async def _extract_sender(self, req: Request) -> Optional[Text]:
"""Fetch user from the Rasa X Admin API."""
jwt_payload = None
if req.headers.get("Authorization"):
jwt_payload = await self._decode_bearer_token(
req.headers["Authorization"])
if not jwt_payload:
jwt_payload = await self._decode_bearer_token(req.args.get("token")
)
if not jwt_payload:
raise SanicException(status_code=401)
if CONVERSATION_ID_KEY in req.json:
if self._has_user_permission_to_send_messages_to_conversation(
jwt_payload, req.json):
return req.json[CONVERSATION_ID_KEY]
else:
logger.error(
"User '{}' does not have permissions to send messages to "
"conversation '{}'.".format(jwt_payload[JWT_USERNAME_KEY],
req.json[CONVERSATION_ID_KEY]))
raise SanicException(status_code=401)
return jwt_payload[JWT_USERNAME_KEY]
async def post_login(request):
token = request.json['auth_token']
url = '{}/v1/login/verify/{}'.format(ID_SERVICE_LOGIN_URL, token)
resp = await app.http.get(url)
if resp.status != 200:
raise SanicException("Login Failed", status_code=401)
user = await resp.json()
toshi_id = user['toshi_id']
session_id = generate_session_id()
async with app.pool.acquire() as con:
admin = await con.fetchrow("SELECT * FROM admins WHERE toshi_id = $1",
toshi_id)
if admin:
await con.execute(
"INSERT INTO sessions (session_id, toshi_id) VALUES ($1, $2)",
session_id, toshi_id)
if admin:
response = json_response(user)
response.cookies['session'] = session_id
#response.cookies['session']['secure'] = True
return response
else:
toshi_log.info("Invalid login from: {}".format(toshi_id))
raise SanicException("Login Failed", status_code=401)
async def get_firmware_list(request: Request, region: str, model: str):
"""
List the available firmware versions of a specified model and region.
Use latest key to get latest firmware code.
"""
client = httpx.AsyncClient()
response = await client.send(
KiesRequest.list_firmware(region=region, model=model))
# Close client.
await client.aclose()
# Raise exception when firmware list couldn't be fetched.
if response.status_code != 200:
raise SanicException(
"Looks like SamFetch couldn't get a list of firmwares, probably model or region is incorrect.",
response.status_code)
# Parse XML
firmwares = KiesFirmwareList.from_xml(response.text)
# Check if model is correct by checking the "versioninfo" key.
if firmwares.exists:
# Return the firmware data.
return json({
"latest": firmwares.latest,
"alternate": firmwares.alternate or []
})
# Raise exception when device couldn't be found.
raise SanicException(
"Looks like SamFetch couldn't find firmwares, maybe some or all of parameters are invalid?" if firmwares._versions == None else \
"Looks like we got some firmware information, however SamFetch can't parse it due to it is represented in unknown format. " + \
"It is known that both new and old devices doesn't return same data, so make sure you reported that on GitHub (https://github.com/ysfchn/SamFetch)",
404
)
def check_request(req):
req_args = req.raw_args
if "idx" not in req_args:
raise SanicException('missing index parameter `idx`', 400)
if "st" not in req_args:
raise SanicException('missing search parameter `st`', 400)
return req_args["idx"], req_args["st"]
async def get_binary_details(request: Request, region: str, model: str,
firmware: str):
"""
Gets the binary details such as filename and decrypt key.\n
`firmware` is the firmware code of the device that you got from `/list` endpoint.\n\n
`decrypt_key` is used for decrypting the file after downloading. It presents a hex string. Pass it to `/download` endpoint.
"""
# Create new session.
client = httpx.AsyncClient()
nonce = await client.send(KiesRequest.get_nonce())
session = Session.from_response(nonce)
# Make the request.
binary_info = await client.send(
KiesRequest.get_binary(region=region,
model=model,
firmware=firmware,
session=session))
# Close client.
await client.aclose()
# Read the request.
if binary_info.status_code == 200:
kies = KiesData.from_xml(binary_info.text)
# Return error when binary couldn't be found.
if kies.status_code != 200:
raise SanicException("Firmware couldn't be found.", 404)
# Return error if binary is not downloadable.
# https://github.com/nlscc/samloader/issues/54
if kies.body.get("BINARY_NAME") == None:
raise SanicException(
"Both firmware and device exists, however, looks like the firmware is not downloadable anymore.",
404)
# If file extension ends with .enc4 that means it is using version 4 encryption, otherwise 2 (.enc2).
ENCRYPT_VERSION = 4 if str(
kies.body["BINARY_NAME"]).endswith("4") else 2
# Get binary details.
return json({
"display_name": kies.body["DEVICE_MODEL_DISPLAYNAME"],
"size": int(kies.body["BINARY_BYTE_SIZE"]),
# Convert bytes to GB, so it will be more readable for an end-user.
"size_readable": "{:.2f} GB".format(float(kies.body["BINARY_BYTE_SIZE"]) / 1024 / 1024 / 1024),
"filename": kies.body["BINARY_NAME"],
"path": kies.body["MODEL_PATH"],
"version": kies.body["CURRENT_OS_VERSION"].replace("(", " ("),
"encrypt_version": ENCRYPT_VERSION,
"last_modified": int(kies.body["LAST_MODIFIED"]),
# Generate decrypted key for decrypting the file after downloading.
# Decrypt key gives a list of bytes, but as it is not possible to send as query parameter,
# we are converting it to a single HEX value.
"decrypt_key": \
session.getv2key(firmware, model, region).hex() if ENCRYPT_VERSION == 2 else \
session.getv4key(kies.body.get_first("LATEST_FW_VERSION", "ADD_LATEST_FW_VERSION"), kies.body["LOGIC_VALUE_FACTORY"]).hex(),
# A URL of samsungmobile that includes release changelogs.
# Not available for every device.
"firmware_changelog_url": kies.body.get_first("DESCRIPTION", "ADD_DESCRIPTION"),
"platform": kies.body["DEVICE_PLATFORM"]
})
# Raise exception when status is not 200.
raise SanicException("Firmware couldn't be found.",
binary_info.status_code)
def register_app(cls, app: "Sanic") -> None:
"""Register a Sanic instance"""
if not isinstance(app, cls):
raise SanicException("Registered app must be an instance of Sanic")
name = app.name
if name in cls._app_registry and not cls.test_mode:
raise SanicException(f'Sanic app name "{name}" already in use.')
cls._app_registry[name] = app
async def submit(request, user):
# quota, allow 50 mails/day
oldest = now() - timedelta(days=1)
sent = await SentEmail.filter(sent__gte=oldest).count()
quota = 50
if sent >= quota:
raise Forbidden('quota_reached')
session = request.ctx.session
values = dict(request.json)
dryRun = values.get('dryRun')
templateName = values.get('template')
language = values.get('lang') or 'en'
tpl = templates.get(templateName, {}).get(language, None)
if not tpl:
raise NotFound('template_not_found')
subject = subjectTemplates[templateName][language]
# input validation
link = furl(values.get('link', None))
recipientName = values.get('recipientName', None)
recipientAddress = values.get('recipientAddress', None)
senderAddress = session.oauthInfo.get('email', None)
senderName = session.oauthInfo.get('name', None)
# we’re lazy and defer actual validation to the sending SMTP server
if not recipientName or not recipientAddress:
raise SanicException('recipient_invalid', status_code=400)
if not senderName or not senderAddress:
raise Forbidden('sender_invalid')
if link.host != request.server_name:
raise Forbidden('link_invalid')
values['senderName'] = senderName
message = tpl.format(**values)
try:
if not dryRun:
email = await sendEmail(request.app.config, recipientName,
recipientAddress, senderAddress, subject,
message)
entry = SentEmail(messageId=email['message-id'],
sender=user,
message=str(email))
await entry.save()
except aiosmtplib.errors.SMTPException as e:
if e.code == 501:
raise SanicException('syntax_error', status_code=400)
else:
raise ServerError('error')
return json(dict(status='ok', message=str(message)))
def _check_token(self, bot_token: Text) -> None:
# see https://developers.google.com/chat/how-tos/bots-develop#verifying_bot_authenticity # noqa: E501, W505
# and https://google-auth.readthedocs.io/en/latest/user-guide.html#identity-tokens # noqa: E501, W505
try:
decoded_token = id_token.verify_token(
bot_token,
self.google_request,
audience=self.project_id,
certs_url=CERTS_URL,
)
except ValueError:
raise SanicException(status_code=401)
if decoded_token["iss"] != "*****@*****.**":
raise SanicException(status_code=401)
def wrapper(request):
jwt_token = request.headers.get('authorization',
None).split(' ')[1].rstrip()
secret = os.environ.get('jwt_secret')
decoded_token = jwt.decode(jwt_token, secret)
try:
if decoded_token['auth_level'] >= auth_level:
return f(request)
else:
raise SanicException("Unauthorized Request",
status_code=215)
except KeyError:
raise SanicException("Trampled jwt, investigate",
status_code=217)
def _server_event(self, concern: str, action: str):
if not self.init:
raise SanicException(
"Cannot dispatch server event without "
"first running server.startup()"
)
return self.app._server_event(concern, action, loop=self.loop)
def fallback(self, value: str):
self._warn_fallback_deprecation()
if not isinstance(value, str):
raise SanicException(
f"Cannot set error handler fallback to: value={value}"
)
self._fallback = value
def __init__(
self,
name: str = None,
router: Router = None,
error_handler: ErrorHandler = None,
load_env: bool = True,
request_class: Type[Request] = None,
strict_slashes: bool = False,
log_config: Optional[Dict[str, Any]] = None,
configure_logging: bool = True,
register: Optional[bool] = None,
dumps: Optional[Callable[..., str]] = None,
) -> None:
super().__init__()
if name is None:
raise SanicException(
"Sanic instance cannot be unnamed. "
"Please use Sanic(name='your_application_name') instead.", )
# logging
if configure_logging:
logging.config.dictConfig(log_config or LOGGING_CONFIG_DEFAULTS)
self.name = name
self.asgi = False
self.router = router or Router()
self.request_class = request_class
self.error_handler = error_handler or ErrorHandler()
self.config = Config(load_env=load_env)
self.request_middleware: Deque[MiddlewareType] = deque()
self.response_middleware: Deque[MiddlewareType] = deque()
self.blueprints: Dict[str, Blueprint] = {}
self._blueprint_order: List[Blueprint] = []
self.configure_logging = configure_logging
self.debug = None
self.sock = None
self.strict_slashes = strict_slashes
self.listeners: Dict[str, List[ListenerType]] = defaultdict(list)
self.is_stopping = False
self.is_running = False
self.websocket_enabled = False
self.websocket_tasks: Set[Future] = set()
self.named_request_middleware: Dict[str, Deque[MiddlewareType]] = {}
self.named_response_middleware: Dict[str, Deque[MiddlewareType]] = {}
self._test_manager = None
self._test_client = None
self._asgi_client = None
# Register alternative method names
self.go_fast = self.run
if register is not None:
self.config.REGISTER = register
if self.config.REGISTER:
self.__class__.register_app(self)
self.router.ctx.app = self
if dumps:
BaseHTTPResponse._dumps = dumps
async def save(cls, user, activity):
exists = await cls.find_one(
{"activity.id": activity["id"]}
)
if exists:
if user.name in exists['users']:
raise SanicException('Object with this ID already delivered to user',
status_code=409)
else:
users = exists['users']
users.append(user.name)
await cls.update_one(
{'_id': exists.id},
{'$set': {"users": users,
"updated": datetime.now()}}
)
await cls.cache.clear()
else:
# TODO validate actor and activity
pg_id = random_object_id()
# TODO how to get single object from inbox
# activity = copy.deepcopy(activity)
# activity["pg_id"] = pg_id
await cls.insert_one({
"_id": pg_id,
"users": [user.name],
"activity": activity,
"label": make_label(activity),
"deleted": False,
"first_user": user.name,
"created": datetime.now()
})
return True
async def create(self, obj):
# user created need check register_phone unique
check_res = await self.new_check_unique(obj)
if check_res is not False:
raise SanicException(check_res)
result = await self.collection.insert_one(obj)
return result
async def create_account(request):
account_key = base64.b64encode(uuid.uuid4().bytes).decode('utf-8')
if app.debug:
ab_test_on = True
else:
ab_test_on = False
try:
name = request.json['name'].rstrip().strip()
except KeyError:
return response.json({"success": False,
"message": "json key is invalid."}, status=400)
if name == "" or len(name) < 3:
return response.json({"success": False,
"message": "Invalid account Name."}, status=400)
try:
await Accounts.create(name=name, account_key=account_key, ab_test_on=ab_test_on)
except Exception as e:
raise SanicException(str(e), status_code=400)
return response.json({"success": True,
"message": "created"}, status=200)
def wrapper(*args):
request = args[1]
data = request.json
results, error = schema().load(data)
if error:
raise SanicException(error)
return func(*args)
async def send(
self,
data: Optional[AnyStr] = None,
end_stream: Optional[bool] = None,
) -> None:
"""
Send any pending response headers and the given data as body.
:param data: str or bytes to be written
:param end_stream: whether to close the stream after this block
"""
if data is None and end_stream is None:
end_stream = True
if self.stream is None:
raise SanicException(
"No stream is connected to the response object instance.")
if self.stream.send is None:
if end_stream and not data:
return
raise ServerError(
"Response stream was ended, no more response data is "
"allowed to be sent.")
data = (
data.encode() # type: ignore
if hasattr(data, "encode") else data or b"")
await self.stream.send(data, end_stream=end_stream)
async def execute_graphql_request(self,
request,
data,
query,
variables,
operation_name,
show_graphiql=False):
if not query:
if show_graphiql:
return None
raise HttpError(
SanicException('Must provide query string.', status_code=400))
try:
source = Source(query, name='GraphQL request')
ast = parse(source)
validation_errors = validate(self.schema, ast)
if validation_errors:
return ExecutionResult(
errors=validation_errors,
invalid=True,
)
except Exception as e:
return ExecutionResult(errors=[e], invalid=True)
if request.method.lower() == 'get':
operation_ast = get_operation_ast(ast, operation_name)
if operation_ast and operation_ast.operation != 'query':
if show_graphiql:
return None
raise HttpError(
SanicException(
'Can only perform a {} operation from a POST request.'.
format(operation_ast.operation),
status_code=405,
))
try:
return await self.execute(ast,
root_value=self.get_root_value(request),
variable_values=variables or {},
operation_name=operation_name,
context_value=self.get_context(request),
middleware=self.get_middleware(request),
executor=self.get_executor(request))
except Exception as e:
return ExecutionResult(errors=[e], invalid=True)
async def get_db_products(pool, since, tz, is_advanced, per_page, page,
sorted_by, sorted_as, id_to_filter, name_to_filter,
tag_to_filter, category_to_filter):
# get connection from the pool
async with pool.acquire() as connection:
# get transaction
async with connection.transaction():
# fetch article by type
where_clause = ""
if is_advanced == 1:
where_clause = "AND LOWER(p.name::VARCHAR) LIKE LOWER($5::VARCHAR) " \
"AND LOWER(c.name::VARCHAR) LIKE LOWER($6::VARCHAR) " \
"AND LOWER(t.name::VARCHAR) LIKE LOWER($7::VARCHAR) "
elif is_advanced == 0:
where_clause = "OR LOWER(p.name::VARCHAR) LIKE LOWER($5::VARCHAR) " \
"OR LOWER(c.name::VARCHAR) LIKE LOWER($6::VARCHAR) " \
"OR LOWER(t.name::VARCHAR) LIKE LOWER($7::VARCHAR) "
sql = ""
try:
sql = "WITH cte AS (SELECT p.id AS product_id,p.name," \
"p.date_created AT TIME ZONE 'UTC' AT TIME ZONE $1 AS product_date_created," \
"p.last_updated AT TIME ZONE 'UTC' AT TIME ZONE $2 AS product_last_updated," \
"c.id AS category_id, c.name AS category_name, " \
"array_to_string(array(SELECT t1.name FROM tag t1 JOIN tag_product tj1 ON tj1.tag_id = t1.id " \
"WHERE tj1.product_id = p.id),',') as tags " \
"FROM product p " \
"LEFT JOIN category c ON c.id = p.category_id " \
"LEFT JOIN tag_product tp ON tp.product_id = p.id " \
"LEFT JOIN tag t ON tp.tag_id = t.id " \
"WHERE p.deleted IS FALSE " \
"AND p.date_created > CURRENT_TIMESTAMP - ($3 || ' DAY')::INTERVAL " \
"AND(p.id::VARCHAR LIKE $4::VARCHAR " \
"{0}" \
") " \
"GROUP BY p.id, c.id) " \
"SELECT * FROM (TABLE cte " \
"ORDER BY {1} " \
"LIMIT $8 OFFSET $9) sub " \
"RIGHT JOIN(SELECT COUNT(*) FROM cte) c(full_count) ON TRUE"\
.format(where_clause, "{0} {1}".format(sorted_by, sorted_as))
result = await connection.fetch(
sql,
tz,
tz,
"'{}'".format(since),
"%{}%".format(id_to_filter),
"%{}%".format(name_to_filter),
"%{}%".format(category_to_filter),
"%{}%".format(tag_to_filter),
per_page, (page - 1) * per_page,
timeout=util.timeout)
logger.info(
"from db, products in page = {0} in size = {1}".format(
page, len(result)))
return result
except Exception as e:
logger.exception(e)
raise SanicException(e)
async def wrapper(request, *args, **kwargs):
if request.path.startswith("/live"):
config = app.configs['live']
elif request.path.startswith("/dev"):
config = app.configs['dev']
else:
raise SanicException("Not Found", status_code=404)
return await fn(request, config, *args, **kwargs)
async def http_error(request: Request, exception: HTTPError):
if isinstance(exception, NetworkError):
raise SanicException(message = \
"SamFetch has lost connection with Kies servers. If you are running SamFetch locally, make sure you " + \
"have an internet connection. If you are currently hosting SamFetch somewhere, you can also check " + \
"if something (such as firewall) blocking the connection. If you need help, create a new Issue in " + \
"https://git.io/JPAbu",
status_code = 500
)
else:
raise SanicException(message = \
"SamFetch couldn't connect to Kies servers. This is probably not related to you. " + \
"Please try again if you didn't. Make sure you reported that in the SamFetch repository " + \
"by creating a new Issue in " + \
"https://git.io/JPAbu",
status_code = 500
)
async def wrapper(request):
token = request.headers.get(
'authorization', None)
if token is None:
raise SanicException(
"Unauthorized", status_code=400)
token = token.split(' ')[1].rstrip()
try:
record = await Accounts.select('id').where(Accounts.account_key == token).gino.scalar()
except Exception as e:
raise SanicException(str(e), status_code=400)
if record is None:
raise SanicException(
"account key not in database", status_code=401)
return await f(request, record)
def validate_phone(phone):
if phone in OPERATION_ACCOUNT:
pass
phone_pat = re.compile('^(13\d|14[5|7]|15\d|166|17[3|6|7]|18\d)\d{8}$')
res = re.match(phone_pat, phone)
# print("validate_phone res : ", res)
if not res:
raise SanicException("{} 手机号格式不正确".format(phone))
async def save(self, **kwargs):
filters = self.user.follow_filter(Inbox)
filters["activity.object.object"] = self.render["object"]
followed = await Inbox.find_one(filters)
if followed:
raise SanicException('This user is already followed', status_code=409)
await Outbox.save(self, **kwargs)
def get_app(cls, name: str, *, force_create: bool = False) -> "Sanic":
"""Retrieve an instantiated Sanic instance"""
try:
return cls._app_registry[name]
except KeyError:
if force_create:
return cls(name)
raise SanicException(f'Sanic app name "{name}" not found.')
def test_sanic_exception_handler():
res = SanicExceptionHandler()(fake_request(),
SanicException('error message', 510))
assert res.status == 510
assert json.loads(res.body.decode('utf-8')) == {
'status': 510,
'message': 'error message'
}
def wrapper(*args, **kwargs):
# schemas = schema
# if not isinstance(schema, list):
# schemas = list(schema)
# schemas = [tmp() for tmp in schemas]
results, error = schema().load(kwargs)
if error:
raise SanicException(error)
return func(*args, **results)
def __init__(self, name: str = None, *args: Any, **kwargs: Any) -> None:
class_name = self.__class__.__name__
if name is None:
raise SanicException(
f"{class_name} instance cannot be unnamed. "
"Please use Sanic(name='your_application_name') instead.", )
if not VALID_NAME.match(name):
raise SanicException(
f"{class_name} instance named '{name}' uses an invalid "
"format. Names must begin with a character and may only "
"contain alphanumeric characters, _, or -.")
self.name = name
for base in BaseSanic.__bases__:
base.__init__(self, *args, **kwargs) # type: ignore
def loop(self):
"""Synonymous with asyncio.get_event_loop().
Only supported when using the `app.run` method.
"""
if not self.is_running:
raise SanicException(
'Loop can only be retrieved after the app has started '
'running. Not supported with `create_server` function')
return get_event_loop()
def finalize(self, *args, **kwargs):
super().finalize(*args, **kwargs)
for route in self.dynamic_routes.values():
if any(
label.startswith("__") and label not in ALLOWED_LABELS
for label in route.labels):
raise SanicException(
f"Invalid route: {route}. Parameter names cannot use '__'."
)
