cloud-playground/__pg/shared.py at master · csseditor/cloud-playground · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
"""Module for shared playground functions."""

import httplib
import logging
import os

from mimic.__mimic import common

from . import appids
from error import Abort
from . import jsonutil
from . import settings

from google.appengine.api import app_identity
from google.appengine.api import backends
from google.appengine.api import users
from google.appengine.api import urlfetch


# default URLFetch deadline
_URL_FETCH_DEADLINE = 3


# HTTP methods which do not affect state
_HTTP_READ_METHODS = ('GET', 'OPTIONS')


def e(msg, *args, **kwargs):  # pylint:disable-msg=invalid-name
  if isinstance(msg, basestring):
    if args or kwargs:
      msg = msg.format(*args, **kwargs)
  raise RuntimeError(repr(msg))


def i(msg, *args, **kwargs):  # pylint:disable-msg=invalid-name
  if isinstance(msg, basestring):
    if args or kwargs:
      msg = msg.format(*args, **kwargs)
  logging.info('@@@@@ {0}'.format(repr(msg)))


def w(msg, *args, **kwargs):  # pylint:disable-msg=invalid-name
  if isinstance(msg, basestring):
    if args or kwargs:
      msg = msg.format(*args, **kwargs)
  logging.warning('##### {0}'.format(repr(msg)))


def Fetch(access_key, url, method, payload=None, deadline=_URL_FETCH_DEADLINE,
          retries=1):
  for i in range(0, retries):
    try:
      headers = {settings.ACCESS_KEY_HTTP_HEADER: access_key}
      return urlfetch.fetch(url, headers=headers, method=method,
                            payload=payload, follow_redirects=False,
                            deadline=deadline)
    except Exception, e:
      if i == retries - 1:
        raise
      w('Will retry {} {} which encountered {}'.format(method, url, e))


def GetCurrentTaskName():
  return os.environ.get('HTTP_X_APPENGINE_TASKNAME')


def EnsureRunningInTask():
  """Ensures that we're currently executing inside a task.

  Raises:
    RuntimeError: when not executing inside a task.
  """
  if GetCurrentTaskName():
    return
  raise RuntimeError('Not executing in a task queue')


def ThisIsPlaygroundApp():
  """Determines whether this is the playground app id."""
  if common.IsDevMode():
    return not backends.get_backend()
  return app_identity.get_application_id() == appids.PLAYGROUND_APP_ID


def IsHttpReadMethod(environ):
  return environ['REQUEST_METHOD'] in _HTTP_READ_METHODS


def AssertIsAdmin():
  if not users.is_current_user_admin():
    Abort(403, 'Admin only function')


def HasProjectReadAccess(environ):
  """Assert that the current user has project read permissions.

  Args:
    environ: the current WSGI environ

  Returns:
    True if the current user has read access to the current project.
  """
  project = environ['playground.project']
  if not project:
    Abort(httplib.NOT_FOUND, 'requested read access to non-existent project')
  access_key = environ.get('mimic.access_key')
  if access_key and access_key == project.access_key:
    return True
  if users.is_current_user_admin():
    return True
  user = environ.get('playground.user', None)
  if user and user.key.id() in project.writers:
    return True
  if settings.PUBLIC_PROJECT_TEMPLATE_OWNER in project.writers:
    return True
  if settings.MANUAL_PROJECT_TEMPLATE_OWNER in project.writers:
    return True
  return False


def HasProjectWriteAccess(environ):
  """Assert that the current user has project write permissions.

  Args:
    environ: the current WSGI environ

  Returns:
    True if the current user as write access to the current project.
  """
  project = environ['playground.project']
  if not project:
    Abort(httplib.NOT_FOUND, 'requested write access to non-existent project')
  if users.is_current_user_admin():
    return True
  user = environ.get('playground.user')
  if user and user.key.id() in project.writers:
    return True
  return False