annotate MoinMoin/web/utils.py @ 4524:3e660579be91

web.utils: missing import of caching added
author Reimar Bauer <rb.proj AT googlemail DOT com>
date Sun, 01 Feb 2009 20:28:47 +0100
parents 12ccfa96b1e4
children d8e5e9cfadf1
rev   line source
4144
0a62a439d81b Trying to port some of RequestBase.__init__ to a WSGI app (very crude right now)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
1 # -*- coding: iso-8859-1 -*-
0a62a439d81b Trying to port some of RequestBase.__init__ to a WSGI app (very crude right now)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
2 """
0a62a439d81b Trying to port some of RequestBase.__init__ to a WSGI app (very crude right now)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
3 MoinMoin - Utility functions for the web-layer
0a62a439d81b Trying to port some of RequestBase.__init__ to a WSGI app (very crude right now)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
4
0a62a439d81b Trying to port some of RequestBase.__init__ to a WSGI app (very crude right now)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
5 @copyright: 2003-2008 MoinMoin:ThomasWaldmann,
0a62a439d81b Trying to port some of RequestBase.__init__ to a WSGI app (very crude right now)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
6 2008-2008 MoinMoin:FlorianKrupicka
0a62a439d81b Trying to port some of RequestBase.__init__ to a WSGI app (very crude right now)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
7 @license: GNU GPL, see COPYING for details.
0a62a439d81b Trying to port some of RequestBase.__init__ to a WSGI app (very crude right now)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
8 """
4160
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
9 import time
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
10
4163
d45b0bb15d2f Naive port of auth handling functions
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4162
diff changeset
11 from werkzeug.exceptions import abort
4321
4476d5ca521c Move imports of werkzeug solely into the MoinMoin.web package (to make bundled werkzeug really work)
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4309
diff changeset
12 from werkzeug.utils import redirect, cookie_date
4259
e1a63fb9bb4d Catch configuration errors in the application, not in a debug layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4252
diff changeset
13 from werkzeug.wrappers import Response
4157
264e5687ef1c Factoring out more parts of request.run
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4150
diff changeset
14
4524
3e660579be91 web.utils: missing import of caching added
Reimar Bauer <rb.proj AT googlemail DOT com>
parents: 4523
diff changeset
15 from MoinMoin import caching
4144
0a62a439d81b Trying to port some of RequestBase.__init__ to a WSGI app (very crude right now)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
16 from MoinMoin import log
4157
264e5687ef1c Factoring out more parts of request.run
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4150
diff changeset
17 from MoinMoin import wikiutil
264e5687ef1c Factoring out more parts of request.run
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4150
diff changeset
18 from MoinMoin.Page import Page
4160
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
19 from MoinMoin.web.exceptions import Forbidden, SurgeProtection
4157
264e5687ef1c Factoring out more parts of request.run
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4150
diff changeset
20
4144
0a62a439d81b Trying to port some of RequestBase.__init__ to a WSGI app (very crude right now)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
21 logging = log.getLogger(__name__)
0a62a439d81b Trying to port some of RequestBase.__init__ to a WSGI app (very crude right now)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
22
4160
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
23 def check_forbidden(request):
4162
b36478ce3a0e Function documentation in MoinMoin.web.utils
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4161
diff changeset
24 """ Simple action and host access checks
b36478ce3a0e Function documentation in MoinMoin.web.utils
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4161
diff changeset
25
b36478ce3a0e Function documentation in MoinMoin.web.utils
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4161
diff changeset
26 Spider agents are checked against the called actions,
b36478ce3a0e Function documentation in MoinMoin.web.utils
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4161
diff changeset
27 hosts against the blacklist. Raises Forbidden if triggered.
b36478ce3a0e Function documentation in MoinMoin.web.utils
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4161
diff changeset
28 """
4160
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
29 args = request.args
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
30 action = args.get('action')
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
31 if ((args or request.method != 'GET') and
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
32 action not in ['rss_rc', 'show', 'sitemap'] and
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
33 not (action == 'AttachFile' and args.get('do') == 'get')):
4308
3a4426122606 Code review: factor in the simple spider check
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4259
diff changeset
34 if request.isSpiderAgent:
4160
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
35 raise Forbidden()
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
36 if request.cfg.hosts_deny:
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
37 remote_addr = request.remote_addr
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
38 for host in request.cfg.hosts_deny:
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
39 if host[-1] == '.' and remote_addr.startswith(host):
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
40 logging.debug("hosts_deny (net): %s" % str(forbidden))
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
41 raise Forbidden()
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
42 if remote_addr == host:
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
43 logging.debug("hosts_deny (ip): %s" % str(forbidden))
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
44 raise Forbidden()
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
45 return False
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
46
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
47 def check_surge_protect(request, kick=False):
4162
b36478ce3a0e Function documentation in MoinMoin.web.utils
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4161
diff changeset
48 """ Check for excessive requests
b36478ce3a0e Function documentation in MoinMoin.web.utils
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4161
diff changeset
49
b36478ce3a0e Function documentation in MoinMoin.web.utils
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4161
diff changeset
50 Raises a SurgeProtection exception on wiki overuse.
b36478ce3a0e Function documentation in MoinMoin.web.utils
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4161
diff changeset
51
b36478ce3a0e Function documentation in MoinMoin.web.utils
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4161
diff changeset
52 @param request: a moin request object
4160
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
53 """
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
54 limits = request.cfg.surge_action_limits
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
55 if not limits:
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
56 return False
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
57
4252
c2ee4633b9e8 Merged with 1.8
zenhase <zh@punyco.de>
parents: 4198
diff changeset
58 remote_addr = request.remote_addr or ''
c2ee4633b9e8 Merged with 1.8
zenhase <zh@punyco.de>
parents: 4198
diff changeset
59 if remote_addr.startswith('127.'):
c2ee4633b9e8 Merged with 1.8
zenhase <zh@punyco.de>
parents: 4198
diff changeset
60 return False
c2ee4633b9e8 Merged with 1.8
zenhase <zh@punyco.de>
parents: 4198
diff changeset
61
4160
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
62 validuser = request.user.valid
4252
c2ee4633b9e8 Merged with 1.8
zenhase <zh@punyco.de>
parents: 4198
diff changeset
63 current_id = validuser and request.user.name or remote_addr
4160
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
64 current_action = request.action
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
65
4252
c2ee4633b9e8 Merged with 1.8
zenhase <zh@punyco.de>
parents: 4198
diff changeset
66 default_limit = limits.get('default', (30, 60))
4160
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
67
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
68 now = int(time.time())
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
69 surgedict = {}
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
70 surge_detected = False
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
71
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
72 try:
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
73 # if we have common farm users, we could also use scope='farm':
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
74 cache = caching.CacheEntry(request, 'surgeprotect', 'surge-log', scope='wiki', use_encode=True)
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
75 if cache.exists():
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
76 data = cache.content()
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
77 data = data.split("\n")
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
78 for line in data:
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
79 try:
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
80 id, t, action, surge_indicator = line.split("\t")
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
81 t = int(t)
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
82 maxnum, dt = limits.get(action, default_limit)
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
83 if t >= now - dt:
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
84 events = surgedict.setdefault(id, {})
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
85 timestamps = events.setdefault(action, [])
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
86 timestamps.append((t, surge_indicator))
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
87 except StandardError:
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
88 pass
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
89
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
90 maxnum, dt = limits.get(current_action, default_limit)
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
91 events = surgedict.setdefault(current_id, {})
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
92 timestamps = events.setdefault(current_action, [])
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
93 surge_detected = len(timestamps) > maxnum
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
94
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
95 surge_indicator = surge_detected and "!" or ""
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
96 timestamps.append((now, surge_indicator))
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
97 if surge_detected:
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
98 if len(timestamps) < maxnum * 2:
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
99 timestamps.append((now + request.cfg.surge_lockout_time, surge_indicator)) # continue like that and get locked out
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
100
4252
c2ee4633b9e8 Merged with 1.8
zenhase <zh@punyco.de>
parents: 4198
diff changeset
101 if current_action not in ('cache', 'AttachFile', ): # don't add cache/AttachFile accesses to all or picture galleries will trigger SP
4160
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
102 current_action = 'all' # put a total limit on user's requests
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
103 maxnum, dt = limits.get(current_action, default_limit)
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
104 events = surgedict.setdefault(current_id, {})
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
105 timestamps = events.setdefault(current_action, [])
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
106
4523
12ccfa96b1e4 web.utils: typo in parameter kick fixed
Reimar Bauer <rb.proj AT googlemail DOT com>
parents: 4321
diff changeset
107 if kick: # ban this guy, NOW
4160
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
108 timestamps.extend([(now + request.cfg.surge_lockout_time, "!")] * (2 * maxnum))
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
109
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
110 surge_detected = surge_detected or len(timestamps) > maxnum
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
111
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
112 surge_indicator = surge_detected and "!" or ""
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
113 timestamps.append((now, surge_indicator))
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
114 if surge_detected:
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
115 if len(timestamps) < maxnum * 2:
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
116 timestamps.append((now + request.cfg.surge_lockout_time, surge_indicator)) # continue like that and get locked out
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
117
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
118 data = []
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
119 for id, events in surgedict.items():
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
120 for action, timestamps in events.items():
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
121 for t, surge_indicator in timestamps:
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
122 data.append("%s\t%d\t%s\t%s" % (id, t, action, surge_indicator))
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
123 data = "\n".join(data)
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
124 cache.update(data)
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
125 except StandardError:
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
126 pass
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
127
4252
c2ee4633b9e8 Merged with 1.8
zenhase <zh@punyco.de>
parents: 4198
diff changeset
128 if surge_detected and validuser and request.user.auth_method in request.cfg.auth_methods_trusted:
c2ee4633b9e8 Merged with 1.8
zenhase <zh@punyco.de>
parents: 4198
diff changeset
129 logging.info("Trusted user %s would have triggered surge protection if not trusted.", request.user.name)
c2ee4633b9e8 Merged with 1.8
zenhase <zh@punyco.de>
parents: 4198
diff changeset
130 return False
c2ee4633b9e8 Merged with 1.8
zenhase <zh@punyco.de>
parents: 4198
diff changeset
131 elif surge_detected:
4160
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
132 raise SurgeProtection(retry_after=request.cfg.surge_lockout_time)
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
133 else:
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
134 return False
1ea1d69b28e8 Factored out surge protection and forbidden checks
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4158
diff changeset
135
4157
264e5687ef1c Factoring out more parts of request.run
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4150
diff changeset
136 def redirect_last_visited(request):
264e5687ef1c Factoring out more parts of request.run
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4150
diff changeset
137 pagetrail = request.user.getTrail()
264e5687ef1c Factoring out more parts of request.run
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4150
diff changeset
138 if pagetrail:
264e5687ef1c Factoring out more parts of request.run
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4150
diff changeset
139 # Redirect to last page visited
264e5687ef1c Factoring out more parts of request.run
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4150
diff changeset
140 last_visited = pagetrail[-1]
264e5687ef1c Factoring out more parts of request.run
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4150
diff changeset
141 wikiname, pagename = wikiutil.split_interwiki(last_visited)
264e5687ef1c Factoring out more parts of request.run
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4150
diff changeset
142 if wikiname != 'Self':
264e5687ef1c Factoring out more parts of request.run
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4150
diff changeset
143 wikitag, wikiurl, wikitail, error = wikiutil.resolve_interwiki(request, wikiname, pagename)
264e5687ef1c Factoring out more parts of request.run
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4150
diff changeset
144 url = wikiurl + wikiutil.quoteWikinameURL(wikitail)
264e5687ef1c Factoring out more parts of request.run
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4150
diff changeset
145 else:
264e5687ef1c Factoring out more parts of request.run
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4150
diff changeset
146 url = Page(request, pagename).url(request)
264e5687ef1c Factoring out more parts of request.run
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4150
diff changeset
147 else:
264e5687ef1c Factoring out more parts of request.run
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4150
diff changeset
148 # Or to localized FrontPage
264e5687ef1c Factoring out more parts of request.run
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4150
diff changeset
149 url = wikiutil.getFrontPage(request).url(request)
264e5687ef1c Factoring out more parts of request.run
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4150
diff changeset
150 url = request.getQualifiedURL(url)
4163
d45b0bb15d2f Naive port of auth handling functions
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4162
diff changeset
151 return abort(redirect(url))
4169
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
152
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
153 class UniqueIDGenerator(object):
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
154 def __init__(self, pagename=None):
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
155 self.unique_stack = []
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
156 self.include_stack = []
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
157 self.include_id = None
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
158 self.page_ids = {None: {}}
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
159 self.pagename = pagename
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
160
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
161 def push(self):
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
162 """
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
163 Used by the TOC macro, this ensures that the ID namespaces
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
164 are reset to the status when the current include started.
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
165 This guarantees that doing the ID enumeration twice results
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
166 in the same results, on any level.
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
167 """
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
168 self.unique_stack.append((self.page_ids, self.include_id))
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
169 self.include_id, pids = self.include_stack[-1]
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
170 self.page_ids = {}
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
171 for namespace in pids:
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
172 self.page_ids[namespace] = pids[namespace].copy()
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
173
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
174 def pop(self):
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
175 """
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
176 Used by the TOC macro to reset the ID namespaces after
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
177 having parsed the page for TOC generation and after
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
178 printing the TOC.
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
179 """
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
180 self.page_ids, self.include_id = self.unique_stack.pop()
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
181 return self.page_ids, self.include_id
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
182
4172
2f64eb47d934 Fixed: missing argument for UniqueIDGenerator.begin
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4169
diff changeset
183 def begin(self, base):
4169
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
184 """
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
185 Called by the formatter when a document begins, which means
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
186 that include causing nested documents gives us an include
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
187 stack in self.include_id_stack.
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
188 """
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
189 pids = {}
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
190 for namespace in self.page_ids:
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
191 pids[namespace] = self.page_ids[namespace].copy()
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
192 self.include_stack.append((self.include_id, pids))
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
193 self.include_id = self(base)
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
194 # if it's the page name then set it to None so we don't
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
195 # prepend anything to IDs, but otherwise keep it.
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
196 if self.pagename and self.pagename == self.include_id:
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
197 self.include_id = None
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
198
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
199 def end(self):
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
200 """
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
201 Called by the formatter when a document ends, restores
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
202 the current include ID to the previous one and discards
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
203 the page IDs state we kept around for push().
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
204 """
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
205 self.include_id, pids = self.include_stack.pop()
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
206
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
207 def __call__(self, base, namespace=None):
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
208 """
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
209 Generates a unique ID using a given base name. Appends a running count to the base.
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
210
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
211 Needs to stay deterministic!
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
212
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
213 @param base: the base of the id
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
214 @type base: unicode
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
215 @param namespace: the namespace for the ID, used when including pages
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
216
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
217 @returns: a unique (relatively to the namespace) ID
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
218 @rtype: unicode
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
219 """
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
220 if not isinstance(base, unicode):
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
221 base = unicode(str(base), 'ascii', 'ignore')
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
222 if not namespace in self.page_ids:
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
223 self.page_ids[namespace] = {}
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
224 count = self.page_ids[namespace].get(base, -1) + 1
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
225 self.page_ids[namespace][base] = count
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
226 if not count:
1d5995a6a0e2 Moved unique-id-generation from request into own object
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4163
diff changeset
227 return base
4198
988b2b672219 Fix tests: source code (indentation, whitespace) mostly
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4193
diff changeset
228 return u'%s-%d' % (base, count)
4259
e1a63fb9bb4d Catch configuration errors in the application, not in a debug layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4252
diff changeset
229
e1a63fb9bb4d Catch configuration errors in the application, not in a debug layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4252
diff changeset
230 FATALTMPL = """
e1a63fb9bb4d Catch configuration errors in the application, not in a debug layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4252
diff changeset
231 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
e1a63fb9bb4d Catch configuration errors in the application, not in a debug layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4252
diff changeset
232 <html>
e1a63fb9bb4d Catch configuration errors in the application, not in a debug layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4252
diff changeset
233 <head><title>%(title)s</title></head>
e1a63fb9bb4d Catch configuration errors in the application, not in a debug layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4252
diff changeset
234 <body><h1>%(title)s</h1>
e1a63fb9bb4d Catch configuration errors in the application, not in a debug layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4252
diff changeset
235 <pre>
e1a63fb9bb4d Catch configuration errors in the application, not in a debug layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4252
diff changeset
236 %(body)s
e1a63fb9bb4d Catch configuration errors in the application, not in a debug layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4252
diff changeset
237 </pre></body></html>
e1a63fb9bb4d Catch configuration errors in the application, not in a debug layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4252
diff changeset
238 """
e1a63fb9bb4d Catch configuration errors in the application, not in a debug layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4252
diff changeset
239 def fatal_response(error):
e1a63fb9bb4d Catch configuration errors in the application, not in a debug layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4252
diff changeset
240 """ Create a response from MoinMoin.error.FatalError instances. """
e1a63fb9bb4d Catch configuration errors in the application, not in a debug layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4252
diff changeset
241 html = FATALTMPL % dict(title=error.__class__.__name__,
e1a63fb9bb4d Catch configuration errors in the application, not in a debug layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4252
diff changeset
242 body=str(error))
e1a63fb9bb4d Catch configuration errors in the application, not in a debug layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4252
diff changeset
243 return Response(html, status=500, mimetype='text/html')