Mercurial > p > roundup > code
view roundup/actions.py @ 6823:fe0091279f50
Refactor session db logging and key generation for sessions/otks
While I was working on the redis sessiondb stuff, I noticed that
log_wanrning, get_logger ... was duplicated. Also there was code to
generate a unique key for otks that was duplicated.
Changes:
creating new sessions_common.py and SessionsCommon class to provide
methods:
log_warning, log_info, log_debug, get_logger, getUniqueKey
getUniqueKey method is closer to the method used to make
session keys in client.py.
sessions_common.py now report when random_.py chooses a weak
random number generator. Removed same from rest.py.
get_logger reconciles all logging under
roundup.hyperdb.backends.<name of BasicDatabase class>
some backends used to log to root logger.
have BasicDatabase in other sessions_*.py modules inherit from
SessionCommon.
change logging to use log_* methods.
In addition:
remove unused imports reported by flake8 and other formatting
changes
modify actions.py, rest.py, templating.py to use getUniqueKey
method.
add tests for new methods
test_redis_session.py
swap out ModuleNotFoundError for ImportError to prevent crash in
python2 when redis is not present.
allow injection of username:password or just password into redis
connection URL. set pytest_redis_pw envirnment variable to password
or user:password when running test.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sun, 07 Aug 2022 01:51:11 -0400 |
| parents | 48a1f919f894 |
| children | 4c9acc580769 |
line wrap: on
line source
# # Copyright (C) 2009 Stefan Seefeld # All rights reserved. # For license terms see the file COPYING.txt. # Actions used in REST and XMLRPC APIs # from roundup.exceptions import Unauthorised from roundup import hyperdb class Action: def __init__(self, db, translator): self.db = db self.translator = translator def handle(self, *args): """Action handler procedure""" raise NotImplementedError def execute(self, *args): """Execute the action specified by this object.""" self.permission(*args) return self.handle(*args) def permission(self, *args): """Check whether the user has permission to execute this action. If not, raise Unauthorised.""" pass def gettext(self, msgid): """Return the localized translation of msgid""" return self.translator.gettext(msgid) _ = gettext class PermCheck(Action): def permission(self, designator): classname, itemid = hyperdb.splitDesignator(designator) perm = self.db.security.hasPermission if not perm('Retire', self.db.getuid(), classname=classname, itemid=itemid): raise Unauthorised(self._('You do not have permission to retire ' 'or restore the %(classname)s class.') % locals()) class Retire(PermCheck): def handle(self, designator): classname, itemid = hyperdb.splitDesignator(designator) # make sure we don't try to retire admin or anonymous if (classname == 'user' and self.db.user.get(itemid, 'username') in ('admin', 'anonymous')): raise ValueError(self._( 'You may not retire the admin or anonymous user')) # do the retire self.db.getclass(classname).retire(itemid) self.db.commit() class Restore(PermCheck): def handle(self, designator): classname, itemid = hyperdb.splitDesignator(designator) # do the restore self.db.getclass(classname).restore(itemid) self.db.commit()