[selector] allow inplace operator in selector computation
Intended to facilitate overriding of existing selectors chain in view declaration.
It make the code shorter and clearer when you've to import long module pathnames
"""persistent sessions stored in big table
:organization: Logilab
:copyright: 2008-2010 LOGILAB S.A. (Paris, FRANCE), license is LGPL v2.
:contact: http://www.logilab.fr/ -- mailto:contact@logilab.fr
XXX TODO:
* cleanup persistent session
* use user as ancestor?
:license: GNU Lesser General Public License, v2.1 - http://www.gnu.org/licenses
"""
__docformat__ = "restructuredtext en"
from pickle import loads, dumps
from time import localtime, strftime
from logilab.common.decorators import cached, clear_cache
from cubicweb import BadConnectionId
from cubicweb.dbapi import Connection, ConnectionProperties, repo_connect
from cubicweb.selectors import none_rset, match_user_groups
from cubicweb.server.session import Session
from cubicweb.web import InvalidSession
from cubicweb.web.application import AbstractSessionManager
from cubicweb.web.application import AbstractAuthenticationManager
from google.appengine.api.datastore import Key, Entity, Get, Put, Delete, Query
from google.appengine.api.datastore_errors import EntityNotFoundError
from google.appengine.api.datastore_types import Blob
try:
del Connection.__del__
except AttributeError:
pass # already deleted
class GAEAuthenticationManager(AbstractAuthenticationManager):
"""authenticate user associated to a request and check session validity,
using google authentication service
"""
def __init__(self, *args, **kwargs):
super(GAEAuthenticationManager, self).__init__(*args, **kwargs)
self._repo = self.config.repository(vreg=self.vreg)
def authenticate(self, req, _login=None, _password=None):
"""authenticate user and return an established connection for this user
:raise ExplicitLogin: if authentication is required (no authentication
info found or wrong user/password)
"""
if _login is not None:
login, password = _login, _password
else:
login, password = req.get_authorization()
# remove possibly cached cursor coming from closed connection
clear_cache(req, 'cursor')
cnxprops = ConnectionProperties(self.vreg.config.repo_method,
close=False, log=False)
cnx = repo_connect(self._repo, login, password=password, cnxprops=cnxprops)
self._init_cnx(cnx, login, password)
# associate the connection to the current request
req.set_connection(cnx)
return cnx
def _init_cnx(self, cnx, login, password):
cnx.anonymous_connection = self.config.is_anonymous_user(login)
cnx.vreg = self.vreg
cnx.login = login
cnx.password = password
class GAEPersistentSessionManager(AbstractSessionManager):
"""manage session data associated to a session identifier"""
def __init__(self, vreg, *args, **kwargs):
super(GAEPersistentSessionManager, self).__init__(vreg, *args, **kwargs)
self._repo = self.config.repository(vreg=vreg)
def get_session(self, req, sessionid):
"""return existing session for the given session identifier"""
# search a record for the given session
key = Key.from_path('CubicWebSession', 'key_' + sessionid, parent=None)
try:
record = Get(key)
except EntityNotFoundError:
raise InvalidSession()
repo = self._repo
if self.has_expired(record):
repo._sessions.pop(sessionid, None)
Delete(record)
raise InvalidSession()
# associate it with a repository session
try:
reposession = repo._get_session(sessionid)
user = reposession.user
# touch session to avoid closing our own session when sessions are
# cleaned (touch is done on commit/rollback on the server side, too
# late in that case)
reposession._touch()
except BadConnectionId:
# can't found session in the repository, this probably mean the
# session is not yet initialized on this server, hijack the repo
# to create it
# use an internal connection
ssession = repo.internal_session()
# try to get a user object
try:
user = repo.authenticate_user(ssession, record['login'],
record['password'])
finally:
ssession.close()
reposession = Session(user, self._repo, _id=sessionid)
self._repo._sessions[sessionid] = reposession
cnx = Connection(self._repo, sessionid)
return self._get_proxy(req, record, cnx, user)
def open_session(self, req):
"""open and return a new session for the given request"""
cnx = self.authmanager.authenticate(req)
# avoid rebuilding a user
user = self._repo._get_session(cnx.sessionid).user
# build persistent record for session data
record = Entity('CubicWebSession', name='key_' + cnx.sessionid)
record['login'] = cnx.login
record['password'] = cnx.password
record['anonymous_connection'] = cnx.anonymous_connection
Put(record)
return self._get_proxy(req, record, cnx, user)
def close_session(self, proxy):
"""close session on logout or on invalid session detected (expired out,
corrupted...)
"""
proxy.close()
def current_sessions(self):
for record in Query('CubicWebSession').Run():
yield ConnectionProxy(record)
def _get_proxy(self, req, record, cnx, user):
proxy = ConnectionProxy(record, cnx, user)
user.req = req
req.set_connection(proxy, user)
return proxy
class ConnectionProxy(object):
def __init__(self, record, cnx=None, user=None):
self.__record = record
self.__cnx = cnx
self.__user = user
self.__data = None
self.__is_dirty = False
self.sessionid = record.key().name()[4:] # remove 'key_' prefix
def __repr__(self):
sstr = '<ConnectionProxy %s' % self.sessionid
if self.anonymous_connection:
sstr += ' (anonymous)'
elif self.__user:
sstr += ' for %s' % self.__user.login
sstr += ', last used %s>' % strftime('%T', localtime(self.last_usage_time))
return sstr
def __getattribute__(self, name):
try:
return super(ConnectionProxy, self).__getattribute__(name)
except AttributeError:
return getattr(self.__cnx, name)
def _set_last_usage_time(self, value):
self.__is_dirty = True
self.__record['last_usage_time'] = value
def _get_last_usage_time(self):
return self.__record['last_usage_time']
last_usage_time = property(_get_last_usage_time, _set_last_usage_time)
@property
def anonymous_connection(self):
# use get() for bw compat if sessions without anonymous information are
# found. Set default to True to limit lifetime of those sessions.
return self.__record.get('anonymous_connection', True)
@property
@cached
def data(self):
if self.__record.get('data') is not None:
try:
return loads(self.__record['data'])
except:
self.__is_dirty = True
self.exception('corrupted session data for session %s',
self.__cnx)
return {}
def get_session_data(self, key, default=None, pop=False):
"""return value associated to `key` in session data"""
if pop:
try:
value = self.data.pop(key)
self.__is_dirty = True
return value
except KeyError:
return default
else:
return self.data.get(key, default)
def set_session_data(self, key, value):
"""set value associated to `key` in session data"""
self.data[key] = value
self.__is_dirty = True
def del_session_data(self, key):
"""remove value associated to `key` in session data"""
try:
del self.data[key]
self.__is_dirty = True
except KeyError:
pass
def commit(self):
if self.__is_dirty:
self.__save()
self.__cnx.commit()
def rollback(self):
self.__save()
self.__cnx.rollback()
def close(self):
if self.__cnx is not None:
self.__cnx.close()
Delete(self.__record)
def __save(self):
if self.__is_dirty:
self.__record['data'] = Blob(dumps(self.data))
Put(self.__record)
self.__is_dirty = False
def user(self, req=None, props=None):
"""return the User object associated to this connection"""
return self.__user
import logging
from cubicweb import set_log_methods
set_log_methods(ConnectionProxy, logging.getLogger('cubicweb.web.goa.session'))
from cubicweb.view import StartupView
from cubicweb.web import application
class SessionsCleaner(StartupView):
id = 'cleansessions'
__select__ = none_rset() & match_user_groups('managers')
def call(self):
# clean web session
session_manager = application.SESSION_MANAGER
nbclosed, remaining = session_manager.clean_sessions()
self.w(u'<div class="message">')
self.w(u'%s web sessions closed<br/>\n' % nbclosed)
# clean repository sessions
repo = self.config.repository(vreg=self.vreg)
nbclosed = repo.clean_sessions()
self.w(u'%s repository sessions closed<br/>\n' % nbclosed)
self.w(u'%s remaining sessions<br/>\n' % remaining)
self.w(u'</div>')
def registration_callback(vreg):
vreg.register(SessionsCleaner)
vreg.register(GAEAuthenticationManager, clear=True)
vreg.register(GAEPersistentSessionManager, clear=True)