Merge branch 'master' into elastic

2018-01-03 17:42:01 +01:00 · 2018-01-03 17:42:01 +01:00 · f1b3409052
commit f1b3409052
parent 85d6f76000 91660fefe4
5 changed files with 22 additions and 24 deletions
--- a/pillar/init.py
+++ b/pillar/init.py
@ -210,14 +210,7 @@ class PillarServer(BlinkerCompatibleEve):
        self.sentry = sentry_extra.PillarSentry(
            self, logging=True, level=logging.WARNING,
            logging_exclusions=('werkzeug',))
-
-        # bugsnag.before_notify(bugsnag_extra.add_pillar_request_to_notification)
-        # got_request_exception.connect(self.__notify_bugsnag)
-        self.log.info('Sentry setup complete')
-
-    def __notify_bugsnag(self, sender, exception, **extra):
-        import bugsnag
-        bugsnag.auto_notify(exception)
+        self.log.debug('Sentry setup complete')

    def _config_google_cloud_storage(self):
        # Google Cloud project
--- a/pillar/api/blender_id.py
+++ b/pillar/api/blender_id.py
@ -209,14 +209,19 @@ def fetch_blenderid_user() -> dict:
    :raises LogoutUser: when Blender ID tells us the current token is
        invalid, and the user should be logged out.
    """
-
    import httplib2  # used by the oauth2 package

+    my_log = log.getChild('fetch_blenderid_user')
+
    bid_url = '%s/api/user' % blender_id_endpoint()
-    log.debug('Fetching user info from %s', bid_url)
+    my_log.debug('Fetching user info from %s', bid_url)

    credentials = current_app.config['OAUTH_CREDENTIALS']['blender-id']
-    oauth_token = session['blender_id_oauth_token']
+    oauth_token = session.get('blender_id_oauth_token')
+    if not oauth_token:
+        my_log.warning('no Blender ID oauth token found in user session')
+        return {}
+
    assert isinstance(oauth_token, str), f'oauth token must be str, not {type(oauth_token)}'

    oauth_session = OAuth2Session(
@ -226,23 +231,23 @@ def fetch_blenderid_user() -> dict:
    try:
        bid_resp = oauth_session.get(bid_url)
    except httplib2.HttpLib2Error:
-        log.exception('Error getting %s from BlenderID', bid_url)
+        my_log.exception('Error getting %s from BlenderID', bid_url)
        return {}

    if bid_resp.status_code == 403:
-        log.warning('Error %i from BlenderID %s, logging out user', bid_resp.status_code, bid_url)
+        my_log.warning('Error %i from BlenderID %s, logging out user', bid_resp.status_code, bid_url)
        raise LogoutUser()

    if bid_resp.status_code != 200:
-        log.warning('Error %i from BlenderID %s: %s', bid_resp.status_code, bid_url, bid_resp.text)
+        my_log.warning('Error %i from BlenderID %s: %s', bid_resp.status_code, bid_url, bid_resp.text)
        return {}

    payload = bid_resp.json()
    if not payload:
-        log.warning('Empty data returned from BlenderID %s', bid_url)
+        my_log.warning('Empty data returned from BlenderID %s', bid_url)
        return {}

-    log.debug('BlenderID returned %s', payload)
+    my_log.debug('BlenderID returned %s', payload)
    return payload


--- a/pillar/api/users/hooks.py
+++ b/pillar/api/users/hooks.py
@ -168,7 +168,7 @@ def grant_org_roles(user_doc):

    email = user_doc.get('email')
    if not email:
-        log.warning('Unable to check new user for organization membership, no email address! %r',
+        log.info('Unable to check new user for organization membership, no email address: %r',
                 user_doc)
        return

--- a/pillar/api/utils/authorization.py
+++ b/pillar/api/utils/authorization.py
@ -345,12 +345,12 @@ def require_login(*, require_roles=set(),
                return render_error()

            if require_roles and not current_user.matches_roles(require_roles, require_all):
-                log.warning('User %s is authenticated, but does not have required roles %s to '
+                log.info('User %s is authenticated, but does not have required roles %s to '
                         'access %s', current_user.user_id, require_roles, func)
                return render_error()

            if require_cap and not current_user.has_cap(require_cap):
-                log.warning('User %s is authenticated, but does not have required capability %s to '
+                log.info('User %s is authenticated, but does not have required capability %s to '
                         'access %s', current_user.user_id, require_cap, func)
                return render_error()

--- a/pillar/sdk.py
+++ b/pillar/sdk.py
@ -41,8 +41,8 @@ class FlaskInternalApi(pillarsdk.Api):
        try:
            content = self.handle_response(response, response.data)
        except:
-            log.warning("%s: Response[%s]: %s", url, response.status_code,
-                        response.data)
+            log.debug("%s: Response[%s]: %s", url, response.status_code,
+                      response.data, exc_info=True)
            raise

        return content