def test_clear_new_auth_url_creates_new_client(self): rbac1 = rbac.client rbac.clear() Config.objects.set_config( "external_auth_url", "http://candid-other.example.com" ) self.assertIsNot(rbac1, rbac.client)
def get_object(params): # Running inside new database thread, be sure the rbac cache is # cleared so accessing information will not be already cached. rbac.clear() obj = self.get_object(params) if not self.user.has_perm(PodPermission.compose, obj): raise HandlerPermissionError() return obj
def get_object(params): # Clear rbac cache before check (this is in its own thread). rbac.clear() obj = self.get_object(params) if not self.user.has_perm(self._meta.delete_permission, obj): raise HandlerPermissionError() return obj
def execute(self, method_name, params): """Execute the given method on the handler. Checks to make sure the method is valid and allowed perform executing the method. """ if method_name in self._meta.allowed_methods: try: method = getattr(self, method_name) except AttributeError: raise HandlerNoSuchMethodError(method_name) else: # Handler methods are predominantly transactional and thus # blocking/synchronous. Genuinely non-blocking/asynchronous # methods must out themselves explicitly. if IAsynchronous.providedBy( method ) or asyncio.iscoroutinefunction(method): # Running in the io thread so clear RBAC now. rbac.clear() # Reload the user from the database. d = concurrency.webapp.run( deferToDatabase, transactional(self.user.refresh_from_db), ) d.addCallback(lambda _: ensureDeferred(method(params))) return d else: @wraps(method) @transactional def prep_user_execute(params): # Clear RBAC and reload the user to ensure that # its up to date. `rbac.clear` must be done inside # the thread because it uses thread locals internally. rbac.clear() self.user.refresh_from_db() # Perform the work in the database. return self._call_method_track_queries( method_name, method, params ) # Force the name of the function to include the handler # name so the debug logging is useful. prep_user_execute.__name__ = "%s.%s" % ( self.__class__.__name__, method_name, ) # This is going to block and hold a database connection so # we limit its concurrency. return concurrency.webapp.run( deferToDatabase, prep_user_execute, params ) else: raise HandlerNoSuchMethodError(method_name)
def prep_user_execute(params): # Clear RBAC and reload the user to ensure that # its up to date. `rbac.clear` must be done inside # the thread because it uses thread locals internally. rbac.clear() self.user.refresh_from_db() # Perform the work in the database. return method(params)
def get_form(obj, params): # Clear rbac cache before check (this is in its own thread). rbac.clear() obj = self.get_object(params) if not self.user.has_perm(self._meta.edit_permission, obj): raise HandlerPermissionError() request = HttpRequest() request.user = self.user return PodForm( instance=obj, data=self.preprocess_form("refresh", params), request=request)
def get_form(params): # Clear rbac cache before check (this is in its own thread). rbac.clear() if not self.user.has_perm(self._meta.create_permission): raise HandlerPermissionError() request = HttpRequest() request.user = self.user form = PodForm( data=self.preprocess_form("create", params), request=request) if not form.is_valid(): raise HandlerValidationError(form.errors) else: return form
def get_form(params): # Clear rbac cache before check (this is in its own thread). rbac.clear() obj = self.get_object(params) if not self.user.has_perm(self._meta.edit_permission, obj): raise HandlerPermissionError() request = HttpRequest() request.user = self.user form = PodForm( instance=obj, data=self.preprocess_form("update", params), request=request) if not form.is_valid(): raise HandlerValidationError(form.errors) else: form.cleaned_data['tags'] = params['tags'] return form
def cleanup(): rbac._store.client = None rbac.clear()
def __call__(self, request): result = self.get_response(request) # Now that the response has been handled, clear the thread-local # state of the RBAC connection. rbac.clear() return result
def test_clear_new_url_creates_new_client(self): rbac1 = rbac.client rbac.clear() Config.objects.set_config('rbac_url', 'http://rbac-other.example.com') self.assertIsNot(rbac1, rbac.client)
def test_clear_same_url_same_client(self): rbac1 = rbac.client rbac.clear() self.assertIs(rbac1, rbac.client)