quay/endpoints/common.py

import logging
import os
import base64

from flask import session, make_response, render_template
from flask.ext.login import login_user, UserMixin
from flask.ext.principal import identity_changed

from data import model
from app import app, login_manager
from auth.permissions import QuayDeferredPermissionUser


logger = logging.getLogger(__name__)


route_data = None

def get_route_data():
  global route_data
  if route_data:
    return route_data

  routes = []
  for rule in app.url_map.iter_rules():
    if rule.endpoint.startswith('api.'):
      endpoint_method = app.view_functions[rule.endpoint]
      is_internal = '__internal_call' in dir(endpoint_method)
      is_org_api = '__user_call' in dir(endpoint_method)
      methods = list(rule.methods.difference(['HEAD', 'OPTIONS']))

      route = {
        'name': rule.endpoint[4:],
        'methods': methods,
        'path': rule.rule,
        'parameters': list(rule.arguments)
      }

      if is_org_api:
        route['user_method'] = endpoint_method.__user_call

      routes.append(route)
      
  route_data = {
    'endpoints': routes
  }
  return route_data


def truthy_param(param):
  return param not in {False, 'false', 'False', '0', 'FALSE', '', 'null'}


@login_manager.user_loader
def load_user(username):
  logger.debug('Loading user: %s' % username)
  return _LoginWrappedDBUser(username)

class _LoginWrappedDBUser(UserMixin):
  def __init__(self, db_username, db_user=None):

    self._db_username = db_username
    self._db_user = db_user

  def db_user(self):
    if not self._db_user:
      self._db_user = model.get_user(self._db_username)
    return self._db_user

  def is_authenticated(self):
    return self.db_user() is not None

  def is_active(self):
    return self.db_user().verified

  def get_id(self):
    return unicode(self._db_username)


def common_login(db_user):
  if login_user(_LoginWrappedDBUser(db_user.username, db_user)):
    logger.debug('Successfully signed in as: %s' % db_user.username)
    new_identity = QuayDeferredPermissionUser(db_user.username, 'username')
    identity_changed.send(app, identity=new_identity)
    return True
  else:
    logger.debug('User could not be logged in, inactive?.')
    return False


@app.errorhandler(model.DataModelException)
def handle_dme(ex):
  logger.exception(ex)
  return make_response('Internal Server Error', 500)


@app.errorhandler(KeyError)
def handle_dme_key_error(ex):
  logger.exception(ex)
  return make_response('Internal Server Error', 500)


def generate_csrf_token():
  if '_csrf_token' not in session:
    session['_csrf_token'] = base64.b64encode(os.urandom(48))

  return session['_csrf_token']

app.jinja_env.globals['csrf_token'] = generate_csrf_token 


def render_page_template(name, **kwargs):

  resp = make_response(render_template(name, route_data=get_route_data(),
                                       **kwargs))
  resp.headers['X-FRAME-OPTIONS'] = 'DENY'
  return resp
Embed the discovery information directly into the page 2013-12-27 22:19:14 +00:00			`import logging`
Add CSRF protection to every API call 2013-12-28 19:07:44 +00:00			`import os`
			`import base64`
Embed the discovery information directly into the page 2013-12-27 22:19:14 +00:00
Split out callbacks into their own blueprint. Add build trigger DB information and connect it with some APIs. Stub out the UI to allow for generation of triggers. Split out the triggers into a plugin-ish architecture for easily adding new triggers. 2014-02-18 20:50:15 +00:00			`from flask import session, make_response, render_template`
Fix the imports when separating out the new common.py file. 2013-12-27 23:01:44 +00:00			`from flask.ext.login import login_user, UserMixin`
Embed the discovery information directly into the page 2013-12-27 22:19:14 +00:00			`from flask.ext.principal import identity_changed`

			`from data import model`
			`from app import app, login_manager`
Fix the imports when separating out the new common.py file. 2013-12-27 23:01:44 +00:00			`from auth.permissions import QuayDeferredPermissionUser`
Embed the discovery information directly into the page 2013-12-27 22:19:14 +00:00

			`logger = logging.getLogger(__name__)`


Split out callbacks into their own blueprint. Add build trigger DB information and connect it with some APIs. Stub out the UI to allow for generation of triggers. Split out the triggers into a plugin-ish architecture for easily adding new triggers. 2014-02-18 20:50:15 +00:00			`route_data = None`

			`def get_route_data():`
			`global route_data`
			`if route_data:`
			`return route_data`

			`routes = []`
			`for rule in app.url_map.iter_rules():`
			`if rule.endpoint.startswith('api.'):`
			`endpoint_method = app.view_functions[rule.endpoint]`
			`is_internal = '__internal_call' in dir(endpoint_method)`
			`is_org_api = '__user_call' in dir(endpoint_method)`
			`methods = list(rule.methods.difference(['HEAD', 'OPTIONS']))`

			`route = {`
			`'name': rule.endpoint[4:],`
			`'methods': methods,`
			`'path': rule.rule,`
			`'parameters': list(rule.arguments)`
			`}`

			`if is_org_api:`
			`route['user_method'] = endpoint_method.__user_call`

			`routes.append(route)`

			`route_data = {`
			`'endpoints': routes`
			`}`
			`return route_data`


Fix the tests and the one bug that it highlighted. 2014-02-16 23:59:24 +00:00			`def truthy_param(param):`
			`return param not in {False, 'false', 'False', '0', 'FALSE', '', 'null'}`


Embed the discovery information directly into the page 2013-12-27 22:19:14 +00:00			`@login_manager.user_loader`
			`def load_user(username):`
			`logger.debug('Loading user: %s' % username)`
			`return _LoginWrappedDBUser(username)`

			`class _LoginWrappedDBUser(UserMixin):`
			`def __init__(self, db_username, db_user=None):`

			`self._db_username = db_username`
			`self._db_user = db_user`

			`def db_user(self):`
			`if not self._db_user:`
			`self._db_user = model.get_user(self._db_username)`
			`return self._db_user`

			`def is_authenticated(self):`
			`return self.db_user() is not None`

			`def is_active(self):`
			`return self.db_user().verified`

			`def get_id(self):`
			`return unicode(self._db_username)`


			`def common_login(db_user):`
			`if login_user(_LoginWrappedDBUser(db_user.username, db_user)):`
			`logger.debug('Successfully signed in as: %s' % db_user.username)`
			`new_identity = QuayDeferredPermissionUser(db_user.username, 'username')`
			`identity_changed.send(app, identity=new_identity)`
			`return True`
			`else:`
			`logger.debug('User could not be logged in, inactive?.')`
			`return False`
Add CSRF protection to every API call 2013-12-28 19:07:44 +00:00

Move each flask module into a Blueprint and have CSRF protection only on the API blueprint 2013-12-30 22:05:27 +00:00			`@app.errorhandler(model.DataModelException)`
			`def handle_dme(ex):`
Allow exception tracebacks to get logged to the log file. 2014-02-25 21:54:49 +00:00			`logger.exception(ex)`
			`return make_response('Internal Server Error', 500)`
Move each flask module into a Blueprint and have CSRF protection only on the API blueprint 2013-12-30 22:05:27 +00:00

			`@app.errorhandler(KeyError)`
			`def handle_dme_key_error(ex):`
Allow exception tracebacks to get logged to the log file. 2014-02-25 21:54:49 +00:00			`logger.exception(ex)`
			`return make_response('Internal Server Error', 500)`
Add CSRF protection to every API call 2013-12-28 19:07:44 +00:00

			`def generate_csrf_token():`
Style fixes 2013-12-29 00:56:23 +00:00			`if '_csrf_token' not in session:`
			`session['_csrf_token'] = base64.b64encode(os.urandom(48))`

			`return session['_csrf_token']`
Add CSRF protection to every API call 2013-12-28 19:07:44 +00:00
			`app.jinja_env.globals['csrf_token'] = generate_csrf_token`
Split out callbacks into their own blueprint. Add build trigger DB information and connect it with some APIs. Stub out the UI to allow for generation of triggers. Split out the triggers into a plugin-ish architecture for easily adding new triggers. 2014-02-18 20:50:15 +00:00

			`def render_page_template(name, **kwargs):`

			`resp = make_response(render_template(name, route_data=get_route_data(),`
			`**kwargs))`
			`resp.headers['X-FRAME-OPTIONS'] = 'DENY'`
Merge remote-tracking branch 'origin/master' into rustedbuilds Conflicts: data/database.py endpoints/api.py endpoints/common.py test/data/test.db 2014-02-21 19:52:40 +00:00			`return resp`