Merge "pep8 middleware"
This commit is contained in:
Jenkins
Gerrit Code Review
commit
2fc9716ec9
@ -125,15 +125,16 @@ class CNAMELookupMiddleware(object):
|
||||
break
|
||||
else:
|
||||
# try one more deep in the chain
|
||||
self.logger.debug(_('Following CNAME chain for ' \
|
||||
'%(given_domain)s to %(found_domain)s') %
|
||||
{'given_domain': given_domain,
|
||||
'found_domain': found_domain})
|
||||
self.logger.debug(
|
||||
_('Following CNAME chain for '
|
||||
'%(given_domain)s to %(found_domain)s') %
|
||||
{'given_domain': given_domain,
|
||||
'found_domain': found_domain})
|
||||
a_domain = found_domain
|
||||
if error:
|
||||
if found_domain:
|
||||
msg = 'CNAME lookup failed after %d tries' % \
|
||||
self.lookup_depth
|
||||
self.lookup_depth
|
||||
else:
|
||||
msg = 'CNAME lookup failed to resolve to a valid domain'
|
||||
resp = HTTPBadRequest(request=Request(env), body=msg,
|
||||
|
||||
@ -102,7 +102,7 @@ class DomainRemapMiddleware(object):
|
||||
# account prefix is not in config list. bail.
|
||||
return self.app(env, start_response)
|
||||
prefix_index = self.reseller_prefixes_lower.index(
|
||||
account_reseller_prefix)
|
||||
account_reseller_prefix)
|
||||
real_prefix = self.reseller_prefixes[prefix_index]
|
||||
if not account.startswith(real_prefix):
|
||||
account_suffix = account[len(real_prefix):]
|
||||
|
||||
@ -245,9 +245,9 @@ class KeystoneAuth(object):
|
||||
"""
|
||||
# Allow container sync.
|
||||
if (req.environ.get('swift_sync_key')
|
||||
and req.environ['swift_sync_key'] ==
|
||||
req.headers.get('x-container-sync-key', None)
|
||||
and 'x-timestamp' in req.headers):
|
||||
and (req.environ['swift_sync_key'] ==
|
||||
req.headers.get('x-container-sync-key', None))
|
||||
and 'x-timestamp' in req.headers):
|
||||
log_msg = 'allowing proxy %s for container-sync' % req.remote_addr
|
||||
self.logger.debug(log_msg)
|
||||
return True
|
||||
|
||||
@ -54,7 +54,7 @@ class NameCheckMiddleware(object):
|
||||
self.app = app
|
||||
self.conf = conf
|
||||
self.forbidden_chars = self.conf.get('forbidden_chars',
|
||||
FORBIDDEN_CHARS)
|
||||
FORBIDDEN_CHARS)
|
||||
self.maximum_length = self.conf.get('maximum_length', MAX_LENGTH)
|
||||
self.forbidden_regexp = self.conf.get('forbidden_regexp',
|
||||
FORBIDDEN_REGEXP)
|
||||
@ -72,7 +72,7 @@ class NameCheckMiddleware(object):
|
||||
'''
|
||||
self.logger.debug("name_check: path %s" % req.path)
|
||||
self.logger.debug("name_check: self.forbidden_chars %s" %
|
||||
self.forbidden_chars)
|
||||
self.forbidden_chars)
|
||||
|
||||
for c in unquote(req.path):
|
||||
if c in self.forbidden_chars:
|
||||
@ -104,7 +104,7 @@ class NameCheckMiddleware(object):
|
||||
|
||||
self.logger.debug("name_check: path %s" % req.path)
|
||||
self.logger.debug("name_check: self.forbidden_regexp %s" %
|
||||
self.forbidden_regexp)
|
||||
self.forbidden_regexp)
|
||||
|
||||
unquoted_path = unquote(req.path)
|
||||
match = self.forbidden_regexp_compiled.search(unquoted_path)
|
||||
@ -114,18 +114,21 @@ class NameCheckMiddleware(object):
|
||||
req = Request(env)
|
||||
|
||||
if self.check_character(req):
|
||||
return HTTPBadRequest(request=req,
|
||||
body=("Object/Container name contains forbidden chars from %s"
|
||||
% self.forbidden_chars))(env, start_response)
|
||||
return HTTPBadRequest(
|
||||
request=req,
|
||||
body=("Object/Container name contains forbidden chars from %s"
|
||||
% self.forbidden_chars))(env, start_response)
|
||||
elif self.check_length(req):
|
||||
return HTTPBadRequest(request=req,
|
||||
body=("Object/Container name longer than the allowed maximum %s"
|
||||
% self.maximum_length))(env, start_response)
|
||||
return HTTPBadRequest(
|
||||
request=req,
|
||||
body=("Object/Container name longer than the allowed maximum "
|
||||
"%s" % self.maximum_length))(env, start_response)
|
||||
elif self.check_regexp(req):
|
||||
return HTTPBadRequest(request=req,
|
||||
body=("Object/Container name contains a forbidden substring "
|
||||
"from regular expression %s"
|
||||
% self.forbidden_regexp))(env, start_response)
|
||||
return HTTPBadRequest(
|
||||
request=req,
|
||||
body=("Object/Container name contains a forbidden substring "
|
||||
"from regular expression %s"
|
||||
% self.forbidden_regexp))(env, start_response)
|
||||
else:
|
||||
# Pass on to downstream WSGI component
|
||||
return self.app(env, start_response)
|
||||
|
||||
@ -47,10 +47,12 @@ class RateLimitMiddleware(object):
|
||||
float(conf.get('log_sleep_time_seconds', 0))
|
||||
self.clock_accuracy = int(conf.get('clock_accuracy', 1000))
|
||||
self.rate_buffer_seconds = int(conf.get('rate_buffer_seconds', 5))
|
||||
self.ratelimit_whitelist = [acc.strip() for acc in
|
||||
conf.get('account_whitelist', '').split(',') if acc.strip()]
|
||||
self.ratelimit_blacklist = [acc.strip() for acc in
|
||||
conf.get('account_blacklist', '').split(',') if acc.strip()]
|
||||
self.ratelimit_whitelist = \
|
||||
[acc.strip() for acc in
|
||||
conf.get('account_whitelist', '').split(',') if acc.strip()]
|
||||
self.ratelimit_blacklist = \
|
||||
[acc.strip() for acc in
|
||||
conf.get('account_blacklist', '').split(',') if acc.strip()]
|
||||
self.memcache_client = None
|
||||
conf_limits = []
|
||||
for conf_key in conf.keys():
|
||||
@ -66,7 +68,7 @@ class RateLimitMiddleware(object):
|
||||
if conf_limits:
|
||||
next_size, next_rate = conf_limits[0]
|
||||
slope = (float(next_rate) - float(cur_rate)) \
|
||||
/ (next_size - cur_size)
|
||||
/ (next_size - cur_size)
|
||||
|
||||
def new_scope(cur_size, slope, cur_rate):
|
||||
# making new scope for variables
|
||||
@ -139,8 +141,8 @@ class RateLimitMiddleware(object):
|
||||
try:
|
||||
now_m = int(round(time.time() * self.clock_accuracy))
|
||||
time_per_request_m = int(round(self.clock_accuracy / max_rate))
|
||||
running_time_m = self.memcache_client.incr(key,
|
||||
delta=time_per_request_m)
|
||||
running_time_m = self.memcache_client.incr(
|
||||
key, delta=time_per_request_m)
|
||||
need_to_sleep_m = 0
|
||||
if (now_m - running_time_m >
|
||||
self.rate_buffer_seconds * self.clock_accuracy):
|
||||
@ -155,7 +157,8 @@ class RateLimitMiddleware(object):
|
||||
if max_sleep_m - need_to_sleep_m <= self.clock_accuracy * 0.01:
|
||||
# treat as no-op decrement time
|
||||
self.memcache_client.decr(key, delta=time_per_request_m)
|
||||
raise MaxSleepTimeHitError("Max Sleep Time Exceeded: %.2f" %
|
||||
raise MaxSleepTimeHitError(
|
||||
"Max Sleep Time Exceeded: %.2f" %
|
||||
(float(need_to_sleep_m) / self.clock_accuracy))
|
||||
|
||||
return float(need_to_sleep_m) / self.clock_accuracy
|
||||
@ -176,7 +179,8 @@ class RateLimitMiddleware(object):
|
||||
account_name)
|
||||
eventlet.sleep(self.BLACK_LIST_SLEEP)
|
||||
return Response(status='497 Blacklisted',
|
||||
body='Your account has been blacklisted', request=req)
|
||||
body='Your account has been blacklisted',
|
||||
request=req)
|
||||
if account_name in self.ratelimit_whitelist:
|
||||
return None
|
||||
for key, max_rate in self.get_ratelimitable_key_tuples(
|
||||
@ -186,15 +190,17 @@ class RateLimitMiddleware(object):
|
||||
need_to_sleep = self._get_sleep_time(key, max_rate)
|
||||
if self.log_sleep_time_seconds and \
|
||||
need_to_sleep > self.log_sleep_time_seconds:
|
||||
self.logger.warning(_("Ratelimit sleep log: %(sleep)s for "
|
||||
"%(account)s/%(container)s/%(object)s"),
|
||||
self.logger.warning(
|
||||
_("Ratelimit sleep log: %(sleep)s for "
|
||||
"%(account)s/%(container)s/%(object)s"),
|
||||
{'sleep': need_to_sleep, 'account': account_name,
|
||||
'container': container_name, 'object': obj_name})
|
||||
if need_to_sleep > 0:
|
||||
eventlet.sleep(need_to_sleep)
|
||||
except MaxSleepTimeHitError, e:
|
||||
self.logger.error(_('Returning 498 for %(meth)s to '
|
||||
'%(acc)s/%(cont)s/%(obj)s . Ratelimit (Max Sleep) %(e)s'),
|
||||
self.logger.error(
|
||||
_('Returning 498 for %(meth)s to %(acc)s/%(cont)s/%(obj)s '
|
||||
'. Ratelimit (Max Sleep) %(e)s'),
|
||||
{'meth': req.method, 'acc': account_name,
|
||||
'cont': container_name, 'obj': obj_name, 'e': str(e)})
|
||||
error_resp = Response(status='498 Rate Limited',
|
||||
|
||||
@ -256,10 +256,10 @@ class TempAuth(object):
|
||||
# account DELETE or PUT...
|
||||
req.environ['swift_owner'] = True
|
||||
return None
|
||||
if (req.environ.get('swift_sync_key') and
|
||||
req.environ['swift_sync_key'] ==
|
||||
req.headers.get('x-container-sync-key', None) and
|
||||
'x-timestamp' in req.headers):
|
||||
if (req.environ.get('swift_sync_key')
|
||||
and (req.environ['swift_sync_key'] ==
|
||||
req.headers.get('x-container-sync-key', None))
|
||||
and 'x-timestamp' in req.headers):
|
||||
return None
|
||||
if req.method == 'OPTIONS':
|
||||
#allow OPTIONS requests to proceed as normal
|
||||
|
||||
@ -261,8 +261,8 @@ class TempURL(object):
|
||||
already = True
|
||||
break
|
||||
if not already:
|
||||
headers.append(('Content-Disposition',
|
||||
'attachment; filename=%s' %
|
||||
headers.append(
|
||||
('Content-Disposition', 'attachment; filename=%s' %
|
||||
(quote(basename(env['PATH_INFO'])))))
|
||||
return start_response(status, headers, exc_info)
|
||||
|
||||
@ -365,8 +365,9 @@ class TempURL(object):
|
||||
"""
|
||||
if not request_method:
|
||||
request_method = env['REQUEST_METHOD']
|
||||
return hmac.new(key, '%s\n%s\n%s' % (request_method, expires,
|
||||
env['PATH_INFO']), sha1).hexdigest()
|
||||
return hmac.new(
|
||||
key, '%s\n%s\n%s' % (request_method, expires,
|
||||
env['PATH_INFO']), sha1).hexdigest()
|
||||
|
||||
def _invalid(self, env, start_response):
|
||||
"""
|
||||
@ -380,8 +381,8 @@ class TempURL(object):
|
||||
self._log_request(env, HTTP_UNAUTHORIZED)
|
||||
body = '401 Unauthorized: Temp URL invalid\n'
|
||||
start_response('401 Unauthorized',
|
||||
[('Content-Type', 'text/plain'),
|
||||
('Content-Length', str(len(body)))])
|
||||
[('Content-Type', 'text/plain'),
|
||||
('Content-Length', str(len(body)))])
|
||||
if env['REQUEST_METHOD'] == 'HEAD':
|
||||
return []
|
||||
return [body]
|
||||
|
||||
Loading…
Reference in New Issue
Block a user