pep8 middleware

Change-Id: Ieef65f05e66b12347752c0e02648858e3242d8e7
This commit is contained in:
John Dickinson 2012-11-20 14:14:16 -08:00
parent cb55f0c3a8
commit 1f7be20a91
7 changed files with 56 additions and 45 deletions

View File

@ -125,15 +125,16 @@ class CNAMELookupMiddleware(object):
break break
else: else:
# try one more deep in the chain # try one more deep in the chain
self.logger.debug(_('Following CNAME chain for ' \ self.logger.debug(
'%(given_domain)s to %(found_domain)s') % _('Following CNAME chain for '
{'given_domain': given_domain, '%(given_domain)s to %(found_domain)s') %
'found_domain': found_domain}) {'given_domain': given_domain,
'found_domain': found_domain})
a_domain = found_domain a_domain = found_domain
if error: if error:
if found_domain: if found_domain:
msg = 'CNAME lookup failed after %d tries' % \ msg = 'CNAME lookup failed after %d tries' % \
self.lookup_depth self.lookup_depth
else: else:
msg = 'CNAME lookup failed to resolve to a valid domain' msg = 'CNAME lookup failed to resolve to a valid domain'
resp = HTTPBadRequest(request=Request(env), body=msg, resp = HTTPBadRequest(request=Request(env), body=msg,

View File

@ -102,7 +102,7 @@ class DomainRemapMiddleware(object):
# account prefix is not in config list. bail. # account prefix is not in config list. bail.
return self.app(env, start_response) return self.app(env, start_response)
prefix_index = self.reseller_prefixes_lower.index( prefix_index = self.reseller_prefixes_lower.index(
account_reseller_prefix) account_reseller_prefix)
real_prefix = self.reseller_prefixes[prefix_index] real_prefix = self.reseller_prefixes[prefix_index]
if not account.startswith(real_prefix): if not account.startswith(real_prefix):
account_suffix = account[len(real_prefix):] account_suffix = account[len(real_prefix):]

View File

@ -245,9 +245,9 @@ class KeystoneAuth(object):
""" """
# Allow container sync. # Allow container sync.
if (req.environ.get('swift_sync_key') if (req.environ.get('swift_sync_key')
and req.environ['swift_sync_key'] == and (req.environ['swift_sync_key'] ==
req.headers.get('x-container-sync-key', None) req.headers.get('x-container-sync-key', None))
and 'x-timestamp' in req.headers): and 'x-timestamp' in req.headers):
log_msg = 'allowing proxy %s for container-sync' % req.remote_addr log_msg = 'allowing proxy %s for container-sync' % req.remote_addr
self.logger.debug(log_msg) self.logger.debug(log_msg)
return True return True

View File

@ -54,7 +54,7 @@ class NameCheckMiddleware(object):
self.app = app self.app = app
self.conf = conf self.conf = conf
self.forbidden_chars = self.conf.get('forbidden_chars', self.forbidden_chars = self.conf.get('forbidden_chars',
FORBIDDEN_CHARS) FORBIDDEN_CHARS)
self.maximum_length = self.conf.get('maximum_length', MAX_LENGTH) self.maximum_length = self.conf.get('maximum_length', MAX_LENGTH)
self.forbidden_regexp = self.conf.get('forbidden_regexp', self.forbidden_regexp = self.conf.get('forbidden_regexp',
FORBIDDEN_REGEXP) FORBIDDEN_REGEXP)
@ -72,7 +72,7 @@ class NameCheckMiddleware(object):
''' '''
self.logger.debug("name_check: path %s" % req.path) self.logger.debug("name_check: path %s" % req.path)
self.logger.debug("name_check: self.forbidden_chars %s" % self.logger.debug("name_check: self.forbidden_chars %s" %
self.forbidden_chars) self.forbidden_chars)
for c in unquote(req.path): for c in unquote(req.path):
if c in self.forbidden_chars: if c in self.forbidden_chars:
@ -104,7 +104,7 @@ class NameCheckMiddleware(object):
self.logger.debug("name_check: path %s" % req.path) self.logger.debug("name_check: path %s" % req.path)
self.logger.debug("name_check: self.forbidden_regexp %s" % self.logger.debug("name_check: self.forbidden_regexp %s" %
self.forbidden_regexp) self.forbidden_regexp)
unquoted_path = unquote(req.path) unquoted_path = unquote(req.path)
match = self.forbidden_regexp_compiled.search(unquoted_path) match = self.forbidden_regexp_compiled.search(unquoted_path)
@ -114,18 +114,21 @@ class NameCheckMiddleware(object):
req = Request(env) req = Request(env)
if self.check_character(req): if self.check_character(req):
return HTTPBadRequest(request=req, return HTTPBadRequest(
body=("Object/Container name contains forbidden chars from %s" request=req,
% self.forbidden_chars))(env, start_response) body=("Object/Container name contains forbidden chars from %s"
% self.forbidden_chars))(env, start_response)
elif self.check_length(req): elif self.check_length(req):
return HTTPBadRequest(request=req, return HTTPBadRequest(
body=("Object/Container name longer than the allowed maximum %s" request=req,
% self.maximum_length))(env, start_response) body=("Object/Container name longer than the allowed maximum "
"%s" % self.maximum_length))(env, start_response)
elif self.check_regexp(req): elif self.check_regexp(req):
return HTTPBadRequest(request=req, return HTTPBadRequest(
body=("Object/Container name contains a forbidden substring " request=req,
"from regular expression %s" body=("Object/Container name contains a forbidden substring "
% self.forbidden_regexp))(env, start_response) "from regular expression %s"
% self.forbidden_regexp))(env, start_response)
else: else:
# Pass on to downstream WSGI component # Pass on to downstream WSGI component
return self.app(env, start_response) return self.app(env, start_response)

View File

@ -47,10 +47,12 @@ class RateLimitMiddleware(object):
float(conf.get('log_sleep_time_seconds', 0)) float(conf.get('log_sleep_time_seconds', 0))
self.clock_accuracy = int(conf.get('clock_accuracy', 1000)) self.clock_accuracy = int(conf.get('clock_accuracy', 1000))
self.rate_buffer_seconds = int(conf.get('rate_buffer_seconds', 5)) self.rate_buffer_seconds = int(conf.get('rate_buffer_seconds', 5))
self.ratelimit_whitelist = [acc.strip() for acc in self.ratelimit_whitelist = \
conf.get('account_whitelist', '').split(',') if acc.strip()] [acc.strip() for acc in
self.ratelimit_blacklist = [acc.strip() for acc in conf.get('account_whitelist', '').split(',') if acc.strip()]
conf.get('account_blacklist', '').split(',') if acc.strip()] self.ratelimit_blacklist = \
[acc.strip() for acc in
conf.get('account_blacklist', '').split(',') if acc.strip()]
self.memcache_client = None self.memcache_client = None
conf_limits = [] conf_limits = []
for conf_key in conf.keys(): for conf_key in conf.keys():
@ -66,7 +68,7 @@ class RateLimitMiddleware(object):
if conf_limits: if conf_limits:
next_size, next_rate = conf_limits[0] next_size, next_rate = conf_limits[0]
slope = (float(next_rate) - float(cur_rate)) \ slope = (float(next_rate) - float(cur_rate)) \
/ (next_size - cur_size) / (next_size - cur_size)
def new_scope(cur_size, slope, cur_rate): def new_scope(cur_size, slope, cur_rate):
# making new scope for variables # making new scope for variables
@ -139,8 +141,8 @@ class RateLimitMiddleware(object):
try: try:
now_m = int(round(time.time() * self.clock_accuracy)) now_m = int(round(time.time() * self.clock_accuracy))
time_per_request_m = int(round(self.clock_accuracy / max_rate)) time_per_request_m = int(round(self.clock_accuracy / max_rate))
running_time_m = self.memcache_client.incr(key, running_time_m = self.memcache_client.incr(
delta=time_per_request_m) key, delta=time_per_request_m)
need_to_sleep_m = 0 need_to_sleep_m = 0
if (now_m - running_time_m > if (now_m - running_time_m >
self.rate_buffer_seconds * self.clock_accuracy): self.rate_buffer_seconds * self.clock_accuracy):
@ -155,7 +157,8 @@ class RateLimitMiddleware(object):
if max_sleep_m - need_to_sleep_m <= self.clock_accuracy * 0.01: if max_sleep_m - need_to_sleep_m <= self.clock_accuracy * 0.01:
# treat as no-op decrement time # treat as no-op decrement time
self.memcache_client.decr(key, delta=time_per_request_m) self.memcache_client.decr(key, delta=time_per_request_m)
raise MaxSleepTimeHitError("Max Sleep Time Exceeded: %.2f" % raise MaxSleepTimeHitError(
"Max Sleep Time Exceeded: %.2f" %
(float(need_to_sleep_m) / self.clock_accuracy)) (float(need_to_sleep_m) / self.clock_accuracy))
return float(need_to_sleep_m) / self.clock_accuracy return float(need_to_sleep_m) / self.clock_accuracy
@ -176,7 +179,8 @@ class RateLimitMiddleware(object):
account_name) account_name)
eventlet.sleep(self.BLACK_LIST_SLEEP) eventlet.sleep(self.BLACK_LIST_SLEEP)
return Response(status='497 Blacklisted', return Response(status='497 Blacklisted',
body='Your account has been blacklisted', request=req) body='Your account has been blacklisted',
request=req)
if account_name in self.ratelimit_whitelist: if account_name in self.ratelimit_whitelist:
return None return None
for key, max_rate in self.get_ratelimitable_key_tuples( for key, max_rate in self.get_ratelimitable_key_tuples(
@ -186,15 +190,17 @@ class RateLimitMiddleware(object):
need_to_sleep = self._get_sleep_time(key, max_rate) need_to_sleep = self._get_sleep_time(key, max_rate)
if self.log_sleep_time_seconds and \ if self.log_sleep_time_seconds and \
need_to_sleep > self.log_sleep_time_seconds: need_to_sleep > self.log_sleep_time_seconds:
self.logger.warning(_("Ratelimit sleep log: %(sleep)s for " self.logger.warning(
"%(account)s/%(container)s/%(object)s"), _("Ratelimit sleep log: %(sleep)s for "
"%(account)s/%(container)s/%(object)s"),
{'sleep': need_to_sleep, 'account': account_name, {'sleep': need_to_sleep, 'account': account_name,
'container': container_name, 'object': obj_name}) 'container': container_name, 'object': obj_name})
if need_to_sleep > 0: if need_to_sleep > 0:
eventlet.sleep(need_to_sleep) eventlet.sleep(need_to_sleep)
except MaxSleepTimeHitError, e: except MaxSleepTimeHitError, e:
self.logger.error(_('Returning 498 for %(meth)s to ' self.logger.error(
'%(acc)s/%(cont)s/%(obj)s . Ratelimit (Max Sleep) %(e)s'), _('Returning 498 for %(meth)s to %(acc)s/%(cont)s/%(obj)s '
'. Ratelimit (Max Sleep) %(e)s'),
{'meth': req.method, 'acc': account_name, {'meth': req.method, 'acc': account_name,
'cont': container_name, 'obj': obj_name, 'e': str(e)}) 'cont': container_name, 'obj': obj_name, 'e': str(e)})
error_resp = Response(status='498 Rate Limited', error_resp = Response(status='498 Rate Limited',

View File

@ -256,10 +256,10 @@ class TempAuth(object):
# account DELETE or PUT... # account DELETE or PUT...
req.environ['swift_owner'] = True req.environ['swift_owner'] = True
return None return None
if (req.environ.get('swift_sync_key') and if (req.environ.get('swift_sync_key')
req.environ['swift_sync_key'] == and (req.environ['swift_sync_key'] ==
req.headers.get('x-container-sync-key', None) and req.headers.get('x-container-sync-key', None))
'x-timestamp' in req.headers): and 'x-timestamp' in req.headers):
return None return None
if req.method == 'OPTIONS': if req.method == 'OPTIONS':
#allow OPTIONS requests to proceed as normal #allow OPTIONS requests to proceed as normal

View File

@ -261,8 +261,8 @@ class TempURL(object):
already = True already = True
break break
if not already: if not already:
headers.append(('Content-Disposition', headers.append(
'attachment; filename=%s' % ('Content-Disposition', 'attachment; filename=%s' %
(quote(basename(env['PATH_INFO']))))) (quote(basename(env['PATH_INFO'])))))
return start_response(status, headers, exc_info) return start_response(status, headers, exc_info)
@ -365,8 +365,9 @@ class TempURL(object):
""" """
if not request_method: if not request_method:
request_method = env['REQUEST_METHOD'] request_method = env['REQUEST_METHOD']
return hmac.new(key, '%s\n%s\n%s' % (request_method, expires, return hmac.new(
env['PATH_INFO']), sha1).hexdigest() key, '%s\n%s\n%s' % (request_method, expires,
env['PATH_INFO']), sha1).hexdigest()
def _invalid(self, env, start_response): def _invalid(self, env, start_response):
""" """
@ -380,8 +381,8 @@ class TempURL(object):
self._log_request(env, HTTP_UNAUTHORIZED) self._log_request(env, HTTP_UNAUTHORIZED)
body = '401 Unauthorized: Temp URL invalid\n' body = '401 Unauthorized: Temp URL invalid\n'
start_response('401 Unauthorized', start_response('401 Unauthorized',
[('Content-Type', 'text/plain'), [('Content-Type', 'text/plain'),
('Content-Length', str(len(body)))]) ('Content-Length', str(len(body)))])
if env['REQUEST_METHOD'] == 'HEAD': if env['REQUEST_METHOD'] == 'HEAD':
return [] return []
return [body] return [body]