web/application.py
author Pierre-Yves David <pierre-yves.david@logilab.fr>
Fri, 29 Mar 2013 12:47:04 +0100
changeset 8840 bd5b5759c9b3
parent 8753 b61a7c6352f2
child 8997 525915f8bc1c
permissions -rw-r--r--
[session] make hook_control API private The doc already says "internal API". The old entry point is now officially deprecated and the context manager have been made private.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
8466
92c668170ef9 [web app] only log tb when explicitly asked
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8443
diff changeset
     1
# copyright 2003-2012 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
5421
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5377
diff changeset
     2
# contact http://www.logilab.fr/ -- mailto:contact@logilab.fr
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5377
diff changeset
     3
#
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5377
diff changeset
     4
# This file is part of CubicWeb.
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5377
diff changeset
     5
#
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5377
diff changeset
     6
# CubicWeb is free software: you can redistribute it and/or modify it under the
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5377
diff changeset
     7
# terms of the GNU Lesser General Public License as published by the Free
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5377
diff changeset
     8
# Software Foundation, either version 2.1 of the License, or (at your option)
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5377
diff changeset
     9
# any later version.
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5377
diff changeset
    10
#
5424
8ecbcbff9777 replace logilab-common by CubicWeb in disclaimer
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5421
diff changeset
    11
# CubicWeb is distributed in the hope that it will be useful, but WITHOUT
5421
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5377
diff changeset
    12
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5377
diff changeset
    13
# FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5377
diff changeset
    14
# details.
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5377
diff changeset
    15
#
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5377
diff changeset
    16
# You should have received a copy of the GNU Lesser General Public License along
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5377
diff changeset
    17
# with CubicWeb.  If not, see <http://www.gnu.org/licenses/>.
5722
61d6a4caa963 [iprogress] move adapter to entities.adapters
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5655
diff changeset
    18
"""CubicWeb web client application object"""
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    19
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    20
__docformat__ = "restructuredtext en"
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    21
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    22
import sys
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    23
from time import clock, time
7876
df15d194a134 [views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 7855
diff changeset
    24
from contextlib import contextmanager
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
    25
from warnings import warn
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
    26
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
    27
import httplib
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    28
2613
5e19c2bb370e R [all] logilab.common 0.44 provides only deprecated
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 2476
diff changeset
    29
from logilab.common.deprecation import deprecated
2058
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 1977
diff changeset
    30
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    31
from rql import BadRQLQuery
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    32
2058
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 1977
diff changeset
    33
from cubicweb import set_log_methods, cwvreg
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 1977
diff changeset
    34
from cubicweb import (
8602
d066ba3bb07d [web] add a Forbidden exception
David Douard <david.douard@logilab.fr>
parents: 8470
diff changeset
    35
    ValidationError, Unauthorized, Forbidden,
d066ba3bb07d [web] add a Forbidden exception
David Douard <david.douard@logilab.fr>
parents: 8470
diff changeset
    36
    AuthenticationError, NoSelectableObject,
6791
fe58b234f9c2 [web session] refactor to finally closes #343036: allow _postlogin behaviour overloading
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6680
diff changeset
    37
    BadConnectionId, CW_EVENT_MANAGER)
7876
df15d194a134 [views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 7855
diff changeset
    38
from cubicweb.dbapi import DBAPISession, anonymous_session
2058
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 1977
diff changeset
    39
from cubicweb.web import LOGGER, component
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 1977
diff changeset
    40
from cubicweb.web import (
5223
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
    41
    StatusResponse, DirectResponse, Redirect, NotFound, LogOut,
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
    42
    RemoteCallFailed, InvalidSession, RequestError)
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    43
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
    44
from cubicweb.web.request import CubicWebRequestBase
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
    45
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    46
# make session manager available through a global variable so the debug view can
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    47
# print information about web session
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    48
SESSION_MANAGER = None
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    49
7876
df15d194a134 [views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 7855
diff changeset
    50
df15d194a134 [views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 7855
diff changeset
    51
@contextmanager
df15d194a134 [views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 7855
diff changeset
    52
def anonymized_request(req):
df15d194a134 [views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 7855
diff changeset
    53
    orig_session = req.session
df15d194a134 [views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 7855
diff changeset
    54
    req.set_session(anonymous_session(req.vreg))
df15d194a134 [views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 7855
diff changeset
    55
    try:
df15d194a134 [views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 7855
diff changeset
    56
        yield req
df15d194a134 [views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 7855
diff changeset
    57
    finally:
df15d194a134 [views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 7855
diff changeset
    58
        req.set_session(orig_session)
df15d194a134 [views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 7855
diff changeset
    59
2058
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 1977
diff changeset
    60
class AbstractSessionManager(component.Component):
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    61
    """manage session data associated to a session identifier"""
3408
c92170fca813 [api] use __regid__ instead of deprecated id
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 2887
diff changeset
    62
    __regid__ = 'sessionmanager'
1426
379261551578 remove trailing spaces
sylvain.thenault@logilab.fr
parents: 1132
diff changeset
    63
2887
1282dc6525c5 give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2867
diff changeset
    64
    def __init__(self, vreg):
1282dc6525c5 give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2867
diff changeset
    65
        self.session_time = vreg.config['http-session-time'] or None
1282dc6525c5 give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2867
diff changeset
    66
        self.authmanager = vreg['components'].select('authmanager', vreg=vreg)
6012
d56fd78006cd [session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
    67
        interval = (self.session_time or 0) / 2.
5325
f1c660e1169e [web] consistent cleanup session interval time
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5283
diff changeset
    68
        if vreg.config.anonymous_user() is not None:
6012
d56fd78006cd [session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
    69
            self.cleanup_anon_session_time = vreg.config['cleanup-anonymous-session-time'] or 5 * 60
d56fd78006cd [session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
    70
            assert self.cleanup_anon_session_time > 0
d56fd78006cd [session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
    71
            if self.session_time is not None:
d56fd78006cd [session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
    72
                self.cleanup_anon_session_time = min(self.session_time,
d56fd78006cd [session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
    73
                                                     self.cleanup_anon_session_time)
d56fd78006cd [session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
    74
            interval = self.cleanup_anon_session_time / 2.
d56fd78006cd [session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
    75
        # we don't want to check session more than once every 5 minutes
d56fd78006cd [session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
    76
        self.clean_sessions_interval = max(5 * 60, interval)
1426
379261551578 remove trailing spaces
sylvain.thenault@logilab.fr
parents: 1132
diff changeset
    77
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    78
    def clean_sessions(self):
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    79
        """cleanup sessions which has not been unused since a given amount of
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    80
        time. Return the number of sessions which have been closed.
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    81
        """
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    82
        self.debug('cleaning http sessions')
6012
d56fd78006cd [session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
    83
        session_time = self.session_time
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    84
        closed, total = 0, 0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    85
        for session in self.current_sessions():
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    86
            total += 1
6012
d56fd78006cd [session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
    87
            try:
d56fd78006cd [session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
    88
                last_usage_time = session.cnx.check()
7589
d3459fe041f0 [web session] fix bad cleanup of session without a connection set. Closes #1772125
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7428
diff changeset
    89
            except AttributeError:
d3459fe041f0 [web session] fix bad cleanup of session without a connection set. Closes #1772125
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7428
diff changeset
    90
                last_usage_time = session.mtime
6012
d56fd78006cd [session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
    91
            except BadConnectionId:
d56fd78006cd [session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
    92
                self.close_session(session)
d56fd78006cd [session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
    93
                closed += 1
d56fd78006cd [session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
    94
            else:
d56fd78006cd [session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
    95
                no_use_time = (time() - last_usage_time)
d56fd78006cd [session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
    96
                if session.anonymous_session:
d56fd78006cd [session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
    97
                    if no_use_time >= self.cleanup_anon_session_time:
d56fd78006cd [session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
    98
                        self.close_session(session)
d56fd78006cd [session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
    99
                        closed += 1
d56fd78006cd [session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
   100
                elif session_time is not None and no_use_time >= session_time:
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   101
                    self.close_session(session)
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   102
                    closed += 1
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   103
        return closed, total - closed
1426
379261551578 remove trailing spaces
sylvain.thenault@logilab.fr
parents: 1132
diff changeset
   104
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   105
    def current_sessions(self):
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   106
        """return currently open sessions"""
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   107
        raise NotImplementedError()
1426
379261551578 remove trailing spaces
sylvain.thenault@logilab.fr
parents: 1132
diff changeset
   108
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   109
    def get_session(self, req, sessionid):
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   110
        """return existing session for the given session identifier"""
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   111
        raise NotImplementedError()
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   112
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   113
    def open_session(self, req):
5223
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   114
        """open and return a new session for the given request. The session is
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   115
        also bound to the request.
1426
379261551578 remove trailing spaces
sylvain.thenault@logilab.fr
parents: 1132
diff changeset
   116
5223
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   117
        raise :exc:`cubicweb.AuthenticationError` if authentication failed
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   118
        (no authentication info found or wrong user/password)
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   119
        """
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   120
        raise NotImplementedError()
1426
379261551578 remove trailing spaces
sylvain.thenault@logilab.fr
parents: 1132
diff changeset
   121
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   122
    def close_session(self, session):
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   123
        """close session on logout or on invalid session detected (expired out,
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   124
        corrupted...)
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   125
        """
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   126
        raise NotImplementedError()
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   127
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   128
2058
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 1977
diff changeset
   129
class AbstractAuthenticationManager(component.Component):
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   130
    """authenticate user associated to a request and check session validity"""
7990
a673d1d9a738 [diet] drop pre 3.6 API compatibility (but attempt to keep data cmopatibility). Closes #2017916
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7876
diff changeset
   131
    __regid__ = 'authmanager'
2887
1282dc6525c5 give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2867
diff changeset
   132
1282dc6525c5 give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2867
diff changeset
   133
    def __init__(self, vreg):
1282dc6525c5 give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2867
diff changeset
   134
        self.vreg = vreg
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   135
5223
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   136
    def validate_session(self, req, session):
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   137
        """check session validity, reconnecting it to the repository if the
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   138
        associated connection expired in the repository side (hence the
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   139
        necessity for this method).
1426
379261551578 remove trailing spaces
sylvain.thenault@logilab.fr
parents: 1132
diff changeset
   140
5223
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   141
        raise :exc:`InvalidSession` if session is corrupted for a reason or
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   142
        another and should be closed
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   143
        """
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   144
        raise NotImplementedError()
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   145
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   146
    def authenticate(self, req):
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   147
        """authenticate user using connection information found in the request,
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   148
        and return corresponding a :class:`~cubicweb.dbapi.Connection` instance,
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   149
        as well as login and authentication information dictionary used to open
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   150
        the connection.
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   151
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   152
        raise :exc:`cubicweb.AuthenticationError` if authentication failed
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   153
        (no authentication info found or wrong user/password)
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   154
        """
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   155
        raise NotImplementedError()
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   156
1426
379261551578 remove trailing spaces
sylvain.thenault@logilab.fr
parents: 1132
diff changeset
   157
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   158
class CookieSessionHandler(object):
6680
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6582
diff changeset
   159
    """a session handler using a cookie to store the session identifier"""
1426
379261551578 remove trailing spaces
sylvain.thenault@logilab.fr
parents: 1132
diff changeset
   160
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   161
    def __init__(self, appli):
2706
09baf5175196 [web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2705
diff changeset
   162
        self.vreg = appli.vreg
2887
1282dc6525c5 give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2867
diff changeset
   163
        self.session_manager = self.vreg['components'].select('sessionmanager',
1282dc6525c5 give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2867
diff changeset
   164
                                                              vreg=self.vreg)
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   165
        global SESSION_MANAGER
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   166
        SESSION_MANAGER = self.session_manager
5000
f1a10b41417a [test] don't try to reset session manager during test,
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4914
diff changeset
   167
        if self.vreg.config.mode != 'test':
f1a10b41417a [test] don't try to reset session manager during test,
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4914
diff changeset
   168
            # don't try to reset session manager during test, this leads to
f1a10b41417a [test] don't try to reset session manager during test,
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4914
diff changeset
   169
            # weird failures when running multiple tests
f1a10b41417a [test] don't try to reset session manager during test,
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4914
diff changeset
   170
            CW_EVENT_MANAGER.bind('after-registry-reload',
f1a10b41417a [test] don't try to reset session manager during test,
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4914
diff changeset
   171
                                  self.reset_session_manager)
2706
09baf5175196 [web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2705
diff changeset
   172
09baf5175196 [web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2705
diff changeset
   173
    def reset_session_manager(self):
09baf5175196 [web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2705
diff changeset
   174
        data = self.session_manager.dump_data()
2887
1282dc6525c5 give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2867
diff changeset
   175
        self.session_manager = self.vreg['components'].select('sessionmanager',
1282dc6525c5 give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2867
diff changeset
   176
                                                              vreg=self.vreg)
2706
09baf5175196 [web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2705
diff changeset
   177
        self.session_manager.restore_data(data)
09baf5175196 [web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2705
diff changeset
   178
        global SESSION_MANAGER
09baf5175196 [web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2705
diff changeset
   179
        SESSION_MANAGER = self.session_manager
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   180
5325
f1c660e1169e [web] consistent cleanup session interval time
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5283
diff changeset
   181
    @property
f1c660e1169e [web] consistent cleanup session interval time
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5283
diff changeset
   182
    def clean_sessions_interval(self):
f1c660e1169e [web] consistent cleanup session interval time
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5283
diff changeset
   183
        return self.session_manager.clean_sessions_interval
f1c660e1169e [web] consistent cleanup session interval time
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5283
diff changeset
   184
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   185
    def clean_sessions(self):
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   186
        """cleanup sessions which has not been unused since a given amount of
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   187
        time
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   188
        """
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   189
        self.session_manager.clean_sessions()
1426
379261551578 remove trailing spaces
sylvain.thenault@logilab.fr
parents: 1132
diff changeset
   190
6680
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6582
diff changeset
   191
    def session_cookie(self, req):
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6582
diff changeset
   192
        """return a string giving the name of the cookie used to store the
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6582
diff changeset
   193
        session identifier.
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6582
diff changeset
   194
        """
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6582
diff changeset
   195
        if req.https:
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6582
diff changeset
   196
            return '__%s_https_session' % self.vreg.config.appid
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6582
diff changeset
   197
        return '__%s_session' % self.vreg.config.appid
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6582
diff changeset
   198
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   199
    def set_session(self, req):
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   200
        """associate a session to the request
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   201
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   202
        Session id is searched from :
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   203
        - # form variable
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   204
        - cookie
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   205
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   206
        if no session id is found, open a new session for the connected user
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   207
        or request authentification as needed
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   208
6109
47d9c0e0f7b7 integrate Celso's work on translation file: proper/complete spanish translation, fixed some typos in french translation, occured -> occurred fix in various places
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5868
diff changeset
   209
        :raise Redirect: if authentication has occurred and succeed
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   210
        """
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   211
        cookie = req.get_cookie()
6680
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6582
diff changeset
   212
        sessioncookie = self.session_cookie(req)
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   213
        try:
6680
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6582
diff changeset
   214
            sessionid = str(cookie[sessioncookie].value)
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   215
        except KeyError: # no session cookie
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   216
            session = self.open_session(req)
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   217
        else:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   218
            try:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   219
                session = self.get_session(req, sessionid)
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   220
            except InvalidSession:
5223
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   221
                # try to open a new session, so we get an anonymous session if
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   222
                # allowed
7428
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   223
                session = self.open_session(req)
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   224
            else:
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   225
                if not session.cnx:
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   226
                    # session exists but is not bound to a connection. We should
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   227
                    # try to authenticate
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   228
                    loginsucceed = False
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   229
                    try:
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   230
                        if self.open_session(req, allow_no_cnx=False):
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   231
                            loginsucceed = True
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   232
                    except Redirect:
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   233
                        # may be raised in open_session (by postlogin mechanism)
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   234
                        # on successful connection
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   235
                        loginsucceed = True
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   236
                        raise
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   237
                    except AuthenticationError:
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   238
                        # authentication failed, continue to use this session
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   239
                        req.set_session(session)
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   240
                    finally:
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   241
                        if loginsucceed:
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   242
                            # session should be replaced by new session created
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   243
                            # in open_session
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   244
                            self.session_manager.close_session(session)
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   245
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   246
    def get_session(self, req, sessionid):
7589
d3459fe041f0 [web session] fix bad cleanup of session without a connection set. Closes #1772125
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7428
diff changeset
   247
        session = self.session_manager.get_session(req, sessionid)
d3459fe041f0 [web session] fix bad cleanup of session without a connection set. Closes #1772125
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7428
diff changeset
   248
        session.mtime = time()
d3459fe041f0 [web session] fix bad cleanup of session without a connection set. Closes #1772125
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7428
diff changeset
   249
        return session
1426
379261551578 remove trailing spaces
sylvain.thenault@logilab.fr
parents: 1132
diff changeset
   250
7428
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   251
    def open_session(self, req, allow_no_cnx=True):
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   252
        session = self.session_manager.open_session(req, allow_no_cnx=allow_no_cnx)
6680
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6582
diff changeset
   253
        sessioncookie = self.session_cookie(req)
7855
54283a5b7afc [web request] fix cookie 'expires' formating (closes #1953945)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7815
diff changeset
   254
        secure = req.https and req.base_url().startswith('https://')
54283a5b7afc [web request] fix cookie 'expires' formating (closes #1953945)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7815
diff changeset
   255
        req.set_cookie(sessioncookie, session.sessionid,
54283a5b7afc [web request] fix cookie 'expires' formating (closes #1953945)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7815
diff changeset
   256
                       maxage=None, secure=secure)
5223
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   257
        if not session.anonymous_session:
6791
fe58b234f9c2 [web session] refactor to finally closes #343036: allow _postlogin behaviour overloading
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6680
diff changeset
   258
            self.session_manager.postlogin(req)
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   259
        return session
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   260
4911
898c35be5873 #750055: make it easier to change post logout url
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4709
diff changeset
   261
    def logout(self, req, goto_url):
2476
1294a6bdf3bf application -> instance where it makes sense
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2293
diff changeset
   262
        """logout from the instance by cleaning the session and raising
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   263
        `AuthenticationError`
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   264
        """
5494
f3bb53f1737c [web session] fix potential key error on logout (occurs once the session has been transparently reconnected, hence session.sessionid and session.cnx.sessionid differs)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5426
diff changeset
   265
        self.session_manager.close_session(req.session)
7855
54283a5b7afc [web request] fix cookie 'expires' formating (closes #1953945)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7815
diff changeset
   266
        req.remove_cookie(self.session_cookie(req))
5223
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   267
        raise LogOut(url=goto_url)
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   268
7083
b8e35cde46e9 help pylint by explicitely defining some attributes
Alexandre Fayolle <alexandre.fayolle@logilab.fr>
parents: 6791
diff changeset
   269
    # these are overridden by set_log_methods below
b8e35cde46e9 help pylint by explicitely defining some attributes
Alexandre Fayolle <alexandre.fayolle@logilab.fr>
parents: 6791
diff changeset
   270
    # only defining here to prevent pylint from complaining
b8e35cde46e9 help pylint by explicitely defining some attributes
Alexandre Fayolle <alexandre.fayolle@logilab.fr>
parents: 6791
diff changeset
   271
    info = warning = error = critical = exception = debug = lambda msg,*a,**kw: None
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   272
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   273
class CubicWebPublisher(object):
2058
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 1977
diff changeset
   274
    """the publisher is a singleton hold by the web frontend, and is responsible
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 1977
diff changeset
   275
    to publish HTTP request.
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   276
    """
1426
379261551578 remove trailing spaces
sylvain.thenault@logilab.fr
parents: 1132
diff changeset
   277
5442
3ed8afbbdf70 [webconfig] refactor/cleanup debug mode management on startup: simply use config.debugmode instead of debug argument everywhere...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5426
diff changeset
   278
    def __init__(self, config,
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   279
                 session_handler_fact=CookieSessionHandler,
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   280
                 vreg=None):
4484
d87989d91635 fix duplicated vregistry initialization during tests
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4212
diff changeset
   281
        self.info('starting web instance from %s', config.apphome)
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   282
        if vreg is None:
8190
2a3c1b787688 [vreg] move base registry implementation to logilab.common. Closes #1916014
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8128
diff changeset
   283
            vreg = cwvreg.CWRegistryStore(config)
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   284
        self.vreg = vreg
4484
d87989d91635 fix duplicated vregistry initialization during tests
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4212
diff changeset
   285
        # connect to the repository and get instance's schema
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   286
        self.repo = config.repository(vreg)
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   287
        if not vreg.initialized:
5650
86e874fe30ea [web] cleanup use of config in web application initialisation
Julien Jehannet <julien.jehannet@logilab.fr>
parents: 5587
diff changeset
   288
            config.init_cubes(self.repo.get_cubes())
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   289
            vreg.init_properties(self.repo.properties())
4484
d87989d91635 fix duplicated vregistry initialization during tests
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4212
diff changeset
   290
            vreg.set_schema(self.repo.get_schema())
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   291
        # set the correct publish method
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   292
        if config['query-log-file']:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   293
            from threading import Lock
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   294
            self._query_log = open(config['query-log-file'], 'a')
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   295
            self.handle_request = self.log_handle_request
1426
379261551578 remove trailing spaces
sylvain.thenault@logilab.fr
parents: 1132
diff changeset
   296
            self._logfile_lock = Lock()
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   297
        else:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   298
            self._query_log = None
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   299
            self.handle_request = self.main_handle_request
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   300
        # instantiate session and url resolving helpers
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   301
        self.session_handler = session_handler_fact(self)
2685
0518ca8f63e3 [autoreload] recompute urlresolver / urlrewriter after autoreload
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 2666
diff changeset
   302
        self.set_urlresolver()
2705
30bcdbd92820 [events] renamed source-reload into registry-reload to avoid potential confusions with datasources
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 2685
diff changeset
   303
        CW_EVENT_MANAGER.bind('after-registry-reload', self.set_urlresolver)
2685
0518ca8f63e3 [autoreload] recompute urlresolver / urlrewriter after autoreload
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 2666
diff changeset
   304
0518ca8f63e3 [autoreload] recompute urlresolver / urlrewriter after autoreload
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 2666
diff changeset
   305
    def set_urlresolver(self):
2887
1282dc6525c5 give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2867
diff changeset
   306
        self.url_resolver = self.vreg['components'].select('urlpublisher',
1282dc6525c5 give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2867
diff changeset
   307
                                                           vreg=self.vreg)
1426
379261551578 remove trailing spaces
sylvain.thenault@logilab.fr
parents: 1132
diff changeset
   308
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   309
    def connect(self, req):
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   310
        """return a connection for a logged user object according to existing
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   311
        sessions (i.e. a new connection may be created or an already existing
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   312
        one may be reused
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   313
        """
7428
5338d895b891 [web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7348
diff changeset
   314
        self.session_handler.set_session(req)
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   315
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   316
    # publish methods #########################################################
1426
379261551578 remove trailing spaces
sylvain.thenault@logilab.fr
parents: 1132
diff changeset
   317
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   318
    def log_handle_request(self, req, path):
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   319
        """wrapper around _publish to log all queries executed for a given
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   320
        accessed path
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   321
        """
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   322
        try:
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   323
            return self.main_handle_request(req, path)
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   324
        finally:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   325
            cnx = req.cnx
5244
5467674ad101 [web] put a fake object that raise Unauthorized on any attribute access as req.cnx and req._user, so we are properly asked to authenticated on any view that tries to do something with one of those attributes (instead of doing defensive programming everywhere we're doing that)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5223
diff changeset
   326
            if cnx:
5223
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   327
                with self._logfile_lock:
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   328
                    try:
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   329
                        result = ['\n'+'*'*80]
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   330
                        result.append(req.url())
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   331
                        result += ['%s %s -- (%.3f sec, %.3f CPU sec)' % q
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   332
                                   for q in cnx.executed_queries]
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   333
                        cnx.executed_queries = []
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   334
                        self._query_log.write('\n'.join(result).encode(req.encoding))
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   335
                        self._query_log.flush()
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   336
                    except Exception:
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   337
                        self.exception('error while logging queries')
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   338
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   339
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   340
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   341
    def main_handle_request(self, req, path):
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   342
        if not isinstance(req, CubicWebRequestBase):
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   343
            warn('[3.15] Application entry poin arguments are now (req, path) '
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   344
                 'not (path, req)', DeprecationWarning, 2)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   345
            req, path = path, req
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   346
        if req.authmode == 'http':
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   347
            # activate realm-based auth
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   348
            realm = self.vreg.config['realm']
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   349
            req.set_header('WWW-Authenticate', [('Basic', {'realm' : realm })], raw=False)
8443
86fc11fb6f99 [web/application] declare default 'content' value sooner (closes #2406560)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8390
diff changeset
   350
        content = ''
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   351
        try:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   352
            self.connect(req)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   353
            # DENY https acces for anonymous_user
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   354
            if (req.https
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   355
                and req.session.anonymous_session
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   356
                and self.vreg.config['https-deny-anonymous']):
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   357
                # don't allow anonymous on https connection
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   358
                raise AuthenticationError()
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   359
            # nested try to allow LogOut to delegate logic to AuthenticationError
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   360
            # handler
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   361
            try:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   362
                ### Try to generate the actual request content
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   363
                content = self.core_handle(req, path)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   364
            # Handle user log-out
8695
358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624)
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 8694
diff changeset
   365
            except LogOut as ex:
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   366
                # When authentification is handled by cookie the code that
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   367
                # raised LogOut must has invalidated the cookie. We can just
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   368
                # reload the original url without authentification
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   369
                if self.vreg.config['auth-mode'] == 'cookie' and ex.url:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   370
                    req.headers_out.setHeader('location', str(ex.url))
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   371
                if ex.status is not None:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   372
                    req.status_out = httplib.SEE_OTHER
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   373
                # When the authentification is handled by http we must
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   374
                # explicitly ask for authentification to flush current http
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   375
                # authentification information
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   376
                else:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   377
                    # Render "logged out" content.
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   378
                    # assignement to ``content`` prevent standard
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   379
                    # AuthenticationError code to overwrite it.
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   380
                    content = self.loggedout_content(req)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   381
                    # let the explicitly reset http credential
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   382
                    raise AuthenticationError()
8695
358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624)
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 8694
diff changeset
   383
        except Redirect as ex:
8470
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8466
diff changeset
   384
            # authentication needs redirection (eg openid)
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8466
diff changeset
   385
            content = self.redirect_handler(req, ex)
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   386
        # Wrong, absent or Reseted credential
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   387
        except AuthenticationError:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   388
            # If there is an https url configured and
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   389
            # the request do not used https, redirect to login form
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   390
            https_url = self.vreg.config['https-url']
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   391
            if https_url and req.base_url() != https_url:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   392
                req.status_out = httplib.SEE_OTHER
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   393
                req.headers_out.setHeader('location', https_url + 'login')
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   394
            else:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   395
                # We assume here that in http auth mode the user *May* provide
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   396
                # Authentification Credential if asked kindly.
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   397
                if self.vreg.config['auth-mode'] == 'http':
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   398
                    req.status_out = httplib.UNAUTHORIZED
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   399
                # In the other case (coky auth) we assume that there is no way
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   400
                # for the user to provide them...
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   401
                # XXX But WHY ?
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   402
                else:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   403
                    req.status_out = httplib.FORBIDDEN
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   404
                # If previous error handling already generated a custom content
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   405
                # do not overwrite it. This is used by LogOut Except
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   406
                # XXX ensure we don't actually serve content
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   407
                if not content:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   408
                    content = self.need_login_content(req)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   409
        return content
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   410
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   411
    def core_handle(self, req, path):
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   412
        """method called by the main publisher to process <path>
1426
379261551578 remove trailing spaces
sylvain.thenault@logilab.fr
parents: 1132
diff changeset
   413
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   414
        should return a string containing the resulting page or raise a
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   415
        `NotFound` exception
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   416
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   417
        :type path: str
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   418
        :param path: the path part of the url to publish
1426
379261551578 remove trailing spaces
sylvain.thenault@logilab.fr
parents: 1132
diff changeset
   419
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   420
        :type req: `web.Request`
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   421
        :param req: the request object
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   422
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   423
        :rtype: str
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   424
        :return: the result of the pusblished url
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   425
        """
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   426
        # don't log form values they may contains sensitive information
8390
637b934bc742 [app] turn these info into debug logs (this being too chatty for .info)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8312
diff changeset
   427
        self.debug('publish "%s" (%s, form params: %s)',
8696
0bb18407c053 [toward py3k] rewrite dict.keys() and dict.values() (part of #2711624)
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 8695
diff changeset
   428
                   path, req.session.sessionid, list(req.form))
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   429
        # remove user callbacks on a new request (except for json controllers
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   430
        # to avoid callbacks being unregistered before they could be called)
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   431
        tstart = clock()
5865
af414723598d [publisher] avoid useless rollback after successful commit, which clutters debug logs and may also not be cost-free
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5721
diff changeset
   432
        commited = False
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   433
        try:
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   434
            ### standard processing of the request
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   435
            try:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   436
                ctrlid, rset = self.url_resolver.process(req, path)
2058
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 1977
diff changeset
   437
                try:
2650
18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2613
diff changeset
   438
                    controller = self.vreg['controllers'].select(ctrlid, req,
18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2613
diff changeset
   439
                                                                 appli=self)
2058
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 1977
diff changeset
   440
                except NoSelectableObject:
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 1977
diff changeset
   441
                    raise Unauthorized(req._('not authorized'))
581
09f87f2c535e update_search_state in the publisher since it should be done whatever the controller
sylvain.thenault@logilab.fr
parents: 168
diff changeset
   442
                req.update_search_state()
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   443
                result = controller.publish(rset=rset)
8695
358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624)
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 8694
diff changeset
   444
            except StatusResponse as ex:
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   445
                warn('StatusResponse is deprecated use req.status_out',
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   446
                     DeprecationWarning)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   447
                result = ex.content
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   448
                req.status_out = ex.status
8695
358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624)
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 8694
diff changeset
   449
            except Redirect as ex:
8470
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8466
diff changeset
   450
                # Redirect may be raised by edit controller when everything went
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8466
diff changeset
   451
                # fine, so attempt to commit
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8466
diff changeset
   452
                result = self.redirect_handler(req, ex)
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   453
            if req.cnx:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   454
                txuuid = req.cnx.commit()
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   455
                commited = True
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   456
                if txuuid is not None:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   457
                    req.data['last_undoable_transaction'] = txuuid
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   458
        ### error case
8695
358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624)
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 8694
diff changeset
   459
        except NotFound as ex:
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   460
            result = self.notfound_content(req)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   461
            req.status_out = ex.status
8695
358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624)
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 8694
diff changeset
   462
        except ValidationError as ex:
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   463
            result = self.validation_error_handler(req, ex)
8695
358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624)
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 8694
diff changeset
   464
        except RemoteCallFailed as ex:
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   465
            result = self.ajax_error_handler(req, ex)
8695
358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624)
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 8694
diff changeset
   466
        except Unauthorized as ex:
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   467
            req.data['errmsg'] = req._('You\'re not authorized to access this page. '
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   468
                                       'If you think you should, please contact the site administrator.')
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   469
            req.status_out = httplib.UNAUTHORIZED
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   470
            result = self.error_handler(req, ex, tb=False)
8695
358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624)
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 8694
diff changeset
   471
        except Forbidden as ex:
8602
d066ba3bb07d [web] add a Forbidden exception
David Douard <david.douard@logilab.fr>
parents: 8470
diff changeset
   472
            req.data['errmsg'] = req._('This action is forbidden. '
d066ba3bb07d [web] add a Forbidden exception
David Douard <david.douard@logilab.fr>
parents: 8470
diff changeset
   473
                                       'If you think it should be allowed, please contact the site administrator.')
d066ba3bb07d [web] add a Forbidden exception
David Douard <david.douard@logilab.fr>
parents: 8470
diff changeset
   474
            req.status_out = httplib.FORBIDDEN
d066ba3bb07d [web] add a Forbidden exception
David Douard <david.douard@logilab.fr>
parents: 8470
diff changeset
   475
            result = self.error_handler(req, ex, tb=False)
8695
358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624)
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 8694
diff changeset
   476
        except (BadRQLQuery, RequestError) as ex:
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   477
            result = self.error_handler(req, ex, tb=False)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   478
        ### pass through exception
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   479
        except DirectResponse:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   480
            if req.cnx:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   481
                req.cnx.commit()
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   482
            raise
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   483
        except (AuthenticationError, LogOut):
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   484
            # the rollback is handled in the finally
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   485
            raise
8560
fef0b8214fcf [web app] move set of status_out into validation_error_handler to ease readability
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8556
diff changeset
   486
        ### Last defense line
8695
358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624)
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 8694
diff changeset
   487
        except BaseException as ex:
8753
b61a7c6352f2 [web publish] in case of error, ensure proper http status is set and Content-disposition header is reseted. Closes #2553066
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8711
diff changeset
   488
            req.status_out = httplib.INTERNAL_SERVER_ERROR
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   489
            result = self.error_handler(req, ex, tb=True)
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   490
        finally:
5865
af414723598d [publisher] avoid useless rollback after successful commit, which clutters debug logs and may also not be cost-free
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5721
diff changeset
   491
            if req.cnx and not commited:
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   492
                try:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   493
                    req.cnx.rollback()
7815
2a164a9cf81c [exceptions] stop catching any exception in various places (closes #1942716)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7589
diff changeset
   494
                except Exception:
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   495
                    pass # ignore rollback error at this point
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   496
            # request may be referenced by "onetime callback", so clear its entity
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   497
            # cache to avoid memory usage
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   498
            req.drop_entity_cache()
8267
486386d9f836 [web] Exposes the undo feature to user through a undo-history view (closes #893940)
Anthony Truchet <anthony.truchet@logilab.fr>
parents: 8190
diff changeset
   499
        self.add_undo_link_to_msg(req)
8390
637b934bc742 [app] turn these info into debug logs (this being too chatty for .info)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8312
diff changeset
   500
        self.debug('query %s executed in %s sec', req.relative_path(), clock() - tstart)
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   501
        return result
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   502
8470
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8466
diff changeset
   503
    # Error handlers
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8466
diff changeset
   504
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8466
diff changeset
   505
    def redirect_handler(self, req, ex):
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8466
diff changeset
   506
        """handle redirect
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8466
diff changeset
   507
        - comply to ex status
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8466
diff changeset
   508
        - set header field
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8466
diff changeset
   509
        - return empty content
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8466
diff changeset
   510
        """
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8466
diff changeset
   511
        self.debug('redirecting to %s', str(ex.location))
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8466
diff changeset
   512
        req.headers_out.setHeader('location', str(ex.location))
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8466
diff changeset
   513
        assert 300 <= ex.status < 400
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8466
diff changeset
   514
        req.status_out = ex.status
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8466
diff changeset
   515
        return ''
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8466
diff changeset
   516
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   517
    def validation_error_handler(self, req, ex):
8594
001159e2e4f3 [validation api] properly use yams 0.36 validation error api and update message catalog. Follows bbe0d6985e59
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8560
diff changeset
   518
        ex.translate(req._) # translate messages using ui language
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   519
        if '__errorurl' in req.form:
4224
5998df006968 refactor form error handling:
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 3408
diff changeset
   520
            forminfo = {'error': ex,
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   521
                        'values': req.form,
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   522
                        'eidmap': req.data.get('eidmap', {})
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   523
                        }
5223
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5174
diff changeset
   524
            req.session.data[req.form['__errorurl']] = forminfo
4679
d8ad65dab3e9 remove #<formid> from url used to redirect after a validation error
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4639
diff changeset
   525
            # XXX form session key / __error_url should be differentiated:
d8ad65dab3e9 remove #<formid> from url used to redirect after a validation error
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4639
diff changeset
   526
            # session key is 'url + #<form dom id', though we usually don't want
d8ad65dab3e9 remove #<formid> from url used to redirect after a validation error
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4639
diff changeset
   527
            # the browser to move to the form since it hides the global
d8ad65dab3e9 remove #<formid> from url used to redirect after a validation error
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4639
diff changeset
   528
            # messages.
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   529
            location = req.form['__errorurl'].rsplit('#', 1)[0]
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   530
            req.headers_out.setHeader('location', str(location))
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   531
            req.status_out = httplib.SEE_OTHER
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   532
            return ''
8560
fef0b8214fcf [web app] move set of status_out into validation_error_handler to ease readability
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8556
diff changeset
   533
        req.status_out = httplib.CONFLICT
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   534
        return self.error_handler(req, ex, tb=False)
1426
379261551578 remove trailing spaces
sylvain.thenault@logilab.fr
parents: 1132
diff changeset
   535
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   536
    def error_handler(self, req, ex, tb=False):
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   537
        excinfo = sys.exc_info()
8466
92c668170ef9 [web app] only log tb when explicitly asked
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8443
diff changeset
   538
        if tb:
92c668170ef9 [web app] only log tb when explicitly asked
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8443
diff changeset
   539
            self.exception(repr(ex))
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   540
        req.set_header('Cache-Control', 'no-cache')
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   541
        req.remove_header('Etag')
8753
b61a7c6352f2 [web publish] in case of error, ensure proper http status is set and Content-disposition header is reseted. Closes #2553066
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8711
diff changeset
   542
        req.remove_header('Content-disposition')
4897
e402e0b32075 [web] start a new message system based on id of message stored in session's data
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4709
diff changeset
   543
        req.reset_message()
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   544
        req.reset_headers()
8128
0a927fe4541b [controllers] deprecate JSonController and implement AjaxController / ajax-func registry (closes #2110265)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 7990
diff changeset
   545
        if req.ajax_request:
8709
8dc0b8d92694 [web application] Fix missing self. in error_handler
Vincent Michel <vincent.michel@logilab.fr>
parents: 8602
diff changeset
   546
            return self.ajax_error_handler(req, ex)
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   547
        try:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   548
            req.data['ex'] = ex
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   549
            if tb:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   550
                req.data['excinfo'] = excinfo
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   551
            req.form['vid'] = 'error'
2650
18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2613
diff changeset
   552
            errview = self.vreg['views'].select('error', req)
882
75488a2a875e fix ui.main-template property handling
sylvain.thenault@logilab.fr
parents: 871
diff changeset
   553
            template = self.main_template_id(req)
2650
18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2613
diff changeset
   554
            content = self.vreg['views'].main_template(req, template, view=errview)
7815
2a164a9cf81c [exceptions] stop catching any exception in various places (closes #1942716)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7589
diff changeset
   555
        except Exception:
2650
18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2613
diff changeset
   556
            content = self.vreg['views'].main_template(req, 'error-template')
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   557
        if getattr(ex, 'status', None) is not None:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   558
            req.status_out = ex.status
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   559
        return content
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   560
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   561
    def add_undo_link_to_msg(self, req):
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   562
        txuuid = req.data.get('last_undoable_transaction')
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   563
        if txuuid is not None:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   564
            msg = u'<span class="undo">[<a href="%s">%s</a>]</span>' %(
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   565
            req.build_url('undo', txuuid=txuuid), req._('undo'))
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   566
            req.append_to_redirect_message(msg)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   567
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   568
    def ajax_error_handler(self, req, ex):
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   569
        req.set_header('content-type', 'application/json')
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   570
        status = ex.status
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   571
        if status is None:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   572
            status = httplib.INTERNAL_SERVER_ERROR
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   573
        json_dumper = getattr(ex, 'dumps', lambda : unicode(ex))
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   574
        req.status_out = status
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   575
        return json_dumper()
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   576
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   577
    # special case handling
1426
379261551578 remove trailing spaces
sylvain.thenault@logilab.fr
parents: 1132
diff changeset
   578
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   579
    def need_login_content(self, req):
2650
18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2613
diff changeset
   580
        return self.vreg['views'].main_template(req, 'login')
1426
379261551578 remove trailing spaces
sylvain.thenault@logilab.fr
parents: 1132
diff changeset
   581
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   582
    def loggedout_content(self, req):
2650
18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2613
diff changeset
   583
        return self.vreg['views'].main_template(req, 'loggedout')
1426
379261551578 remove trailing spaces
sylvain.thenault@logilab.fr
parents: 1132
diff changeset
   584
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   585
    def notfound_content(self, req):
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   586
        req.form['vid'] = '404'
2650
18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2613
diff changeset
   587
        view = self.vreg['views'].select('404', req)
882
75488a2a875e fix ui.main-template property handling
sylvain.thenault@logilab.fr
parents: 871
diff changeset
   588
        template = self.main_template_id(req)
2650
18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2613
diff changeset
   589
        return self.vreg['views'].main_template(req, template, view=view)
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   590
8312
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   591
    # template stuff
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8311
diff changeset
   592
882
75488a2a875e fix ui.main-template property handling
sylvain.thenault@logilab.fr
parents: 871
diff changeset
   593
    def main_template_id(self, req):
2263
1f59cd5b710f accept a __template parameter that specifies a different (main) template
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 1977
diff changeset
   594
        template = req.form.get('__template', req.property_value('ui.main-template'))
2650
18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2613
diff changeset
   595
        if template not in self.vreg['views']:
882
75488a2a875e fix ui.main-template property handling
sylvain.thenault@logilab.fr
parents: 871
diff changeset
   596
            template = 'main-template'
75488a2a875e fix ui.main-template property handling
sylvain.thenault@logilab.fr
parents: 871
diff changeset
   597
        return template
1426
379261551578 remove trailing spaces
sylvain.thenault@logilab.fr
parents: 1132
diff changeset
   598
7083
b8e35cde46e9 help pylint by explicitely defining some attributes
Alexandre Fayolle <alexandre.fayolle@logilab.fr>
parents: 6791
diff changeset
   599
    # these are overridden by set_log_methods below
b8e35cde46e9 help pylint by explicitely defining some attributes
Alexandre Fayolle <alexandre.fayolle@logilab.fr>
parents: 6791
diff changeset
   600
    # only defining here to prevent pylint from complaining
b8e35cde46e9 help pylint by explicitely defining some attributes
Alexandre Fayolle <alexandre.fayolle@logilab.fr>
parents: 6791
diff changeset
   601
    info = warning = error = critical = exception = debug = lambda msg,*a,**kw: None
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   602
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   603
set_log_methods(CubicWebPublisher, LOGGER)
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   604
set_log_methods(CookieSessionHandler, LOGGER)