def request_json(silent=False):
"""Return the JSON from the current request.
Args:
silent (bool): Silence parsing errors and return None instead.
"""
request = flask.request
encoding = str(request.content_encoding).lower()
data = None
bad_request = werkzeug_exc.BadRequest(
'The browser (or proxy) sent a request that this server could not understand.'
)
try:
if encoding == 'gzip':
data = json.loads(
gzip.decompress(request.get_data()).decode('utf-8'))
elif encoding in ('identity', 'none'):
data = request.get_json(force=True)
else:
raise werkzeug_exc.UnsupportedMediaType(
f'unsupported encoding: "{encoding}"')
if data is None:
raise bad_request
except (OSError, UnicodeDecodeError, json.JSONDecodeError,
werkzeug_exc.BadRequest) as err:
if not silent:
raise bad_request from err
return data
def post(self):
args = reqparser.parse_args()
if not args.content_type:
args.content_type = 'sparql-query' # default content type
if args.content_type != 'sparql-query':
raise exceptions.UnsupportedMediaType()
qstr = request.data.decode('utf-8')
raw_res = self.db.query(qstr)
return raw_res, 200, {'Content-Type': 'application/json'}
def assert_content_type():
"""Assert that the Content-Type is :mimetype:`application/json`.
:raises: werkzeug.exceptions.UnsupportedMediaType
"""
if not request.is_json:
raise exceptions.UnsupportedMediaType(
f"Expected Content-Type: 'application/json'; "
f"got: '{request.headers.environ.get('CONTENT_TYPE')}'")
def set_all_vars():
req = request.get_json()
if not isinstance(req, dict):
raise wexc.UnsupportedMediaType("Not a JSON object")
with db.transact("set_all_vars") as conn:
vars = _get_vars(db.get_state(conn))
vars.clear()
vars.update(req)
return util.empty_response
def set_var(var):
meth = request.method
try:
with db.transact("set_var") as conn:
vars = _get_vars(db.get_state(conn))
if meth == 'DELETE':
del vars[var]
else:
val = request.get_json()
if val is None:
raise wexc.UnsupportedMediaType("Not JSON data")
vars[var] = val
return util.empty_response
except KeyError as e:
raise wexc.NotFound from e
def post_job():
current_app.logger.debug("post_job: %s", request.data)
req = request.get_json()
if not isinstance(req, dict):
raise wexc.UnsupportedMediaType("Not a JSON object")
with db.transact("post_job") as conn:
jid, j = db.create_job(conn, req)
try:
wd = current_app.config['WORK_DIR']
j.workdir = tempfile.mkdtemp(dir=wd) if wd else None
tasks.launch(jid, j)
except:
j.close()
raise
return jsonify(jid), HTTPStatus.CREATED, {
"Location": url_for('.get_job', job=jid)
}
def allowed_file(image):
"""
Check if image satisfies the constraints of Custom Vision.
"""
if image.filename == "":
raise excp.BadRequest("No image submitted")
# Check that the file is a png
is_png = image.content_type == "image/png"
# Ensure the file isn't too large
too_large = len(image.read()) > setup.MAX_IMAGE_SIZE
# Ensure the file has correct resolution
height, width = get_image_resolution(image)
MIN_RES = setup.MIN_RESOLUTION
correct_res = (height >= MIN_RES) and (width >= MIN_RES)
if not is_png or too_large or not correct_res:
raise excp.UnsupportedMediaType("Wrong image format")
image.seek(0)
def _rpc_handle(self, request: werkzeug.Request) -> werkzeug.Response:
"""
Handles JSON-RPC request.
:returns: werkzeug response
"""
if request.content_type not in pjrpc.common.REQUEST_CONTENT_TYPES:
raise exceptions.UnsupportedMediaType()
try:
request_text = request.get_data(as_text=True)
except UnicodeDecodeError as e:
raise exceptions.BadRequest() from e
response_text = self._dispatcher.dispatch(request_text,
context=request)
if response_text is None:
return werkzeug.Response()
else:
return werkzeug.Response(
response_text, mimetype=pjrpc.common.DEFAULT_CONTENT_TYPE)
def _rpc_handle(self,
dispatcher: pjrpc.server.Dispatcher) -> flask.Response:
"""
Handles JSON-RPC request.
:returns: flask response
"""
if not flask.request.is_json:
raise exceptions.UnsupportedMediaType()
try:
flask.request.encoding_errors = 'strict'
request_text = flask.request.get_data(as_text=True)
except UnicodeDecodeError as e:
raise exceptions.BadRequest() from e
response_text = dispatcher.dispatch(request_text)
if response_text is None:
return current_app.response_class()
else:
return current_app.response_class(
response_text, mimetype=pjrpc.common.DEFAULT_CONTENT_TYPE)
def image():
logger.debug(request.method + ' ' + request.url)
try:
logged_in = session_logged_in()
allow_uncache = app.config['BENCHMARKING'] or app.config['DEBUG']
args = request.args
# Get URL parameters for the image
src = args.get('src', '')
page = args.get('page', None)
iformat = args.get('format', None)
template = args.get('tmp', None)
width = args.get('width', None)
height = args.get('height', None)
halign = args.get('halign', None)
valign = args.get('valign', None)
autosizefit = args.get('autosizefit', None)
rotation = args.get('angle', None)
flip = args.get('flip', None)
top = args.get('top', None)
left = args.get('left', None)
bottom = args.get('bottom', None)
right = args.get('right', None)
autocropfit = args.get('autocropfit', None)
fill = args.get('fill', None)
quality = args.get('quality', None)
sharpen = args.get('sharpen', None)
ov_src = args.get('overlay', None)
ov_size = args.get('ovsize', None)
ov_opacity = args.get('ovopacity', None)
ov_pos = args.get('ovpos', None)
icc_profile = args.get('icc', None)
icc_intent = args.get('intent', None)
icc_bpc = args.get('bpc', None)
colorspace = args.get('colorspace', None)
strip = args.get('strip', None)
dpi = args.get('dpi', None)
tile = args.get('tile', None)
# Get URL parameters for handling options
attach = args.get('attach', None)
xref = args.get('xref', None)
stats = args.get('stats', None)
# Get protected admin/internal parameters
cache = args.get('cache', '1') if logged_in or allow_uncache else '1'
recache = args.get('recache', None) if allow_uncache else None
# eRez compatibility mode
src = erez_params_compat(src)
# Convert non-string parameters to the correct data types
try:
# Image options
if page is not None:
page = parse_int(page)
if width is not None:
width = parse_int(width)
if height is not None:
height = parse_int(height)
if autosizefit is not None:
autosizefit = parse_boolean(autosizefit)
if rotation is not None:
rotation = parse_float(rotation)
if top is not None:
top = parse_float(top)
if left is not None:
left = parse_float(left)
if bottom is not None:
bottom = parse_float(bottom)
if right is not None:
right = parse_float(right)
if autocropfit is not None:
autocropfit = parse_boolean(autocropfit)
if fill is not None:
fill = parse_colour(fill)
if quality is not None:
quality = parse_int(quality)
if sharpen is not None:
sharpen = parse_int(sharpen)
if ov_size is not None:
ov_size = parse_float(ov_size)
if ov_opacity is not None:
ov_opacity = parse_float(ov_opacity)
if icc_bpc is not None:
icc_bpc = parse_boolean(icc_bpc)
if strip is not None:
strip = parse_boolean(strip)
if dpi is not None:
dpi = parse_int(dpi)
if tile is not None:
tile = parse_tile_spec(tile)
# Handling options
if attach is not None:
attach = parse_boolean(attach)
if xref is not None:
validate_string(xref, 0, 1024)
if stats is not None:
stats = parse_boolean(stats)
# Admin/internal options
if cache is not None:
cache = parse_boolean(cache)
if recache is not None:
recache = parse_boolean(recache)
except (ValueError, TypeError) as e:
raise httpexc.BadRequest(safe_error_str(e))
# Package and validate the parameters
try:
# #2694 Enforce public image limits - perform easy parameter checks
if not logged_in:
width, height, autosizefit = _public_image_limits_pre_image_checks(
width, height, autosizefit, tile, template
)
# Store and normalise all the parameters
image_attrs = ImageAttrs(src, -1, page, iformat, template,
width, height, halign, valign,
rotation, flip,
top, left, bottom, right, autocropfit,
autosizefit, fill, quality, sharpen,
ov_src, ov_size, ov_pos, ov_opacity,
icc_profile, icc_intent, icc_bpc,
colorspace, strip, dpi, tile)
image_engine.finalise_image_attrs(image_attrs)
except ValueError as e:
raise httpexc.BadRequest(safe_error_str(e))
# Get/create the database ID (from cache, validating path on create)
image_id = data_engine.get_or_create_image_id(
image_attrs.filename(),
return_deleted=False,
on_create=on_image_db_create_anon_history
)
if (image_id == 0):
raise DoesNotExistError() # Deleted
elif (image_id < 0):
raise DBError('Failed to add image to database')
image_attrs.set_database_id(image_id)
# Require view permission or file admin
permissions_engine.ensure_folder_permitted(
image_attrs.folder_path(),
FolderPermission.ACCESS_VIEW,
get_session_user()
)
# Ditto for overlays
if ov_src:
permissions_engine.ensure_folder_permitted(
filepath_parent(ov_src),
FolderPermission.ACCESS_VIEW,
get_session_user()
)
# v1.17 If this is a conditional request with an ETag, see if we can just return a 304
if 'If-None-Match' in request.headers and not recache:
etag_valid, modified_time = _etag_is_valid(
image_attrs,
request.headers['If-None-Match'],
False
)
if etag_valid:
# Success HTTP 304
return make_304_response(image_attrs, False, modified_time)
# Get the requested image data
image_wrapper = image_engine.get_image(
image_attrs,
'refresh' if recache else cache
)
if (image_wrapper is None):
raise DoesNotExistError()
# #2694 Enforce public image limits - check the dimensions
# of images that passed the initial parameter checks
if not logged_in:
try:
_public_image_limits_post_image_checks(
image_attrs.width(),
image_attrs.height(),
image_attrs.template(),
image_wrapper.data(),
image_wrapper.attrs().format()
)
except ValueError as e:
raise httpexc.BadRequest(safe_error_str(e)) # As for the pre-check
# Success HTTP 200
return make_image_response(image_wrapper, False, stats, attach, xref)
except httpexc.HTTPException:
# Pass through HTTP 4xx and 5xx
raise
except ServerTooBusyError:
logger.warning('503 Too busy for ' + request.url)
raise httpexc.ServiceUnavailable()
except ImageError as e:
logger.warning('415 Invalid image file \'' + src + '\' : ' + str(e))
raise httpexc.UnsupportedMediaType(safe_error_str(e))
except SecurityError as e:
if app.config['DEBUG']:
raise
log_security_error(e, request)
raise httpexc.Forbidden()
except DoesNotExistError as e:
# First time around the ID will be set. Next time around it
# won't but we should check whether the disk file now exists.
if image_attrs.database_id() > 0 or path_exists(image_attrs.filename(), require_file=True):
image_engine.reset_image(image_attrs)
logger.warning('404 Not found: ' + str(e))
raise httpexc.NotFound(safe_error_str(e))
except Exception as e:
if app.config['DEBUG']:
raise
logger.error('500 Error for ' + request.url + '\n' + str(e))
raise httpexc.InternalServerError(safe_error_str(e))
def original():
logger.debug('GET ' + request.url)
try:
# Get URL parameters for the image
src = request.args.get('src', '')
# Get URL parameters for handling options
attach = request.args.get('attach', None)
xref = request.args.get('xref', None)
stats = request.args.get('stats', None)
# Validate the parameters
try:
if attach is not None:
attach = parse_boolean(attach)
if xref is not None:
validate_string(xref, 0, 1024)
if stats is not None:
stats = parse_boolean(stats)
image_attrs = ImageAttrs(src)
image_attrs.validate()
except ValueError as e:
raise httpexc.BadRequest(safe_error_str(e))
# Get/create the database ID (from cache, validating path on create)
image_id = data_engine.get_or_create_image_id(
image_attrs.filename(),
return_deleted=False,
on_create=on_image_db_create_anon_history
)
if (image_id == 0):
raise DoesNotExistError() # Deleted
elif (image_id < 0):
raise DBError('Failed to add image to database')
image_attrs.set_database_id(image_id)
# Require download permission or file admin
permissions_engine.ensure_folder_permitted(
image_attrs.folder_path(),
FolderPermission.ACCESS_DOWNLOAD,
get_session_user()
)
# v1.17 If this is a conditional request with an ETag, see if we can just return a 304
if 'If-None-Match' in request.headers:
etag_valid, modified_time = _etag_is_valid(
image_attrs,
request.headers['If-None-Match'],
True
)
if etag_valid:
# Success HTTP 304
return make_304_response(image_attrs, True, modified_time)
# Read the image file
image_wrapper = image_engine.get_image_original(
image_attrs
)
if (image_wrapper is None):
raise DoesNotExistError()
# Success HTTP 200
return make_image_response(image_wrapper, True, stats, attach, xref)
except httpexc.HTTPException:
# Pass through HTTP 4xx and 5xx
raise
except ServerTooBusyError:
logger.warning('503 Too busy for ' + request.url)
raise httpexc.ServiceUnavailable()
except ImageError as e:
logger.warning('415 Invalid image file \'' + src + '\' : ' + str(e))
raise httpexc.UnsupportedMediaType(safe_error_str(e))
except SecurityError as e:
if app.config['DEBUG']:
raise
log_security_error(e, request)
raise httpexc.Forbidden()
except DoesNotExistError as e:
# First time around the ID will be set. Next time around it
# won't but we should check whether the disk file now exists.
if image_attrs.database_id() > 0 or path_exists(image_attrs.filename(), require_file=True):
image_engine.reset_image(image_attrs)
logger.warning('404 Not found: ' + src)
raise httpexc.NotFound(src)
except Exception as e:
if app.config['DEBUG']:
raise
logger.error('500 Error for ' + request.url + '\n' + str(e))
raise httpexc.InternalServerError(safe_error_str(e))
def _assert_415(self, response, messages=None):
self.__assert_error(
response,
exceptions.UnsupportedMediaType(),
messages,
)