24 __docformat__ = "restructuredtext en" |
24 __docformat__ = "restructuredtext en" |
25 |
25 |
26 import sys |
26 import sys |
27 from os.path import join, exists |
27 from os.path import join, exists |
28 from glob import glob |
28 from glob import glob |
|
29 from contextlib import contextmanager |
29 |
30 |
30 from logilab.common.modutils import LazyObject |
31 from logilab.common.modutils import LazyObject |
31 from logilab.common.textutils import splitstrip |
32 from logilab.common.textutils import splitstrip |
32 from logilab.common.registry import yes |
33 from logilab.common.registry import yes |
33 from yams import BASE_GROUPS |
34 from yams import BASE_GROUPS |
76 DBG_MS = 8 |
77 DBG_MS = 8 |
77 #: hooks |
78 #: hooks |
78 DBG_HOOKS = 16 |
79 DBG_HOOKS = 16 |
79 #: operations |
80 #: operations |
80 DBG_OPS = 32 |
81 DBG_OPS = 32 |
|
82 #: security |
|
83 DBG_SEC = 64 |
81 #: more verbosity |
84 #: more verbosity |
82 DBG_MORE = 64 |
85 DBG_MORE = 128 |
83 #: all level enabled |
86 #: all level enabled |
84 DBG_ALL = DBG_RQL + DBG_SQL + DBG_REPO + DBG_MS + DBG_HOOKS + DBG_OPS + DBG_MORE |
87 DBG_ALL = DBG_RQL + DBG_SQL + DBG_REPO + DBG_MS + DBG_HOOKS + DBG_OPS + DBG_SEC + DBG_MORE |
|
88 |
|
89 _SECURITY_ITEMS = [] |
|
90 _SECURITY_CAPS = ['read', 'add', 'update', 'delete'] |
85 |
91 |
86 #: current debug mode |
92 #: current debug mode |
87 DEBUG = 0 |
93 DEBUG = 0 |
|
94 |
|
95 @contextmanager |
|
96 def tunesecurity(items=(), capabilities=()): |
|
97 """Context manager to use in conjunction with DBG_SEC. |
|
98 |
|
99 This allows some tuning of: |
|
100 * the monitored capabilities ('read', 'add', ....) |
|
101 * the object being checked by the security checkers |
|
102 |
|
103 When no item is given, all of them will be watched. |
|
104 By default all capabilities are monitored, unless specified. |
|
105 |
|
106 Example use:: |
|
107 |
|
108 from cubicweb.server import debugged, DBG_SEC, tunesecurity |
|
109 with debugged(DBG_SEC): |
|
110 with tunesecurity(items=('Elephant', 'trumps'), |
|
111 capabilities=('update', 'delete')): |
|
112 babar.cw_set(trumps=celeste) |
|
113 flore.cw_delete() |
|
114 |
|
115 ==> |
|
116 |
|
117 check_perm: 'update' 'relation Elephant.trumps.Elephant' |
|
118 [(ERQLExpression(Any X WHERE U has_update_permission X, X eid %(x)s, U eid %(u)s), |
|
119 {'eid': 2167}, True)] |
|
120 check_perm: 'delete' 'Elephant' |
|
121 [(ERQLExpression(Any X WHERE U has_delete_permission X, X eid %(x)s, U eid %(u)s), |
|
122 {'eid': 2168}, True)] |
|
123 |
|
124 """ |
|
125 olditems = _SECURITY_ITEMS[:] |
|
126 _SECURITY_ITEMS.extend(list(items)) |
|
127 oldactions = _SECURITY_CAPS[:] |
|
128 _SECURITY_CAPS[:] = capabilities |
|
129 yield |
|
130 _SECURITY_ITEMS[:] = olditems |
|
131 _SECURITY_CAPS[:] = oldactions |
88 |
132 |
89 def set_debug(debugmode): |
133 def set_debug(debugmode): |
90 """change the repository debugging mode""" |
134 """change the repository debugging mode""" |
91 global DEBUG |
135 global DEBUG |
92 if not debugmode: |
136 if not debugmode: |
101 class debugged(object): |
145 class debugged(object): |
102 """Context manager and decorator to help debug the repository. |
146 """Context manager and decorator to help debug the repository. |
103 |
147 |
104 It can be used either as a context manager: |
148 It can be used either as a context manager: |
105 |
149 |
106 >>> with debugged(server.DBG_RQL | server.DBG_REPO): |
150 >>> with debugged('DBG_RQL | DBG_REPO'): |
107 ... # some code in which you want to debug repository activity, |
151 ... # some code in which you want to debug repository activity, |
108 ... # seing information about RQL being executed an repository events. |
152 ... # seing information about RQL being executed an repository events. |
109 |
153 |
110 or as a function decorator: |
154 or as a function decorator: |
111 |
155 |
112 >>> @debugged(server.DBG_RQL | server.DBG_REPO) |
156 >>> @debugged('DBG_RQL | DBG_REPO') |
113 ... def some_function(): |
157 ... def some_function(): |
114 ... # some code in which you want to debug repository activity, |
158 ... # some code in which you want to debug repository activity, |
115 ... # seing information about RQL being executed an repository events |
159 ... # seing information about RQL being executed an repository events |
116 |
160 |
117 The debug mode will be reset to its original value when leaving the "with" |
161 The debug mode will be reset to its original value when leaving the "with" |
201 # they are used sometimes by generated sql. Keeping them empty is much |
245 # they are used sometimes by generated sql. Keeping them empty is much |
202 # simpler than fixing this... |
246 # simpler than fixing this... |
203 schemasql = sqlschema(schema, driver) |
247 schemasql = sqlschema(schema, driver) |
204 #skip_entities=[str(e) for e in schema.entities() |
248 #skip_entities=[str(e) for e in schema.entities() |
205 # if not repo.system_source.support_entity(str(e))]) |
249 # if not repo.system_source.support_entity(str(e))]) |
206 sqlexec(schemasql, execute, pbtitle=_title, delimiter=';;') |
250 failed = sqlexec(schemasql, execute, pbtitle=_title, delimiter=';;') |
|
251 if failed: |
|
252 print 'The following SQL statements failed. You should check your schema.' |
|
253 print failed |
|
254 raise Exception('execution of the sql schema failed, you should check your schema') |
207 sqlcursor.close() |
255 sqlcursor.close() |
208 sqlcnx.commit() |
256 sqlcnx.commit() |
209 sqlcnx.close() |
257 sqlcnx.close() |
210 session = repo.internal_session() |
258 session = repo.internal_session() |
211 # insert entity representing the system source |
259 # insert entity representing the system source |