def handle_object(self, obj):
if type(obj) == dict and len(obj.keys()) == 1 and obj.has_key('_ref'):
L.info("ReferenceFetcher: Attempting to fetch %r" % obj)
url = obj['_ref']
if url.strip() == '':
return None
data = None
try:
data = internal_find(url, follow=False, lang=self.token.lang)
if data != None:
return data
except Exception:
L.exception("ReferenceFetcher: Failed to fetch %r" % obj)
elif type(obj) == dict:
return dict([(k, self.handle_object(v))
for k, v in obj.iteritems()])
elif type(obj) == list:
return [self.handle_object(el) for el in obj]
return obj
def handle_object(self,obj):
if type(obj) == dict and len(obj.keys())==1 and obj.has_key('_ref'):
L.info("ReferenceFetcher: Attempting to fetch %r" % obj)
url = obj['_ref']
if url.strip() == '':
return None
data = None
try:
data = internal_find(url,follow=False,lang=self.token.lang)
if data != None:
return data
except Exception:
L.exception("ReferenceFetcher: Failed to fetch %r" % obj)
elif type(obj) == dict:
return dict([ (k,self.handle_object(v)) for k,v in obj.iteritems()])
elif type(obj) == list:
return [ self.handle_object(el) for el in obj]
return obj
def slug(path, slug):
L.info("dbserver::slug::%s:%s, %s, %s" %
(request.method, path, slug, request.url))
response, content_type, headers = process(path, slug)
return Response(response=response,
content_type=content_type,
headers=headers)
def process(self):
data = json.dumps(self.token.response)
if self.token.request.method == "GET":
if data != 'null':
L.info("CacheSetter: storing in %s <== %s" %
(self.token.cache_key, snip(str(data))))
store_in_cache(self.token.cache_key, data)
def noslug(path):
L.info("dbserver::noslug::%s:%s, %s" % (request.method, path, request.url))
response, content_type, headers = process(path, None)
L.info("%s %s %s" % (snip(response), content_type, headers))
return Response(response=response,
content_type=content_type,
headers=headers)
def process(self):
data = json.dumps(self.token.response)
if data != 'null':
L.info("CacheSetter: storing in %s <== %s" %
(self.token.cache_key, snip(str(data))))
store_in_cache(
self.token.cache_key.encode('utf8').encode('hex'),
data.encode('utf8').encode('hex'))
def process(self):
self.token.cache_key = json.dumps(self.token.path) + '|' + json.dumps(self.token.slug) + '|' + '|'.join([ self.token.request.args.get(arg,'') for arg in self.ARGS_FOR_KEY ])
if self.token.request.args.get('hitcache',"1") == "0":
L.info("Skipping cache as requested for %s/%s" % (self.token.path,self.token.slug))
return
data = hit_cache(self.token.cache_key.encode('utf8').encode('hex'))
L.info("Data for key %s == %s" % (self.token.cache_key,snip(repr(data))))
if data != None:
self.token.response = json.loads(data.decode('hex').decode('utf8'))
self.should_stop = True
self.skip_to = "DataFormatter"
def create_or_login(resp):
session['openid'] = resp.identity_url
openid_key = urllib.quote(urllib.quote(session['openid'],safe=''))
user = internal_find('/data/admin/users/%s' % openid_key)
if user != None:
L.info(u'Successfully signed in fullname=%s, email=%s (%r)' % (resp.fullname, resp.email, resp.__dict__))
else:
data = { "fullname" : resp.fullname,
"email" : resp.email,
"key" : openid_key }
user = internal_save('/data/admin/users/%s' % openid_key, data)
L.info(u'Successfully created fullname=%s, email=%s (%r)' % (resp.fullname, resp.email, resp.__dict__))
g.user = user
return redirect(oid.get_next_url())
def validate_api(self,api_key):
try:
L.info('PermissionChecker:: api_key = %s' % api_key)
api_key = api_key.decode('base64')
api_key = json.loads(api_key)
app = api_key['a']
referrer = api_key['r']
request_referrer = self.token.request.referrer
request_referrer = urlparse.urlparse(request_referrer).netloc
L.info('PermissionChecker:: app = %s, referrer = %s, req.referrer = %s' % (app, referrer, request_referrer))
assert( referrer == request_referrer )
secret = api_key['s']
assert( secret == md5().update("%s:%s:p4tpp" % (app,referrer)).hexdigest()[:8] )
self.app = "%s@%s" % (app,referrer)
except:
return False
def internal_find(url,follow=True,lang=None,query=None,apikey=None,fields=None):
params = { 'o' : 'json',
'limit' : 0 }
params['follow'] = "yes" if follow else "no"
if lang: params['lang'] = lang
if query: params['query'] = json.dumps(query)
if apikey: params['apikey'] = apikey
if fields: params['fields'] = json.dumps(fields)
L.info("internal_find: Attempting to fetch %s with %s" % (url,params))
params = urlencode(params)
url += "?" + params
data = g.app.test_client().get(url).data
data = json.loads(data)
return data
def process(self):
method = self.token.request.method
self.should_stop = False
self.app = self.token.request.args.get('apikey', None)
if self.app != None:
if self.app == "admin":
return
if not self.validate_api(self.app):
return
self.user = None ## TODO: '''<<getuser>>'''
if self.token.slug != None:
fullpath = os.path.join(self.token.path, self.token.slug)
else:
fullpath = self.token.path
L.debug("PermissionChecker: full_path=%r" % fullpath)
fullpath = fullpath.split('/')
L.debug("PermissionChecker: full_path=%r" % fullpath)
perms = set()
for i in range(len(fullpath)):
partial_path = fullpath[0:i + 1]
L.debug("PermissionChecker: partial_path=%r" % partial_path)
spec = json.dumps({"ref": "/" + "/".join(partial_path)})
data = internal_find('/data/admin/permissions/',
query=spec,
apikey='admin')
for rec in data:
auth = rec.get('auth')
if self.match_auth(auth):
perms.update(set(rec.get('perms', set())))
L.info("PermissionChecker: rule %s, perms=%r" %
(rec.get('_src'), set(rec.get('perms', set()))))
if ((method == "POST" and "new" in perms)
or (method == "DELETE" and "delete" in perms)
or (method == "PUT" and "edit" in perms)
or (method == "GET" and "read" in perms)):
pass
else:
self.should_stop = True
def process(self):
method = self.token.request.method
self.should_stop = False
self.app = self.token.request.args.get('apikey',None)
if self.app != None:
if self.app == "admin":
return
if not self.validate_api(self.app):
return
self.user = None ## TODO: '''<<getuser>>'''
if self.token.slug != None:
fullpath = os.path.join(self.token.path, self.token.slug)
else:
fullpath = self.token.path
L.debug("PermissionChecker: full_path=%r" % fullpath)
fullpath = fullpath.split('/')
L.debug("PermissionChecker: full_path=%r" % fullpath)
perms = set()
for i in range(len(fullpath)):
partial_path = fullpath[0:i+1]
L.debug("PermissionChecker: partial_path=%r" % partial_path)
spec = json.dumps({ "ref" : "/" + "/".join(partial_path) })
data = internal_find('/data/admin/permissions/',query=spec,apikey='admin')
for rec in data:
auth = rec.get('auth')
if self.match_auth(auth):
perms.update(set(rec.get('perms',set())))
L.info("PermissionChecker: rule %s, perms=%r" % (rec.get('_src'),set(rec.get('perms',set()))))
if ( (method == "POST" and "new" in perms) or
(method == "DELETE" and "delete" in perms) or
(method == "PUT" and "edit" in perms) or
(method == "GET" and "read" in perms) ):
pass
else:
self.should_stop = True
def process(self):
self.token.cache_key = json.dumps(self.token.path) + '|' + json.dumps(
self.token.slug) + '|' + '|'.join([
self.token.request.args.get(arg, '')
for arg in self.ARGS_FOR_KEY
])
if self.token.request.args.get('hitcache', "1") == "0":
L.info("Skipping cache as requested for %s/%s" %
(self.token.path, self.token.slug))
return
data = hit_cache(self.token.cache_key.encode('utf8').encode('hex'))
L.info("Data for key %s == %s" %
(self.token.cache_key, snip(repr(data))))
if data != None:
self.token.response = json.loads(data.decode('hex').decode('utf8'))
self.should_stop = True
self.skip_to = "DataFormatter"
def create_or_login(resp):
session['openid'] = resp.identity_url
openid_key = urllib.quote(urllib.quote(session['openid'], safe=''))
user = internal_find('/data/admin/users/%s' % openid_key)
if user != None:
L.info(u'Successfully signed in fullname=%s, email=%s (%r)' %
(resp.fullname, resp.email, resp.__dict__))
else:
data = {
"fullname": resp.fullname,
"email": resp.email,
"key": openid_key
}
user = internal_save('/data/admin/users/%s' % openid_key, data)
L.info(u'Successfully created fullname=%s, email=%s (%r)' %
(resp.fullname, resp.email, resp.__dict__))
g.user = user
return redirect(oid.get_next_url())
def validate_api(self, api_key):
try:
L.info('PermissionChecker:: api_key = %s' % api_key)
api_key = api_key.decode('base64')
api_key = json.loads(api_key)
app = api_key['a']
referrer = api_key['r']
request_referrer = self.token.request.referrer
request_referrer = urlparse.urlparse(request_referrer).netloc
L.info(
'PermissionChecker:: app = %s, referrer = %s, req.referrer = %s'
% (app, referrer, request_referrer))
assert (referrer == request_referrer)
secret = api_key['s']
assert (secret == md5().update("%s:%s:p4tpp" %
(app, referrer)).hexdigest()[:8])
self.app = "%s@%s" % (app, referrer)
except:
return False
def internal_find(url,
follow=True,
lang=None,
query=None,
apikey=None,
fields=None):
params = {'o': 'json', 'limit': 0}
params['follow'] = "yes" if follow else "no"
if lang: params['lang'] = lang
if query: params['query'] = json.dumps(query)
if apikey: params['apikey'] = apikey
if fields: params['fields'] = json.dumps(fields)
L.info("internal_find: Attempting to fetch %s with %s" % (url, params))
params = urlencode(params)
url += "?" + params
data = g.app.test_client().get(url).data
data = json.loads(data)
return data
def process(self):
self.token.cache_key = (
json.dumps(self.token.path)
+ "|"
+ json.dumps(self.token.slug)
+ "|"
+ "|".join([self.token.request.args.get(arg, "") for arg in self.ARGS_FOR_KEY])
)
if self.token.request.args.get("hitcache", "1") == "0":
L.info("Skipping cache as requested for %s/%s" % (self.token.path, self.token.slug))
return
if self.token.request.method == "GET":
data = hit_cache(self.token.cache_key)
L.info("Data for key %s == %s" % (self.token.cache_key, snip(repr(data))))
if data != None:
self.token.response = json.loads(data)
self.should_stop = True
self.skip_to = "DataFormatter"
else:
clear_cache(self.token.cache_key)
clear_cache_for_path(self.token.path)
def process(self):
self.token.cache_key = json.dumps(self.token.path) + '|' + json.dumps(
self.token.slug) + '|' + '|'.join([
self.token.request.args.get(arg, '')
for arg in self.ARGS_FOR_KEY
])
if self.token.request.args.get('hitcache', "1") == "0":
L.info("Skipping cache as requested for %s/%s" %
(self.token.path, self.token.slug))
return
if self.token.request.method == "GET":
data = hit_cache(self.token.cache_key)
L.info("Data for key %s == %s" %
(self.token.cache_key, snip(repr(data))))
if data != None:
self.token.response = json.loads(data)
self.should_stop = True
self.skip_to = "DataFormatter"
else:
clear_cache(self.token.cache_key)
clear_cache_for_path(self.token.path)
def slug(path,slug):
L.info("dbserver::slug::%s:%s, %s, %s" % (request.method,path,slug,request.url))
response, content_type, headers = process(path,slug)
return Response(response=response, content_type=content_type, headers=headers)
import os
os.environ["DJANGO_SETTINGS_MODULE"] = "openid_db.settings"
from gevent import monkey
monkey.patch_all()
from gevent.pywsgi import WSGIServer
from dbserver import app
from log import L
L.info("Listening on 5555")
http_server = WSGIServer(('', 5555), app)
http_server.serve_forever()
def process(self):
data = json.dumps(self.token.response)
if self.token.request.method == "GET":
if data != 'null':
L.info("CacheSetter: storing in %s <== %s" % (self.token.cache_key,snip(str(data))))
store_in_cache(self.token.cache_key,data)
import os
os.environ["DJANGO_SETTINGS_MODULE"]="openid_db.settings"
from gevent import monkey; monkey.patch_all()
from gevent.pywsgi import WSGIServer
from dbserver import app
from log import L
L.info("Listening on 5555")
http_server = WSGIServer(('', 5555), app)
http_server.serve_forever()
def logout():
session.pop('openid', None)
L.info(u'You have been signed out')
return redirect(oid.get_next_url())
def process(self):
data = json.dumps(self.token.response)
if data != 'null':
L.info("CacheSetter: storing in %s <== %s" % (self.token.cache_key,snip(str(data))))
store_in_cache(self.token.cache_key.encode('utf8').encode('hex'),data.encode('utf8').encode('hex'))
def logout():
session.pop('openid', None)
L.info(u'You have been signed out')
return redirect(oid.get_next_url())
def noslug(path):
L.info("dbserver::noslug::%s:%s, %s" % (request.method,path,request.url))
response, content_type, headers = process(path,None)
L.info("%s %s %s" % (snip(response), content_type, headers))
return Response(response=response, content_type=content_type, headers=headers)
