def get_response(wsgi_request):
'''
Given a WSGI request, makes a call to a corresponding view
function and returns the response.
'''
# Get the view / handler for this request
view, args, kwargs = resolve(wsgi_request.path_info)
# Let the view do his task.
try:
resp = view(wsgi_request, *args, **kwargs)
except Exception as exc:
resp = HttpResponseServerError(content=exc.message)
headers = dict(resp._headers.values())
reason_phrase = getattr(resp, 'reason_phrase', '') or getattr(resp, 'status_text', '')
# Convert HTTP response into simple dict type.
d_resp = {"status_code": resp.status_code, "reason_phrase": reason_phrase,
"headers": headers}
try:
d_resp.update({"body": resp.content})
except ContentNotRenderedError:
resp.render()
d_resp.update({"body": resp.content})
return d_resp
def __call__(self, request, **kwargs):
self._start_time = time.time()
self.__parse_account(request)
self.message = None
response = HttpResponseServerError('Unreachable response')
authorize_response = self.validate_request(request)
if authorize_response:
response = authorize_response
else:
try:
response = self.dispatch(request, self, **kwargs)
except HttpMethodNotAllowed:
response = HttpResponseNotAllowed(self.permitted_methods)
response.mimetype = self.mimetype
except Http404:
response = HttpResponseNotFound()
except Exception:
self.logger.exception('Unexpected error while processing request')
self.error_logger.exception('Unexpected error while processing request')
response = HttpResponseServerError('Unexpected error')
elapsed_time = time.time() - self._start_time
if self.message is None:
self.message = response.content[:120]
self.executing = False
self.logger.info('[%d] in %.3fs for [%s %s] : %s', response.status_code, elapsed_time, request.method, request.path, self.message)
self.executing = True
return response
def __init__(self, text, with_trace=False):
if with_trace:
trace = [ (i[:i.index(',')], i[i.index(','):]) for i in traceback.format_stack()]
trace = "<br>".join( ["%s<small>%s</small>"%(a,b) for a,b in trace] )
text = "%s. Please notify the developer."%text
content = template %("Server Error", text, trace)
else:
content = template %("Server Error", text, '')
HttpResponseServerError.__init__(self, content)
def server_error(request):
try:
template = loader.get_template('500.html')
except TemplateDoesNotExist:
return HttpResponseServerError('<h1>Server Error (500)</h1>', content_type='text/html')
r = HttpResponseServerError(template.render({
'request': request,
'sentry_event_id': last_event_id(),
}))
r.xframe_options_exempt = True
return r
def process_exception(self, request, exception):
logger = logging.getLogger('yeti.taxii_services.middleware.ProcessExceptionMiddleware.process_exception')
logger.exception('Server error occured')
if request.path.startswith('/services'):
logger.debug('Returning ST_FAILURE message')
m = tm.StatusMessage(tm.generate_message_id(), '0', status_type=tm.ST_FAILURE, message='An internal server error occurred')
return handlers.create_taxii_response(m, handlers.HTTP_STATUS_OK, use_https=request.is_secure())
resp = HttpResponseServerError()
resp.body = 'A server error occurred'
return resp
def json_response(function=None, *args, **kwargs):
try:
response = function(*args, **kwargs)
except Exception as e:
error = {
'error': {
'message': unicode(e)
}
}
response = HttpResponseServerError()
response.content = json.dumps(error, separators=(',', ':'))
response['Content-Type'] = 'application/json'
return response
def error_response( error_code, error_message, error_class, error_dict = None):
resp_dict = {}
# response = HttpResponse()
response = HttpResponseServerError()
resp_dict['error code'] = error_code
resp_dict['error message'] = error_message
resp_dict['error class'] = error_class
# if error_code == 500:
# response.status_code = error_code
if error_dict:
error_dict = ErrorDict(error_dict)
resp_dict['error message'] += '\n%s'%error_dict.as_text()
logger.debug('resp_dict%s' %resp_dict)
response.write(json.dumps(resp_dict))
logger.debug('response.content %s' %response.content)
return response
def render_to_response(self, context, **kwargs):
encoding = self.get_encoding()
context['encoding'] = encoding.upper()
buffer = StringIO()
html = render_to_string(self.get_template_names()[0], context)
pdf = pisa.CreatePDF(StringIO(html.encode(encoding)), buffer,
show_error_as_pdf=True, encoding=encoding,
link_callback=fetch_resources)
if pdf.err:
response = HttpResponseServerError(
'Got %s errors trying to convert to pdf.' % pdf.err
)
else:
response = HttpResponse(mimetype='application/pdf')
response['Content-Disposition'] = \
'attachment; filename=%s' % self.get_output_filename()
response.write(buffer.getvalue())
buffer.close()
return response
return TemplateResponse(req, 'zato/service/invoker.html', return_data)
@method_allowed('POST')
def invoke(req, name, cluster_id):
""" Executes a service directly, even if it isn't exposed through any channel.
"""
try:
input_dict = {}
for attr in ('payload', 'data_format', 'transport'):
input_dict[attr] = req.POST.get(attr, '')
input_dict['to_json'] = True if input_dict.get(
'data_format') == DATA_FORMAT.JSON else False
response = req.zato.client.invoke(name, **input_dict)
except Exception, e:
msg = 'Could not invoke the service. name:[{}], cluster_id:[{}], e:[{}]'.format(
name, cluster_id, format_exc(e))
logger.error(msg)
return HttpResponseServerError(msg)
else:
try:
if response.ok:
return HttpResponse(response.inner_service_response
or '(None)')
else:
return HttpResponseServerError(response.details)
except Exception, e:
return HttpResponseServerError(format_exc(e))
adv_status=adv_status,
status_message=status_message)
# Create the mdn response body and return the MDN to the http request
if mdn_body:
mdn_response = HttpResponse(mdn_body, content_type=mdn_message.get_content_type())
for key, value in mdn_message.items():
mdn_response[key] = value
return mdn_response
else:
return HttpResponse(_(u'AS2 message has been received'))
# Catch all exception in case of any kind of error in the system.
except Exception:
txt = traceback.format_exc(None).decode('utf-8', 'ignore')
report_txt = _(u'Fatal error while processing message %(msg)s, '
u'error:\n%(txt)s') % {'txt': txt, 'msg': request.META.get('HTTP_MESSAGE_ID').strip('<>')}
pyas2init.logger.error(report_txt)
return HttpResponseServerError(report_txt)
# Send mail here
# mail_managers(_(u'[pyAS2 Error Report] Fatal
# error%(time)s')%{'time':request.META.get('HTTP_DATE')}, reporttxt)
elif request.method == 'GET':
return HttpResponse(_('To submit an AS2 message, you must POST the message to this URL '))
elif request.method == 'OPTIONS':
response = HttpResponse()
response['allow'] = ','.join(['POST', 'GET'])
return response
def view_500(request):
response = HttpResponseServerError()
template = loader.get_template('500.html')
response.write(template.render(RequestContext(request)))
return response
def log_in(request, token_name=None, token=None, proxy_app_id=None):
""" Handle authentication in Vulture Portal
:param request: Django request object
:returns: Home page if user auth succeed. Logon page if auth failed
"""
cluster = Cluster.objects.get()
""" Check if URI arguments are valid """
if token_name and token_name != cluster.getTokenName():
logger.info("PORTAL::Authentication: Invalid token in URI " + str(token_name) + '/' + str(token))
return HttpResponseForbidden()
authentication_classes = {'form':POSTAuthentication, 'basic':BASICAuthentication, 'kerberos':KERBEROSAuthentication}
""" Retrieve token and cookies to instantiate Redis wrapper objects """
# Retrieve cookies required for authentication
portal_cookie_name = cluster.getPortalCookie()
portal_cookie = request.COOKIES.get(portal_cookie_name, None)
app_cookie = request.COOKIES.get(cluster.getAppCookie(), None)
try:
# Instantiate authentication object to retrieve application auth_type
authentication = Authentication(token_name, token, app_cookie, portal_cookie)
# And then instantiate the right authentication class with auth_type ('form','basic','kerberos')
authentication = authentication_classes[authentication.application.auth_type](token_name, token, app_cookie, portal_cookie)
logger.debug("PORTAL::log_in: Authentication successfully created")
# Application does not need authentication
except RedirectionNeededError as e:
logger.error("PORTAL::log_in: {}".format(str(e)))
return HttpResponseRedirect(e.redirect_url)
# Redis connection error
except RedisConnectionError as e:
logger.error("PORTAL::log_in: Unable to connect to Redis server : {}".format(str(e)))
return HttpResponseServerError()
# Token not found while instantiating RedisSession or RedisAppSession
except TokenNotFoundError as e:
logger.error("PORTAL::log_in: {}".format(str(e)))
try:
# Retrieve application object to redirect to application default uri
application = Application.objects(id=ObjectId(proxy_app_id)).only('listeners', 'public_name', 'public_dir').first()
return HttpResponseRedirect(application.get_redirect_uri())
# If "proxy_app_id" not found : FORBIDDEN
except (Application.DoesNotExist, InvalidId, ValidationError) as e:
logger.error("PORTAL::log_in: Application with id '{}' not found : {}".format(proxy_app_id, str(e)))
return HttpResponseForbidden()
# If redis_session.keys['application_id'] does not exists : FORBIDDEN
except (Application.DoesNotExist, ValidationError, InvalidId) as e:
logger.error("PORTAL::log_in: Application with id '{}' not found".format(authentication.redis_session.keys['application_id']))
return HttpResponseForbidden()
# If assertionError : Ask credentials by portal
except AssertionError as e:
logger.error("PORTAL::log_in: AssertionError while trying to create Authentication : ".format(e))
return authentication.ask_credentials_response(request=request)
""" If user is not authenticated : try to retrieve credentials and authenticate him on backend/fallback-backends """
# If the user is not authenticated and application need authentication
if not authentication.is_authenticated():
try:
backend_id = authentication.authenticate_on_backend()
if not backend_id:
# Retrieve credentials
authentication.retrieve_credentials(request)
logger.debug("PORTAL::log_in: Credentials successfully retrieved")
# Authenticate user with credentials retrieven
authentication_results = authentication.authenticate(request)
logger.debug("PORTAL::log_in: Authentication succeed on backend {}".format(authentication.backend_id))
# Register authentication results in Redis
app_cookie, portal_cookie, oauth2_token = authentication.register_user(authentication_results)
logger.debug("PORTAL::log_in: User {} successfully registered in Redis".format(authentication.credentials[0]))
if authentication_results['data'].get('password_expired', None):
logger.info("PORTAL::log_in: User '{}' must change its password, redirect to self-service portal".format(authentication.credentials[0]))
app_url = authentication.get_url_portal()
return response_redirect_with_portal_cookie(app_url+str(token_name)+'/self/change', portal_cookie_name, portal_cookie, app_url.startswith('https'), None)
# If the user is already authenticated (retrieven with RedisPortalSession ) => SSO
else:
app_cookie, portal_cookie, oauth2_token = authentication.register_sso(backend_id)
logger.info("PORTAL::log_in: User {} successfully SSO-powered !".format(authentication.credentials[0]))
except AssertionError as e:
logger.error("PORTAL::log_in: Bad captcha taped for username '{}' : {}".format(authentication.credentials[0], e))
return authentication.ask_credentials_response(request=request, error="Bad captcha")
except AccountLocked as e:
logger.error("PORTAL::log_in: Error while trying to authenticate user '{}' : {}".format(authentication.credentials[0], e))
return authentication.ask_credentials_response(request=request, error="Bad credentials")
except AuthenticationError as e:
logger.error("PORTAL::log_in: AuthenticationError while trying to authenticate user '{}' : {}".format(authentication.credentials[0], e))
return authentication.ask_credentials_response(request=request, error="Bad credentials")
except ACLError as e:
logger.error("PORTAL::log_in: ACLError while trying to authenticate user '{}' : {}".format(authentication.credentials[0], e))
return authentication.ask_credentials_response(request=request, error="Bad credentials")
except (DBAPIError, PyMongoError, LDAPError) as e:
logger.error("PORTAL::log_in: Repository driver Error while trying to authentication user '{}' : {}".format(authentication.credentials[0], e))
return authentication.ask_credentials_response(request=request, error="Bad credentials")
except (MultiValueDictKeyError, AttributeError, KeyError) as e:
#vltprtlsrnm is always empty during the initial redirection. Don't log that
logger.debug("PORTAL::log_in: Error while trying to authentication user '{}' : {}".format(authentication.credentials[0], e))
return authentication.ask_credentials_response(request=request)
except REDISWriteError as e:
logger.error("PORTAL::log_in: RedisWriteError while trying to register user '{}' informations : {}".format(authentication.credentials[0], e))
return HttpResponseServerError()
except Exception as e:
logger.exception(e)
return HttpResponseServerError()
""" If user is not double-authenticated and double-authentication needed : try to retrieve credentials and authenticate him on otp-backend """
# If the user is authenticated but not double-authenticated and double-authentication required
if authentication.double_authentication_required():
logger.info("PORTAL::log_in: Double authentication required for user '{}'".format(authentication.credentials[0]))
try:
# Instantiate DOUBLEAuthentication object
db_authentication = DOUBLEAuthentication(cluster.getTokenName(), token, app_cookie, portal_cookie)
logger.debug("PORTAL::log_in: DoubleAuthentication successfully created")
# And try to retrieve credentials
db_authentication.retrieve_credentials(request)
logger.debug("PORTAL::log_in: DoubleAuthentication credentials successfully retrieven")
# And use them to authenticate user
db_authentication.authenticate(request)
logger.info("PORTAL::log_in: User '{}' successfully double authenticated".format(authentication.credentials[0]))
except AssertionError as e:
""" If redis_portal_session does not exists or can't retrieve otp key in redis """
logger.error("PORTAL::log_in: DoubleAuthentication failure for username '{}' : {}".format(authentication.credentials[0], str(e)))
return authentication.ask_credentials_response(request=request, portal_cookie_name=portal_cookie_name, error="Portal cookie expired")
except (Application.DoesNotExist, ValidationError, InvalidId) as e:
""" Invalid POST 'vulture_two_factors_authentication' value """
logger.error("PORTAL::log_in: Double-authentication failure for username {} : {}".format(authentication.credentials[0], str(e)))
return HttpResponseForbidden("Intrusion attempt blocked")
except REDISWriteError as e:
""" Cannot register double-authentication in Redis : internal server error """
logger.error("PORTAL::log_in: Failed to write double-authentication results in Redis for username '{}' : {}".format(db_authentication.credentials[0], str(e)))
return HttpResponseServerError()
# If authentication failed : create double-authentication key and ask-it
except CredentialsError as e:
""" CredentialsError: no OTP credentials provided : ask-them """
logger.error("PORTAL::log_in: Double-authentication failure for username {} : {}".format(authentication.credentials[0], str(e)))
try:
db_authentication.create_authentication()
return db_authentication.ask_credentials_response(request=request, portal_cookie_name=portal_cookie_name)
except (OTPError, REDISWriteError, RedisConnectionError) as e:
""" Error while sending/registering in Redis the OTP informations : display portal"""
logger.error("PORTAL::log_in: Failed to create/send double-authentication key : {}".format(str(e)))
db_authentication.deauthenticate_user()
logger.info("PORTAL::log_in: User '{}' successfully deauthenticated due to db-authentication error".format(authentication.credentials[0]))
return authentication.ask_credentials_response(request=request, error="<b> Error sending OTP Key </b> </br> "+str(e))
except AuthenticationError as e:
""" Bad OTP key """
logger.error("PORTAL::log_in: DoubleAuthentication failure for username {} : {}".format(authentication.credentials[0], str(e)))
try:
db_authentication.create_authentication()
db_authentication.authentication_failure()
logger.debug("PORTAL:log_in: DoubleAuthentication failure successfully registered in Redis")
return db_authentication.ask_credentials_response(request=request, portal_cookie_name=portal_cookie_name, error="<b> Bad OTP key </b>")
except TwoManyOTPAuthFailure as e:
logger.error("PORTAL::log_in: Two many OTP authentication failures for username'{}', redirecting to portal".format(authentication.credentials[0]))
db_authentication.deauthenticate_user()
logger.info("PORTAL::log_in: User '{}' successfully deauthenticated due to db-authentication error".format(authentication.credentials[0]))
return authentication.ask_credentials_response(request=request, error=e.args[0])
except (OTPError, REDISWriteError, RedisConnectionError) as e:
logger.error("PORTAL::log_in: Error while preparing double-authentication : {}".format(str(e)))
return db_authentication.ask_credentials_response(request=request, portal_cookie_name=portal_cookie_name, error="<b> Error sending OTP Key </b> </br> "+str(e))
except OTPError as e:
""" OTP Error while authenticating given token """
logger.error("PORTAL::log_in: Double-authentication failure for username {} : {}".format(authentication.credentials[0], str(e)))
return db_authentication.ask_credentials_response(request=request, portal_cookie_name=portal_cookie_name, error="<b> OTP Error </b> {}".format(str(e)))
except TwoManyOTPAuthFailure as e:
logger.error(
"PORTAL::log_in: Two many OTP authentication failures for username'{}', redirecting to portal".format(authentication.credentials[0]))
db_authentication.deauthenticate_user()
logger.info("PORTAL::log_in: User '{}' successfully deauthenticated due to db-authentication error".format(authentication.credentials[0]))
return authentication.ask_credentials_response(request=request, error=e.args[0])
# If we arrive here : the user is authenticated
# and double-authenticated if double-authentication needed
sso_methods = {
'form': SSOForwardPOST,
'basic': SSOForwardBASIC,
'kerberos':SSOForwardKERBEROS
}
""" If SSOForward enabled : perform-it """
if authentication.application.sso_enabled:
# Try to retrieve credentials from authentication object
try:
if not authentication.credentials[0] or not authentication.credentials[1]:
authentication.get_credentials(request)
# If we cannot retrieve them, ask credentials
if not authentication.credentials[0]:# or not authentication.credentials[1]:
return authentication.ask_credentials_response(request=request, portal_cookie_name=portal_cookie_name, error="Credentials not found")
logger.info("PORTAL::log_in: Credentials successfuly retrieven for SSO performing")
except Exception as e:
logger.error("PORTAL::log_in: Error while retrieving credentials for SSO : ")
logger.exception(e)
return authentication.ask_credentials_response(request=request, portal_cookie_name=portal_cookie_name, error="Credentials not found")
try:
# Instantiate SSOForward object with sso_forward type
sso_forward = sso_methods[authentication.application.sso_forward](request, authentication.application, authentication)
logger.info("PORTAL::log_in: SSOForward successfully created")
# Get credentials needed for sso forward : AutoLogon or Learning
sso_data, profiles_to_stock, url = sso_forward.retrieve_credentials(request)
logger.info("PORTAL::log_in: SSOForward credentials successfully retrieven")
# If credentials retrieven needs to be stocked
for profile_name,profile_value in profiles_to_stock.items():
sso_forward.stock_sso_field(authentication.credentials[0], profile_name, profile_value)
# Use 'sso_data' and 'url' to authenticate user on application
response = sso_forward.authenticate(sso_data, post_url=url, redis_session=authentication.redis_session)
logger.info("PORTAL::log_in: SSOForward performing success")
# Generate response depending on application.sso_forward options
final_response = sso_forward.generate_response(request, response, authentication.get_redirect_url())
logger.info("PORTAL::log_in: SSOForward response successfuly generated")
# If the user has not yet a portal cookie : give-it
if not request.COOKIES.get(portal_cookie_name, None) or not authentication.redis_base.hgetall(request.COOKIES.get(portal_cookie_name, None)):
final_response = set_portal_cookie(final_response, portal_cookie_name, portal_cookie, authentication.get_redirect_url())
return final_response
# If learning credentials cannot be retrieven : ask them
except CredentialsMissingError as e:
logger.error("PORTAL::log_in: Learning credentials missing : asking-them")
return authentication.ask_learning_credentials(request=request, portal_cookie_name=None if request.POST.get(portal_cookie_name, None) else portal_cookie_name, fields=e.fields_missing)
# If KerberosBackend object cannot be retrieven from mongo with the backend_id that the user is authenticated on
except InvalidId:
logger.error("PORTAL::log_in: The user is authenticated on a not Kerberos backend, cannot do SSOForward")
except (RequestsConnectionError,OpenSSLError) as e:
logger.error("PORTAL::log_in: ConnectionError while trying to SSO to backend : ")
logger.exception(e)
except Exception as e:
logger.error("PORTAL::log_in: Unexpected error while trying to perform SSO Forward :")
logger.exception(e)
""" If no response has been returned yet : redirect to the asked-uri/default-uri with portal_cookie """
redirection_url = authentication.get_redirect_url()
logger.info("PORTAL::log_in: Redirecting user to '{}'".format(redirection_url))
try:
kerberos_token_resp = authentication_results['data']['token_resp']
except:
kerberos_token_resp = None
return response_redirect_with_portal_cookie(redirection_url, portal_cookie_name, portal_cookie, redirection_url.startswith('https'), kerberos_token_resp)
def errorPage(message):
template = loader.get_template('500.html')
context = Context(dict(message=message))
return HttpResponseServerError(template.render(context))
def custom_handler500(request):
return HttpResponseServerError('Ошибка сервера!')
def dispatch(self, request, *args, **kwargs):
try:
return super(LaboratorioBaseView,
self).dispatch(request, *args, **kwargs)
except LaboratorioException as e:
return HttpResponseServerError("<h1>" + e.message + "</h1>")
Parameters::
- `PISTON_EMAIL_ERRORS`: Will send a Django formatted
error email to people in `settings.ADMINS`.
- `PISTON_DISPLAY_ERRORS`: Will return a simple traceback
to the caller, so he can tell you what error they got.
If `PISTON_DISPLAY_ERRORS` is not enabled, the caller will
receive a basic "500 Internal Server Error" message.
"""
exc_type, exc_value, tb = sys.exc_info()
rep = ExceptionReporter(request, exc_type, exc_value, tb.tb_next)
if self.email_errors:
self.email_exception(rep)
if self.display_errors:
return HttpResponseServerError(
format_error('\n'.join(rep.format_exception())))
else:
raise
emitter, ct = Emitter.get(em_format)
srl = emitter(result, typemapper, handler, handler.fields, anonymous)
try:
"""
Decide whether or not we want a generator here,
or we just want to buffer up the entire result
before sending it to the client. Won't matter for
smaller datasets, but larger will have an impact.
"""
if self.stream: stream = srl.stream_render(request)
else: stream = srl.render(request)
def internalupload(request):
try:
return HttpResponse(str(request.FILES['file'].blobstore_info.key()))
except Exception:
logging.exception("DJANGAE UPLOAD FAILED: The internal upload handler couldn't retrieve the blob info key.")
return HttpResponseServerError()
def render_500(request):
return HttpResponseServerError(render_to_string('500.html', {}, request=request))
def post(self, request, *args, **kwargs):
# Get required params
try:
metadata_file = request.FILES['file']
title = request.POST.get('title')
data_file_column = request.POST.get('data_file_column')
except (KeyError, ValueError):
error_msg = 'Required parameters are missing'
error = {'error_message': error_msg}
if request.is_ajax():
return HttpResponseBadRequest(json.dumps({'error': error_msg}),
'application/json')
else:
return render(request, self.template_name, error)
try:
source_column_index = request.POST.getlist('source_column_index')
except TypeError as error_msg:
error = {'error_message': error_msg}
if request.is_ajax():
return HttpResponseBadRequest(
# TODO: make sure error_msg is JSON serializable, e.g.:
# TypeError: IndexError('list index out of range',)
# is not JSON serializable
json.dumps({'error': error_msg}),
'application/json')
else:
return render(request, self.template_name, error)
else:
if not source_column_index:
error_msg = 'Source columns have not been selected'
error = {'error_message': error_msg}
if request.is_ajax():
return HttpResponseBadRequest(
json.dumps({'error': error_msg}), 'application/json')
else:
return render(request, self.template_name, error)
# workaround for breaking change in Angular
# https://github.com/angular/angular.js/commit/7fda214c4f65a6a06b25cf5d5aff013a364e9cef
source_column_index = [
column.replace('string:', '') for column in source_column_index
]
if settings.REFINERY_DEPLOYMENT_PLATFORM == 'aws':
try:
identity_id = request.POST.get('identity_id')
except (KeyError, ValueError):
error_msg = 'identity_id is missing'
error = {'error_message': error_msg}
if request.is_ajax():
return HttpResponseBadRequest(
json.dumps({'error': error_msg}), 'application/json')
else:
return render(request, self.template_name, error)
else:
identity_id = None
try:
dataset_uuid = process_metadata_table(
username=request.user.username,
title=title,
metadata_file=metadata_file,
source_columns=source_column_index,
data_file_column=data_file_column,
auxiliary_file_column=request.POST.get('aux_file_column'),
base_path=request.POST.get('base_path', ''),
data_file_permanent=request.POST.get('data_file_permanent',
False),
species_column=request.POST.get('species_column'),
genome_build_column=request.POST.get('genome_build_column'),
annotation_column=request.POST.get('annotation_column'),
is_public=request.POST.get('is_public', False),
delimiter=request.POST.get('delimiter'),
custom_delimiter_string=request.POST.get(
'custom_delimiter_string', False),
identity_id=identity_id)
except Exception as exc:
logger.error(exc, exc_info=True)
error = {'error_message': repr(exc)}
if request.is_ajax():
return HttpResponseServerError(
json.dumps({'error': repr(exc)}), 'application/json')
else:
return render(request, self.template_name, error)
if request.is_ajax():
return JsonResponse({'new_data_set_uuid': dataset_uuid})
else:
return HttpResponseRedirect(
reverse(self.success_view_name, args=(dataset_uuid, )))
def server_error(request, *args, **kwargs):
"""
Catch all 500 - Server Error
"""
return HttpResponseServerError(
**exception_response(request, 400, Exception('Server Error')))
def get(self, request):
if 'gmail_hash' in request.GET:
public_key_obj = get_object_or_404(GMail, gmail_hash=request.GET['gmail_hash']).public_key
return HttpResponse(public_key_obj.public_key)
else:
return HttpResponseServerError(u'Variable gmail_hash not set.')
from django.conf.urls.defaults import patterns, url, include
from django.contrib import admin
from django.http import HttpResponseNotFound, HttpResponseServerError
from test_app import views
handler404 = lambda r: HttpResponseNotFound()
handler500 = lambda r: HttpResponseServerError()
admin.autodiscover()
urlpatterns = patterns(
'', url(r'^flag_in_view', views.flag_in_view, name='flag_in_view'),
url(r'^switch-on', views.switched_view),
url(r'^switch-off', views.switched_off_view),
url(r'^flag-on', views.flagged_view),
url(r'^flag-off', views.flagged_off_view), (r'^', include('waffle.urls')),
(r'^admin/', include(admin.site.urls)))
def server_error_500(request):
return HttpResponseServerError(
render_to_string('500.html', context_instance=RequestContext(request)))
def sprout_html(self, context, request):
error_template = get_template("error.html")
context.update({"error_heading": self.heading, "error_message": self.message})
body = error_template.render(context, request)
return HttpResponseServerError(body, content_type=HTML)
def custom_handler500(request):
return HttpResponseServerError('Server error')
def sprout_json(self, context, request):
body = json.dumps(
{"error_heading": self.heading, "error_message": self.message}, indent=2
)
return HttpResponseServerError(body, content_type=JSON)
def handler500(request):
return HttpResponseServerError("Sentry error: %s" %
sentry_sdk.last_event_id())
def _toggle_boolean(self, request):
"""
Handle an AJAX toggle_boolean request
"""
try:
item_id = int(request.POST.get("item_id", None))
attr = str(request.POST.get("attr", None))
except Exception:
return HttpResponseBadRequest("Malformed request")
if not request.user.is_staff:
logger.warning(
'Denied AJAX request by non-staff "%s" to toggle boolean'
" %s for object #%s",
request.user,
attr,
item_id,
)
return HttpResponseForbidden(
_("You do not have permission to modify this object"))
self._collect_editable_booleans()
if attr not in self._ajax_editable_booleans:
return HttpResponseBadRequest("not a valid attribute %s" % attr)
try:
obj = self.model._default_manager.get(pk=item_id)
except self.model.DoesNotExist:
return HttpResponseNotFound("Object does not exist")
if not self.has_change_permission(request, obj=obj):
logger.warning(
'Denied AJAX request by "%s" to toggle boolean %s for'
" object %s",
request.user,
attr,
item_id,
)
return HttpResponseForbidden(
_("You do not have permission to modify this object"))
new_state = not getattr(obj, attr)
logger.info(
'Toggle %s on #%d %s to %s by "%s"',
attr,
obj.pk,
obj,
"on" if new_state else "off",
request.user,
)
try:
before_data = self._ajax_editable_booleans[attr](self, obj)
setattr(obj, attr, new_state)
obj.save()
# Construct html snippets to send back to client for status update
data = self._ajax_editable_booleans[attr](self, obj)
except Exception:
logger.exception("Unhandled exception while toggling %s on %s",
attr, obj)
return HttpResponseServerError("Unable to toggle %s on %s" %
(attr, obj))
# Weed out unchanged cells to keep the updates small. This assumes
# that the order a possible get_descendents() returns does not change
# before and after toggling this attribute. Unlikely, but still...
return HttpResponse(
json.dumps([b for a, b in zip(before_data, data) if a != b]),
content_type="application/json",
)
def process_exception(self, request, exception):
ip = request.META['REMOTE_ADDR']
if ip not in settings.ADMINIST_ALLOWED_IP:
return HttpResponseServerError()
def server_error(self, data=''):
return HttpResponseServerError(data)
def post(self, request, *args, **kwargs):
# Get required params
try:
metadata_file = request.FILES['file']
title = request.POST.get('title')
data_file_column = request.POST.get('data_file_column')
except (KeyError, ValueError):
error_msg = 'Required parameters are missing'
error = {'error_message': error_msg}
if request.is_ajax():
return HttpResponseBadRequest(json.dumps({'error': error_msg}),
'application/json')
else:
return render(request, self.template_name, error)
try:
source_column_index = request.POST.getlist('source_column_index')
except TypeError as error_msg:
error = {'error_message': error_msg}
if request.is_ajax():
return HttpResponseBadRequest(json.dumps({'error': error_msg}),
'application/json')
else:
return render(request, self.template_name, error)
else:
if not source_column_index:
error_msg = 'Source columns have not been selected'
error = {'error_message': error_msg}
if request.is_ajax():
return HttpResponseBadRequest(
json.dumps({'error': error_msg}), 'application/json')
else:
return render(request, self.template_name, error)
# workaround for breaking change in Angular
# https://github.com/angular/angular.js/commit/7fda214c4f65a6a06b25cf5d5aff013a364e9cef
source_column_index = [
column.replace('string:', '') for column in source_column_index
]
try:
dataset_uuid = process_metadata_table(
username=request.user.username,
title=title,
metadata_file=metadata_file,
source_columns=source_column_index,
data_file_column=data_file_column,
auxiliary_file_column=request.POST.get('aux_file_column'),
base_path=request.POST.get('base_path', ''),
data_file_permanent=request.POST.get('data_file_permanent',
False),
species_column=request.POST.get('species_column'),
genome_build_column=request.POST.get('genome_build_column'),
annotation_column=request.POST.get('annotation_column'),
slug=request.POST.get('slug'),
is_public=request.POST.get('is_public', False),
delimiter=request.POST.get('delimiter'),
custom_delimiter_string=request.POST.get(
'custom_delimiter_string', False))
except Exception as error_msg:
error = {'error_message': error_msg}
if request.is_ajax():
return HttpResponseServerError(
json.dumps({'error': error_msg}), 'application/json')
else:
return render(request, self.template_name, error)
if request.is_ajax():
return HttpResponse(
json.dumps({'new_data_set_uuid': dataset_uuid}),
'application/json')
else:
return HttpResponseRedirect(
reverse(self.success_view_name, args=(dataset_uuid, )))
def create(self, request, *args, **kwargs):
try:
self._translate_host(request)
except (KeyError, ValueError) as e:
return HttpResponseServerError(content=b'Invalid Host')
return super(EventViewSet, self).create(request, *args, **kwargs)
def as2receive(request, *args, **kwargs):
"""
Function receives AS2 requests from partners.
Checks whether its an AS2 message or an MDN and acts accordingly.
"""
if request.method == 'POST':
# Create separate raw_payload with only message-id and content type
# as M2Crypto's signatur verification method does not like many headers
raw_payload = '%s: %s\n' % ('message-id', request.META['HTTP_MESSAGE_ID'])
raw_payload += '%s: %s\n\n' % ('content-type', request.META['CONTENT_TYPE'])
raw_payload += request.body
# Extract all the relevant headers from the http request
as2headers = ''
for key in request.META:
if key.startswith('HTTP') or key.startswith('CONTENT'):
h_key = key.replace("HTTP_", "").replace("_", "-").lower()
as2headers += '%s: %s\n' % (h_key, request.META[key])
request_content = as2headers.encode('utf-8') + '\n'.encode('utf-8') +request.body
pyas2init.logger.debug('Recevied an HTTP POST from %s with payload :\n%s' %
(request.META['REMOTE_ADDR'], request_content))
try:
pyas2init.logger.debug(
'Check payload to see if its an AS2 Message or ASYNC MDN.')
# Load the request header and body as a MIME Email Message
payload = email.message_from_string(request_content)
# Get the message sender and receiver AS2 IDs
message_org = as2utils.unescape_as2name(payload.get('as2-to'))
message_partner = as2utils.unescape_as2name(payload.get('as2-from'))
message = None
# Check if this is an MDN message
mdn_message = None
if payload.get_content_type() == 'multipart/report':
mdn_message = payload
elif payload.get_content_type() == 'multipart/signed':
for part in payload.walk():
if part.get_content_type() == 'multipart/report':
mdn_message = part
# If this is an MDN, get the message ID and check if it exists
if mdn_message:
msg_id = None
for part in mdn_message.walk():
if part.get_content_type() == 'message/disposition-notification':
msg_id = part.get_payload().pop().get('Original-Message-ID')
pyas2init.logger.info('Asynchronous MDN received for AS2 message %s to organization %s '
'from partner %s' % (msg_id, message_org, message_partner))
try:
# Get the related organization, partner and message from the db.
org = get_object_or_404(models.Organization, as2_name=message_org)
partner = get_object_or_404(models.Partner, as2_name=message_partner)
message = get_object_or_404(models.Message, message_id=msg_id.strip('<>'), organization=org, partner=partner)
models.Log.objects.create(message=message,
status='S',
text=_(u'Processing asynchronous mdn received from partner'))
as2lib.save_mdn(message, raw_payload)
except Http404:
# Send 404 response
pyas2init.logger.error('Unknown Asynchronous MDN AS2 message %s. '
'Either the partner, org or message was not found in the system' % msg_id)
return HttpResponseServerError(_(u'Unknown AS2 MDN received. Will not be processed'))
except Exception, e:
message.status = 'E'
message.adv_status = _(u'Failed to send message, error is:\n %s' %
traceback.format_exc(None).decode('utf-8', 'ignore'))
models.Log.objects.create(
message=message, status='E', text=message.adv_status)
# Send mail here
as2utils.senderrorreport(message, message.adv_status)
finally:
# Save message and send response to HTTP request
if message:
message.save()
return HttpResponse(_(u'AS2 ASYNC MDN has been received'))
else:
try:
# Process the received AS2 message from partner
# Initialize the processing status variables
status, adv_status, status_message = '', '', ''
pyas2init.logger.info('Received an AS2 message with id %s for organization %s from partner %s' %
(payload.get('message-id'), message_org, message_partner))
# Raise duplicate message error in case message already exists in the system
# TODO: Create composite key (message_id, organization, partner)
if models.Message.objects.filter(message_id=payload.get('message-id').strip('<>')).exists():
message = models.Message.objects.create(
message_id='%s_%s' % (payload.get('message-id').strip('<>'), payload.get('date')),
direction='IN',
status='IP',
headers=as2headers
)
raise as2utils.As2DuplicateDocument(_(u'An identical message has already '
u'been sent to our server'))
# Create a new message in the system
message = models.Message.objects.create(
message_id=payload.get('message-id').strip('<>'),
direction='IN',
status='IP',
headers=as2headers)
# Process the received payload to extract the actual message from partner
payload = as2lib.save_message(message, payload, raw_payload)
# Get the inbox folder for this partner and organization
output_dir = as2utils.join(pyas2init.gsettings['root_dir'],
'messages',
message.organization.as2_name,
'inbox',
message.partner.as2_name)
# Get the filename from the header and if not there set to message id
if message.partner.keep_filename and payload.get_filename():
filename = payload.get_filename()[:100]
else:
filename = '%s.msg' % uuid.uuid4()
# Save the message content to the store and inbox
content = payload.get_payload(decode=True)
full_filename = as2utils.storefile(output_dir, filename, content, False)
store_filename = as2utils.storefile(pyas2init.gsettings['payload_receive_store'],
message.message_id,
content,
True)
models.Log.objects.create(message=message,
status='S',
text=_(u'Message has been saved successfully to %s' % full_filename))
message.payload = models.Payload.objects.create(name=filename,
file=store_filename,
content_type=payload.get_content_type())
# Set processing status and run the post receive command.
status = 'success'
as2lib.run_post_receive(message, full_filename)
message.save()
# Catch each of the possible exceptions while processing an as2 message
except as2utils.As2DuplicateDocument, e:
status = 'warning'
adv_status = 'duplicate-document'
status_message = _(u'An error occurred during the AS2 message processing: %s' % e)
except as2utils.As2PartnerNotFound, e:
status = 'error'
adv_status = 'unknown-trading-partner'
status_message = _(u'An error occurred during the AS2 message processing: %s' % e)
def list(self, *args, **kwars):
return HttpResponseServerError(content=b'Not Implemented')
def __init__(self, content):
HttpResponseServerError.__init__(
self, content, content_type="text/javascript")
def custom_500(request):
"""Custom 500 error handler."""
return HttpResponseServerError(render(request, '500.html'))
def custom_handler500(request):
return HttpResponseServerError("Упс, ошибка 500")
def get_upload_params(request):
"""Authorises user and validates given file properties."""
file_name = request.POST['name']
file_type = request.POST['type']
file_size = int(request.POST['size'])
dest = get_s3direct_destinations().get(request.POST.get('dest', None),
None)
if not dest:
resp = json.dumps({'error': 'File destination does not exist.'})
return HttpResponseNotFound(resp, content_type='application/json')
auth = dest.get('auth')
if auth and not auth(request.user):
resp = json.dumps({'error': 'Permission denied.'})
return HttpResponseForbidden(resp, content_type='application/json')
allowed = dest.get('allowed')
if (allowed and file_type not in allowed) and allowed != '*':
resp = json.dumps({'error': 'Invalid file type (%s).' % file_type})
return HttpResponseBadRequest(resp, content_type='application/json')
cl_range = dest.get('content_length_range')
if (cl_range and not cl_range[0] <= file_size <= cl_range[1]):
msg = 'Invalid file size (must be between %s and %s bytes).'
resp = json.dumps({'error': (msg % cl_range)})
return HttpResponseBadRequest(resp, content_type='application/json')
key = dest.get('key')
if not key:
resp = json.dumps({'error': 'Missing destination path.'})
return HttpResponseServerError(resp, content_type='application/json')
bucket = dest.get('bucket',
getattr(settings, 'AWS_STORAGE_BUCKET_NAME', None))
if not bucket:
resp = json.dumps({'error': 'S3 bucket config missing.'})
return HttpResponseServerError(resp, content_type='application/json')
region = dest.get('region', getattr(settings, 'AWS_S3_REGION_NAME', None))
if not region:
resp = json.dumps({'error': 'S3 region config missing.'})
return HttpResponseServerError(resp, content_type='application/json')
endpoint = dest.get('endpoint', f'https://s3-{region}.amazonaws.com')
if not endpoint:
resp = json.dumps({'error': 'S3 endpoint config missing.'})
return HttpResponseServerError(resp, content_type='application/json')
aws_credentials = get_aws_credentials()
if not aws_credentials.secret_key or not aws_credentials.access_key:
resp = json.dumps({'error': 'AWS credentials config missing.'})
return HttpResponseServerError(resp, content_type='application/json')
upload_data = {
'object_key':
get_key(key, file_name, dest),
'access_key_id':
aws_credentials.access_key,
'session_token':
aws_credentials.token,
'region':
region,
'bucket':
bucket,
'endpoint':
endpoint,
'custom_domain':
settings.AWS_S3_CUSTOM_DOMAIN,
'acl':
None,
'allow_existence_optimization':
dest.get('allow_existence_optimization', False)
}
optional_params = [
'content_disposition', 'cache_control', 'server_side_encryption',
'server_side_encryption_kms_key_id'
]
for optional_param in optional_params:
if optional_param in dest:
option = dest.get(optional_param)
if hasattr(option, '__call__'):
upload_data[optional_param] = option(file_name)
else:
upload_data[optional_param] = option
resp = json.dumps(upload_data)
return HttpResponse(resp, content_type='application/json')
def view_500(request):
response = HttpResponseServerError()
response.write("Something went wrong")
return response
def custom_handler500(request):
return HttpResponseServerError('ХЬЮСТОН, у нас проблемы... с сервером :(')
def process_request(self, request):
if request.method == 'GET' and ESCAPED_FRAGMENT in request.GET:
original_url = request.build_absolute_uri()
parsed_url = urlparse.urlparse(original_url)
PROJECT_MODEL = get_project_model()
# Update URL with hashbang.
query = dict(urlparse.parse_qsl(parsed_url.query))
path = ''.join(
[parsed_url.path, HASHBANG,
query.get(ESCAPED_FRAGMENT, '')])
# See if it's a page we now so that we can sent it back quickly.
route = parsed_url.query.replace('%2F', '/').split('/')
# Project page
if route[1] == 'projects' and len(route) > 2:
slug = route[2]
# strip query string
slug = slug.split('?')[0]
if slug != slug.lower():
return HttpResponsePermanentRedirect(original_url.lower())
try:
project = PROJECT_MODEL.objects.get(slug=slug)
return SimpleTemplateResponse(
template='crawlable/project.html',
context={'project': project})
except PROJECT_MODEL.DoesNotExist:
url = ''.join([
parsed_url.path, '?', ESCAPED_FRAGMENT, '=',
'/projects'
])
return HttpResponsePermanentRedirect(url)
if route[1] == 'projects' and len(route) == 2:
projects = PROJECT_MODEL.objects.order_by(
'popularity').all()[:10]
url = ''.join([parsed_url.path, HASHBANG, '/projects'])
return SimpleTemplateResponse(
template='crawlable/project_list.html',
context={
'projects': projects,
'url': url
})
# Task page
if route[1] == 'tasks' and len(route) > 2:
task_id = route[2].split('?')[0]
task = get_task_model().objects.get(id=task_id)
return SimpleTemplateResponse(template='crawlable/task.html',
context={'task': task})
# Fundraiser page
if route[1] == 'fundraisers' and len(route) > 2:
fundraiser_id = route[2].split('?')[0]
fundraiser = get_fundraiser_model().objects.get(
id=fundraiser_id)
return SimpleTemplateResponse(
template='crawlable/fundraiser.html',
context={'fundraiser': fundraiser})
# Update query string by removing the escaped fragment.
if ESCAPED_FRAGMENT in query:
del query[ESCAPED_FRAGMENT]
query = urllib.urlencode(query)
# Build new absolute URL.
# NOTE: Django behind a certain web/WSGI-server configuration cannot determine if a request was made using
# HTTPS or HTTP. We consult a special setting for that.
force_https = getattr(settings, 'CRAWLABLE_FORCE_HTTPS', False)
if force_https:
scheme = 'https'
else:
scheme = parsed_url.scheme
absolute_url = urlparse.urlunparse([
scheme, parsed_url.netloc, path, parsed_url.params, query,
parsed_url.fragment
])
try:
cache_key = CACHE_PREFIX + re.sub(r'\/|-|#|\!', '_', path)
if cache.cache.has_key(cache_key):
self._content = cache.cache.get(cache_key)
else:
cssSelector = getattr(settings, 'CRAWLABLE_CSS_SELECTOR',
'#content')
driver = web_cache.get_driver()
logger.debug(
'Generating flat content from "%s" for "%s"%s.',
absolute_url, original_url,
' (forced HTTPS)' if force_https else '')
driver.get(absolute_url)
self._content = driver.page_source
def _process_content():
# Remove all javascript, since its mostly useless now.
self._content = re.subn(r'<(script).*?</\1>(?s)', '',
self._content)[0]
cache.cache.set(cache_key, self._content)
delay = 5 # seconds
driver.implicitly_wait(2)
try:
WebDriverWait(driver, delay).until(
lambda d: d.find_element_by_css_selector(
cssSelector))
_process_content()
except TimeoutException:
logger.error(
'There was a crawable timeout rendering "%s" for "%s"',
absolute_url, original_url)
return HttpResponse(content=self._content)
except Exception, e:
logger.error(
'There was a crawable error rendering "%s" for "%s" with the web driver: %s',
absolute_url, original_url, e)
return HttpResponseServerError()
def error(e):
response = HttpResponseServerError()
response.write(e)
return response
