openerp/addons/base/ir/ir_http.py

   1 #----------------------------------------------------------
   2 # ir_http modular http routing
   3 #----------------------------------------------------------
   4 import logging
   5 import re
   6 import sys
   7
   8 import werkzeug.exceptions
   9 import werkzeug.routing
  10
  11 import openerp
  12 from openerp import http
  13 from openerp.http import request
  14 from openerp.osv import osv, orm
  15
  16 _logger = logging.getLogger(__name__)
  17
  18 UID_PLACEHOLDER = object()
  19
  20 class ModelConverter(werkzeug.routing.BaseConverter):
  21
  22     def __init__(self, url_map, model=False):
  23         super(ModelConverter, self).__init__(url_map)
  24         self.model = model
  25         self.regex = '([0-9]+)'
  26
  27     def to_python(self, value):
  28         m = re.match(self.regex, value)
  29         return request.registry[self.model].browse(
  30             request.cr, UID_PLACEHOLDER, int(m.group(1)), context=request.context)
  31
  32     def to_url(self, value):
  33         return value.id
  34
  35 class ModelsConverter(werkzeug.routing.BaseConverter):
  36
  37     def __init__(self, url_map, model=False):
  38         super(ModelsConverter, self).__init__(url_map)
  39         self.model = model
  40         # TODO add support for slug in the form [A-Za-z0-9-] bla-bla-89 -> id 89
  41         self.regex = '([0-9,]+)'
  42
  43     def to_python(self, value):
  44         return request.registry[self.model].browse(request.cr, UID_PLACEHOLDER, [int(i) for i in value.split(',')], context=request.context)
  45
  46     def to_url(self, value):
  47         return ",".join(i.id for i in value)
  48
  49 class ir_http(osv.AbstractModel):
  50     _name = 'ir.http'
  51     _description = "HTTP routing"
  52
  53     def _get_converters(self):
  54         return {'model': ModelConverter, 'models': ModelsConverter}
  55
  56     def _find_handler(self):
  57         return self.routing_map().bind_to_environ(request.httprequest.environ).match()
  58
  59     def _auth_method_user(self):
  60         request.uid = request.session.uid
  61         if not request.uid:
  62             raise http.SessionExpiredException("Session expired")
  63
  64     def _auth_method_none(self):
  65         request.uid = None
  66
  67     def _auth_method_public(self):
  68         if not request.session.uid:
  69             dummy, request.uid = self.pool['ir.model.data'].get_object_reference(request.cr, openerp.SUPERUSER_ID, 'base', 'public_user')
  70         else:
  71             request.uid = request.session.uid
  72
  73     def _authenticate(self, auth_method='user'):
  74         try:
  75             if request.session.uid:
  76                 try:
  77                     request.session.check_security()
  78                     # what if error in security.check()
  79                     #   -> res_users.check()
  80                     #   -> res_users.check_credentials()
  81                 except (openerp.exceptions.AccessDenied, openerp.http.SessionExpiredException):
  82                     # All other exceptions mean undetermined status (e.g. connection pool full),
  83                     # let them bubble up
  84                     request.session.logout()
  85             getattr(self, "_auth_method_%s" % auth_method)()
  86         except (openerp.exceptions.AccessDenied, openerp.http.SessionExpiredException):
  87             raise
  88         except Exception:
  89             _logger.exception("Exception during request Authentication.")
  90             raise openerp.exceptions.AccessDenied()
  91         return auth_method
  92
  93     def _handle_exception(self, exception):
  94         # If handle_exception returns something different than None, it will be used as a response
  95         return request._handle_exception(exception)
  96
  97     def _dispatch(self):
  98         # locate the controller method
  99         try:
 100             func, arguments = self._find_handler()
 101         except werkzeug.exceptions.NotFound, e:
 102             return self._handle_exception(e)
 103
 104         # check authentication level
 105         try:
 106             auth_method = self._authenticate(func.routing["auth"])
 107         except Exception:
 108             # force a Forbidden exception with the original traceback
 109             return self._handle_exception(
 110                 convert_exception_to(
 111                     werkzeug.exceptions.Forbidden))
 112
 113         processing = self._postprocess_args(arguments)
 114         if processing:
 115             return processing
 116
 117
 118         # set and execute handler
 119         try:
 120             request.set_handler(func, arguments, auth_method)
 121             result = request.dispatch()
 122             if isinstance(result, Exception):
 123                 raise result
 124         except Exception, e:
 125             return self._handle_exception(e)
 126
 127         return result
 128
 129     def _postprocess_args(self, arguments):
 130         """ post process arg to set uid on browse records """
 131         for arg in arguments.itervalues():
 132             if isinstance(arg, orm.browse_record) and arg._uid is UID_PLACEHOLDER:
 133                 arg._uid = request.uid
 134                 try:
 135                     arg[arg._rec_name]
 136                 except KeyError:
 137                     return self._handle_exception(werkzeug.exceptions.NotFound())
 138
 139     def routing_map(self):
 140         if not hasattr(self, '_routing_map'):
 141             _logger.info("Generating routing map")
 142             cr = request.cr
 143             m = request.registry.get('ir.module.module')
 144             ids = m.search(cr, openerp.SUPERUSER_ID, [('state', '=', 'installed'), ('name', '!=', 'web')], context=request.context)
 145             installed = set(x['name'] for x in m.read(cr, 1, ids, ['name'], context=request.context))
 146             mods = [''] + openerp.conf.server_wide_modules + sorted(installed)
 147             self._routing_map = http.routing_map(mods, False, converters=self._get_converters())
 148
 149         return self._routing_map
 150
 151 def convert_exception_to(to_type, with_message=False):
 152     """ Should only be called from an exception handler. Fetches the current
 153     exception data from sys.exc_info() and creates a new exception of type
 154     ``to_type`` with the original traceback.
 155
 156     If ``with_message`` is ``True``, sets the new exception's message to be
 157     the stringification of the original exception. If ``False``, does not
 158     set the new exception's message. Otherwise, uses ``with_message`` as the
 159     new exception's message.
 160
 161     :type with_message: str|bool
 162     """
 163     etype, original, tb = sys.exc_info()
 164     try:
 165         if with_message is False:
 166             message = None
 167         elif with_message is True:
 168             message = str(original)
 169         else:
 170             message = str(with_message)
 171
 172         raise to_type, message, tb
 173     except to_type, e:
 174         return e
 175
 176 # vim:et: