Пример #1
0
 def _raise_timeout(user_id):
     length = self.failed_logins[user_ip_sid]["count"]
     timeout = (length - 2) * 30
     details = e = UnauthorizedError("WOKAUTH0004E",
                                     {"seconds": timeout})
     log_request(code, params, details, method, 403)
     raise cherrypy.HTTPError(403, e.message)
Пример #2
0
 def _raise_timeout(user_id):
     length = self.failed_logins[user_ip_sid]["count"]
     timeout = (length - 2) * 30
     details = e = UnauthorizedError("WOKAUTH0004E",
                                     {"seconds": timeout})
     log_request(code, params, details, method, 403)
     raise cherrypy.HTTPError(403, e.message)
Пример #3
0
 def _raise_timeout(user_id):
     length = self.failed_logins[user_ip_sid]['count']
     timeout = (length - 2) * 30
     details = e = UnauthorizedError(
         'WOKAUTH0004E', {'seconds': timeout})
     log_request(code, params, details, method, 403)
     raise cherrypy.HTTPError(403, str(e))
Пример #4
0
 def _log(self, code, status, exception=None):
     log_request(code, {'target_uri': self.target_uri},
                 exception,
                 ASYNCTASK_REQUEST_METHOD,
                 status,
                 app=self.app,
                 user='',
                 ip='')
Пример #5
0
    def logout(self):
        method = 'POST'
        code = self.getRequestMessage(method, 'logout')
        params = {'username': cherrypy.session.get(auth.USER_NAME, 'N/A')}

        auth.logout()

        log_request(code, params, None, method, 200, user=params['username'])

        return '{}'
Пример #6
0
    def logout(self):
        method = 'POST'
        code = self.getRequestMessage(method, 'logout')
        params = {'username': cherrypy.session.get(auth.USER_NAME, 'N/A')}

        auth.logout()

        log_request(code, params, None, method, 200, user=params['username'])

        return '{}'
Пример #7
0
 def _log(self, code, status, exception=None):
     log_request(
         code,
         {'target_uri': self.target_uri},
         exception,
         ASYNCTASK_REQUEST_METHOD,
         status,
         app=self.app,
         user='',
         ip=''
     )
Пример #8
0
    def login(self, *args):
        details = None
        method = 'POST'
        code = self.getRequestMessage(method, 'login')

        try:
            params = parse_request()
            username = params['username']
            password = params['password']
        except KeyError, item:
            details = e = MissingParameter('WOKAUTH0003E', {'item': str(item)})
            log_request(code, params, details, method, 400)
            raise cherrypy.HTTPError(400, e.message)
Пример #9
0
    def create(self, params, *args):
        try:
            create = getattr(self.model, model_fn(self, 'create'))
        except AttributeError:
            e = InvalidOperation(
                'WOKAPI0005E', {'resource': get_class_name(self)})
            raise cherrypy.HTTPError(405, str(e))

        validate_params(params, self, 'create')
        args = self.model_args + [params]
        task = create(*args)
        cherrypy.response.status = 202

        # log request
        method = 'POST'
        code = self.getRequestMessage(method)
        reqParams = utf8_dict(self.log_args, params)
        log_id = log_request(
            code,
            reqParams,
            None,
            method,
            cherrypy.response.status,
            class_name=get_class_name(self),
        )
        save_request_log_id(log_id, task['id'])

        return wok.template.render('Task', task)
Пример #10
0
    def delete(self):
        try:
            fn = getattr(self.model, model_fn(self, 'delete'))
            task = fn(*self.model_args)
        except AttributeError:
            e = InvalidOperation(
                'WOKAPI0002E', {'resource': get_class_name(self)})
            raise cherrypy.HTTPError(405, str(e))

        cherrypy.response.status = 202

        # log request
        method = 'DELETE'
        code = self.getRequestMessage(method)
        reqParams = utf8_dict(self.log_args)
        log_id = log_request(
            code,
            reqParams,
            None,
            method,
            cherrypy.response.status,
            class_name=get_class_name(self),
        )
        save_request_log_id(log_id, task['id'])

        return wok.template.render('Task', task)
Пример #11
0
        def wrapper(*args, **kwargs):
            # status must be always set in order to request be logged.
            # use 500 as fallback for "exception not handled" cases.
            if protected is not None and protected:
                wokauth()

            details = None
            status = 500

            method = 'POST'
            validate_method(method, self.admin_methods)
            try:
                request = parse_request()
                validate_params(request, self, action_name)
                self.lookup()
                if not self.is_authorized():
                    raise UnauthorizedError('WOKAPI0009E')

                model_args = list(self.model_args)
                if action_args is not None:
                    model_args.extend(
                        request[key] if key in request.keys() else None
                        for key in action_args
                    )

                action_fn = getattr(self.model, model_fn(self, action_name))
                action_result = action_fn(*model_args)
                status = 200

                if destructive is False or (
                    'persistent' in self.info.keys(
                    ) and self.info['persistent'] is True
                ):
                    result = render_fn(self, action_result)
                    status = cherrypy.response.status

                    return result
            except WokException as e:
                details = e
                status = e.getHttpStatusCode()
                raise cherrypy.HTTPError(status, str(e))
            finally:
                # log request
                code = self.getRequestMessage(method, action_name)
                reqParams = utf8_dict(self.log_args, request)
                log_id = log_request(
                    code,
                    reqParams,
                    details,
                    method,
                    status,
                    class_name=get_class_name(self),
                    action_name=action_name,
                )
                if status == 202:
                    save_request_log_id(log_id, action_result['id'])
Пример #12
0
    def index(self, *args, **kargs):
        # status must be always set in order to request be logged.
        # use 500 as fallback for "exception not handled" cases.
        details = None
        status = 500

        method = validate_method(('GET', 'DELETE', 'PUT'), self.admin_methods)

        try:
            self.lookup()
            if not self.is_authorized():
                raise UnauthorizedError('WOKAPI0009E')

            result = {
                'GET': self.get,
                'DELETE': self.delete,
                'PUT': self.update
            }[method](*args, **kargs)

            status = cherrypy.response.status
        except WokException as e:
            details = e
            status = e.getHttpStatusCode()
            raise cherrypy.HTTPError(status, str(e))
        except cherrypy.HTTPError as e:
            status = e.status
            raise
        finally:
            # log request
            if method not in LOG_DISABLED_METHODS and status != 202:
                code = self.getRequestMessage(method)
                log_request(
                    code,
                    self.log_args,
                    details,
                    method,
                    status,
                    class_name=get_class_name(self),
                )

        return result
Пример #13
0
    def index(self, *args, **kwargs):
        # status must be always set in order to request be logged.
        # use 500 as fallback for "exception not handled" cases.
        details = None
        status = 500

        params = {}
        method = validate_method(('GET', 'POST'), self.admin_methods)

        try:
            if method == 'GET':
                params = cherrypy.request.params
                validate_params(params, self, 'get_list')
                return self.get(params)
            elif method == 'POST':
                params = parse_request()
                result = self.create(params, *args)
                status = cherrypy.response.status
                return result
        except WokException as e:
            details = e
            status = e.getHttpStatusCode()
            raise cherrypy.HTTPError(status, str(e))
        except cherrypy.HTTPError as e:
            status = e.status
            raise
        finally:
            if method not in LOG_DISABLED_METHODS and status != 202:
                # log request
                code = self.getRequestMessage(method)
                reqParams = utf8_dict(self.log_args, params)
                log_request(
                    code,
                    reqParams,
                    details,
                    method,
                    status,
                    class_name=get_class_name(self),
                )
Пример #14
0
    def login(self, *args):
        def _raise_timeout(user_id):
            length = self.failed_logins[user_ip_sid]["count"]
            timeout = (length - 2) * 30
            details = e = UnauthorizedError("WOKAUTH0004E",
                                            {"seconds": timeout})
            log_request(code, params, details, method, 403)
            raise cherrypy.HTTPError(403, e.message)

        details = None
        method = 'POST'
        code = self.getRequestMessage(method, 'login')

        try:
            params = parse_request()
            validate_params(params, self, "login")
            username = params['username']
            password = params['password']
        except WokException, e:
            details = e = OperationFailed("WOKAUTH0007E")
            status = e.getHttpStatusCode()
            log_request(code, params, details, method, 400)
            raise cherrypy.HTTPError(400, e.message)
Пример #15
0
    def login(self, *args):
        def _raise_timeout(user_id):
            length = self.failed_logins[user_ip_sid]["count"]
            timeout = (length - 2) * 30
            details = e = UnauthorizedError("WOKAUTH0004E",
                                            {"seconds": timeout})
            log_request(code, params, details, method, 403)
            raise cherrypy.HTTPError(403, e.message)

        details = None
        method = 'POST'
        code = self.getRequestMessage(method, 'login')

        try:
            params = parse_request()
            validate_params(params, self, "login")
            username = params['username']
            password = params['password']
        except WokException, e:
            details = e = OperationFailed("WOKAUTH0007E")
            status = e.getHttpStatusCode()
            log_request(code, params, details, method, 400)
            raise cherrypy.HTTPError(400, e.message)
Пример #16
0
    def delete(self):
        try:
            fn = getattr(self.model, model_fn(self, 'delete'))
            task = fn(*self.model_args)
        except AttributeError:
            e = InvalidOperation('WOKAPI0002E', {'resource':
                                                 get_class_name(self)})
            raise cherrypy.HTTPError(405, e.message)

        cherrypy.response.status = 202

        # log request
        method = 'DELETE'
        code = self.getRequestMessage(method)
        reqParams = utf8_dict(self.log_args)
        log_id = log_request(code, reqParams, None, method,
                             cherrypy.response.status)
        save_request_log_id(log_id, task['id'])

        return wok.template.render("Task", task)
Пример #17
0
    def create(self, params, *args):
        try:
            create = getattr(self.model, model_fn(self, 'create'))
        except AttributeError:
            e = InvalidOperation('WOKAPI0005E', {'resource':
                                                 get_class_name(self)})
            raise cherrypy.HTTPError(405, e.message)

        validate_params(params, self, 'create')
        args = self.model_args + [params]
        task = create(*args)
        cherrypy.response.status = 202

        # log request
        method = 'POST'
        code = self.getRequestMessage(method)
        reqParams = utf8_dict(self.log_args, params)
        log_id = log_request(code, reqParams, None, method,
                             cherrypy.response.status)
        save_request_log_id(log_id, task['id'])

        return wok.template.render("Task", task)
Пример #18
0
                    result = render_fn(self, action_result)
                    status = cherrypy.response.status

                    return result
            except WokException, e:
                details = e
                status = e.getHttpStatusCode()
                raise cherrypy.HTTPError(status, e.message)
            finally:
                # log request
                code = self.getRequestMessage(method, action_name)
                reqParams = utf8_dict(self.log_args, request)
                log_id = log_request(code,
                                     reqParams,
                                     details,
                                     method,
                                     status,
                                     class_name=get_class_name(self),
                                     action_name=action_name)
                if status == 202:
                    save_request_log_id(log_id, action_result['id'])

        wrapper.__name__ = action_name
        wrapper.exposed = True
        return wrapper

    def lookup(self):
        try:
            lookup = getattr(self.model, model_fn(self, 'lookup'))
            self.info = lookup(*self.model_args)
        except AttributeError:
Пример #19
0
    def login(self, *args):
        def _raise_timeout(user_id):
            length = self.failed_logins[user_ip_sid]['count']
            timeout = (length - 2) * 30
            details = e = UnauthorizedError(
                'WOKAUTH0004E', {'seconds': timeout})
            log_request(code, params, details, method, 403)
            raise cherrypy.HTTPError(403, str(e))

        details = None
        method = 'POST'
        code = self.getRequestMessage(method, 'login')

        try:
            params = parse_request()
            validate_params(params, self, 'login')
            username = params['username']
            password = params['password']
        except WokException as e:
            details = e = OperationFailed('WOKAUTH0007E')
            log_request(code, params, details, method, 400)
            raise cherrypy.HTTPError(400, str(e))

        # get authentication info
        remote_ip = cherrypy.request.remote.ip
        session_id = str(cherrypy.session.originalid)
        user_ip_sid = re.escape(username + remote_ip + session_id)

        # check for repetly
        count = self.failed_logins.get(user_ip_sid, {'count': 0}).get('count')
        if count >= 3:

            # verify if timeout is still valid
            last_try = self.failed_logins[user_ip_sid]['time']
            if time.time() < (last_try + ((count - 2) * 30)):
                _raise_timeout(user_ip_sid)
            else:
                self.failed_logins.pop(user_ip_sid)

        try:
            status = 200
            user_info = auth.login(username, password)

            # user logged sucessfuly: reset counters
            if self.failed_logins.get(user_ip_sid) is not None:
                self.failed_logins.pop(user_ip_sid)
        except cherrypy.HTTPError as e:

            # store time and prevent too much tries
            if self.failed_logins.get(user_ip_sid) is None:
                self.failed_logins[user_ip_sid] = {
                    'time': time.time(),
                    'ip': remote_ip,
                    'session_id': session_id,
                    'username': username,
                    'count': 1,
                }
            else:
                # tries take more than 30 seconds between each one: do not
                # increase count
                if time.time() - self.failed_logins[user_ip_sid]['time'] < 30:

                    self.failed_logins[user_ip_sid]['time'] = time.time()
                    self.failed_logins[user_ip_sid]['count'] += 1

            # more than 3 fails: raise error
            if self.failed_logins[user_ip_sid]['count'] >= 3:
                _raise_timeout(user_ip_sid)

            # return same error message to frontend
            details = e = OperationFailed('WOKAUTH0008E')
            status = e.getHttpStatusCode()
            raise cherrypy.HTTPError(401, str(e))
        finally:
            send_wok_notification('', 'login', 'POST')
            log_request(code, params, details, method, status)

        return json.dumps(user_info)
Пример #20
0
            params = parse_request()
            username = params['username']
            password = params['password']
        except KeyError, item:
            details = e = MissingParameter('WOKAUTH0003E', {'item': str(item)})
            log_request(code, params, details, method, 400)
            raise cherrypy.HTTPError(400, e.message)

        try:
            status = 200
            user_info = auth.login(username, password)
        except cherrypy.HTTPError, e:
            status = e.status
            raise
        finally:
            log_request(code, params, details, method, status)

        return json.dumps(user_info)

    @cherrypy.expose
    def logout(self):
        method = 'POST'
        code = self.getRequestMessage(method, 'logout')
        params = {'username': cherrypy.session.get(auth.USER_NAME, 'N/A')}

        auth.logout()

        log_request(code, params, None, method, 200, user=params['username'])

        return '{}'
Пример #21
0
                        self.failed_logins[user_ip_sid]["time"]) < 30:

                    self.failed_logins[user_ip_sid]["time"] = time.time()
                    self.failed_logins[user_ip_sid]["count"] += 1

            # more than 3 fails: raise error
            if self.failed_logins[user_ip_sid]["count"] >= 3:
                _raise_timeout(user_ip_sid)

            # return same error message to frontend
            details = e = OperationFailed("WOKAUTH0008E")
            status = e.getHttpStatusCode()
            raise cherrypy.HTTPError(401, e.message)
        finally:
            send_wok_notification('', 'login', 'POST')
            log_request(code, params, details, method, status)

        return json.dumps(user_info)

    @cherrypy.expose
    def logout(self):
        method = 'POST'
        code = self.getRequestMessage(method, 'logout')
        params = {'username': cherrypy.session.get(auth.USER_NAME, 'N/A')}

        auth.logout()

        send_wok_notification('', 'logout', 'POST')
        log_request(code, params, None, method, 200, user=params['username'])

        return '{}'
Пример #22
0
                if destructive is False or \
                    ('persistent' in self.info.keys() and
                     self.info['persistent'] is True):
                    result = render_fn(self, action_result)
                    status = cherrypy.response.status

                    return result
            except WokException, e:
                details = e
                status = e.getHttpStatusCode()
                raise cherrypy.HTTPError(status, e.message)
            finally:
                # log request
                code = self.getRequestMessage(method, action_name)
                reqParams = utf8_dict(self.log_args, request)
                log_id = log_request(code, reqParams, details, method, status)
                if status == 202:
                    save_request_log_id(log_id, action_result['id'])

        wrapper.__name__ = action_name
        wrapper.exposed = True
        return wrapper

    def lookup(self):
        try:
            lookup = getattr(self.model, model_fn(self, 'lookup'))
            self.info = lookup(*self.model_args)
        except AttributeError:
            self.info = {}

    def delete(self):