# HG changeset patch # User Marcin Kuzminski # Date 1274568862 -7200 # Node ID a8ea3ce3cdc43ef91fb67692596896995c38e0ca # Parent be6d8aaddbd1f207639818f271602665cc605414 Created middleware package. Crated special middleware to handle https requests redirections. diff -r be6d8aaddbd1 -r a8ea3ce3cdc4 pylons_app/config/middleware.py --- a/pylons_app/config/middleware.py Sat May 22 22:40:12 2010 +0200 +++ b/pylons_app/config/middleware.py Sun May 23 00:54:22 2010 +0200 @@ -7,7 +7,8 @@ from pylons.middleware import ErrorHandler, StatusCodeRedirect from pylons.wsgiapp import PylonsApp from routes.middleware import RoutesMiddleware -from pylons_app.lib.simplehg import SimpleHg +from pylons_app.lib.middleware.simplehg import SimpleHg +from pylons_app.lib.middleware.https_fixup import HttpsFixup from pylons_app.config.environment import load_environment def make_app(global_conf, full_stack=True, static_files=True, **app_conf): @@ -41,7 +42,9 @@ app = RoutesMiddleware(app, config['routes.map']) app = SessionMiddleware(app, config) - # CUSTOM MIDDLEWARE HERE (filtered by error handling middlewares) + # CUSTOM MIDDLEWARE HERE (filtered by error handling middlewares) + #set the https based on HTTP_X_URL_SCHEME + app = HttpsFixup(app) app = SimpleHg(app, config) if asbool(full_stack): diff -r be6d8aaddbd1 -r a8ea3ce3cdc4 pylons_app/lib/hgapp.py --- a/pylons_app/lib/hgapp.py Sat May 22 22:40:12 2010 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,26 +0,0 @@ -import logging -from logging import Formatter, StreamHandler -from wsgiref.simple_server import make_server -from mercurial.hgweb.hgwebdir_mod import hgwebdir -from mercurial.hgweb.request import wsgiapplication - -log = logging.getLogger(__name__) -log.setLevel(logging.DEBUG) -formatter = Formatter("%(asctime)s - %(levelname)s %(message)s") -console_handler = StreamHandler() -console_handler.setFormatter(formatter) -log.addHandler(console_handler) - -def make_web_app(): - - repos = "hgwebdir.config" - hgwebapp = hgwebdir(repos) - return hgwebapp - -port = 8000 -ip = '127.0.0.1' - -log.info('Starting server on %s:%s' % (ip, port)) -httpd = make_server(ip, port, wsgiapplication(make_web_app)) -httpd.serve_forever() - diff -r be6d8aaddbd1 -r a8ea3ce3cdc4 pylons_app/lib/middleware/__init__.py diff -r be6d8aaddbd1 -r a8ea3ce3cdc4 pylons_app/lib/middleware/https_fixup.py --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/pylons_app/lib/middleware/https_fixup.py Sun May 23 00:54:22 2010 +0200 @@ -0,0 +1,21 @@ +class HttpsFixup(object): + def __init__(self, app): + self.application = app + + def __call__(self, environ, start_response): + self.__fixup(environ) + return self.application(environ, start_response) + + + def __fixup(self, environ): + """Function to fixup the environ as needed. In order to use this + middleware you should set this header inside your + proxy ie. nginx, apache etc. + """ + proto = environ.get('HTTP_X_URL_SCHEME') + + if proto == 'https': + environ['wsgi.url_scheme'] = proto + else: + environ['wsgi.url_scheme'] = 'http' + return None diff -r be6d8aaddbd1 -r a8ea3ce3cdc4 pylons_app/lib/middleware/simplehg.py --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/pylons_app/lib/middleware/simplehg.py Sun May 23 00:54:22 2010 +0200 @@ -0,0 +1,139 @@ +#!/usr/bin/env python +# encoding: utf-8 +# +# Copyright (c) 2010 marcink. All rights reserved. +# +""" +Created on 2010-04-28 + +@author: marcink +SimpleHG middleware for handling mercurial protocol request (push/clone etc.) +It's implemented with basic auth function +""" +from datetime import datetime +from mercurial.hgweb import hgweb +from mercurial.hgweb.request import wsgiapplication +from paste.auth.basic import AuthBasicAuthenticator +from paste.httpheaders import REMOTE_USER, AUTH_TYPE +from pylons_app.lib.auth import authfunc +from pylons_app.lib.utils import is_mercurial, make_ui, invalidate_cache +from pylons_app.model import meta +from pylons_app.model.db import UserLogs, Users +from webob.exc import HTTPNotFound +import logging +import os +log = logging.getLogger(__name__) + +class SimpleHg(object): + + def __init__(self, application, config): + self.application = application + self.config = config + #authenticate this mercurial request using + realm = '%s %s' % (config['hg_app_name'], 'mercurial repository') + self.authenticate = AuthBasicAuthenticator(realm, authfunc) + + def __call__(self, environ, start_response): + if not is_mercurial(environ): + return self.application(environ, start_response) + else: + #=================================================================== + # AUTHENTICATE THIS MERCURIAL REQUEST + #=================================================================== + username = REMOTE_USER(environ) + if not username: + result = self.authenticate(environ) + if isinstance(result, str): + AUTH_TYPE.update(environ, 'basic') + REMOTE_USER.update(environ, result) + else: + return result.wsgi_application(environ, start_response) + + try: + repo_name = environ['PATH_INFO'].split('/')[1] + except: + return HTTPNotFound()(environ, start_response) + + #since we wrap into hgweb, just reset the path + environ['PATH_INFO'] = '/' + self.baseui = make_ui() + self.basepath = self.baseui.configitems('paths')[0][1]\ + .replace('*', '') + self.repo_path = os.path.join(self.basepath, repo_name) + try: + app = wsgiapplication(self.__make_app) + except Exception as e: + return HTTPNotFound()(environ, start_response) + + action = self.__get_action(environ) + #invalidate cache on push + if action == 'push': + self.__invalidate_cache(repo_name) + + if action: + username = self.__get_environ_user(environ) + self.__log_user_action(username, action, repo_name) + return app(environ, start_response) + + def __make_app(self): + hgserve = hgweb(self.repo_path) + return self.load_web_settings(hgserve) + + def __get_environ_user(self, environ): + return environ.get('REMOTE_USER') + + def __get_action(self, environ): + """ + Maps mercurial request commands into a pull or push command. + @param environ: + """ + mapping = { + 'changegroup': 'pull', + 'changegroupsubset': 'pull', + 'unbundle': 'push', + 'stream_out': 'pull', + } + for qry in environ['QUERY_STRING'].split('&'): + if qry.startswith('cmd'): + cmd = qry.split('=')[-1] + if mapping.has_key(cmd): + return mapping[cmd] + + def __log_user_action(self, username, action, repo): + sa = meta.Session + try: + user = sa.query(Users)\ + .filter(Users.username == username).one() + user_log = UserLogs() + user_log.user_id = user.user_id + user_log.action = action + user_log.repository = repo.replace('/', '') + user_log.action_date = datetime.now() + sa.add(user_log) + sa.commit() + log.info('Adding user %s, action %s on %s', + username, action, repo) + except Exception as e: + sa.rollback() + log.error('could not log user action:%s', str(e)) + + def __invalidate_cache(self, repo_name): + """we know that some change was made to repositories and we should + invalidate the cache to see the changes right away but only for + push requests""" + invalidate_cache('cached_repo_list') + invalidate_cache('full_changelog', repo_name) + + + def load_web_settings(self, hgserve): + repoui = make_ui(os.path.join(self.repo_path, '.hg', 'hgrc'), False) + #set the global ui for hgserve + hgserve.repo.ui = self.baseui + + if repoui: + #set the repository based config + hgserve.repo.ui = repoui + + return hgserve + + diff -r be6d8aaddbd1 -r a8ea3ce3cdc4 pylons_app/lib/simplehg.py --- a/pylons_app/lib/simplehg.py Sat May 22 22:40:12 2010 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,141 +0,0 @@ -#!/usr/bin/env python -# encoding: utf-8 -# -# Copyright (c) 2010 marcink. All rights reserved. -# -""" -Created on 2010-04-28 - -@author: marcink -SimpleHG middleware for handling mercurial protocol request (push/clone etc.) -It's implemented with basic auth function -""" -from datetime import datetime -from mercurial.hgweb import hgweb -from mercurial.hgweb.request import wsgiapplication -from paste.auth.basic import AuthBasicAuthenticator -from paste.httpheaders import REMOTE_USER, AUTH_TYPE -from pylons_app.lib.auth import authfunc -from pylons_app.lib.utils import is_mercurial, make_ui, invalidate_cache -from pylons_app.model import meta -from pylons_app.model.db import UserLogs, Users -from webob.exc import HTTPNotFound -import logging -import os -log = logging.getLogger(__name__) - -class SimpleHg(object): - - def __init__(self, application, config): - self.application = application - self.config = config - #authenticate this mercurial request using - realm = '%s %s' % (config['hg_app_name'], 'mercurial repository') - self.authenticate = AuthBasicAuthenticator(realm, authfunc) - - def __call__(self, environ, start_response): - #dirty fix for https - environ['wsgi.url_scheme'] = 'https' - if not is_mercurial(environ): - return self.application(environ, start_response) - else: - #=================================================================== - # AUTHENTICATE THIS MERCURIAL REQUEST - #=================================================================== - username = REMOTE_USER(environ) - if not username: - result = self.authenticate(environ) - if isinstance(result, str): - AUTH_TYPE.update(environ, 'basic') - REMOTE_USER.update(environ, result) - else: - return result.wsgi_application(environ, start_response) - - try: - repo_name = environ['PATH_INFO'].split('/')[1] - except: - return HTTPNotFound()(environ, start_response) - - #since we wrap into hgweb, just reset the path - environ['PATH_INFO'] = '/' - self.baseui = make_ui() - self.basepath = self.baseui.configitems('paths')[0][1]\ - .replace('*', '') - self.repo_path = os.path.join(self.basepath, repo_name) - try: - app = wsgiapplication(self.__make_app) - except Exception as e: - return HTTPNotFound()(environ, start_response) - - action = self.__get_action(environ) - #invalidate cache on push - if action == 'push': - self.__invalidate_cache(repo_name) - - if action: - username = self.__get_environ_user(environ) - self.__log_user_action(username, action, repo_name) - return app(environ, start_response) - - def __make_app(self): - hgserve = hgweb(self.repo_path) - return self.load_web_settings(hgserve) - - def __get_environ_user(self, environ): - return environ.get('REMOTE_USER') - - def __get_action(self, environ): - """ - Maps mercurial request commands into a pull or push command. - @param environ: - """ - mapping = { - 'changegroup': 'pull', - 'changegroupsubset': 'pull', - 'unbundle': 'push', - 'stream_out': 'pull', - } - for qry in environ['QUERY_STRING'].split('&'): - if qry.startswith('cmd'): - cmd = qry.split('=')[-1] - if mapping.has_key(cmd): - return mapping[cmd] - - def __log_user_action(self, username, action, repo): - sa = meta.Session - try: - user = sa.query(Users)\ - .filter(Users.username == username).one() - user_log = UserLogs() - user_log.user_id = user.user_id - user_log.action = action - user_log.repository = repo.replace('/', '') - user_log.action_date = datetime.now() - sa.add(user_log) - sa.commit() - log.info('Adding user %s, action %s on %s', - username, action, repo) - except Exception as e: - sa.rollback() - log.error('could not log user action:%s', str(e)) - - def __invalidate_cache(self, repo_name): - """we know that some change was made to repositories and we should - invalidate the cache to see the changes right away but only for - push requests""" - invalidate_cache('cached_repo_list') - invalidate_cache('full_changelog', repo_name) - - - def load_web_settings(self, hgserve): - repoui = make_ui(os.path.join(self.repo_path, '.hg', 'hgrc'), False) - #set the global ui for hgserve - hgserve.repo.ui = self.baseui - - if repoui: - #set the repository based config - hgserve.repo.ui = repoui - - return hgserve - -