##// END OF EJS Templates
api: add consistent permissions_summary data for both user and user_groups that expose...
api: add consistent permissions_summary data for both user and user_groups that expose the summary of permissions for each object. - deprecates the 'permissions' data key for get_user - adds a consistent way of fetching permissions summary for both objects.

File last commit:

r2367:1eecd373 default
r2437:31460ef8 default
Show More
middleware.py
437 lines | 15.4 KiB | text/x-python | PythonLexer
project: added all source files and assets
r1 # -*- coding: utf-8 -*-
license: updated copyright year to 2017
r1271 # Copyright (C) 2010-2017 RhodeCode GmbH
project: added all source files and assets
r1 #
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License, version 3
# (only), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# This program is dual-licensed. If you wish to learn more about the
# RhodeCode Enterprise Edition, including its added features, Support services,
# and proprietary license terms, please see https://rhodecode.com/licenses/
import logging
error-view: expose traceback variable in error view.
r1915 import traceback
core: code refactor and cleanups for easier pylons porting.
r2321 import collections
project: added all source files and assets
r1
from paste.gzipper import make_gzip_middleware
pylons: remove pylons as dependency...
r2351 from pyramid.wsgi import wsgiapp
project: added all source files and assets
r1 from pyramid.authorization import ACLAuthorizationPolicy
from pyramid.config import Configurator
from pyramid.settings import asbool, aslist
Martin Bornhold
wsgi-stack: Use the pylons error handling middleware.
r945 from pyramid.httpexceptions import (
pylons: remove pylons as dependency...
r2351 HTTPException, HTTPError, HTTPInternalServerError, HTTPFound, HTTPNotFound)
Martin Bornhold
config: Move initial repo scan up to the pyramid layer....
r580 from pyramid.events import ApplicationCreated
Martin Bornhold
config: Move appenlight wrapping from pylons to pyramid.
r595 from pyramid.renderers import render_to_response
repo-summary: re-implemented summary view as pyramid....
r1785
dan
db: move Session.remove to outer wsgi layer and also add it...
r669 from rhodecode.model import meta
db: Move db setup code to seperate function.
r121 from rhodecode.config import patches
users: ported controllers from pylons into pyramid views.
r2114 from rhodecode.config import utils as config_utils
pylons: remove pylons as dependency...
r2351 from rhodecode.config.environment import load_pyramid_environment
repo-summary: re-implemented summary view as pyramid....
r1785
pylons: remove pylons as dependency...
r2351 from rhodecode.lib.middleware.vcs import VCSMiddleware
repo-summary: re-implemented summary view as pyramid....
r1785 from rhodecode.lib.vcs import VCSCommunicationError
from rhodecode.lib.exceptions import VCSServerUnavailable
project: added all source files and assets
r1 from rhodecode.lib.middleware.appenlight import wrap_in_appenlight_if_enabled
from rhodecode.lib.middleware.https_fixup import HttpsFixup
celery: celery 4.X support. Fixes #4169...
r2359 from rhodecode.lib.celerylib.loader import configure_celery
project: added all source files and assets
r1 from rhodecode.lib.plugins.utils import register_rhodecode_plugin
repo-summary: re-implemented summary view as pyramid....
r1785 from rhodecode.lib.utils2 import aslist as rhodecode_aslist, AttributeDict
core: added metadata for control upgrades.
r1392 from rhodecode.subscribers import (
core: remove writing of largeobject dirs on AppStartup....
r1680 scan_repositories_if_enabled, write_js_routes_if_enabled,
users: ported controllers from pylons into pyramid views.
r2114 write_metadata_if_needed, inject_app_settings)
project: added all source files and assets
r1
log = logging.getLogger(__name__)
pylons: remove pylons as dependency...
r2351 def is_http_error(response):
# error which should have traceback
return response.status_code > 499
project: added all source files and assets
r1
def make_pyramid_app(global_config, **settings):
"""
pylons: remove pylons as dependency...
r2351 Constructs the WSGI application based on Pyramid.
project: added all source files and assets
r1
Specials:
* The application can also be integrated like a plugin via the call to
`includeme`. This is accompanied with the other utility functions which
are called. Changing this should be done with great care to not break
cases when these fragments are assembled from another place.
"""
sanitize_settings_and_apply_defaults(settings)
users: ported controllers from pylons into pyramid views.
r2114
project: added all source files and assets
r1 config = Configurator(settings=settings)
users: ported controllers from pylons into pyramid views.
r2114
pylons: remove pylons as dependency...
r2351 # Apply compatibility patches
patches.inspect_getargspec()
load_pyramid_environment(global_config, settings)
db: Move initialization of test environment up to pyramid layer.
r116
settings: removed not used supervisor views/models....
r2325 # Static file view comes first
dan
assets: skip RoutesMiddleware matching on certain urls to avoid...
r463 includeme_first(config)
settings: removed not used supervisor views/models....
r2325
project: added all source files and assets
r1 includeme(config)
files: ported repository files controllers to pyramid views.
r1927
project: added all source files and assets
r1 pyramid_app = config.make_wsgi_app()
pyramid_app = wrap_app_in_wsgi_middlewares(pyramid_app, config)
dan
pyramid: add config to make_pyramid_app for inspection afterwards
r619 pyramid_app.config = config
dan
db: move Session.remove to outer wsgi layer and also add it...
r669
celery: celery 4.X support. Fixes #4169...
r2359 config.configure_celery(global_config['__file__'])
dan
db: move Session.remove to outer wsgi layer and also add it...
r669 # creating the app uses a connection - return it after we are done
meta.Session.remove()
celery: celery 4.X support. Fixes #4169...
r2359 log.info('Pyramid app %s created and configured.', pyramid_app)
project: added all source files and assets
r1 return pyramid_app
pylons: remove pylons as dependency...
r2351 def not_found_view(request):
Martin Bornhold
vcs: Move VCSMiddleware up to pyramid layer as wrapper around pylons app....
r581 """
Martin Bornhold
config: Move appenlight wrapping from pylons to pyramid.
r595 This creates the view which should be registered as not-found-view to
pylons: remove pylons as dependency...
r2351 pyramid.
Martin Bornhold
vcs: Move VCSMiddleware up to pyramid layer as wrapper around pylons app....
r581 """
pylons: remove pylons as dependency...
r2351 if not getattr(request, 'vcs_call', None):
# handle like regular case with our error_handler
return error_handler(HTTPNotFound(), request)
Martin Bornhold
config: Move appenlight wrapping from pylons to pyramid.
r595
pylons: remove pylons as dependency...
r2351 # handle not found view as a vcs call
settings = request.registry.settings
ae_client = getattr(request, 'ae_client', None)
vcs_app = VCSMiddleware(
HTTPNotFound(), request.registry, settings,
appenlight_client=ae_client)
Martin Bornhold
vcs: Use response header to decide if error handling is needed.
r609
pylons: remove pylons as dependency...
r2351 return wsgiapp(vcs_app)(None, request)
project: added all source files and assets
r1
dan
errorpages: add appenlight to pyramid layer
r194 def error_handler(exception, request):
error-middleware: read title from cached rhodecode object....
r1496 import rhodecode
error-document: make sure the error document has registered helpers,...
r1748 from rhodecode.lib import helpers
dan
pyramid: make responses/exceptions from pyramid/pylons work
r187
error-middleware: read title from cached rhodecode object....
r1496 rhodecode_title = rhodecode.CONFIG.get('rhodecode_title') or 'RhodeCode'
dan
pyramid: make responses/exceptions from pyramid/pylons work
r187
dan
errorpages: add appenlight to pyramid layer
r194 base_response = HTTPInternalServerError()
# prefer original exception for the response since it may have headers set
core: properly handle new redirections set in decorators....
r1499 if isinstance(exception, HTTPException):
dan
errorpages: add appenlight to pyramid layer
r194 base_response = exception
repo-summary: re-implemented summary view as pyramid....
r1785 elif isinstance(exception, VCSCommunicationError):
base_response = VCSServerUnavailable()
dan
errorpages: add appenlight to pyramid layer
r194
error-handling: show tracebacks only for error code 500 and above.
r1314 if is_http_error(base_response):
log.exception(
'error occurred handling this request for path: %s', request.path)
auth: because we use 404 for access denied too. Show proper message about it in error page
r2115 error_explanation = base_response.explanation or str(base_response)
if base_response.status_code == 404:
error_explanation += " Or you don't have permission to access it."
dan
pyramid: make responses/exceptions from pyramid/pylons work
r187 c = AttributeDict()
dan
errorpages: add appenlight to pyramid layer
r194 c.error_message = base_response.status
auth: because we use 404 for access denied too. Show proper message about it in error page
r2115 c.error_explanation = error_explanation
dan
pyramid: make responses/exceptions from pyramid/pylons work
r187 c.visual = AttributeDict()
c.visual.rhodecode_support_url = (
request.registry.settings.get('rhodecode_support_url') or
request.route_url('rhodecode_support')
)
c.redirect_time = 0
error-middleware: read title from cached rhodecode object....
r1496 c.rhodecode_name = rhodecode_title
dan
pyramid: make responses/exceptions from pyramid/pylons work
r187 if not c.rhodecode_name:
c.rhodecode_name = 'Rhodecode'
dan
ux: show list of causes for vcs unavailable error page
r683 c.causes = []
error-page: use custom causes for 500+ errors
r2116 if is_http_error(base_response):
c.causes.append('Server is overloaded.')
c.causes.append('Server database connection is lost.')
c.causes.append('Server expected unhandled error.')
dan
ux: show list of causes for vcs unavailable error page
r683 if hasattr(base_response, 'causes'):
c.causes = base_response.causes
error-page: use custom causes for 500+ errors
r2116
pyramid: changes for pyramid migration.
r1908 c.messages = helpers.flash.pop_messages(request=request)
error-view: expose traceback variable in error view.
r1915 c.traceback = traceback.format_exc()
dan
pyramid: make responses/exceptions from pyramid/pylons work
r187 response = render_to_response(
error-document: make sure the error document has registered helpers,...
r1748 '/errors/error_document.mako', {'c': c, 'h': helpers}, request=request,
dan
errorpages: use original http status for rendered error page
r190 response=base_response)
dan
pyramid: make responses/exceptions from pyramid/pylons work
r187 return response
middleware: code restructure
r2326 def includeme_first(config):
# redirect automatic browser favicon.ico requests to correct place
def favicon_redirect(context, request):
return HTTPFound(
request.static_path('rhodecode:public/images/favicon.ico'))
config.add_view(favicon_redirect, route_name='favicon')
config.add_route('favicon', '/favicon.ico')
def robots_redirect(context, request):
return HTTPFound(
request.static_path('rhodecode:public/robots.txt'))
config.add_view(robots_redirect, route_name='robots')
config.add_route('robots', '/robots.txt')
config.add_static_view(
'_static/deform', 'deform:static')
config.add_static_view(
'_static/rhodecode', path='rhodecode:public', cache_max_age=3600 * 24)
project: added all source files and assets
r1 def includeme(config):
settings = config.registry.settings
middleware: add the register plugin directive further up the config stack
r470 # plugin information
core: code refactor and cleanups for easier pylons porting.
r2321 config.registry.rhodecode_plugins = collections.OrderedDict()
middleware: add the register plugin directive further up the config stack
r470
config.add_directive(
'register_rhodecode_plugin', register_rhodecode_plugin)
celery: celery 4.X support. Fixes #4169...
r2359 config.add_directive('configure_celery', configure_celery)
dan
errorpages: add appenlight to pyramid layer
r194 if asbool(settings.get('appenlight', 'false')):
config.include('appenlight_client.ext.pyramid_tween')
project: added all source files and assets
r1 # Includes which are required. The application would fail without them.
config.include('pyramid_mako')
config.include('pyramid_beaker')
caches: configure defaults for all defined regions....
r2367 config.include('rhodecode.lib.caches')
admin: moved admin pyramid into apps.
r1503
project: added all source files and assets
r1 config.include('rhodecode.authentication')
dan
integrations: add integration support...
r411 config.include('rhodecode.integrations')
user-profile: migrated to pyramid views.
r1502
# apps
core: added supports of repo based views via pyramid.
r1554 config.include('rhodecode.apps._base')
core: added ops view to pyramid to have a PING command with pure pyramid.
r1669 config.include('rhodecode.apps.ops')
core: added supports of repo based views via pyramid.
r1554
admin: moved admin pyramid into apps.
r1503 config.include('rhodecode.apps.admin')
channelstream: move into apps
r1504 config.include('rhodecode.apps.channelstream')
login: moved to apps module
r1501 config.include('rhodecode.apps.login')
core: moved users and user groups autocomplete into pyramid....
r1666 config.include('rhodecode.apps.home')
journal: ported controller to pyramid code
r1933 config.include('rhodecode.apps.journal')
repositories: enabled support for maintenance commands....
r1555 config.include('rhodecode.apps.repository')
home: moved home and repo group views into pyramid....
r1774 config.include('rhodecode.apps.repo_group')
user-groups: rewrote the app to pyramid...
r2068 config.include('rhodecode.apps.user_group')
search: moved search into pyramid views.
r1685 config.include('rhodecode.apps.search')
user-profile: migrated to pyramid views.
r1502 config.include('rhodecode.apps.user_profile')
my-account-auth-tokens: moved into pyramid apps....
r1505 config.include('rhodecode.apps.my_account')
svn-support: move into apps module.
r1531 config.include('rhodecode.apps.svn_support')
ssh: added support for auto generating authorized_keys from stored ssh keys.
r1994 config.include('rhodecode.apps.ssh_support')
dan
gists: migrated gists controller to pyramid view.
r1891 config.include('rhodecode.apps.gist')
user-profile: migrated to pyramid views.
r1502
dan
debug-style: moved from pylons controller to pyramid view.
r1900 config.include('rhodecode.apps.debug_style')
project: added all source files and assets
r1 config.include('rhodecode.tweens')
config.include('rhodecode.api')
admin: moved admin pyramid into apps.
r1503
dan
pyramid: make responses/exceptions from pyramid/pylons work
r187 config.add_route(
'rhodecode_support', 'https://rhodecode.com/help/', static=True)
project: added all source files and assets
r1
i18n: enable translation defaults for pyramid views.
r1303 config.add_translation_dirs('rhodecode:i18n/')
settings['default_locale_name'] = settings.get('lang', 'en')
Martin Bornhold
config: Move initial repo scan up to the pyramid layer....
r580 # Add subscribers.
users: ported controllers from pylons into pyramid views.
r2114 config.add_subscriber(inject_app_settings, ApplicationCreated)
Martin Bornhold
config: Move initial repo scan up to the pyramid layer....
r580 config.add_subscriber(scan_repositories_if_enabled, ApplicationCreated)
core: added metadata for control upgrades.
r1392 config.add_subscriber(write_metadata_if_needed, ApplicationCreated)
application: moved JS routes generation into pyramid....
r1538 config.add_subscriber(write_js_routes_if_enabled, ApplicationCreated)
Martin Bornhold
config: Move initial repo scan up to the pyramid layer....
r580
events: re-organizate events handling....
r1789 # events
# TODO(marcink): this should be done when pyramid migration is finished
# config.add_subscriber(
# 'rhodecode.integrations.integrations_event_handler',
# 'rhodecode.events.RhodecodeEvent')
middleware: code restructure
r2326 # request custom methods
config.add_request_method(
'rhodecode.lib.partial_renderer.get_partial_renderer',
'get_partial_renderer')
project: added all source files and assets
r1 # Set the authorization policy.
authz_policy = ACLAuthorizationPolicy()
config.set_authorization_policy(authz_policy)
# Set the default renderer for HTML templates to mako.
config.add_mako_renderer('.html')
core: added ext_json as custom renderer using our ext_json lib for pyramid.
r1664 config.add_renderer(
name='json_ext',
factory='rhodecode.lib.ext_json_renderer.pyramid_ext_json')
project: added all source files and assets
r1 # include RhodeCode plugins
includes = aslist(settings.get('rhodecode.includes', []))
for inc in includes:
config.include(inc)
pylons: remove pylons as dependency...
r2351 # custom not found view, if our pyramid app doesn't know how to handle
# the request pass it to potential VCS handling ap
config.add_notfound_view(not_found_view)
dan
errorpages: fix case when a pyramid httperror was not being rendered...
r449 if not settings.get('debugtoolbar.enabled', False):
pyramid: allows easier turning off the pylons components.
r1912 # disabled debugtoolbar handle all exceptions via the error_handlers
dan
errorpages: fix case when a pyramid httperror was not being rendered...
r449 config.add_view(error_handler, context=Exception)
pylons: remove pylons as dependency...
r2351 # all errors including 403/404/50X
dan
errorpages: fix case when a pyramid httperror was not being rendered...
r449 config.add_view(error_handler, context=HTTPError)
project: added all source files and assets
r1
def wrap_app_in_wsgi_middlewares(pyramid_app, config):
"""
Apply outer WSGI middlewares around the application.
"""
settings = config.registry.settings
config: Move HttpsFixup middleware up...
r181 # enable https redirects based on HTTP_X_URL_SCHEME set by proxy
pyramid_app = HttpsFixup(pyramid_app, settings)
pylons: remove pylons as dependency...
r2351 pyramid_app, _ae_client = wrap_in_appenlight_if_enabled(
pyramid_app, settings)
config.registry.ae_client = _ae_client
dan
errorpages: add appenlight to pyramid layer
r194
Martin Bornhold
config: Sanitize 'appenlight' and 'gzip_responses' settings.
r598 if settings['gzip_responses']:
project: added all source files and assets
r1 pyramid_app = make_gzip_middleware(
pyramid_app, settings, compress_level=1)
dan
db: move Session.remove to outer wsgi layer and also add it...
r669 # this should be the outer most middleware in the wsgi stack since
# middleware like Routes make database calls
def pyramid_app_with_cleanup(environ, start_response):
try:
return pyramid_app(environ, start_response)
finally:
# Dispose current database session and rollback uncommitted
# transactions.
meta.Session.remove()
# In a single threaded mode server, on non sqlite db we should have
# '0 Current Checked out connections' at the end of a request,
# if not, then something, somewhere is leaving a connection open
pool = meta.Base.metadata.bind.engine.pool
log.debug('sa pool status: %s', pool.status())
return pyramid_app_with_cleanup
project: added all source files and assets
r1
def sanitize_settings_and_apply_defaults(settings):
"""
Applies settings defaults and does all type conversion.
We would move all settings parsing and preparation into this place, so that
we have only one place left which deals with this part. The remaining parts
of the application would start to rely fully on well prepared settings.
This piece would later be split up per topic to avoid a big fat monster
function.
"""
core: cleanup settings cleanups on pyramid app.
r2316 settings.setdefault('rhodecode.edition', 'Community Edition')
if 'mako.default_filters' not in settings:
# set custom default filters if we don't have it defined
settings['mako.imports'] = 'from rhodecode.lib.base import h_filter'
settings['mako.default_filters'] = 'h_filter'
if 'mako.directories' not in settings:
mako_directories = settings.setdefault('mako.directories', [
# Base templates of the original application
'rhodecode:templates',
])
log.debug(
"Using the following Mako template directories: %s",
mako_directories)
project: added all source files and assets
r1
# Default includes, possible to change as a user
pyramid_includes = settings.setdefault('pyramid.includes', [
'rhodecode.lib.middleware.request_wrapper',
])
log.debug(
"Using the following pyramid.includes: %s",
pyramid_includes)
# TODO: johbo: Re-think this, usually the call to config.include
# should allow to pass in a prefix.
settings.setdefault('rhodecode.api.url', '/_admin/api')
Martin Bornhold
config: Sanitize 'appenlight' and 'gzip_responses' settings.
r598 # Sanitize generic settings.
Martin Bornhold
config: Sanitize 'default encoding' setting.
r586 _list_setting(settings, 'default_encoding', 'UTF-8')
db: Set `rhodecode.is_test` in `make_pyramid_app` instead of `make_app`...
r118 _bool_setting(settings, 'is_test', 'false')
Martin Bornhold
config: Sanitize 'appenlight' and 'gzip_responses' settings.
r598 _bool_setting(settings, 'gzip_responses', 'false')
project: added all source files and assets
r1
Martin Bornhold
config: Sanitize vcs realted settings during pyramid app init.
r585 # Call split out functions that sanitize settings for each topic.
Martin Bornhold
config: Sanitize 'appenlight' and 'gzip_responses' settings.
r598 _sanitize_appenlight_settings(settings)
Martin Bornhold
config: Sanitize vcs realted settings during pyramid app init.
r585 _sanitize_vcs_settings(settings)
users: ported controllers from pylons into pyramid views.
r2114 # configure instance id
config_utils.set_instance_id(settings)
project: added all source files and assets
r1 return settings
Martin Bornhold
config: Sanitize 'appenlight' and 'gzip_responses' settings.
r598 def _sanitize_appenlight_settings(settings):
_bool_setting(settings, 'appenlight', 'false')
Martin Bornhold
config: Sanitize vcs realted settings during pyramid app init.
r585 def _sanitize_vcs_settings(settings):
"""
Applies settings defaults and does type conversion for all VCS related
settings.
"""
_string_setting(settings, 'vcs.svn.compatible_version', '')
_string_setting(settings, 'git_rev_filter', '--all')
Martin Bornhold
http: Use http as default setting when sanitize config values. Part of #4237
r958 _string_setting(settings, 'vcs.hooks.protocol', 'http')
_string_setting(settings, 'vcs.scm_app_implementation', 'http')
Martin Bornhold
config: Sanitize vcs realted settings during pyramid app init.
r585 _string_setting(settings, 'vcs.server', '')
_string_setting(settings, 'vcs.server.log_level', 'debug')
Martin Bornhold
http: Use http as default setting when sanitize config values. Part of #4237
r958 _string_setting(settings, 'vcs.server.protocol', 'http')
Martin Bornhold
config: Sanitize vcs realted settings during pyramid app init.
r585 _bool_setting(settings, 'startup.import_repos', 'false')
_bool_setting(settings, 'vcs.hooks.direct_calls', 'false')
_bool_setting(settings, 'vcs.server.enable', 'true')
_bool_setting(settings, 'vcs.start_server', 'false')
_list_setting(settings, 'vcs.backends', 'hg, git, svn')
Martin Bornhold
config: Sanitize 'vcs.connection_timeout' setting in pyramid app init.
r623 _int_setting(settings, 'vcs.connection_timeout', 3600)
Martin Bornhold
vcs: Map legacy setting value 'rhodecode.lib.middleware.utils.scm_app_http' -> 'http' to support legacy configs.
r963 # Support legacy values of vcs.scm_app_implementation. Legacy
# configurations may use 'rhodecode.lib.middleware.utils.scm_app_http'
# which is now mapped to 'http'.
scm_app_impl = settings['vcs.scm_app_implementation']
if scm_app_impl == 'rhodecode.lib.middleware.utils.scm_app_http':
settings['vcs.scm_app_implementation'] = 'http'
Martin Bornhold
config: Sanitize 'vcs.connection_timeout' setting in pyramid app init.
r623
def _int_setting(settings, name, default):
settings[name] = int(settings.get(name, default))
Martin Bornhold
config: Sanitize vcs realted settings during pyramid app init.
r585
project: added all source files and assets
r1 def _bool_setting(settings, name, default):
pylons: remove pylons as dependency...
r2351 input_val = settings.get(name, default)
if isinstance(input_val, unicode):
input_val = input_val.encode('utf8')
settings[name] = asbool(input_val)
Martin Bornhold
config: Add method to sanitize list values from ini file.
r583
def _list_setting(settings, name, default):
raw_value = settings.get(name, default)
Martin Bornhold
config: Use rhodecode aslist if commas included in list settings otherwise pyramids aslist.
r604 old_separator = ','
if old_separator in raw_value:
# If we get a comma separated list, pass it to our own function.
settings[name] = rhodecode_aslist(raw_value, sep=old_separator)
else:
# Otherwise we assume it uses pyramids space/newline separation.
settings[name] = aslist(raw_value)
Martin Bornhold
config: Add method to sanitize string values from ini file.
r584
Martin Bornhold
config: Add argument to convert settings to lowercase or not....
r1003 def _string_setting(settings, name, default, lower=True):
value = settings.get(name, default)
if lower:
value = value.lower()
settings[name] = value