cubicweb: web/application.py@d3736311d0c4 (annotated)

0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	1	"""CubicWeb web client application object
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	2
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	3	:organization: Logilab
1977 606923dff11b big bunch of copyright / docstring update Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 1426 diff changeset	4	:copyright: 2001-2009 LOGILAB S.A. (Paris, FRANCE), license is LGPL v2.
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	5	:contact: http://www.logilab.fr/ -- mailto:contact@logilab.fr
1977 606923dff11b big bunch of copyright / docstring update Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 1426 diff changeset	6	:license: GNU Lesser General Public License, v2.1 - http://www.gnu.org/licenses
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	7	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	8	__docformat__ = "restructuredtext en"
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	9
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	10	import sys
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	11	from time import clock, time
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	12
2613 5e19c2bb370e R [all] logilab.common 0.44 provides only deprecated Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 2476 diff changeset	13	from logilab.common.deprecation import deprecated
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	14
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	15	from rql import BadRQLQuery
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	16
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	17	from cubicweb import set_log_methods, cwvreg
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	18	from cubicweb import (
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	19	ValidationError, Unauthorized, AuthenticationError, NoSelectableObject,
2685 0518ca8f63e3 [autoreload] recompute urlresolver / urlrewriter after autoreload Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 2666 diff changeset	20	RepositoryError, CW_EVENT_MANAGER)
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	21	from cubicweb.web import LOGGER, component
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	22	from cubicweb.web import (
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	23	StatusResponse, DirectResponse, Redirect, NotFound,
2293 7ded2a1416e4 backport stable branch Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2235 2272 diff changeset	24	RemoteCallFailed, ExplicitLogin, InvalidSession, RequestError)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	25
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	26	# make session manager available through a global variable so the debug view can
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	27	# print information about web session
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	28	SESSION_MANAGER = None
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	29
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	30	class AbstractSessionManager(component.Component):
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	31	"""manage session data associated to a session identifier"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	32	id = 'sessionmanager'
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	33
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	34	def __init__(self):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	35	self.session_time = self.vreg.config['http-session-time'] or None
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	36	assert self.session_time is None or self.session_time > 0
168 f6be0c92fc38 fix default values Sylvain Thenault <sylvain.thenault@logilab.fr> parents: 0 diff changeset	37	self.cleanup_session_time = self.vreg.config['cleanup-session-time'] or 43200
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	38	assert self.cleanup_session_time > 0
168 f6be0c92fc38 fix default values Sylvain Thenault <sylvain.thenault@logilab.fr> parents: 0 diff changeset	39	self.cleanup_anon_session_time = self.vreg.config['cleanup-anonymous-session-time'] or 120
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	40	assert self.cleanup_anon_session_time > 0
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	41	if self.session_time:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	42	assert self.cleanup_session_time < self.session_time
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	43	assert self.cleanup_anon_session_time < self.session_time
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	44	self.authmanager = self.vreg['components'].select('authmanager')
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	45
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	46	def clean_sessions(self):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	47	"""cleanup sessions which has not been unused since a given amount of
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	48	time. Return the number of sessions which have been closed.
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	49	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	50	self.debug('cleaning http sessions')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	51	closed, total = 0, 0
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	52	for session in self.current_sessions():
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	53	no_use_time = (time() - session.last_usage_time)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	54	total += 1
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	55	if session.anonymous_connection:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	56	if no_use_time >= self.cleanup_anon_session_time:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	57	self.close_session(session)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	58	closed += 1
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	59	elif no_use_time >= self.cleanup_session_time:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	60	self.close_session(session)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	61	closed += 1
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	62	return closed, total - closed
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	63
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	64	def has_expired(self, session):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	65	"""return True if the web session associated to the session is expired
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	66	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	67	return not (self.session_time is None or
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	68	time() < session.last_usage_time + self.session_time)
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	69
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	70	def current_sessions(self):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	71	"""return currently open sessions"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	72	raise NotImplementedError()
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	73
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	74	def get_session(self, req, sessionid):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	75	"""return existing session for the given session identifier"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	76	raise NotImplementedError()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	77
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	78	def open_session(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	79	"""open and return a new session for the given request
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	80
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	81	:raise ExplicitLogin: if authentication is required
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	82	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	83	raise NotImplementedError()
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	84
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	85	def close_session(self, session):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	86	"""close session on logout or on invalid session detected (expired out,
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	87	corrupted...)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	88	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	89	raise NotImplementedError()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	90
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	91
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	92	class AbstractAuthenticationManager(component.Component):
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	93	"""authenticate user associated to a request and check session validity"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	94	id = 'authmanager'
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	95
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	96	def authenticate(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	97	"""authenticate user and return corresponding user object
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	98
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	99	:raise ExplicitLogin: if authentication is required (no authentication
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	100	info found or wrong user/password)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	101	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	102	raise NotImplementedError()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	103
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	104
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	105	class CookieSessionHandler(object):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	106	"""a session handler using a cookie to store the session identifier
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	107
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	108	:cvar SESSION_VAR:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	109	string giving the name of the variable used to store the session
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	110	identifier
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	111	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	112	SESSION_VAR = '__session'
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	113
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	114	def __init__(self, appli):
2706 09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	115	self.vreg = appli.vreg
09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	116	self.session_manager = self.vreg['components'].select('sessionmanager')
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	117	global SESSION_MANAGER
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	118	SESSION_MANAGER = self.session_manager
2706 09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	119	if not 'last_login_time' in self.vreg.schema:
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	120	self._update_last_login_time = lambda x: None
2706 09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	121	CW_EVENT_MANAGER.bind('after-registry-reload', self.reset_session_manager)
09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	122
09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	123	def reset_session_manager(self):
09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	124	data = self.session_manager.dump_data()
09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	125	self.session_manager = self.vreg['components'].select('sessionmanager')
09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	126	self.session_manager.restore_data(data)
09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	127	global SESSION_MANAGER
09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	128	SESSION_MANAGER = self.session_manager
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	129
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	130	def clean_sessions(self):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	131	"""cleanup sessions which has not been unused since a given amount of
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	132	time
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	133	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	134	self.session_manager.clean_sessions()
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	135
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	136	def set_session(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	137	"""associate a session to the request
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	138
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	139	Session id is searched from :
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	140	- # form variable
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	141	- cookie
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	142
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	143	if no session id is found, open a new session for the connected user
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	144	or request authentification as needed
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	145
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	146	:raise Redirect: if authentication has occured and succeed
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	147	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	148	assert req.cnx is None # at this point no cnx should be set on the request
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	149	cookie = req.get_cookie()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	150	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	151	sessionid = str(cookie[self.SESSION_VAR].value)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	152	except KeyError: # no session cookie
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	153	session = self.open_session(req)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	154	else:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	155	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	156	session = self.get_session(req, sessionid)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	157	except InvalidSession:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	158	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	159	session = self.open_session(req)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	160	except ExplicitLogin:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	161	req.remove_cookie(cookie, self.SESSION_VAR)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	162	raise
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	163	# remember last usage time for web session tracking
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	164	session.last_usage_time = time()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	165
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	166	def get_session(self, req, sessionid):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	167	return self.session_manager.get_session(req, sessionid)
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	168
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	169	def open_session(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	170	session = self.session_manager.open_session(req)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	171	cookie = req.get_cookie()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	172	cookie[self.SESSION_VAR] = session.sessionid
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	173	req.set_cookie(cookie, self.SESSION_VAR, maxage=None)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	174	# remember last usage time for web session tracking
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	175	session.last_usage_time = time()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	176	if not session.anonymous_connection:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	177	self._postlogin(req)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	178	return session
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	179
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	180	def _update_last_login_time(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	181	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	182	req.execute('SET X last_login_time NOW WHERE X eid %(x)s',
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	183	{'x' : req.user.eid}, 'x')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	184	req.cnx.commit()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	185	except (RepositoryError, Unauthorized):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	186	# ldap user are not writeable for instance
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	187	req.cnx.rollback()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	188	except:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	189	req.cnx.rollback()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	190	raise
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	191
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	192	def _postlogin(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	193	"""postlogin: the user has been authenticated, redirect to the original
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	194	page (index by default) with a welcome message
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	195	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	196	# Update last connection date
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	197	# XXX: this should be in a post login hook in the repository, but there
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	198	# we can't differentiate actual login of automatic session
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	199	# reopening. Is it actually a problem?
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	200	self._update_last_login_time(req)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	201	args = req.form
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	202	args['__message'] = req._('welcome %s !') % req.user.login
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	203	if 'vid' in req.form:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	204	args['vid'] = req.form['vid']
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	205	if 'rql' in req.form:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	206	args['rql'] = req.form['rql']
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	207	path = req.relative_path(False)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	208	if path == 'login':
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	209	path = 'view'
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	210	raise Redirect(req.build_url(path, **args))
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	211
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	212	def logout(self, req):
2476 1294a6bdf3bf application -> instance where it makes sense Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2293 diff changeset	213	"""logout from the instance by cleaning the session and raising
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	214	`AuthenticationError`
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	215	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	216	self.session_manager.close_session(req.cnx)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	217	req.remove_cookie(req.get_cookie(), self.SESSION_VAR)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	218	raise AuthenticationError()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	219
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	220
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	221	class CubicWebPublisher(object):
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	222	"""the publisher is a singleton hold by the web frontend, and is responsible
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	223	to publish HTTP request.
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	224	"""
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	225
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	226	def __init__(self, config, debug=None,
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	227	session_handler_fact=CookieSessionHandler,
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	228	vreg=None):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	229	super(CubicWebPublisher, self).__init__()
2476 1294a6bdf3bf application -> instance where it makes sense Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2293 diff changeset	230	# connect to the repository and get instance's schema
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	231	if vreg is None:
2666 c6c832d32936 [webapp] missing renaming Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2650 diff changeset	232	vreg = cwvreg.CubicWebVRegistry(config, debug=debug)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	233	self.vreg = vreg
2476 1294a6bdf3bf application -> instance where it makes sense Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2293 diff changeset	234	self.info('starting web instance from %s', config.apphome)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	235	self.repo = config.repository(vreg)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	236	if not vreg.initialized:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	237	self.config.init_cubes(self.repo.get_cubes())
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	238	vreg.init_properties(self.repo.properties())
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	239	vreg.set_schema(self.repo.get_schema())
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	240	# set the correct publish method
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	241	if config['query-log-file']:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	242	from threading import Lock
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	243	self._query_log = open(config['query-log-file'], 'a')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	244	self.publish = self.log_publish
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	245	self._logfile_lock = Lock()
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	246	else:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	247	self._query_log = None
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	248	self.publish = self.main_publish
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	249	# instantiate session and url resolving helpers
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	250	self.session_handler = session_handler_fact(self)
2685 0518ca8f63e3 [autoreload] recompute urlresolver / urlrewriter after autoreload Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 2666 diff changeset	251	self.set_urlresolver()
2705 30bcdbd92820 [events] renamed source-reload into registry-reload to avoid potential confusions with datasources Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 2685 diff changeset	252	CW_EVENT_MANAGER.bind('after-registry-reload', self.set_urlresolver)
2685 0518ca8f63e3 [autoreload] recompute urlresolver / urlrewriter after autoreload Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 2666 diff changeset	253
0518ca8f63e3 [autoreload] recompute urlresolver / urlrewriter after autoreload Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 2666 diff changeset	254	def set_urlresolver(self):
0518ca8f63e3 [autoreload] recompute urlresolver / urlrewriter after autoreload Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 2666 diff changeset	255	self.url_resolver = self.vreg['components'].select('urlpublisher')
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	256
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	257	def connect(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	258	"""return a connection for a logged user object according to existing
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	259	sessions (i.e. a new connection may be created or an already existing
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	260	one may be reused
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	261	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	262	self.session_handler.set_session(req)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	263
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	264	# publish methods #########################################################
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	265
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	266	def log_publish(self, path, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	267	"""wrapper around _publish to log all queries executed for a given
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	268	accessed path
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	269	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	270	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	271	return self.main_publish(path, req)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	272	finally:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	273	cnx = req.cnx
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	274	self._logfile_lock.acquire()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	275	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	276	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	277	result = ['\n'+''80]
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	278	result.append(req.url())
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	279	result += ['%s %s -- (%.3f sec, %.3f CPU sec)' % q for q in cnx.executed_queries]
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	280	cnx.executed_queries = []
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	281	self._query_log.write('\n'.join(result).encode(req.encoding))
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	282	self._query_log.flush()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	283	except Exception:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	284	self.exception('error while logging queries')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	285	finally:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	286	self._logfile_lock.release()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	287
2613 5e19c2bb370e R [all] logilab.common 0.44 provides only deprecated Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 2476 diff changeset	288	@deprecated("use vreg.select('controllers', ...)")
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	289	def select_controller(self, oid, req):
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	290	try:
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	291	return self.vreg['controllers'].select(oid, req=req, appli=self)
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	292	except NoSelectableObject:
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	293	raise Unauthorized(req._('not authorized'))
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	294
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	295	def main_publish(self, path, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	296	"""method called by the main publisher to process <path>
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	297
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	298	should return a string containing the resulting page or raise a
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	299	`NotFound` exception
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	300
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	301	:type path: str
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	302	:param path: the path part of the url to publish
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	303
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	304	:type req: `web.Request`
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	305	:param req: the request object
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	306
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	307	:rtype: str
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	308	:return: the result of the pusblished url
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	309	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	310	path = path or 'view'
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	311	# don't log form values they may contains sensitive information
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	312	self.info('publish "%s" (form params: %s)', path, req.form.keys())
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	313	# remove user callbacks on a new request (except for json controllers
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	314	# to avoid callbacks being unregistered before they could be called)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	315	tstart = clock()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	316	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	317	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	318	ctrlid, rset = self.url_resolver.process(req, path)
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	319	try:
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	320	controller = self.vreg['controllers'].select(ctrlid, req,
18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	321	appli=self)
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	322	except NoSelectableObject:
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	323	raise Unauthorized(req._('not authorized'))
581 09f87f2c535e update_search_state in the publisher since it should be done whatever the controller sylvain.thenault@logilab.fr parents: 168 diff changeset	324	req.update_search_state()
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	325	result = controller.publish(rset=rset)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	326	if req.cnx is not None:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	327	# req.cnx is None if anonymous aren't allowed and we are
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	328	# displaying the cookie authentication form
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	329	req.cnx.commit()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	330	except (StatusResponse, DirectResponse):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	331	req.cnx.commit()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	332	raise
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	333	except Redirect:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	334	# redirect is raised by edit controller when everything went fine,
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	335	# so try to commit
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	336	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	337	req.cnx.commit()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	338	except ValidationError, ex:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	339	self.validation_error_handler(req, ex)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	340	except Unauthorized, ex:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	341	req.data['errmsg'] = req._('You\'re not authorized to access this page. '
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	342	'If you think you should, please contact the site administrator.')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	343	self.error_handler(req, ex, tb=False)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	344	except Exception, ex:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	345	self.error_handler(req, ex, tb=True)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	346	else:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	347	# delete validation errors which may have been previously set
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	348	if '__errorurl' in req.form:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	349	req.del_session_data(req.form['__errorurl'])
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	350	raise
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	351	except (AuthenticationError, NotFound, RemoteCallFailed):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	352	raise
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	353	except ValidationError, ex:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	354	self.validation_error_handler(req, ex)
2272 f27a3a75be0d no tb for RequestError Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2263 diff changeset	355	except (Unauthorized, BadRQLQuery, RequestError), ex:
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	356	self.error_handler(req, ex, tb=False)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	357	except Exception, ex:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	358	self.error_handler(req, ex, tb=True)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	359	finally:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	360	if req.cnx is not None:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	361	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	362	req.cnx.rollback()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	363	except:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	364	pass # ignore rollback error at this point
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	365	self.info('query %s executed in %s sec', req.relative_path(), clock() - tstart)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	366	return result
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	367
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	368	def validation_error_handler(self, req, ex):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	369	ex.errors = dict((k, v) for k, v in ex.errors.items())
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	370	if '__errorurl' in req.form:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	371	forminfo = {'errors': ex,
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	372	'values': req.form,
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	373	'eidmap': req.data.get('eidmap', {})
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	374	}
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	375	req.set_session_data(req.form['__errorurl'], forminfo)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	376	raise Redirect(req.form['__errorurl'])
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	377	self.error_handler(req, ex, tb=False)
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	378
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	379	def error_handler(self, req, ex, tb=False):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	380	excinfo = sys.exc_info()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	381	self.exception(repr(ex))
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	382	req.set_header('Cache-Control', 'no-cache')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	383	req.remove_header('Etag')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	384	req.message = None
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	385	req.reset_headers()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	386	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	387	req.data['ex'] = ex
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	388	if tb:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	389	req.data['excinfo'] = excinfo
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	390	req.form['vid'] = 'error'
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	391	errview = self.vreg['views'].select('error', req)
882 75488a2a875e fix ui.main-template property handling sylvain.thenault@logilab.fr parents: 871 diff changeset	392	template = self.main_template_id(req)
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	393	content = self.vreg['views'].main_template(req, template, view=errview)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	394	except:
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	395	content = self.vreg['views'].main_template(req, 'error-template')
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	396	raise StatusResponse(500, content)
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	397
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	398	def need_login_content(self, req):
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	399	return self.vreg['views'].main_template(req, 'login')
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	400
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	401	def loggedout_content(self, req):
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	402	return self.vreg['views'].main_template(req, 'loggedout')
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	403
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	404	def notfound_content(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	405	req.form['vid'] = '404'
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	406	view = self.vreg['views'].select('404', req)
882 75488a2a875e fix ui.main-template property handling sylvain.thenault@logilab.fr parents: 871 diff changeset	407	template = self.main_template_id(req)
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	408	return self.vreg['views'].main_template(req, template, view=view)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	409
882 75488a2a875e fix ui.main-template property handling sylvain.thenault@logilab.fr parents: 871 diff changeset	410	def main_template_id(self, req):
2263 1f59cd5b710f accept a __template parameter that specifies a different (main) template Aurelien Campeas <aurelien.campeas@logilab.fr> parents: 1977 diff changeset	411	template = req.form.get('__template', req.property_value('ui.main-template'))
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	412	if template not in self.vreg['views']:
882 75488a2a875e fix ui.main-template property handling sylvain.thenault@logilab.fr parents: 871 diff changeset	413	template = 'main-template'
75488a2a875e fix ui.main-template property handling sylvain.thenault@logilab.fr parents: 871 diff changeset	414	return template
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	415
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	416
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	417	set_log_methods(CubicWebPublisher, LOGGER)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	418	set_log_methods(CookieSessionHandler, LOGGER)

author	Sylvain Thénault <sylvain.thenault@logilab.fr>
	Tue, 22 Sep 2009 10:04:45 +0200
branch	stable
changeset 3363	d3736311d0c4
parent 2849	297a4b5c6ce4
child 2867	e8581a4f1bae
child 4212	ab6573088b4a
permissions	-rw-r--r--