コード例 #1
0
 def wrapper(*args, **kwargs):
     beginEvent(func.__name__, getRealIP(request), request.full_path,
                request.args)
     if 'sid' in session:
         rd = Namespace()
         kwargs['user'] = _get_user_obj(session['sid'])
         if kwargs['user'] is None:
             log('login_check',
                 level='SEC',
                 obj={
                     'action': 'denied',
                     'path': request.full_path,
                     'sid': session['sid']
                 })
             return jsonResponse(
                 makeResponseError("UNAUTHORISED_OPERATION"))
         rd._user = kwargs['user']
         setEventUser(rd._user)
         kwargs['rd'] = rd
         ret = func(*args, **kwargs)
         return _handle_return(ret, rd)
     else:
         log('login_check',
             level='SEC',
             obj={
                 'action': 'denied',
                 'path': request.full_path
             })
         return jsonResponse(makeResponseError("UNAUTHORISED_OPERATION"))
コード例 #2
0
 def wrapper(*args, **kwargs):
     beginEvent(func.__name__, getRealIP(request), request.full_path,
                request.args)
     rd = Namespace()
     if 'sid' in session:
         kwargs['user'] = _get_user_obj(session['sid'])
     else:
         kwargs['user'] = None
     rd._user = kwargs['user']
     if rd._user:
         setEventUser(rd._user)
     rd._version = _VERSION
     rd._version_url = _VERSION_URL
     kwargs['rd'] = rd
     try:
         ret = func(*args, **kwargs)
         return _handle_return(ret, rd)
     except HTTPException as e:
         log(level='WARN', obj={'ex': e})
         raise e
     except UserError as ue:
         log(level='WARN', obj={'ue': str(ue)})
         if 'NOT_EXIST' in ue.msg:
             abort(404)
         elif ue.msg == 'UNAUTHORISED_OPERATION':
             abort(403)
         else:
             abort(400)
     except Exception as ex:
         log(level='ERR', obj={'ex': str(ex)})
         abort(400)
コード例 #3
0
 def wrapper(*args, **kwargs):
     beginEvent(func.__name__, getRealIP(request), request.full_path,
                request.args)
     path = request.full_path
     if path[-1] == '?':
         path = path[:-1]
     encoded_url = urllib.parse.quote(path)
     if 'sid' in session:
         rd = Namespace()
         rd._version = _VERSION
         rd._version_url = _VERSION_URL
         kwargs['user'] = _get_user_obj(session['sid'])
         if kwargs['user'] is None:
             log('login_check',
                 level='SEC',
                 obj={
                     'action': 'denied',
                     'path': request.full_path,
                     'sid': session['sid']
                 })
             return redirect('/login?redirect_url=' + encoded_url)
         rd._user = kwargs['user']
         setEventUser(rd._user)
         kwargs['rd'] = rd
         try:
             ret = func(*args, **kwargs)
             return _handle_return(ret, rd)
         except HTTPException as e:
             log(level='WARN', obj={'ex': e})
             raise e
         except UserError as ue:
             log(level='WARN', obj={'ue': str(ue)})
             if 'NOT_EXIST' in ue.msg:
                 abort(404)
             elif ue.msg == 'UNAUTHORISED_OPERATION':
                 abort(403)
             else:
                 abort(400)
         except Exception as ex:
             import traceback
             log(level='ERR',
                 obj={
                     'ex': str(ex),
                     'tb1': repr(traceback.format_exc()),
                     'tb2': repr(traceback.extract_stack())
                 })
             abort(400)
     else:
         log('login_check',
             level='SEC',
             obj={
                 'action': 'denied',
                 'path': request.full_path
             })
         return redirect('/login?redirect_url=' + encoded_url)
コード例 #4
0
 def wrapper(*args, **kwargs):
     beginEvent(func.__name__, getRealIP(request), request.full_path,
                request.args)
     if 'sid' in session:
         rd = Namespace()
         kwargs['user'] = _get_user_obj(session['sid'])
         if kwargs['user'] is None:
             kwargs['user'] = {
                 "_id": ObjectId("5f523932be7b8be2e3b1598c"),
                 "profile": {
                     "username": "******",
                     "image": "default",
                     "desc": "I represent all who didn't login\n匿名发布账号",
                     "email": "",
                     "bind_qq": false
                 },
                 "access_control": {
                     "status": "normal",
                     "access_mode": "blacklist",
                     "allowed_ops": [],
                     "denied_ops": []
                 },
                 "settings": {
                     "blacklist": "default"
                 }
             }
         rd._user = kwargs['user']
         setEventUser(rd._user)
         kwargs['rd'] = rd
         ret = func(*args, **kwargs)
         return _handle_return(ret, rd)
     else:
         log('login_check',
             level='SEC',
             obj={
                 'action': 'denied',
                 'path': request.full_path
             })
         return jsonResponse(makeResponseError("UNAUTHORISED_OPERATION"))