##// END OF EJS Templates
authn: Fix form validation of authentication plugins....
authn: Fix form validation of authentication plugins. - Check if plugin exists. - Display an apropriate error message if it doesn't exist.

File last commit:

r36:8b924f40 default
r102:1a9dcffb default
Show More
middleware.py
310 lines | 11.4 KiB | text/x-python | PythonLexer
project: added all source files and assets
r1 # -*- coding: utf-8 -*-
# Copyright (C) 2010-2016 RhodeCode GmbH
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License, version 3
# (only), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# This program is dual-licensed. If you wish to learn more about the
# RhodeCode Enterprise Edition, including its added features, Support services,
# and proprietary license terms, please see https://rhodecode.com/licenses/
"""
Pylons middleware initialization
"""
import logging
from paste.registry import RegistryManager
from paste.gzipper import make_gzip_middleware
from pylons.middleware import ErrorHandler, StatusCodeRedirect
from pylons.wsgiapp import PylonsApp
from pyramid.authorization import ACLAuthorizationPolicy
from pyramid.config import Configurator
from pyramid.static import static_view
from pyramid.settings import asbool, aslist
from pyramid.wsgi import wsgiapp
from routes.middleware import RoutesMiddleware
import routes.util
import rhodecode
from rhodecode.config import patches
from rhodecode.config.environment import load_environment
from rhodecode.lib.middleware import csrf
from rhodecode.lib.middleware.appenlight import wrap_in_appenlight_if_enabled
from rhodecode.lib.middleware.disable_vcs import DisableVCSPagesWrapper
from rhodecode.lib.middleware.https_fixup import HttpsFixup
from rhodecode.lib.middleware.vcs import VCSMiddleware
from rhodecode.lib.plugins.utils import register_rhodecode_plugin
log = logging.getLogger(__name__)
def make_app(global_conf, full_stack=True, static_files=True, **app_conf):
"""Create a Pylons WSGI application and return it
``global_conf``
The inherited configuration for this application. Normally from
the [DEFAULT] section of the Paste ini file.
``full_stack``
Whether or not this application provides a full WSGI stack (by
default, meaning it handles its own exceptions and errors).
Disable full_stack when this application is "managed" by
another WSGI middleware.
``app_conf``
The application's local configuration. Normally specified in
the [app:<name>] section of the Paste ini file (where <name>
defaults to main).
"""
# Apply compatibility patches
patches.kombu_1_5_1_python_2_7_11()
patches.inspect_getargspec()
# Configure the Pylons environment
config = load_environment(global_conf, app_conf)
# The Pylons WSGI app
app = PylonsApp(config=config)
if rhodecode.is_test:
app = csrf.CSRFDetector(app)
expected_origin = config.get('expected_origin')
if expected_origin:
# The API can be accessed from other Origins.
app = csrf.OriginChecker(app, expected_origin,
skip_urls=[routes.util.url_for('api')])
# Add RoutesMiddleware. Currently we have two instances in the stack. This
# is the lower one to make the StatusCodeRedirect middleware happy.
# TODO: johbo: This is not optimal, search for a better solution.
app = RoutesMiddleware(app, config['routes.map'])
# CUSTOM MIDDLEWARE HERE (filtered by error handling middlewares)
if asbool(config['pdebug']):
from rhodecode.lib.profiler import ProfilingMiddleware
app = ProfilingMiddleware(app)
# Protect from VCS Server error related pages when server is not available
vcs_server_enabled = asbool(config.get('vcs.server.enable', 'true'))
if not vcs_server_enabled:
app = DisableVCSPagesWrapper(app)
if asbool(full_stack):
# Appenlight monitoring and error handler
app, appenlight_client = wrap_in_appenlight_if_enabled(app, config)
# Handle Python exceptions
app = ErrorHandler(app, global_conf, **config['pylons.errorware'])
# we want our low level middleware to get to the request ASAP. We don't
# need any pylons stack middleware in them
app = VCSMiddleware(app, config, appenlight_client)
# Display error documents for 401, 403, 404 status codes (and
# 500 when debug is disabled)
if asbool(config['debug']):
app = StatusCodeRedirect(app)
else:
app = StatusCodeRedirect(app, [400, 401, 403, 404, 500])
# enable https redirects based on HTTP_X_URL_SCHEME set by proxy
app = HttpsFixup(app, config)
# Establish the Registry for this application
app = RegistryManager(app)
app.config = config
return app
def make_pyramid_app(global_config, **settings):
"""
Constructs the WSGI application based on Pyramid and wraps the Pylons based
application.
Specials:
* We migrate from Pylons to Pyramid. While doing this, we keep both
frameworks functional. This involves moving some WSGI middlewares around
and providing access to some data internals, so that the old code is
still functional.
* The application can also be integrated like a plugin via the call to
`includeme`. This is accompanied with the other utility functions which
are called. Changing this should be done with great care to not break
cases when these fragments are assembled from another place.
"""
# The edition string should be available in pylons too, so we add it here
# before copying the settings.
settings.setdefault('rhodecode.edition', 'Community Edition')
# As long as our Pylons application does expect "unprepared" settings, make
# sure that we keep an unmodified copy. This avoids unintentional change of
# behavior in the old application.
settings_pylons = settings.copy()
sanitize_settings_and_apply_defaults(settings)
config = Configurator(settings=settings)
add_pylons_compat_data(config.registry, global_config, settings_pylons)
includeme(config)
includeme_last(config)
pyramid_app = config.make_wsgi_app()
pyramid_app = wrap_app_in_wsgi_middlewares(pyramid_app, config)
return pyramid_app
def add_pylons_compat_data(registry, global_config, settings):
"""
Attach data to the registry to support the Pylons integration.
"""
registry._pylons_compat_global_config = global_config
registry._pylons_compat_settings = settings
def includeme(config):
settings = config.registry.settings
# Includes which are required. The application would fail without them.
config.include('pyramid_mako')
config.include('pyramid_beaker')
config.include('rhodecode.authentication')
login: Include login configuration.
r36 config.include('rhodecode.login')
project: added all source files and assets
r1 config.include('rhodecode.tweens')
config.include('rhodecode.api')
# Set the authorization policy.
authz_policy = ACLAuthorizationPolicy()
config.set_authorization_policy(authz_policy)
# Set the default renderer for HTML templates to mako.
config.add_mako_renderer('.html')
# plugin information
config.registry.rhodecode_plugins = {}
config.add_directive(
'register_rhodecode_plugin', register_rhodecode_plugin)
# include RhodeCode plugins
includes = aslist(settings.get('rhodecode.includes', []))
for inc in includes:
config.include(inc)
# This is the glue which allows us to migrate in chunks. By registering the
# pylons based application as the "Not Found" view in Pyramid, we will
# fallback to the old application each time the new one does not yet know
# how to handle a request.
pylons_app = make_app(
config.registry._pylons_compat_global_config,
**config.registry._pylons_compat_settings)
config.registry._pylons_compat_config = pylons_app.config
pylons_app_as_view = wsgiapp(pylons_app)
config.add_notfound_view(pylons_app_as_view)
def includeme_last(config):
"""
The static file catchall needs to be last in the view configuration.
"""
settings = config.registry.settings
# Note: johbo: I would prefer to register a prefix for static files at some
# point, e.g. move them under '_static/'. This would fully avoid that we
# can have name clashes with a repository name. Imaging someone calling his
# repo "css" ;-) Also having an external web server to serve out the static
# files seems to be easier to set up if they have a common prefix.
#
# Example: config.add_static_view('_static', path='rhodecode:public')
#
# It might be an option to register both paths for a while and then migrate
# over to the new location.
# Serving static files with a catchall.
if settings['static_files']:
config.add_route('catchall_static', '/*subpath')
config.add_view(
static_view('rhodecode:public'), route_name='catchall_static')
def wrap_app_in_wsgi_middlewares(pyramid_app, config):
"""
Apply outer WSGI middlewares around the application.
Part of this has been moved up from the Pylons layer, so that the
data is also available if old Pylons code is hit through an already ported
view.
"""
settings = config.registry.settings
# Add RoutesMiddleware. Currently we have two instances in the stack. This
# is the upper one to support the pylons compatibility tween during
# migration to pyramid.
pyramid_app = RoutesMiddleware(
pyramid_app, config.registry._pylons_compat_config['routes.map'])
# TODO: johbo: Don't really see why we enable the gzip middleware when
# serving static files, might be something that should have its own setting
# as well?
if settings['static_files']:
pyramid_app = make_gzip_middleware(
pyramid_app, settings, compress_level=1)
return pyramid_app
def sanitize_settings_and_apply_defaults(settings):
"""
Applies settings defaults and does all type conversion.
We would move all settings parsing and preparation into this place, so that
we have only one place left which deals with this part. The remaining parts
of the application would start to rely fully on well prepared settings.
This piece would later be split up per topic to avoid a big fat monster
function.
"""
# Pyramid's mako renderer has to search in the templates folder so that the
# old templates still work. Ported and new templates are expected to use
# real asset specifications for the includes.
mako_directories = settings.setdefault('mako.directories', [
# Base templates of the original Pylons application
'rhodecode:templates',
])
log.debug(
"Using the following Mako template directories: %s",
mako_directories)
# Default includes, possible to change as a user
pyramid_includes = settings.setdefault('pyramid.includes', [
'rhodecode.lib.middleware.request_wrapper',
])
log.debug(
"Using the following pyramid.includes: %s",
pyramid_includes)
# TODO: johbo: Re-think this, usually the call to config.include
# should allow to pass in a prefix.
settings.setdefault('rhodecode.api.url', '/_admin/api')
_bool_setting(settings, 'vcs.server.enable', 'true')
_bool_setting(settings, 'static_files', 'true')
return settings
def _bool_setting(settings, name, default):
settings[name] = asbool(settings.get(name, default))