Mercurial Repository: p/roundup/code: roundup/rest.py comparison

comparison roundup/rest.py @ 5710:0b79bfcb3312

Add support for making an idempotent POST. This allows retrying a POST that was interrupted. It involves creating a post once only (poe) url /rest/data/<class>/@poe/<random_token>. This url acts the same as a post to /rest/data/<class>. However once the @poe url is used, it can't be used for a second POST. To make these changes: 1) Take the body of post_collection into a new post_collection_inner function. Have post_collection call post_collection_inner. 2) Add a handler for POST to rest/data/class/@poe. This will return a unique POE url. By default the url expires after 30 minutes. The POE random token is only good for a specific user and is stored in the session db. 3) Add a handler for POST to rest/data/<class>/@poe/<random token>. The random token generated in 2 is validated for proper class (if token is not generic) and proper user and must not have expired. If everything is valid, call post_collection_inner to process the input and generate the new entry. To make recognition of 2 stable (so it's not confused with rest/data/<:class_name>/<:item_id>), removed @ from Routing::url_to_regex. The current Routing.execute method stops on the first regular expression to match the URL. Since item_id doesn't accept a POST, I was getting 405 bad method sometimes. My guess is the order of the regular expressions is not stable, so sometime I would get the right regexp for /data/<class>/@poe and sometime I would get the one for /data/<class>/<item_id>. By removing the @ from the url_to_regexp, there was no way for the item_id case to match @poe. There are alternate fixes we may need to look at. If a regexp matches but the method does not, return to the regexp matching loop in execute() looking for another match. Only once every possible match has failed should the code return a 405 method failure. Another fix is to implement a more sophisticated mechanism so that @Routing.route("/data/<:class_name>/<:item_id>/<:attr_name>", 'PATCH') has different regexps for matching <:class_name> <:item_id> and <:attr_name>. Currently the regexp specified by url_to_regex is used for every component. Other fixes: Made failure to find any props in props_from_args return an empty dict rather than throwing an unhandled error. Make __init__ for SimulateFieldStorageFromJson handle an empty json doc. Useful for POSTing to rest/data/class/@poe with an empty document. Testing: added testPostPOE to test/rest_common.py that I think covers all the code that was added. Documentation: Add doc to rest.txt in the "Client API" section titled: Safely Re-sending POST". Move existing section "Adding new rest endpoints" in "Client API" to a new second level section called "Programming the REST API". Also a minor change to the simple rest client moving the header setting to continuation lines rather than showing one long line.

author	John Rouillard <rouilj@ieee.org>
date	Sun, 14 Apr 2019 21:07:11 -0400
parents	f9a762678af6
children	aea2cc142c1b

comparison

equal deleted inserted replaced

-:e2378b6afdb5
+:0b79bfcb3312
 basestring = str
 unicode = str
 import logging
 logger = logging.getLogger('roundup.rest')
+import roundup.anypy.random_ as random_
+if not random_.is_weak:
+logger.debug("Importing good random generator")
+else:
+logger.warning("**SystemRandom not available. Using poor random generator")
+import time
+chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'
 def _data_decorator(func):
 """Wrap the returned data into an object."""
 def format_object(self, *args, **kwargs):
 # get the data / error from function
 class Routing(object):
 __route_map = {}
 __var_to_regex = re.compile(r"<:(\w+)>")
-url_to_regex = r"([\w.\-~!$&'()*+,;=:@\%%]+)"
+url_to_regex = r"([\w.\-~!$&'()*+,;=:\%%]+)"
 @classmethod
 def route(cls, rule, methods='GET'):
 """A decorator that is used to register a view function for a
 given URL rule:
 protected_class_props = [ p for p in
 list(cl.getprops(protected=True))
 if p not in unprotected_class_props ]
 props = {}
 # props = dict.fromkeys(class_props, None)
+if not args:
+raise UsageError("No properties found.")
 for arg in args:
 key = arg.name
 value = arg.value
 if key.startswith('@'):
 int: http status code 201 (Created)
 dict: a reference item to the created object
 id: id of the object
 link: path to the object
 """
+return self.post_collection_inner(class_name, input)
+@Routing.route("/data/<:class_name>/@poe", 'POST')
+@_data_decorator
+def post_once_exactly_collection(self, class_name, input):
+otks=self.db.Otk
+poe_key = ''.join([random_.choice(chars) for x in range(40)])
+while otks.exists(u2s(poe_key)):
+poe_key = ''.join([random_.choice(chars) for x in range(40)])
+try:
+lifetime=int(input['lifetime'].value)
+except KeyError as e:
+lifetime=30 * 60 # 30 minutes
+except ValueError as e:
+raise UsageError("Value 'lifetime' must be an integer specify lifetime in seconds. Got %s."%input['lifetime'].value)
+if lifetime > 3600 or lifetime < 1:
+raise UsageError("Value 'lifetime' must be between 1 second and 1 hour (3600 seconds). Got %s."%input['lifetime'].value)
+try:
+# if generic tag exists, we don't care about the value
+is_generic=input['generic']
+# we generate a generic POE token
+is_generic=True
+except KeyError as e:
+is_generic=False
+# a POE must be used within lifetime (30 minutes default).
+# Default OTK lifetime is 1 week. So to make different
+# lifetime, take current time, subtract 1 week and add
+# lifetime.
+ts = time.time() - (60 * 60 * 24 * 7) + lifetime
+if is_generic:
+otks.set(u2s(poe_key), uid=self.db.getuid(),
+__timestamp=ts )
+else:
+otks.set(u2s(poe_key), uid=self.db.getuid(),
+class_name=class_name,
+__timestamp=ts )
+otks.commit()
+return 200, { 'link': '%s/%s/@poe/%s'%(self.data_path, class_name, poe_key),
+'expires' : ts + (60 * 60 * 24 * 7) }
+@Routing.route("/data/<:class_name>/@poe/<:post_token>", 'POST')
+@_data_decorator
+def post_once_exactly_collection(self, class_name, post_token, input):
+otks=self.db.Otk
+# remove expired keys so we don't use an expired key
+otks.clean()
+if not otks.exists(u2s(post_token)):
+# Don't log this failure. Would allow attackers to fill
+# logs.
+raise UsageError("POE token '%s' not valid."%post_token)
+# find out what user owns the key
+user = otks.get(u2s(post_token), 'uid', default=None)
+# find out what class it was meant for
+cn = otks.get(u2s(post_token), 'class_name', default=None)
+# Invalidate the key as it has been used.
+otks.destroy(u2s(post_token))
+otks.commit()
+# verify the same user that requested the key is the user
+# using the key.
+if user != self.db.getuid():
+# Tell the roundup admin that there is an issue
+# as the key got compromised.
+logger.warn(
+'Post Once key owned by user%s was denied. Used by user%s',user, self.db.getuid()
+)
+# Should we indicate to user that the token is invalid
+# because they are not the user who owns the key? It could
+# be a logic bug in the application. But I assume that
+# the key has been stolen and we don't want to tip our hand.
+raise UsageError("POE token '%s' not valid."%post_token)
+if cn != class_name and cn != None:
+raise UsageError("POE token '%s' not valid for %s, was generated for class %s"%(post_token, class_name, cn))
+# handle this as though they POSTed to /rest/data/class
+return self.post_collection_inner(class_name, input)
+def post_collection_inner(self, class_name, input):
 if class_name not in self.db.classes:
 raise NotFound('Class %s not found' % class_name)
 if not self.db.security.hasPermission(
 'Create', self.db.getuid(), class_name
 ):
 '''
 def __init__(self, json_string):
 ''' Parse the json string into an internal dict. '''
 def raise_error_on_constant(x):
 raise ValueError("Unacceptable number: %s"%x)
-self.json_dict = json.loads(json_string,
+try:
+self.json_dict = json.loads(json_string,
 parse_constant = raise_error_on_constant)
 self.value = [ self.FsValue(index, self.json_dict[index]) for index in self.json_dict.keys() ]
+except ValueError as e:
+self.json_dict = {}
+self.value = None
 class FsValue:
 '''Class that does nothing but response to a .value property '''
 def __init__(self, name, val):
 self.name=u2s(name)

Mercurial > p > roundup > code

comparison roundup/rest.py @ 5710:0b79bfcb3312