mirror of
https://github.com/dkmstr/openuds.git
synced 2024-12-22 13:34:04 +03:00
Added request object to xmlrpc methods that needs credentials
This commit is contained in:
parent
cf1ca260cb
commit
e04239de55
@ -51,7 +51,8 @@ class Credentials(object):
|
||||
'''
|
||||
Represents a valid credential from a user connected to administration.
|
||||
'''
|
||||
def __init__(self, session, credential_key):
|
||||
def __init__(self, request, session, credential_key):
|
||||
self.request = request
|
||||
self.idAuth = session['idAuth']
|
||||
self.isAdmin = session['isAdmin']
|
||||
self.user = session['username']
|
||||
@ -100,8 +101,12 @@ def needs_credentials(xmlrpc_func):
|
||||
'''
|
||||
@wraps(xmlrpc_func)
|
||||
def _wrapped_xmlrcp_func(credentials, *args, **kwargs):
|
||||
# We expect that request is passed in as last argument ALWAYS (look at views)
|
||||
args = list(args)
|
||||
request = args.pop() # Last argumment is request
|
||||
args = tuple(args)
|
||||
logger.debug('Checkin credentials {0} for function {1}'.format(credentials, xmlrpc_func.__name__))
|
||||
cred = validateCredentials(credentials)
|
||||
cred = validateCredentials(request, credentials)
|
||||
if cred is not None:
|
||||
logger.debug('Credentials valid, executing')
|
||||
return xmlrpc_func(cred, *args, **kwargs)
|
||||
@ -109,7 +114,7 @@ def needs_credentials(xmlrpc_func):
|
||||
return _wrapped_xmlrcp_func
|
||||
|
||||
|
||||
def validateCredentials(credentials):
|
||||
def validateCredentials(request, credentials):
|
||||
'''
|
||||
Validates the credentials of an user
|
||||
:param credentials:
|
||||
@ -124,7 +129,7 @@ def validateCredentials(credentials):
|
||||
# Updates the expire key, this is the slow part as we can see at debug log, better if we can only update the expire_key this takes 80 ms!!!
|
||||
session.save()
|
||||
logger.debug('Session updated')
|
||||
return Credentials(session, credentials )
|
||||
return Credentials(request, session, credentials )
|
||||
|
||||
|
||||
def invalidateCredentials(credentials):
|
||||
@ -145,7 +150,7 @@ def getAdminAuths(locale):
|
||||
|
||||
|
||||
# Xmlrpc functions
|
||||
def login(username, password, idAuth, locale):
|
||||
def login(username, password, idAuth, locale, request):
|
||||
'''
|
||||
Validates the user/password credentials, assign to it the specified locale for this session and returns a credentials response
|
||||
'''
|
||||
|
@ -57,16 +57,50 @@ import logging
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
dispatcher = SimpleXMLRPCDispatcher(allow_none=False, encoding=None)
|
||||
class XMLRPCDispatcher(SimpleXMLRPCDispatcher):
|
||||
'''
|
||||
Own dispatchers, to allow the pass of the request to the methods.
|
||||
|
||||
Request will be, in most cases, removed from params at @needs_credentials decorator
|
||||
This means that all xmlrpc methods that needs_credentials, will have the request at
|
||||
the Credentials object.
|
||||
|
||||
If no request is needed, normal method invocation will be done
|
||||
'''
|
||||
|
||||
def __init__(self):
|
||||
SimpleXMLRPCDispatcher.__init__(self, allow_none=False, encoding=None)
|
||||
|
||||
|
||||
def dispatch(self, request, **kwargs):
|
||||
import xmlrpclib
|
||||
xml = request.raw_post_data
|
||||
try:
|
||||
params, method = xmlrpclib.loads(xml)
|
||||
try:
|
||||
response = self._dispatch(method, params + (request,))
|
||||
except TypeError:
|
||||
response = self._dispatch(method, params)
|
||||
|
||||
response = (response,)
|
||||
response = xmlrpclib.dumps( response, methodresponse=1)
|
||||
except xmlrpclib.Fault as fault:
|
||||
response = xmlrpclib.dumps(fault)
|
||||
except Exception as e:
|
||||
response = xmlrpclib.dumps(
|
||||
xmlrpclib.Fault(1, "Exception caught!: {0}".format(e))
|
||||
)
|
||||
|
||||
return HttpResponse(response, content_type = 'text/xml')
|
||||
|
||||
|
||||
dispatcher = XMLRPCDispatcher()
|
||||
|
||||
# csrf_exempt is needed because we don't expect xmlrcp to be called from a web form
|
||||
@csrf_exempt
|
||||
def xmlrpc(request):
|
||||
if len(request.POST):
|
||||
response = HttpResponse(mimetype="text/xml")
|
||||
data = dispatcher._marshaled_dispatch(request.raw_post_data)
|
||||
#logger.debug(data)
|
||||
response.write(data)
|
||||
response = dispatcher.dispatch(request)
|
||||
else:
|
||||
logger.error('XMLRPC invocation with GET method {0}'.format(request.path))
|
||||
response = HttpResponse()
|
||||
|
Loading…
Reference in New Issue
Block a user