archive/pillar
0
0
Fork 0
Code Issues 42 Pull Requests Projects Releases Wiki Activity

Merge branch 'master' into elastic

Browse Source
This commit is contained in:
Sybren A. Stüvel 2018-01-03 17:42:01 +01:00
commit f1b3409052
5 changed files with 22 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
pillar/__init__.py
View File

@ -210,14 +210,7 @@ class PillarServer(BlinkerCompatibleEve):
self.sentry = sentry_extra.PillarSentry( self.sentry = sentry_extra.PillarSentry(
self, logging=True, level=logging.WARNING, self, logging=True, level=logging.WARNING,
logging_exclusions=('werkzeug',)) logging_exclusions=('werkzeug',))
self.log.debug('Sentry setup complete')
# bugsnag.before_notify(bugsnag_extra.add_pillar_request_to_notification)
# got_request_exception.connect(self.__notify_bugsnag)
self.log.info('Sentry setup complete')
def __notify_bugsnag(self, sender, exception, **extra):
import bugsnag
bugsnag.auto_notify(exception)
def _config_google_cloud_storage(self): def _config_google_cloud_storage(self):
# Google Cloud project # Google Cloud project

21
pillar/api/blender_id.py
View File

@ -209,14 +209,19 @@ def fetch_blenderid_user() -> dict:
:raises LogoutUser: when Blender ID tells us the current token is :raises LogoutUser: when Blender ID tells us the current token is
invalid, and the user should be logged out. invalid, and the user should be logged out.
""" """
import httplib2 # used by the oauth2 package import httplib2 # used by the oauth2 package
my_log = log.getChild('fetch_blenderid_user')
bid_url = '%s/api/user' % blender_id_endpoint() bid_url = '%s/api/user' % blender_id_endpoint()
log.debug('Fetching user info from %s', bid_url) my_log.debug('Fetching user info from %s', bid_url)
credentials = current_app.config['OAUTH_CREDENTIALS']['blender-id'] credentials = current_app.config['OAUTH_CREDENTIALS']['blender-id']
oauth_token = session['blender_id_oauth_token'] oauth_token = session.get('blender_id_oauth_token')
if not oauth_token:
my_log.warning('no Blender ID oauth token found in user session')
return {}
assert isinstance(oauth_token, str), f'oauth token must be str, not {type(oauth_token)}' assert isinstance(oauth_token, str), f'oauth token must be str, not {type(oauth_token)}'
oauth_session = OAuth2Session( oauth_session = OAuth2Session(
@ -226,23 +231,23 @@ def fetch_blenderid_user() -> dict:
try: try:
bid_resp = oauth_session.get(bid_url) bid_resp = oauth_session.get(bid_url)
except httplib2.HttpLib2Error: except httplib2.HttpLib2Error:
log.exception('Error getting %s from BlenderID', bid_url) my_log.exception('Error getting %s from BlenderID', bid_url)
return {} return {}
if bid_resp.status_code == 403: if bid_resp.status_code == 403:
log.warning('Error %i from BlenderID %s, logging out user', bid_resp.status_code, bid_url) my_log.warning('Error %i from BlenderID %s, logging out user', bid_resp.status_code, bid_url)
raise LogoutUser() raise LogoutUser()
if bid_resp.status_code != 200: if bid_resp.status_code != 200:
log.warning('Error %i from BlenderID %s: %s', bid_resp.status_code, bid_url, bid_resp.text) my_log.warning('Error %i from BlenderID %s: %s', bid_resp.status_code, bid_url, bid_resp.text)
return {} return {}
payload = bid_resp.json() payload = bid_resp.json()
if not payload: if not payload:
log.warning('Empty data returned from BlenderID %s', bid_url) my_log.warning('Empty data returned from BlenderID %s', bid_url)
return {} return {}
log.debug('BlenderID returned %s', payload) my_log.debug('BlenderID returned %s', payload)
return payload return payload

4
pillar/api/users/hooks.py
View File

@ -168,8 +168,8 @@ def grant_org_roles(user_doc):
email = user_doc.get('email') email = user_doc.get('email')
if not email: if not email:
log.warning('Unable to check new user for organization membership, no email address! %r', log.info('Unable to check new user for organization membership, no email address: %r',
user_doc) user_doc)
return return
org_roles = current_app.org_manager.unknown_member_roles(email) org_roles = current_app.org_manager.unknown_member_roles(email)

8
pillar/api/utils/authorization.py
View File

@ -345,13 +345,13 @@ def require_login(*, require_roles=set(),
return render_error() return render_error()
if require_roles and not current_user.matches_roles(require_roles, require_all): if require_roles and not current_user.matches_roles(require_roles, require_all):
log.warning('User %s is authenticated, but does not have required roles %s to ' log.info('User %s is authenticated, but does not have required roles %s to '
'access %s', current_user.user_id, require_roles, func) 'access %s', current_user.user_id, require_roles, func)
return render_error() return render_error()
if require_cap and not current_user.has_cap(require_cap): if require_cap and not current_user.has_cap(require_cap):
log.warning('User %s is authenticated, but does not have required capability %s to ' log.info('User %s is authenticated, but does not have required capability %s to '
'access %s', current_user.user_id, require_cap, func) 'access %s', current_user.user_id, require_cap, func)
return render_error() return render_error()
return func(*args, **kwargs) return func(*args, **kwargs)

4
pillar/sdk.py
View File

@ -41,8 +41,8 @@ class FlaskInternalApi(pillarsdk.Api):
try: try:
content = self.handle_response(response, response.data) content = self.handle_response(response, response.data)
except: except:
log.warning("%s: Response[%s]: %s", url, response.status_code, log.debug("%s: Response[%s]: %s", url, response.status_code,
response.data) response.data, exc_info=True)
raise raise
return content return content