def __init__(self, app=None, route=None, blueprint=None, stream_cache=None, path='templates.yaml'): self.app = app self._route = route self._intent_view_funcs = {} self._intent_converts = {} self._intent_defaults = {} self._intent_mappings = {} self._launch_view_func = None self._session_ended_view_func = None self._on_session_started_callback = None self._default_intent_view_func = None self._player_request_view_funcs = {} self._player_mappings = {} self._player_converts = {} if app is not None: self.init_app(app, path) elif blueprint is not None: self.init_blueprint(blueprint, path) if stream_cache is None: self.stream_cache = SimpleCache() else: self.stream_cache = stream_cache
def _simple(self, **kwargs): """Returns a :class:`SimpleCache` instance .. warning:: This cache system might not be thread safe. Use with caution. """ kwargs.update(dict(threshold=self._config('threshold', 500))) return SimpleCache(**kwargs)
def test_dynamic_permission_needs_cache_invalidation(app, dynamic_permission): """Testing DynamicPermission refreshes needs. This is important when protecting a view with @permission.require(http_exception=403) If cache does not get invalidated, the needs will only be refreshed when the Python process restarts. """ cache = SimpleCache() InvenioAccess(app, cache=cache) with app.test_request_context(): user_can_all = User(email='*****@*****.**') user_can_open = User(email='*****@*****.**') db.session.add(user_can_all) db.session.add(user_can_open) db.session.add(ActionUsers(action='open', user=user_can_all)) db.session.flush() permission_open = dynamic_permission(ActionNeed('open')) assert permission_open.needs == set([Need(method='id', value=1)]) db.session.add(ActionUsers(action='open', user=user_can_open)) db.session.flush() assert permission_open.needs == set( [Need(method='id', value=1), Need(method='id', value=2)] )
def test_invenio_access_permission_cache(app, dynamic_permission): """Caching the user using memory caching.""" cache = SimpleCache() InvenioAccess(app, cache=cache) with app.test_request_context(): user_can_all = User(email='*****@*****.**') user_can_open = User(email='*****@*****.**') user_can_open_1 = User(email='*****@*****.**') db.session.add(user_can_all) db.session.add(user_can_open) db.session.add(user_can_open_1) db.session.add(ActionUsers(action='open', user=user_can_all)) db.session.flush() permission_open = dynamic_permission(ActionNeed('open')) identity_open = FakeIdentity(UserNeed(user_can_open.id)) assert not permission_open.allows(identity_open) assert current_access.get_action_cache('open') == ( set([Need(method='id', value=1)]), set([]) ) db.session.add(ActionUsers(action='open', user=user_can_open)) db.session.flush() permission_open = dynamic_permission(ActionNeed('open')) assert permission_open.allows(identity_open) assert current_access.get_action_cache('open') == ( set([Need(method='id', value=1), Need(method='id', value=2)]), set([]) ) db.session.add(ActionUsers(action='open', argument=1, user=user_can_open_1)) db.session.flush() identity_open_1 = FakeIdentity(UserNeed(user_can_open_1.id)) permission_open_1 = dynamic_permission( ParameterizedActionNeed('open', '1')) assert not permission_open.allows(identity_open_1) assert permission_open_1.allows(identity_open_1) assert current_access.get_action_cache('open::1') == ( set([Need(method='id', value=1), Need(method='id', value=2), Need(method='id', value=3)]), set([]) ) assert current_access.get_action_cache('open') == ( set([Need(method='id', value=1), Need(method='id', value=2)]), set([]) )
def __init__(self, app=None, *, base_url=None, client_id=None, client_secret=None, cache=None, scope='openid', url_prefix='/oauth2', session_key='flask-auth0-cookie'): # :param app: Flask app # :param base_url: your identity provider's base url # :param client_id: CLIENT_ID # :param client_secret: CLIENT_SECRET # :param cache: a cache object that implements `werkzeug.contrib.cache.BaseCache` to store the tokens in # :param scope: oauth2 scopes # :param url_prefix: what should be the prefix of all the routes needed for oauth2. default = /oauth2 # :param session_key: name of the key used in the session to store the uid self.app = app self.user_agent = f"{__name__}/{__version__} python-requests/{requests.__version__}" self.base_url = base_url self.client_id = client_id self.client_secret = client_secret self.scope = scope self.url_prefix = url_prefix self.session_key = session_key # User actions self._after_login_handler = None self._after_logout_handler = None self._after_refresh_handler = None self._logger = None # Setup backend cache if cache is None: self.cache = SimpleCache() elif isinstance(cache, BaseCache): self.cache = cache else: raise ValueError( f'your backend cache must implement `cachelib.BaseCache`. {cache} is {type(cache)}' ) # Utilities self.signer = None self.hasher = None self.openid_config = None if app is not None: self.init_app(app)
def init_app (self, app): app.config.from_object (Config) for layer in app.config['TILE_LAYERS']: if 'map_style' in layer: renderers[layer['id']] = Render (app, layer) app.tile_cache = SimpleCache ( threshold = TILE_CACHE_SIZE, default_timeout = TILE_CACHE_TIMEOUT )
def decorator(func): @wraps(func) def decorated(*args, **kwargs): cache_id = key(*args, **kwargs) return_value = decorated.cache.get(cache_id) if return_value is None: return_value = func(*args, **kwargs) decorated.cache.set( cache_id, return_value if return_value is not None else NO_DATA, timeout=timeout) elif return_value == NO_DATA: return_value = None return return_value decorated.cache = SimpleCache() return decorated
from . import filters from .db import db, db_reload BACKCOMPAT_SERIES_ALIASES = { 'brno': 'brno-pyvo', 'praha': 'praha-pyvo', 'ostrava': 'ostrava-pyvo', 'olomouc': 'olomouc-pyvo', 'plzen': 'plzen-pyvo', 'liberec': 'liberec-pyvo', } # Be careful when using SimpleCache! # See: http://werkzeug.pocoo.org/docs/contrib/cache/ # #werkzeug.contrib.cache.SimpleCache cache = SimpleCache(threshold=500, default_timeout=300) routes = [] def route(url, methods=['GET'], translate=True, **kwargs): def decorator(func): assert url.startswith('/') options = dict(kwargs, methods=methods) if translate: routes.append(( url, func, dict(options, defaults={'lang_code': 'cs'}), )) routes.append((
def test_intenio_access_cache_performance(app, dynamic_permission): """Performance test simulating 1000 users.""" InvenioAccess(app, cache=None) with app.test_request_context(): # CDS has (2015-11-19) 74 actions with 414 possible arguments with # 49259 users and 307 roles. In this test we are going to divide # into 50 and use the next prime number. users_number = 991 actions_users_number = 11 actions_roles_number = 7 roles = [] actions = [] for i in range(actions_roles_number): role = Role(name='role{0}'.format(i)) roles.append(role) db.session.add(role) db.session.flush() action_role = ActionRoles( action='action{0}'.format( str(i % actions_roles_number)), role=role) actions.append(action_role) db.session.add(action_role) db.session.flush() users = [] for i in range(users_number): user = User( email='invenio{0}@inveniosoftware.org'.format(str(i)), roles=[roles[i % actions_roles_number]]) users.append(user) db.session.add(user) db.session.flush() action_user = ActionUsers(action='action{0}'.format( str((i % actions_users_number) + actions_roles_number)), user=user) actions.append(action_user) db.session.add(action_user) db.session.flush() def test_permissions(): """Iterates over all users checking its permissions.""" for i in range(users_number): identity = FakeIdentity(UserNeed(users[i].id)) # Allowed permission permission_allowed_both = dynamic_permission( ActionNeed('action{0}'.format( (i % actions_users_number) + actions_roles_number)), ActionNeed('action{0}'.format(i % actions_roles_number)) ) assert permission_allowed_both.allows(identity) # Not allowed action user permission_not_allowed_user = dynamic_permission( ActionNeed('action{0}'.format( (i + 1) % actions_users_number + actions_roles_number)) ) assert not permission_not_allowed_user.allows(identity) # Not allowed action role permission_not_allowed_role = dynamic_permission( ActionNeed('action{0}'.format( (i + 1) % actions_roles_number)) ) assert not permission_not_allowed_role.allows(identity) app.extensions['invenio-access'].cache = None start_time_wo_cache = time.time() test_permissions() end_time_wo_cache = time.time() time_wo_cache = end_time_wo_cache - start_time_wo_cache app.extensions['invenio-access'].cache = SimpleCache() start_time_w_cache = time.time() test_permissions() end_time_w_cache = time.time() time_w_cache = end_time_w_cache - start_time_w_cache assert time_wo_cache / time_w_cache > 10
import datetime from cachelib import SimpleCache from app.clients.sms import PollableSMSClient from app.clients.sms.utils import timed from saplivelink365 import Configuration, ApiClient, AuthorizationApi, SMSV20Api # See https://livelink.sapmobileservices.com/documentation/guides/sms-channel/delivery_statuses/#body-description sap_response_map = { 'SENT': 'sending', 'DELIVERED': 'delivered', 'RECEIVED': 'delivered', 'ERROR': 'failed', } auth_cache = SimpleCache() def get_sap_responses(status): return sap_response_map[status] class SAPSMSClient(PollableSMSClient): def __init__(self, client_id=None, client_secret=None, *args, **kwargs): super(SAPSMSClient, self).__init__(*args, **kwargs) self._client_id = client_id self._client_secret = client_secret def init_app(self, logger, notify_host, *args, **kwargs): self.logger = logger self.notify_host = notify_host
if "WEBFAF_ENVIRON_PRODUCTION" in os.environ: app.config.from_object("webfaf.config.ProductionConfig") elif "WEBFAF_ENVIRON_TEST" in os.environ: app.config.from_object("webfaf.config.TestingConfig") else: app.config.from_object("webfaf.config.DevelopmentConfig") db = SQLAlchemy(app) if app.config["CACHE_TYPE"].lower() == "memcached": flask_cache = MemcachedCache(['{0}:{1}'.format( app.config["MEMCACHED_HOST"], app.config["MEMCACHED_PORT"])], key_prefix=app.config["MEMCACHED_KEY_PREFIX"]) elif app.config["CACHE_TYPE"].lower() == "simple": flask_cache = SimpleCache() else: flask_cache = NullCache() if app.config["PROXY_SETUP"]: app.wsgi_app = ProxyFix(app.wsgi_app) if app.config["OPENID_ENABLED"]: from flask_openid import OpenID from openid_teams import teams oid = OpenID(app, safe_roots=[], extension_responses=[teams.TeamsResponse]) from webfaf.login import login # pylint: disable=cyclic-import app.register_blueprint(login) from webfaf.user import user # pylint: disable=cyclic-import app.register_blueprint(user)
def werkzeug_subscriber(): subscriber = Subscriber(SQLite3SubscriberStorage('subscriber.db'), WerkzeugCacheTempSubscriberStorage(SimpleCache())) yield from subscriber_app(subscriber)
def test_invenio_access_permission_cache_users_updates( app, dynamic_permission ): """Testing ActionUsers cache with inserts/updates/deletes.""" cache = SimpleCache() InvenioAccess(app, cache=cache) with app.test_request_context(): # Creation of some data to test. user_1 = User(email='*****@*****.**') user_2 = User(email='*****@*****.**') user_3 = User(email='*****@*****.**') user_4 = User(email='*****@*****.**') user_5 = User(email='*****@*****.**') user_6 = User(email='*****@*****.**') db.session.add(user_1) db.session.add(user_2) db.session.add(user_3) db.session.add(user_4) db.session.add(user_5) db.session.add(user_6) db.session.add(ActionUsers(action='open', user=user_1)) db.session.add(ActionUsers(action='write', user=user_4)) db.session.flush() # Creation identities to test. identity_user_1 = FakeIdentity(UserNeed(user_1.id)) identity_user_2 = FakeIdentity(UserNeed(user_2.id)) identity_user_3 = FakeIdentity(UserNeed(user_3.id)) identity_user_4 = FakeIdentity(UserNeed(user_4.id)) identity_user_5 = FakeIdentity(UserNeed(user_5.id)) identity_user_6 = FakeIdentity(UserNeed(user_6.id)) # Test if user 1 can open. In this case, the cache should store only # this object. permission_open = dynamic_permission(ActionNeed('open')) assert permission_open.allows(identity_user_1) assert current_access.get_action_cache('open') == ( set([Need(method='id', value=1)]), set([]) ) # Test if user 4 can write. In this case, the cache should have this # new object and the previous one (Open is allowed to user_1) permission_write = dynamic_permission(ActionNeed('write')) assert permission_write.allows(identity_user_4) assert current_access.get_action_cache('write') == ( set([Need(method='id', value=4)]), set([]) ) assert current_access.get_action_cache('open') == ( set([Need(method='id', value=1)]), set([]) ) # If we add a new user to the action open, the open action in cache # should be removed but it should still containing the write entry. db.session.add(ActionUsers(action='open', user=user_2)) db.session.flush() assert current_access.get_action_cache('open') is None permission_open = dynamic_permission(ActionNeed('open')) assert permission_open.allows(identity_user_2) assert current_access.get_action_cache('open') == ( set([Need(method='id', value=1), Need(method='id', value=2)]), set([]) ) assert current_access.get_action_cache('write') == ( set([Need(method='id', value=4)]), set([]) ) # Test if the new user is added to the action 'open' permission_write = dynamic_permission(ActionNeed('write')) assert permission_write.allows(identity_user_4) assert current_access.get_action_cache('open') == ( set([Need(method='id', value=1), Need(method='id', value=2)]), set([]) ) assert current_access.get_action_cache('write') == ( set([Need(method='id', value=4)]), set([]) ) # If we update an action swapping a user, the cache containing the # action, should be removed. user_4_action_write = ActionUsers.query.filter( ActionUsers.action == 'write' and ActionUsers.user == user_4).first() user_4_action_write.user = user_3 db.session.flush() assert current_access.get_action_cache('write') is None assert current_access.get_action_cache('open') == ( set([Need(method='id', value=1), Need(method='id', value=2)]), set([]) ) # Test if the user_3 can now write. permission_write = dynamic_permission(ActionNeed('write')) assert not permission_write.allows(identity_user_4) permission_write = dynamic_permission(ActionNeed('write')) assert permission_write.allows(identity_user_3) assert current_access.get_action_cache('write') == ( set([Need(method='id', value=3)]), set([]) ) assert current_access.get_action_cache('open') == ( set([Need(method='id', value=1), Need(method='id', value=2)]), set([]) ) # If we remove a user from an action, the cache should clear the # action item. user_3_action_write = ActionUsers.query.filter( ActionUsers.action == 'write' and ActionUsers.user == user_3).first() db.session.delete(user_3_action_write) db.session.flush() assert current_access.get_action_cache('write') is None # If no one is allowed to perform an action then everybody is allowed. permission_write = dynamic_permission(ActionNeed('write')) assert permission_write.allows(identity_user_3) assert current_access.get_action_cache('write') == ( set([]), set([]) ) db.session.add(ActionUsers(action='write', user=user_5)) db.session.flush() permission_write = dynamic_permission(ActionNeed('write')) assert permission_write.allows(identity_user_5) permission_write = dynamic_permission(ActionNeed('write')) assert not permission_write.allows(identity_user_3) assert current_access.get_action_cache('write') == ( set([Need(method='id', value=5)]), set([]) ) assert current_access.get_action_cache('open') == ( set([Need(method='id', value=1), Need(method='id', value=2)]), set([]) ) # If you update the name of an existing action, the previous action # and the new action should be remove from cache. permission_write = dynamic_permission(ActionNeed('write')) assert permission_write.allows(identity_user_5) assert current_access.get_action_cache('write') == ( set([Need(method='id', value=5)]), set([]) ) assert current_access.get_action_cache('open') == ( set([Need(method='id', value=1), Need(method='id', value=2)]), set([]) ) user_5_action_write = ActionUsers.query.filter( ActionUsers.action == 'write' and ActionUsers.user == user_5).first() user_5_action_write.action = 'open' db.session.flush() assert current_access.get_action_cache('write') is None assert current_access.get_action_cache('open') is None permission_open = dynamic_permission(ActionNeed('open')) assert permission_open.allows(identity_user_1) assert current_access.get_action_cache('open') == ( set([Need(method='id', value=1), Need(method='id', value=2), Need(method='id', value=5)]), set([]) ) db.session.add(ActionUsers(action='write', user=user_4)) permission_write = dynamic_permission(ActionNeed('write')) assert not permission_write.allows(identity_user_5) assert current_access.get_action_cache('write') == ( set([Need(method='id', value=4)]), set([]) ) db.session.add(ActionUsers(action='open', argument='1', user=user_6)) db.session.flush() permission_open_1 = dynamic_permission( ParameterizedActionNeed('open', '1')) assert not permission_open.allows(identity_user_6) assert permission_open_1.allows(identity_user_6) assert current_access.get_action_cache('open::1') == ( set([Need(method='id', value=1), Need(method='id', value=2), Need(method='id', value=5), Need(method='id', value=6)]), set([]) ) user_6_action_open_1 = ActionUsers.query.filter_by( action='open', argument='1', user_id=user_6.id).first() user_6_action_open_1.argument = '2' db.session.flush() assert current_access.get_action_cache('open::1') is None assert current_access.get_action_cache('open::2') is None permission_open_2 = dynamic_permission( ParameterizedActionNeed('open', '2')) assert permission_open_2.allows(identity_user_6) assert current_access.get_action_cache('open::2') == ( set([Need(method='id', value=1), Need(method='id', value=2), Need(method='id', value=5), Need(method='id', value=6)]), set([]) ) # open action cache should remain as before assert current_access.get_action_cache('open') == ( set([Need(method='id', value=1), Need(method='id', value=2), Need(method='id', value=5)]), set([]) )
def simple(config, *args, **kwargs): defaults = dict(gen_defaults('threshold', **config)) defaults.update(kwargs) return SimpleCache(*args, **defaults)
"postgresql": "postgresql+psycopg2", "mysql": "mysql", "sqllite": "sqllite" } METADATA_DB_DEFAULT_PORTS = {"postgresql": 5432, "mysql": 3306} BROKER_PREFIXES = {"redis": "redis", "rabbitmq": "pyamqp"} BROKER_DEFAULT_PORTS = {"redis": 6379, "rabbitmq": 5672} SUPERSET_RESULTS_BACKENDS = { "simple": lambda: SimpleCache(threshold=get_env( "SUPERSET_SIMPLE_RESULTS_BACKEND_THRESHOLD", default=10, cast=int), default_timeout=get_env( "SUPERSET_SIMPLE_RESULTS_BACKEND_DEFAULT_TIMEOUT", default=300, cast=float)), "redis": lambda: RedisCache( host=get_env("SUPERSET_REDIS_RESULTS_BACKEND_HOST"), port=get_env( "SUPERSET_REDIS_RESULTS_BACKEND_PORT", default=6379, cast=int), password=get_env("SUPERSET_REDIS_RESULTS_BACKEND_PASSWORD"), key_prefix=get_env("SUPERSET_REDIS_RESULTS_BACKEND_KEY_PREFIX", default="superset_results"), db=get_env("SUPERSET_REDIS_RESULTS_BACKEND_DB", default=0, cast=int), default_timeout=get_env( "SUPERSET_REDIS_RESULTS_BACKEND_DEFAULT_TIMEOUT", default=300, cast=float)),
def _factory(self, *args, **kwargs): return SimpleCache(*args, **kwargs)
def simple(app, config, args, kwargs): kwargs.update(dict(threshold=config['CACHE_THRESHOLD'])) return SimpleCache(*args, **kwargs)
# (c) 2009 Haoyu Bai (http://gaedav.google.com/). """ Implement cache mechanism. """ import logging import threading from builtins import object from cachelib import MemcachedCache, RedisCache, SimpleCache try: memcache3 = MemcachedCache() # memcache3 = RedisCache() except Exception as e: logging.info(e) memcache3 = SimpleCache() memcache3._stats = { "byte_hits": 0, "bytes": 0, "hits": 0, "items": 0, "misses": 0, "oldest_item_age": 0, # keep track of operations other than get (= hits + misses) "set": 0, "set_multi": 0, "delete": 0, "get_list": 0, "set_list": 0, "del_list": 0,
def test_invenio_access_permission_cache_roles_updates( app, dynamic_permission ): """Testing ActionRoles cache with inserts/updates/deletes.""" # This test case is doing the same of user test case but using roles. cache = SimpleCache() InvenioAccess(app, cache=cache) with app.test_request_context(): # Creation of some data to test. role_1 = Role(name='role_1') role_2 = Role(name='role_2') role_3 = Role(name='role_3') role_4 = Role(name='role_4') role_5 = Role(name='role_5') role_6 = Role(name='role_6') db.session.add(role_1) db.session.add(role_2) db.session.add(role_3) db.session.add(role_4) db.session.add(role_5) db.session.add(role_6) db.session.add(ActionRoles(action='open', role=role_1)) db.session.add(ActionRoles(action='write', role=role_4)) db.session.flush() # Creation of identities to test. identity_fake_role_1 = FakeIdentity(RoleNeed(role_1.name)) identity_fake_role_2 = FakeIdentity(RoleNeed(role_2.name)) identity_fake_role_3 = FakeIdentity(RoleNeed(role_3.name)) identity_fake_role_4 = FakeIdentity(RoleNeed(role_4.name)) identity_fake_role_5 = FakeIdentity(RoleNeed(role_5.name)) identity_fake_role_6 = FakeIdentity(RoleNeed(role_6.name)) # Test if role 1 can open. In this case, the cache should store only # this object. permission_open = dynamic_permission(ActionNeed('open')) assert permission_open.allows(identity_fake_role_1) assert current_access.get_action_cache('open') == ( set([Need(method='role', value=role_1.name)]), set([]) ) # Test if role 4 can write. In this case, the cache should have this # new object and the previous one (Open is allowed to role_1) permission_write = dynamic_permission(ActionNeed('write')) assert permission_write.allows(identity_fake_role_4) assert current_access.get_action_cache('write') == ( set([Need(method='role', value=role_4.name)]), set([]) ) assert current_access.get_action_cache('open') == ( set([Need(method='role', value=role_1.name)]), set([]) ) # If we add a new role to the action open, the open action in cache # should be removed but it should still containing the write entry. db.session.add(ActionRoles(action='open', role=role_2)) db.session.flush() assert current_access.get_action_cache('open') is None permission_open = dynamic_permission(ActionNeed('open')) assert permission_open.allows(identity_fake_role_2) assert current_access.get_action_cache('open') == ( set([Need(method='role', value=role_1.name), Need(method='role', value=role_2.name)]), set([]) ) assert current_access.get_action_cache('write') == ( set([Need(method='role', value=role_4.name)]), set([]) ) # Test if the new role is added to the action 'open' permission_write = dynamic_permission(ActionNeed('write')) assert permission_write.allows(identity_fake_role_4) assert current_access.get_action_cache('open') == ( set([Need(method='role', value=role_1.name), Need(method='role', value=role_2.name)]), set([]) ) assert current_access.get_action_cache('write') == ( set([Need(method='role', value=role_4.name)]), set([]) ) # If we update an action swapping a role, the cache containing the # action, should be removed. role_4_action_write = ActionRoles.query.filter( ActionRoles.action == 'write' and ActionRoles.role == role_4).first() role_4_action_write.role = role_3 db.session.flush() assert current_access.get_action_cache('write') is None assert current_access.get_action_cache('open') is not None assert current_access.get_action_cache('open') == ( set([Need(method='role', value=role_1.name), Need(method='role', value=role_2.name)]), set([]) ) # Test if the role_3 can write now. permission_write = dynamic_permission(ActionNeed('write')) assert not permission_write.allows(identity_fake_role_4) permission_write = dynamic_permission(ActionNeed('write')) assert permission_write.allows(identity_fake_role_3) assert current_access.get_action_cache('write') == ( set([Need(method='role', value=role_3.name)]), set([]) ) assert current_access.get_action_cache('open') == ( set([Need(method='role', value=role_1.name), Need(method='role', value=role_2.name)]), set([]) ) # If we remove a role from an action, the cache should clear the # action item. role_3_action_write = ActionRoles.query.filter( ActionRoles.action == 'write' and ActionRoles.role == role_3).first() db.session.delete(role_3_action_write) db.session.flush() assert current_access.get_action_cache('write') is None # If no one is allowed to perform an action then everybody is allowed. permission_write = dynamic_permission(ActionNeed('write')) assert permission_write.allows(identity_fake_role_3) assert current_access.get_action_cache('write') == ( set([]), set([]) ) db.session.add(ActionRoles(action='write', role=role_5)) db.session.flush() permission_write = dynamic_permission(ActionNeed('write')) assert permission_write.allows(identity_fake_role_5) permission_write = dynamic_permission(ActionNeed('write')) assert not permission_write.allows(identity_fake_role_3) assert current_access.get_action_cache('write') == ( set([Need(method='role', value=role_5.name)]), set([]) ) assert current_access.get_action_cache('open') == ( set([Need(method='role', value=role_1.name), Need(method='role', value=role_2.name)]), set([]) ) # If you update the name of an existing action, the previous action # and the new action should be remove from cache. permission_write = dynamic_permission(ActionNeed('write')) assert permission_write.allows(identity_fake_role_5) assert current_access.get_action_cache('write') == ( set([Need(method='role', value=role_5.name)]), set([]) ) assert current_access.get_action_cache('open') == ( set([Need(method='role', value=role_1.name), Need(method='role', value=role_2.name)]), set([]) ) role_5_action_write = ActionRoles.query.filter( ActionRoles.action == 'write' and ActionRoles.role == role_5).first() role_5_action_write.action = 'open' db.session.flush() assert current_access.get_action_cache('write') is None assert current_access.get_action_cache('open') is None permission_open = dynamic_permission(ActionNeed('open')) assert permission_open.allows(identity_fake_role_1) assert current_access.get_action_cache('open') == ( set([Need(method='role', value=role_1.name), Need(method='role', value=role_2.name), Need(method='role', value=role_5.name)]), set([]) ) db.session.add(ActionRoles(action='write', role=role_4)) permission_write = dynamic_permission(ActionNeed('write')) assert not permission_write.allows(identity_fake_role_5) assert current_access.get_action_cache('write') == ( set([Need(method='role', value=role_4.name)]), set([]) ) db.session.add(ActionRoles(action='open', argument='1', role=role_6)) db.session.flush() permission_open_1 = dynamic_permission( ParameterizedActionNeed('open', '1')) assert not permission_open.allows(identity_fake_role_6) assert permission_open_1.allows(identity_fake_role_6) assert current_access.get_action_cache('open::1') == ( set([Need(method='role', value=role_1.name), Need(method='role', value=role_2.name), Need(method='role', value=role_5.name), Need(method='role', value=role_6.name)]), set([]) ) user_6_action_open_1 = ActionRoles.query.filter_by( action='open', argument='1', role_id=role_6.id).first() user_6_action_open_1.argument = '2' db.session.flush() assert current_access.get_action_cache('open::1') is None assert current_access.get_action_cache('open::2') is None permission_open_2 = dynamic_permission( ParameterizedActionNeed('open', '2')) assert permission_open_2.allows(identity_fake_role_6) assert current_access.get_action_cache('open::2') == ( set([Need(method='role', value=role_1.name), Need(method='role', value=role_2.name), Need(method='role', value=role_5.name), Need(method='role', value=role_6.name)]), set([]) ) # open action cache should remain as before assert current_access.get_action_cache('open') == ( set([Need(method='role', value=role_1.name), Need(method='role', value=role_2.name), Need(method='role', value=role_5.name)]), set([]) )
CACHE : Cache """ CACHE_DEFAULT_TIMEOUT = 60 * 24 * 7 """ Cache responses timeout. CACHE_DEFAULT_TIMEOUT : int """ CACHE.init_app(APP) APP.config.update( COMPRESS_LEVEL=3, COMPRESS_CACHE_KEY=lambda x: x.full_path, COMPRESS_CACHE_BACKEND=lambda: SimpleCache(default_timeout= # noqa CACHE_DEFAULT_TIMEOUT), ) Compress(APP) IMAGES_DIRECTORY = os.path.join(os.getcwd(), 'static', 'images') """ Images directory. IMAGES_DIRECTORY : unicode """ def _null_to_None(data): """ Converts *Javascript* originated *null* and *undefined* strings
def test_invenio_access_permission_cache_system_roles_updates( app, dynamic_permission ): """Testing ActionSystemRoles cache with inserts/updates/deletes.""" # This test case is doing the same of user test case but using # system roles. cache = SimpleCache() InvenioAccess(app, cache=cache) with app.test_request_context(): system_role_1 = SystemRoleNeed('system_role_1') system_role_2 = SystemRoleNeed('system_role_2') system_role_3 = SystemRoleNeed('system_role_3') system_role_4 = SystemRoleNeed('system_role_4') system_role_5 = SystemRoleNeed('system_role_5') system_role_6 = SystemRoleNeed('system_role_6') current_access.system_roles = { 'system_role_1': system_role_1, 'system_role_2': system_role_2, 'system_role_3': system_role_3, 'system_role_4': system_role_4, 'system_role_5': system_role_5, 'system_role_6': system_role_6, } # Creation of some data to test. db.session.add(ActionSystemRoles(action='open', role_name=system_role_1.value)) db.session.add(ActionSystemRoles(action='write', role_name=system_role_4.value)) db.session.flush() # Creation of identities to test. identity_fake_1 = FakeIdentity(system_role_1) identity_fake_2 = FakeIdentity(system_role_2) identity_fake_3 = FakeIdentity(system_role_3) identity_fake_4 = FakeIdentity(system_role_4) identity_fake_5 = FakeIdentity(system_role_5) identity_fake_6 = FakeIdentity(system_role_6) # Test if system_role_1 can open. In this case, the cache should store # only this object. permission_open = dynamic_permission(ActionNeed('open')) assert permission_open.allows(identity_fake_1) assert current_access.get_action_cache('open') == ( set([system_role_1]), set([]) ) # Test if system_role_2 can write. In this case, the cache should # have this new object and the previous one (Open is allowed to # system_role_1) permission_write = dynamic_permission(ActionNeed('write')) assert permission_write.allows(identity_fake_4) assert current_access.get_action_cache('write') == ( set([system_role_4]), set([]) ) assert current_access.get_action_cache('open') == ( set([system_role_1]), set([]) ) # If we add a new system role to the action open, the open action in # cache should be removed but it should still containing the write # entry. db.session.add(ActionSystemRoles(action='open', role_name=system_role_2.value)) db.session.flush() assert current_access.get_action_cache('open') is None permission_open = dynamic_permission(ActionNeed('open')) assert permission_open.allows(identity_fake_2) assert current_access.get_action_cache('open') == ( set([system_role_1, system_role_2]), set([]) ) assert current_access.get_action_cache('write') == ( set([system_role_4]), set([]) ) # Test if the new role is added to the action 'open' permission_write = dynamic_permission(ActionNeed('write')) assert permission_write.allows(identity_fake_4) assert current_access.get_action_cache('open') == ( set([system_role_1, system_role_2]), set([]) ) assert current_access.get_action_cache('write') == ( set([system_role_4]), set([]) ) # If we update an action swapping a role, the cache containing the # action, should be removed. role_4_action_write = ActionSystemRoles.query.filter( ActionSystemRoles.action == 'write' and ActionSystemRoles.role_name == system_role_4.value).first() role_4_action_write.role_name = system_role_3.value db.session.flush() assert current_access.get_action_cache('write') is None assert current_access.get_action_cache('open') is not None assert current_access.get_action_cache('open') == ( set([system_role_1, system_role_2]), set([]) ) # Test if the system_role_3 can write now. permission_write = dynamic_permission(ActionNeed('write')) assert not permission_write.allows(identity_fake_4) permission_write = dynamic_permission(ActionNeed('write')) assert permission_write.allows(identity_fake_3) assert current_access.get_action_cache('write') == ( set([system_role_3]), set([]) ) assert current_access.get_action_cache('open') == ( set([system_role_1, system_role_2]), set([]) ) # If we remove a role from an action, the cache should clear the # action item. cust_action_write = ActionSystemRoles.query.filter( ActionSystemRoles.action == 'write' and ActionSystemRoles.role_name == system_role_3).first() db.session.delete(cust_action_write) db.session.flush() assert current_access.get_action_cache('write') is None # If no one is allowed to perform an action then everybody is allowed. permission_write = dynamic_permission(ActionNeed('write')) assert permission_write.allows(identity_fake_3) assert current_access.get_action_cache('write') == ( set([]), set([]) ) db.session.add(ActionSystemRoles(action='write', role_name=system_role_5.value)) db.session.flush() permission_write = dynamic_permission(ActionNeed('write')) assert permission_write.allows(identity_fake_5) permission_write = dynamic_permission(ActionNeed('write')) assert not permission_write.allows(identity_fake_3) assert current_access.get_action_cache('write') == ( set([system_role_5]), set([]) ) assert current_access.get_action_cache('open') == ( set([system_role_1, system_role_2]), set([]) ) # If you update the name of an existing action, the previous action # and the new action should be remove from cache. permission_write = dynamic_permission(ActionNeed('write')) assert permission_write.allows(identity_fake_5) assert current_access.get_action_cache('write') == ( set([system_role_5]), set([]) ) assert current_access.get_action_cache('open') == ( set([system_role_1, system_role_2]), set([]) ) role_5_action_write = ActionSystemRoles.query.filter( ActionSystemRoles.action == 'write' and ActionSystemRoles.role_name == system_role_5.value).first() role_5_action_write.action = 'open' db.session.flush() assert current_access.get_action_cache('write') is None assert current_access.get_action_cache('open') is None permission_open = dynamic_permission(ActionNeed('open')) assert permission_open.allows(identity_fake_1) assert current_access.get_action_cache('open') == ( set([system_role_1, system_role_2, system_role_5]), set([]) ) db.session.add(ActionSystemRoles(action='write', role_name=system_role_4.value)) permission_write = dynamic_permission(ActionNeed('write')) assert not permission_write.allows(identity_fake_5) assert current_access.get_action_cache('write') == ( set([system_role_4]), set([]) ) db.session.add(ActionSystemRoles(action='open', argument='1', role_name=system_role_6.value)) db.session.flush() permission_open_1 = dynamic_permission( ParameterizedActionNeed('open', '1')) assert not permission_open.allows(identity_fake_6) assert permission_open_1.allows(identity_fake_6) assert current_access.get_action_cache('open::1') == ( set([system_role_1, system_role_2, system_role_5, system_role_6]), set([]) ) user_6_action_open_1 = ActionSystemRoles.query.filter_by( action='open', argument='1', role_name=system_role_6.value).first() user_6_action_open_1.argument = '2' db.session.flush() assert current_access.get_action_cache('open::1') is None assert current_access.get_action_cache('open::2') is None permission_open_2 = dynamic_permission( ParameterizedActionNeed('open', '2')) assert permission_open_2.allows(identity_fake_6) assert current_access.get_action_cache('open::2') == ( set([system_role_1, system_role_2, system_role_5, system_role_6]), set([]) ) # open action cache should remain as before assert current_access.get_action_cache('open') == ( set([system_role_1, system_role_2, system_role_5]), set([]) )
def init_app(self, app): """Initialize this extension. if the config['JWT_OIDC_WELL_KNOWN_CONFIG'] is set, then try to load the JWKS_URI & ISSUER from that If it is not set attempt to load the JWKS_URI and ISSUE from the application config Required settings to function: WELL_KNOWN_CONFIG (optional) is this is set, the JWKS_URI & ISSUER will be loaded from there JWKS_URI: the endpoint defined for the jwks_keys ISSUER: the endpoint for the issuer of the tokens ALGORITHMS: only RS256 is supported AUDIENCE: the oidc audience (or API_IDENTIFIER) CLIENT_SECRET: the shared secret / key assigned to the client (audience) """ self.app = app self.jwt_oidc_test_mode = app.config.get('JWT_OIDC_TEST_MODE', None) # # CHECK IF WE"RE RUNNING IN TEST_MODE!! # if self.jwt_oidc_test_mode: app.logger.debug( 'JWT MANAGER running in test mode, using locally defined certs & tokens' ) self.issuer = app.config.get('JWT_OIDC_TEST_ISSUER', 'localhost.localdomain') self.jwt_oidc_test_keys = app.config.get('JWT_OIDC_TEST_KEYS', None) self.audience = app.config.get('JWT_OIDC_TEST_AUDIENCE', None) self.client_secret = app.config.get('JWT_OIDC_TEST_CLIENT_SECRET', None) self.jwt_oidc_test_private_key_pem = app.config.get( 'JWT_OIDC_TEST_PRIVATE_KEY_PEM', None) if self.jwt_oidc_test_keys: app.logger.debug('local key being used: {}'.format( self.jwt_oidc_test_keys)) else: app.logger.error( 'Attempting to run JWT Manager with no local key assigned') raise Exception( 'Attempting to run JWT Manager with no local key assigned') else: self.algorithms = app.config.get( 'JWT_OIDC_ALGORITHMS', JwtManager.ALGORITHMS).replace(' ', '')\ .split(',') # If the WELL_KNOWN_CONFIG is set, then go fetch the JWKS & ISSUER self.well_known_config = app.config.get( 'JWT_OIDC_WELL_KNOWN_CONFIG', None) if self.well_known_config: # try to get the jwks & issuer from the well known config # jurl = urlopen(url=self.well_known_config, context=ssl.SSLContext()) # for gangster testing jurl = urlopen(url=self.well_known_config) self.well_known_obj_cache = json.loads( jurl.read().decode('utf-8')) self.jwks_uri = self.well_known_obj_cache['jwks_uri'] self.issuer = self.well_known_obj_cache['issuer'] else: self.jwks_uri = app.config.get('JWT_OIDC_JWKS_URI', None) self.issuer = app.config.get('JWT_OIDC_ISSUER', None) # Setup JWKS caching self.caching_enabled = app.config.get('JWT_OIDC_CACHING_ENABLED', False) if self.caching_enabled: self.cache = SimpleCache(default_timeout=app.config.get( 'JWT_OIDC_JWKS_CACHE_TIMEOUT', 300)) self.audience = app.config.get('JWT_OIDC_AUDIENCE', None) self.client_secret = app.config.get('JWT_OIDC_CLIENT_SECRET', None) app.logger.debug('JWKS_URI: {}'.format(self.jwks_uri)) app.logger.debug('ISSUER: {}'.format(self.issuer)) app.logger.debug('ALGORITHMS: {}'.format(self.algorithms)) app.logger.debug('AUDIENCE: {}'.format(self.audience)) app.logger.debug('CLIENT_SECRET: {}'.format(self.client_secret)) app.logger.debug('JWT_OIDC_TEST_MODE: {}'.format( self.jwt_oidc_test_mode)) app.logger.debug('JWT_OIDC_TEST_KEYS: {}'.format( self.jwt_oidc_test_keys)) # set the auth error handler auth_err_handler = app.config.get('JWT_OIDC_AUTH_ERROR_HANDLER', JwtManager.handle_auth_error) app.register_error_handler(AuthError, auth_err_handler) app.teardown_appcontext(self.teardown)
def create_cache_list(request, tmpdir): mc = MemcachedCache() mc._client.flush_all() rc = RedisCache(port=6360) rc._client.flushdb() request.cls.cache_list = [FileSystemCache(tmpdir), mc, rc, SimpleCache()]
UnsubscribeConfirmation = 'UnsubscribeConfirmation' class InvalidMessageTypeException(Exception): pass def verify_message_type(message_type: str): try: SNSMessageType(message_type) except ValueError: raise InvalidMessageTypeException( f'{message_type} is not a valid message type.') certificate_cache = SimpleCache() def get_certificate(url): res = certificate_cache.get(url) if res is not None: return res res = requests.get(url).content certificate_cache.set(url, res, timeout=60 * 60) # 60 minutes return res # 400 counts as a permanent failure so SNS will not retry. # 500 counts as a failed delivery attempt so SNS will retry. # See https://docs.aws.amazon.com/sns/latest/dg/DeliveryPolicies.html#DeliveryPolicies @ses_callback_blueprint.route('/notifications/email/ses', methods=['POST'])
from cachelib import SimpleCache from werkzeug.urls import url_encode from discodop import treebank from discodop.tree import (Tree, DrawTree, DrawDependencies, writediscbrackettree) from discodop.parser import Parser, readparam, readgrammars, probstr from discodop.util import tokenize logging.basicConfig(format='%(asctime)s %(message)s', datefmt='%Y-%m-%d %H:%M:%S', level=logging.DEBUG) APP = Flask(__name__) LOG = APP.logger LIMIT = 40 # maximum sentence length CACHE = SimpleCache() PARSERS = {} SHOWFUNC = True # show function tags in results SHOWMORPH = True # show morphological features in results # POS tagged input is tokenized, and every token is of the form "word/POS" # POS may be empty. POSTAGS = re.compile(r'^\s*(?:\S+/\S*)(?:\s+\S+/\S*)*\s*$') @APP.route('/') def main(): """Redirect to main page.""" return redirect(url_for('index')) @APP.route('/parser/')
import os import sys import json import time import copy import uuid import threading import requests import docopt from flask import Flask, render_template, request, send_from_directory, make_response from cachelib import SimpleCache from htmlmin.minify import html_minify cache = SimpleCache() app = Flask(__name__, static_url_path="/static") def update_data(): try: print("==> Updating team data ...") try: r = requests.get("https://slack.com/api/team.info", params={"token": app.config["token"]}) j = r.json() assert j["ok"] except: print(" !!! Failed to update team data.") else: team = j["team"]
COLOURSPACE_MODEL : unicode **{'CAM02LCD', 'CAM02SCD', 'CAM02UCS', 'CAM16LCD', 'CAM16SCD', 'CAM16UCS', 'CIE XYZ', 'CIE xyY', 'CIE Lab', 'CIE Luv', 'CIE UCS', 'CIE UVW', 'DIN 99', 'Hunter Lab', 'Hunter Rdab', 'ICTCP', 'IGPGTG', 'IPT', 'JzAzBz', 'OSA UCS', 'hdr-CIELAB', 'hdr-IPT'}** """ DATA_POINTER_GAMUT = Lab_to_XYZ(LCHab_to_Lab(DATA_POINTER_GAMUT_VOLUME), CCS_ILLUMINANT_POINTER_GAMUT) """ Pointer's Gamut data converted to *CIE XYZ* tristimulus values. DATA_POINTER_GAMUT : ndarray """ IMAGE_CACHE = SimpleCache(default_timeout=60 * 24 * 7) """ Server side cache for images. IMAGE_CACHE : SimpleCache """ def load_image(path, decoding_cctf='sRGB'): """ Loads the image at given path and caches it in `IMAGE_CACHE` cache. If the image is already cached, it is returned directly. Parameters ---------- path : unicode