Mercurial > p > roundup > code

view roundup/backends/sessions_rdbms.py @ 5272:c6fbd4803eae

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
If you upgrade to the newer query edit interface but did not allow users full access to search queries, the edit interface displays public queries that the user does not own in the section labeled "Queries I created". Updated upgrading.txt to discuss this problem and link back to the 1.4.17 upgrading instructions. Also included schema.py permissions that can be used to make the edit interface work correctly without allow full search access for queries. Updated the test script in the 1.4.17 upgrading instructions to display protected properties (like creator) to make dignosing this easier.
author John Rouillard <rouilj@ieee.org>
date Sat, 23 Sep 2017 13:05:48 -0400
parents 0b154486ed38
children 62de601bdf6f
line wrap: on
line source

"""This module defines a very basic store that's used by the CGI interface
to store session and one-time-key information.

Yes, it's called "sessions" - because originally it only defined a session
class. It's now also used for One Time Key handling too.
"""
__docformat__ = 'restructuredtext'
import os, time
from cgi import escape

class BasicDatabase:
    ''' Provide a nice encapsulation of an RDBMS table.

        Keys are id strings, values are automatically marshalled data.
    '''
    name = None
    def __init__(self, db):
        self.db = db
        self.cursor = self.db.cursor

    def clear(self):
        self.cursor.execute('delete from %ss'%self.name)

    def exists(self, infoid):
        n = self.name
        self.cursor.execute('select count(*) from %ss where %s_key=%s'%(n,
            n, self.db.arg), (infoid,))
        return int(self.cursor.fetchone()[0])

    _marker = []
    def get(self, infoid, value, default=_marker):
        n = self.name
        self.cursor.execute('select %s_value from %ss where %s_key=%s'%(n,
            n, n, self.db.arg), (infoid,))
        res = self.cursor.fetchone()
        if not res:
            if default != self._marker:
                return default
            raise KeyError('No such %s "%s"'%(self.name, escape(infoid)))
        values = eval(res[0])
        return values.get(value, None)

    def getall(self, infoid):
        n = self.name
        self.cursor.execute('select %s_value from %ss where %s_key=%s'%(n,
            n, n, self.db.arg), (infoid,))
        res = self.cursor.fetchone()
        if not res:
            raise KeyError('No such %s "%s"'%(self.name, escape (infoid)))
        return eval(res[0])

    def set(self, infoid, **newvalues):
        """ Store all newvalues under key infoid with a timestamp in database.

            If newvalues['__timestamp'] exists and is representable as a floating point number
            (i.e. could be generated by time.time()), that value is used for the <name>_time
            column in the database.
        """
        c = self.cursor
        n = self.name
        a = self.db.arg
        c.execute('select %s_value from %ss where %s_key=%s'%(n, n, n, a),
            (infoid,))
        res = c.fetchone()
        if res:
            values = eval(res[0])
        else:
            values = {}
        values.update(newvalues)

        if res:
            sql = 'update %ss set %s_value=%s where %s_key=%s'%(n, n,
                a, n, a)
            args = (repr(values), infoid)
        else:
            if '__timestamp' in newvalues:
                try:
                    # __timestamp must be represntable as a float. Check it.
                    timestamp = float(newvalues['__timestamp'])
                except ValueError:
                    timestamp = time.time()
            else:
                timestamp = time.time()

            sql = 'insert into %ss (%s_key, %s_time, %s_value) '\
                'values (%s, %s, %s)'%(n, n, n, n, a, a, a)
            args = (infoid, timestamp, repr(values))
        c.execute(sql, args)

    def list(self):
        c = self.cursor
        n = self.name
        c.execute('select %s_key from %ss'%(n, n))
        return [res[0] for res in c.fetchall()]

    def destroy(self, infoid):
        self.cursor.execute('delete from %ss where %s_key=%s'%(self.name,
            self.name, self.db.arg), (infoid,))

    def updateTimestamp(self, infoid):
        """ don't update every hit - once a minute should be OK """
        now = time.time()
        self.cursor.execute('''update %ss set %s_time=%s where %s_key=%s
            and %s_time < %s'''%(self.name, self.name, self.db.arg,
            self.name, self.db.arg, self.name, self.db.arg),
            (now, infoid, now-60))

    def clean(self):
        ''' Remove session records that haven't been used for a week. '''
        now = time.time()
        week = 60*60*24*7
        old = now - week
        self.cursor.execute('delete from %ss where %s_time < %s'%(self.name,
            self.name, self.db.arg), (old, ))

class Sessions(BasicDatabase):
    name = 'session'

class OneTimeKeys(BasicDatabase):
    name = 'otk'

# vim: set et sts=4 sw=4 :
Roundup Issue Tracker: http://roundup-tracker.org/