def process_response(self, request, response): if response.status_code in ( 301, 302, 303, 305, 307, 308) and response.get('Location') and not hasattr( response, 'redirect_override'): redirection_patterns = REDIRECT_WHITELIST.get() location = response['Location'] if any(regexp.match(location) for regexp in redirection_patterns): return response if url_has_allowed_host_and_scheme( location, allowed_hosts={request.get_host()}): return response if request.path in [ '/oidc/authenticate/', '/oidc/callback/', '/oidc/logout/', '/hue/oidc_failed/' ]: return response response = render( "error.mako", request, { 'error': _('Redirect to %s is not allowed.') % response['Location'], 'is_embeddable': request.GET.get('is_embeddable', False), }) response.status_code = 403 return response else: return response
def execute_query(request, design_id=None, query_history_id=None): """ View function for executing an arbitrary query. """ action = 'query' if query_history_id: query_history = authorized_get_query_history(request, query_history_id, must_exist=True) design = query_history.design try: if query_history.server_id and query_history.server_guid: handle, state = _get_query_handle_and_state(query_history) if 'on_success_url' in request.GET: if request.GET.get('on_success_url') and any([ regexp.match(request.GET.get('on_success_url')) for regexp in REDIRECT_WHITELIST.get() ]): action = 'watch-redirect' else: action = 'watch-results' else: action = 'editor-results' except QueryServerException, e: if 'Invalid query handle' in e.message or 'Invalid OperationHandle' in e.message: query_history.save_state(QueryHistory.STATE.expired) LOG.warn("Invalid query handle", exc_info=sys.exc_info()) action = 'editor-expired-results' else: raise e
def execute_query(request, design_id=None, query_history_id=None): """ View function for executing an arbitrary query. """ action = 'query' if query_history_id: query_history = authorized_get_query_history(request, query_history_id, must_exist=True) design = query_history.design try: if query_history.server_id and query_history.server_guid: handle, state = _get_query_handle_and_state(query_history) if 'on_success_url' in request.GET: if request.GET.get('on_success_url') and any( [regexp.match(request.GET.get('on_success_url')) for regexp in REDIRECT_WHITELIST.get()] ): action = 'watch-redirect' else: action = 'watch-results' else: action = 'editor-results' except QueryServerException as e: if 'Invalid query handle' in e.message or 'Invalid OperationHandle' in e.message: query_history.save_state(QueryHistory.STATE.expired) LOG.warn("Invalid query handle", exc_info=sys.exc_info()) action = 'editor-expired-results' else: raise e else: # Check perms. authorized_get_design(request, design_id) app_name = get_app_name(request) query_type = SavedQuery.TYPES_MAPPING[app_name] design = safe_get_design(request, query_type, design_id) query_history = None current_app, other_apps, apps_list = _get_apps(request.user, '') doc = design and design.id and design.doc.get() context = { 'design': design, 'apps': apps_list, 'query': query_history, # Backward 'query_history': query_history, 'autocomplete_base_url': reverse(get_app_name(request) + ':api_autocomplete_databases', kwargs={}), 'autocomplete_base_url_hive': reverse('beeswax:api_autocomplete_databases', kwargs={}), 'can_edit_name': design and design.id and not design.is_auto, 'doc_id': doc and doc.id or -1, 'can_edit': doc and doc.can_write(request.user), 'action': action, 'on_success_url': request.GET.get('on_success_url'), 'has_metastore': 'metastore' in get_apps_dict(request.user) } return render('execute.mako', request, context)
def execute_query(request, design_id=None, query_history_id=None): """ View function for executing an arbitrary query. """ action = 'query' if query_history_id: query_history = authorized_get_query_history(request, query_history_id, must_exist=True) design = query_history.design try: if query_history.server_id and query_history.server_guid: handle, state = _get_query_handle_and_state(query_history) if 'on_success_url' in request.GET: if request.GET.get('on_success_url') and any([regexp.match(request.GET.get('on_success_url')) for regexp in REDIRECT_WHITELIST.get()]): action = 'watch-redirect' else: action = 'watch-results' else: action = 'editor-results' except QueryServerException, e: if 'Invalid query handle' in e.message or 'Invalid OperationHandle' in e.message: query_history.save_state(QueryHistory.STATE.expired) LOG.warn("Invalid query handle", exc_info=sys.exc_info()) action = 'editor-expired-results' else: raise e