def validate_user_rights(self, request_data, _session_db, caller_name): valid_session_data = None session_user = None if hasattr(request_data, "session_token"): session_user = gen.validate_user_rights(_session_db, request_data.session_token, caller_name) if session_user is False: valid_session_data = login.InvalidSessionToken() logger.logKnowledge( "info", "invalid_user_session", "user:%s, caller_name:%s, request:%s" % (session_user, caller_name, request.url)) print valid_session_data, session_user if valid_session_data is None and session_user is not False: if hasattr(request_data, "request"): if hasattr(request_data.request, "password") and type( request_data.request) != consoleadmin.SaveDBServer: print "password validation" enc_pwd = encrypt(request_data.request.password) if gen.verify_password(_session_db, session_user, enc_pwd) == 0: valid_session_data = login.InvalidPassword() logger.logKnowledge( "info", "invalid_user_password", "user:%s, caller_name:%s, request:%s" % (session_user, caller_name, request.url)) return valid_session_data, session_user
def respond(self, response_data): try: return self._send_response(response_data, 200) except Exception, e: logger.logKnowledge("error", "respond", str(e)) logger.logKnowledge("error", "respond", str(traceback.format_exc())) raise Exception("Request Process Failed")
def delete(self, table, condition, condition_val): query = "DELETE from " + table + " WHERE " + condition try: return self.execute(query, condition_val) except Exception, e: logger.logKnowledge("error", "delete", "query: %s, param:%s" % (query, condition_val)) logger.logKnowledge("error", "delete", str(e)) raise fetch_error()
def connect(self): assert self._connection is None try: connection = self._mysql.get_db connection.autocommit(True) self._connection = connection logger.logKnowledge("info", "database connection initiate", "") return self._connection except Exception, e: logger.logKnowledge("error", "database.py-connect", e)
def _send_response(self, response_data, status_code): if type(response_data) is not str: data = response_data.to_structure() s = json.dumps(data, indent=1) else: s = response_data # print s logger.logKnowledge("api", "response", s) key = ''.join(random.SystemRandom().choice(string.ascii_letters) for _ in range(5)) s = base64.b64encode(s) s = json.dumps(key + s) resp = Response(s, status=status_code, mimetype="application/json") return resp
def append(self, table, column, value, condition, condition_val): try: rows = self.get_data(table, column, condition, condition_val) currentValue = rows[0][column] if currentValue is not None: newValue = currentValue + "," + str(value) else: newValue = str(value) columns = [column] values = [newValue] values += condition_val res = self.update(table, columns, values, condition) return res except Exception, e: logger.logKnowledge( "error", "append", "table: %s, column:%s, value:%s" % (table, column, value)) logger.logKnowledge("error", "append", str(e)) raise fetch_error()
def on_session_timeout(): print "session timeout" _db_con_clr = before_first_request() _db_clr = Database(_db_con_clr) _db_clr.begin() try: _db_clr.clear_session(SESSION_CUTOFF) _db_clr.commit() _db_con_clr.close() t = threading.Timer(500, on_session_timeout) t.daemon = True t.start() except Exception, e: logger.logKnowledge("error", "remove_old_session", str(e)) logger.logKnowledge("error", "remove_old_session", str(traceback.format_exc())) _db_clr.rollback()
def execute_insert(self, query, param): cursor = self.cursor() assert cursor is not None try: if type(param) is tuple: cursor.execute(query, param) elif type(param) is list: cursor.execute(query, param) else: cursor.execute(query) logger.logKnowledge("query", "execute_insert", "query: %s, param:%s" % (query, param)) cursor.nextset() no = int(cursor.lastrowid) if no == 0: return False else: return no except Exception, e: logger.logKnowledge("error", "execute_insert", "query: %s, param:%s" % (query, param)) logger.logKnowledge("error", "execute_insert", str(e)) return False
def select_one(self, query, param=None): cursor = self.cursor() assert cursor is not None try: if param is None: cursor.execute(query) else: if type(param) is tuple: cursor.execute(query, param) elif type(param) is list: cursor.execute(query, param) else: cursor.execute(query) logger.logKnowledge("query", "select_one", "query: %s, param:%s" % (query, param)) cursor.nextset() res = cursor.fetchone() cursor.nextset() return res except Exception, e: logger.logKnowledge("error", "select_one", "query: %s, param:%s" % (query, param)) logger.logKnowledge("error", "select_one", str(e)) raise fetch_error()
def call_proc_with_multiresult_set(self, procedure_name, args, expected_result_count): cursor = self.cursor() rows = [] assert cursor is not None try: if args is None: cursor.callproc(procedure_name) else: cursor.callproc(procedure_name, args) logger.logKnowledge( "query", "call_proc_with_multiresult_set", "procedure: %s, param:%s" % (procedure_name, args)) rows = [] for c in cursor.stored_results(): cols = c.description if cols: cols = [x[0] for x in cols] else: cols = [] r = convert_to_dict(c.fetchall(), cols) rows.append(r) except Exception, e: logger.logKnowledge( "error", "call_proc_with_multiresult_set", "procedure: %s, param:%s" % (procedure_name, args)) logger.logKnowledge("error", "call_proc_with_multiresult_set", str(e)) ValueError("Request Process Failed")
def insert(self, table, columns, values): # columns = ", ".join(columns) stringValue = [] for i in range(len(values)): stringValue.append('%s') if type(columns) is list: columns = ", ".join(columns) columns = "(%s)" % columns query = """INSERT INTO %s %s """ % (table, columns) query += " VALUES (%s) " % (",".join(stringValue)) try: n_id = int(self.execute_insert(query, values)) print n_id logger.logKnowledge("query", "insert", "query: %s, param:%s" % (query, values)) return n_id if n_id == 0: return False except Exception, e: print e logger.logKnowledge("error", "insert", "query: %s, param:%s" % (query, values)) logger.logKnowledge("error", "insert", str(e)) raise fetch_error()
def bulk_update(self, table, columns, values, conditions): try: for outer_index, cond in enumerate(conditions): query = "UPDATE " + table + " set " for index, column in enumerate(columns): if values[outer_index][index] is not None: if (index < len(columns) - 1): query += column + " = '%s', " % ( values[outer_index][index]) else: query += column + " = '%s' " % ( values[outer_index][index]) query += " WHERE " + cond + "; " cursor = self.cursor() assert cursor is not None cursor.execute(query) logger.logKnowledge("query", "bulk_update", "query: %s, param:%s" % (query, values)) cursor.nextset() return True except Exception, e: logger.logKnowledge("error", "bulk_update", "query: %s, param:%s" % (query, values)) logger.logKnowledge("error", "bulk_update", str(e)) raise fetch_error()
def call_update_proc(self, procedure_name, args): cursor = self.cursor() assert cursor is not None try: if args is None: cursor.callproc(procedure_name) else: cursor.callproc(procedure_name, args) logger.logKnowledge( "query", "call_update_proc", "procedure: %s, param:%s" % (procedure_name, args)) cursor.nextset() except Exception, e: logger.logKnowledge( "error", "call_update_proc", "procedure: %s, param:%s" % (procedure_name, args)) logger.logKnowledge("error", "call_update_proc", str(e)) raise process_procedure_error(procedure_name, args, e)
def _parse_request(self, request_data_type): request_data = None try: if not request.data: raise ValueError("Request data is Null") data = request.data[5:] data = data.decode('base64') data = json.loads(data) # print data logger.logKnowledge("api", "request", data) request_data = request_data_type.parse_structure(data) return request_data except Exception, e: logger.logKnowledge("error", "parse_request", str(e)) logger.logKnowledge("error", "parse_request", str(traceback.format_exc())) raise ValueError("Request Process Failed")
def update(self, table, columns, values, condition): query = "UPDATE " + table + " set " for index, column in enumerate(columns): if index < len(columns) - 1: query += column + " = %s, " else: query += column + " = %s " query += " WHERE " + condition try: status = self.execute(query, values) logger.logKnowledge("query", "update", "query: %s, param:%s" % (query, values)) return status except Exception, e: print e logger.logKnowledge("error", "update", "query: %s, param:%s" % (query, values)) logger.logKnowledge("error", "update", str(e)) raise fetch_error()
def call_proc(self, procedure_name, args=None, columns=None): # columns no longer need here, so remove argument once removed from the reference place # args can be tuple/list e.g, (parm1, parm2)/[param1, param2] cursor = self.cursor() rows = [] assert cursor is not None try: if args is None: cursor.callproc(procedure_name) else: cursor.callproc(procedure_name, args) logger.logKnowledge( "query", "call_proc", "procedure: %s, param:%s" % (procedure_name, args)) cols = cursor.description if cols: cols = [x[0] for x in cols] else: cols = [] for c in cursor.stored_results(): cols = c.description if cols: cols = [x[0] for x in cols] else: cols = [] r = convert_to_dict(c.fetchall(), cols) rows.append(r) if len(rows) > 0: rows = rows[0] cursor.nextset() except Exception, e: logger.logKnowledge( "error", "call_proc", "procedure: %s, param:%s" % (procedure_name, args)) logger.logKnowledge("error", "call_proc", str(e)) raise ValueError("Request Process Failed")
def execute(self, query, param=None): cursor = self.cursor() assert cursor is not None try: if type(param) is tuple: cursor.execute(query, param) elif type(param) is list: cursor.execute(query, param) else: cursor.execute(query) logger.logKnowledge("query", "execute", "query: %s, param:%s" % (query, param)) cursor.nextset() return True except Exception, e: logger.logKnowledge("error", "execute", "query: %s, param:%s" % (query, param)) logger.logKnowledge("error", "execute", str(e)) return False
def call_insert_proc(self, procedure_name, args): cursor = self.cursor() assert cursor is not None new_id = None try: if args is None: cursor.callproc(procedure_name) else: cursor.callproc(procedure_name, args) logger.logKnowledge( "query", "call_insert_proc", "procedure: %s, param:%s" % (procedure_name, args)) cursor.nextset() cursor.execute("SELECT LAST_INSERT_ID() as newid") r = cursor.fetchone() cursor.nextset() new_id = r["newid"] except Exception, e: logger.logKnowledge( "error", "call_insert_proc", "procedure: %s, param:%s" % (procedure_name, args)) logger.logKnowledge("error", "call_insert_proc", str(e)) raise process_procedure_error(procedure_name, args, e)
def bulk_insert(self, table, columns, valueList): stringValue = [] for i in range(len(columns)): stringValue.append('%s') if type(columns) is list: columns = ", ".join(columns) query = "INSERT INTO %s (%s) " % (table, columns) query += " VALUES (%s) " % (",".join(stringValue)) try: cursor = self.cursor() assert cursor is not None cursor.executemany(query, valueList) logger.logKnowledge("query", "bulk_insert", "query: %s, param:%s" % (query, valueList)) cursor.nextset() return True except Exception, e: logger.logKnowledge("error", "bulk_insert", "query: %s, param:%s" % (query, valueList)) logger.logKnowledge("error", "bulk_insert", str(e)) raise fetch_error()
def handle_api_request(self, unbound_method, request_data_type, need_session_id): is_bulk_upload = False # self._ip_addess = request.remote_addr self._ip_addess = request.headers.get("X-Real-Ip") caller_name = request.headers.get("Caller-Name") api_type = request.url try: if request_data_type == "knowledgeformat": request_data = request else: request_data = self._parse_request(request_data_type) if request_data is None: raise ValueError("Request data is Null") elif type(request_data) is str: raise ValueError(request_data) if "/api/bu" in api_type: is_bulk_upload = True _db_con = bulk_db_connect() else: _db_con = before_first_request() _db = Database(_db_con) _db.begin() valid_session_data = None session_user = None _session_db = None _session_db_con = None print is_bulk_upload if is_bulk_upload is True: _session_db_con = before_first_request() _session_db = Database(_session_db_con) _session_db.begin() valid_session_data, session_user = self.validate_user_rights( request_data, _session_db, caller_name) if valid_session_data is None: session_user = UserInfo(_session_db, session_user) _session_db.commit() else: valid_session_data, session_user = self.validate_user_rights( request_data, _db, caller_name) if valid_session_data is None: if need_session_id is True: response_data = unbound_method(self, request_data, _db, session_user) else: response_data = unbound_method(self, request_data, _db) else: response_data = valid_session_data if response_data is None or type(response_data) is bool: _db.rollback() raise fetch_error() elif type(response_data) != technomasters.ClientCreationFailed: _db.commit() else: _db.rollback() _db.close() _db_con.close() return self.respond(response_data) except Exception, e: logger.logKnowledge("error", "handle_api_request", str(e)) logger.logKnowledge("error", "handle_api_request", str(traceback.format_exc())) if str(e).find("expected a") is False: _db.rollback() _db.close() _db_con.close() return self._send_response(str(e), 400)