cubicweb: web/application.py@f79ce7b39ee9 (annotated)

9428 946aded614f3 [web error] exception may not have a 'status' attribute, generating an AttributeError that hides the original error. Closes #3381670 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 9355 diff changeset	1	# copyright 2003-2014 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
5421 8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	2	# contact http://www.logilab.fr/ -- mailto:contact@logilab.fr
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	3	#
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	4	# This file is part of CubicWeb.
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	5	#
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	6	# CubicWeb is free software: you can redistribute it and/or modify it under the
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	7	# terms of the GNU Lesser General Public License as published by the Free
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	8	# Software Foundation, either version 2.1 of the License, or (at your option)
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	9	# any later version.
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	10	#
5424 8ecbcbff9777 replace logilab-common by CubicWeb in disclaimer Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5421 diff changeset	11	# CubicWeb is distributed in the hope that it will be useful, but WITHOUT
5421 8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	12	# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	13	# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	14	# details.
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	15	#
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	16	# You should have received a copy of the GNU Lesser General Public License along
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5377 diff changeset	17	# with CubicWeb. If not, see <http://www.gnu.org/licenses/>.
5722 61d6a4caa963 [iprogress] move adapter to entities.adapters Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5655 diff changeset	18	"""CubicWeb web client application object"""
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	19
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	20	__docformat__ = "restructuredtext en"
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	21
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	22	import sys
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	23	from time import clock, time
7876 df15d194a134 [views] implement json / jsonp export views (closes #1942658) Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 7855 diff changeset	24	from contextlib import contextmanager
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	25	from warnings import warn
9728 f79ce7b39ee9 [web/ajax] Always return a json dict with a 'reason' key in case of ajax errors Julien Cristau <julien.cristau@logilab.fr> parents: 9727 diff changeset	26	import json
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	27
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	28	import httplib
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	29
2613 5e19c2bb370e R [all] logilab.common 0.44 provides only deprecated Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 2476 diff changeset	30	from logilab.common.deprecation import deprecated
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	31
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	32	from rql import BadRQLQuery
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	33
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	34	from cubicweb import set_log_methods, cwvreg
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	35	from cubicweb import (
8602 d066ba3bb07d [web] add a Forbidden exception David Douard <david.douard@logilab.fr> parents: 8470 diff changeset	36	ValidationError, Unauthorized, Forbidden,
d066ba3bb07d [web] add a Forbidden exception David Douard <david.douard@logilab.fr> parents: 8470 diff changeset	37	AuthenticationError, NoSelectableObject,
6791 fe58b234f9c2 [web session] refactor to finally closes #343036: allow _postlogin behaviour overloading Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6680 diff changeset	38	BadConnectionId, CW_EVENT_MANAGER)
9071 46885bfa4150 Use new repoapi for the web stack Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9066 diff changeset	39	from cubicweb.repoapi import anonymous_cnx
9571 aaf83cc07eed [web] implement cross origin resource sharing (CORS) (closes #2491768) Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 9478 diff changeset	40	from cubicweb.web import LOGGER, component, cors
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	41	from cubicweb.web import (
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	42	StatusResponse, DirectResponse, Redirect, NotFound, LogOut,
9428 946aded614f3 [web error] exception may not have a 'status' attribute, generating an AttributeError that hides the original error. Closes #3381670 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 9355 diff changeset	43	RemoteCallFailed, InvalidSession, RequestError, PublishException)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	44
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	45	from cubicweb.web.request import CubicWebRequestBase
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	46
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	47	# make session manager available through a global variable so the debug view can
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	48	# print information about web session
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	49	SESSION_MANAGER = None
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	50
7876 df15d194a134 [views] implement json / jsonp export views (closes #1942658) Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 7855 diff changeset	51
df15d194a134 [views] implement json / jsonp export views (closes #1942658) Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 7855 diff changeset	52	@contextmanager
df15d194a134 [views] implement json / jsonp export views (closes #1942658) Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 7855 diff changeset	53	def anonymized_request(req):
9071 46885bfa4150 Use new repoapi for the web stack Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9066 diff changeset	54	orig_cnx = req.cnx
46885bfa4150 Use new repoapi for the web stack Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9066 diff changeset	55	anon_clt_cnx = anonymous_cnx(orig_cnx._session.repo)
46885bfa4150 Use new repoapi for the web stack Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9066 diff changeset	56	req.set_cnx(anon_clt_cnx)
7876 df15d194a134 [views] implement json / jsonp export views (closes #1942658) Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 7855 diff changeset	57	try:
9071 46885bfa4150 Use new repoapi for the web stack Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9066 diff changeset	58	with anon_clt_cnx:
46885bfa4150 Use new repoapi for the web stack Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9066 diff changeset	59	yield req
7876 df15d194a134 [views] implement json / jsonp export views (closes #1942658) Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 7855 diff changeset	60	finally:
9071 46885bfa4150 Use new repoapi for the web stack Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9066 diff changeset	61	req.set_cnx(orig_cnx)
7876 df15d194a134 [views] implement json / jsonp export views (closes #1942658) Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 7855 diff changeset	62
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	63	class AbstractSessionManager(component.Component):
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	64	"""manage session data associated to a session identifier"""
3408 c92170fca813 [api] use __regid__ instead of deprecated id Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 2887 diff changeset	65	__regid__ = 'sessionmanager'
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	66
9032 629a8d49d6f5 [auth] pass `repo` instead of `vreg` to SessionManager and AuthenticationManager Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9031 diff changeset	67	def __init__(self, repo):
629a8d49d6f5 [auth] pass `repo` instead of `vreg` to SessionManager and AuthenticationManager Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9031 diff changeset	68	vreg = repo.vreg
2887 1282dc6525c5 give vreg where we need it (eg no bound request) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2867 diff changeset	69	self.session_time = vreg.config['http-session-time'] or None
9032 629a8d49d6f5 [auth] pass `repo` instead of `vreg` to SessionManager and AuthenticationManager Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9031 diff changeset	70	self.authmanager = vreg['components'].select('authmanager', repo=repo)
6012 d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	71	interval = (self.session_time or 0) / 2.
9355 19ab31ea6ffb Fix use of vreg.config.anonymous_user() Julien Cristau <julien.cristau@logilab.fr> parents: 9228 diff changeset	72	if vreg.config.anonymous_user()[0] is not None:
6012 d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	73	self.cleanup_anon_session_time = vreg.config['cleanup-anonymous-session-time'] or 5 * 60
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	74	assert self.cleanup_anon_session_time > 0
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	75	if self.session_time is not None:
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	76	self.cleanup_anon_session_time = min(self.session_time,
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	77	self.cleanup_anon_session_time)
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	78	interval = self.cleanup_anon_session_time / 2.
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	79	# we don't want to check session more than once every 5 minutes
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	80	self.clean_sessions_interval = max(5 * 60, interval)
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	81
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	82	def clean_sessions(self):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	83	"""cleanup sessions which has not been unused since a given amount of
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	84	time. Return the number of sessions which have been closed.
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	85	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	86	self.debug('cleaning http sessions')
6012 d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	87	session_time = self.session_time
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	88	closed, total = 0, 0
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	89	for session in self.current_sessions():
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	90	total += 1
6012 d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	91	try:
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	92	last_usage_time = session.cnx.check()
7589 d3459fe041f0 [web session] fix bad cleanup of session without a connection set. Closes #1772125 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7428 diff changeset	93	except AttributeError:
d3459fe041f0 [web session] fix bad cleanup of session without a connection set. Closes #1772125 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7428 diff changeset	94	last_usage_time = session.mtime
6012 d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	95	except BadConnectionId:
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	96	self.close_session(session)
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	97	closed += 1
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	98	else:
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	99	no_use_time = (time() - last_usage_time)
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	100	if session.anonymous_session:
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	101	if no_use_time >= self.cleanup_anon_session_time:
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	102	self.close_session(session)
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	103	closed += 1
d56fd78006cd [session] cleanup session-time / cleanup-session-time... Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5868 diff changeset	104	elif session_time is not None and no_use_time >= session_time:
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	105	self.close_session(session)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	106	closed += 1
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	107	return closed, total - closed
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	108
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	109	def current_sessions(self):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	110	"""return currently open sessions"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	111	raise NotImplementedError()
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	112
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	113	def get_session(self, req, sessionid):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	114	"""return existing session for the given session identifier"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	115	raise NotImplementedError()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	116
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	117	def open_session(self, req):
9019 e08f9c55dab5 [application] call req.set_session in application.main_handle_request Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9018 diff changeset	118	"""open and return a new session for the given request.
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	119
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	120	raise :exc:`cubicweb.AuthenticationError` if authentication failed
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	121	(no authentication info found or wrong user/password)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	122	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	123	raise NotImplementedError()
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	124
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	125	def close_session(self, session):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	126	"""close session on logout or on invalid session detected (expired out,
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	127	corrupted...)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	128	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	129	raise NotImplementedError()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	130
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	131
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	132	class AbstractAuthenticationManager(component.Component):
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	133	"""authenticate user associated to a request and check session validity"""
7990 a673d1d9a738 [diet] drop pre 3.6 API compatibility (but attempt to keep data cmopatibility). Closes #2017916 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7876 diff changeset	134	__regid__ = 'authmanager'
2887 1282dc6525c5 give vreg where we need it (eg no bound request) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2867 diff changeset	135
9032 629a8d49d6f5 [auth] pass `repo` instead of `vreg` to SessionManager and AuthenticationManager Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9031 diff changeset	136	def __init__(self, repo):
629a8d49d6f5 [auth] pass `repo` instead of `vreg` to SessionManager and AuthenticationManager Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9031 diff changeset	137	self.vreg = repo.vreg
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	138
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	139	def validate_session(self, req, session):
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	140	"""check session validity, reconnecting it to the repository if the
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	141	associated connection expired in the repository side (hence the
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	142	necessity for this method).
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	143
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	144	raise :exc:`InvalidSession` if session is corrupted for a reason or
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	145	another and should be closed
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	146	"""
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	147	raise NotImplementedError()
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	148
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	149	def authenticate(self, req):
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	150	"""authenticate user using connection information found in the request,
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	151	and return corresponding a :class:`~cubicweb.dbapi.Connection` instance,
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	152	as well as login and authentication information dictionary used to open
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	153	the connection.
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	154
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	155	raise :exc:`cubicweb.AuthenticationError` if authentication failed
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	156	(no authentication info found or wrong user/password)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	157	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	158	raise NotImplementedError()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	159
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	160
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	161	class CookieSessionHandler(object):
6680 b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	162	"""a session handler using a cookie to store the session identifier"""
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	163
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	164	def __init__(self, appli):
9032 629a8d49d6f5 [auth] pass `repo` instead of `vreg` to SessionManager and AuthenticationManager Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9031 diff changeset	165	self.repo = appli.repo
2706 09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	166	self.vreg = appli.vreg
2887 1282dc6525c5 give vreg where we need it (eg no bound request) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2867 diff changeset	167	self.session_manager = self.vreg['components'].select('sessionmanager',
9032 629a8d49d6f5 [auth] pass `repo` instead of `vreg` to SessionManager and AuthenticationManager Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9031 diff changeset	168	repo=self.repo)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	169	global SESSION_MANAGER
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	170	SESSION_MANAGER = self.session_manager
5000 f1a10b41417a [test] don't try to reset session manager during test, Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4914 diff changeset	171	if self.vreg.config.mode != 'test':
f1a10b41417a [test] don't try to reset session manager during test, Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4914 diff changeset	172	# don't try to reset session manager during test, this leads to
f1a10b41417a [test] don't try to reset session manager during test, Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4914 diff changeset	173	# weird failures when running multiple tests
f1a10b41417a [test] don't try to reset session manager during test, Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4914 diff changeset	174	CW_EVENT_MANAGER.bind('after-registry-reload',
f1a10b41417a [test] don't try to reset session manager during test, Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4914 diff changeset	175	self.reset_session_manager)
2706 09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	176
09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	177	def reset_session_manager(self):
09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	178	data = self.session_manager.dump_data()
2887 1282dc6525c5 give vreg where we need it (eg no bound request) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2867 diff changeset	179	self.session_manager = self.vreg['components'].select('sessionmanager',
9032 629a8d49d6f5 [auth] pass `repo` instead of `vreg` to SessionManager and AuthenticationManager Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9031 diff changeset	180	repo=self.repo)
2706 09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	181	self.session_manager.restore_data(data)
09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	182	global SESSION_MANAGER
09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2705 diff changeset	183	SESSION_MANAGER = self.session_manager
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	184
5325 f1c660e1169e [web] consistent cleanup session interval time Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5283 diff changeset	185	@property
f1c660e1169e [web] consistent cleanup session interval time Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5283 diff changeset	186	def clean_sessions_interval(self):
f1c660e1169e [web] consistent cleanup session interval time Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5283 diff changeset	187	return self.session_manager.clean_sessions_interval
f1c660e1169e [web] consistent cleanup session interval time Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5283 diff changeset	188
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	189	def clean_sessions(self):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	190	"""cleanup sessions which has not been unused since a given amount of
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	191	time
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	192	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	193	self.session_manager.clean_sessions()
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	194
6680 b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	195	def session_cookie(self, req):
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	196	"""return a string giving the name of the cookie used to store the
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	197	session identifier.
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	198	"""
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	199	if req.https:
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	200	return '__%s_https_session' % self.vreg.config.appid
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	201	return '__%s_session' % self.vreg.config.appid
b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	202
9019 e08f9c55dab5 [application] call req.set_session in application.main_handle_request Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9018 diff changeset	203	def get_session(self, req):
e08f9c55dab5 [application] call req.set_session in application.main_handle_request Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9018 diff changeset	204	"""Return a session object corresponding to credentials held by the req
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	205
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	206	Session id is searched from :
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	207	- # form variable
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	208	- cookie
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	209
9019 e08f9c55dab5 [application] call req.set_session in application.main_handle_request Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9018 diff changeset	210	If no session id is found, try opening a new session with credentials
e08f9c55dab5 [application] call req.set_session in application.main_handle_request Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9018 diff changeset	211	found in the request.
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	212
9019 e08f9c55dab5 [application] call req.set_session in application.main_handle_request Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9018 diff changeset	213	Raises AuthenticationError if no session can be found or created.
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	214	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	215	cookie = req.get_cookie()
6680 b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	216	sessioncookie = self.session_cookie(req)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	217	try:
6680 b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	218	sessionid = str(cookie[sessioncookie].value)
9019 e08f9c55dab5 [application] call req.set_session in application.main_handle_request Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9018 diff changeset	219	session = self.get_session_by_id(req, sessionid)
9017 aa709bc6b6c1 [application/connect] simplify connection logic Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8997 diff changeset	220	except (KeyError, InvalidSession): # no valid session cookie
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	221	session = self.open_session(req)
9019 e08f9c55dab5 [application] call req.set_session in application.main_handle_request Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9018 diff changeset	222	return session
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	223
9019 e08f9c55dab5 [application] call req.set_session in application.main_handle_request Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9018 diff changeset	224	def get_session_by_id(self, req, sessionid):
7589 d3459fe041f0 [web session] fix bad cleanup of session without a connection set. Closes #1772125 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7428 diff changeset	225	session = self.session_manager.get_session(req, sessionid)
d3459fe041f0 [web session] fix bad cleanup of session without a connection set. Closes #1772125 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7428 diff changeset	226	session.mtime = time()
d3459fe041f0 [web session] fix bad cleanup of session without a connection set. Closes #1772125 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7428 diff changeset	227	return session
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	228
9017 aa709bc6b6c1 [application/connect] simplify connection logic Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8997 diff changeset	229	def open_session(self, req):
aa709bc6b6c1 [application/connect] simplify connection logic Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8997 diff changeset	230	session = self.session_manager.open_session(req)
6680 b62ebf1d9388 [web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 6582 diff changeset	231	sessioncookie = self.session_cookie(req)
7855 54283a5b7afc [web request] fix cookie 'expires' formating (closes #1953945) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7815 diff changeset	232	secure = req.https and req.base_url().startswith('https://')
54283a5b7afc [web request] fix cookie 'expires' formating (closes #1953945) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7815 diff changeset	233	req.set_cookie(sessioncookie, session.sessionid,
54283a5b7afc [web request] fix cookie 'expires' formating (closes #1953945) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7815 diff changeset	234	maxage=None, secure=secure)
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	235	if not session.anonymous_session:
9018 9deb024a96c0 [session-handler] use session directly to update last usage Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9017 diff changeset	236	self.session_manager.postlogin(req, session)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	237	return session
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	238
4911 898c35be5873 #750055: make it easier to change post logout url Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4709 diff changeset	239	def logout(self, req, goto_url):
2476 1294a6bdf3bf application -> instance where it makes sense Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2293 diff changeset	240	"""logout from the instance by cleaning the session and raising
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	241	`AuthenticationError`
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	242	"""
5494 f3bb53f1737c [web session] fix potential key error on logout (occurs once the session has been transparently reconnected, hence session.sessionid and session.cnx.sessionid differs) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5426 diff changeset	243	self.session_manager.close_session(req.session)
7855 54283a5b7afc [web request] fix cookie 'expires' formating (closes #1953945) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7815 diff changeset	244	req.remove_cookie(self.session_cookie(req))
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	245	raise LogOut(url=goto_url)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	246
7083 b8e35cde46e9 help pylint by explicitely defining some attributes Alexandre Fayolle <alexandre.fayolle@logilab.fr> parents: 6791 diff changeset	247	# these are overridden by set_log_methods below
b8e35cde46e9 help pylint by explicitely defining some attributes Alexandre Fayolle <alexandre.fayolle@logilab.fr> parents: 6791 diff changeset	248	# only defining here to prevent pylint from complaining
b8e35cde46e9 help pylint by explicitely defining some attributes Alexandre Fayolle <alexandre.fayolle@logilab.fr> parents: 6791 diff changeset	249	info = warning = error = critical = exception = debug = lambda msg,a,*kw: None
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	250
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	251	class CubicWebPublisher(object):
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	252	"""the publisher is a singleton hold by the web frontend, and is responsible
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	253	to publish HTTP request.
8997 525915f8bc1c [web/application] add some minimal documentation Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8753 diff changeset	254
525915f8bc1c [web/application] add some minimal documentation Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8753 diff changeset	255	The http server will call its main entry point ``application.handle_request``.
525915f8bc1c [web/application] add some minimal documentation Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8753 diff changeset	256
525915f8bc1c [web/application] add some minimal documentation Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8753 diff changeset	257	.. automethod:: cubicweb.web.application.CubicWebPublisher.main_handle_request
9031 6ff29f2879da web/application: instantiate the repository outside of CubicWebPublisher Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9030 diff changeset	258
6ff29f2879da web/application: instantiate the repository outside of CubicWebPublisher Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9030 diff changeset	259	You have to provide both a repository and web-server config at
6ff29f2879da web/application: instantiate the repository outside of CubicWebPublisher Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9030 diff changeset	260	initialization. In all in one instance both config will be the same.
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	261	"""
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	262
9031 6ff29f2879da web/application: instantiate the repository outside of CubicWebPublisher Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9030 diff changeset	263	def __init__(self, repo, config, session_handler_fact=CookieSessionHandler):
4484 d87989d91635 fix duplicated vregistry initialization during tests Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4212 diff changeset	264	self.info('starting web instance from %s', config.apphome)
9031 6ff29f2879da web/application: instantiate the repository outside of CubicWebPublisher Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9030 diff changeset	265	self.repo = repo
6ff29f2879da web/application: instantiate the repository outside of CubicWebPublisher Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9030 diff changeset	266	self.vreg = repo.vreg
6ff29f2879da web/application: instantiate the repository outside of CubicWebPublisher Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9030 diff changeset	267	# get instance's schema
6ff29f2879da web/application: instantiate the repository outside of CubicWebPublisher Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9030 diff changeset	268	if not self.vreg.initialized:
5650 86e874fe30ea [web] cleanup use of config in web application initialisation Julien Jehannet <julien.jehannet@logilab.fr> parents: 5587 diff changeset	269	config.init_cubes(self.repo.get_cubes())
9031 6ff29f2879da web/application: instantiate the repository outside of CubicWebPublisher Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9030 diff changeset	270	self.vreg.init_properties(self.repo.properties())
6ff29f2879da web/application: instantiate the repository outside of CubicWebPublisher Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9030 diff changeset	271	self.vreg.set_schema(self.repo.get_schema())
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	272	# set the correct publish method
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	273	if config['query-log-file']:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	274	from threading import Lock
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	275	self._query_log = open(config['query-log-file'], 'a')
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	276	self.handle_request = self.log_handle_request
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	277	self._logfile_lock = Lock()
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	278	else:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	279	self._query_log = None
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	280	self.handle_request = self.main_handle_request
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	281	# instantiate session and url resolving helpers
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	282	self.session_handler = session_handler_fact(self)
2685 0518ca8f63e3 [autoreload] recompute urlresolver / urlrewriter after autoreload Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 2666 diff changeset	283	self.set_urlresolver()
2705 30bcdbd92820 [events] renamed source-reload into registry-reload to avoid potential confusions with datasources Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 2685 diff changeset	284	CW_EVENT_MANAGER.bind('after-registry-reload', self.set_urlresolver)
2685 0518ca8f63e3 [autoreload] recompute urlresolver / urlrewriter after autoreload Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 2666 diff changeset	285
0518ca8f63e3 [autoreload] recompute urlresolver / urlrewriter after autoreload Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 2666 diff changeset	286	def set_urlresolver(self):
2887 1282dc6525c5 give vreg where we need it (eg no bound request) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2867 diff changeset	287	self.url_resolver = self.vreg['components'].select('urlpublisher',
1282dc6525c5 give vreg where we need it (eg no bound request) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2867 diff changeset	288	vreg=self.vreg)
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	289
9019 e08f9c55dab5 [application] call req.set_session in application.main_handle_request Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9018 diff changeset	290	def get_session(self, req):
e08f9c55dab5 [application] call req.set_session in application.main_handle_request Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9018 diff changeset	291	"""Return a session object corresponding to credentials held by the req
e08f9c55dab5 [application] call req.set_session in application.main_handle_request Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9018 diff changeset	292
e08f9c55dab5 [application] call req.set_session in application.main_handle_request Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9018 diff changeset	293	May raise AuthenticationError.
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	294	"""
9019 e08f9c55dab5 [application] call req.set_session in application.main_handle_request Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9018 diff changeset	295	return self.session_handler.get_session(req)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	296
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	297	# publish methods #########################################################
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	298
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	299	def log_handle_request(self, req, path):
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	300	"""wrapper around _publish to log all queries executed for a given
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	301	accessed path
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	302	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	303	try:
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	304	return self.main_handle_request(req, path)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	305	finally:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	306	cnx = req.cnx
5244 5467674ad101 [web] put a fake object that raise Unauthorized on any attribute access as req.cnx and req._user, so we are properly asked to authenticated on any view that tries to do something with one of those attributes (instead of doing defensive programming everywhere we're doing that) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5223 diff changeset	307	if cnx:
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	308	with self._logfile_lock:
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	309	try:
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	310	result = ['\n'+''80]
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	311	result.append(req.url())
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	312	result += ['%s %s -- (%.3f sec, %.3f CPU sec)' % q
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	313	for q in cnx.executed_queries]
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	314	cnx.executed_queries = []
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	315	self._query_log.write('\n'.join(result).encode(req.encoding))
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	316	self._query_log.flush()
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	317	except Exception:
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	318	self.exception('error while logging queries')
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	319
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	320
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	321
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	322	def main_handle_request(self, req, path):
9175 a7412e884d7b fix typos in docstring, doc and comments Julien Cristau <julien.cristau@logilab.fr> parents: 8997 diff changeset	323	"""Process an http request
8997 525915f8bc1c [web/application] add some minimal documentation Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8753 diff changeset	324
525915f8bc1c [web/application] add some minimal documentation Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8753 diff changeset	325	Arguments are:
525915f8bc1c [web/application] add some minimal documentation Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8753 diff changeset	326	- a Request object
525915f8bc1c [web/application] add some minimal documentation Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8753 diff changeset	327	- path of the request object
525915f8bc1c [web/application] add some minimal documentation Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8753 diff changeset	328
9175 a7412e884d7b fix typos in docstring, doc and comments Julien Cristau <julien.cristau@logilab.fr> parents: 8997 diff changeset	329	It returns the content of the http response. HTTP header and status are
a7412e884d7b fix typos in docstring, doc and comments Julien Cristau <julien.cristau@logilab.fr> parents: 8997 diff changeset	330	set on the Request object.
8997 525915f8bc1c [web/application] add some minimal documentation Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8753 diff changeset	331	"""
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	332	if not isinstance(req, CubicWebRequestBase):
9175 a7412e884d7b fix typos in docstring, doc and comments Julien Cristau <julien.cristau@logilab.fr> parents: 8997 diff changeset	333	warn('[3.15] Application entry point arguments are now (req, path) '
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	334	'not (path, req)', DeprecationWarning, 2)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	335	req, path = path, req
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	336	if req.authmode == 'http':
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	337	# activate realm-based auth
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	338	realm = self.vreg.config['realm']
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	339	req.set_header('WWW-Authenticate', [('Basic', {'realm' : realm })], raw=False)
8443 86fc11fb6f99 [web/application] declare default 'content' value sooner (closes #2406560) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8390 diff changeset	340	content = ''
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	341	try:
9017 aa709bc6b6c1 [application/connect] simplify connection logic Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8997 diff changeset	342	try:
9019 e08f9c55dab5 [application] call req.set_session in application.main_handle_request Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9018 diff changeset	343	session = self.get_session(req)
9071 46885bfa4150 Use new repoapi for the web stack Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9066 diff changeset	344	from cubicweb import repoapi
46885bfa4150 Use new repoapi for the web stack Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9066 diff changeset	345	cnx = repoapi.ClientConnection(session)
46885bfa4150 Use new repoapi for the web stack Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9066 diff changeset	346	req.set_cnx(cnx)
9017 aa709bc6b6c1 [application/connect] simplify connection logic Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8997 diff changeset	347	except AuthenticationError:
9040 3c85e734ce00 [webrequest] set DBAPISession without cnx at initialisation time Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9032 diff changeset	348	# Keep the dummy session set at initialisation.
3c85e734ce00 [webrequest] set DBAPISession without cnx at initialisation time Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9032 diff changeset	349	# such session with work to an some extend but raise an
3c85e734ce00 [webrequest] set DBAPISession without cnx at initialisation time Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9032 diff changeset	350	# AuthenticationError on any database access.
9071 46885bfa4150 Use new repoapi for the web stack Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9066 diff changeset	351	import contextlib
46885bfa4150 Use new repoapi for the web stack Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9066 diff changeset	352	@contextlib.contextmanager
46885bfa4150 Use new repoapi for the web stack Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9066 diff changeset	353	def dummy():
46885bfa4150 Use new repoapi for the web stack Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9066 diff changeset	354	yield
46885bfa4150 Use new repoapi for the web stack Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9066 diff changeset	355	cnx = dummy()
9017 aa709bc6b6c1 [application/connect] simplify connection logic Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8997 diff changeset	356	# XXX We want to clean up this approach in the future. But
aa709bc6b6c1 [application/connect] simplify connection logic Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8997 diff changeset	357	# several cubes like registration or forgotten password rely on
aa709bc6b6c1 [application/connect] simplify connection logic Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8997 diff changeset	358	# this principle.
9071 46885bfa4150 Use new repoapi for the web stack Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9066 diff changeset	359
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	360	# DENY https acces for anonymous_user
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	361	if (req.https
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	362	and req.session.anonymous_session
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	363	and self.vreg.config['https-deny-anonymous']):
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	364	# don't allow anonymous on https connection
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	365	raise AuthenticationError()
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	366	# nested try to allow LogOut to delegate logic to AuthenticationError
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	367	# handler
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	368	try:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	369	### Try to generate the actual request content
9071 46885bfa4150 Use new repoapi for the web stack Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9066 diff changeset	370	with cnx:
46885bfa4150 Use new repoapi for the web stack Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 9066 diff changeset	371	content = self.core_handle(req, path)
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	372	# Handle user log-out
8695 358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624) Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 8694 diff changeset	373	except LogOut as ex:
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	374	# When authentification is handled by cookie the code that
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	375	# raised LogOut must has invalidated the cookie. We can just
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	376	# reload the original url without authentification
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	377	if self.vreg.config['auth-mode'] == 'cookie' and ex.url:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	378	req.headers_out.setHeader('location', str(ex.url))
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	379	if ex.status is not None:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	380	req.status_out = httplib.SEE_OTHER
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	381	# When the authentification is handled by http we must
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	382	# explicitly ask for authentification to flush current http
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	383	# authentification information
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	384	else:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	385	# Render "logged out" content.
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	386	# assignement to ``content`` prevent standard
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	387	# AuthenticationError code to overwrite it.
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	388	content = self.loggedout_content(req)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	389	# let the explicitly reset http credential
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	390	raise AuthenticationError()
8695 358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624) Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 8694 diff changeset	391	except Redirect as ex:
8470 a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8466 diff changeset	392	# authentication needs redirection (eg openid)
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8466 diff changeset	393	content = self.redirect_handler(req, ex)
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	394	# Wrong, absent or Reseted credential
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	395	except AuthenticationError:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	396	# If there is an https url configured and
9175 a7412e884d7b fix typos in docstring, doc and comments Julien Cristau <julien.cristau@logilab.fr> parents: 8997 diff changeset	397	# the request does not use https, redirect to login form
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	398	https_url = self.vreg.config['https-url']
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	399	if https_url and req.base_url() != https_url:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	400	req.status_out = httplib.SEE_OTHER
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	401	req.headers_out.setHeader('location', https_url + 'login')
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	402	else:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	403	# We assume here that in http auth mode the user May provide
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	404	# Authentification Credential if asked kindly.
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	405	if self.vreg.config['auth-mode'] == 'http':
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	406	req.status_out = httplib.UNAUTHORIZED
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	407	# In the other case (coky auth) we assume that there is no way
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	408	# for the user to provide them...
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	409	# XXX But WHY ?
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	410	else:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	411	req.status_out = httplib.FORBIDDEN
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	412	# If previous error handling already generated a custom content
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	413	# do not overwrite it. This is used by LogOut Except
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	414	# XXX ensure we don't actually serve content
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	415	if not content:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	416	content = self.need_login_content(req)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	417	return content
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	418
9571 aaf83cc07eed [web] implement cross origin resource sharing (CORS) (closes #2491768) Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 9478 diff changeset	419
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	420	def core_handle(self, req, path):
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	421	"""method called by the main publisher to process <path>
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	422
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	423	should return a string containing the resulting page or raise a
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	424	`NotFound` exception
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	425
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	426	:type path: str
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	427	:param path: the path part of the url to publish
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	428
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	429	:type req: `web.Request`
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	430	:param req: the request object
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	431
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	432	:rtype: str
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	433	:return: the result of the pusblished url
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	434	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	435	# don't log form values they may contains sensitive information
8390 637b934bc742 [app] turn these info into debug logs (this being too chatty for .info) Aurelien Campeas <aurelien.campeas@logilab.fr> parents: 8312 diff changeset	436	self.debug('publish "%s" (%s, form params: %s)',
8696 0bb18407c053 [toward py3k] rewrite dict.keys() and dict.values() (part of #2711624) Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 8695 diff changeset	437	path, req.session.sessionid, list(req.form))
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	438	# remove user callbacks on a new request (except for json controllers
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	439	# to avoid callbacks being unregistered before they could be called)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	440	tstart = clock()
5865 af414723598d [publisher] avoid useless rollback after successful commit, which clutters debug logs and may also not be cost-free Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5721 diff changeset	441	commited = False
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	442	try:
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	443	### standard processing of the request
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	444	try:
9571 aaf83cc07eed [web] implement cross origin resource sharing (CORS) (closes #2491768) Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 9478 diff changeset	445	# apply CORS sanity checks
aaf83cc07eed [web] implement cross origin resource sharing (CORS) (closes #2491768) Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 9478 diff changeset	446	cors.process_request(req, self.vreg.config)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	447	ctrlid, rset = self.url_resolver.process(req, path)
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	448	try:
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	449	controller = self.vreg['controllers'].select(ctrlid, req,
18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	450	appli=self)
2058 7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	451	except NoSelectableObject:
7ef12c03447c nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	452	raise Unauthorized(req._('not authorized'))
581 09f87f2c535e update_search_state in the publisher since it should be done whatever the controller sylvain.thenault@logilab.fr parents: 168 diff changeset	453	req.update_search_state()
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	454	result = controller.publish(rset=rset)
9571 aaf83cc07eed [web] implement cross origin resource sharing (CORS) (closes #2491768) Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 9478 diff changeset	455	except cors.CORSPreflight:
aaf83cc07eed [web] implement cross origin resource sharing (CORS) (closes #2491768) Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 9478 diff changeset	456	# Return directly an empty 200
aaf83cc07eed [web] implement cross origin resource sharing (CORS) (closes #2491768) Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 9478 diff changeset	457	req.status_out = 200
aaf83cc07eed [web] implement cross origin resource sharing (CORS) (closes #2491768) Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 9478 diff changeset	458	result = ''
8695 358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624) Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 8694 diff changeset	459	except StatusResponse as ex:
9228 90b8c7a7e205 [deprecation] add (approximate) version number to deprecation message and set proper stacklevel Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 9175 diff changeset	460	warn('[3.16] StatusResponse is deprecated use req.status_out',
90b8c7a7e205 [deprecation] add (approximate) version number to deprecation message and set proper stacklevel Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 9175 diff changeset	461	DeprecationWarning, stacklevel=2)
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	462	result = ex.content
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	463	req.status_out = ex.status
8695 358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624) Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 8694 diff changeset	464	except Redirect as ex:
8470 a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8466 diff changeset	465	# Redirect may be raised by edit controller when everything went
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8466 diff changeset	466	# fine, so attempt to commit
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8466 diff changeset	467	result = self.redirect_handler(req, ex)
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	468	if req.cnx:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	469	txuuid = req.cnx.commit()
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	470	commited = True
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	471	if txuuid is not None:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	472	req.data['last_undoable_transaction'] = txuuid
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	473	### error case
8695 358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624) Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 8694 diff changeset	474	except NotFound as ex:
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	475	result = self.notfound_content(req)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	476	req.status_out = ex.status
8695 358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624) Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 8694 diff changeset	477	except ValidationError as ex:
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	478	result = self.validation_error_handler(req, ex)
8695 358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624) Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 8694 diff changeset	479	except RemoteCallFailed as ex:
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	480	result = self.ajax_error_handler(req, ex)
8695 358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624) Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 8694 diff changeset	481	except Unauthorized as ex:
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	482	req.data['errmsg'] = req._('You\'re not authorized to access this page. '
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	483	'If you think you should, please contact the site administrator.')
9659 c45073a96aee [web] return 403 for Unauthorized, not 401 Julien Cristau <julien.cristau@logilab.fr> parents: 9582 diff changeset	484	req.status_out = httplib.FORBIDDEN
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	485	result = self.error_handler(req, ex, tb=False)
8695 358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624) Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 8694 diff changeset	486	except Forbidden as ex:
8602 d066ba3bb07d [web] add a Forbidden exception David Douard <david.douard@logilab.fr> parents: 8470 diff changeset	487	req.data['errmsg'] = req._('This action is forbidden. '
d066ba3bb07d [web] add a Forbidden exception David Douard <david.douard@logilab.fr> parents: 8470 diff changeset	488	'If you think it should be allowed, please contact the site administrator.')
d066ba3bb07d [web] add a Forbidden exception David Douard <david.douard@logilab.fr> parents: 8470 diff changeset	489	req.status_out = httplib.FORBIDDEN
d066ba3bb07d [web] add a Forbidden exception David Douard <david.douard@logilab.fr> parents: 8470 diff changeset	490	result = self.error_handler(req, ex, tb=False)
8695 358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624) Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 8694 diff changeset	491	except (BadRQLQuery, RequestError) as ex:
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	492	result = self.error_handler(req, ex, tb=False)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	493	### pass through exception
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	494	except DirectResponse:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	495	if req.cnx:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	496	req.cnx.commit()
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	497	raise
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	498	except (AuthenticationError, LogOut):
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	499	# the rollback is handled in the finally
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	500	raise
8560 fef0b8214fcf [web app] move set of status_out into validation_error_handler to ease readability Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8556 diff changeset	501	### Last defense line
8695 358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624) Nicolas Chauvat <nicolas.chauvat@logilab.fr> parents: 8694 diff changeset	502	except BaseException as ex:
8753 b61a7c6352f2 [web publish] in case of error, ensure proper http status is set and Content-disposition header is reseted. Closes #2553066 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8711 diff changeset	503	req.status_out = httplib.INTERNAL_SERVER_ERROR
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	504	result = self.error_handler(req, ex, tb=True)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	505	finally:
5865 af414723598d [publisher] avoid useless rollback after successful commit, which clutters debug logs and may also not be cost-free Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5721 diff changeset	506	if req.cnx and not commited:
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	507	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	508	req.cnx.rollback()
7815 2a164a9cf81c [exceptions] stop catching any exception in various places (closes #1942716) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7589 diff changeset	509	except Exception:
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	510	pass # ignore rollback error at this point
8267 486386d9f836 [web] Exposes the undo feature to user through a undo-history view (closes #893940) Anthony Truchet <anthony.truchet@logilab.fr> parents: 8190 diff changeset	511	self.add_undo_link_to_msg(req)
8390 637b934bc742 [app] turn these info into debug logs (this being too chatty for .info) Aurelien Campeas <aurelien.campeas@logilab.fr> parents: 8312 diff changeset	512	self.debug('query %s executed in %s sec', req.relative_path(), clock() - tstart)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	513	return result
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	514
8470 a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8466 diff changeset	515	# Error handlers
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8466 diff changeset	516
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8466 diff changeset	517	def redirect_handler(self, req, ex):
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8466 diff changeset	518	"""handle redirect
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8466 diff changeset	519	- comply to ex status
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8466 diff changeset	520	- set header field
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8466 diff changeset	521	- return empty content
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8466 diff changeset	522	"""
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8466 diff changeset	523	self.debug('redirecting to %s', str(ex.location))
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8466 diff changeset	524	req.headers_out.setHeader('location', str(ex.location))
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8466 diff changeset	525	assert 300 <= ex.status < 400
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8466 diff changeset	526	req.status_out = ex.status
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8466 diff changeset	527	return ''
a85e107947e6 [web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8466 diff changeset	528
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	529	def validation_error_handler(self, req, ex):
8594 001159e2e4f3 [validation api] properly use yams 0.36 validation error api and update message catalog. Follows bbe0d6985e59 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8560 diff changeset	530	ex.translate(req._) # translate messages using ui language
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	531	if '__errorurl' in req.form:
4224 5998df006968 refactor form error handling: Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 3408 diff changeset	532	forminfo = {'error': ex,
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	533	'values': req.form,
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	534	'eidmap': req.data.get('eidmap', {})
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	535	}
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5174 diff changeset	536	req.session.data[req.form['__errorurl']] = forminfo
4679 d8ad65dab3e9 remove #<formid> from url used to redirect after a validation error Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4639 diff changeset	537	# XXX form session key / __error_url should be differentiated:
d8ad65dab3e9 remove #<formid> from url used to redirect after a validation error Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4639 diff changeset	538	# session key is 'url + #<form dom id', though we usually don't want
d8ad65dab3e9 remove #<formid> from url used to redirect after a validation error Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4639 diff changeset	539	# the browser to move to the form since it hides the global
d8ad65dab3e9 remove #<formid> from url used to redirect after a validation error Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4639 diff changeset	540	# messages.
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	541	location = req.form['__errorurl'].rsplit('#', 1)[0]
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	542	req.headers_out.setHeader('location', str(location))
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	543	req.status_out = httplib.SEE_OTHER
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	544	return ''
8560 fef0b8214fcf [web app] move set of status_out into validation_error_handler to ease readability Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8556 diff changeset	545	req.status_out = httplib.CONFLICT
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	546	return self.error_handler(req, ex, tb=False)
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	547
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	548	def error_handler(self, req, ex, tb=False):
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	549	excinfo = sys.exc_info()
8466 92c668170ef9 [web app] only log tb when explicitly asked Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8443 diff changeset	550	if tb:
92c668170ef9 [web app] only log tb when explicitly asked Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8443 diff changeset	551	self.exception(repr(ex))
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	552	req.set_header('Cache-Control', 'no-cache')
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	553	req.remove_header('Etag')
8753 b61a7c6352f2 [web publish] in case of error, ensure proper http status is set and Content-disposition header is reseted. Closes #2553066 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 8711 diff changeset	554	req.remove_header('Content-disposition')
4897 e402e0b32075 [web] start a new message system based on id of message stored in session's data Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4709 diff changeset	555	req.reset_message()
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	556	req.reset_headers()
8128 0a927fe4541b [controllers] deprecate JSonController and implement AjaxController / ajax-func registry (closes #2110265) Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 7990 diff changeset	557	if req.ajax_request:
8709 8dc0b8d92694 [web application] Fix missing self. in error_handler Vincent Michel <vincent.michel@logilab.fr> parents: 8602 diff changeset	558	return self.ajax_error_handler(req, ex)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	559	try:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	560	req.data['ex'] = ex
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	561	if tb:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	562	req.data['excinfo'] = excinfo
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	563	req.form['vid'] = 'error'
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	564	errview = self.vreg['views'].select('error', req)
882 75488a2a875e fix ui.main-template property handling sylvain.thenault@logilab.fr parents: 871 diff changeset	565	template = self.main_template_id(req)
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	566	content = self.vreg['views'].main_template(req, template, view=errview)
7815 2a164a9cf81c [exceptions] stop catching any exception in various places (closes #1942716) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 7589 diff changeset	567	except Exception:
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	568	content = self.vreg['views'].main_template(req, 'error-template')
9428 946aded614f3 [web error] exception may not have a 'status' attribute, generating an AttributeError that hides the original error. Closes #3381670 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 9355 diff changeset	569	if isinstance(ex, PublishException) and ex.status is not None:
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	570	req.status_out = ex.status
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	571	return content
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	572
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	573	def add_undo_link_to_msg(self, req):
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	574	txuuid = req.data.get('last_undoable_transaction')
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	575	if txuuid is not None:
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	576	msg = u'<span class="undo">[<a href="%s">%s</a>]</span>' %(
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	577	req.build_url('undo', txuuid=txuuid), req._('undo'))
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	578	req.append_to_redirect_message(msg)
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	579
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	580	def ajax_error_handler(self, req, ex):
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	581	req.set_header('content-type', 'application/json')
9428 946aded614f3 [web error] exception may not have a 'status' attribute, generating an AttributeError that hides the original error. Closes #3381670 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 9355 diff changeset	582	status = httplib.INTERNAL_SERVER_ERROR
946aded614f3 [web error] exception may not have a 'status' attribute, generating an AttributeError that hides the original error. Closes #3381670 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 9355 diff changeset	583	if isinstance(ex, PublishException) and ex.status is not None:
946aded614f3 [web error] exception may not have a 'status' attribute, generating an AttributeError that hides the original error. Closes #3381670 Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 9355 diff changeset	584	status = ex.status
9727 33f6ad4c75a5 [web/ajax] don't override any status code with 500 in ajax_error_handler Julien Cristau <julien.cristau@logilab.fr> parents: 9659 diff changeset	585	if req.status_out < 400:
33f6ad4c75a5 [web/ajax] don't override any status code with 500 in ajax_error_handler Julien Cristau <julien.cristau@logilab.fr> parents: 9659 diff changeset	586	# don't overwrite it if it's already set
33f6ad4c75a5 [web/ajax] don't override any status code with 500 in ajax_error_handler Julien Cristau <julien.cristau@logilab.fr> parents: 9659 diff changeset	587	req.status_out = status
9728 f79ce7b39ee9 [web/ajax] Always return a json dict with a 'reason' key in case of ajax errors Julien Cristau <julien.cristau@logilab.fr> parents: 9727 diff changeset	588	json_dumper = getattr(ex, 'dumps', lambda : json.dumps({'reason': unicode(ex)}))
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	589	return json_dumper()
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	590
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	591	# special case handling
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	592
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	593	def need_login_content(self, req):
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	594	return self.vreg['views'].main_template(req, 'login')
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	595
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	596	def loggedout_content(self, req):
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	597	return self.vreg['views'].main_template(req, 'loggedout')
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	598
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	599	def notfound_content(self, req):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	600	req.form['vid'] = '404'
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	601	view = self.vreg['views'].select('404', req)
882 75488a2a875e fix ui.main-template property handling sylvain.thenault@logilab.fr parents: 871 diff changeset	602	template = self.main_template_id(req)
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	603	return self.vreg['views'].main_template(req, template, view=view)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	604
8312 6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	605	# template stuff
6c2119509fac [web] Move request handling logic into cubicweb application. (closes #2200684) Pierre-Yves David <pierre-yves.david@logilab.fr> parents: 8311 diff changeset	606
882 75488a2a875e fix ui.main-template property handling sylvain.thenault@logilab.fr parents: 871 diff changeset	607	def main_template_id(self, req):
2263 1f59cd5b710f accept a __template parameter that specifies a different (main) template Aurelien Campeas <aurelien.campeas@logilab.fr> parents: 1977 diff changeset	608	template = req.form.get('__template', req.property_value('ui.main-template'))
2650 18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2613 diff changeset	609	if template not in self.vreg['views']:
882 75488a2a875e fix ui.main-template property handling sylvain.thenault@logilab.fr parents: 871 diff changeset	610	template = 'main-template'
75488a2a875e fix ui.main-template property handling sylvain.thenault@logilab.fr parents: 871 diff changeset	611	return template
1426 379261551578 remove trailing spaces sylvain.thenault@logilab.fr parents: 1132 diff changeset	612
7083 b8e35cde46e9 help pylint by explicitely defining some attributes Alexandre Fayolle <alexandre.fayolle@logilab.fr> parents: 6791 diff changeset	613	# these are overridden by set_log_methods below
b8e35cde46e9 help pylint by explicitely defining some attributes Alexandre Fayolle <alexandre.fayolle@logilab.fr> parents: 6791 diff changeset	614	# only defining here to prevent pylint from complaining
b8e35cde46e9 help pylint by explicitely defining some attributes Alexandre Fayolle <alexandre.fayolle@logilab.fr> parents: 6791 diff changeset	615	info = warning = error = critical = exception = debug = lambda msg,a,*kw: None
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	616
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	617	set_log_methods(CubicWebPublisher, LOGGER)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	618	set_log_methods(CookieSessionHandler, LOGGER)

author	Julien Cristau <julien.cristau@logilab.fr>
	Thu, 13 Mar 2014 17:03:15 +0100
changeset 9728	f79ce7b39ee9
parent 9727	33f6ad4c75a5
child 9897	fa44db7da2dc
permissions	-rw-r--r--