[Mpuls-commits] r2875 - in base/trunk: . mpulsweb/lib
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Thu Jun 3 14:57:31 CEST 2010
Author: bh
Date: 2010-06-03 14:57:29 +0200 (Thu, 03 Jun 2010)
New Revision: 2875
Modified:
base/trunk/ChangeLog
base/trunk/mpulsweb/lib/base.py
base/trunk/mpulsweb/lib/security.py
Log:
Unify the way the database connection parameters are determined to
avoid code duplication and to make sure it always works the same
way.
* mpulsweb/lib/security.py (get_db_parameters): New. Determine
the database connection parameters from user-specific information
like the username and password and defaults from the
configuration. This function also takes the db mapping into
account.
(checkLogin): use get_db_parameters to determine the database
parameters. Also, make sure to use login name from the database
parameters to lookup the user in the database. Using
get_db_parameters makes sure that the db mapping is taken into
account here, so that logging in with an active db-mapping
actually works.
* mpulsweb/lib/base.py: use the new get_db_parameters to determine
the database parameters.
Modified: base/trunk/ChangeLog
===================================================================
--- base/trunk/ChangeLog 2010-06-03 11:21:54 UTC (rev 2874)
+++ base/trunk/ChangeLog 2010-06-03 12:57:29 UTC (rev 2875)
@@ -1,5 +1,26 @@
2010-06-03 Bernhard Herzog <bh at intevation.de>
+ Unify the way the database connection parameters are determined to
+ avoid code duplication and to make sure it always works the same
+ way.
+
+ * mpulsweb/lib/security.py (get_db_parameters): New. Determine
+ the database connection parameters from user-specific information
+ like the username and password and defaults from the
+ configuration. This function also takes the db mapping into
+ account.
+ (checkLogin): use get_db_parameters to determine the database
+ parameters. Also, make sure to use login name from the database
+ parameters to lookup the user in the database. Using
+ get_db_parameters makes sure that the db mapping is taken into
+ account here, so that logging in with an active db-mapping
+ actually works.
+
+ * mpulsweb/lib/base.py: use the new get_db_parameters to determine
+ the database parameters.
+
+2010-06-03 Bernhard Herzog <bh at intevation.de>
+
* mpulsweb/lib/base.py (BaseController.__before__): Use
request.path_info, not request.path, when checking whether to the
user is already accessing a page we want to redirect to. This
Modified: base/trunk/mpulsweb/lib/base.py
===================================================================
--- base/trunk/mpulsweb/lib/base.py 2010-06-03 11:21:54 UTC (rev 2874)
+++ base/trunk/mpulsweb/lib/base.py 2010-06-03 12:57:29 UTC (rev 2875)
@@ -47,7 +47,7 @@
from mpulsweb.lib.navigation import get_navigation
import mpulsweb.lib.helpers as h
-from mpulsweb.lib.security import getDbName, userIdentity
+from mpulsweb.lib.security import getDbName, userIdentity, get_db_parameters
# These names are exported from this module largely for historical
# reasons. Ideally the module should probably only export
@@ -137,30 +137,14 @@
# If not then redirect the user to the login page
try:
user = session['USER_AUTHORIZED']
- origdbname = getDbName()
+ db_parameters = get_db_parameters(getDbName(),
+ user.login, user.password,
+ config.get('mpuls.db.host'),
+ config.get('mpuls.db.port'),
+ config.get('mpuls.db.database'),
+ config.get('mpuls.db.user'))
- # Load dbmapping
- mapping = g.mpuls_dbmapping.get_mapping()
- if mapping.has_key(origdbname):
- log.debug('mapping: %s' % mapping.get(origdbname))
- dbname = mapping.get(origdbname).get('name')
- dbhost = mapping.get(origdbname).get('host')
- dbport = mapping.get(origdbname).get('port')
- userschema = mapping.get(origdbname).get('userschema')
- dbschema = mapping.get(origdbname).get('dbschema')
- else:
- log.debug('not found %s in mapping' % origdbname)
- dbname = origdbname
- dbhost = config.get('mpuls.db.host')
- dbport = config.get('mpuls.db.port')
- userschema = config.get('mpuls.db.user')
- dbschema = config.get('mpuls.db.database')
-
- self.db = db.DB(database=dbschema% dbname,
- host=dbhost,
- port=dbport,
- user=userschema % (dbname, user.login),
- password=user.password)
+ self.db = db.DB(**db_parameters)
db.enter(self.db)
# Is the user activated?
Modified: base/trunk/mpulsweb/lib/security.py
===================================================================
--- base/trunk/mpulsweb/lib/security.py 2010-06-03 11:21:54 UTC (rev 2874)
+++ base/trunk/mpulsweb/lib/security.py 2010-06-03 12:57:29 UTC (rev 2875)
@@ -43,7 +43,7 @@
from decorator import decorator
from paste.httpexceptions import HTTPUnauthorized
-from pylons import request, session, config
+from pylons import request, session, config, g
from mpulsweb.lib.db import DB, db, enter, leave
@@ -106,18 +106,19 @@
log.info('Login: user "%s" in "%s"' % (user, dbname))
try:
- mydb = DB(database=config.get('mpuls.db.database') % dbname,
- host=config.get('mpuls.db.host'),
- port=config.get('mpuls.db.port'),
- user=config.get('mpuls.db.user') % (dbname, user),
- password=password)
+ db_parameters = get_db_parameters(dbname, user, password,
+ config.get('mpuls.db.host'),
+ config.get('mpuls.db.port'),
+ config.get('mpuls.db.database'),
+ config.get('mpuls.db.user'))
+ mydb = DB(**db_parameters)
try:
enter(mydb)
conn, cursor = None, None
try:
conn = db.getConnection()
cursor = conn.cursor()
- login = "ka_%s_%s" % (dbname, user)
+ login = db_parameters["user"]
fields = {'login': login}
cursor.execute(FETCH_USER_DATA_SQL, fields)
try:
@@ -303,6 +304,52 @@
raise
return kaname
+
+
+def get_db_parameters(dbagency, login, password, host, port, dbtemplate,
+ usertemplate):
+ """Determine database connection parameters from user-specific information.
+
+ Parameters:
+
+ dbagency -- identifier of the agency the user works for. This
+ will usually be determined by the getDbName function
+
+ login, password -- Login name and corresponding password
+
+ host, port -- Default host and portname of the database cluster
+
+ dbtemplate -- Default template string used to derive the actual
+ database name from dbagency
+
+ usertemplate -- Default template string used to derive the actual
+ database username to use when logging into the
+ database, derived from dbagency and login name.
+
+ The dbagency parameter is used to lookup agency specific settings in
+ the configuration (via g.mpuls_dbmapping.get_mapping()) which can
+ override any of the parameters host, port, dbtemplate, usertemplate
+ and dbagency.
+
+ The return value is a dictionary with the keys host, port, database,
+ user and password. It can be used directly as a dictionary for the
+ keyword parameter of a DB-API connect() call.
+ """
+ mapping = g.mpuls_dbmapping.get_mapping()
+ mapped_parameters = mapping.get(dbagency)
+ if mapped_parameters:
+ log.debug('mapped_parameters: %s' % mapped_parameters)
+ dbagency = mapped_parameters.get('dbagency', dbagency)
+ host = mapped_parameters.get('host', host)
+ port = mapped_parameters.get('port', port)
+ dbtemplate = mapped_parameters.get('dbtemplate', dbtemplate)
+ usertemplate = mapped_parameters.get('usertemplate', usertemplate)
+
+ return dict(host=host, port=port, database=dbtemplate % dbagency,
+ user=usertemplate % (dbagency, login),
+ password=password)
+
+
def checkRole(role):
if type(role) in (ListType, TupleType):
_role = role
More information about the Mpuls-commits
mailing list