def __call__(self, environ, start_response): """Handle WSGI request.""" request = Request(environ) try: with context.push(context="wsgi", environ=_environ(environ)): operation = self._get_operation(request) def handle(request): try: params = _params(request, operation) except Exception: # authorization trumps input validation authorize(operation.security) raise return _response(operation, operation.call(**params)) filters = self.filters.copy() filters.extend(_security_filters(operation.security)) response = _Chain(filters, handle).next(request) except exc.HTTPException as he: response = _ErrorResponse(he.code, he.detail) except ResourceError as re: response = _ErrorResponse(re.code, re.detail) except SchemaError as se: response = _ErrorResponse(exc.HTTPBadRequest.code, str(se)) except Exception as e: logging.exception(str(e)) response = _ErrorResponse(exc.HTTPInternalServerError.code, str(e)) return response(environ, start_response)
def process(self, line, inp=sys.stdin, out=sys.stdout): """ Process a single command line. :param line: Command line string to process. :returns: True if command line was processed successfully. """ args = shlex.split(line) if not args: return True with context.push(context_type="cli", cli_command=line): name = args.pop(0) if name in self.resources: try: return self._process_resource(name, args, inp, out) except Exception as e: self._print("ERROR: {}".format(e)) if self.debug: traceback.print_exc() return False elif name in self.commands: return self.commands[name][0](args) else: self._print("Invalid command or resource: {}.".format(name)) return False
def wrapper(wrapped, instance, args, kwargs): tags = {"resource": wrapped.__self__.name, "operation": _name} with context.push({**tags, "context": "operation"}): monitor.record({ **tags, "name": "operation_calls_total" }, _now(), "absolute", 1) with timer({**tags, "name": "operation_duration_seconds"}): authorize(security) return wrapped(*args, **kwargs)
def filter(self, request, chain): """ Filters the incoming HTTP request. If the request contains credentials in the HTTP Basic authentication scheme, they are passed to the authenticate method. If authentication is successful, a context is added to the context stack. """ auth = None if request.authorization and request.authorization[0].lower() == "basic": try: user_id, password = b64decode(request.authorization[1]).decode().split(":", 1) except (binascii.Error, UnicodeDecodeError): pass auth = self.authenticate(user_id, password) if auth: with context.push({**auth, **self.context}): return chain.next(request) return chain.next(request)
def wrapper(wrapped, instance, args, kwargs): operation = wrapped.__self__.operations[wrapped.__name__] tags = { "operation": operation.name, "resource": operation.resource.name } with context.push({"context": "roax.operation", **tags}): with roax.monitor.timer({ "name": "operation_duration_seconds", **tags }): with roax.monitor.counter({ "name": "operation_calls_total", **tags }): authorize(operation.security) return wrapped(*args, **kwargs)
def test_resource_security_success(): r2 = R2() with context.push(req1=True): assert r2.foo() == "foo_success"
def test_security_req_success(): r1 = R1() with context.push(req1=True): assert r1.foo() == "foo_success"
def wrapper(wrapped, instance, args, kwargs): with context.push(context_type="operation", operation_resource=wrapped.__self__.name, operation_name=_name): authorize(security) return wrapped(*args, **kwargs)
def test_security_req_success(self): r1 = R1() with context.push(req1=True): self.assertEqual(r1.foo(), "foo_success")