def processRequest(method, params, req):
# lookup handler
handler = lookupHandler(method)
websession = getSession(req)
# invoke handler
if hasattr(handler, "process"):
result = handler(params, websession, req).process()
else:
result = handler(params, websession, req)
# commit session if necessary
session.getSessionManager().maintain_session(req, websession)
return result
def getSession(req):
sm = session.getSessionManager()
try:
websession = sm.get_session(req)
except session.SessionError, e:
sm.revoke_session_cookie(req)
websession = sm.get_session(req)
def getSession(req):
sm = session.getSessionManager()
try:
websession = sm.get_session(req)
except session.SessionError:
sm.revoke_session_cookie(req)
websession = sm.get_session(req)
return websession
def processRequest(method, params, req, internal=False):
# lookup handler
handler = lookupHandler(method)
websession = getSession(req)
if not internal and Config.getInstance().getCSRFLevel() >= 1:
if websession.csrf_protected and websession.csrf_token != req.headers_in.get('X-CSRF-Token'):
raise CSRFError()
# invoke handler
if hasattr(handler, "process"):
result = handler(params, websession, req).process()
else:
result = handler(params, websession, req)
# commit session if necessary
session.getSessionManager().maintain_session(req, websession)
return result
def processRequest(method, params, req, internal=False):
# lookup handler
handler = lookupHandler(method)
websession = getSession(req)
if not internal and Config.getInstance().getCSRFLevel() >= 1:
if websession.csrf_token != req.headers_in.get('X-CSRF-Token'):
raise RequestError('ERR-R4', _('Invalid CSRF token'))
# invoke handler
if hasattr(handler, "process"):
result = handler(params, websession, req).process()
else:
result = handler(params, websession, req)
# commit session if necessary
session.getSessionManager().maintain_session(req, websession)
return result
def _setSession( self ):
"""Sets up a reference to the corresponding web session. It uses the
session manager to retrieve the session corresponding to the
received request and makes sure it is a valid one. In case of having
an invalid session it reset client settings and creates a new one.
"""
if not self._websession:
sm = session.getSessionManager()
try:
self._websession = sm.get_session( self._req )
except session.SessionError:
sm.revoke_session_cookie( self._req )
self._websession = sm.get_session( self._req )
def _setSession(self):
"""Sets up a reference to the corresponding web session. It uses the
session manager to retrieve the session corresponding to the
received request and makes sure it is a valid one. In case of having
an invalid session it reset client settings and creates a new one.
"""
if not self._websession:
sm = session.getSessionManager()
try:
self._websession = sm.get_session(self._req)
except session.SessionError:
sm.revoke_session_cookie(self._req)
self._websession = sm.get_session(self._req)
def process( self, params ):
"""
"""
profile = Config.getInstance().getProfile()
proffilename = ""
res = ""
MAX_RETRIES = 10
retry = MAX_RETRIES
textLog = []
self._startTime = datetime.now()
# clear the context
ContextManager.destroy()
ContextManager.set('currentRH', self)
#redirect to https if necessary
if self._checkHttpsRedirect():
return
DBMgr.getInstance().startRequest()
self._startRequestSpecific2RH() # I.e. implemented by Room Booking request handlers
textLog.append("%s : Database request started"%(datetime.now() - self._startTime))
Logger.get('requestHandler').info('[pid=%s] Request %s started (%s)' % (os.getpid(),id(self._req), self._req.unparsed_uri))
# notify components that the request has started
self._notify('requestStarted', self._req)
forcedConflicts = Config.getInstance().getForceConflicts()
try:
while retry>0:
if retry < MAX_RETRIES:
# notify components that the request is being retried
self._notify('requestRetry', self._req, MAX_RETRIES - retry)
try:
Logger.get('requestHandler').info('\t[pid=%s] from host %s' % (os.getpid(), self.getHostIP()))
try:
# clear the fossile cache at the start of each request
fossilize.clearCache()
# delete all queued emails
GenericMailer.flushQueue(False)
DBMgr.getInstance().sync()
# keep a link to the web session in the access wrapper
# this is used for checking access/modification key existence
# in the user session
self._aw.setIP( self.getHostIP() )
self._aw.setSession(self._getSession())
#raise(str(dir(self._websession)))
self._setSessionUser()
self._setLang(params)
if self._getAuth():
if self._getUser():
Logger.get('requestHandler').info('Request %s identified with user %s (%s)' % (id(self._req), self._getUser().getFullName(), self._getUser().getId()))
if not self._tohttps and Config.getInstance().getAuthenticatedEnforceSecure():
self._tohttps = True
if self._checkHttpsRedirect():
return
#if self._getUser() != None and self._getUser().getId() == "893":
# profile = True
self._reqParams = copy.copy( params )
self._checkParams( self._reqParams )
self._checkProtection()
security.Sanitization.sanitizationCheck(self._target,
self._reqParams,
self._aw, self._doNotSanitizeFields)
if self._doProcess:
if profile:
import profile, pstats
proffilename = os.path.join(Config.getInstance().getTempDir(), "stone%s.prof" % str(random.random()))
result = [None]
profile.runctx("result[0] = self._process()", globals(), locals(), proffilename)
res = result[0]
else:
res = self._process()
# Save web session, just when needed
sm = session.getSessionManager()
sm.maintain_session(self._req, self._websession)
# notify components that the request has finished
self._notify('requestFinished', self._req)
# Raise a conflict error if enabled. This allows detecting conflict-related issues easily.
if retry > (MAX_RETRIES - forcedConflicts):
raise ConflictError
self._endRequestSpecific2RH( True ) # I.e. implemented by Room Booking request handlers
DBMgr.getInstance().endRequest( True )
Logger.get('requestHandler').info('Request %s successful' % (id(self._req)))
#request succesfull, now, doing tas that must be done only once
try:
GenericMailer.flushQueue(True) # send emails
self._deleteTempFiles()
except:
Logger.get('mail').exception('Mail sending operation failed')
pass
break
except MaKaCError, e:
#DBMgr.getInstance().endRequest(False)
res = self._processError(e)
except (ConflictError, POSKeyError):
import traceback
# only log conflict if it wasn't forced
if retry <= (MAX_RETRIES - forcedConflicts):
Logger.get('requestHandler').warning('Conflict in Database! (Request %s)\n%s' % (id(self._req), traceback.format_exc()))
self._abortSpecific2RH()
DBMgr.getInstance().abort()
retry -= 1
continue
except ClientDisconnected:
Logger.get('requestHandler').warning('Client Disconnected! (Request %s)' % id(self._req) )
self._abortSpecific2RH()
DBMgr.getInstance().abort()
retry -= 1
time.sleep(10-retry)
continue
except KeyAccessError, e:
#Key Access error treatment
res = self._processKeyAccessError( e )
self._endRequestSpecific2RH( False )
DBMgr.getInstance().endRequest(False)
def process(self, params):
"""
"""
profile = Config.getInstance().getProfile()
proffilename = ""
res = ""
MAX_RETRIES = 10
retry = MAX_RETRIES
textLog = []
self._startTime = datetime.now()
# clear the context
ContextManager.destroy()
ContextManager.set('currentRH', self)
#redirect to https if necessary
if self._checkHttpsRedirect():
return
DBMgr.getInstance().startRequest()
self._startRequestSpecific2RH(
) # I.e. implemented by Room Booking request handlers
textLog.append("%s : Database request started" %
(datetime.now() - self._startTime))
Logger.get('requestHandler').info(
'[pid=%s] Request %s started (%s)' %
(os.getpid(), id(self._req), self._req.unparsed_uri))
# notify components that the request has started
self._notify('requestStarted', self._req)
forcedConflicts = Config.getInstance().getForceConflicts()
try:
while retry > 0:
if retry < MAX_RETRIES:
# notify components that the request is being retried
self._notify('requestRetry', self._req,
MAX_RETRIES - retry)
try:
Logger.get('requestHandler').info(
'\t[pid=%s] from host %s' %
(os.getpid(), self.getHostIP()))
try:
# clear the fossile cache at the start of each request
fossilize.clearCache()
# delete all queued emails
GenericMailer.flushQueue(False)
DBMgr.getInstance().sync()
# keep a link to the web session in the access wrapper
# this is used for checking access/modification key existence
# in the user session
self._aw.setIP(self.getHostIP())
self._aw.setSession(self._getSession())
#raise(str(dir(self._websession)))
self._setSessionUser()
self._setLang(params)
if self._getAuth():
if self._getUser():
Logger.get('requestHandler').info(
'Request %s identified with user %s (%s)' %
(id(self._req),
self._getUser().getFullName(),
self._getUser().getId()))
if not self._tohttps and Config.getInstance(
).getAuthenticatedEnforceSecure():
self._tohttps = True
if self._checkHttpsRedirect():
return
#if self._getUser() != None and self._getUser().getId() == "893":
# profile = True
self._reqParams = copy.copy(params)
self._checkParams(self._reqParams)
self._checkProtection()
security.Sanitization.sanitizationCheck(
self._target, self._reqParams, self._aw,
self._doNotSanitizeFields)
if self._doProcess:
if profile:
import profile, pstats
proffilename = os.path.join(
Config.getInstance().getTempDir(),
"stone%s.prof" % str(random.random()))
result = [None]
profile.runctx("result[0] = self._process()",
globals(), locals(),
proffilename)
res = result[0]
else:
res = self._process()
# Save web session, just when needed
sm = session.getSessionManager()
sm.maintain_session(self._req, self._websession)
# notify components that the request has finished
self._notify('requestFinished', self._req)
# Raise a conflict error if enabled. This allows detecting conflict-related issues easily.
if retry > (MAX_RETRIES - forcedConflicts):
raise ConflictError
self._endRequestSpecific2RH(
True
) # I.e. implemented by Room Booking request handlers
DBMgr.getInstance().endRequest(True)
Logger.get('requestHandler').info(
'Request %s successful' % (id(self._req)))
#request succesfull, now, doing tas that must be done only once
try:
GenericMailer.flushQueue(True) # send emails
self._deleteTempFiles()
except:
Logger.get('mail').exception(
'Mail sending operation failed')
pass
break
except MaKaCError, e:
#DBMgr.getInstance().endRequest(False)
res = self._processError(e)
except (ConflictError, POSKeyError):
import traceback
# only log conflict if it wasn't forced
if retry <= (MAX_RETRIES - forcedConflicts):
Logger.get('requestHandler').warning(
'Conflict in Database! (Request %s)\n%s' %
(id(self._req), traceback.format_exc()))
self._abortSpecific2RH()
DBMgr.getInstance().abort()
retry -= 1
continue
except ClientDisconnected:
Logger.get('requestHandler').warning(
'Client Disconnected! (Request %s)' % id(self._req))
self._abortSpecific2RH()
DBMgr.getInstance().abort()
retry -= 1
time.sleep(10 - retry)
continue
except KeyAccessError, e:
#Key Access error treatment
res = self._processKeyAccessError(e)
self._endRequestSpecific2RH(False)
DBMgr.getInstance().endRequest(False)