def main(global_config, **settings): """ This function returns a Pyramid WSGI application. """ config = pyramid.config.Configurator(settings=settings) # Add JSON as default renderer config.add_renderer(None, renderers.JSON()) config.include('pyramid_jwt') config.include('.security') config.include('.models') config.include('.resources') config.scan() return config.make_wsgi_app()
def main(global_config, **settings): """ This function returns a Pyramid WSGI application. """ config = Configurator(root_factory=root_factory, settings=settings) json_renderer = renderers.JSON() config.add_renderer(None, json_renderer) config.add_subscriber(add_cors_headers_response_callback, NewRequest) config.add_route('api.things.get', '/api/things', request_method='GET') config.scan() return config.make_wsgi_app()
def configure(settings=None): if settings is None: settings = {} # Add information about the current copy of the code. settings.setdefault("warehouse.commit", __commit__) # Set the environment from an environment variable, if one hasn't already # been set. maybe_set( settings, "warehouse.env", "WAREHOUSE_ENV", Environment, default=Environment.production, ) # Pull in default configuration from the environment. maybe_set(settings, "warehouse.token", "WAREHOUSE_TOKEN") maybe_set(settings, "warehouse.num_proxies", "WAREHOUSE_NUM_PROXIES", int) maybe_set(settings, "warehouse.theme", "WAREHOUSE_THEME") maybe_set(settings, "warehouse.domain", "WAREHOUSE_DOMAIN") maybe_set(settings, "forklift.domain", "FORKLIFT_DOMAIN") maybe_set(settings, "warehouse.legacy_domain", "WAREHOUSE_LEGACY_DOMAIN") maybe_set(settings, "site.name", "SITE_NAME", default="Warehouse") maybe_set(settings, "aws.key_id", "AWS_ACCESS_KEY_ID") maybe_set(settings, "aws.secret_key", "AWS_SECRET_ACCESS_KEY") maybe_set(settings, "aws.region", "AWS_REGION") maybe_set(settings, "gcloud.credentials", "GCLOUD_CREDENTIALS") maybe_set(settings, "gcloud.project", "GCLOUD_PROJECT") maybe_set(settings, "warehouse.trending_table", "WAREHOUSE_TRENDING_TABLE") maybe_set(settings, "celery.broker_url", "AMQP_URL") maybe_set(settings, "celery.result_url", "REDIS_URL") maybe_set(settings, "celery.scheduler_url", "REDIS_URL") maybe_set(settings, "database.url", "DATABASE_URL") maybe_set(settings, "elasticsearch.url", "ELASTICSEARCH_URL") maybe_set(settings, "sentry.dsn", "SENTRY_DSN") maybe_set(settings, "sentry.transport", "SENTRY_TRANSPORT") maybe_set(settings, "sessions.url", "REDIS_URL") maybe_set(settings, "download_stats.url", "REDIS_URL") maybe_set(settings, "ratelimit.url", "REDIS_URL") maybe_set(settings, "recaptcha.site_key", "RECAPTCHA_SITE_KEY") maybe_set(settings, "recaptcha.secret_key", "RECAPTCHA_SECRET_KEY") maybe_set(settings, "sessions.secret", "SESSION_SECRET") maybe_set(settings, "camo.url", "CAMO_URL") maybe_set(settings, "camo.key", "CAMO_KEY") maybe_set(settings, "docs.url", "DOCS_URL") maybe_set(settings, "mail.host", "MAIL_HOST") maybe_set(settings, "mail.port", "MAIL_PORT") maybe_set(settings, "mail.username", "MAIL_USERNAME") maybe_set(settings, "mail.password", "MAIL_PASSWORD") maybe_set(settings, "mail.sender", "MAIL_SENDER") maybe_set(settings, "mail.ssl", "MAIL_SSL", default=True) maybe_set(settings, "ga.tracking_id", "GA_TRACKING_ID") maybe_set(settings, "statuspage.url", "STATUSPAGE_URL") maybe_set(settings, "token.password.secret", "TOKEN_PASSWORD_SECRET") maybe_set(settings, "token.email.secret", "TOKEN_EMAIL_SECRET") maybe_set( settings, "token.password.max_age", "TOKEN_PASSWORD_MAX_AGE", coercer=int, ) maybe_set( settings, "token.email.max_age", "TOKEN_EMAIL_MAX_AGE", coercer=int, ) maybe_set( settings, "token.default.max_age", "TOKEN_DEFAULT_MAX_AGE", coercer=int, default=21600, # 6 hours ) maybe_set_compound(settings, "files", "backend", "FILES_BACKEND") maybe_set_compound(settings, "origin_cache", "backend", "ORIGIN_CACHE") # Add the settings we use when the environment is set to development. if settings["warehouse.env"] == Environment.development: settings.setdefault("enforce_https", False) settings.setdefault("pyramid.reload_assets", True) settings.setdefault("pyramid.reload_templates", True) settings.setdefault("pyramid.prevent_http_cache", True) settings.setdefault("debugtoolbar.hosts", ["0.0.0.0/0"]) settings.setdefault( "debugtoolbar.panels", [ ".".join(["pyramid_debugtoolbar.panels", panel]) for panel in [ "versions.VersionDebugPanel", "settings.SettingsDebugPanel", "headers.HeaderDebugPanel", "request_vars.RequestVarsDebugPanel", "renderings.RenderingsDebugPanel", "logger.LoggingPanel", "performance.PerformanceDebugPanel", "routes.RoutesDebugPanel", "sqla.SQLADebugPanel", "tweens.TweensDebugPanel", "introspection.IntrospectionDebugPanel", ] ], ) # Actually setup our Pyramid Configurator with the values pulled in from # the environment as well as the ones passed in to the configure function. config = Configurator(settings=settings) config.set_root_factory(RootFactory) # Register our CSRF support. We do this here, immediately after we've # created the Configurator instance so that we ensure to get our defaults # set ASAP before anything else has a chance to set them and possibly call # Configurator().commit() config.include(".csrf") # Include anything needed by the development environment. if config.registry.settings["warehouse.env"] == Environment.development: config.include("pyramid_debugtoolbar") # Register our logging support config.include(".logging") # We'll want to use Jinja2 as our template system. config.include("pyramid_jinja2") # Including pyramid_mailer for sending emails through SMTP. config.include("pyramid_mailer") # We want to use newstyle gettext config.add_settings({"jinja2.newstyle": True}) # We also want to use Jinja2 for .html templates as well, because we just # assume that all templates will be using Jinja. config.add_jinja2_renderer(".html") # Sometimes our files are .txt files and we still want to use Jinja2 to # render them. config.add_jinja2_renderer(".txt") # Anytime we want to render a .xml template, we'll also use Jinja. config.add_jinja2_renderer(".xml") # We need to enable our Client Side Include extension config.get_settings().setdefault( "jinja2.extensions", ["warehouse.utils.html.ClientSideIncludeExtension"], ) # We'll want to configure some filters for Jinja2 as well. filters = config.get_settings().setdefault("jinja2.filters", {}) filters.setdefault( "format_classifiers", "warehouse.filters:format_classifiers", ) filters.setdefault("format_tags", "warehouse.filters:format_tags") filters.setdefault("json", "warehouse.filters:tojson") filters.setdefault("readme", "warehouse.filters:readme") filters.setdefault("shorten_number", "warehouse.filters:shorten_number") filters.setdefault("urlparse", "warehouse.filters:urlparse") filters.setdefault("contains_valid_uris", "warehouse.filters:contains_valid_uris") filters.setdefault("format_package_type", "warehouse.filters:format_package_type") filters.setdefault("parse_version", "warehouse.filters:parse_version") # We also want to register some global functions for Jinja jglobals = config.get_settings().setdefault("jinja2.globals", {}) jglobals.setdefault("is_valid_uri", "warehouse.utils.http:is_valid_uri") jglobals.setdefault("gravatar", "warehouse.utils.gravatar:gravatar") jglobals.setdefault("gravatar_profile", "warehouse.utils.gravatar:profile") jglobals.setdefault("now", "warehouse.utils:now") # We'll store all of our templates in one location, warehouse/templates # so we'll go ahead and add that to the Jinja2 search path. config.add_jinja2_search_path("warehouse:templates", name=".html") config.add_jinja2_search_path("warehouse:templates", name=".txt") config.add_jinja2_search_path("warehouse:templates", name=".xml") # We want to configure our JSON renderer to sort the keys, and also to use # an ultra compact serialization format. config.add_renderer( "json", renderers.JSON(sort_keys=True, separators=(",", ":")), ) # Configure retry support. config.add_settings({"retry.attempts": 3}) config.include("pyramid_retry") # Configure our transaction handling so that each request gets its own # transaction handler and the lifetime of the transaction is tied to the # lifetime of the request. config.add_settings({ "tm.manager_hook": lambda request: transaction.TransactionManager(), "tm.activate_hook": activate_hook, "tm.annotate_user": False, }) config.include("pyramid_tm") # Register support for services config.include("pyramid_services") # Register support for XMLRPC and override it's renderer to allow # specifying custom dumps arguments. config.include("pyramid_rpc.xmlrpc") config.add_renderer("xmlrpc", XMLRPCRenderer(allow_none=True)) # Register support for our legacy action URLs config.include(".legacy.action_routing") # Register support for our domain predicates config.include(".domain") # Register support for template views. config.add_directive("add_template_view", template_view, action_wrap=False) # Register support for internationalization and localization config.include(".i18n") # Register the configuration for the PostgreSQL database. config.include(".db") # Register support for our rate limiting mechanisms config.include(".rate_limiting") config.include(".static") config.include(".policy") config.include(".search") # Register the support for AWS and Google Cloud config.include(".aws") config.include(".gcloud") # Register the support for Celery Tasks config.include(".tasks") # Register our session support config.include(".sessions") # Register our support for http and origin caching config.include(".cache.http") config.include(".cache.origin") # Register our authentication support. config.include(".accounts") # Register logged-in views config.include(".manage") # Allow the packaging app to register any services it has. config.include(".packaging") # Configure redirection support config.include(".redirects") # Register all our URL routes for Warehouse. config.include(".routes") # Include our admin application config.include(".admin") # Register forklift, at least until we split it out into it's own project. config.include(".forklift") # Block non HTTPS requests for the legacy ?:action= routes when they are # sent via POST. config.add_tween("warehouse.config.require_https_tween_factory") # Enable compression of our HTTP responses config.add_tween( "warehouse.utils.compression.compression_tween_factory", over=[ "warehouse.cache.http.conditional_http_tween_factory", "pyramid_debugtoolbar.toolbar_tween_factory", "warehouse.raven.raven_tween_factory", EXCVIEW, ], ) # Enable Warehouse to serve our static files prevent_http_cache = \ config.get_settings().get("pyramid.prevent_http_cache", False) config.add_static_view( "static", "warehouse:static/dist/", # Don't cache at all if prevent_http_cache is true, else we'll cache # the files for 10 years. cache_max_age=0 if prevent_http_cache else 10 * 365 * 24 * 60 * 60, ) config.add_cache_buster( "warehouse:static/dist/", ManifestCacheBuster( "warehouse:static/dist/manifest.json", reload=config.registry.settings["pyramid.reload_assets"], strict=not prevent_http_cache, ), ) config.whitenoise_serve_static( autorefresh=prevent_http_cache, max_age=0 if prevent_http_cache else 10 * 365 * 24 * 60 * 60, manifest="warehouse:static/dist/manifest.json", ) config.whitenoise_add_files("warehouse:static/dist/", prefix="/static/") # Enable Warehouse to serve our locale files config.add_static_view("locales", "warehouse:locales/") # Enable support of passing certain values like remote host, client # address, and protocol support in from an outer proxy to the application. config.add_wsgi_middleware( ProxyFixer, token=config.registry.settings["warehouse.token"], num_proxies=config.registry.settings.get("warehouse.num_proxies", 1), ) # Protect against cache poisoning via the X-Vhm-Root headers. config.add_wsgi_middleware(VhmRootRemover) # Fix our host header when getting sent upload.pypi.io as a HOST. # TODO: Remove this, this is at the wrong layer. config.add_wsgi_middleware(HostRewrite) # We want Raven to be the last things we add here so that it's the outer # most WSGI middleware. config.include(".raven") # Register Content-Security-Policy service config.include(".csp") # Register Referrer-Policy service config.include(".referrer_policy") # Register recaptcha service config.include(".recaptcha") config.add_settings({ "http": { "verify": "/etc/ssl/certs/", }, }) config.include(".http") # Add our theme if one was configured if config.get_settings().get("warehouse.theme"): config.include(config.get_settings()["warehouse.theme"]) # Scan everything for configuration config.scan(ignore=[ "warehouse.migrations.env", "warehouse.celery", "warehouse.wsgi", ], ) # Finally, commit all of our changes config.commit() return config
def configure(settings=None): if settings is None: settings = {} # Add information about the current copy of the code. maybe_set(settings, "warehouse.commit", "SOURCE_COMMIT", default="null") # Set the environment from an environment variable, if one hasn't already # been set. maybe_set( settings, "warehouse.env", "WAREHOUSE_ENV", Environment, default=Environment.production, ) # Pull in default configuration from the environment. maybe_set(settings, "warehouse.token", "WAREHOUSE_TOKEN") maybe_set(settings, "warehouse.num_proxies", "WAREHOUSE_NUM_PROXIES", int) maybe_set(settings, "warehouse.domain", "WAREHOUSE_DOMAIN") maybe_set(settings, "forklift.domain", "FORKLIFT_DOMAIN") maybe_set(settings, "warehouse.legacy_domain", "WAREHOUSE_LEGACY_DOMAIN") maybe_set(settings, "site.name", "SITE_NAME", default="Warehouse") maybe_set(settings, "aws.key_id", "AWS_ACCESS_KEY_ID") maybe_set(settings, "aws.secret_key", "AWS_SECRET_ACCESS_KEY") maybe_set(settings, "aws.region", "AWS_REGION") maybe_set(settings, "gcloud.credentials", "GCLOUD_CREDENTIALS") maybe_set(settings, "gcloud.project", "GCLOUD_PROJECT") maybe_set(settings, "warehouse.release_files_table", "WAREHOUSE_RELEASE_FILES_TABLE") maybe_set(settings, "github.token", "GITHUB_TOKEN") maybe_set( settings, "github.token_scanning_meta_api.url", "GITHUB_TOKEN_SCANNING_META_API_URL", default="https://api.github.com/meta/public_keys/token_scanning", ) maybe_set(settings, "warehouse.trending_table", "WAREHOUSE_TRENDING_TABLE") maybe_set(settings, "celery.broker_url", "BROKER_URL") maybe_set(settings, "celery.result_url", "REDIS_URL") maybe_set(settings, "celery.scheduler_url", "REDIS_URL") maybe_set(settings, "oidc.jwk_cache_url", "REDIS_URL") maybe_set(settings, "database.url", "DATABASE_URL") maybe_set(settings, "elasticsearch.url", "ELASTICSEARCH_URL") maybe_set(settings, "elasticsearch.url", "ELASTICSEARCH_SIX_URL") maybe_set(settings, "sentry.dsn", "SENTRY_DSN") maybe_set(settings, "sentry.transport", "SENTRY_TRANSPORT") maybe_set(settings, "sessions.url", "REDIS_URL") maybe_set(settings, "ratelimit.url", "REDIS_URL") maybe_set(settings, "sessions.secret", "SESSION_SECRET") maybe_set(settings, "camo.url", "CAMO_URL") maybe_set(settings, "camo.key", "CAMO_KEY") maybe_set(settings, "docs.url", "DOCS_URL") maybe_set(settings, "ga.tracking_id", "GA_TRACKING_ID") maybe_set(settings, "statuspage.url", "STATUSPAGE_URL") maybe_set(settings, "token.password.secret", "TOKEN_PASSWORD_SECRET") maybe_set(settings, "token.email.secret", "TOKEN_EMAIL_SECRET") maybe_set(settings, "token.two_factor.secret", "TOKEN_TWO_FACTOR_SECRET") maybe_set( settings, "warehouse.xmlrpc.search.enabled", "WAREHOUSE_XMLRPC_SEARCH", coercer=distutils.util.strtobool, default=True, ) maybe_set(settings, "warehouse.xmlrpc.cache.url", "REDIS_URL") maybe_set( settings, "warehouse.xmlrpc.client.ratelimit_string", "XMLRPC_RATELIMIT_STRING", default="3600 per hour", ) maybe_set(settings, "token.password.max_age", "TOKEN_PASSWORD_MAX_AGE", coercer=int) maybe_set(settings, "token.email.max_age", "TOKEN_EMAIL_MAX_AGE", coercer=int) maybe_set( settings, "token.two_factor.max_age", "TOKEN_TWO_FACTOR_MAX_AGE", coercer=int, default=300, ) maybe_set( settings, "token.default.max_age", "TOKEN_DEFAULT_MAX_AGE", coercer=int, default=21600, # 6 hours ) maybe_set_compound(settings, "files", "backend", "FILES_BACKEND") maybe_set_compound(settings, "simple", "backend", "SIMPLE_BACKEND") maybe_set_compound(settings, "docs", "backend", "DOCS_BACKEND") maybe_set_compound(settings, "sponsorlogos", "backend", "SPONSORLOGOS_BACKEND") maybe_set_compound(settings, "origin_cache", "backend", "ORIGIN_CACHE") maybe_set_compound(settings, "mail", "backend", "MAIL_BACKEND") maybe_set_compound(settings, "metrics", "backend", "METRICS_BACKEND") maybe_set_compound(settings, "breached_passwords", "backend", "BREACHED_PASSWORDS") maybe_set_compound(settings, "malware_check", "backend", "MALWARE_CHECK_BACKEND") # Pythondotorg integration settings maybe_set(settings, "pythondotorg.host", "PYTHONDOTORG_HOST", default="python.org") maybe_set(settings, "pythondotorg.api_token", "PYTHONDOTORG_API_TOKEN") # Configure our ratelimiters maybe_set( settings, "warehouse.account.user_login_ratelimit_string", "USER_LOGIN_RATELIMIT_STRING", default="10 per 5 minutes", ) maybe_set( settings, "warehouse.account.ip_login_ratelimit_string", "IP_LOGIN_RATELIMIT_STRING", default="10 per 5 minutes", ) maybe_set( settings, "warehouse.account.global_login_ratelimit_string", "GLOBAL_LOGIN_RATELIMIT_STRING", default="1000 per 5 minutes", ) maybe_set( settings, "warehouse.account.email_add_ratelimit_string", "EMAIL_ADD_RATELIMIT_STRING", default="2 per day", ) maybe_set( settings, "warehouse.account.password_reset_ratelimit_string", "PASSWORD_RESET_RATELIMIT_STRING", default="5 per day", ) maybe_set( settings, "warehouse.manage.oidc.user_registration_ratelimit_string", "USER_OIDC_REGISTRATION_RATELIMIT_STRING", default="20 per day", ) maybe_set( settings, "warehouse.manage.oidc.ip_registration_ratelimit_string", "IP_OIDC_REGISTRATION_RATELIMIT_STRING", default="20 per day", ) # 2FA feature flags maybe_set( settings, "warehouse.two_factor_requirement.enabled", "TWOFACTORREQUIREMENT_ENABLED", coercer=distutils.util.strtobool, default=False, ) maybe_set( settings, "warehouse.two_factor_mandate.available", "TWOFACTORMANDATE_AVAILABLE", coercer=distutils.util.strtobool, default=False, ) maybe_set( settings, "warehouse.two_factor_mandate.enabled", "TWOFACTORMANDATE_ENABLED", coercer=distutils.util.strtobool, default=False, ) # OIDC feature flags maybe_set( settings, "warehouse.oidc.enabled", "OIDC_ENABLED", coercer=distutils.util.strtobool, default=False, ) # Add the settings we use when the environment is set to development. if settings["warehouse.env"] == Environment.development: settings.setdefault("enforce_https", False) settings.setdefault("pyramid.reload_assets", True) settings.setdefault("pyramid.reload_templates", True) settings.setdefault("pyramid.prevent_http_cache", True) settings.setdefault("debugtoolbar.hosts", ["0.0.0.0/0"]) settings.setdefault( "debugtoolbar.panels", [ ".".join(["pyramid_debugtoolbar.panels", panel]) for panel in [ "versions.VersionDebugPanel", "settings.SettingsDebugPanel", "headers.HeaderDebugPanel", "request_vars.RequestVarsDebugPanel", "renderings.RenderingsDebugPanel", "logger.LoggingPanel", "performance.PerformanceDebugPanel", "routes.RoutesDebugPanel", "sqla.SQLADebugPanel", "tweens.TweensDebugPanel", "introspection.IntrospectionDebugPanel", ] ], ) # Actually setup our Pyramid Configurator with the values pulled in from # the environment as well as the ones passed in to the configure function. config = Configurator(settings=settings) config.set_root_factory(RootFactory) # Register support for services config.include("pyramid_services") # Register metrics config.include(".metrics") # Register our CSRF support. We do this here, immediately after we've # created the Configurator instance so that we ensure to get our defaults # set ASAP before anything else has a chance to set them and possibly call # Configurator().commit() config.include(".csrf") # Include anything needed by the development environment. if config.registry.settings["warehouse.env"] == Environment.development: config.include("pyramid_debugtoolbar") # Register our logging support config.include(".logging") # We'll want to use Jinja2 as our template system. config.include("pyramid_jinja2") # Include our filters config.include(".filters") # Including pyramid_mailer for sending emails through SMTP. config.include("pyramid_mailer") # We want to use newstyle gettext config.add_settings({"jinja2.newstyle": True}) # Our translation strings are all in the "messages" domain config.add_settings({"jinja2.i18n.domain": "messages"}) # We also want to use Jinja2 for .html templates as well, because we just # assume that all templates will be using Jinja. config.add_jinja2_renderer(".html") # Sometimes our files are .txt files and we still want to use Jinja2 to # render them. config.add_jinja2_renderer(".txt") # Anytime we want to render a .xml template, we'll also use Jinja. config.add_jinja2_renderer(".xml") # We need to enable our Client Side Include extension config.get_settings().setdefault( "jinja2.extensions", ["warehouse.utils.html.ClientSideIncludeExtension"]) # We'll want to configure some filters for Jinja2 as well. filters = config.get_settings().setdefault("jinja2.filters", {}) filters.setdefault("format_classifiers", "warehouse.filters:format_classifiers") filters.setdefault("classifier_id", "warehouse.filters:classifier_id") filters.setdefault("format_tags", "warehouse.filters:format_tags") filters.setdefault("json", "warehouse.filters:tojson") filters.setdefault("camoify", "warehouse.filters:camoify") filters.setdefault("shorten_number", "warehouse.filters:shorten_number") filters.setdefault("urlparse", "warehouse.filters:urlparse") filters.setdefault("contains_valid_uris", "warehouse.filters:contains_valid_uris") filters.setdefault("format_package_type", "warehouse.filters:format_package_type") filters.setdefault("parse_version", "warehouse.filters:parse_version") filters.setdefault("localize_datetime", "warehouse.filters:localize_datetime") filters.setdefault("is_recent", "warehouse.filters:is_recent") # We also want to register some global functions for Jinja jglobals = config.get_settings().setdefault("jinja2.globals", {}) jglobals.setdefault("is_valid_uri", "warehouse.utils.http:is_valid_uri") jglobals.setdefault("gravatar", "warehouse.utils.gravatar:gravatar") jglobals.setdefault("gravatar_profile", "warehouse.utils.gravatar:profile") jglobals.setdefault("now", "warehouse.utils:now") # And some enums to reuse in the templates jglobals.setdefault("AdminFlagValue", "warehouse.admin.flags:AdminFlagValue") jglobals.setdefault( "OrganizationInvitationStatus", "warehouse.organizations.models:OrganizationInvitationStatus", ) jglobals.setdefault("OrganizationRoleType", "warehouse.organizations.models:OrganizationRoleType") jglobals.setdefault("OrganizationType", "warehouse.organizations.models:OrganizationType") jglobals.setdefault("RoleInvitationStatus", "warehouse.packaging.models:RoleInvitationStatus") # We'll store all of our templates in one location, warehouse/templates # so we'll go ahead and add that to the Jinja2 search path. config.add_jinja2_search_path("warehouse:templates", name=".html") config.add_jinja2_search_path("warehouse:templates", name=".txt") config.add_jinja2_search_path("warehouse:templates", name=".xml") # We want to configure our JSON renderer to sort the keys, and also to use # an ultra compact serialization format. config.add_renderer("json", renderers.JSON(sort_keys=True, separators=(",", ":"))) # Configure retry support. config.add_settings({"retry.attempts": 3}) config.include("pyramid_retry") # Configure our transaction handling so that each request gets its own # transaction handler and the lifetime of the transaction is tied to the # lifetime of the request. config.add_settings({ "tm.manager_hook": lambda request: transaction.TransactionManager(), "tm.activate_hook": activate_hook, "tm.commit_veto": commit_veto, "tm.annotate_user": False, }) config.include("pyramid_tm") # Register our XMLRPC service config.include(".legacy.api.xmlrpc") # Register our XMLRPC cache config.include(".legacy.api.xmlrpc.cache") # Register support for XMLRPC and override it's renderer to allow # specifying custom dumps arguments. config.include("pyramid_rpc.xmlrpc") config.add_renderer("xmlrpc", XMLRPCRenderer(allow_none=True)) # Register support for our legacy action URLs config.include(".legacy.action_routing") # Register support for our custom predicates config.include(".predicates") # Register support for template views. config.add_directive("add_template_view", template_view, action_wrap=False) # Register support for internationalization and localization config.include(".i18n") # Register the configuration for the PostgreSQL database. config.include(".db") # Register the support for Celery Tasks config.include(".tasks") # Register support for our rate limiting mechanisms config.include(".rate_limiting") config.include(".static") config.include(".policy") config.include(".search") # Register the support for AWS and Google Cloud config.include(".aws") config.include(".gcloud") # Register our session support config.include(".sessions") # Register our support for http and origin caching config.include(".cache.http") config.include(".cache.origin") # Register support for sending emails config.include(".email") # Register our authentication support. config.include(".accounts") # Register support for Macaroon based authentication config.include(".macaroons") # Register support for OIDC provider based authentication config.include(".oidc") # Register support for malware checks config.include(".malware") # Register logged-in views config.include(".manage") # Register our organization support. config.include(".organizations") # Allow the packaging app to register any services it has. config.include(".packaging") # Configure redirection support config.include(".redirects") # Register all our URL routes for Warehouse. config.include(".routes") # Allow the sponsors app to list sponsors config.include(".sponsors") # Allow the banners app to list banners config.include(".banners") # Include our admin application config.include(".admin") # Register forklift, at least until we split it out into it's own project. config.include(".forklift") # Block non HTTPS requests for the legacy ?:action= routes when they are # sent via POST. config.add_tween("warehouse.config.require_https_tween_factory") # Enable compression of our HTTP responses config.add_tween( "warehouse.utils.compression.compression_tween_factory", over=[ "warehouse.cache.http.conditional_http_tween_factory", "pyramid_debugtoolbar.toolbar_tween_factory", EXCVIEW, ], ) # Enable Warehouse to serve our static files prevent_http_cache = config.get_settings().get( "pyramid.prevent_http_cache", False) config.add_static_view( "static", "warehouse:static/dist/", # Don't cache at all if prevent_http_cache is true, else we'll cache # the files for 10 years. cache_max_age=0 if prevent_http_cache else 10 * 365 * 24 * 60 * 60, ) config.add_cache_buster( "warehouse:static/dist/", ManifestCacheBuster( "warehouse:static/dist/manifest.json", reload=config.registry.settings["pyramid.reload_assets"], strict=not prevent_http_cache, ), ) config.whitenoise_serve_static( autorefresh=prevent_http_cache, max_age=0 if prevent_http_cache else 10 * 365 * 24 * 60 * 60, ) config.whitenoise_add_files("warehouse:static/dist/", prefix="/static/") config.whitenoise_add_manifest("warehouse:static/dist/manifest.json", prefix="/static/") # Enable support of passing certain values like remote host, client # address, and protocol support in from an outer proxy to the application. config.add_wsgi_middleware( ProxyFixer, token=config.registry.settings["warehouse.token"], num_proxies=config.registry.settings.get("warehouse.num_proxies", 1), ) # Protect against cache poisoning via the X-Vhm-Root headers. config.add_wsgi_middleware(VhmRootRemover) # We want Sentry to be the last things we add here so that it's the outer # most WSGI middleware. config.include(".sentry") # Register Content-Security-Policy service config.include(".csp") # Register Referrer-Policy service config.include(".referrer_policy") config.add_settings({"http": {"verify": "/etc/ssl/certs/"}}) config.include(".http") # Scan everything for configuration config.scan( categories=( "pyramid", "warehouse", ), ignore=[ "warehouse.migrations.env", "warehouse.celery", "warehouse.wsgi" ], ) # Sanity check our request and responses. # Note: It is very important that this go last. We need everything else that might # have added a tween to be registered prior to this. config.include(".sanity") # Finally, commit all of our changes config.commit() return config
def configure(settings=None): if settings is None: settings = {} config = Configurator(settings=settings) # Set our yml.location so that it contains all of our settings files config_defaults(config, ["warehouse:etc"]) # We want to load configuration from YAML files config.include("tzf.pyramid_yml") # Register our logging support config.include(".logging") # We'll want to use Jinja2 as our template system. config.include("pyramid_jinja2") # We also want to use Jinja2 for .html templates as well, because we just # assume that all templates will be using Jinja. config.add_jinja2_renderer(".html") # We'll want to configure some filters for Jinja2 as well. filters = config.get_settings().setdefault("jinja2.filters", {}) filters.setdefault("readme", "warehouse.filters:readme_renderer") filters.setdefault("shorten_number", "warehouse.filters:shorten_number") # We also want to register some global functions for Jinja jglobals = config.get_settings().setdefault("jinja2.globals", {}) jglobals.setdefault("gravatar", "warehouse.utils.gravatar:gravatar") # We'll store all of our templates in one location, warehouse/templates # so we'll go ahead and add that to the Jinja2 search path. config.add_jinja2_search_path("warehouse:templates", name=".html") # We want to configure our JSON renderer to sort the keys, and also to use # an ultra compact serialization format. config.add_renderer( "json", renderers.JSON(sort_keys=True, separators=(",", ":")), ) # Configure our transaction handling so that each request gets it's own # transaction handler and the lifetime of the transaction is tied to the # lifetime of the request. config.add_settings({ "tm.manager_hook": lambda request: transaction.TransactionManager(), "tm.activate_hook": activate_hook, }) config.include("pyramid_tm") # Register support for services config.include("pyramid_services") # Register support for internationalization and localization config.include(".i18n") # Register the configuration for the PostgreSQL database. config.include(".db") # Register our session support config.include(".sessions") # Register our support for http and origin caching config.include(".cache.http") config.include(".cache.origin") # Register our CSRF support config.include(".csrf") # Register our authentication support. config.include(".accounts") # Allow the packaging app to register any services it has. config.include(".packaging") # Configure redirection support config.include(".redirects") # Register all our URL routes for Warehouse. config.include(".routes") # Enable a Content Security Policy config.add_settings({ "csp": { "default-src": ["'none'"], "frame-ancestors": ["'none'"], "img-src": [ "'self'", config.registry.settings["camo.url"], "https://secure.gravatar.com", ], "referrer": ["cross-origin"], "reflected-xss": ["block"], "script-src": ["'self'"], "style-src": ["'self'"], }, }) config.add_tween("warehouse.config.content_security_policy_tween_factory") # If a route matches with a slash appended to it, redirect to that route # instead of returning a HTTPNotFound. config.add_notfound_view(append_slash=HTTPMovedPermanently) # Configure the filesystems we use. config.registry["filesystems"] = {} for key, path in { k[5:]: v for k, v in config.registry.settings.items() if k.startswith("dirs.") }.items(): config.registry["filesystems"][key] = \ fs.opener.fsopendir(path, create_dir=True) # Enable Warehouse to service our static files config.add_static_view( name="static", path="warehouse:static", cachebust=WarehouseCacheBuster( "warehouse:static/manifest.json", cache=not config.registry.settings["pyramid.reload_assets"], ), ) # Scan everything for configuration config.scan(ignore=["warehouse.migrations.env"]) return config
def configure(settings=None): if settings is None: settings = {} # Add information about the current copy of the code. settings.setdefault("warehouse.commit", __commit__) # Set the environment from an environment variable, if one hasn't already # been set. maybe_set( settings, "warehouse.env", "WAREHOUSE_ENV", Environment, default=Environment.production, ) # Pull in default configuration from the environment. maybe_set(settings, "warehouse.token", "WAREHOUSE_TOKEN") maybe_set(settings, "warehouse.theme", "WAREHOUSE_THEME") maybe_set(settings, "site.name", "SITE_NAME", default="Warehouse") maybe_set(settings, "aws.key_id", "AWS_ACCESS_KEY_ID") maybe_set(settings, "aws.secret_key", "AWS_SECRET_ACCESS_KEY") maybe_set(settings, "aws.region", "AWS_REGION") maybe_set(settings, "celery.broker_url", "AMQP_URL") maybe_set(settings, "celery.result_url", "REDIS_URL") maybe_set(settings, "csp.report_uri", "CSP_REPORT_URI") maybe_set(settings, "database.url", "DATABASE_URL") maybe_set(settings, "elasticsearch.url", "ELASTICSEARCH_URL") maybe_set(settings, "sentry.dsn", "SENTRY_DSN") maybe_set(settings, "sentry.transport", "SENTRY_TRANSPORT") maybe_set(settings, "sessions.url", "REDIS_URL") maybe_set(settings, "download_stats.url", "REDIS_URL") maybe_set(settings, "sessions.secret", "SESSION_SECRET") maybe_set(settings, "camo.url", "CAMO_URL") maybe_set(settings, "camo.key", "CAMO_KEY") maybe_set(settings, "docs.url", "DOCS_URL") maybe_set_compound(settings, "files", "backend", "FILES_BACKEND") maybe_set_compound(settings, "origin_cache", "backend", "ORIGIN_CACHE") # Add the settings we use when the environment is set to development. if settings["warehouse.env"] == Environment.development: settings.setdefault("enforce_https", False) settings.setdefault("pyramid.reload_assets", True) settings.setdefault("pyramid.reload_templates", True) settings.setdefault("pyramid.prevent_http_cache", True) settings.setdefault("debugtoolbar.hosts", ["0.0.0.0/0"]) settings.setdefault( "debugtoolbar.panels", [ ".".join(["pyramid_debugtoolbar.panels", panel]) for panel in [ "versions.VersionDebugPanel", "settings.SettingsDebugPanel", "headers.HeaderDebugPanel", "request_vars.RequestVarsDebugPanel", "renderings.RenderingsDebugPanel", "logger.LoggingPanel", "performance.PerformanceDebugPanel", "routes.RoutesDebugPanel", "sqla.SQLADebugPanel", "tweens.TweensDebugPanel", "introspection.IntrospectionDebugPanel", ] ], ) # Actually setup our Pyramid Configurator with the values pulled in from # the environment as well as the ones passed in to the configure function. config = Configurator(settings=settings) # Include anything needed by the development environment. if config.registry.settings["warehouse.env"] == Environment.development: config.include("pyramid_debugtoolbar") # Register our logging support config.include(".logging") # We'll want to use Jinja2 as our template system. config.include("pyramid_jinja2") # We want to use newstyle gettext config.add_settings({"jinja2.newstyle": True}) # We also want to use Jinja2 for .html templates as well, because we just # assume that all templates will be using Jinja. config.add_jinja2_renderer(".html") # Sometimes our files are .txt files and we still want to use Jinja2 to # render them. config.add_jinja2_renderer(".txt") # Anytime we want to render a .xml template, we'll also use Jinja. config.add_jinja2_renderer(".xml") # We'll want to configure some filters for Jinja2 as well. filters = config.get_settings().setdefault("jinja2.filters", {}) filters.setdefault("format_tags", "warehouse.filters:format_tags") filters.setdefault("json", "warehouse.filters:tojson") filters.setdefault("readme", "warehouse.filters:readme") filters.setdefault("shorten_number", "warehouse.filters:shorten_number") filters.setdefault("urlparse", "warehouse.filters:urlparse") # We also want to register some global functions for Jinja jglobals = config.get_settings().setdefault("jinja2.globals", {}) jglobals.setdefault("gravatar", "warehouse.utils.gravatar:gravatar") jglobals.setdefault("html_include", "warehouse.utils.html:html_include") jglobals.setdefault("now", "warehouse.utils:now") # We'll store all of our templates in one location, warehouse/templates # so we'll go ahead and add that to the Jinja2 search path. config.add_jinja2_search_path("warehouse:templates", name=".html") config.add_jinja2_search_path("warehouse:templates", name=".txt") config.add_jinja2_search_path("warehouse:templates", name=".xml") # We want to configure our JSON renderer to sort the keys, and also to use # an ultra compact serialization format. config.add_renderer( "json", renderers.JSON(sort_keys=True, separators=(",", ":")), ) # Configure our transaction handling so that each request gets its own # transaction handler and the lifetime of the transaction is tied to the # lifetime of the request. config.add_settings({ "tm.attempts": 3, "tm.manager_hook": lambda request: transaction.TransactionManager(), "tm.activate_hook": activate_hook, "tm.annotate_user": False, }) config.include("pyramid_tm") # Register support for services config.include("pyramid_services") # Register our find_service_factory methods config.add_request_method(find_service_factory) config.add_directive("find_service_factory", find_service_factory) # Register support for XMLRPC and override it's renderer to allow # specifying custom dumps arguments. config.include("pyramid_rpc.xmlrpc") config.add_renderer("xmlrpc", XMLRPCRenderer(allow_none=True)) # Register support for our legacy action URLs config.include(".legacy.action_routing") # Register support for internationalization and localization config.include(".i18n") # Register the configuration for the PostgreSQL database. config.include(".db") config.include(".search") # Register the support for AWS config.include(".aws") # Register the support for Celery config.include(".celery") # Register our session support config.include(".sessions") # Register our support for http and origin caching config.include(".cache.http") config.include(".cache.origin") # Register our CSRF support config.include(".csrf") # Register our authentication support. config.include(".accounts") # Allow the packaging app to register any services it has. config.include(".packaging") # Configure redirection support config.include(".redirects") # Register all our URL routes for Warehouse. config.include(".routes") # Enable a Content Security Policy config.add_settings({ "csp": { "connect-src": ["'self'"], "default-src": ["'none'"], "font-src": ["'self'", "fonts.gstatic.com"], "frame-ancestors": ["'none'"], "img-src": [ "'self'", config.registry.settings["camo.url"], "https://secure.gravatar.com", ], "referrer": ["origin-when-cross-origin"], "reflected-xss": ["block"], "report-uri": [config.registry.settings.get("csp.report_uri")], "script-src": ["'self'"], "style-src": ["'self'", "fonts.googleapis.com"], }, }) config.add_tween("warehouse.config.content_security_policy_tween_factory") # Block non HTTPS requests for the legacy ?:action= routes when they are # sent via POST. config.add_tween("warehouse.config.require_https_tween_factory") # Enable compression of our HTTP responses config.add_tween( "warehouse.utils.compression.compression_tween_factory", over=[ "warehouse.cache.http.conditional_http_tween_factory", "pyramid_debugtoolbar.toolbar_tween_factory", "warehouse.raven.raven_tween_factory", EXCVIEW, ], ) # Enable Warehouse to serve our static files prevent_http_cache = \ config.get_settings().get("pyramid.prevent_http_cache", False) config.add_static_view( "static", "warehouse:static/dist/", # Don't cache at all if prevent_http_cache is true, else we'll cache # the files for 10 years. cache_max_age=0 if prevent_http_cache else 10 * 365 * 24 * 60 * 60, ) config.add_cache_buster( "warehouse:static/dist/", ManifestCacheBuster( "warehouse:static/dist/manifest.json", reload=config.registry.settings["pyramid.reload_assets"], strict=not prevent_http_cache, ), ) # Enable Warehouse to serve our locale files config.add_static_view("locales", "warehouse:locales/") # Enable support of passing certain values like remote host, client # address, and protocol support in from an outer proxy to the application. config.add_wsgi_middleware( ProxyFixer, token=config.registry.settings["warehouse.token"], ) # Protect against cache poisoning via the X-Vhm-Root headers. config.add_wsgi_middleware(VhmRootRemover) # We want Raven to be the last things we add here so that it's the outer # most WSGI middleware. config.include(".raven") # Add our theme if one was configured if config.get_settings().get("warehouse.theme"): config.include(config.get_settings()["warehouse.theme"]) # Scan everything for configuration config.scan(ignore=["warehouse.migrations.env", "warehouse.wsgi"]) return config
def main(global_config, **settings): settings = {} settings['jinja2.directories'] = here my_session_factory = UnencryptedCookieSessionFactoryConfig('itsaseekreet') authn_policy = AuthTktAuthenticationPolicy('sosecret', hashalg='sha512') authz_policy = ACLAuthorizationPolicy() config = Configurator(settings=settings, session_factory=my_session_factory) config.include('pyramid_flash_message') config.include('pyramid_jinja2') config.include('pyramid_storage') json_renderer = renderers.JSON() config.add_renderer('json', json_renderer) config.add_jinja2_renderer('.html') config.add_static_view('static', 'static', cache_max_age=3600) config.add_static_view('templates/assets', 'templates/assets', cache_max_age=3600) config.add_static_view('templates/rejs', 'templates/rejs', cache_max_age=3600) config.set_authentication_policy(authn_policy) config.set_authorization_policy(authz_policy) config.add_route('login', '/login') config.add_route('logout', '/logout') config.add_route('home1', '/home1') config.add_route('home', '/home') config.add_route('submitlogin', '/submitlogin') config.add_route('hello', '/hello') config.add_route('itemfetch', '/itemfetch') config.add_route('vendor', '/vendor') config.add_route('itemtype', '/itemtype') config.add_route('category', '/category') config.add_route('material', '/material') config.add_route('fabric', '/fabric') config.add_route('catalog', '/catalog') config.add_route('quotation', '/quotation') config.add_route('addquote', '/addquote') config.add_route('itemdetails', '/itemdetails') config.add_route('editdetails', '/editdetails') config.add_route('vendoredit', '/vendoredit') config.add_route('search', '/searchres') config.add_route('filter', '/filter') config.add_route('createlist', '/createlist') config.add_route('itemadded', '/itemadded') config.add_route('presentation', '/presentation/{p_id}') config.add_route('addpre', '/addpre') config.add_route('clientdet', '/clientdet') config.add_route('editclient', '/editclient') config.add_route('subclient', '/subclient') config.add_route('addslide', '/addslide') config.add_route('getprice', '/getprice') config.add_route('saveslide', '/saveslide') config.add_route('delete_ele', '/delete') config.add_route('viewlist', '/viewlist') config.add_route('viewpresentation', '/viewpresentation') config.add_route('subviewproject', '/subviewproject') config.add_route('subviewlist', '/subviewlist') config.add_route('download', '/download') config.add_route('submit', '/submitvendor') config.add_route('submitcat', '/submitcat') config.add_route('submitcatalog', '/submitcatalog') config.add_route('submitmat', '/submitmaterial') config.add_route('submitfab', '/submitfab') config.add_route('submitquot', '/submitquotation') config.add_route('submitaddquote', '/submitaddquote') config.add_route('submititem', '/submititem') config.add_route('submitedititem', '/submitedititem') config.add_route('submiteditquote', '/submiteditquote') config.add_route('submitaddlist', '/submitaddlist') config.add_route('uploadimage', '/uploadimage') config.add_route('slide', '/slide/{p_id}/{s_id}') config.scan() return config.make_wsgi_app()
import logging from pyramid import renderers from pyramid import interfaces as pyramid_interfaces from zope.interface import registry try: json_factory = renderers.JSON() except AttributeError: json_factory = renderers.json_renderer_factory _DEFAULT_SERIALIZERS = (('application/json', json_factory(None)), ) _MARKER = object() LOG = logging.getLogger(__name__) class Newtonian(object): def __init__(self, serializers=_DEFAULT_SERIALIZERS): self.components = registry.Components() self.content_types = [] for content_type, serializer in serializers: self.add_serializer(content_type, serializer) def add_serializer(self, content_type, serializer): self.content_types.append(content_type) self.components.registerUtility(serializer, pyramid_interfaces.IRenderer, content_type) def get_serializer(self, content_type):