Statistics
| Branch: | Tag: | Revision:

root / snf-django-lib / snf_django / lib / api / __init__.py @ 34bd6588

History | View | Annotate | Download (10.3 kB)

1
# Copyright 2012, 2013 GRNET S.A. All rights reserved.
2
#
3
# Redistribution and use in source and binary forms, with or
4
# without modification, are permitted provided that the following
5
# conditions are met:
6
#
7
#   1. Redistributions of source code must retain the above
8
#      copyright notice, this list of conditions and the following
9
#      disclaimer.
10
#
11
#   2. Redistributions in binary form must reproduce the above
12
#      copyright notice, this list of conditions and the following
13
#      disclaimer in the documentation and/or other materials
14
#      provided with the distribution.
15
#
16
# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS
17
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
19
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR
20
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
21
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
22
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
23
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
24
# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
26
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27
# POSSIBILITY OF SUCH DAMAGE.
28
#
29
# The views and conclusions contained in the software and
30
# documentation are those of the authors and should not be
31
# interpreted as representing official policies, either expressed
32
# or implied, of GRNET S.A.
33

    
34
from functools import wraps
35
from traceback import format_exc
36
from time import time
37
from logging import getLogger
38
from wsgiref.handlers import format_date_time
39

    
40
from django.http import HttpResponse
41
from django.utils import cache
42
from django.utils import simplejson as json
43
from django.template.loader import render_to_string
44
from django.views.decorators import csrf
45

    
46
from astakosclient import AstakosClient
47
from astakosclient.errors import AstakosClientException
48
from django.conf import settings
49
from snf_django.lib.api import faults
50

    
51
import itertools
52

    
53
log = getLogger(__name__)
54

    
55

    
56
def get_token(request):
57
    """Get the Authentication Token of a request."""
58
    token = request.GET.get("X-Auth-Token", None)
59
    if not token:
60
        token = request.META.get("HTTP_X_AUTH_TOKEN", None)
61
    return token
62

    
63

    
64
def api_method(http_method=None, token_required=True, user_required=True,
65
               logger=None, format_allowed=True, astakos_url=None,
66
               serializations=None, strict_serlization=False):
67
    """Decorator function for views that implement an API method."""
68
    if not logger:
69
        logger = log
70

    
71
    serializations = serializations or ['json', 'xml']
72

    
73
    def decorator(func):
74
        @wraps(func)
75
        def wrapper(request, *args, **kwargs):
76
            try:
77
                # Get the requested serialization format
78
                serialization = get_serialization(
79
                    request, format_allowed, serializations[0])
80

    
81
                # If guessed serialization is not supported, fallback to
82
                # the default serialization or return an API error in case
83
                # strict serialization flag is set.
84
                if not serialization in serializations:
85
                    if strict_serlization:
86
                        raise faults.BadRequest(("%s serialization not "
87
                                                "supported") % serialization)
88
                    serialization = serializations[0]
89
                request.serialization = serialization
90

    
91
                # Check HTTP method
92
                if http_method and request.method != http_method:
93
                    raise faults.BadRequest("Method not allowed")
94

    
95
                # Get authentication token
96
                request.x_auth_token = None
97
                if token_required or user_required:
98
                    token = get_token(request)
99
                    if not token:
100
                        msg = "Access denied. No authentication token"
101
                        raise faults.Unauthorized(msg)
102
                    request.x_auth_token = token
103

    
104
                # Authenticate
105
                if user_required:
106
                    assert(token_required), "Can not get user without token"
107
                    astakos = astakos_url or settings.ASTAKOS_BASE_URL
108
                    astakos = AstakosClient(astakos,
109
                                            use_pool=True,
110
                                            retry=2,
111
                                            logger=logger)
112
                    user_info = astakos.get_user_info(token)
113
                    request.user_uniq = user_info["uuid"]
114
                    request.user = user_info
115

    
116
                # Get the response object
117
                response = func(request, *args, **kwargs)
118

    
119
                # Fill in response variables
120
                update_response_headers(request, response)
121
                return response
122
            except faults.Fault, fault:
123
                if fault.code >= 500:
124
                    logger.exception("API ERROR")
125
                return render_fault(request, fault)
126
            except AstakosClientException as err:
127
                fault = faults.Fault(message=err.message,
128
                                     details=err.details,
129
                                     code=err.status)
130
                if fault.code >= 500:
131
                    logger.exception("Astakos ERROR")
132
                return render_fault(request, fault)
133
            except:
134
                logger.exception("Unexpected ERROR")
135
                fault = faults.InternalServerError("Unexpected error")
136
                return render_fault(request, fault)
137
        return csrf.csrf_exempt(wrapper)
138
    return decorator
139

    
140

    
141
def get_serialization(request, format_allowed=True, default_serialization="json"):
142
    """Return the serialization format requested.
143

144
    Valid formats are 'json' and 'xml' and 'text'
145
    """
146

    
147
    if not format_allowed:
148
        return "text"
149

    
150
    # Try to get serialization from 'format' parameter
151
    _format = request.GET.get("format")
152
    if _format:
153
        if _format == "json":
154
            return "json"
155
        elif _format == "xml":
156
            return "xml"
157

    
158
    # Try to get serialization from path
159
    path = request.path
160
    if path.endswith(".json"):
161
        return "json"
162
    elif path.endswith(".xml"):
163
        return "xml"
164

    
165
    for item in request.META.get("HTTP_ACCEPT", "").split(","):
166
        accept, sep, rest = item.strip().partition(";")
167
        if accept == "application/json":
168
            return "json"
169
        elif accept == "application/xml":
170
            return "xml"
171

    
172
    return default_serialization
173

    
174

    
175
def update_response_headers(request, response):
176
    if not getattr(response, "override_serialization", False):
177
        serialization = request.serialization
178
        if serialization == "xml":
179
            response["Content-Type"] = "application/xml; charset=UTF-8"
180
        elif serialization == "json":
181
            response["Content-Type"] = "application/json; charset=UTF-8"
182
        elif serialization == "text":
183
            response["Content-Type"] = "text/plain; charset=UTF-8"
184
        else:
185
            raise ValueError("Unknown serialization format '%s'" %
186
                             serialization)
187

    
188
    if settings.DEBUG or getattr(settings, "TEST", False):
189
        response["Date"] = format_date_time(time())
190

    
191
    if not response.has_header("Content-Length"):
192
        _is_string = getattr(response, '_is_string', None)  # Django==1.2
193
        _base_content_is_iter = getattr(response, '_base_content_is_iter',
194
                                        None)
195
        if (_is_string is not None and _is_string) or\
196
                (_base_content_is_iter is not None and
197
                    not _base_content_is_iter):
198
            response["Content-Length"] = len(response.content)
199
        else:
200
            if not (response.has_header('Content-Type') and
201
                    response['Content-Type'].startswith(
202
                        'multipart/byteranges')):
203
                # save response content from been consumed if it is an iterator
204
                response._container, data = itertools.tee(response._container)
205
                response["Content-Length"] = len(str(data))
206

    
207
    cache.add_never_cache_headers(response)
208
    # Fix Vary and Cache-Control Headers. Issue: #3448
209
    cache.patch_vary_headers(response, ('X-Auth-Token',))
210
    cache.patch_cache_control(response, no_cache=True, no_store=True,
211
                              must_revalidate=True)
212

    
213

    
214
def render_fault(request, fault):
215
    """Render an API fault to an HTTP response."""
216
    # If running in debug mode add exception information to fault details
217
    if settings.DEBUG or getattr(settings, "TEST", False):
218
        fault.details = format_exc()
219

    
220
    try:
221
        serialization = request.serialization
222
    except AttributeError:
223
        request.serialization = "json"
224
        serialization = "json"
225

    
226
    # Serialize the fault data to xml or json
227
    if serialization == "xml":
228
        data = render_to_string("fault.xml", {"fault": fault})
229
    else:
230
        d = {fault.name: {"code": fault.code,
231
                          "message": fault.message,
232
                          "details": fault.details}}
233
        data = json.dumps(d)
234

    
235
    response = HttpResponse(data, status=fault.code)
236
    update_response_headers(request, response)
237
    return response
238

    
239

    
240
@api_method(token_required=False, user_required=False)
241
def api_endpoint_not_found(request):
242
    raise faults.BadRequest("API endpoint not found")
243

    
244

    
245
@api_method(token_required=False, user_required=False)
246
def api_method_not_allowed(request):
247
    raise faults.BadRequest('Method not allowed')
248

    
249

    
250
def allow_jsonp(key='callback'):
251
    """
252
    Wrapper to enable jsonp responses.
253
    """
254
    def wrapper(func):
255
        def view_wrapper(request, *args, **kwargs):
256
            response = func(request, *args, **kwargs)
257
            if 'content-type' in response._headers and \
258
               response._headers['content-type'][1] == 'application/json':
259
                callback_name = request.GET.get(key, None)
260
                if callback_name:
261
                    response.content = "%s(%s)" % (callback_name,
262
                                                   response.content)
263
                    response._headers['content-type'] = ('Content-Type',
264
                                                         'text/javascript')
265
            return response
266
        return view_wrapper
267
    return wrapper