def handler(mod_python_req, fields=None, is_profiling=False):
# Create an object that contains all data about the request and
# helper functions for creating valid HTML. Parse URI and
# store results in the request object for later usage.
__builtin__.html = html_mod_python(mod_python_req, fields)
response_code = apache.OK
try:
config.initialize()
init_profiling(is_profiling)
html.init_modes()
# Make sure all plugins are avaiable as early as possible. At least
# we need the plugins (i.e. the permissions declared in these) at the
# time before the first login for generating auth.php.
modules.load_all_plugins()
# Get page handler.
handler = modules.get_handler(html.myfile, page_not_found)
# Some pages do skip authentication. This is done by adding
# noauth: to the page hander, e.g. "noauth:run_cron" : ...
# TODO: Eliminate those "noauth:" pages. Eventually replace it by call using
# the now existing default automation user.
if handler == page_not_found:
handler = modules.get_handler("noauth:" + html.myfile,
page_not_found)
if handler != page_not_found:
try:
handler()
except Exception, e:
html.write_text("%s" % e)
if config.debug:
html.write_text(traceback.format_exc())
raise FinalizeRequest()
# Ensure the user is authenticated. This call is wrapping all the different
# authentication modes the Check_MK GUI supports and initializes the logged
# in user objects.
if not login.authenticate(mod_python_req):
handle_not_authenticated()
# Initialize the multiste i18n. This will be replaced by
# language settings stored in the user profile after the user
# has been initialized
previous_language = i18n.get_current_language()
i18n.localize(html.var("lang", config.user.language()))
# All plugins might have to be reloaded due to a language change. Only trigger
# a second plugin loading when the user is really using a custom localized GUI.
# Otherwise the load_all_plugins() at the beginning of the request is sufficient.
if i18n.get_current_language() != previous_language:
modules.load_all_plugins()
ensure_general_access()
handler()
def page_logout():
invalidate_auth_session()
if auth_type == 'cookie':
html.http_redirect(config.url_prefix() + 'check_mk/login.py')
else:
# Implement HTTP logout with cookie hack
if not html.has_cookie('logout'):
html.set_http_header('WWW-Authenticate', 'Basic realm="OMD Monitoring Site %s"' % config.omd_site())
html.set_cookie('logout', '1')
raise FinalizeRequest(401)
else:
html.del_cookie('logout')
html.http_redirect(config.url_prefix() + 'check_mk/')
def handle_not_authenticated():
if fail_silently():
# While api call don't show the login dialog
raise MKUnauthenticatedException(_('You are not authenticated.'))
# Redirect to the login-dialog with the current url as original target
# Never render the login form directly when accessing urls like "index.py"
# or "dashboard.py". This results in strange problems.
if html.myfile != 'login':
html.http_redirect('%scheck_mk/login.py?_origtarget=%s' %
(config.url_prefix(), html.urlencode(html.makeuri([]))))
else:
# This either displays the login page or validates the information submitted
# to the login form. After successful login a http redirect to the originally
# requested page is performed.
login.page_login(plain_error())
raise FinalizeRequest()
def init_profiling(is_profiling):
if not is_profiling and config.profile:
import cProfile
# Ubuntu: install python-profiler when using this feature
profile_file = cmk.paths.var_dir + "/multisite.profile"
p = cProfile.Profile()
p.runcall(handler, html.req, html.fields, True)
p.dump_stats(profile_file)
file(profile_file + ".py", "w").write(
"#!/usr/bin/env python\n"
"import pstats\n"
"stats = pstats.Stats(%r)\n"
"stats.sort_stats('time').print_stats()\n" % profile_file)
os.chmod(profile_file + ".py", 0755)
raise FinalizeRequest()