def process():
responseBody = {
'version': '1.1',
'error': None,
'result': None
}
requestBody = None
try:
# init/clear fossil cache
clearCache()
# read request
try:
requestBody = request.get_json()
Logger.get('rpc').info('json rpc request. request: {0}'.format(requestBody))
except BadRequest:
raise RequestError('ERR-R1', 'Invalid mime-type.')
if not requestBody:
raise RequestError('ERR-R2', 'Empty request.')
if 'id' in requestBody:
responseBody['id'] = requestBody['id']
# run request
responseBody['result'] = ServiceRunner().invokeMethod(str(requestBody['method']),
requestBody.get('params', []))
except CausedError as e:
try:
errorInfo = fossilize(e)
except NonFossilizableException as e2:
# catch Exceptions that are not registered as Fossils
# and log them
errorInfo = {'code': '', 'message': str(e2)}
Logger.get('dev').exception('Exception not registered as fossil')
# NoReport errors (i.e. not logged in) shouldn't be logged
if not isinstance(e, NoReportError):
Logger.get('rpc').exception('Service request failed. '
'Request text:\r\n{0}\r\n\r\n'.format(requestBody))
if requestBody:
params = requestBody.get('params', [])
Sanitization._escapeHTML(params)
errorInfo["requestInfo"] = {
'method': str(requestBody['method']),
'params': params,
'origin': str(requestBody.get('origin', 'unknown'))
}
Logger.get('rpc').debug('Arguments: {0}'.format(errorInfo['requestInfo']))
responseBody['error'] = errorInfo
try:
jsonResponse = dumps(responseBody, ensure_ascii=True)
except UnicodeError:
Logger.get('rpc').exception('Problem encoding JSON response')
# This is to avoid exceptions due to old data encodings (based on iso-8859-1)
responseBody['result'] = fix_broken_obj(responseBody['result'])
jsonResponse = encode(responseBody)
return app.response_class(jsonResponse, mimetype='application/json')
def _process_retry_setup(self):
# clear the fossile cache at the start of each request
fossilize.clearCache()
# clear after-commit queue
flush_after_commit_queue(False)
# delete all queued emails
GenericMailer.flushQueue(False)
# clear the existing redis pipeline
if self._redisPipeline:
self._redisPipeline.reset()
def _process_retry_setup(self):
# clear the fossile cache at the start of each request
fossilize.clearCache()
# clear after-commit queue
flush_after_commit_queue(False)
# delete all queued emails
GenericMailer.flushQueue(False)
# clear the existing redis pipeline
if self._redisPipeline:
self._redisPipeline.reset()
def process():
responseBody = {"version": "1.1", "error": None, "result": None}
requestBody = None
try:
# init/clear fossil cache
clearCache()
# read request
try:
requestBody = request.get_json()
Logger.get("rpc").info("json rpc request. request: {0}".format(requestBody))
except BadRequest:
raise RequestError("ERR-R1", "Invalid mime-type.")
if not requestBody:
raise RequestError("ERR-R2", "Empty request.")
if "id" in requestBody:
responseBody["id"] = requestBody["id"]
# run request
responseBody["result"] = ServiceRunner().invokeMethod(str(requestBody["method"]), requestBody.get("params", []))
except CausedError as e:
try:
errorInfo = fossilize(e)
except NonFossilizableException as e2:
# catch Exceptions that are not registered as Fossils
# and log them
errorInfo = {"code": "", "message": str(e2)}
Logger.get("dev").exception("Exception not registered as fossil")
# NoReport errors (i.e. not logged in) shouldn't be logged
if not isinstance(e, NoReportError):
Logger.get("rpc").exception("Service request failed. " "Request text:\r\n{0}\r\n\r\n".format(requestBody))
if requestBody:
params = requestBody.get("params", [])
Sanitization._escapeHTML(params)
errorInfo["requestInfo"] = {
"method": str(requestBody["method"]),
"params": params,
"origin": str(requestBody.get("origin", "unknown")),
}
Logger.get("rpc").debug("Arguments: {0}".format(errorInfo["requestInfo"]))
responseBody["error"] = errorInfo
try:
jsonResponse = dumps(responseBody, ensure_ascii=True)
except UnicodeError:
Logger.get("rpc").exception("Problem encoding JSON response")
# This is to avoid exceptions due to old data encodings (based on iso-8859-1)
responseBody["result"] = fix_broken_obj(responseBody["result"])
jsonResponse = encode(responseBody)
return app.response_class(jsonResponse, mimetype="application/json")
def process():
responseBody = {
"version": "1.1",
"error": None,
"result": None
}
requestBody = None
try:
# check content type (if the users know what they are using)
#if req.content_type != "application/json":
# raise RequestError("Invalid content type. It must be 'application/json'.")
# init/clear fossil cache
clearCache()
# read request
requestText = request.data # TODO: use request.json!
Logger.get('rpc').info('json rpc request. request text= ' + str(requestText))
if requestText == "":
raise RequestError("ERR-R2", "Empty request.")
# decode json
try:
requestBody = decode(requestText)
except Exception, e:
raise RequestError("ERR-R3", "Error parsing json request.", e)
if "id" in requestBody:
responseBody["id"] = requestBody["id"]
result = ServiceRunner().invokeMethod(str(requestBody["method"]), requestBody.get("params", []))
# serialize result
try:
responseBody["result"] = result
except Exception:
raise ProcessError("ERR-P1", "Error during serialization.")
def process( self, params ):
"""
"""
profile = Config.getInstance().getProfile()
proffilename = ""
res = ""
MAX_RETRIES = 10
retry = MAX_RETRIES
textLog = []
self._startTime = datetime.now()
# clear the context
ContextManager.destroy()
ContextManager.set('currentRH', self)
#redirect to https if necessary
if self._checkHttpsRedirect():
return
DBMgr.getInstance().startRequest()
self._startRequestSpecific2RH() # I.e. implemented by Room Booking request handlers
textLog.append("%s : Database request started"%(datetime.now() - self._startTime))
Logger.get('requestHandler').info('[pid=%s] Request %s started (%s)' % (os.getpid(),id(self._req), self._req.unparsed_uri))
# notify components that the request has started
self._notify('requestStarted', self._req)
forcedConflicts = Config.getInstance().getForceConflicts()
try:
while retry>0:
if retry < MAX_RETRIES:
# notify components that the request is being retried
self._notify('requestRetry', self._req, MAX_RETRIES - retry)
try:
Logger.get('requestHandler').info('\t[pid=%s] from host %s' % (os.getpid(), self.getHostIP()))
try:
# clear the fossile cache at the start of each request
fossilize.clearCache()
# delete all queued emails
GenericMailer.flushQueue(False)
DBMgr.getInstance().sync()
# keep a link to the web session in the access wrapper
# this is used for checking access/modification key existence
# in the user session
self._aw.setIP( self.getHostIP() )
self._aw.setSession(self._getSession())
#raise(str(dir(self._websession)))
self._setSessionUser()
self._setLang(params)
if self._getAuth():
if self._getUser():
Logger.get('requestHandler').info('Request %s identified with user %s (%s)' % (id(self._req), self._getUser().getFullName(), self._getUser().getId()))
if not self._tohttps and Config.getInstance().getAuthenticatedEnforceSecure():
self._tohttps = True
if self._checkHttpsRedirect():
return
#if self._getUser() != None and self._getUser().getId() == "893":
# profile = True
self._reqParams = copy.copy( params )
self._checkParams( self._reqParams )
self._checkProtection()
security.Sanitization.sanitizationCheck(self._target,
self._reqParams,
self._aw, self._doNotSanitizeFields)
if self._doProcess:
if profile:
import profile, pstats
proffilename = os.path.join(Config.getInstance().getTempDir(), "stone%s.prof" % str(random.random()))
result = [None]
profile.runctx("result[0] = self._process()", globals(), locals(), proffilename)
res = result[0]
else:
res = self._process()
# Save web session, just when needed
sm = session.getSessionManager()
sm.maintain_session(self._req, self._websession)
# notify components that the request has finished
self._notify('requestFinished', self._req)
# Raise a conflict error if enabled. This allows detecting conflict-related issues easily.
if retry > (MAX_RETRIES - forcedConflicts):
raise ConflictError
self._endRequestSpecific2RH( True ) # I.e. implemented by Room Booking request handlers
DBMgr.getInstance().endRequest( True )
Logger.get('requestHandler').info('Request %s successful' % (id(self._req)))
#request succesfull, now, doing tas that must be done only once
try:
GenericMailer.flushQueue(True) # send emails
self._deleteTempFiles()
except:
Logger.get('mail').exception('Mail sending operation failed')
pass
break
except MaKaCError, e:
#DBMgr.getInstance().endRequest(False)
res = self._processError(e)
except (ConflictError, POSKeyError):
import traceback
# only log conflict if it wasn't forced
if retry <= (MAX_RETRIES - forcedConflicts):
Logger.get('requestHandler').warning('Conflict in Database! (Request %s)\n%s' % (id(self._req), traceback.format_exc()))
self._abortSpecific2RH()
DBMgr.getInstance().abort()
retry -= 1
continue
except ClientDisconnected:
Logger.get('requestHandler').warning('Client Disconnected! (Request %s)' % id(self._req) )
self._abortSpecific2RH()
DBMgr.getInstance().abort()
retry -= 1
time.sleep(10-retry)
continue
except KeyAccessError, e:
#Key Access error treatment
res = self._processKeyAccessError( e )
self._endRequestSpecific2RH( False )
DBMgr.getInstance().endRequest(False)
def handler(prefix, path):
path = posixpath.join('/', prefix, path)
ContextManager.destroy()
clearCache() # init fossil cache
logger = Logger.get('httpapi')
if request.method == 'POST':
# Convert POST data to a query string
queryParams = [(key, [x.encode('utf-8') for x in values])
for key, values in request.form.iterlists()]
query = urllib.urlencode(queryParams, doseq=1)
# we only need/keep multiple values so we can properly validate the signature.
# the legacy code below expects a dict with just the first value.
# if you write a new api endpoint that needs multiple values get them from
# ``request.values.getlist()`` directly
queryParams = {key: values[0] for key, values in queryParams}
else:
# Parse the actual query string
queryParams = dict((key, value.encode('utf-8'))
for key, value in request.args.iteritems())
query = request.query_string
dbi = DBMgr.getInstance()
dbi.startRequest()
apiKey = get_query_parameter(queryParams, ['ak', 'apikey'], None)
cookieAuth = get_query_parameter(queryParams, ['ca', 'cookieauth'],
'no') == 'yes'
signature = get_query_parameter(queryParams, ['signature'])
timestamp = get_query_parameter(queryParams, ['timestamp'],
0,
integer=True)
noCache = get_query_parameter(queryParams, ['nc', 'nocache'],
'no') == 'yes'
pretty = get_query_parameter(queryParams, ['p', 'pretty'], 'no') == 'yes'
onlyPublic = get_query_parameter(queryParams, ['op', 'onlypublic'],
'no') == 'yes'
onlyAuthed = get_query_parameter(queryParams, ['oa', 'onlyauthed'],
'no') == 'yes'
scope = 'read:legacy_api' if request.method == 'GET' else 'write:legacy_api'
try:
oauth_valid, oauth_request = oauth.verify_request([scope])
if not oauth_valid and oauth_request and oauth_request.error_message != 'Bearer token not found.':
raise BadRequest('OAuth error: {}'.format(
oauth_request.error_message))
elif g.get(
'received_oauth_token'
) and oauth_request.error_message == 'Bearer token not found.':
raise BadRequest('OAuth error: Invalid token')
except ValueError:
# XXX: Dirty hack to workaround a bug in flask-oauthlib that causes it
# not to properly urlencode request query strings
# Related issue (https://github.com/lepture/flask-oauthlib/issues/213)
oauth_valid = False
# Get our handler function and its argument and response type
hook, dformat = HTTPAPIHook.parseRequest(path, queryParams)
if hook is None or dformat is None:
raise NotFound
# Disable caching if we are not just retrieving data (or the hook requires it)
if request.method == 'POST' or hook.NO_CACHE:
noCache = True
ak = error = result = None
ts = int(time.time())
typeMap = {}
responseUtil = ResponseUtil()
is_response = False
try:
used_session = None
if cookieAuth:
used_session = session
if not used_session.user: # ignore guest sessions
used_session = None
if apiKey or oauth_valid or not used_session:
if not oauth_valid:
# Validate the API key (and its signature)
ak, enforceOnlyPublic = checkAK(apiKey, signature, timestamp,
path, query)
if enforceOnlyPublic:
onlyPublic = True
# Create an access wrapper for the API key's user
aw = buildAW(ak, onlyPublic)
else: # Access Token (OAuth)
at = load_token(oauth_request.access_token.access_token)
aw = buildAW(at, onlyPublic)
# Get rid of API key in cache key if we did not impersonate a user
if ak and aw.getUser() is None:
cacheKey = normalizeQuery(
path,
query,
remove=('_', 'ak', 'apiKey', 'signature', 'timestamp',
'nc', 'nocache', 'oa', 'onlyauthed'))
else:
cacheKey = normalizeQuery(path,
query,
remove=('_', 'signature',
'timestamp', 'nc', 'nocache',
'oa', 'onlyauthed'))
if signature:
# in case the request was signed, store the result under a different key
cacheKey = 'signed_' + cacheKey
else:
# We authenticated using a session cookie.
if Config.getInstance().getCSRFLevel() >= 2:
token = request.headers.get(
'X-CSRF-Token',
get_query_parameter(queryParams, ['csrftoken']))
if used_session.csrf_protected and used_session.csrf_token != token:
raise HTTPAPIError('Invalid CSRF token', 403)
aw = AccessWrapper()
if not onlyPublic:
aw.setUser(used_session.avatar)
userPrefix = 'user-{}_'.format(used_session.user.id)
cacheKey = userPrefix + normalizeQuery(
path,
query,
remove=('_', 'nc', 'nocache', 'ca', 'cookieauth', 'oa',
'onlyauthed', 'csrftoken'))
# Bail out if the user requires authentication but is not authenticated
if onlyAuthed and not aw.getUser():
raise HTTPAPIError('Not authenticated', 403)
addToCache = not hook.NO_CACHE
cache = GenericCache('HTTPAPI')
cacheKey = RE_REMOVE_EXTENSION.sub('', cacheKey)
if not noCache:
obj = cache.get(cacheKey)
if obj is not None:
result, extra, ts, complete, typeMap = obj
addToCache = False
if result is None:
ContextManager.set("currentAW", aw)
# Perform the actual exporting
res = hook(aw)
if isinstance(res, current_app.response_class):
addToCache = False
is_response = True
result, extra, complete, typeMap = res, {}, True, {}
elif isinstance(res, tuple) and len(res) == 4:
result, extra, complete, typeMap = res
else:
result, extra, complete, typeMap = res, {}, True, {}
if result is not None and addToCache:
ttl = api_settings.get('cache_ttl')
if ttl > 0:
cache.set(cacheKey, (result, extra, ts, complete, typeMap),
ttl)
except HTTPAPIError, e:
error = e
if e.getCode():
responseUtil.status = e.getCode()
if responseUtil.status == 405:
responseUtil.headers[
'Allow'] = 'GET' if request.method == 'POST' else 'POST'
def handler(prefix, path):
path = posixpath.join('/', prefix, path)
ContextManager.destroy()
clearCache() # init fossil cache
logger = Logger.get('httpapi')
if request.method == 'POST':
# Convert POST data to a query string
queryParams = dict((key, value.encode('utf-8')) for key, value in request.form.iteritems())
query = urllib.urlencode(queryParams)
else:
# Parse the actual query string
queryParams = dict((key, value.encode('utf-8')) for key, value in request.args.iteritems())
query = request.query_string
dbi = DBMgr.getInstance()
dbi.startRequest()
minfo = HelperMaKaCInfo.getMaKaCInfoInstance()
if minfo.getRoomBookingModuleActive():
Factory.getDALManager().connect()
apiKey = get_query_parameter(queryParams, ['ak', 'apikey'], None)
cookieAuth = get_query_parameter(queryParams, ['ca', 'cookieauth'], 'no') == 'yes'
signature = get_query_parameter(queryParams, ['signature'])
timestamp = get_query_parameter(queryParams, ['timestamp'], 0, integer=True)
noCache = get_query_parameter(queryParams, ['nc', 'nocache'], 'no') == 'yes'
pretty = get_query_parameter(queryParams, ['p', 'pretty'], 'no') == 'yes'
onlyPublic = get_query_parameter(queryParams, ['op', 'onlypublic'], 'no') == 'yes'
onlyAuthed = get_query_parameter(queryParams, ['oa', 'onlyauthed'], 'no') == 'yes'
oauthToken = 'oauth_token' in queryParams
# Get our handler function and its argument and response type
hook, dformat = HTTPAPIHook.parseRequest(path, queryParams)
if hook is None or dformat is None:
raise NotFound
# Disable caching if we are not just retrieving data (or the hook requires it)
if request.method == 'POST' or hook.NO_CACHE:
noCache = True
ak = error = result = None
ts = int(time.time())
typeMap = {}
responseUtil = ResponseUtil()
try:
used_session = None
if cookieAuth:
used_session = session
if not used_session.user: # ignore guest sessions
used_session = None
if apiKey or oauthToken or not used_session:
if not oauthToken:
# Validate the API key (and its signature)
ak, enforceOnlyPublic = checkAK(apiKey, signature, timestamp, path, query)
if enforceOnlyPublic:
onlyPublic = True
# Create an access wrapper for the API key's user
aw = buildAW(ak, onlyPublic)
else: # Access Token (OAuth)
at = OAuthUtils.OAuthCheckAccessResource()
aw = buildAW(at, onlyPublic)
# Get rid of API key in cache key if we did not impersonate a user
if ak and aw.getUser() is None:
cacheKey = normalizeQuery(path, query,
remove=('_', 'ak', 'apiKey', 'signature', 'timestamp', 'nc', 'nocache',
'oa', 'onlyauthed'))
else:
cacheKey = normalizeQuery(path, query,
remove=('_', 'signature', 'timestamp', 'nc', 'nocache', 'oa', 'onlyauthed'))
if signature:
# in case the request was signed, store the result under a different key
cacheKey = 'signed_' + cacheKey
else:
# We authenticated using a session cookie.
if Config.getInstance().getCSRFLevel() >= 2:
token = request.headers.get('X-CSRF-Token', get_query_parameter(queryParams, ['csrftoken']))
if used_session.csrf_protected and used_session.csrf_token != token:
raise HTTPAPIError('Invalid CSRF token', 403)
aw = AccessWrapper()
if not onlyPublic:
aw.setUser(used_session.user)
userPrefix = 'user-' + used_session.user.getId() + '_'
cacheKey = userPrefix + normalizeQuery(path, query,
remove=('_', 'nc', 'nocache', 'ca', 'cookieauth', 'oa', 'onlyauthed',
'csrftoken'))
# Bail out if the user requires authentication but is not authenticated
if onlyAuthed and not aw.getUser():
raise HTTPAPIError('Not authenticated', 403)
addToCache = not hook.NO_CACHE
cache = GenericCache('HTTPAPI')
cacheKey = RE_REMOVE_EXTENSION.sub('', cacheKey)
if not noCache:
obj = cache.get(cacheKey)
if obj is not None:
result, extra, ts, complete, typeMap = obj
addToCache = False
if result is None:
# Perform the actual exporting
res = hook(aw)
if isinstance(res, tuple) and len(res) == 4:
result, extra, complete, typeMap = res
else:
result, extra, complete, typeMap = res, {}, True, {}
if result is not None and addToCache:
ttl = HelperMaKaCInfo.getMaKaCInfoInstance().getAPICacheTTL()
cache.set(cacheKey, (result, extra, ts, complete, typeMap), ttl)
except HTTPAPIError, e:
error = e
if e.getCode():
responseUtil.status = e.getCode()
if responseUtil.status == 405:
responseUtil.headers['Allow'] = 'GET' if request.method == 'POST' else 'POST'
def handler(prefix, path):
path = posixpath.join('/', prefix, path)
ContextManager.destroy()
clearCache() # init fossil cache
logger = Logger.get('httpapi')
if request.method == 'POST':
# Convert POST data to a query string
queryParams = dict((key, value.encode('utf-8'))
for key, value in request.form.iteritems())
query = urllib.urlencode(queryParams)
else:
# Parse the actual query string
queryParams = dict((key, value.encode('utf-8'))
for key, value in request.args.iteritems())
query = request.query_string
dbi = DBMgr.getInstance()
dbi.startRequest()
apiKey = get_query_parameter(queryParams, ['ak', 'apikey'], None)
cookieAuth = get_query_parameter(queryParams, ['ca', 'cookieauth'],
'no') == 'yes'
signature = get_query_parameter(queryParams, ['signature'])
timestamp = get_query_parameter(queryParams, ['timestamp'],
0,
integer=True)
noCache = get_query_parameter(queryParams, ['nc', 'nocache'],
'no') == 'yes'
pretty = get_query_parameter(queryParams, ['p', 'pretty'], 'no') == 'yes'
onlyPublic = get_query_parameter(queryParams, ['op', 'onlypublic'],
'no') == 'yes'
onlyAuthed = get_query_parameter(queryParams, ['oa', 'onlyauthed'],
'no') == 'yes'
oauthToken = 'oauth_token' in queryParams
# Check if OAuth data is supplied in the Authorization header
if not oauthToken and request.headers.get('Authorization') is not None:
oauthToken = 'oauth_token' in request.headers.get('Authorization')
# Get our handler function and its argument and response type
hook, dformat = HTTPAPIHook.parseRequest(path, queryParams)
if hook is None or dformat is None:
raise NotFound
# Disable caching if we are not just retrieving data (or the hook requires it)
if request.method == 'POST' or hook.NO_CACHE:
noCache = True
ak = error = result = None
ts = int(time.time())
typeMap = {}
responseUtil = ResponseUtil()
try:
used_session = None
if cookieAuth:
used_session = session
if not used_session.avatar: # ignore guest sessions
used_session = None
if apiKey or oauthToken or not used_session:
if not oauthToken:
# Validate the API key (and its signature)
ak, enforceOnlyPublic = checkAK(apiKey, signature, timestamp,
path, query)
if enforceOnlyPublic:
onlyPublic = True
# Create an access wrapper for the API key's user
aw = buildAW(ak, onlyPublic)
else: # Access Token (OAuth)
at = OAuthUtils.OAuthCheckAccessResource()
aw = buildAW(at, onlyPublic)
# Get rid of API key in cache key if we did not impersonate a user
if ak and aw.getUser() is None:
cacheKey = normalizeQuery(
path,
query,
remove=('_', 'ak', 'apiKey', 'signature', 'timestamp',
'nc', 'nocache', 'oa', 'onlyauthed'))
else:
cacheKey = normalizeQuery(path,
query,
remove=('_', 'signature',
'timestamp', 'nc', 'nocache',
'oa', 'onlyauthed'))
if signature:
# in case the request was signed, store the result under a different key
cacheKey = 'signed_' + cacheKey
else:
# We authenticated using a session cookie.
if Config.getInstance().getCSRFLevel() >= 2:
token = request.headers.get(
'X-CSRF-Token',
get_query_parameter(queryParams, ['csrftoken']))
if used_session.csrf_protected and used_session.csrf_token != token:
raise HTTPAPIError('Invalid CSRF token', 403)
aw = AccessWrapper()
if not onlyPublic:
aw.setUser(used_session.avatar)
userPrefix = 'user-' + used_session.avatar.getId() + '_'
cacheKey = userPrefix + normalizeQuery(
path,
query,
remove=('_', 'nc', 'nocache', 'ca', 'cookieauth', 'oa',
'onlyauthed', 'csrftoken'))
# Bail out if the user requires authentication but is not authenticated
if onlyAuthed and not aw.getUser():
raise HTTPAPIError('Not authenticated', 403)
addToCache = not hook.NO_CACHE
cache = GenericCache('HTTPAPI')
cacheKey = RE_REMOVE_EXTENSION.sub('', cacheKey)
if not noCache:
obj = cache.get(cacheKey)
if obj is not None:
result, extra, ts, complete, typeMap = obj
addToCache = False
if result is None:
ContextManager.set("currentAW", aw)
# Perform the actual exporting
res = hook(aw)
if isinstance(res, tuple) and len(res) == 4:
result, extra, complete, typeMap = res
else:
result, extra, complete, typeMap = res, {}, True, {}
if result is not None and addToCache:
ttl = api_settings.get('cache_ttl')
cache.set(cacheKey, (result, extra, ts, complete, typeMap), ttl)
except HTTPAPIError, e:
error = e
if e.getCode():
responseUtil.status = e.getCode()
if responseUtil.status == 405:
responseUtil.headers[
'Allow'] = 'GET' if request.method == 'POST' else 'POST'
def handler(prefix, path):
path = posixpath.join('/', prefix, path)
ContextManager.destroy()
clearCache() # init fossil cache
logger = Logger.get('httpapi')
if request.method == 'POST':
# Convert POST data to a query string
queryParams = dict((key, value.encode('utf-8')) for key, value in request.form.iteritems())
query = urllib.urlencode(queryParams)
else:
# Parse the actual query string
queryParams = dict((key, value.encode('utf-8')) for key, value in request.args.iteritems())
query = request.query_string
dbi = DBMgr.getInstance()
dbi.startRequest()
apiKey = get_query_parameter(queryParams, ['ak', 'apikey'], None)
cookieAuth = get_query_parameter(queryParams, ['ca', 'cookieauth'], 'no') == 'yes'
signature = get_query_parameter(queryParams, ['signature'])
timestamp = get_query_parameter(queryParams, ['timestamp'], 0, integer=True)
noCache = get_query_parameter(queryParams, ['nc', 'nocache'], 'no') == 'yes'
pretty = get_query_parameter(queryParams, ['p', 'pretty'], 'no') == 'yes'
onlyPublic = get_query_parameter(queryParams, ['op', 'onlypublic'], 'no') == 'yes'
onlyAuthed = get_query_parameter(queryParams, ['oa', 'onlyauthed'], 'no') == 'yes'
scope = 'read:legacy_api' if request.method == 'GET' else 'write:legacy_api'
try:
oauth_valid, oauth_request = oauth.verify_request([scope])
if not oauth_valid and oauth_request and oauth_request.error_message != 'Bearer token not found.':
raise BadRequest('OAuth error: {}'.format(oauth_request.error_message))
elif g.get('received_oauth_token') and oauth_request.error_message == 'Bearer token not found.':
raise BadRequest('OAuth error: Invalid token')
except ValueError:
# XXX: Dirty hack to workaround a bug in flask-oauthlib that causes it
# not to properly urlencode request query strings
# Related issue (https://github.com/lepture/flask-oauthlib/issues/213)
oauth_valid = False
# Get our handler function and its argument and response type
hook, dformat = HTTPAPIHook.parseRequest(path, queryParams)
if hook is None or dformat is None:
raise NotFound
# Disable caching if we are not just retrieving data (or the hook requires it)
if request.method == 'POST' or hook.NO_CACHE:
noCache = True
ak = error = result = None
ts = int(time.time())
typeMap = {}
responseUtil = ResponseUtil()
try:
used_session = None
if cookieAuth:
used_session = session
if not used_session.user: # ignore guest sessions
used_session = None
if apiKey or oauth_valid or not used_session:
if not oauth_valid:
# Validate the API key (and its signature)
ak, enforceOnlyPublic = checkAK(apiKey, signature, timestamp, path, query)
if enforceOnlyPublic:
onlyPublic = True
# Create an access wrapper for the API key's user
aw = buildAW(ak, onlyPublic)
else: # Access Token (OAuth)
at = load_token(oauth_request.access_token.access_token)
aw = buildAW(at, onlyPublic)
# Get rid of API key in cache key if we did not impersonate a user
if ak and aw.getUser() is None:
cacheKey = normalizeQuery(path, query,
remove=('_', 'ak', 'apiKey', 'signature', 'timestamp', 'nc', 'nocache',
'oa', 'onlyauthed'))
else:
cacheKey = normalizeQuery(path, query,
remove=('_', 'signature', 'timestamp', 'nc', 'nocache', 'oa', 'onlyauthed'))
if signature:
# in case the request was signed, store the result under a different key
cacheKey = 'signed_' + cacheKey
else:
# We authenticated using a session cookie.
if Config.getInstance().getCSRFLevel() >= 2:
token = request.headers.get('X-CSRF-Token', get_query_parameter(queryParams, ['csrftoken']))
if used_session.csrf_protected and used_session.csrf_token != token:
raise HTTPAPIError('Invalid CSRF token', 403)
aw = AccessWrapper()
if not onlyPublic:
aw.setUser(used_session.avatar)
userPrefix = 'user-{}_'.format(used_session.user.id)
cacheKey = userPrefix + normalizeQuery(path, query,
remove=('_', 'nc', 'nocache', 'ca', 'cookieauth', 'oa', 'onlyauthed',
'csrftoken'))
# Bail out if the user requires authentication but is not authenticated
if onlyAuthed and not aw.getUser():
raise HTTPAPIError('Not authenticated', 403)
addToCache = not hook.NO_CACHE
cache = GenericCache('HTTPAPI')
cacheKey = RE_REMOVE_EXTENSION.sub('', cacheKey)
if not noCache:
obj = cache.get(cacheKey)
if obj is not None:
result, extra, ts, complete, typeMap = obj
addToCache = False
if result is None:
ContextManager.set("currentAW", aw)
# Perform the actual exporting
res = hook(aw)
if isinstance(res, tuple) and len(res) == 4:
result, extra, complete, typeMap = res
else:
result, extra, complete, typeMap = res, {}, True, {}
if result is not None and addToCache:
ttl = api_settings.get('cache_ttl')
cache.set(cacheKey, (result, extra, ts, complete, typeMap), ttl)
except HTTPAPIError, e:
error = e
if e.getCode():
responseUtil.status = e.getCode()
if responseUtil.status == 405:
responseUtil.headers['Allow'] = 'GET' if request.method == 'POST' else 'POST'
def invokeMethod(self, method, params):
MAX_RETRIES = 10
# clear the context
ContextManager.destroy()
DBMgr.getInstance().startRequest()
# room booking database
_startRequestSpecific2RH()
# notify components that the request has started
self._notify('requestStarted')
forcedConflicts = Config.getInstance().getForceConflicts()
retry = MAX_RETRIES
try:
while retry > 0:
if retry < MAX_RETRIES:
# notify components that the request is being retried
self._notify('requestRetry', MAX_RETRIES - retry)
# clear/init fossil cache
fossilize.clearCache()
try:
# delete all queued emails
GenericMailer.flushQueue(False)
DBMgr.getInstance().sync()
try:
result = processRequest(method, copy.deepcopy(params))
except MaKaC.errors.NoReportError, e:
raise NoReportError(e.getMsg())
rh = ContextManager.get('currentRH')
# notify components that the request has ended
self._notify('requestFinished')
# Raise a conflict error if enabled. This allows detecting conflict-related issues easily.
if retry > (MAX_RETRIES - forcedConflicts):
raise ConflictError
_endRequestSpecific2RH( True )
DBMgr.getInstance().endRequest(True)
GenericMailer.flushQueue(True) # send emails
if rh._redisPipeline:
try:
rh._redisPipeline.execute()
except RedisError:
Logger.get('redis').exception('Could not execute pipeline')
break
except ConflictError:
_abortSpecific2RH()
DBMgr.getInstance().abort()
retry -= 1
continue
except ClientDisconnected:
_abortSpecific2RH()
DBMgr.getInstance().abort()
retry -= 1
time.sleep(MAX_RETRIES - retry)
continue
def process(self, params):
"""
"""
profile = Config.getInstance().getProfile()
proffilename = ""
res = ""
MAX_RETRIES = 10
retry = MAX_RETRIES
textLog = []
self._startTime = datetime.now()
# clear the context
ContextManager.destroy()
ContextManager.set('currentRH', self)
#redirect to https if necessary
if self._checkHttpsRedirect():
return
DBMgr.getInstance().startRequest()
self._startRequestSpecific2RH(
) # I.e. implemented by Room Booking request handlers
textLog.append("%s : Database request started" %
(datetime.now() - self._startTime))
Logger.get('requestHandler').info(
'[pid=%s] Request %s started (%s)' %
(os.getpid(), id(self._req), self._req.unparsed_uri))
# notify components that the request has started
self._notify('requestStarted', self._req)
forcedConflicts = Config.getInstance().getForceConflicts()
try:
while retry > 0:
if retry < MAX_RETRIES:
# notify components that the request is being retried
self._notify('requestRetry', self._req,
MAX_RETRIES - retry)
try:
Logger.get('requestHandler').info(
'\t[pid=%s] from host %s' %
(os.getpid(), self.getHostIP()))
try:
# clear the fossile cache at the start of each request
fossilize.clearCache()
# delete all queued emails
GenericMailer.flushQueue(False)
DBMgr.getInstance().sync()
# keep a link to the web session in the access wrapper
# this is used for checking access/modification key existence
# in the user session
self._aw.setIP(self.getHostIP())
self._aw.setSession(self._getSession())
#raise(str(dir(self._websession)))
self._setSessionUser()
self._setLang(params)
if self._getAuth():
if self._getUser():
Logger.get('requestHandler').info(
'Request %s identified with user %s (%s)' %
(id(self._req),
self._getUser().getFullName(),
self._getUser().getId()))
if not self._tohttps and Config.getInstance(
).getAuthenticatedEnforceSecure():
self._tohttps = True
if self._checkHttpsRedirect():
return
#if self._getUser() != None and self._getUser().getId() == "893":
# profile = True
self._reqParams = copy.copy(params)
self._checkParams(self._reqParams)
self._checkProtection()
security.Sanitization.sanitizationCheck(
self._target, self._reqParams, self._aw,
self._doNotSanitizeFields)
if self._doProcess:
if profile:
import profile, pstats
proffilename = os.path.join(
Config.getInstance().getTempDir(),
"stone%s.prof" % str(random.random()))
result = [None]
profile.runctx("result[0] = self._process()",
globals(), locals(),
proffilename)
res = result[0]
else:
res = self._process()
# Save web session, just when needed
sm = session.getSessionManager()
sm.maintain_session(self._req, self._websession)
# notify components that the request has finished
self._notify('requestFinished', self._req)
# Raise a conflict error if enabled. This allows detecting conflict-related issues easily.
if retry > (MAX_RETRIES - forcedConflicts):
raise ConflictError
self._endRequestSpecific2RH(
True
) # I.e. implemented by Room Booking request handlers
DBMgr.getInstance().endRequest(True)
Logger.get('requestHandler').info(
'Request %s successful' % (id(self._req)))
#request succesfull, now, doing tas that must be done only once
try:
GenericMailer.flushQueue(True) # send emails
self._deleteTempFiles()
except:
Logger.get('mail').exception(
'Mail sending operation failed')
pass
break
except MaKaCError, e:
#DBMgr.getInstance().endRequest(False)
res = self._processError(e)
except (ConflictError, POSKeyError):
import traceback
# only log conflict if it wasn't forced
if retry <= (MAX_RETRIES - forcedConflicts):
Logger.get('requestHandler').warning(
'Conflict in Database! (Request %s)\n%s' %
(id(self._req), traceback.format_exc()))
self._abortSpecific2RH()
DBMgr.getInstance().abort()
retry -= 1
continue
except ClientDisconnected:
Logger.get('requestHandler').warning(
'Client Disconnected! (Request %s)' % id(self._req))
self._abortSpecific2RH()
DBMgr.getInstance().abort()
retry -= 1
time.sleep(10 - retry)
continue
except KeyAccessError, e:
#Key Access error treatment
res = self._processKeyAccessError(e)
self._endRequestSpecific2RH(False)
DBMgr.getInstance().endRequest(False)
