def make_middleware(app, global_conf, **local_conf): """ Based on the configuration wrap `app` in a set of common and useful middleware. """ # Merge the global and local configurations conf = global_conf.copy() conf.update(local_conf) debug = asbool(conf.get('debug', False)) # First put into place httpexceptions, which must be most closely # wrapped around the application (it can interact poorly with # other middleware): app = httpexceptions.make_middleware(app, conf) log.debug("Enabling 'httpexceptions' middleware") # The recursive middleware allows for including requests in other # requests or forwarding of requests, all on the server side. if asbool(conf.get('use_recursive', True)): from paste import recursive app = recursive.RecursiveMiddleware(app, conf) log.debug("Enabling 'recursive' middleware") # Session middleware puts a session factory into the environment if asbool(conf.get('use_session', True)): store = flup_session.MemorySessionStore() app = flup_session.SessionMiddleware(store, app) log.debug("Enabling 'flup session' middleware") # Beaker session middleware if asbool(conf.get('use_beaker_session', False)): pkg_resources.require("Beaker") import beaker.session app = beaker.session.SessionMiddleware(app, conf) log.debug("Enabling 'beaker session' middleware") # Various debug middleware that can only be turned on if the debug # flag is set, either because they are insecure or greatly hurt # performance if debug: # Middleware to check for WSGI compliance if asbool(conf.get('use_lint', True)): from paste import lint app = lint.make_middleware(app, conf) log.debug("Enabling 'lint' middleware") # Middleware to run the python profiler on each request if asbool(conf.get('use_profile', False)): from paste.debug import profile app = profile.ProfileMiddleware(app, conf) log.debug("Enabling 'profile' middleware") # Interactive exception debugging, scary dangerous if publicly # accessible, if not enabled we'll use the regular error printing # middleware. if asbool(conf.get('use_interactive', False)): from paste import evalexception app = evalexception.EvalException(app, conf) log.debug("Enabling 'eval exceptions' middleware") else: from paste.exceptions import errormiddleware app = errormiddleware.ErrorMiddleware(app, conf) log.debug("Enabling 'error' middleware") # Middleware that intercepts print statements and shows them on the # returned page if asbool(conf.get('use_printdebug', True)): from paste.debug import prints app = prints.PrintDebugMiddleware(app, conf) log.debug("Enabling 'print debug' middleware") else: # Not in debug mode, just use the regular error middleware from paste.exceptions import errormiddleware app = errormiddleware.ErrorMiddleware(app, conf) log.debug("Enabling 'error' middleware") # Transaction logging (apache access.log style) if asbool(conf.get('use_translogger', True)): from paste.translogger import TransLogger app = TransLogger(app) log.debug("Enabling 'trans logger' middleware") # Config middleware just stores the paste config along with the request, # not sure we need this but useful from paste.deploy.config import ConfigMiddleware app = ConfigMiddleware(app, conf) log.debug("Enabling 'config' middleware") # X-Forwarded-Host handling app = XForwardedHostMiddleware(app) log.debug("Enabling 'x-forwarded-host' middleware") return app
def wrap_in_middleware( app, global_conf, **local_conf ): """ Based on the configuration wrap `app` in a set of common and useful middleware. """ # Merge the global and local configurations conf = global_conf.copy() conf.update(local_conf) debug = asbool( conf.get( 'debug', False ) ) # First put into place httpexceptions, which must be most closely # wrapped around the application (it can interact poorly with # other middleware): app = httpexceptions.make_middleware( app, conf ) log.debug( "Enabling 'httpexceptions' middleware" ) # If we're using remote_user authentication, add middleware that # protects Galaxy from improperly configured authentication in the # upstream server if asbool(conf.get( 'use_remote_user', False )): from galaxy.web.framework.middleware.remoteuser import RemoteUser app = RemoteUser( app, maildomain=conf.get( 'remote_user_maildomain', None ), ucsc_display_sites=conf.get( 'ucsc_display_sites', [] ) ) log.debug( "Enabling 'remote user' middleware" ) # The recursive middleware allows for including requests in other # requests or forwarding of requests, all on the server side. if asbool(conf.get('use_recursive', True)): from paste import recursive app = recursive.RecursiveMiddleware( app, conf ) log.debug( "Enabling 'recursive' middleware" ) # Various debug middleware that can only be turned on if the debug # flag is set, either because they are insecure or greatly hurt # performance if debug: # Middleware to check for WSGI compliance if asbool( conf.get( 'use_lint', True ) ): from paste import lint app = lint.make_middleware( app, conf ) log.debug( "Enabling 'lint' middleware" ) # Middleware to run the python profiler on each request if asbool( conf.get( 'use_profile', False ) ): import profile app = profile.ProfileMiddleware( app, conf ) log.debug( "Enabling 'profile' middleware" ) # Middleware that intercepts print statements and shows them on the # returned page if asbool( conf.get( 'use_printdebug', True ) ): from paste.debug import prints app = prints.PrintDebugMiddleware( app, conf ) log.debug( "Enabling 'print debug' middleware" ) if debug and asbool( conf.get( 'use_interactive', False ) ): # Interactive exception debugging, scary dangerous if publicly # accessible, if not enabled we'll use the regular error printing # middleware. pkg_resources.require( "WebError" ) from weberror import evalexception app = evalexception.EvalException( app, conf, templating_formatters=build_template_error_formatters() ) log.debug( "Enabling 'eval exceptions' middleware" ) else: # Not in interactive debug mode, just use the regular error middleware if sys.version_info[:2] >= ( 2, 6 ): warnings.filterwarnings( 'ignore', '.*', DeprecationWarning, '.*serial_number_generator', 11, True ) from paste.exceptions import errormiddleware warnings.filters.pop() else: from paste.exceptions import errormiddleware app = errormiddleware.ErrorMiddleware( app, conf ) log.debug( "Enabling 'error' middleware" ) # Transaction logging (apache access.log style) if asbool( conf.get( 'use_translogger', True ) ): from paste.translogger import TransLogger app = TransLogger( app ) log.debug( "Enabling 'trans logger' middleware" ) # Config middleware just stores the paste config along with the request, # not sure we need this but useful from paste.deploy.config import ConfigMiddleware app = ConfigMiddleware( app, conf ) log.debug( "Enabling 'config' middleware" ) # X-Forwarded-Host handling from galaxy.web.framework.middleware.xforwardedhost import XForwardedHostMiddleware app = XForwardedHostMiddleware( app ) log.debug( "Enabling 'x-forwarded-host' middleware" ) return app
def wrap_in_middleware( app, global_conf, **local_conf ): """Based on the configuration wrap `app` in a set of common and useful middleware.""" # Merge the global and local configurations conf = global_conf.copy() conf.update(local_conf) debug = asbool( conf.get( 'debug', False ) ) # First put into place httpexceptions, which must be most closely # wrapped around the application (it can interact poorly with # other middleware): app = httpexceptions.make_middleware( app, conf ) log.debug( "Enabling 'httpexceptions' middleware" ) # The recursive middleware allows for including requests in other # requests or forwarding of requests, all on the server side. if asbool(conf.get('use_recursive', True)): from paste import recursive app = recursive.RecursiveMiddleware( app, conf ) log.debug( "Enabling 'recursive' middleware" ) # Various debug middleware that can only be turned on if the debug # flag is set, either because they are insecure or greatly hurt # performance if debug: # Middleware to check for WSGI compliance if asbool( conf.get( 'use_lint', True ) ): from paste import lint app = lint.make_middleware( app, conf ) log.debug( "Enabling 'lint' middleware" ) # Middleware to run the python profiler on each request if asbool( conf.get( 'use_profile', False ) ): import profile app = profile.ProfileMiddleware( app, conf ) log.debug( "Enabling 'profile' middleware" ) # Middleware that intercepts print statements and shows them on the # returned page if asbool( conf.get( 'use_printdebug', True ) ): from paste.debug import prints app = prints.PrintDebugMiddleware( app, conf ) log.debug( "Enabling 'print debug' middleware" ) if debug and asbool( conf.get( 'use_interactive', False ) ) and not process_is_uwsgi: # Interactive exception debugging, scary dangerous if publicly # accessible, if not enabled we'll use the regular error printing # middleware. pkg_resources.require( "WebError" ) from weberror import evalexception app = evalexception.EvalException( app, conf, templating_formatters=build_template_error_formatters() ) log.debug( "Enabling 'eval exceptions' middleware" ) else: if debug and asbool( conf.get( 'use_interactive', False ) ) and process_is_uwsgi: log.error("Interactive debugging middleware is enabled in your configuration " "but this is a uwsgi process. Refusing to wrap in interactive error middleware.") # Not in interactive debug mode, just use the regular error middleware from paste.exceptions import errormiddleware app = errormiddleware.ErrorMiddleware( app, conf ) log.debug( "Enabling 'error' middleware" ) # Transaction logging (apache access.log style) if asbool( conf.get( 'use_translogger', True ) ): from paste.translogger import TransLogger app = TransLogger( app ) log.debug( "Enabling 'trans logger' middleware" ) # X-Forwarded-Host handling from galaxy.web.framework.middleware.xforwardedhost import XForwardedHostMiddleware app = XForwardedHostMiddleware( app ) log.debug( "Enabling 'x-forwarded-host' middleware" ) return app
def wrap_in_middleware(app, global_conf, **local_conf): """Based on the configuration wrap `app` in a set of common and useful middleware.""" # Merge the global and local configurations conf = global_conf.copy() conf.update(local_conf) debug = asbool(conf.get('debug', False)) # First put into place httpexceptions, which must be most closely # wrapped around the application (it can interact poorly with # other middleware): app = httpexceptions.make_middleware(app, conf) log.debug("Enabling 'httpexceptions' middleware") # The recursive middleware allows for including requests in other # requests or forwarding of requests, all on the server side. if asbool(conf.get('use_recursive', True)): from paste import recursive app = recursive.RecursiveMiddleware(app, conf) log.debug("Enabling 'recursive' middleware") # Various debug middleware that can only be turned on if the debug # flag is set, either because they are insecure or greatly hurt # performance if debug: # Middleware to check for WSGI compliance if asbool(conf.get('use_lint', True)): from paste import lint app = lint.make_middleware(app, conf) log.debug("Enabling 'lint' middleware") # Middleware to run the python profiler on each request if asbool(conf.get('use_profile', False)): import profile app = profile.ProfileMiddleware(app, conf) log.debug("Enabling 'profile' middleware") # Middleware that intercepts print statements and shows them on the # returned page if asbool(conf.get('use_printdebug', True)): from paste.debug import prints app = prints.PrintDebugMiddleware(app, conf) log.debug("Enabling 'print debug' middleware") if debug and asbool(conf.get('use_interactive', False)): # Interactive exception debugging, scary dangerous if publicly # accessible, if not enabled we'll use the regular error printing # middleware. pkg_resources.require("WebError") from weberror import evalexception app = evalexception.EvalException( app, conf, templating_formatters=build_template_error_formatters()) log.debug("Enabling 'eval exceptions' middleware") else: # Not in interactive debug mode, just use the regular error middleware from paste.exceptions import errormiddleware app = errormiddleware.ErrorMiddleware( app, conf, show_exceptions_in_wsgi_errors=True, error_log=log) log.debug("Enabling 'error' middleware") # Transaction logging (apache access.log style) if asbool(conf.get('use_translogger', True)): from paste.translogger import TransLogger app = TransLogger(app) log.debug("Enabling 'trans logger' middleware") # Config middleware just stores the paste config along with the request, # not sure we need this but useful from paste.deploy.config import ConfigMiddleware app = ConfigMiddleware(app, conf) log.debug("Enabling 'config' middleware") # X-Forwarded-Host handling from cm.framework.middleware.xforwardedhost import XForwardedHostMiddleware app = XForwardedHostMiddleware(app) log.debug("Enabling 'x-forwarded-host' middleware") # Paste digest authentication ud = misc.load_yaml_file(paths.USER_DATA_FILE) if ud.get('password', ''): from paste.auth.basic import AuthBasicHandler app = AuthBasicHandler(app, 'CM Administration', cm_authfunc) return app