Browse Source

Merge "pep8 middleware"

changes/78/16678/1
Jenkins 9 years ago
committed by Gerrit Code Review
parent
commit
2fc9716ec9
  1. 11
      swift/common/middleware/cname_lookup.py
  2. 2
      swift/common/middleware/domain_remap.py
  3. 6
      swift/common/middleware/keystoneauth.py
  4. 29
      swift/common/middleware/name_check.py
  5. 32
      swift/common/middleware/ratelimit.py
  6. 8
      swift/common/middleware/tempauth.py
  7. 13
      swift/common/middleware/tempurl.py

11
swift/common/middleware/cname_lookup.py

@ -125,15 +125,16 @@ class CNAMELookupMiddleware(object):
break
else:
# try one more deep in the chain
self.logger.debug(_('Following CNAME chain for ' \
'%(given_domain)s to %(found_domain)s') %
{'given_domain': given_domain,
'found_domain': found_domain})
self.logger.debug(
_('Following CNAME chain for '
'%(given_domain)s to %(found_domain)s') %
{'given_domain': given_domain,
'found_domain': found_domain})
a_domain = found_domain
if error:
if found_domain:
msg = 'CNAME lookup failed after %d tries' % \
self.lookup_depth
self.lookup_depth
else:
msg = 'CNAME lookup failed to resolve to a valid domain'
resp = HTTPBadRequest(request=Request(env), body=msg,

2
swift/common/middleware/domain_remap.py

@ -102,7 +102,7 @@ class DomainRemapMiddleware(object):
# account prefix is not in config list. bail.
return self.app(env, start_response)
prefix_index = self.reseller_prefixes_lower.index(
account_reseller_prefix)
account_reseller_prefix)
real_prefix = self.reseller_prefixes[prefix_index]
if not account.startswith(real_prefix):
account_suffix = account[len(real_prefix):]

6
swift/common/middleware/keystoneauth.py

@ -245,9 +245,9 @@ class KeystoneAuth(object):
"""
# Allow container sync.
if (req.environ.get('swift_sync_key')
and req.environ['swift_sync_key'] ==
req.headers.get('x-container-sync-key', None)
and 'x-timestamp' in req.headers):
and (req.environ['swift_sync_key'] ==
req.headers.get('x-container-sync-key', None))
and 'x-timestamp' in req.headers):
log_msg = 'allowing proxy %s for container-sync' % req.remote_addr
self.logger.debug(log_msg)
return True

29
swift/common/middleware/name_check.py

@ -54,7 +54,7 @@ class NameCheckMiddleware(object):
self.app = app
self.conf = conf
self.forbidden_chars = self.conf.get('forbidden_chars',
FORBIDDEN_CHARS)
FORBIDDEN_CHARS)
self.maximum_length = self.conf.get('maximum_length', MAX_LENGTH)
self.forbidden_regexp = self.conf.get('forbidden_regexp',
FORBIDDEN_REGEXP)
@ -72,7 +72,7 @@ class NameCheckMiddleware(object):
'''
self.logger.debug("name_check: path %s" % req.path)
self.logger.debug("name_check: self.forbidden_chars %s" %
self.forbidden_chars)
self.forbidden_chars)
for c in unquote(req.path):
if c in self.forbidden_chars:
@ -104,7 +104,7 @@ class NameCheckMiddleware(object):
self.logger.debug("name_check: path %s" % req.path)
self.logger.debug("name_check: self.forbidden_regexp %s" %
self.forbidden_regexp)
self.forbidden_regexp)
unquoted_path = unquote(req.path)
match = self.forbidden_regexp_compiled.search(unquoted_path)
@ -114,18 +114,21 @@ class NameCheckMiddleware(object):
req = Request(env)
if self.check_character(req):
return HTTPBadRequest(request=req,
body=("Object/Container name contains forbidden chars from %s"
% self.forbidden_chars))(env, start_response)
return HTTPBadRequest(
request=req,
body=("Object/Container name contains forbidden chars from %s"
% self.forbidden_chars))(env, start_response)
elif self.check_length(req):
return HTTPBadRequest(request=req,
body=("Object/Container name longer than the allowed maximum %s"
% self.maximum_length))(env, start_response)
return HTTPBadRequest(
request=req,
body=("Object/Container name longer than the allowed maximum "
"%s" % self.maximum_length))(env, start_response)
elif self.check_regexp(req):
return HTTPBadRequest(request=req,
body=("Object/Container name contains a forbidden substring "
"from regular expression %s"
% self.forbidden_regexp))(env, start_response)
return HTTPBadRequest(
request=req,
body=("Object/Container name contains a forbidden substring "
"from regular expression %s"
% self.forbidden_regexp))(env, start_response)
else:
# Pass on to downstream WSGI component
return self.app(env, start_response)

32
swift/common/middleware/ratelimit.py

@ -47,10 +47,12 @@ class RateLimitMiddleware(object):
float(conf.get('log_sleep_time_seconds', 0))
self.clock_accuracy = int(conf.get('clock_accuracy', 1000))
self.rate_buffer_seconds = int(conf.get('rate_buffer_seconds', 5))
self.ratelimit_whitelist = [acc.strip() for acc in
conf.get('account_whitelist', '').split(',') if acc.strip()]
self.ratelimit_blacklist = [acc.strip() for acc in
conf.get('account_blacklist', '').split(',') if acc.strip()]
self.ratelimit_whitelist = \
[acc.strip() for acc in
conf.get('account_whitelist', '').split(',') if acc.strip()]
self.ratelimit_blacklist = \
[acc.strip() for acc in
conf.get('account_blacklist', '').split(',') if acc.strip()]
self.memcache_client = None
conf_limits = []
for conf_key in conf.keys():
@ -66,7 +68,7 @@ class RateLimitMiddleware(object):
if conf_limits:
next_size, next_rate = conf_limits[0]
slope = (float(next_rate) - float(cur_rate)) \
/ (next_size - cur_size)
/ (next_size - cur_size)
def new_scope(cur_size, slope, cur_rate):
# making new scope for variables
@ -139,8 +141,8 @@ class RateLimitMiddleware(object):
try:
now_m = int(round(time.time() * self.clock_accuracy))
time_per_request_m = int(round(self.clock_accuracy / max_rate))
running_time_m = self.memcache_client.incr(key,
delta=time_per_request_m)
running_time_m = self.memcache_client.incr(
key, delta=time_per_request_m)
need_to_sleep_m = 0
if (now_m - running_time_m >
self.rate_buffer_seconds * self.clock_accuracy):
@ -155,7 +157,8 @@ class RateLimitMiddleware(object):
if max_sleep_m - need_to_sleep_m <= self.clock_accuracy * 0.01:
# treat as no-op decrement time
self.memcache_client.decr(key, delta=time_per_request_m)
raise MaxSleepTimeHitError("Max Sleep Time Exceeded: %.2f" %
raise MaxSleepTimeHitError(
"Max Sleep Time Exceeded: %.2f" %
(float(need_to_sleep_m) / self.clock_accuracy))
return float(need_to_sleep_m) / self.clock_accuracy
@ -176,7 +179,8 @@ class RateLimitMiddleware(object):
account_name)
eventlet.sleep(self.BLACK_LIST_SLEEP)
return Response(status='497 Blacklisted',
body='Your account has been blacklisted', request=req)
body='Your account has been blacklisted',
request=req)
if account_name in self.ratelimit_whitelist:
return None
for key, max_rate in self.get_ratelimitable_key_tuples(
@ -186,15 +190,17 @@ class RateLimitMiddleware(object):
need_to_sleep = self._get_sleep_time(key, max_rate)
if self.log_sleep_time_seconds and \
need_to_sleep > self.log_sleep_time_seconds:
self.logger.warning(_("Ratelimit sleep log: %(sleep)s for "
"%(account)s/%(container)s/%(object)s"),
self.logger.warning(
_("Ratelimit sleep log: %(sleep)s for "
"%(account)s/%(container)s/%(object)s"),
{'sleep': need_to_sleep, 'account': account_name,
'container': container_name, 'object': obj_name})
if need_to_sleep > 0:
eventlet.sleep(need_to_sleep)
except MaxSleepTimeHitError, e:
self.logger.error(_('Returning 498 for %(meth)s to '
'%(acc)s/%(cont)s/%(obj)s . Ratelimit (Max Sleep) %(e)s'),
self.logger.error(
_('Returning 498 for %(meth)s to %(acc)s/%(cont)s/%(obj)s '
'. Ratelimit (Max Sleep) %(e)s'),
{'meth': req.method, 'acc': account_name,
'cont': container_name, 'obj': obj_name, 'e': str(e)})
error_resp = Response(status='498 Rate Limited',

8
swift/common/middleware/tempauth.py

@ -256,10 +256,10 @@ class TempAuth(object):
# account DELETE or PUT...
req.environ['swift_owner'] = True
return None
if (req.environ.get('swift_sync_key') and
req.environ['swift_sync_key'] ==
req.headers.get('x-container-sync-key', None) and
'x-timestamp' in req.headers):
if (req.environ.get('swift_sync_key')
and (req.environ['swift_sync_key'] ==
req.headers.get('x-container-sync-key', None))
and 'x-timestamp' in req.headers):
return None
if req.method == 'OPTIONS':
#allow OPTIONS requests to proceed as normal

13
swift/common/middleware/tempurl.py

@ -261,8 +261,8 @@ class TempURL(object):
already = True
break
if not already:
headers.append(('Content-Disposition',
'attachment; filename=%s' %
headers.append(
('Content-Disposition', 'attachment; filename=%s' %
(quote(basename(env['PATH_INFO'])))))
return start_response(status, headers, exc_info)
@ -365,8 +365,9 @@ class TempURL(object):
"""
if not request_method:
request_method = env['REQUEST_METHOD']
return hmac.new(key, '%s\n%s\n%s' % (request_method, expires,
env['PATH_INFO']), sha1).hexdigest()
return hmac.new(
key, '%s\n%s\n%s' % (request_method, expires,
env['PATH_INFO']), sha1).hexdigest()
def _invalid(self, env, start_response):
"""
@ -380,8 +381,8 @@ class TempURL(object):
self._log_request(env, HTTP_UNAUTHORIZED)
body = '401 Unauthorized: Temp URL invalid\n'
start_response('401 Unauthorized',
[('Content-Type', 'text/plain'),
('Content-Length', str(len(body)))])
[('Content-Type', 'text/plain'),
('Content-Length', str(len(body)))])
if env['REQUEST_METHOD'] == 'HEAD':
return []
return [body]

Loading…
Cancel
Save