Merge branch 'master' into 37-guardian

2019-04-13 17:43:02 +02:00
parent 15aaeda475 dda41af5c8
commit 30acf0660b
51 changed files with 867 additions and 309 deletions
--- a/passbook/core/init.py
+++ b/passbook/core/init.py
@ -1,2 +1,2 @@
 """passbook core"""
-__version__ = '0.1.27-beta'
+__version__ = '0.1.30-beta'
--- a/passbook/core/asgi.py
+++ b/passbook/core/asgi.py
@ -0,0 +1,13 @@
+"""
+ASGI entrypoint. Configures Django and then runs the application
+defined in the ASGI_APPLICATION setting.
+"""
+
+import os
+
+import django
+from channels.routing import get_default_application
+
+os.environ.setdefault("DJANGO_SETTINGS_MODULE", "passbook.core.settings")
+django.setup()
+application = get_default_application()
--- a/passbook/core/management/commands/web.py
+++ b/passbook/core/management/commands/web.py
@ -2,11 +2,11 @@

 from logging import getLogger

-import cherrypy
-from django.conf import settings
+from daphne.cli import CommandLineInterface
 from django.core.management.base import BaseCommand
+from django.utils import autoreload

-from passbook.core.wsgi import application
+from passbook.lib.config import CONFIG

 LOGGER = getLogger(__name__)

@ -15,20 +15,15 @@ class Command(BaseCommand):
    """Run CherryPy webserver"""

    def handle(self, *args, **options):
-        """passbook cherrypy server"""
-        config = settings.CHERRYPY_SERVER
-        config.update(**options)
-        cherrypy.config.update(config)
-        cherrypy.tree.graft(application, '/')
-        # Mount NullObject to serve static files
-        cherrypy.tree.mount(None, '/static', config={
-            '/': {
-                'tools.staticdir.on': True,
-                'tools.staticdir.dir': settings.STATIC_ROOT,
-                'tools.expires.on': True,
-                'tools.expires.secs': 86400,
-                'tools.gzip.on': True,
-            }
-        })
-        cherrypy.engine.start()
-        cherrypy.engine.block()
+        """passbook daphne server"""
+        autoreload.run_with_reloader(self.daphne_server)
+
+    def daphne_server(self):
+        """Run daphne server within autoreload"""
+        autoreload.raise_last_exception()
+        CommandLineInterface().run([
+            '-p', str(CONFIG.y('web.port', 8000)),
+            '-b', CONFIG.y('web.listen', '0.0.0.0'),  # nosec
+            '--access-log', '/dev/null',
+            'passbook.core.asgi:application'
+        ])
--- a/passbook/core/management/commands/worker.py
+++ b/passbook/core/management/commands/worker.py
@ -3,6 +3,7 @@
 from logging import getLogger

 from django.core.management.base import BaseCommand
+from django.utils import autoreload

 from passbook.core.celery import CELERY_APP

@ -14,4 +15,9 @@ class Command(BaseCommand):

    def handle(self, *args, **options):
        """celery worker"""
+        autoreload.run_with_reloader(self.celery_worker)
+
+    def celery_worker(self):
+        """Run celery worker within autoreload"""
+        autoreload.raise_last_exception()
        CELERY_APP.worker_main(['worker', '--autoscale=10,3', '-E', '-B'])
--- a/passbook/core/policies.py
+++ b/passbook/core/policies.py
@ -1,6 +1,5 @@
 """passbook core policy engine"""
-from logging import getLogger
-
+# from logging import getLogger
 from amqp.exceptions import UnexpectedFrame
 from celery import group
 from celery.exceptions import TimeoutError as CeleryTimeoutError
@ -10,7 +9,7 @@ from ipware import get_client_ip
 from passbook.core.celery import CELERY_APP
 from passbook.core.models import Policy, User

-LOGGER = getLogger(__name__)
+# LOGGER = getLogger(__name__)

 def _cache_key(policy, user):
    return "%s#%s" % (policy.uuid, user.pk)
@ -24,8 +23,8 @@ def _policy_engine_task(user_pk, policy_pk, **kwargs):
    user_obj = User.objects.get(pk=user_pk)
    for key, value in kwargs.items():
        setattr(user_obj, key, value)
-    LOGGER.debug("Running policy `%s`#%s for user %s...", policy_obj.name,
-                 policy_obj.pk.hex, user_obj)
+    # LOGGER.debug("Running policy `%s`#%s for user %s...", policy_obj.name,
+    #              policy_obj.pk.hex, user_obj)
    policy_result = policy_obj.passes(user_obj)
    # Handle policy result correctly if result, message or just result
    message = None
@ -34,10 +33,10 @@ def _policy_engine_task(user_pk, policy_pk, **kwargs):
    # Invert result if policy.negate is set
    if policy_obj.negate:
        policy_result = not policy_result
-    LOGGER.debug("Policy %r#%s got %s", policy_obj.name, policy_obj.pk.hex, policy_result)
+    # LOGGER.debug("Policy %r#%s got %s", policy_obj.name, policy_obj.pk.hex, policy_result)
    cache_key = _cache_key(policy_obj, user_obj)
    cache.set(cache_key, (policy_obj.action, policy_result, message))
-    LOGGER.debug("Cached entry as %s", cache_key)
+    # LOGGER.debug("Cached entry as %s", cache_key)
    return policy_obj.action, policy_result, message

 class PolicyEngine:
@ -82,16 +81,16 @@ class PolicyEngine:
        for policy in self.policies:
            cached_policy = cache.get(_cache_key(policy, self.__user), None)
            if cached_policy:
-                LOGGER.debug("Taking result from cache for %s", policy.pk.hex)
+                # LOGGER.debug("Taking result from cache for %s", policy.pk.hex)
                cached_policies.append(cached_policy)
            else:
-                LOGGER.debug("Evaluating policy %s", policy.pk.hex)
+                # LOGGER.debug("Evaluating policy %s", policy.pk.hex)
                signatures.append(_policy_engine_task.signature(
                    args=(self.__user.pk, policy.pk.hex),
                    kwargs=kwargs,
                    time_limit=policy.timeout))
                self.__get_timeout += policy.timeout
-        LOGGER.debug("Set total policy timeout to %r", self.__get_timeout)
+        # LOGGER.debug("Set total policy timeout to %r", self.__get_timeout)
        # If all policies are cached, we have an empty list here.
        if signatures:
            self.__group = group(signatures)()
@ -120,7 +119,7 @@ class PolicyEngine:
        for policy_action, policy_result, policy_message in result:
            passing = (policy_action == Policy.ACTION_ALLOW and policy_result) or \
                      (policy_action == Policy.ACTION_DENY and not policy_result)
-            LOGGER.debug('Action=%s, Result=%r => %r', policy_action, policy_result, passing)
+            # LOGGER.debug('Action=%s, Result=%r => %r', policy_action, policy_result, passing)
            if policy_message:
                messages.append(policy_message)
            if not passing:
--- a/passbook/core/requirements.txt
+++ b/passbook/core/requirements.txt
@ -1,5 +1,4 @@
 celery
-cherrypy
 colorlog
 django-guardian
 django-ipware
@ -13,3 +12,4 @@ psycopg2
 PyYAML
 sentry-sdk
 pip
+whitenoise
--- a/passbook/core/settings.py
+++ b/passbook/core/settings.py
@ -124,6 +124,7 @@ CACHES = {

 MIDDLEWARE = [
    'django.contrib.sessions.middleware.SessionMiddleware',
+    'whitenoise.middleware.WhiteNoiseMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'passbook.app_gw.middleware.ApplicationGatewayMiddleware',
    'django.middleware.security.SecurityMiddleware',
@ -219,38 +220,27 @@ CELERY_BEAT_SCHEDULE = {
    }
 }

-sentry_init(
-    dsn=("https://55b5dd780bc14f4c96bba69b7a9abbcc:449af483bd0745"
-         "0d83be640d834e5458@sentry.services.beryju.org/8"),
-    integrations=[
-        DjangoIntegration(),
-        CeleryIntegration(),
-        LoggingIntegration(
-            level=logging.INFO,
-            event_level=logging.ERROR
-        )
-    ],
-    send_default_pii=True
-)

-
-# CherryPY settings
-with CONFIG.cd('web'):
-    CHERRYPY_SERVER = {
-        'server.socket_host': CONFIG.get('listen', '0.0.0.0'),  # nosec
-        'server.socket_port': CONFIG.get('port', 8000),
-        'server.thread_pool': CONFIG.get('threads', 30),
-        'log.screen': False,
-        'log.access_file': '',
-        'log.error_file': '',
-    }
+if not DEBUG:
+    sentry_init(
+        dsn=("https://55b5dd780bc14f4c96bba69b7a9abbcc:449af483bd0745"
+             "0d83be640d834e5458@sentry.services.beryju.org/8"),
+        integrations=[
+            DjangoIntegration(),
+            CeleryIntegration(),
+            LoggingIntegration(
+                level=logging.INFO,
+                event_level=logging.ERROR
+            )
+        ],
+        send_default_pii=True,
+    )

 # Static files (CSS, JavaScript, Images)
 # https://docs.djangoproject.com/en/2.1/howto/static-files/

 STATIC_URL = '/static/'
-
-LOG_HANDLERS = ['console', 'syslog', 'file']
+STATICFILES_STORAGE = 'whitenoise.storage.CompressedManifestStaticFilesStorage'

 with CONFIG.cd('log'):
    LOGGING = {
@ -294,38 +284,52 @@ with CONFIG.cd('log'):
                'formatter': 'verbose',
                'filename': CONFIG.get('file'),
            },
+            'queue': {
+                'level': CONFIG.get('level').get('console'),
+                'class': 'passbook.lib.log.QueueListenerHandler',
+                'handlers': [
+                    'cfg://handlers.console',
+                    # 'cfg://handlers.syslog',
+                    'cfg://handlers.file',
+                ],
+            }
        },
        'loggers': {
            'passbook': {
-                'handlers': LOG_HANDLERS,
+                'handlers': ['queue'],
                'level': 'DEBUG',
                'propagate': True,
            },
            'django': {
-                'handlers': LOG_HANDLERS,
+                'handlers': ['queue'],
                'level': 'INFO',
                'propagate': True,
            },
            'tasks': {
-                'handlers': LOG_HANDLERS,
+                'handlers': ['queue'],
                'level': 'DEBUG',
                'propagate': True,
            },
            'cherrypy': {
-                'handlers': LOG_HANDLERS,
+                'handlers': ['queue'],
                'level': 'DEBUG',
                'propagate': True,
            },
            'oauthlib': {
-                'handlers': LOG_HANDLERS,
+                'handlers': ['queue'],
                'level': 'DEBUG',
                'propagate': True,
            },
            'oauth2_provider': {
-                'handlers': LOG_HANDLERS,
+                'handlers': ['queue'],
                'level': 'DEBUG',
                'propagate': True,
            },
+            'daphne': {
+                'handlers': ['queue'],
+                'level': 'INFO',
+                'propagate': True,
+            }
        }
    }

--- a/passbook/core/tasks.py
+++ b/passbook/core/tasks.py
@ -24,5 +24,5 @@ def send_email(to_address, subject, template, context):
@CELERY_APP.task()
 def clean_nonces():
    """Remove expired nonces"""
-    amount = Nonce.objects.filter(expires__lt=datetime.now(), expiring=True).delete()
+    amount, _ = Nonce.objects.filter(expires__lt=datetime.now(), expiring=True).delete()
    LOGGER.debug("Deleted expired %d nonces", amount)