def _dispatch(cls): cls._handle_debug() # locate the controller method try: rule, arguments = cls._match(request.httprequest.path) func = rule.endpoint except werkzeug.exceptions.NotFound as e: return cls._handle_exception(e) # check authentication level try: auth_method = cls._authenticate(func.routing["auth"]) except Exception as e: return cls._handle_exception(e) processing = cls._postprocess_args(arguments, rule) if processing: return processing # set and execute handler try: request.set_handler(func, arguments, auth_method) result = request.dispatch() if isinstance(result, Exception): raise result except Exception as e: return cls._handle_exception(e) return result
def _dispatch(cls): # locate the controller method try: rule, arguments = cls._find_handler(return_rule=True) func = rule.endpoint except werkzeug.exceptions.NotFound as e: return cls._handle_exception(e) # check authentication level try: auth_method = cls._authenticate(func.routing["auth"]) except Exception as e: return cls._handle_exception(e) processing = cls._postprocess_args(arguments, rule) if processing: return processing # set and execute handler try: request.set_handler(func, arguments, auth_method) result = request.dispatch() if isinstance(result, Exception): raise result except Exception as e: return cls._handle_exception(e) return result
def _dispatch(cls): # locate the controller method try: rule, arguments = cls._find_handler(return_rule=True) func = rule.endpoint except werkzeug.exceptions.NotFound as e: return cls._handle_exception(e) # check authentication level try: auth_method = cls._authenticate(func.routing["auth"]) except Exception as e: return cls._handle_exception(e) processing = cls._postprocess_args(arguments, rule) if processing: return processing # set and execute handler try: request.set_handler(func, arguments, auth_method) result = request.dispatch() if isinstance(result, Exception): raise result except Exception as e: return cls._handle_exception(e) if result.data: isValid = validateJSON(result.data) if isValid: error_data = json.loads(result.data) if 'error' in error_data: error_data['error']['message'] = 'ZPMS' result.data = json.dumps(error_data, sort_keys=True) return result
class IrHttp(models.AbstractModel): _name = 'ir.http' _description = "HTTP routing" def _get_converters(self): return { 'model': ModelConverter, 'models': ModelsConverter, 'int': SignedIntConverter } def _find_handler(self, return_rule=False): return self.routing_map().bind_to_environ( request.httprequest.environ).match(return_rule=return_rule) def _auth_method_user(self): request.uid = request.session.uid if not request.uid: raise http.SessionExpiredException("Session expired") def _auth_method_none(self): request.uid = None def _auth_method_public(self): if not request.session.uid: request.uid = request.env.ref('base.public_user').id else: request.uid = request.session.uid def _authenticate(self, auth_method='user'): try: if request.session.uid: try: request.session.check_security() # what if error in security.check() # -> res_users.check() # -> res_users.check_credentials() except (AccessDenied, http.SessionExpiredException): # All other exceptions mean undetermined status (e.g. connection pool full), # let them bubble up request.session.logout(keep_db=True) if request.uid is None: getattr(self, "_auth_method_%s" % auth_method)() except (AccessDenied, http.SessionExpiredException, werkzeug.exceptions.HTTPException): raise except Exception: _logger.info("Exception during request Authentication.", exc_info=True) raise AccessDenied() return auth_method def _serve_attachment(self): env = api.Environment(request.cr, SUPERUSER_ID, request.context) domain = [('type', '=', 'binary'), ('url', '=', request.httprequest.path)] fields = ['__last_update', 'datas', 'name', 'mimetype', 'checksum'] attach = env['ir.attachment'].search_read(domain, fields) if attach: wdate = attach[0]['__last_update'] datas = attach[0]['datas'] or '' name = attach[0]['name'] checksum = attach[0]['checksum'] or hashlib.sha1(datas).hexdigest() if (not datas and name != request.httprequest.path and name.startswith(('http://', 'https://', '/'))): return werkzeug.utils.redirect(name, 301) response = werkzeug.wrappers.Response() server_format = tools.DEFAULT_SERVER_DATETIME_FORMAT try: response.last_modified = datetime.datetime.strptime( wdate, server_format + '.%f') except ValueError: # just in case we have a timestamp without microseconds response.last_modified = datetime.datetime.strptime( wdate, server_format) response.set_etag(checksum) response.make_conditional(request.httprequest) if response.status_code == 304: return response response.mimetype = attach[0][ 'mimetype'] or 'application/octet-stream' response.data = datas.decode('base64') return response def _handle_exception(self, exception): # If handle_exception returns something different than None, it will be used as a response # This is done first as the attachment path may # not match any HTTP controller if isinstance( exception, werkzeug.exceptions.HTTPException) and exception.code == 404: attach = self._serve_attachment() if attach: return attach # Don't handle exception but use werkeug debugger if server in --dev mode if 'werkzeug' in tools.config['dev_mode']: raise try: return request._handle_exception(exception) except AccessDenied: return werkzeug.exceptions.Forbidden() def _dispatch(self): # locate the controller method try: rule, arguments = self._find_handler(return_rule=True) func = rule.endpoint except werkzeug.exceptions.NotFound, e: return self._handle_exception(e) # check authentication level try: auth_method = self._authenticate(func.routing["auth"]) except Exception as e: return self._handle_exception(e) processing = self._postprocess_args(arguments, rule) if processing: return processing # set and execute handler try: request.set_handler(func, arguments, auth_method) result = request.dispatch() if isinstance(result, Exception): raise result except Exception, e: return self._handle_exception(e)