def val(r): objs, unresolved_path = traverse_path(oms_root, r) if unresolved_path: return [(timestamp, dict(event='delete', name=os.path.basename(r), url=r))] return IStream(objs[-1]).events(after, limit=limit)
def handle_request(self, request): """Takes a request, maps it to a domain object and a corresponding IHttpRestView and returns the rendered output of that view. """ principal = self.check_auth(request) oms_root = db.get_root()['oms_root'] objs, unresolved_path = traverse_path(oms_root, request.path[1:]) if not objs and unresolved_path: objs = [oms_root] obj = objs[-1] interaction = self.get_interaction(request, principal) request.interaction = interaction if self.use_security_proxy: obj = proxy_factory(obj, interaction) view = self.find_view(obj, unresolved_path, request) needs_rw_transaction = view.rw_transaction(request) # create a security proxy if we have a secured interaction if interaction: try: view = proxy_factory(view, interaction) except: # XXX: TODO: define a real exception for this proxy creation error # right now we want to ignore security when there are no declared rules # on how to secure a view pass def get_renderer(view, method): try: return getattr(view, method, None) except zope.security.interfaces.Unauthorized: raise Forbidden('User does not have permission to access this resource') for method in ('render_' + request.method, 'render_' + request.method.lower(), 'render'): renderer = get_renderer(view, method) if renderer: from opennode.oms.endpoint.httprest.auth import AuthView if isinstance(view, AuthView) and renderer.__name__ == 'render': res = renderer(request, self.use_keystone_tokens) else: res = renderer(request) return res if needs_rw_transaction else db.RollbackValue(res) raise NotImplementedError("Method %s is not implemented in %s\n" % (request.method, view))
def handle_request(self, request): """Takes a request, maps it to a domain object and a corresponding IHttpRestView and returns the rendered output of that view. """ token = self.get_token(request) oms_root = db.get_root()['oms_root'] objs, unresolved_path = traverse_path(oms_root, request.path[1:]) if not objs and unresolved_path: objs = [oms_root] obj = objs[-1] interaction = self.get_interaction(request, token) request.interaction = interaction if self.use_security_proxy: obj = proxy_factory(obj, interaction) view = self.find_view(obj, unresolved_path, request) needs_rw_transaction = view.rw_transaction(request) # create a security proxy if we have a secured interaction if interaction: try: view = proxy_factory(view, interaction) except: # XXX: TODO: define a real exception for this proxy creation error # right now we want to ignore security when there are no declared rules # on how to secure a view pass def get_renderer(view, method): try: return getattr(view, method, None) except zope.security.interfaces.Unauthorized, e: from opennode.oms.endpoint.httprest.auth import IHttpRestAuthenticationUtility auth_util = getUtility(IHttpRestAuthenticationUtility) if token or not auth_util.get_basic_auth_credentials(request) or \ (self.use_keystone_tokens and not auth_util.get_keystone_auth_credentials(request)): raise Forbidden( 'User does not have permission to access this resource' ) raise Unauthorized()
def handle_request(self, request): """Takes a request, maps it to a domain object and a corresponding IHttpRestView and returns the rendered output of that view. """ token = self.get_token(request) oms_root = db.get_root()['oms_root'] objs, unresolved_path = traverse_path(oms_root, request.path[1:]) if not objs and unresolved_path: objs = [oms_root] obj = objs[-1] interaction = self.get_interaction(request, token) request.interaction = interaction if self.use_security_proxy: obj = proxy_factory(obj, interaction) view = self.find_view(obj, unresolved_path, request) needs_rw_transaction = view.rw_transaction(request) # create a security proxy if we have a secured interaction if interaction: try: view = proxy_factory(view, interaction) except: # XXX: TODO: define a real exception for this proxy creation error # right now we want to ignore security when there are no declared rules # on how to secure a view pass def get_renderer(view, method): try: return getattr(view, method, None) except zope.security.interfaces.Unauthorized, e: from opennode.oms.endpoint.httprest.auth import IHttpRestAuthenticationUtility auth_util = getUtility(IHttpRestAuthenticationUtility) if token or not auth_util.get_basic_auth_credentials(request) or \ (self.use_keystone_tokens and not auth_util.get_keystone_auth_credentials(request)): raise Forbidden('User does not have permission to access this resource') raise Unauthorized()
def try_index(self, searcher, model, event): path = canonical_path(model) op = 'un' if IModelDeletedEvent.providedBy(event) else '' log.msg("%sindexing %s %s" % (op, path, type(event).__name__), system="indexer") objs, unresolved_path = traverse_path(db.get_root()['oms_root'], path) if unresolved_path and not IModelDeletedEvent.providedBy(event): return False obj = objs[-1] try: if IModelDeletedEvent.providedBy(event): searcher.unindex_object(obj) else: searcher._index_object(obj) except NotYet: return False log.msg("%sindexed %s %s" % (op, path, type(event).__name__), system="indexer") return True
def traverse(path): res, _ = traverse_path(oms_root, path) if not res: return None return res[-1]
def traverse_full(self, path): if path.startswith('/'): return traverse_path(db.get_root()['oms_root'], path[1:]) else: return traverse_path(self.current_obj, path)