def prepare(self): print(">>> [%s] %s %s %d" % (time.strftime("%Y-%m-%d %H:%M:%S"), self.request.method, self.request.uri, os.getpid())) dbname = None if config.get("database"): dbname = config.get("database") elif config.get("database_from_domain"): request = self.request host = request.host subdom = host.split(".", 1)[0] if subdom not in ("all", "clients"): # XXX dbname = subdom.replace("-", "_") elif config.get("database_from_http_header"): dbname = self.request.headers.get("X-Database") if not dbname: dbname = self.get_cookie("dbname") database.set_active_db(dbname) schema = None if config.get("schema"): schema = config.get("schema") elif self.request.headers.get("X-Schema"): schema = self.request.headers.get("X-Schema") elif self.get_cookie("schema"): schema = self.get_cookie("schema") database.set_active_schema(schema) template.set_active_theme(None) locale = self.get_cookie("locale") or "en_US" netforce.locale.set_active_locale(locale) user_id = self.get_cookie("user_id") if user_id and dbname: user_id = int(user_id) token = utils.url_unescape(self.get_cookie("token")) if utils.check_token(dbname, user_id, token): access.set_active_user(user_id) else: print("WARNING: wrong token! (dbname=%s user_id=%s token=%s)" % (dbname, user_id, token)) self.clear_cookie("user_id") raise Exception("Invalid token") else: access.set_active_user(None) ip_addr = self.request.headers.get( "X-Real-IP") or self.request.remote_ip access.set_ip_addr(ip_addr) company_id = self.get_cookie("company_id") if company_id: company_id = int(company_id) access.set_active_company(company_id) else: access.set_active_company(None)
def prepare(self): print(">>> [%s] %s %s %d" % (time.strftime("%Y-%m-%d %H:%M:%S"), self.request.method, self.request.uri, os.getpid())) dbname = None if config.get("database"): dbname = config.get("database") elif config.get("database_from_domain"): request = self.request host = request.host subdom = host.split(".", 1)[0] if subdom not in ("all", "clients"): # XXX dbname = subdom.replace("-", "_") elif config.get("database_from_http_header"): dbname = self.request.headers.get("X-Database") if not dbname: dbname = self.get_cookie("dbname") database.set_active_db(dbname) schema = None if config.get("schema"): schema = config.get("schema") elif self.request.headers.get("X-Schema"): schema = self.request.headers.get("X-Schema") elif self.get_cookie("schema"): schema = self.get_cookie("schema") database.set_active_schema(schema) template.set_active_theme(None) locale = self.get_cookie("locale") or "en_US" netforce.locale.set_active_locale(locale) user_id = self.get_cookie("user_id") if user_id and dbname: user_id = int(user_id) token = utils.url_unescape(self.get_cookie("token")) if utils.check_token(dbname, user_id, token): access.set_active_user(user_id) else: print("WARNING: wrong token! (dbname=%s user_id=%s token=%s)" % (dbname, user_id, token)) self.clear_cookie("user_id") raise Exception("Invalid token") else: access.set_active_user(None) ip_addr = self.request.headers.get("X-Real-IP") or self.request.remote_ip access.set_ip_addr(ip_addr) company_id = self.get_cookie("company_id") if company_id: company_id = int(company_id) access.set_active_company(company_id) else: access.set_active_company(None)
def post(self): params, r_method = xmlrpc.client.loads(self.request.body) db = database.get_connection() if db: db.begin() try: if r_method == "execute": model = params[0] method = params[1] args = params[2] if len(params) >= 4: opts = params[3] else: opts = {} if len(params) >= 7: dbname = params[4] user_id = params[5] token = params[6] if utils.check_token(dbname, user_id, token): database.set_active_db(dbname) access.set_active_user(user_id) m = get_model(model) f = getattr(m, method) res = f(*args, **opts) else: raise Exception("Invalid XML-RPC method") resp = xmlrpc.client.dumps((res,), methodresponse=True, allow_none=True) self.write(resp) db = database.get_connection() if db: db.commit() except Exception as e: db = database.get_connection() if db: db.rollback() import traceback traceback.print_exc() f = xmlrpc.client.Fault(0, str(e)) self.write(xmlrpc.client.dumps(f, methodresponse=True, allow_none=True))
def post(self): req = json.loads(self.request.body.decode()) # open("/tmp/json_rpc.log","a").write(self.request.body.decode()+"\n###############################################################\n") db = database.get_connection() if db: db.begin() try: clear_cache() method = req["method"] params = req["params"] if method == "execute": model = params[0] method = params[1] if method.startswith("_"): raise Exception("Invalid method") args = params[2] if len(params) >= 4: opts = params[3] or {} else: opts = {} if len(params) >= 5: cookies = params[4] or {} else: cookies = {} if "locale" in cookies: set_active_locale(cookies["locale"]) if "user_id" in cookies: user_id=int(cookies["user_id"]) token=cookies.get("token") dbname=database.get_active_db() schema=database.get_active_schema() if check_token(dbname, user_id, token, schema=schema): access.set_active_user(user_id) user_id = access.get_active_user() rpc_log.info("EXECUTE db=%s model=%s method=%s user=%s" % (database.get_active_db(), model, method, user_id)) m = get_model(model) f = getattr(m, method) ctx = { "request_handler": self, "request": self.request, } ctx.update(self.get_cookies()) ctx.update(cookies); ctx.update(opts.get("context",{})) opts["context"]=ctx with timeout(seconds=900): # XXX: can make this faster? (less signal sys handler overhead) t0 = time.time() res = f(*args, **opts) t1 = time.time() dt = (t1 - t0) * 1000 rpc_log.info("<<< %d ms" % dt) resp = { "result": res, "error": None, "id": req["id"], } else: raise Exception("Invalid method: %s" % method) if db: db.commit() except Exception as e: try: msg = translate(str(e)) except: print("WARNING: Failed to translate error message") msg = str(e) rpc_log.error(msg) if db: db.rollback() rpc_log.error(traceback.format_exc()) err = { "message": msg, } error_fields = getattr(e, "error_fields", None) if error_fields: err["error_fields"] = error_fields resp = { "result": None, "error": err, "id": req["id"], } access.clear_active_user() try: data = json_dumps(resp) self.add_header("Access-Control-Allow-Origin","*") self.write(data) except: print("JSONRPC ERROR: invalid response") from pprint import pprint pprint(resp) traceback.print_exc()
def post(self): req = json.loads(self.request.body.decode()) # open("/tmp/json_rpc.log","a").write(self.request.body.decode()+"\n###############################################################\n") db = database.get_connection() if db: db.begin() try: clear_cache() method = req["method"] params = req["params"] if method == "execute": model = params[0] method = params[1] if method.startswith("_"): raise Exception("Invalid method") args = params[2] if len(params) >= 4: opts = params[3] or {} else: opts = {} if len(params) >= 5: cookies = params[4] or {} else: cookies = {} if "locale" in cookies: set_active_locale(cookies["locale"]) if "user_id" in cookies: user_id = int(cookies["user_id"]) token = cookies.get("token") dbname = database.get_active_db() schema = database.get_active_schema() if check_token(dbname, user_id, token, schema=schema): access.set_active_user(user_id) user_id = access.get_active_user() rpc_log.info( "EXECUTE db=%s model=%s method=%s user=%s" % (database.get_active_db(), model, method, user_id)) m = get_model(model) f = getattr(m, method) ctx = { "request_handler": self, "request": self.request, } ctx.update(self.get_cookies()) ctx.update(cookies) ctx.update(opts.get("context", {})) opts["context"] = ctx with timeout( seconds=900 ): # XXX: can make this faster? (less signal sys handler overhead) t0 = time.time() res = f(*args, **opts) t1 = time.time() dt = (t1 - t0) * 1000 rpc_log.info("<<< %d ms" % dt) resp = { "result": res, "error": None, "id": req["id"], } else: raise Exception("Invalid method: %s" % method) if db: db.commit() except Exception as e: try: msg = translate(str(e)) except: print("WARNING: Failed to translate error message") msg = str(e) rpc_log.error(msg) if db: db.rollback() rpc_log.error(traceback.format_exc()) err = { "message": msg, } error_fields = getattr(e, "error_fields", None) if error_fields: err["error_fields"] = error_fields resp = { "result": None, "error": err, "id": req["id"], } access.clear_active_user() try: data = json_dumps(resp) self.add_header("Access-Control-Allow-Origin", "*") self.write(data) except: print("JSONRPC ERROR: invalid response") from pprint import pprint pprint(resp) traceback.print_exc()