cubicweb: pyramid_cubicweb/__init__.py@3905c9f06d0e (annotated)

11480 79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	1	from cubicweb.web.request import CubicWebRequestBase
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	2	from cubicweb.cwconfig import CubicWebConfiguration
11482 151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	3	from cubicweb import repoapi
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	4
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	5	import cubicweb
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	6	import cubicweb.web
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	7
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	8	from pyramid import security
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	9	from pyramid.httpexceptions import HTTPSeeOther
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	10
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	11	from pyramid_cubicweb import authplugin
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	12
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	13	import weakref
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	14
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	15	import logging
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	16
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	17	log = logging.getLogger(__name__)
11480 79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	18
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	19
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	20	class CubicWebPyramidRequest(CubicWebRequestBase):
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	21	def __init__(self, request):
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	22	self._request = request
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	23
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	24	self.path = request.upath_info
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	25
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	26	vreg = request.registry['cubicweb.appli'].vreg
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	27	https = request.scheme == 'https'
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	28
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	29	post = request.params
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	30	headers_in = request.headers
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	31
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	32	super(CubicWebPyramidRequest, self).__init__(vreg, https, post,
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	33	headers=headers_in)
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	34
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	35	def is_secure(self):
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	36	return self._request.scheme == 'https'
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	37
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	38	def relative_path(self, includeparams=True):
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	39	path = self._request.path[1:]
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	40	if includeparams and self._request.query_string:
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	41	return '%s?%s' % (path, self._request.query_string)
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	42	return path
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	43
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	44	def instance_uri(self):
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	45	return self._request.application_url
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	46
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	47	def get_full_path(self):
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	48	path = self._request.path
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	49	if self._request.query_string:
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	50	return '%s?%s' % (path, self._request.query_string)
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	51	return path
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	52
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	53	def http_method(self):
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	54	return self._request.method
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	55
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	56	def _set_status_out(self, value):
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	57	self._request.response.status_int = value
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	58
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	59	def _get_status_out(self):
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	60	return self._request.response.status_int
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	61
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	62	status_out = property(_get_status_out, _set_status_out)
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	63
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	64
11482 151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	65	def render_view(request, vid, **kwargs):
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	66	vreg = request.registry['cubicweb.registry']
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	67	# XXX The select() function could, know how to handle a pyramid
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	68	# request, and feed it directly to the views that supports it.
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	69	# On the other hand, we could refine the View concept and decide it works
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	70	# with a cnx, and never with a WebRequest
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	71
11485 3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	72	view = vreg['views'].select(vid, request.cw_request, **kwargs)
11482 151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	73
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	74	view.set_stream()
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	75	view.render()
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	76	return view._stream.getvalue()
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	77
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	78
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	79	def login(request):
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	80	repo = request.registry['cubicweb.repository']
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	81
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	82	response = request.response
11485 3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	83	user_eid = None
11482 151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	84
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	85	if '__login' in request.params:
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	86	login = request.params['__login']
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	87	password = request.params['__password']
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	88
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	89	try:
11485 3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	90	with repo.internal_cnx() as cnx:
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	91	user = repo.authenticate_user(cnx, login, password=password)
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	92	user_eid = user.eid
11482 151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	93	except cubicweb.AuthenticationError:
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	94	raise
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	95
11485 3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	96	if user_eid is not None:
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	97	headers = security.remember(request, user_eid)
11482 151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	98
11485 3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	99	raise HTTPSeeOther(
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	100	request.params.get('postlogin_path', '/'),
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	101	headers=headers)
11482 151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	102
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	103	response.headerlist.extend(headers)
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	104
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	105	response.text = render_view(request, 'login')
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	106	return response
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	107
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	108
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	109	def _cw_cnx(request):
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	110	cnx = repoapi.ClientConnection(request.cw_session)
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	111
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	112	def cleanup(request):
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	113	if request.exception is not None:
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	114	cnx.rollback()
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	115	else:
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	116	cnx.commit()
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	117	cnx.__exit__(None, None, None)
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	118
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	119	request.add_finished_callback(cleanup)
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	120	cnx.__enter__()
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	121	return cnx
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	122
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	123
11485 3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	124	def _cw_close_session(request):
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	125	request.cw_session.close()
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	126
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	127
11482 151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	128	def _cw_session(request):
11485 3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	129	"""Obtains a cw session from a pyramid request"""
11482 151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	130	repo = request.registry['cubicweb.repository']
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	131	config = request.registry['cubicweb.config']
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	132
11485 3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	133	if not request.authenticated_userid:
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	134	login, password = config.anonymous_user()
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	135	sessionid = repo.connect(login, password=password)
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	136	session = repo._sessions[sessionid]
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	137	request.add_finished_callback(_cw_close_session)
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	138	else:
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	139	session = request._cw_cached_session
11482 151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	140
11485 3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	141	# XXX Ideally we store the cw session data in the pyramid session.
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	142	# BUT some data in the cw session data dictionnary makes pyramid fail.
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	143	#session.data = request.session
11482 151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	144
11485 3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	145	return session
11482 151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	146
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	147
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	148	def _cw_request(request):
11485 3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	149	req = CubicWebPyramidRequest(request)
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	150	req.set_cnx(request.cw_cnx)
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	151	return req
11482 151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	152
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	153
11485 3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	154	def get_principals(login, request):
11482 151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	155	repo = request.registry['cubicweb.repository']
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	156
11485 3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	157	try:
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	158	sessionid = repo.connect(
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	159	str(login), __pyramid_directauth=authplugin.EXT_TOKEN)
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	160	session = repo._sessions[sessionid]
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	161	request._cw_cached_session = session
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	162	request.add_finished_callback(_cw_close_session)
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	163	except:
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	164	log.exception("Failed")
3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	165	raise
11482 151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	166
11485 3905c9f06d0e Use short-lived cubicweb sessions to let pyramid actually handle the web sessions Christophe de Vienne <christophe@unlish.com> parents: 11484 diff changeset	167	return session.user.groups
11482 151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	168
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	169
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	170	from pyramid.authentication import SessionAuthenticationPolicy
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	171	from pyramid.authorization import ACLAuthorizationPolicy
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	172	from pyramid.session import SignedCookieSessionFactory
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	173
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	174
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	175	def hello_world(request):
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	176	request.response.text = \
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	177	u"<html><body>Hello %s</body></html>" % request.cw_cnx.user.login
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	178	return request.response
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	179
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	180
11480 79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	181	def includeme(config):
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	182	appid = config.registry.settings['cubicweb.instance']
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	183	cwconfig = CubicWebConfiguration.config_for(appid)
79ac26923432 Initial implementation Christophe de Vienne <christophe@unlish.com> parents: diff changeset	184
11482 151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	185	config.set_session_factory(
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	186	SignedCookieSessionFactory(
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	187	secret=config.registry.settings['session.secret']
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	188	))
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	189
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	190	config.set_authentication_policy(
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	191	SessionAuthenticationPolicy(callback=get_principals))
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	192	config.set_authorization_policy(ACLAuthorizationPolicy())
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	193
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	194	config.registry['cubicweb.config'] = cwconfig
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	195	config.registry['cubicweb.repository'] = repo = cwconfig.repository()
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	196	config.registry['cubicweb.registry'] = repo.vreg
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	197
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	198	repo.system_source.add_authentifier(authplugin.DirectAuthentifier())
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	199
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	200	config.add_request_method(
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	201	_cw_session, name='cw_session', property=True, reify=True)
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	202	config.add_request_method(
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	203	_cw_cnx, name='cw_cnx', property=True, reify=True)
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	204	config.add_request_method(
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	205	_cw_request, name='cw_request', property=True, reify=True)
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	206
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	207	config.add_route('login', '/login')
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	208	config.add_view(login, route_name='login')
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	209
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	210	config.add_route('hello', '/hello')
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	211	config.add_view(hello_world, route_name='hello')
151b8a4b9f3f Integration pyramid and cubicweb authentication. Christophe de Vienne <christophe@unlish.com> parents: 11480 diff changeset	212
11484 39768d122f97 Isolate the default handler and extend its role Christophe de Vienne <christophe@unlish.com> parents: 11482 diff changeset	213	config.include('pyramid_cubicweb.handler')

author	Christophe de Vienne <christophe@unlish.com>
	Tue, 15 Jul 2014 14:25:15 +0200
changeset 11485	3905c9f06d0e
parent 11484	39768d122f97
child 11487	04252e9ff549
permissions	-rw-r--r--