1 #----------------------------------------------------------
2 # ir_http modular http routing
3 #----------------------------------------------------------
8 import werkzeug.exceptions
9 import werkzeug.routing
14 import openerp.exceptions
16 from openerp import http
17 from openerp.http import request
18 from openerp.osv import osv, orm
20 _logger = logging.getLogger(__name__)
22 UID_PLACEHOLDER = object()
24 class ModelConverter(werkzeug.routing.BaseConverter):
26 def __init__(self, url_map, model=False):
27 super(ModelConverter, self).__init__(url_map)
29 self.regex = '([0-9]+)'
31 def to_python(self, value):
32 m = re.match(self.regex, value)
33 return request.registry[self.model].browse(
34 request.cr, UID_PLACEHOLDER, int(m.group(1)), context=request.context)
36 def to_url(self, value):
39 class ModelsConverter(werkzeug.routing.BaseConverter):
41 def __init__(self, url_map, model=False):
42 super(ModelsConverter, self).__init__(url_map)
44 # TODO add support for slug in the form [A-Za-z0-9-] bla-bla-89 -> id 89
45 self.regex = '([0-9,]+)'
47 def to_python(self, value):
48 return request.registry[self.model].browse(request.cr, UID_PLACEHOLDER, [int(i) for i in value.split(',')], context=request.context)
50 def to_url(self, value):
51 return ",".join(i.id for i in value)
53 class ir_http(osv.AbstractModel):
55 _description = "HTTP routing"
57 def _get_converters(self):
58 return {'model': ModelConverter, 'models': ModelsConverter}
60 def _find_handler(self, return_rule=False):
61 return self.routing_map().bind_to_environ(request.httprequest.environ).match(return_rule=return_rule)
63 def _auth_method_user(self):
64 request.uid = request.session.uid
66 if not request.params.get('noredirect'):
67 query = werkzeug.urls.url_encode({
68 'redirect': request.httprequest.url,
70 response = werkzeug.utils.redirect('/web/login?%s' % query)
71 werkzeug.exceptions.abort(response)
72 raise http.SessionExpiredException("Session expired")
74 def _auth_method_none(self):
77 def _auth_method_public(self):
78 if not request.session.uid:
79 dummy, request.uid = self.pool['ir.model.data'].get_object_reference(request.cr, openerp.SUPERUSER_ID, 'base', 'public_user')
81 request.uid = request.session.uid
83 def _authenticate(self, auth_method='user'):
85 if request.session.uid:
87 request.session.check_security()
88 # what if error in security.check()
89 # -> res_users.check()
90 # -> res_users.check_credentials()
91 except (openerp.exceptions.AccessDenied, openerp.http.SessionExpiredException):
92 # All other exceptions mean undetermined status (e.g. connection pool full),
94 request.session.logout()
95 getattr(self, "_auth_method_%s" % auth_method)()
96 except (openerp.exceptions.AccessDenied, openerp.http.SessionExpiredException):
99 _logger.exception("Exception during request Authentication.")
100 raise openerp.exceptions.AccessDenied()
103 def _handle_exception(self, exception):
104 # If handle_exception returns something different than None, it will be used as a response
105 return request._handle_exception(exception)
108 # locate the controller method
110 rule, arguments = self._find_handler(return_rule=True)
112 except werkzeug.exceptions.NotFound, e:
113 return self._handle_exception(e)
115 # check authentication level
117 auth_method = self._authenticate(func.routing["auth"])
119 # force a Forbidden exception with the original traceback
120 return self._handle_exception(
121 convert_exception_to(
122 werkzeug.exceptions.Forbidden))
124 processing = self._postprocess_args(arguments, rule)
129 # set and execute handler
131 request.set_handler(func, arguments, auth_method)
132 result = request.dispatch()
133 if isinstance(result, Exception):
136 return self._handle_exception(e)
140 def _postprocess_args(self, arguments, rule):
141 """ post process arg to set uid on browse records """
142 for name, arg in arguments.items():
143 if isinstance(arg, orm.browse_record) and arg._uid is UID_PLACEHOLDER:
144 arguments[name] = arg.sudo(request.uid)
147 except openerp.models.MissingError:
148 return self._handle_exception(werkzeug.exceptions.NotFound())
150 def routing_map(self):
151 if not hasattr(self, '_routing_map'):
152 _logger.info("Generating routing map")
154 m = request.registry.get('ir.module.module')
155 ids = m.search(cr, openerp.SUPERUSER_ID, [('state', '=', 'installed'), ('name', '!=', 'web')], context=request.context)
156 installed = set(x['name'] for x in m.read(cr, 1, ids, ['name'], context=request.context))
157 if openerp.tools.config['test_enable']:
158 installed.add(openerp.modules.module.current_test)
159 mods = [''] + openerp.conf.server_wide_modules + sorted(installed)
160 self._routing_map = http.routing_map(mods, False, converters=self._get_converters())
162 return self._routing_map
164 def convert_exception_to(to_type, with_message=False):
165 """ Should only be called from an exception handler. Fetches the current
166 exception data from sys.exc_info() and creates a new exception of type
167 ``to_type`` with the original traceback.
169 If ``with_message`` is ``True``, sets the new exception's message to be
170 the stringification of the original exception. If ``False``, does not
171 set the new exception's message. Otherwise, uses ``with_message`` as the
172 new exception's message.
174 :type with_message: str|bool
176 etype, original, tb = sys.exc_info()
178 if with_message is False:
180 elif with_message is True:
181 message = str(original)
183 message = str(with_message)
185 raise to_type, message, tb