def validate_user_rights(self, request_data, _session_db, caller_name):
valid_session_data = None
session_user = None
if hasattr(request_data, "session_token"):
session_user = gen.validate_user_rights(_session_db,
request_data.session_token,
caller_name)
if session_user is False:
valid_session_data = login.InvalidSessionToken()
logger.logKnowledge(
"info", "invalid_user_session",
"user:%s, caller_name:%s, request:%s" %
(session_user, caller_name, request.url))
print valid_session_data, session_user
if valid_session_data is None and session_user is not False:
if hasattr(request_data, "request"):
if hasattr(request_data.request, "password") and type(
request_data.request) != consoleadmin.SaveDBServer:
print "password validation"
enc_pwd = encrypt(request_data.request.password)
if gen.verify_password(_session_db, session_user,
enc_pwd) == 0:
valid_session_data = login.InvalidPassword()
logger.logKnowledge(
"info", "invalid_user_password",
"user:%s, caller_name:%s, request:%s" %
(session_user, caller_name, request.url))
return valid_session_data, session_user
def respond(self, response_data):
try:
return self._send_response(response_data, 200)
except Exception, e:
logger.logKnowledge("error", "respond", str(e))
logger.logKnowledge("error", "respond",
str(traceback.format_exc()))
raise Exception("Request Process Failed")
def delete(self, table, condition, condition_val):
query = "DELETE from " + table + " WHERE " + condition
try:
return self.execute(query, condition_val)
except Exception, e:
logger.logKnowledge("error", "delete",
"query: %s, param:%s" % (query, condition_val))
logger.logKnowledge("error", "delete", str(e))
raise fetch_error()
def connect(self):
assert self._connection is None
try:
connection = self._mysql.get_db
connection.autocommit(True)
self._connection = connection
logger.logKnowledge("info", "database connection initiate", "")
return self._connection
except Exception, e:
logger.logKnowledge("error", "database.py-connect", e)
def _send_response(self, response_data, status_code):
if type(response_data) is not str:
data = response_data.to_structure()
s = json.dumps(data, indent=1)
else:
s = response_data
# print s
logger.logKnowledge("api", "response", s)
key = ''.join(random.SystemRandom().choice(string.ascii_letters)
for _ in range(5))
s = base64.b64encode(s)
s = json.dumps(key + s)
resp = Response(s, status=status_code, mimetype="application/json")
return resp
def append(self, table, column, value, condition, condition_val):
try:
rows = self.get_data(table, column, condition, condition_val)
currentValue = rows[0][column]
if currentValue is not None:
newValue = currentValue + "," + str(value)
else:
newValue = str(value)
columns = [column]
values = [newValue]
values += condition_val
res = self.update(table, columns, values, condition)
return res
except Exception, e:
logger.logKnowledge(
"error", "append",
"table: %s, column:%s, value:%s" % (table, column, value))
logger.logKnowledge("error", "append", str(e))
raise fetch_error()
def on_session_timeout():
print "session timeout"
_db_con_clr = before_first_request()
_db_clr = Database(_db_con_clr)
_db_clr.begin()
try:
_db_clr.clear_session(SESSION_CUTOFF)
_db_clr.commit()
_db_con_clr.close()
t = threading.Timer(500, on_session_timeout)
t.daemon = True
t.start()
except Exception, e:
logger.logKnowledge("error", "remove_old_session", str(e))
logger.logKnowledge("error", "remove_old_session",
str(traceback.format_exc()))
_db_clr.rollback()
def execute_insert(self, query, param):
cursor = self.cursor()
assert cursor is not None
try:
if type(param) is tuple:
cursor.execute(query, param)
elif type(param) is list:
cursor.execute(query, param)
else:
cursor.execute(query)
logger.logKnowledge("query", "execute_insert",
"query: %s, param:%s" % (query, param))
cursor.nextset()
no = int(cursor.lastrowid)
if no == 0:
return False
else:
return no
except Exception, e:
logger.logKnowledge("error", "execute_insert",
"query: %s, param:%s" % (query, param))
logger.logKnowledge("error", "execute_insert", str(e))
return False
def select_one(self, query, param=None):
cursor = self.cursor()
assert cursor is not None
try:
if param is None:
cursor.execute(query)
else:
if type(param) is tuple:
cursor.execute(query, param)
elif type(param) is list:
cursor.execute(query, param)
else:
cursor.execute(query)
logger.logKnowledge("query", "select_one",
"query: %s, param:%s" % (query, param))
cursor.nextset()
res = cursor.fetchone()
cursor.nextset()
return res
except Exception, e:
logger.logKnowledge("error", "select_one",
"query: %s, param:%s" % (query, param))
logger.logKnowledge("error", "select_one", str(e))
raise fetch_error()
def call_proc_with_multiresult_set(self, procedure_name, args,
expected_result_count):
cursor = self.cursor()
rows = []
assert cursor is not None
try:
if args is None:
cursor.callproc(procedure_name)
else:
cursor.callproc(procedure_name, args)
logger.logKnowledge(
"query", "call_proc_with_multiresult_set",
"procedure: %s, param:%s" % (procedure_name, args))
rows = []
for c in cursor.stored_results():
cols = c.description
if cols:
cols = [x[0] for x in cols]
else:
cols = []
r = convert_to_dict(c.fetchall(), cols)
rows.append(r)
except Exception, e:
logger.logKnowledge(
"error", "call_proc_with_multiresult_set",
"procedure: %s, param:%s" % (procedure_name, args))
logger.logKnowledge("error", "call_proc_with_multiresult_set",
str(e))
ValueError("Request Process Failed")
def insert(self, table, columns, values):
# columns = ", ".join(columns)
stringValue = []
for i in range(len(values)):
stringValue.append('%s')
if type(columns) is list:
columns = ", ".join(columns)
columns = "(%s)" % columns
query = """INSERT INTO %s %s """ % (table, columns)
query += " VALUES (%s) " % (",".join(stringValue))
try:
n_id = int(self.execute_insert(query, values))
print n_id
logger.logKnowledge("query", "insert",
"query: %s, param:%s" % (query, values))
return n_id
if n_id == 0:
return False
except Exception, e:
print e
logger.logKnowledge("error", "insert",
"query: %s, param:%s" % (query, values))
logger.logKnowledge("error", "insert", str(e))
raise fetch_error()
def bulk_update(self, table, columns, values, conditions):
try:
for outer_index, cond in enumerate(conditions):
query = "UPDATE " + table + " set "
for index, column in enumerate(columns):
if values[outer_index][index] is not None:
if (index < len(columns) - 1):
query += column + " = '%s', " % (
values[outer_index][index])
else:
query += column + " = '%s' " % (
values[outer_index][index])
query += " WHERE " + cond + "; "
cursor = self.cursor()
assert cursor is not None
cursor.execute(query)
logger.logKnowledge("query", "bulk_update",
"query: %s, param:%s" % (query, values))
cursor.nextset()
return True
except Exception, e:
logger.logKnowledge("error", "bulk_update",
"query: %s, param:%s" % (query, values))
logger.logKnowledge("error", "bulk_update", str(e))
raise fetch_error()
def call_update_proc(self, procedure_name, args):
cursor = self.cursor()
assert cursor is not None
try:
if args is None:
cursor.callproc(procedure_name)
else:
cursor.callproc(procedure_name, args)
logger.logKnowledge(
"query", "call_update_proc",
"procedure: %s, param:%s" % (procedure_name, args))
cursor.nextset()
except Exception, e:
logger.logKnowledge(
"error", "call_update_proc",
"procedure: %s, param:%s" % (procedure_name, args))
logger.logKnowledge("error", "call_update_proc", str(e))
raise process_procedure_error(procedure_name, args, e)
def _parse_request(self, request_data_type):
request_data = None
try:
if not request.data:
raise ValueError("Request data is Null")
data = request.data[5:]
data = data.decode('base64')
data = json.loads(data)
# print data
logger.logKnowledge("api", "request", data)
request_data = request_data_type.parse_structure(data)
return request_data
except Exception, e:
logger.logKnowledge("error", "parse_request", str(e))
logger.logKnowledge("error", "parse_request",
str(traceback.format_exc()))
raise ValueError("Request Process Failed")
def update(self, table, columns, values, condition):
query = "UPDATE " + table + " set "
for index, column in enumerate(columns):
if index < len(columns) - 1:
query += column + " = %s, "
else:
query += column + " = %s "
query += " WHERE " + condition
try:
status = self.execute(query, values)
logger.logKnowledge("query", "update",
"query: %s, param:%s" % (query, values))
return status
except Exception, e:
print e
logger.logKnowledge("error", "update",
"query: %s, param:%s" % (query, values))
logger.logKnowledge("error", "update", str(e))
raise fetch_error()
def call_proc(self, procedure_name, args=None, columns=None):
# columns no longer need here, so remove argument once removed from the reference place
# args can be tuple/list e.g, (parm1, parm2)/[param1, param2]
cursor = self.cursor()
rows = []
assert cursor is not None
try:
if args is None:
cursor.callproc(procedure_name)
else:
cursor.callproc(procedure_name, args)
logger.logKnowledge(
"query", "call_proc",
"procedure: %s, param:%s" % (procedure_name, args))
cols = cursor.description
if cols:
cols = [x[0] for x in cols]
else:
cols = []
for c in cursor.stored_results():
cols = c.description
if cols:
cols = [x[0] for x in cols]
else:
cols = []
r = convert_to_dict(c.fetchall(), cols)
rows.append(r)
if len(rows) > 0:
rows = rows[0]
cursor.nextset()
except Exception, e:
logger.logKnowledge(
"error", "call_proc",
"procedure: %s, param:%s" % (procedure_name, args))
logger.logKnowledge("error", "call_proc", str(e))
raise ValueError("Request Process Failed")
def execute(self, query, param=None):
cursor = self.cursor()
assert cursor is not None
try:
if type(param) is tuple:
cursor.execute(query, param)
elif type(param) is list:
cursor.execute(query, param)
else:
cursor.execute(query)
logger.logKnowledge("query", "execute",
"query: %s, param:%s" % (query, param))
cursor.nextset()
return True
except Exception, e:
logger.logKnowledge("error", "execute",
"query: %s, param:%s" % (query, param))
logger.logKnowledge("error", "execute", str(e))
return False
def call_insert_proc(self, procedure_name, args):
cursor = self.cursor()
assert cursor is not None
new_id = None
try:
if args is None:
cursor.callproc(procedure_name)
else:
cursor.callproc(procedure_name, args)
logger.logKnowledge(
"query", "call_insert_proc",
"procedure: %s, param:%s" % (procedure_name, args))
cursor.nextset()
cursor.execute("SELECT LAST_INSERT_ID() as newid")
r = cursor.fetchone()
cursor.nextset()
new_id = r["newid"]
except Exception, e:
logger.logKnowledge(
"error", "call_insert_proc",
"procedure: %s, param:%s" % (procedure_name, args))
logger.logKnowledge("error", "call_insert_proc", str(e))
raise process_procedure_error(procedure_name, args, e)
def bulk_insert(self, table, columns, valueList):
stringValue = []
for i in range(len(columns)):
stringValue.append('%s')
if type(columns) is list:
columns = ", ".join(columns)
query = "INSERT INTO %s (%s) " % (table, columns)
query += " VALUES (%s) " % (",".join(stringValue))
try:
cursor = self.cursor()
assert cursor is not None
cursor.executemany(query, valueList)
logger.logKnowledge("query", "bulk_insert",
"query: %s, param:%s" % (query, valueList))
cursor.nextset()
return True
except Exception, e:
logger.logKnowledge("error", "bulk_insert",
"query: %s, param:%s" % (query, valueList))
logger.logKnowledge("error", "bulk_insert", str(e))
raise fetch_error()
def handle_api_request(self, unbound_method, request_data_type,
need_session_id):
is_bulk_upload = False
# self._ip_addess = request.remote_addr
self._ip_addess = request.headers.get("X-Real-Ip")
caller_name = request.headers.get("Caller-Name")
api_type = request.url
try:
if request_data_type == "knowledgeformat":
request_data = request
else:
request_data = self._parse_request(request_data_type)
if request_data is None:
raise ValueError("Request data is Null")
elif type(request_data) is str:
raise ValueError(request_data)
if "/api/bu" in api_type:
is_bulk_upload = True
_db_con = bulk_db_connect()
else:
_db_con = before_first_request()
_db = Database(_db_con)
_db.begin()
valid_session_data = None
session_user = None
_session_db = None
_session_db_con = None
print is_bulk_upload
if is_bulk_upload is True:
_session_db_con = before_first_request()
_session_db = Database(_session_db_con)
_session_db.begin()
valid_session_data, session_user = self.validate_user_rights(
request_data, _session_db, caller_name)
if valid_session_data is None:
session_user = UserInfo(_session_db, session_user)
_session_db.commit()
else:
valid_session_data, session_user = self.validate_user_rights(
request_data, _db, caller_name)
if valid_session_data is None:
if need_session_id is True:
response_data = unbound_method(self, request_data, _db,
session_user)
else:
response_data = unbound_method(self, request_data, _db)
else:
response_data = valid_session_data
if response_data is None or type(response_data) is bool:
_db.rollback()
raise fetch_error()
elif type(response_data) != technomasters.ClientCreationFailed:
_db.commit()
else:
_db.rollback()
_db.close()
_db_con.close()
return self.respond(response_data)
except Exception, e:
logger.logKnowledge("error", "handle_api_request", str(e))
logger.logKnowledge("error", "handle_api_request",
str(traceback.format_exc()))
if str(e).find("expected a") is False:
_db.rollback()
_db.close()
_db_con.close()
return self._send_response(str(e), 400)
