cubicweb: web/application.py@b8b23af60019 (annotated)

7428 5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	1	# copyright 2003-2011 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
5421 8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	2	# contact http://www.logilab.fr/ -- mailto:contact@logilab.fr
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	3	#
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	4	# This file is part of CubicWeb.
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	5	#
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	6	# CubicWeb is free software: you can redistribute it and/or modify it under the
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	7	# terms of the GNU Lesser General Public License as published by the Free
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	8	# Software Foundation, either version 2.1 of the License, or (at your option)
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	9	# any later version.
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	10	#
5424 8ecbcbff9777 replace logilab-common by CubicWeb in disclaimer Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5421 diff changeset	11	# CubicWeb is distributed in the hope that it will be useful, but WITHOUT
5421 8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	12	# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	13	# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	14	# details.
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	15	#
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	16	# You should have received a copy of the GNU Lesser General Public License along
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	17	# with CubicWeb. If not, see <http://www.gnu.org/licenses/>.
5722 61d6a4caa963 [iprogress] move adapter to entities.adapters Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5655 diff changeset	18	"""CubicWeb web client application object"""
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	19
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	20	from __future__ import with_statement
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	21
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	22	__docformat__ = "restructuredtext en"
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	23
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	24	import sys
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	25	from time import clock, time
7876 df15d194a134 [views] implement json / jsonp export views (closes #1942658) Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 7855 diff changeset	26	from contextlib import contextmanager
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	27	from warnings import warn
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	28
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	29	import httplib
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	30
2613 5e19c2bb370e R [all] logilab.common 0.44 provides only deprecated Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 2476 diff changeset	31	from logilab.common.deprecation import deprecated
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	32
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	33	from rql import BadRQLQuery
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	34
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	35	from cubicweb import set_log_methods, cwvreg
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	36	from cubicweb import (
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	37	ValidationError, Unauthorized, AuthenticationError, NoSelectableObject,
6791 fe58b234f9c2 [web session] refactor to finally closes #343036: allow _postlogin behaviour overloading Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6680 diff changeset	38	BadConnectionId, CW_EVENT_MANAGER)
7876 df15d194a134 [views] implement json / jsonp export views (closes #1942658) Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 7855 diff changeset	39	from cubicweb.dbapi import DBAPISession, anonymous_session
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	40	from cubicweb.web import LOGGER, component
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	41	from cubicweb.web import (
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	42	StatusResponse, DirectResponse, Redirect, NotFound, LogOut,
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	43	RemoteCallFailed, InvalidSession, RequestError)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	44
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	45	from cubicweb.web.request import CubicWebRequestBase
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	46
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	47	# make session manager available through a global variable so the debug view can
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	48	# print information about web session
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	49	SESSION_MANAGER = None
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	50
7876 df15d194a134 [views] implement json / jsonp export views (closes #1942658) Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 7855 diff changeset	51
df15d194a134 [views] implement json / jsonp export views (closes #1942658) Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 7855 diff changeset	52	@contextmanager
df15d194a134 [views] implement json / jsonp export views (closes #1942658) Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 7855 diff changeset	53	def anonymized_request(req):
df15d194a134 [views] implement json / jsonp export views (closes #1942658) Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 7855 diff changeset	54	orig_session = req.session
df15d194a134 [views] implement json / jsonp export views (closes #1942658) Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 7855 diff changeset	55	req.set_session(anonymous_session(req.vreg))
df15d194a134 [views] implement json / jsonp export views (closes #1942658) Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 7855 diff changeset	56	try:
df15d194a134 [views] implement json / jsonp export views (closes #1942658) Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 7855 diff changeset	57	yield req
df15d194a134 [views] implement json / jsonp export views (closes #1942658) Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 7855 diff changeset	58	finally:
df15d194a134 [views] implement json / jsonp export views (closes #1942658) Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 7855 diff changeset	59	req.set_session(orig_session)
df15d194a134 [views] implement json / jsonp export views (closes #1942658) Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 7855 diff changeset	60
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	61	class AbstractSessionManager(component.Component):
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	62	"""manage session data associated to a session identifier"""
3408 c92170fca813 [api] use __regid__ instead of deprecated id Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 2887 diff changeset	63	__regid__ = 'sessionmanager'
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	64
2887 1282dc6525c5 give vreg where we need it (eg no bound request) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2867 diff changeset	65	def __init__(self, vreg):
1282dc6525c5 give vreg where we need it (eg no bound request) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2867 diff changeset	66	self.session_time = vreg.config['http-session-time'] or None
1282dc6525c5 give vreg where we need it (eg no bound request) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2867 diff changeset	67	self.authmanager = vreg['components'].select('authmanager', vreg=vreg)
6012 d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	68	interval = (self.session_time or 0) / 2.
5325 f1c660e1169e [web] consistent cleanup session interval time Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5283 diff changeset	69	if vreg.config.anonymous_user() is not None:
6012 d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	70	self.cleanup_anon_session_time = vreg.config['cleanup-anonymous-session-time'] or 5 * 60
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	71	assert self.cleanup_anon_session_time > 0
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	72	if self.session_time is not None:
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	73	self.cleanup_anon_session_time = min(self.session_time,
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	74	self.cleanup_anon_session_time)
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	75	interval = self.cleanup_anon_session_time / 2.
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	76	# we don't want to check session more than once every 5 minutes
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	77	self.clean_sessions_interval = max(5 * 60, interval)
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	78
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	79	def clean_sessions(self):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	80	"""cleanup sessions which has not been unused since a given amount of
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	81	time. Return the number of sessions which have been closed.
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	82	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	83	self.debug('cleaning http sessions')
6012 d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	84	session_time = self.session_time
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	85	closed, total = 0, 0
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	86	for session in self.current_sessions():
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	87	total += 1
6012 d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	88	try:
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	89	last_usage_time = session.cnx.check()
7589 d3459fe041f0 [web session] fix bad cleanup of session without a connection set. Closes #1772125 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7428 diff changeset	90	except AttributeError:
d3459fe041f0 [web session] fix bad cleanup of session without a connection set. Closes #1772125 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7428 diff changeset	91	last_usage_time = session.mtime
6012 d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	92	except BadConnectionId:
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	93	self.close_session(session)
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	94	closed += 1
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	95	else:
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	96	no_use_time = (time() - last_usage_time)
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	97	if session.anonymous_session:
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	98	if no_use_time >= self.cleanup_anon_session_time:
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	99	self.close_session(session)
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	100	closed += 1
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	101	elif session_time is not None and no_use_time >= session_time:
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	102	self.close_session(session)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	103	closed += 1
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	104	return closed, total - closed
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	105
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	106	def current_sessions(self):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	107	"""return currently open sessions"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	108	raise NotImplementedError()
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	109
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	110	def get_session(self, req, sessionid):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	111	"""return existing session for the given session identifier"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	112	raise NotImplementedError()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	113
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	114	def open_session(self, req):
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	115	"""open and return a new session for the given request. The session is
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	116	also bound to the request.
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	117
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	118	raise :exc:`cubicweb.AuthenticationError` if authentication failed
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	119	(no authentication info found or wrong user/password)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	120	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	121	raise NotImplementedError()
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	122
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	123	def close_session(self, session):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	124	"""close session on logout or on invalid session detected (expired out,
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	125	corrupted...)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	126	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	127	raise NotImplementedError()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	128
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	129
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	130	class AbstractAuthenticationManager(component.Component):
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	131	"""authenticate user associated to a request and check session validity"""
7990 a673d1d9a738 [diet] drop pre 3.6 API compatibility (but attempt to keep data cmopatibility). Closes #2017916 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7876 diff changeset	132	__regid__ = 'authmanager'
2887 1282dc6525c5 give vreg where we need it (eg no bound request) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2867 diff changeset	133
1282dc6525c5 give vreg where we need it (eg no bound request) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2867 diff changeset	134	def __init__(self, vreg):
1282dc6525c5 give vreg where we need it (eg no bound request) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2867 diff changeset	135	self.vreg = vreg
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	136
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	137	def validate_session(self, req, session):
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	138	"""check session validity, reconnecting it to the repository if the
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	139	associated connection expired in the repository side (hence the
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	140	necessity for this method).
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	141
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	142	raise :exc:`InvalidSession` if session is corrupted for a reason or
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	143	another and should be closed
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	144	"""
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	145	raise NotImplementedError()
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	146
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	147	def authenticate(self, req):
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	148	"""authenticate user using connection information found in the request,
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	149	and return corresponding a :class:`~cubicweb.dbapi.Connection` instance,
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	150	as well as login and authentication information dictionary used to open
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	151	the connection.
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	152
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	153	raise :exc:`cubicweb.AuthenticationError` if authentication failed
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	154	(no authentication info found or wrong user/password)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	155	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	156	raise NotImplementedError()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	157
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	158
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	159	class CookieSessionHandler(object):
6680 b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	160	"""a session handler using a cookie to store the session identifier"""
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	161
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	162	def __init__(self, appli):
2706 09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	163	self.vreg = appli.vreg
2887 1282dc6525c5 give vreg where we need it (eg no bound request) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2867 diff changeset	164	self.session_manager = self.vreg['components'].select('sessionmanager',
1282dc6525c5 give vreg where we need it (eg no bound request) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2867 diff changeset	165	vreg=self.vreg)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	166	global SESSION_MANAGER
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	167	SESSION_MANAGER = self.session_manager
5000 f1a10b41417a [test] don't try to reset session manager during test, Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4914 diff changeset	168	if self.vreg.config.mode != 'test':
f1a10b41417a [test] don't try to reset session manager during test, Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4914 diff changeset	169	# don't try to reset session manager during test, this leads to
f1a10b41417a [test] don't try to reset session manager during test, Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4914 diff changeset	170	# weird failures when running multiple tests
f1a10b41417a [test] don't try to reset session manager during test, Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4914 diff changeset	171	CW_EVENT_MANAGER.bind('after-registry-reload',
f1a10b41417a [test] don't try to reset session manager during test, Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4914 diff changeset	172	self.reset_session_manager)
2706 09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	173
09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	174	def reset_session_manager(self):
09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	175	data = self.session_manager.dump_data()
2887 1282dc6525c5 give vreg where we need it (eg no bound request) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2867 diff changeset	176	self.session_manager = self.vreg['components'].select('sessionmanager',
1282dc6525c5 give vreg where we need it (eg no bound request) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2867 diff changeset	177	vreg=self.vreg)
2706 09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	178	self.session_manager.restore_data(data)
09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	179	global SESSION_MANAGER
09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	180	SESSION_MANAGER = self.session_manager
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	181
5325 f1c660e1169e [web] consistent cleanup session interval time Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5283 diff changeset	182	@property
f1c660e1169e [web] consistent cleanup session interval time Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5283 diff changeset	183	def clean_sessions_interval(self):
f1c660e1169e [web] consistent cleanup session interval time Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5283 diff changeset	184	return self.session_manager.clean_sessions_interval
f1c660e1169e [web] consistent cleanup session interval time Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5283 diff changeset	185
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	186	def clean_sessions(self):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	187	"""cleanup sessions which has not been unused since a given amount of
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	188	time
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	189	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	190	self.session_manager.clean_sessions()
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	191
6680 b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	192	def session_cookie(self, req):
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	193	"""return a string giving the name of the cookie used to store the
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	194	session identifier.
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	195	"""
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	196	if req.https:
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	197	return '__%s_https_session' % self.vreg.config.appid
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	198	return '__%s_session' % self.vreg.config.appid
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	199
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	200	def set_session(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	201	"""associate a session to the request
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	202
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	203	Session id is searched from :
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	204	- # form variable
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	205	- cookie
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	206
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	207	if no session id is found, open a new session for the connected user
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	208	or request authentification as needed
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	209
6109 47d9c0e0f7b7 integrate Celso's work on translation file: proper/complete spanish translation, fixed some typos in french translation, occured -> occurred fix in various places Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	210	:raise Redirect: if authentication has occurred and succeed
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	211	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	212	cookie = req.get_cookie()
6680 b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	213	sessioncookie = self.session_cookie(req)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	214	try:
6680 b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	215	sessionid = str(cookie[sessioncookie].value)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	216	except KeyError: # no session cookie
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	217	session = self.open_session(req)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	218	else:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	219	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	220	session = self.get_session(req, sessionid)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	221	except InvalidSession:
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	222	# try to open a new session, so we get an anonymous session if
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	223	# allowed
7428 5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	224	session = self.open_session(req)
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	225	else:
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	226	if not session.cnx:
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	227	# session exists but is not bound to a connection. We should
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	228	# try to authenticate
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	229	loginsucceed = False
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	230	try:
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	231	if self.open_session(req, allow_no_cnx=False):
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	232	loginsucceed = True
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	233	except Redirect:
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	234	# may be raised in open_session (by postlogin mechanism)
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	235	# on successful connection
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	236	loginsucceed = True
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	237	raise
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	238	except AuthenticationError:
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	239	# authentication failed, continue to use this session
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	240	req.set_session(session)
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	241	finally:
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	242	if loginsucceed:
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	243	# session should be replaced by new session created
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	244	# in open_session
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	245	self.session_manager.close_session(session)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	246
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	247	def get_session(self, req, sessionid):
7589 d3459fe041f0 [web session] fix bad cleanup of session without a connection set. Closes #1772125 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7428 diff changeset	248	session = self.session_manager.get_session(req, sessionid)
d3459fe041f0 [web session] fix bad cleanup of session without a connection set. Closes #1772125 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7428 diff changeset	249	session.mtime = time()
d3459fe041f0 [web session] fix bad cleanup of session without a connection set. Closes #1772125 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7428 diff changeset	250	return session
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	251
7428 5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	252	def open_session(self, req, allow_no_cnx=True):
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	253	session = self.session_manager.open_session(req, allow_no_cnx=allow_no_cnx)
6680 b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	254	sessioncookie = self.session_cookie(req)
7855 54283a5b7afc [web request] fix cookie 'expires' formating (closes #1953945) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7815 diff changeset	255	secure = req.https and req.base_url().startswith('https://')
54283a5b7afc [web request] fix cookie 'expires' formating (closes #1953945) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7815 diff changeset	256	req.set_cookie(sessioncookie, session.sessionid,
54283a5b7afc [web request] fix cookie 'expires' formating (closes #1953945) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7815 diff changeset	257	maxage=None, secure=secure)
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	258	if not session.anonymous_session:
6791 fe58b234f9c2 [web session] refactor to finally closes #343036: allow _postlogin behaviour overloading Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6680 diff changeset	259	self.session_manager.postlogin(req)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	260	return session
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	261
4911 898c35be5873 #750055: make it easier to change post logout url Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4709 diff changeset	262	def logout(self, req, goto_url):
2476 1294a6bdf3bf application -> instance where it makes sense Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2293 diff changeset	263	"""logout from the instance by cleaning the session and raising
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	264	`AuthenticationError`
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	265	"""
5494 f3bb53f1737c [web session] fix potential key error on logout (occurs once the session has been transparently reconnected, hence session.sessionid and session.cnx.sessionid differs) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5426 diff changeset	266	self.session_manager.close_session(req.session)
7855 54283a5b7afc [web request] fix cookie 'expires' formating (closes #1953945) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7815 diff changeset	267	req.remove_cookie(self.session_cookie(req))
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	268	raise LogOut(url=goto_url)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	269
7083 b8e35cde46e9 help pylint by explicitely defining some attributes Alexandre Fayolle <alexandre.fayolle@logilab.fr> parents: 6791 diff changeset	270	# these are overridden by set_log_methods below
b8e35cde46e9 help pylint by explicitely defining some attributes Alexandre Fayolle <alexandre.fayolle@logilab.fr> parents: 6791 diff changeset	271	# only defining here to prevent pylint from complaining
b8e35cde46e9 help pylint by explicitely defining some attributes Alexandre Fayolle <alexandre.fayolle@logilab.fr> parents: 6791 diff changeset	272	info = warning = error = critical = exception = debug = lambda msg,a,*kw: None
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	273
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	274	class CubicWebPublisher(object):
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	275	"""the publisher is a singleton hold by the web frontend, and is responsible
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	276	to publish HTTP request.
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	277	"""
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	278
5442 3ed8afbbdf70 [webconfig] refactor/cleanup debug mode management on startup: simply use config.debugmode instead of debug argument everywhere... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5426 diff changeset	279	def __init__(self, config,
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	280	session_handler_fact=CookieSessionHandler,
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	281	vreg=None):
4484 d87989d91635 fix duplicated vregistry initialization during tests Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4212 diff changeset	282	self.info('starting web instance from %s', config.apphome)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	283	if vreg is None:
8190 2a3c1b787688 [vreg] move base registry implementation to logilab.common. Closes #1916014 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8128 diff changeset	284	vreg = cwvreg.CWRegistryStore(config)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	285	self.vreg = vreg
4484 d87989d91635 fix duplicated vregistry initialization during tests Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4212 diff changeset	286	# connect to the repository and get instance's schema
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	287	self.repo = config.repository(vreg)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	288	if not vreg.initialized:
5650 86e874fe30ea [web] cleanup use of config in web application initialisation Julien Jehannet <julien.jehannet@logilab.fr> parents: 5587 diff changeset	289	config.init_cubes(self.repo.get_cubes())
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	290	vreg.init_properties(self.repo.properties())
4484 d87989d91635 fix duplicated vregistry initialization during tests Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4212 diff changeset	291	vreg.set_schema(self.repo.get_schema())
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	292	# set the correct publish method
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	293	if config['query-log-file']:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	294	from threading import Lock
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	295	self._query_log = open(config['query-log-file'], 'a')
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	296	self.handle_request = self.log_handle_request
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	297	self._logfile_lock = Lock()
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	298	else:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	299	self._query_log = None
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	300	self.handle_request = self.main_handle_request
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	301	# instantiate session and url resolving helpers
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	302	self.session_handler = session_handler_fact(self)
2685 0518ca8f63e3 [autoreload] recompute urlresolver / urlrewriter after autoreload Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 2666 diff changeset	303	self.set_urlresolver()
2705 30bcdbd92820 [events] renamed source-reload into registry-reload to avoid potential confusions with datasources Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 2685 diff changeset	304	CW_EVENT_MANAGER.bind('after-registry-reload', self.set_urlresolver)
2685 0518ca8f63e3 [autoreload] recompute urlresolver / urlrewriter after autoreload Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 2666 diff changeset	305
0518ca8f63e3 [autoreload] recompute urlresolver / urlrewriter after autoreload Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 2666 diff changeset	306	def set_urlresolver(self):
2887 1282dc6525c5 give vreg where we need it (eg no bound request) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2867 diff changeset	307	self.url_resolver = self.vreg['components'].select('urlpublisher',
1282dc6525c5 give vreg where we need it (eg no bound request) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2867 diff changeset	308	vreg=self.vreg)
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	309
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	310	def connect(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	311	"""return a connection for a logged user object according to existing
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	312	sessions (i.e. a new connection may be created or an already existing
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	313	one may be reused
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	314	"""
7428 5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7348 diff changeset	315	self.session_handler.set_session(req)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	316
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	317	# publish methods #########################################################
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	318
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	319	def log_handle_request(self, req, path):
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	320	"""wrapper around _publish to log all queries executed for a given
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	321	accessed path
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	322	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	323	try:
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	324	return self.main_handle_request(req, path)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	325	finally:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	326	cnx = req.cnx
5244 5467674ad101 [web] put a fake object that raise Unauthorized on any attribute access as req.cnx and req._user, so we are properly asked to authenticated on any view that tries to do something with one of those attributes (instead of doing defensive programming everywhere we're doing that) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5223 diff changeset	327	if cnx:
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	328	with self._logfile_lock:
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	329	try:
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	330	result = ['\n'+''80]
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	331	result.append(req.url())
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	332	result += ['%s %s -- (%.3f sec, %.3f CPU sec)' % q
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	333	for q in cnx.executed_queries]
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	334	cnx.executed_queries = []
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	335	self._query_log.write('\n'.join(result).encode(req.encoding))
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	336	self._query_log.flush()
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	337	except Exception:
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	338	self.exception('error while logging queries')
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	339
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	340
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	341
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	342	def main_handle_request(self, req, path):
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	343	if not isinstance(req, CubicWebRequestBase):
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	344	warn('[3.15] Application entry poin arguments are now (req, path) '
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	345	'not (path, req)', DeprecationWarning, 2)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	346	req, path = path, req
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	347	if req.authmode == 'http':
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	348	# activate realm-based auth
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	349	realm = self.vreg.config['realm']
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	350	req.set_header('WWW-Authenticate', [('Basic', {'realm' : realm })], raw=False)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	351	try:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	352	self.connect(req)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	353	# DENY https acces for anonymous_user
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	354	if (req.https
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	355	and req.session.anonymous_session
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	356	and self.vreg.config['https-deny-anonymous']):
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	357	# don't allow anonymous on https connection
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	358	raise AuthenticationError()
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	359	content = ''
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	360	# nested try to allow LogOut to delegate logic to AuthenticationError
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	361	# handler
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	362	try:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	363	### Try to generate the actual request content
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	364	content = self.core_handle(req, path)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	365	# Handle user log-out
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	366	except LogOut, ex:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	367	# When authentification is handled by cookie the code that
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	368	# raised LogOut must has invalidated the cookie. We can just
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	369	# reload the original url without authentification
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	370	if self.vreg.config['auth-mode'] == 'cookie' and ex.url:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	371	req.headers_out.setHeader('location', str(ex.url))
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	372	if ex.status is not None:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	373	req.status_out = httplib.SEE_OTHER
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	374	# When the authentification is handled by http we must
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	375	# explicitly ask for authentification to flush current http
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	376	# authentification information
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	377	else:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	378	# Render "logged out" content.
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	379	# assignement to ``content`` prevent standard
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	380	# AuthenticationError code to overwrite it.
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	381	content = self.loggedout_content(req)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	382	# let the explicitly reset http credential
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	383	raise AuthenticationError()
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	384	# Wrong, absent or Reseted credential
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	385	except AuthenticationError:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	386	# If there is an https url configured and
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	387	# the request do not used https, redirect to login form
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	388	https_url = self.vreg.config['https-url']
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	389	if https_url and req.base_url() != https_url:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	390	req.status_out = httplib.SEE_OTHER
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	391	req.headers_out.setHeader('location', https_url + 'login')
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	392	else:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	393	# We assume here that in http auth mode the user May provide
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	394	# Authentification Credential if asked kindly.
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	395	if self.vreg.config['auth-mode'] == 'http':
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	396	req.status_out = httplib.UNAUTHORIZED
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	397	# In the other case (coky auth) we assume that there is no way
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	398	# for the user to provide them...
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	399	# XXX But WHY ?
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	400	else:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	401	req.status_out = httplib.FORBIDDEN
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	402	# If previous error handling already generated a custom content
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	403	# do not overwrite it. This is used by LogOut Except
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	404	# XXX ensure we don't actually serve content
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	405	if not content:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	406	content = self.need_login_content(req)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	407	return content
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	408
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	409
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	410
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	411	def core_handle(self, req, path):
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	412	"""method called by the main publisher to process <path>
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	413
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	414	should return a string containing the resulting page or raise a
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	415	`NotFound` exception
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	416
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	417	:type path: str
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	418	:param path: the path part of the url to publish
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	419
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	420	:type req: `web.Request`
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	421	:param req: the request object
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	422
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	423	:rtype: str
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	424	:return: the result of the pusblished url
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	425	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	426	# don't log form values they may contains sensitive information
8390 637b934bc742 [app] turn these info into debug logs (this being too chatty for .info) Aurelien Campeas <aurelien.campeas@logilab.fr> parents: 8312 diff changeset	427	self.debug('publish "%s" (%s, form params: %s)',
637b934bc742 [app] turn these info into debug logs (this being too chatty for .info) Aurelien Campeas <aurelien.campeas@logilab.fr> parents: 8312 diff changeset	428	path, req.session.sessionid, req.form.keys())
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	429	# remove user callbacks on a new request (except for json controllers
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	430	# to avoid callbacks being unregistered before they could be called)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	431	tstart = clock()
5865 af414723598d [publisher] avoid useless rollback after successful commit, which clutters debug logs and may also not be cost-free Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5721 diff changeset	432	commited = False
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	433	try:
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	434	### standard processing of the request
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	435	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	436	ctrlid, rset = self.url_resolver.process(req, path)
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	437	try:
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	438	controller = self.vreg['controllers'].select(ctrlid, req,
18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	439	appli=self)
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	440	except NoSelectableObject:
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	441	raise Unauthorized(req._('not authorized'))
581 09f87f2c535e update_search_state in the publisher since it should be done whatever the controller sylvain.thenault@logilab.fr parents: 168 diff changeset	442	req.update_search_state()
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	443	result = controller.publish(rset=rset)
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	444	except StatusResponse, ex:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	445	warn('StatusResponse is deprecated use req.status_out',
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	446	DeprecationWarning)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	447	result = ex.content
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	448	req.status_out = ex.status
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	449	except Redirect, ex:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	450	# handle redirect
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	451	# - comply to ex status
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	452	# - set header field
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	453	#
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	454	# Redirect Maybe be is raised by edit controller when
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	455	# everything went fine, so try to commit
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	456	self.debug('redirecting to %s', str(ex.location))
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	457	req.headers_out.setHeader('location', str(ex.location))
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	458	assert 300<= ex.status < 400
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	459	req.status_out = ex.status
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	460	result = ''
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	461	if req.cnx:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	462	txuuid = req.cnx.commit()
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	463	commited = True
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	464	if txuuid is not None:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	465	req.data['last_undoable_transaction'] = txuuid
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	466	### error case
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	467	except NotFound, ex:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	468	result = self.notfound_content(req)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	469	req.status_out = ex.status
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	470	except ValidationError, ex:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	471	req.status_out = httplib.CONFLICT
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	472	result = self.validation_error_handler(req, ex)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	473	except RemoteCallFailed, ex:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	474	result = self.ajax_error_handler(req, ex)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	475	except Unauthorized, ex:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	476	req.data['errmsg'] = req._('You\'re not authorized to access this page. '
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	477	'If you think you should, please contact the site administrator.')
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	478	req.status_out = httplib.UNAUTHORIZED
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	479	result = self.error_handler(req, ex, tb=False)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	480	except (BadRQLQuery, RequestError), ex:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	481	result = self.error_handler(req, ex, tb=False)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	482	### pass through exception
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	483	except DirectResponse:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	484	if req.cnx:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	485	req.cnx.commit()
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	486	raise
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	487	except (AuthenticationError, LogOut):
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	488	# the rollback is handled in the finally
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	489	raise
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	490	### Last defence line
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	491	except BaseException, ex:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	492	result = self.error_handler(req, ex, tb=True)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	493	finally:
5865 af414723598d [publisher] avoid useless rollback after successful commit, which clutters debug logs and may also not be cost-free Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5721 diff changeset	494	if req.cnx and not commited:
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	495	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	496	req.cnx.rollback()
7815 2a164a9cf81c [exceptions] stop catching any exception in various places (closes #1942716) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7589 diff changeset	497	except Exception:
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	498	pass # ignore rollback error at this point
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	499	# request may be referenced by "onetime callback", so clear its entity
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	500	# cache to avoid memory usage
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	501	req.drop_entity_cache()
8267 486386d9f836 [web] Exposes the undo feature to user through a undo-history view (closes #893940) Anthony Truchet <anthony.truchet@logilab.fr> parents: 8190 diff changeset	502	self.add_undo_link_to_msg(req)
8390 637b934bc742 [app] turn these info into debug logs (this being too chatty for .info) Aurelien Campeas <aurelien.campeas@logilab.fr> parents: 8312 diff changeset	503	self.debug('query %s executed in %s sec', req.relative_path(), clock() - tstart)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	504	return result
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	505
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	506	### Error handler
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	507	def validation_error_handler(self, req, ex):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	508	ex.errors = dict((k, v) for k, v in ex.errors.items())
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	509	if '__errorurl' in req.form:
4224 5998df006968 refactor form error handling: Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 3408 diff changeset	510	forminfo = {'error': ex,
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	511	'values': req.form,
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	512	'eidmap': req.data.get('eidmap', {})
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	513	}
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	514	req.session.data[req.form['__errorurl']] = forminfo
4679 d8ad65dab3e9 remove #<formid> from url used to redirect after a validation error Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4639 diff changeset	515	# XXX form session key / __error_url should be differentiated:
d8ad65dab3e9 remove #<formid> from url used to redirect after a validation error Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4639 diff changeset	516	# session key is 'url + #<form dom id', though we usually don't want
d8ad65dab3e9 remove #<formid> from url used to redirect after a validation error Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4639 diff changeset	517	# the browser to move to the form since it hides the global
d8ad65dab3e9 remove #<formid> from url used to redirect after a validation error Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4639 diff changeset	518	# messages.
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	519	location = req.form['__errorurl'].rsplit('#', 1)[0]
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	520	req.headers_out.setHeader('location', str(location))
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	521	req.status_out = httplib.SEE_OTHER
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	522	return ''
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	523	return self.error_handler(req, ex, tb=False)
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	524
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	525	def error_handler(self, req, ex, tb=False):
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	526	excinfo = sys.exc_info()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	527	self.exception(repr(ex))
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	528	req.set_header('Cache-Control', 'no-cache')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	529	req.remove_header('Etag')
4897 e402e0b32075 [web] start a new message system based on id of message stored in session's data Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4709 diff changeset	530	req.reset_message()
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	531	req.reset_headers()
8128 0a927fe4541b [controllers] deprecate JSonController and implement AjaxController / ajax-func registry (closes #2110265) Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 7990 diff changeset	532	if req.ajax_request:
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	533	return ajax_error_handler(req, ex)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	534	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	535	req.data['ex'] = ex
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	536	if tb:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	537	req.data['excinfo'] = excinfo
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	538	req.form['vid'] = 'error'
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	539	errview = self.vreg['views'].select('error', req)
882 75488a2a875e fix ui.main-template property handling sylvain.thenault@logilab.fr parents: 871 diff changeset	540	template = self.main_template_id(req)
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	541	content = self.vreg['views'].main_template(req, template, view=errview)
7815 2a164a9cf81c [exceptions] stop catching any exception in various places (closes #1942716) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7589 diff changeset	542	except Exception:
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	543	content = self.vreg['views'].main_template(req, 'error-template')
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	544	if getattr(ex, 'status', None) is not None:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	545	req.status_out = ex.status
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	546	return content
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	547
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	548	def add_undo_link_to_msg(self, req):
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	549	txuuid = req.data.get('last_undoable_transaction')
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	550	if txuuid is not None:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	551	msg = u'<span class="undo">[<a href="%s">%s</a>]</span>' %(
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	552	req.build_url('undo', txuuid=txuuid), req._('undo'))
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	553	req.append_to_redirect_message(msg)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	554
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	555
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	556
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	557	def ajax_error_handler(self, req, ex):
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	558	req.set_header('content-type', 'application/json')
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	559	status = ex.status
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	560	if status is None:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	561	status = httplib.INTERNAL_SERVER_ERROR
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	562	json_dumper = getattr(ex, 'dumps', lambda : unicode(ex))
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	563	req.status_out = status
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	564	return json_dumper()
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	565
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	566	# special case handling
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	567
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	568	def need_login_content(self, req):
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	569	return self.vreg['views'].main_template(req, 'login')
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	570
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	571	def loggedout_content(self, req):
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	572	return self.vreg['views'].main_template(req, 'loggedout')
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	573
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	574	def notfound_content(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	575	req.form['vid'] = '404'
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	576	view = self.vreg['views'].select('404', req)
882 75488a2a875e fix ui.main-template property handling sylvain.thenault@logilab.fr parents: 871 diff changeset	577	template = self.main_template_id(req)
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	578	return self.vreg['views'].main_template(req, template, view=view)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	579
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	580	# template stuff
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	581
882 75488a2a875e fix ui.main-template property handling sylvain.thenault@logilab.fr parents: 871 diff changeset	582	def main_template_id(self, req):
2263 1f59cd5b710f accept a __template parameter that specifies a different (main) template Aurelien Campeas <aurelien.campeas@logilab.fr> parents: 1977 diff changeset	583	template = req.form.get('__template', req.property_value('ui.main-template'))
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	584	if template not in self.vreg['views']:
882 75488a2a875e fix ui.main-template property handling sylvain.thenault@logilab.fr parents: 871 diff changeset	585	template = 'main-template'
75488a2a875e fix ui.main-template property handling sylvain.thenault@logilab.fr parents: 871 diff changeset	586	return template
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	587
7083 b8e35cde46e9 help pylint by explicitely defining some attributes Alexandre Fayolle <alexandre.fayolle@logilab.fr> parents: 6791 diff changeset	588	# these are overridden by set_log_methods below
b8e35cde46e9 help pylint by explicitely defining some attributes Alexandre Fayolle <alexandre.fayolle@logilab.fr> parents: 6791 diff changeset	589	# only defining here to prevent pylint from complaining
b8e35cde46e9 help pylint by explicitely defining some attributes Alexandre Fayolle <alexandre.fayolle@logilab.fr> parents: 6791 diff changeset	590	info = warning = error = critical = exception = debug = lambda msg,a,*kw: None
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	591
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	592	set_log_methods(CubicWebPublisher, LOGGER)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	593	set_log_methods(CookieSessionHandler, LOGGER)

author	Aurelien Campeas <aurelien.campeas@logilab.fr>
	Wed, 09 May 2012 17:15:44 +0200
changeset 8394	b8b23af60019
parent 8390	637b934bc742
child 8443	86fc11fb6f99
permissions	-rw-r--r--