request(request, {
'method': 'OPTIONS',
'path': path
})
return request.invoke_subrequest(subrequest)
if Authenticated not in request.effective_principals:
# Pass through the forbidden_view_config
raise httpexceptions.HTTPForbidden()
settings = request.registry.settings
if asbool(settings['readonly']):
raise httpexceptions.HTTPMethodNotAllowed()
bucket_id = request.default_bucket_id
path = request.path.replace('/buckets/default', '/buckets/%s' % bucket_id)
querystring = request.url[(request.url.index(request.path) +
len(request.path)):]
# Make sure bucket exists
create_bucket(request, bucket_id)
# Make sure the collection exists
create_collection(request, bucket_id)
subrequest = build_request(request, {
'method': request.method,
'path': path + querystring,
'body': request.body
})
subrequest.bound_data = request.bound_data
try:
response = request.invoke_subrequest(subrequest)
except httpexceptions.HTTPException as error:
is_redirect = error.status_code < 400
if error.content_type == 'application/json' or is_redirect:
response = reapply_cors(subrequest, error)
else:
# Ask the upper level to format the error.
raise error
return response
def default_bucket(request):
if request.method.lower() == 'options':
path = request.path.replace('default', 'unknown')
subrequest = build_request(request, {
'method': 'OPTIONS',
'path': path
})
return request.invoke_subrequest(subrequest)
if getattr(request, 'prefixed_userid', None) is None:
raise HTTPForbidden() # Pass through the forbidden_view_config
settings = request.registry.settings
hmac_secret = settings['userid_hmac_secret']
# Build the user unguessable bucket_id UUID from its user_id
digest = hmac_digest(hmac_secret, request.prefixed_userid)
bucket_id = text_type(UUID(digest[:32]))
path = request.path.replace('/buckets/default', '/buckets/%s' % bucket_id)
querystring = request.url[(request.url.index(request.path) +
len(request.path)):]
# Make sure bucket exists
create_bucket(request, bucket_id)
# Make sure the collection exists
create_collection(request, bucket_id)
subrequest = build_request(request, {
'method': request.method,
'path': path + querystring,
'body': request.body
})
subrequest.bound_data = request.bound_data
try:
response = request.invoke_subrequest(subrequest)
except HTTPException as error:
if error.content_type == 'application/json':
response = reapply_cors(subrequest, error)
else:
# Ask the upper level to format the error.
raise error
return response
def post_batch(request):
requests = request.validated['requests']
batch_size = len(requests)
limit = request.registry.settings['batch_max_requests']
if limit and len(requests) > int(limit):
error_msg = 'Number of requests is limited to %s' % limit
request.errors.add('body', 'requests', error_msg)
return
if any([batch.path in req['path'] for req in requests]):
error_msg = 'Recursive call on %s endpoint is forbidden.' % batch.path
request.errors.add('body', 'requests', error_msg)
return
responses = []
sublogger = logger.new()
for subrequest_spec in requests:
subrequest = build_request(request, subrequest_spec)
sublogger.bind(path=subrequest.path,
method=subrequest.method)
try:
# Invoke subrequest without individual transaction.
resp, subrequest = request.follow_subrequest(subrequest,
use_tweens=False)
except httpexceptions.HTTPException as e:
if e.content_type == 'application/json':
resp = e
else:
# JSONify raw Pyramid errors.
resp = errors.http_error(e)
except Exception as e:
resp = render_view_to_response(e, subrequest)
if resp.status_code >= 500:
raise e
sublogger.bind(code=resp.status_code)
sublogger.info('subrequest.summary')
dict_resp = build_response(resp, subrequest)
responses.append(dict_resp)
# Rebing batch request for summary
logger.bind(path=batch.path,
method=request.method,
batch_size=batch_size,
agent=request.headers.get('User-Agent'),)
return {
'responses': responses
}
def post_batch(request):
requests = request.validated['requests']
batch_size = len(requests)
limit = request.registry.settings['batch_max_requests']
if limit and len(requests) > int(limit):
error_msg = 'Number of requests is limited to %s' % limit
request.errors.add('body', 'requests', error_msg)
return
if any([batch.path in req['path'] for req in requests]):
error_msg = 'Recursive call on %s endpoint is forbidden.' % batch.path
request.errors.add('body', 'requests', error_msg)
return
responses = []
sublogger = logger.new()
for subrequest_spec in requests:
subrequest = build_request(request, subrequest_spec)
subrequest.parent = request
sublogger.bind(path=subrequest.path,
method=subrequest.method)
try:
subresponse = request.invoke_subrequest(subrequest)
except httpexceptions.HTTPException as e:
error_msg = 'Failed batch subrequest'
subresponse = errors.http_error(e, message=error_msg)
except Exception as e:
logger.error(e)
subresponse = errors.http_error(
httpexceptions.HTTPInternalServerError())
sublogger.bind(code=subresponse.status_code)
sublogger.info('subrequest.summary')
subresponse = build_response(subresponse, subrequest)
responses.append(subresponse)
# Rebing batch request for summary
logger.bind(path=batch.path,
method=request.method,
batch_size=batch_size,
agent=request.headers.get('User-Agent'),)
return {
'responses': responses
}
def default_bucket(request):
if request.method.lower() == 'options':
path = request.path.replace('default', 'unknown')
subrequest = build_request(request, {
'method': 'OPTIONS',
'path': path
})
return request.invoke_subrequest(subrequest)
if getattr(request, 'prefixed_userid', None) is None:
raise HTTPForbidden # Pass through the forbidden_view_config
settings = request.registry.settings
hmac_secret = settings['userid_hmac_secret']
# Build the user unguessable bucket_id UUID from its user_id
digest = hmac_digest(hmac_secret, request.prefixed_userid)
bucket_id = text_type(UUID(digest[:32]))
path = request.path.replace('/buckets/default', '/buckets/%s' % bucket_id)
querystring = request.url[(request.url.index(request.path) +
len(request.path)):]
# Make sure bucket exists
create_bucket(request, bucket_id)
# Make sure the collection exists
create_collection(request, bucket_id)
subrequest = build_request(request, {
'method': request.method,
'path': path + querystring,
'body': request.body
})
subrequest.bound_data = request.bound_data
try:
response = request.invoke_subrequest(subrequest)
except HTTPException as error:
response = reapply_cors(subrequest, error)
return response
def post_batch(request):
requests = request.validated['requests']
batch_size = len(requests)
limit = request.registry.settings['batch_max_requests']
if limit and len(requests) > int(limit):
error_msg = 'Number of requests is limited to %s' % limit
request.errors.add('body', 'requests', error_msg)
return
if any([batch.path in req['path'] for req in requests]):
error_msg = 'Recursive call on %s endpoint is forbidden.' % batch.path
request.errors.add('body', 'requests', error_msg)
return
responses = []
sublogger = logger.new()
for subrequest_spec in requests:
subrequest = build_request(request, subrequest_spec)
sublogger.bind(path=subrequest.path, method=subrequest.method)
try:
# Invoke subrequest without individual transaction.
resp, subrequest = request.follow_subrequest(subrequest,
use_tweens=False)
except httpexceptions.HTTPException as e:
if e.content_type == 'application/json':
resp = e
else:
# JSONify raw Pyramid errors.
resp = errors.http_error(e)
sublogger.bind(code=resp.status_code)
sublogger.info('subrequest.summary')
dict_resp = build_response(resp, subrequest)
responses.append(dict_resp)
# Rebing batch request for summary
logger.bind(
path=batch.path,
method=request.method,
batch_size=batch_size,
agent=request.headers.get('User-Agent'),
)
return {'responses': responses}
def create_bucket(request, bucket_id):
"""Create a bucket if it doesn't exists."""
bucket_put = (request.method.lower() == 'put' and
request.path.endswith('buckets/default'))
if not bucket_put:
subrequest = build_request(request, {
'method': 'PUT',
'path': '/buckets/%s' % bucket_id,
'body': {"data": {}},
'headers': {'If-None-Match': '*'.encode('utf-8')}
})
try:
request.invoke_subrequest(subrequest)
except HTTPPreconditionFailed:
# The bucket already exists
pass
def create_collection(request, bucket_id):
subpath = request.matchdict.get('subpath')
if subpath and subpath.startswith('collections/'):
collection_id = subpath.split('/')[1]
collection_put = (request.method.lower() == 'put' and
request.path.endswith(collection_id))
if not collection_put:
subrequest = build_request(request, {
'method': 'PUT',
'path': '/buckets/%s/collections/%s' % (
bucket_id, collection_id),
'body': {"data": {}},
'headers': {'If-None-Match': '*'.encode('utf-8')}
})
try:
request.invoke_subrequest(subrequest)
except HTTPPreconditionFailed:
# The collection already exists
pass
def create_bucket(request, bucket_id):
"""Create a bucket if it doesn't exists."""
bucket_put = (request.method.lower() == 'put'
and request.path.endswith('buckets/default'))
if not bucket_put:
subrequest = build_request(
request, {
'method': 'PUT',
'path': '/buckets/%s' % bucket_id,
'body': {
"data": {}
},
'headers': {
'If-None-Match': '*'.encode('utf-8')
}
})
try:
request.invoke_subrequest(subrequest)
except HTTPPreconditionFailed:
# The bucket already exists
pass
def default_bucket(request):
if getattr(request, 'prefixed_userid', None) is None:
raise HTTPForbidden # Pass through the forbidden_view_config
settings = request.registry.settings
hmac_secret = settings['cliquet.userid_hmac_secret']
# Build the user unguessable bucket_id UUID from its user_id
bucket_id = hmac_digest(hmac_secret, request.prefixed_userid)[:32]
path = request.path.replace('default', bucket_id)
# Make sure bucket exists
create_bucket(request, bucket_id)
# Make sure the collection exists
create_collection(request, bucket_id)
subrequest = build_request(request, {
'method': request.method,
'path': path,
'body': request.body
})
return request.invoke_subrequest(subrequest)
def test_built_request_has_cliquet_custom_methods(self):
original = build_real_request({"PATH_INFO": "/foo"})
request = build_request(original, {"path": "bar"})
self.assertTrue(hasattr(request, "current_service"))
def test_built_request_has_cliquet_custom_methods(self):
original = build_real_request({'PATH_INFO': '/foo'})
request = build_request(original, {"path": "bar"})
self.assertTrue(hasattr(request, 'current_service'))