def render(self, request): _ = Translation(request.getSession())._ acls = ACLs(request.getSession()) moduleManager = request.site.moduleManager categoryManager = request.site.categoryManager moduleManager.load() categoryManager.load() permitted_commands = acls.get_permitted_commands(moduleManager).values() modules = [ self._module_definition(module, _) for module in permitted_commands if not module.flavors ] modules.extend([ self._flavor_definition(module, flavor, _) for module in permitted_commands for flavor in module.flavors ]) categories = [ self._category_definition(category, _) for category in categoryManager.values() ] # TODO: break API: only return modules; categories should be fetched by "/get/categories/list" return dict( categories=categories, modules=modules )
def get_request_header(self, request, methodname):
session = request.getSession()
user = User(session)
translation = Translation(session)
acls = ACLs(session)
return {
'Content-Type': 'application/json',
'Accept-Language': translation.get_language(),
'Accept': request.getHeader('Accept', ''),
'User-Agent': request.getHeader('User-Agent', ''),
'Authorization': 'basic %s' % ('%s:%s' % (user.username, user.password)).encode('base64').strip(),
'X-Forwarded-For': request.getClientIP(),
'X-UMC-Flavor': request.getHeader('X-UMC-Flavor', ''),
'X-User-Dn': user.userdn or '',
'X-UMC-Method': methodname,
'X-UMC-Acls': acls.json(), # TODO: remove, only send filename
}
def render(self, request):
session = request.getSession()
acls = ACLs(session)
moduleManager = request.site.moduleManager
command = '/'.join(request.prepath[1:])
module_name = acls.get_module_providing(moduleManager, command)
if not module_name:
MODULE.warn('No module provides %s' % (command))
request.setResponseCode(BAD_REQUEST_FORBIDDEN)
return
MODULE.info('Checking ACLs for %s (%s)' % (command, module_name))
if not acls.is_command_allowed(request, command):
MODULE.warn('Command %s is not allowed' % (command))
request.setResponseCode(BAD_REQUEST_FORBIDDEN)
return
methodname = acls.get_method_name(moduleManager, module_name, command)
if not methodname:
MODULE.warn('Command %s does not exists' % (command))
request.setResponseCode(BAD_REQUEST_NOT_FOUND)
return
headers = self.get_request_header(request, methodname)
body = self.get_request_body(request)
CORE.info('Passing new request to module %s' % (module_name,))
process = self.get_process(session, module_name)
urequest = process.request(request.method, request.uri, headers, body)
urequest.addCallback(self.respond, request)
urequest.addErrback(self.failed_request, request)
return NOT_DONE_YET
