def get_engine(app_config: "CFG", prefix="sqlalchemy.", **kwargs) -> Engine:
sqlalchemy_params = sliced_dict(
app_config.__dict__,
beginning_key_string=prefix.upper().replace(".", "__"))
# INFO - G.M - 2019-04-30 - get setting as default config for supporting custom sqlalchemy
# parameter in config file only
new_config = sliced_dict(app_config.settings, beginning_key_string=prefix)
for key, value in sqlalchemy_params.items():
new_key = key.lower().replace("__", ".")
new_config[new_key] = value
return engine_from_config(new_config, prefix=prefix, **kwargs)
def _parse_additional_radicale_config(self, config: ConfigParser,
settings: dict) -> ConfigParser:
"""
Add settings params beginning with
"RADICALE_MAIN_SECTION.RADICALE_SUBMAIN_SECTION." to radicale config.
"""
radicales_params = sliced_dict(
data=settings,
beginning_key_string="{}.{}.".format(RADICALE_MAIN_SECTION,
RADICALE_SUBMAIN_SECTION),
)
for param_name, value in radicales_params.items():
parameter_parts = param_name.split(".")
assert len(parameter_parts) == 4
main_section, sub_main_section, radicale_section, radicale_param_config = (
parameter_parts)
assert main_section == "caldav"
assert sub_main_section == "radicale"
if not config.has_section(radicale_section):
config.add_section(radicale_section)
logger.debug(
self,
"Override radicale config: {} : {}".format(param_name, value))
config.set(radicale_section, radicale_param_config, value)
return config
def web(global_config: OrderedDict, **local_settings) -> Router:
""" This function returns a Pyramid WSGI application.
"""
settings = deepcopy(global_config)
settings.update(local_settings)
# set CFG object
app_config = CFG(settings)
app_config.configure_filedepot()
settings["CFG"] = app_config
# Init plugin manager
plugin_manager = init_plugin_manager(app_config)
settings["plugin_manager"] = plugin_manager
configurator = Configurator(settings=settings, autocommit=True)
# Add beaker session cookie
tracim_setting_for_beaker = sliced_dict(settings, beginning_key_string="session.")
tracim_setting_for_beaker["session.data_dir"] = app_config.SESSION__DATA_DIR
tracim_setting_for_beaker["session.lock_dir"] = app_config.SESSION__LOCK_DIR
tracim_setting_for_beaker["session.httponly"] = app_config.SESSION__HTTPONLY
tracim_setting_for_beaker["session.secure"] = app_config.SESSION__SECURE
session_factory = pyramid_beaker.session_factory_from_settings(tracim_setting_for_beaker)
configurator.set_session_factory(session_factory)
pyramid_beaker.set_cache_regions_from_settings(tracim_setting_for_beaker)
# Add AuthPolicy
configurator.include("pyramid_multiauth")
policies = []
if app_config.REMOTE_USER_HEADER:
policies.append(
RemoteAuthentificationPolicy(remote_user_login_header=app_config.REMOTE_USER_HEADER)
)
policies.append(CookieSessionAuthentificationPolicy())
policies.append(QueryTokenAuthentificationPolicy())
if app_config.API__KEY:
policies.append(
ApiTokenAuthentificationPolicy(
api_key_header=TRACIM_API_KEY_HEADER,
api_user_login_header=TRACIM_API_USER_LOGIN_HEADER,
)
)
policies.append(TracimBasicAuthAuthenticationPolicy(realm=BASIC_AUTH_WEBUI_REALM))
# Hack for ldap
if AuthType.LDAP in app_config.AUTH_TYPES:
import ldap3
configurator.include("pyramid_ldap3")
configurator.ldap_setup(
app_config.LDAP_URL,
bind=app_config.LDAP_BIND_DN,
passwd=app_config.LDAP_BIND_PASS,
use_tls=app_config.LDAP_TLS,
use_pool=app_config.LDAP_USE_POOL,
pool_size=app_config.LDAP_POOL_SIZE,
pool_lifetime=app_config.LDAP_POOL_LIFETIME,
get_info=app_config.LDAP_GET_INFO,
)
configurator.ldap_set_login_query(
base_dn=app_config.LDAP_USER_BASE_DN,
filter_tmpl=app_config.LDAP_USER_FILTER,
scope=ldap3.LEVEL,
attributes=ldap3.ALL_ATTRIBUTES,
)
configurator.include(add_cors_support)
# make sure to add this before other routes to intercept OPTIONS
configurator.add_cors_preflight_handler()
# Default authorization : Accept anything.
configurator.set_authorization_policy(AcceptAllAuthorizationPolicy())
authn_policy = MultiAuthenticationPolicy(policies)
configurator.set_authentication_policy(authn_policy)
# INFO - GM - 11-04-2018 - set default perm
# setting default perm is needed to force authentification
# mechanism in all views.
configurator.set_default_permission(TRACIM_DEFAULT_PERM)
# Override default request
configurator.set_request_factory(TracimRequest)
# Pyramids "plugin" include.
# Add SqlAlchemy DB
init_models(configurator, app_config)
# set Hapic
context = TracimPyramidContext(
configurator=configurator, default_error_builder=ErrorSchema(), debug=app_config.DEBUG
)
hapic.set_context(context)
# INFO - G.M - 2018-07-04 - global-context exceptions
# Not found
context.handle_exception(PageNotFound, HTTPStatus.NOT_FOUND)
# Bad request
context.handle_exception(WorkspaceNotFoundInTracimRequest, HTTPStatus.BAD_REQUEST)
context.handle_exception(UserNotFoundInTracimRequest, HTTPStatus.BAD_REQUEST)
context.handle_exception(ContentNotFoundInTracimRequest, HTTPStatus.BAD_REQUEST)
context.handle_exception(WorkspaceNotFound, HTTPStatus.BAD_REQUEST)
context.handle_exception(UserDoesNotExist, HTTPStatus.BAD_REQUEST)
context.handle_exception(ContentNotFound, HTTPStatus.BAD_REQUEST)
context.handle_exception(ContentTypeNotExist, HTTPStatus.BAD_REQUEST)
context.handle_exception(ContentInNotEditableState, HTTPStatus.BAD_REQUEST)
context.handle_exception(ContentTypeNotAllowed, HTTPStatus.BAD_REQUEST)
context.handle_exception(InvalidId, HTTPStatus.BAD_REQUEST)
context.handle_exception(SameValueError, HTTPStatus.BAD_REQUEST)
# Auth exception
context.handle_exception(NotAuthenticated, HTTPStatus.UNAUTHORIZED)
context.handle_exception(UserGivenIsNotTheSameAsAuthenticated, HTTPStatus.FORBIDDEN)
context.handle_exception(UserAuthenticatedIsNotActive, HTTPStatus.FORBIDDEN)
context.handle_exception(AuthenticationFailed, HTTPStatus.FORBIDDEN)
context.handle_exception(InsufficientUserRoleInWorkspace, HTTPStatus.FORBIDDEN)
context.handle_exception(InsufficientUserProfile, HTTPStatus.FORBIDDEN)
# Internal server error
context.handle_exception(OperationalError, HTTPStatus.INTERNAL_SERVER_ERROR)
context.handle_exception(Exception, HTTPStatus.INTERNAL_SERVER_ERROR)
# Add controllers
session_controller = SessionController()
system_controller = SystemController()
user_controller = UserController()
account_controller = AccountController()
reset_password_controller = ResetPasswordController()
workspace_controller = WorkspaceController()
comment_controller = CommentController()
configurator.include(session_controller.bind, route_prefix=BASE_API)
configurator.include(system_controller.bind, route_prefix=BASE_API)
configurator.include(user_controller.bind, route_prefix=BASE_API)
configurator.include(account_controller.bind, route_prefix=BASE_API)
configurator.include(reset_password_controller.bind, route_prefix=BASE_API)
configurator.include(workspace_controller.bind, route_prefix=BASE_API)
configurator.include(comment_controller.bind, route_prefix=BASE_API)
app_lib = ApplicationApi(app_list=app_list)
for app in app_lib.get_all():
app.load_controllers(
app_config=app_config, configurator=configurator, route_prefix=BASE_API, context=context
)
configurator.scan("tracim_backend.lib.utils.authentification")
# TODO - G.M - 2019-05-17 - check if possible to avoid this import here,
# import is here because import SearchController without adding it to
# pyramid make trouble in hapic which try to get view related
# to controller but failed.
from tracim_backend.lib.search.search_factory import SearchFactory
search_controller = SearchFactory.get_search_controller(app_config)
configurator.include(search_controller.bind, route_prefix=BASE_API)
if app_config.FRONTEND__SERVE:
configurator.include("pyramid_mako")
frontend_controller = FrontendController(
dist_folder_path=app_config.FRONTEND__DIST_FOLDER_PATH,
custom_toolbox_folder_path=app_config.FRONTEND__CUSTOM_TOOLBOX_FOLDER_PATH,
cache_token=app_config.FRONTEND__CACHE_TOKEN,
)
configurator.include(frontend_controller.bind)
# INFO - G.M - 2019-11-27 - Include plugin custom web code
plugin_manager.hook.web_include(configurator=configurator, app_config=app_config)
hapic.add_documentation_view("/api/doc", "Tracim API", "API of Tracim")
return configurator.make_wsgi_app()
def web(global_config, **local_settings):
""" This function returns a Pyramid WSGI application.
"""
settings = deepcopy(global_config)
settings.update(local_settings)
# set CFG object
app_config = CFG(settings)
app_config.configure_filedepot()
settings["CFG"] = app_config
configurator = Configurator(settings=settings, autocommit=True)
# Add beaker session cookie
tracim_setting_for_beaker = sliced_dict(settings, beginning_key_string="session.")
tracim_setting_for_beaker["session.data_dir"] = app_config.SESSION__DATA_DIR
tracim_setting_for_beaker["session.lock_dir"] = app_config.SESSION__LOCK_DIR
session_factory = pyramid_beaker.session_factory_from_settings(tracim_setting_for_beaker)
configurator.set_session_factory(session_factory)
pyramid_beaker.set_cache_regions_from_settings(tracim_setting_for_beaker)
# Add AuthPolicy
configurator.include("pyramid_multiauth")
policies = []
if app_config.REMOTE_USER_HEADER:
policies.append(
RemoteAuthentificationPolicy(
remote_user_email_login_header=app_config.REMOTE_USER_HEADER
)
)
policies.append(
CookieSessionAuthentificationPolicy(reissue_time=app_config.SESSION__REISSUE_TIME)
)
if app_config.API__KEY:
policies.append(
ApiTokenAuthentificationPolicy(
api_key_header=TRACIM_API_KEY_HEADER,
api_user_email_login_header=TRACIM_API_USER_EMAIL_LOGIN_HEADER,
)
)
policies.append(TracimBasicAuthAuthenticationPolicy(realm=BASIC_AUTH_WEBUI_REALM))
# Hack for ldap
if AuthType.LDAP in app_config.AUTH_TYPES:
import ldap3
configurator.include("pyramid_ldap3")
configurator.ldap_setup(
app_config.LDAP_URL,
bind=app_config.LDAP_BIND_DN,
passwd=app_config.LDAP_BIND_PASS,
use_tls=app_config.LDAP_TLS,
use_pool=app_config.LDAP_USE_POOL,
pool_size=app_config.LDAP_POOL_SIZE,
pool_lifetime=app_config.LDAP_POOL_LIFETIME,
get_info=app_config.LDAP_GET_INFO,
)
configurator.ldap_set_login_query(
base_dn=app_config.LDAP_USER_BASE_DN,
filter_tmpl=app_config.LDAP_USER_FILTER,
scope=ldap3.LEVEL,
attributes=ldap3.ALL_ATTRIBUTES,
)
configurator.include(add_cors_support)
# make sure to add this before other routes to intercept OPTIONS
configurator.add_cors_preflight_handler()
# Default authorization : Accept anything.
configurator.set_authorization_policy(AcceptAllAuthorizationPolicy())
authn_policy = MultiAuthenticationPolicy(policies)
configurator.set_authentication_policy(authn_policy)
# INFO - GM - 11-04-2018 - set default perm
# setting default perm is needed to force authentification
# mecanism in all views.
configurator.set_default_permission(TRACIM_DEFAULT_PERM)
# Override default request
configurator.set_request_factory(TracimRequest)
# Pyramids "plugin" include.
configurator.include("pyramid_jinja2")
# Add SqlAlchemy DB
init_models(configurator, app_config)
# set Hapic
context = PyramidContext(
configurator=configurator, default_error_builder=ErrorSchema(), debug=app_config.DEBUG
)
hapic.set_context(context)
# INFO - G.M - 2018-07-04 - global-context exceptions
# Not found
context.handle_exception(PageNotFound, HTTPStatus.NOT_FOUND)
# Bad request
context.handle_exception(WorkspaceNotFoundInTracimRequest, HTTPStatus.BAD_REQUEST)
context.handle_exception(UserNotFoundInTracimRequest, HTTPStatus.BAD_REQUEST)
context.handle_exception(ContentNotFoundInTracimRequest, HTTPStatus.BAD_REQUEST)
context.handle_exception(WorkspaceNotFound, HTTPStatus.BAD_REQUEST)
context.handle_exception(UserDoesNotExist, HTTPStatus.BAD_REQUEST)
context.handle_exception(ContentNotFound, HTTPStatus.BAD_REQUEST)
context.handle_exception(ContentTypeNotExist, HTTPStatus.BAD_REQUEST)
context.handle_exception(ContentInNotEditableState, HTTPStatus.BAD_REQUEST)
context.handle_exception(ContentTypeNotAllowed, HTTPStatus.BAD_REQUEST)
context.handle_exception(InvalidId, HTTPStatus.BAD_REQUEST)
context.handle_exception(SameValueError, HTTPStatus.BAD_REQUEST)
# Auth exception
context.handle_exception(NotAuthenticated, HTTPStatus.UNAUTHORIZED)
context.handle_exception(UserGivenIsNotTheSameAsAuthenticated, HTTPStatus.FORBIDDEN)
context.handle_exception(UserAuthenticatedIsNotActive, HTTPStatus.FORBIDDEN)
context.handle_exception(AuthenticationFailed, HTTPStatus.FORBIDDEN)
context.handle_exception(InsufficientUserRoleInWorkspace, HTTPStatus.FORBIDDEN)
context.handle_exception(InsufficientUserProfile, HTTPStatus.FORBIDDEN)
# Internal server error
context.handle_exception(OperationalError, HTTPStatus.INTERNAL_SERVER_ERROR)
context.handle_exception(Exception, HTTPStatus.INTERNAL_SERVER_ERROR)
# Add controllers
session_controller = SessionController()
system_controller = SystemController()
user_controller = UserController()
account_controller = AccountController()
reset_password_controller = ResetPasswordController()
workspace_controller = WorkspaceController()
comment_controller = CommentController()
html_document_controller = HTMLDocumentController()
thread_controller = ThreadController()
file_controller = FileController()
folder_controller = FolderController()
configurator.include(session_controller.bind, route_prefix=BASE_API_V2)
configurator.include(system_controller.bind, route_prefix=BASE_API_V2)
configurator.include(user_controller.bind, route_prefix=BASE_API_V2)
configurator.include(account_controller.bind, route_prefix=BASE_API_V2)
configurator.include(reset_password_controller.bind, route_prefix=BASE_API_V2)
configurator.include(workspace_controller.bind, route_prefix=BASE_API_V2)
configurator.include(comment_controller.bind, route_prefix=BASE_API_V2)
configurator.include(html_document_controller.bind, route_prefix=BASE_API_V2)
configurator.include(thread_controller.bind, route_prefix=BASE_API_V2)
configurator.include(file_controller.bind, route_prefix=BASE_API_V2)
configurator.include(folder_controller.bind, route_prefix=BASE_API_V2)
if app_config.CALDAV__ENABLED:
# FIXME - G.M - 2019-03-18 - check if possible to avoid this import here,
# import is here because import AgendaController without adding it to
# pyramid make trouble in hapic which try to get view related
# to controller but failed.
from tracim_backend.views.agenda_api.agenda_controller import AgendaController
configurator.include(add_www_authenticate_header_for_caldav)
# caldav exception
context.handle_exception(CaldavNotAuthorized, HTTPStatus.FORBIDDEN)
context.handle_exception(CaldavNotAuthenticated, HTTPStatus.UNAUTHORIZED)
# controller
radicale_proxy_controller = RadicaleProxyController(
proxy_base_address=app_config.CALDAV__RADICALE_PROXY__BASE_URL,
radicale_base_path=app_config.CALDAV__RADICALE__BASE_PATH,
radicale_user_path=app_config.CALDAV__RADICALE__USER_PATH,
radicale_workspace_path=app_config.CALDAV_RADICALE_WORKSPACE_PATH,
)
agenda_controller = AgendaController()
configurator.include(agenda_controller.bind, route_prefix=BASE_API_V2)
configurator.include(radicale_proxy_controller.bind)
if app_config.FRONTEND__SERVE:
configurator.include("pyramid_mako")
frontend_controller = FrontendController(app_config.FRONTEND__DIST_FOLDER_PATH)
configurator.include(frontend_controller.bind)
hapic.add_documentation_view("/api/v2/doc", "Tracim v2 API", "API of Tracim v2")
return configurator.make_wsgi_app()
