cubicweb: web/application.py@0e4fb0a257ab (annotated)

0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	1	"""CubicWeb web client application object
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	2
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	3	:organization: Logilab
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	4	:copyright: 2001-2008 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	5	:contact: http://www.logilab.fr/ -- mailto:contact@logilab.fr
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	6	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	7	__docformat__ = "restructuredtext en"
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	8
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	9	import sys
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	10	from time import clock, time
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	11
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	12	from rql import BadRQLQuery
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	13
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	14	from cubicweb import set_log_methods
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	15	from cubicweb import (ValidationError, Unauthorized, AuthenticationError,
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	16	NoSelectableObject, RepositoryError)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	17	from cubicweb.cwconfig import CubicWebConfiguration
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	18	from cubicweb.cwvreg import CubicWebRegistry
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	19	from cubicweb.web import (LOGGER, StatusResponse, DirectResponse, Redirect, NotFound,
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	20	RemoteCallFailed, ExplicitLogin, InvalidSession)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	21	from cubicweb.web.component import SingletonComponent
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	22
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	23	# make session manager available through a global variable so the debug view can
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	24	# print information about web session
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	25	SESSION_MANAGER = None
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	26
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	27	class AbstractSessionManager(SingletonComponent):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	28	"""manage session data associated to a session identifier"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	29	id = 'sessionmanager'
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	30
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	31	def __init__(self):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	32	self.session_time = self.vreg.config['http-session-time'] or None
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	33	assert self.session_time is None or self.session_time > 0
168 f6be0c92fc38 fix default values Sylvain Thenault <sylvain.thenault@logilab.fr> parents: 0 diff changeset	34	self.cleanup_session_time = self.vreg.config['cleanup-session-time'] or 43200
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	35	assert self.cleanup_session_time > 0
168 f6be0c92fc38 fix default values Sylvain Thenault <sylvain.thenault@logilab.fr> parents: 0 diff changeset	36	self.cleanup_anon_session_time = self.vreg.config['cleanup-anonymous-session-time'] or 120
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	37	assert self.cleanup_anon_session_time > 0
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	38	if self.session_time:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	39	assert self.cleanup_session_time < self.session_time
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	40	assert self.cleanup_anon_session_time < self.session_time
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	41	self.authmanager = self.vreg.select_component('authmanager')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	42	assert self.authmanager, 'no authentication manager found'
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	43
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	44	def clean_sessions(self):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	45	"""cleanup sessions which has not been unused since a given amount of
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	46	time. Return the number of sessions which have been closed.
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	47	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	48	self.debug('cleaning http sessions')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	49	closed, total = 0, 0
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	50	for session in self.current_sessions():
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	51	no_use_time = (time() - session.last_usage_time)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	52	total += 1
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	53	if session.anonymous_connection:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	54	if no_use_time >= self.cleanup_anon_session_time:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	55	self.close_session(session)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	56	closed += 1
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	57	elif no_use_time >= self.cleanup_session_time:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	58	self.close_session(session)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	59	closed += 1
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	60	return closed, total - closed
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	61
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	62	def has_expired(self, session):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	63	"""return True if the web session associated to the session is expired
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	64	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	65	return not (self.session_time is None or
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	66	time() < session.last_usage_time + self.session_time)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	67
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	68	def current_sessions(self):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	69	"""return currently open sessions"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	70	raise NotImplementedError()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	71
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	72	def get_session(self, req, sessionid):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	73	"""return existing session for the given session identifier"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	74	raise NotImplementedError()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	75
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	76	def open_session(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	77	"""open and return a new session for the given request
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	78
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	79	:raise ExplicitLogin: if authentication is required
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	80	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	81	raise NotImplementedError()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	82
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	83	def close_session(self, session):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	84	"""close session on logout or on invalid session detected (expired out,
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	85	corrupted...)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	86	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	87	raise NotImplementedError()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	88
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	89
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	90	class AbstractAuthenticationManager(SingletonComponent):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	91	"""authenticate user associated to a request and check session validity"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	92	id = 'authmanager'
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	93
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	94	def authenticate(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	95	"""authenticate user and return corresponding user object
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	96
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	97	:raise ExplicitLogin: if authentication is required (no authentication
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	98	info found or wrong user/password)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	99	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	100	raise NotImplementedError()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	101
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	102
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	103	class CookieSessionHandler(object):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	104	"""a session handler using a cookie to store the session identifier
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	105
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	106	:cvar SESSION_VAR:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	107	string giving the name of the variable used to store the session
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	108	identifier
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	109	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	110	SESSION_VAR = '__session'
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	111
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	112	def __init__(self, appli):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	113	self.session_manager = appli.vreg.select_component('sessionmanager')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	114	assert self.session_manager, 'no session manager found'
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	115	global SESSION_MANAGER
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	116	SESSION_MANAGER = self.session_manager
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	117	if not 'last_login_time' in appli.vreg.schema:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	118	self._update_last_login_time = lambda x: None
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	119
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	120	def clean_sessions(self):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	121	"""cleanup sessions which has not been unused since a given amount of
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	122	time
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	123	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	124	self.session_manager.clean_sessions()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	125
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	126	def set_session(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	127	"""associate a session to the request
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	128
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	129	Session id is searched from :
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	130	- # form variable
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	131	- cookie
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	132
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	133	if no session id is found, open a new session for the connected user
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	134	or request authentification as needed
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	135
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	136	:raise Redirect: if authentication has occured and succeed
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	137	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	138	assert req.cnx is None # at this point no cnx should be set on the request
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	139	cookie = req.get_cookie()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	140	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	141	sessionid = str(cookie[self.SESSION_VAR].value)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	142	except KeyError: # no session cookie
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	143	session = self.open_session(req)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	144	else:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	145	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	146	session = self.get_session(req, sessionid)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	147	except InvalidSession:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	148	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	149	session = self.open_session(req)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	150	except ExplicitLogin:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	151	req.remove_cookie(cookie, self.SESSION_VAR)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	152	raise
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	153	# remember last usage time for web session tracking
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	154	session.last_usage_time = time()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	155
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	156	def get_session(self, req, sessionid):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	157	return self.session_manager.get_session(req, sessionid)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	158
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	159	def open_session(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	160	session = self.session_manager.open_session(req)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	161	cookie = req.get_cookie()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	162	cookie[self.SESSION_VAR] = session.sessionid
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	163	req.set_cookie(cookie, self.SESSION_VAR, maxage=None)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	164	# remember last usage time for web session tracking
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	165	session.last_usage_time = time()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	166	if not session.anonymous_connection:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	167	self._postlogin(req)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	168	return session
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	169
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	170	def _update_last_login_time(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	171	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	172	req.execute('SET X last_login_time NOW WHERE X eid %(x)s',
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	173	{'x' : req.user.eid}, 'x')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	174	req.cnx.commit()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	175	except (RepositoryError, Unauthorized):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	176	# ldap user are not writeable for instance
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	177	req.cnx.rollback()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	178	except:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	179	req.cnx.rollback()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	180	raise
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	181
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	182	def _postlogin(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	183	"""postlogin: the user has been authenticated, redirect to the original
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	184	page (index by default) with a welcome message
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	185	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	186	# Update last connection date
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	187	# XXX: this should be in a post login hook in the repository, but there
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	188	# we can't differentiate actual login of automatic session
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	189	# reopening. Is it actually a problem?
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	190	self._update_last_login_time(req)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	191	args = req.form
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	192	args['__message'] = req._('welcome %s !') % req.user.login
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	193	if 'vid' in req.form:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	194	args['vid'] = req.form['vid']
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	195	if 'rql' in req.form:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	196	args['rql'] = req.form['rql']
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	197	path = req.relative_path(False)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	198	if path == 'login':
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	199	path = 'view'
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	200	raise Redirect(req.build_url(path, **args))
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	201
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	202	def logout(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	203	"""logout from the application by cleaning the session and raising
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	204	`AuthenticationError`
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	205	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	206	self.session_manager.close_session(req.cnx)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	207	req.remove_cookie(req.get_cookie(), self.SESSION_VAR)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	208	raise AuthenticationError()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	209
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	210
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	211	class CubicWebPublisher(object):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	212	"""Central registry for the web application. This is one of the central
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	213	object in the web application, coupling dynamically loaded objects with
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	214	the application's schema and the application's configuration objects.
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	215
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	216	It specializes the VRegistry by adding some convenience methods to
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	217	access to stored objects. Currently we have the following registries
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	218	of objects known by the web application (library may use some others
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	219	additional registries):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	220	* controllers, which are directly plugged into the application
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	221	object to handle request publishing
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	222	* views
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	223	* templates
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	224	* components
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	225	* actions
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	226	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	227
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	228	def __init__(self, config, debug=None,
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	229	session_handler_fact=CookieSessionHandler,
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	230	vreg=None):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	231	super(CubicWebPublisher, self).__init__()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	232	# connect to the repository and get application's schema
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	233	if vreg is None:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	234	vreg = CubicWebRegistry(config, debug=debug)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	235	self.vreg = vreg
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	236	self.info('starting web application from %s', config.apphome)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	237	self.repo = config.repository(vreg)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	238	if not vreg.initialized:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	239	self.config.init_cubes(self.repo.get_cubes())
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	240	vreg.init_properties(self.repo.properties())
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	241	vreg.set_schema(self.repo.get_schema())
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	242	# set the correct publish method
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	243	if config['query-log-file']:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	244	from threading import Lock
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	245	self._query_log = open(config['query-log-file'], 'a')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	246	self.publish = self.log_publish
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	247	self._logfile_lock = Lock()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	248	else:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	249	self._query_log = None
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	250	self.publish = self.main_publish
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	251	# instantiate session and url resolving helpers
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	252	self.session_handler = session_handler_fact(self)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	253	self.url_resolver = vreg.select_component('urlpublisher')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	254
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	255	def connect(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	256	"""return a connection for a logged user object according to existing
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	257	sessions (i.e. a new connection may be created or an already existing
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	258	one may be reused
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	259	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	260	self.session_handler.set_session(req)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	261
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	262	def select_controller(self, oid, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	263	"""return the most specific view according to the resultset"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	264	vreg = self.vreg
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	265	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	266	return vreg.select(vreg.registry_objects('controllers', oid),
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	267	req=req, appli=self)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	268	except NoSelectableObject:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	269	raise Unauthorized(req._('not authorized'))
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	270
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	271	# publish methods #########################################################
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	272
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	273	def log_publish(self, path, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	274	"""wrapper around _publish to log all queries executed for a given
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	275	accessed path
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	276	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	277	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	278	return self.main_publish(path, req)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	279	finally:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	280	cnx = req.cnx
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	281	self._logfile_lock.acquire()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	282	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	283	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	284	result = ['\n'+''80]
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	285	result.append(req.url())
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	286	result += ['%s %s -- (%.3f sec, %.3f CPU sec)' % q for q in cnx.executed_queries]
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	287	cnx.executed_queries = []
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	288	self._query_log.write('\n'.join(result).encode(req.encoding))
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	289	self._query_log.flush()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	290	except Exception:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	291	self.exception('error while logging queries')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	292	finally:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	293	self._logfile_lock.release()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	294
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	295	def main_publish(self, path, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	296	"""method called by the main publisher to process <path>
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	297
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	298	should return a string containing the resulting page or raise a
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	299	`NotFound` exception
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	300
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	301	:type path: str
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	302	:param path: the path part of the url to publish
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	303
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	304	:type req: `web.Request`
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	305	:param req: the request object
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	306
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	307	:rtype: str
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	308	:return: the result of the pusblished url
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	309	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	310	path = path or 'view'
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	311	# don't log form values they may contains sensitive information
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	312	self.info('publish "%s" (form params: %s)', path, req.form.keys())
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	313	# remove user callbacks on a new request (except for json controllers
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	314	# to avoid callbacks being unregistered before they could be called)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	315	tstart = clock()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	316	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	317	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	318	ctrlid, rset = self.url_resolver.process(req, path)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	319	controller = self.select_controller(ctrlid, req)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	320	result = controller.publish(rset=rset)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	321	if req.cnx is not None:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	322	# req.cnx is None if anonymous aren't allowed and we are
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	323	# displaying the cookie authentication form
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	324	req.cnx.commit()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	325	except (StatusResponse, DirectResponse):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	326	req.cnx.commit()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	327	raise
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	328	except Redirect:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	329	# redirect is raised by edit controller when everything went fine,
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	330	# so try to commit
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	331	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	332	req.cnx.commit()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	333	except ValidationError, ex:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	334	self.validation_error_handler(req, ex)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	335	except Unauthorized, ex:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	336	req.data['errmsg'] = req._('You\'re not authorized to access this page. '
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	337	'If you think you should, please contact the site administrator.')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	338	self.error_handler(req, ex, tb=False)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	339	except Exception, ex:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	340	self.error_handler(req, ex, tb=True)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	341	else:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	342	# delete validation errors which may have been previously set
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	343	if '__errorurl' in req.form:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	344	req.del_session_data(req.form['__errorurl'])
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	345	raise
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	346	except (AuthenticationError, NotFound, RemoteCallFailed):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	347	raise
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	348	except ValidationError, ex:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	349	self.validation_error_handler(req, ex)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	350	except (Unauthorized, BadRQLQuery), ex:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	351	self.error_handler(req, ex, tb=False)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	352	except Exception, ex:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	353	self.error_handler(req, ex, tb=True)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	354	finally:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	355	if req.cnx is not None:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	356	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	357	req.cnx.rollback()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	358	except:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	359	pass # ignore rollback error at this point
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	360	self.info('query %s executed in %s sec', req.relative_path(), clock() - tstart)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	361	return result
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	362
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	363	def validation_error_handler(self, req, ex):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	364	ex.errors = dict((k, v) for k, v in ex.errors.items())
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	365	if '__errorurl' in req.form:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	366	forminfo = {'errors': ex,
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	367	'values': req.form,
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	368	'eidmap': req.data.get('eidmap', {})
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	369	}
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	370	req.set_session_data(req.form['__errorurl'], forminfo)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	371	raise Redirect(req.form['__errorurl'])
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	372	self.error_handler(req, ex, tb=False)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	373
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	374	def error_handler(self, req, ex, tb=False):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	375	excinfo = sys.exc_info()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	376	self.exception(repr(ex))
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	377	req.set_header('Cache-Control', 'no-cache')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	378	req.remove_header('Etag')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	379	req.message = None
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	380	req.reset_headers()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	381	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	382	req.data['ex'] = ex
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	383	if tb:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	384	req.data['excinfo'] = excinfo
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	385	req.form['vid'] = 'error'
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	386	content = self.vreg.main_template(req, 'main')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	387	except:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	388	content = self.vreg.main_template(req, 'error')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	389	raise StatusResponse(500, content)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	390
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	391	def need_login_content(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	392	return self.vreg.main_template(req, 'login')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	393
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	394	def loggedout_content(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	395	return self.vreg.main_template(req, 'loggedout')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	396
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	397	def notfound_content(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	398	template = req.property_value('ui.main-template') or 'main'
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	399	req.form['vid'] = '404'
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	400	return self.vreg.main_template(req, template)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	401
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	402
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	403	set_log_methods(CubicWebPublisher, LOGGER)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	404	set_log_methods(CookieSessionHandler, LOGGER)

author	sylvain.thenault@logilab.fr
	Thu, 15 Jan 2009 17:35:01 +0100
branch	3.0
changeset 436	0e4fb0a257ab
parent 168	f6be0c92fc38
child 581	09f87f2c535e
permissions	-rw-r--r--