This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: May 23, 2013

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import logging

import time

log = logging.getLogger(__name__)

class Meter:

    def __init__(self, start_response):

        self._start_response = start_response

        self._start = time.time()

        self.status = None

        self._size = 0

        log.info("%s responded %r after %.3fs with %s bytes", self._description, self._meter.status, self._meter.duration(), self._meter.size())

class RequestWrapper(object):

    def __init__(self, app, config):

        self.application = app

        self.config = config

    def __call__(self, environ, start_response):

        meter = Meter(start_response)

        description = "Request from %s for %s" % (

            get_path_info(environ),

        )

        log.info("%s received", description)

        try:

            result = self.application(environ, meter.start_response)

        finally:

            log.info("%s responding %r after %.3fs", description, meter.status, meter.duration())

        return ResultIter(result, meter, description)

import inspect

import itertools

import logging

import time

import traceback

import types

from tg import Response, TGController, request, response

from webob.exc import HTTPError, HTTPException

from kallithea.lib import ext_json

from kallithea.lib.auth import AuthUser

from kallithea.lib.utils2 import ascii_bytes

from kallithea.model import db

log = logging.getLogger('JSONRPC')

class JSONRPCError(BaseException):

    def __init__(self, message):

        self.message = message

        super(JSONRPCError, self).__init__()

     A WSGI-speaking JSON-RPC controller class

     See the specification:

     <http://json-rpc.org/wiki/specification>`.

     Valid controller return values should be json-serializable objects.

     Sub-classes should catch their exceptions and raise JSONRPCError

     if they want to pass meaningful errors to the client.

     """

    def _get_method_args(self):

        """

        Return `self._rpc_args` to dispatched controller method

        chosen by __call__

        """

        return self._rpc_args

    def _dispatch(self, state, remainder=None):

        """

        Parse the request body as JSON, look up the method on the

        controller and if it exists, dispatch to it.

        """

        # Since we are here we should respond as JSON

        response.content_type = 'application/json'

        environ = state.request.environ

        start = time.time()

        self._req_id = None

        if 'CONTENT_LENGTH' not in environ:

            log.debug("No Content-Length")

            raise JSONRPCErrorResponse(retid=self._req_id,

                                       message="No Content-Length in request")

        else:

            length = environ['CONTENT_LENGTH'] or 0

            length = int(environ['CONTENT_LENGTH'])

            log.debug('Content-Length: %s', length)

        if length == 0:

            raise JSONRPCErrorResponse(retid=self._req_id,

            raise JSONRPCErrorResponse(

                retid=self._req_id,

                message='Unknown %s arg in JSON DATA' %

                        ', '.join('`%s`' % arg for arg in extra),

            )

        self._rpc_args = {}

        self._rpc_args.update(self._request_params)

        self._rpc_args['action'] = self._req_method

        self._rpc_args['environ'] = environ

        log.info('IP: %s Request to %s time: %.3fs' % (

            get_path_info(environ), time.time() - start)

        )

        state.set_action(self._rpc_call, [])

        state.set_params(self._rpc_args)

        return state

    def _rpc_call(self, action, environ, **rpc_args):

        """

        Call the specified RPC Method

        """

        raw_response = ''

    address where it received the request from.

    :param ip:

    """

    if ',' in ip:

        _ips = ip.split(',')

        _first_ip = _ips[0].strip()

        log.debug('Got multiple IPs %s, using %s', ','.join(_ips), _first_ip)

        return _first_ip

    return ip

    proxy_key = 'HTTP_X_REAL_IP'

    proxy_key2 = 'HTTP_X_FORWARDED_FOR'

    def_key = 'REMOTE_ADDR'

    ip = environ.get(proxy_key)

    if ip:

        return _filter_proxy(ip)

    ip = environ.get(proxy_key2)

    if ip:

        return _filter_proxy(ip)

            #any other action need at least read permission

            if not HasPermissionAnyMiddleware('repository.read',

                                              'repository.write',

                                              'repository.admin')(authuser,

                                                                  repo_name):

                return False

        else:

            assert False, action

        return True

    def __call__(self, environ, start_response):

        try:

            # try parsing a request for this VCS - if it fails, call the wrapped app

            parsed_request = self.parse_request(environ)

            if parsed_request is None:

                return self.application(environ, start_response)

            # skip passing error to error controller

            environ['pylons.status_code_redirect'] = True

            # quick check if repo exists...

            if not is_valid_repo(parsed_request.repo_name, self.basepath, self.scm_alias):

                raise webob.exc.HTTPNotFound()

            if parsed_request.action is None:

                # Note: the client doesn't get the helpful error message

                raise webob.exc.HTTPBadRequest('Unable to detect pull/push action for %r! Are you using a nonstandard command or client?' % parsed_request.repo_name)

            #======================================================================

            # CHECK PERMISSIONS

            #======================================================================

            user, response_app = self._authorize(environ, parsed_request.action, parsed_request.repo_name, ip_addr)

            if response_app is not None:

                return response_app(environ, start_response)

            #======================================================================

            # REQUEST HANDLING

            #======================================================================

            set_hook_environment(user.username, ip_addr,

                parsed_request.repo_name, self.scm_alias, parsed_request.action)

            try:

                log.info('%s action on %s repo "%s" by "%s" from %s',

            webutils.flash(_('CSRF token leak has been detected - all form tokens have been expired'),

                    category='error')

        # WebOb already ignores request payload parameters for anything other

        # than POST/PUT, but double-check since other Kallithea code relies on

        # this assumption.

        if request.method not in ['POST', 'PUT'] and request.POST:

            log.error('%r request with payload parameters; WebOb should have stopped this', request.method)

            raise webob.exc.HTTPBadRequest()

    def __call__(self, environ, context):

        try:

            self._basic_security_checks()

            api_key = request.GET.get('api_key')

            try:

                # Request.authorization may raise ValueError on invalid input

                type, params = request.authorization

            except (ValueError, TypeError):

                pass

            else:

                if type.lower() == 'bearer':

                    api_key = params # bearer token is an api key too