addons-server/apps/amo/views.py

396 строки
14 KiB
Python

import json
import os
import random
from PIL import Image
import socket
import StringIO
import time
import traceback
import urllib2
from urlparse import urlparse
from django import http
from django.conf import settings
from django.core.cache import cache, parse_backend_uri
from django.http import HttpResponse, HttpResponseBadRequest
from django.views.decorators.cache import never_cache
from django.views.decorators.csrf import csrf_exempt
from django.views.decorators.http import require_POST
from django_arecibo.tasks import post
import caching.invalidation
import commonware.log
import elasticutils
import jingo
import phpserialize as php
import waffle
import amo
import files.tasks
from amo.decorators import post_required
from hera.contrib.django_utils import get_hera
from stats.models import Contribution, ContributionError, SubscriptionEvent
from applications.management.commands import dump_apps
from . import cron
monitor_log = commonware.log.getLogger('z.monitor')
paypal_log = commonware.log.getLogger('z.paypal')
csp_log = commonware.log.getLogger('z.csp')
jp_log = commonware.log.getLogger('z.jp.repack')
def check_redis():
import redisutils
results = {}
for alias, redis in redisutils.connections.iteritems():
try:
results[alias] = redis.info()
except Exception, e:
results[alias] = None
monitor_log.critical('Failed to chat with redis: (%s)' % e)
return results
@never_cache
def monitor(request, format=None):
# For each check, a boolean pass/fail status to show in the template
status_summary = {}
status = 200
# Check all memcached servers
memcache = getattr(settings, 'CACHES', {}).get('default')
memcache_results = []
status_summary['memcache'] = True
if memcache and 'memcached' in memcache['BACKEND']:
hosts = memcache['LOCATION']
if not isinstance(hosts, (tuple, list)):
hosts = [hosts]
for host in hosts:
ip, port = host.split(':')
try:
s = socket.socket()
s.connect((ip, int(port)))
except Exception, e:
result = False
status_summary['memcache'] = False
monitor_log.critical('Failed to connect to memcached (%s): %s'
% (host, e))
else:
result = True
finally:
s.close()
memcache_results.append((ip, port, result))
if len(memcache_results) < 2:
status_summary['memcache'] = False
monitor_log.warning('You should have 2+ memcache servers. '
'You have %s.' % len(memcache_results))
if not memcache_results:
status_summary['memcache'] = False
monitor_log.info('Memcache is not configured.')
# Check Libraries and versions
libraries_results = []
status_summary['libraries'] = True
try:
Image.new('RGB', (16, 16)).save(StringIO.StringIO(), 'JPEG')
libraries_results.append(('PIL+JPEG', True, 'Got it!'))
except Exception, e:
status_summary['libraries'] = False
msg = "Failed to create a jpeg image: %s" % e
libraries_results.append(('PIL+JPEG', False, msg))
if settings.SPIDERMONKEY:
if os.access(settings.SPIDERMONKEY, os.R_OK):
libraries_results.append(('Spidermonkey is ready!', True, None))
# TODO: see if it works?
else:
status_summary['libraries'] = False
msg = "You said it was at (%s)" % settings.SPIDERMONKEY
libraries_results.append(('Spidermonkey not found!', False, msg))
else:
status_summary['libraries'] = False
msg = "Please set SPIDERMONKEY in your settings file."
libraries_results.append(("Spidermonkey isn't set up.", False, msg))
elastic_results = None
if settings.USE_ELASTIC:
status_summary['elastic'] = False
try:
health = elasticutils.get_es().cluster_health()
status_summary['elastic'] = health['status'] != 'red'
elastic_results = health
except Exception:
elastic_results = traceback.format_exc()
# Check file paths / permissions
rw = (settings.TMP_PATH,
settings.NETAPP_STORAGE,
settings.UPLOADS_PATH,
settings.ADDONS_PATH,
settings.MIRROR_STAGE_PATH,
settings.GUARDED_ADDONS_PATH,
settings.ADDON_ICONS_PATH,
settings.COLLECTIONS_ICON_PATH,
settings.PACKAGER_PATH,
settings.PREVIEWS_PATH,
settings.PERSONAS_PATH,
settings.USERPICS_PATH,
settings.SPHINX_CATALOG_PATH,
settings.SPHINX_LOG_PATH,
dump_apps.Command.JSON_PATH,)
r = [os.path.join(settings.ROOT, 'locale'),
# The deploy process will want write access to this.
# We do not want Django to have write access though.
settings.PROD_DETAILS_DIR]
filepaths = [(path, os.R_OK | os.W_OK, "We want read + write")
for path in rw]
filepaths += [(path, os.R_OK, "We want read") for path in r]
filepath_results = []
filepath_status = True
for path, perms, notes in filepaths:
path_exists = os.path.exists(path)
path_perms = os.access(path, perms)
filepath_status = filepath_status and path_exists and path_perms
filepath_results.append((path, path_exists, path_perms, notes))
status_summary['filepaths'] = filepath_status
# Check Redis
redis_results = [None, 'REDIS_BACKENDS is not set']
if getattr(settings, 'REDIS_BACKENDS', False):
redis_results = check_redis()
status_summary['redis'] = all(i for i in redis_results.values())
# Check Hera
hera_results = []
status_summary['hera'] = True
for i in settings.HERA:
r = {'location': urlparse(i['LOCATION'])[1],
'result': bool(get_hera(i))}
hera_results.append(r)
if not hera_results[-1]['result']:
status_summary['hera'] = False
# If anything broke, send HTTP 500
if not all(status_summary.values()):
status = 500
if format == '.json':
return http.HttpResponse(json.dumps(status_summary),
status=status)
return jingo.render(request, 'services/monitor.html',
{'memcache_results': memcache_results,
'libraries_results': libraries_results,
'filepath_results': filepath_results,
'redis_results': redis_results,
'hera_results': hera_results,
'elastic_results': elastic_results,
'status_summary': status_summary},
status=status)
def robots(request):
"""Generate a robots.txt"""
_service = (request.META['SERVER_NAME'] == settings.SERVICES_DOMAIN)
if _service or not settings.ENGAGE_ROBOTS:
template = "User-agent: *\nDisallow: /"
else:
template = jingo.render(request, 'amo/robots.html',
{'apps': amo.APP_USAGE})
return HttpResponse(template, mimetype="text/plain")
@csrf_exempt
def paypal(request):
"""
Handle PayPal IPN post-back for contribution transactions.
IPN will retry periodically until it gets success (status=200). Any
db errors or replication lag will result in an exception and http
status of 500, which is good so PayPal will try again later.
PayPal IPN variables available at:
https://cms.paypal.com/us/cgi-bin/?cmd=_render-content
&content_ID=developer/e_howto_html_IPNandPDTVariables
"""
try:
return _paypal(request)
except Exception, e:
paypal_log.error('%s\n%s' % (e, request))
return http.HttpResponseServerError('Unknown error.')
def _paypal(request):
def _log_error_with_data(msg, request):
"""Log a message along with some of the POST info from PayPal."""
id = random.randint(0, 99999999)
msg = "[%s] %s (dumping data)" % (id, msg)
paypal_log.error(msg)
logme = {'txn_id': request.POST.get('txn_id'),
'txn_type': request.POST.get('txn_type'),
'payer_email': request.POST.get('payer_email'),
'receiver_email': request.POST.get('receiver_email'),
'payment_status': request.POST.get('payment_status'),
'payment_type': request.POST.get('payment_type'),
'mc_gross': request.POST.get('mc_gross'),
'item_number': request.POST.get('item_number'),
}
paypal_log.error("[%s] PayPal Data: %s" % (id, logme))
if request.method != 'POST':
return http.HttpResponseNotAllowed(['POST'])
# raw_post_data has to be accessed before request.POST. wtf django?
raw, post = request.raw_post_data, request.POST.copy()
# Check that the request is valid and coming from PayPal.
# The order of the params has to match the original request.
data = u'cmd=_notify-validate&' + raw
paypal_response = urllib2.urlopen(settings.PAYPAL_CGI_URL,
data, 20).readline()
if paypal_response != 'VERIFIED':
msg = ("Expecting 'VERIFIED' from PayPal, got '%s'. "
"Failing." % paypal_response)
_log_error_with_data(msg, request)
return http.HttpResponseForbidden('Invalid confirmation')
if post.get('txn_type', '').startswith('subscr_'):
SubscriptionEvent.objects.create(post_data=php.serialize(post))
return http.HttpResponse('Success!')
# List of (old, new) codes so we can transpose the data for
# embedded payments.
for old, new in [('payment_status', 'status'),
('item_number', 'tracking_id'),
('txn_id', 'tracking_id'),
('payer_email', 'sender_email')]:
if old not in post and new in post:
post[old] = post[new]
# We only care about completed transactions.
if post.get('payment_status', '').lower() != 'completed':
return http.HttpResponse('Payment not completed')
# Make sure transaction has not yet been processed.
if (Contribution.objects
.filter(transaction_id=post['txn_id']).count()) > 0:
return http.HttpResponse('Transaction already processed')
# Fetch and update the contribution - item_number is the uuid we created.
try:
c = Contribution.objects.get(uuid=post['item_number'])
except Contribution.DoesNotExist:
key = "%s%s:%s" % (settings.CACHE_PREFIX, 'contrib',
post['item_number'])
count = cache.get(key, 0) + 1
paypal_log.warning('Contribution (uuid=%s) not found for IPN request '
'#%s.' % (post['item_number'], count))
if count > 10:
msg = ("Paypal sent a transaction that we don't know "
"about and we're giving up on it.")
_log_error_with_data(msg, request)
cache.delete(key)
return http.HttpResponse('Transaction not found; skipping.')
cache.set(key, count, 1209600) # This is 2 weeks.
return http.HttpResponseServerError('Contribution not found')
c.transaction_id = post['txn_id']
# Embedded payments does not send an mc_gross.
if 'mc_gross' in post:
c.amount = post['mc_gross']
c.uuid = None
c.post_data = php.serialize(post)
c.save()
# Send thankyou email.
try:
c.mail_thankyou(request)
except ContributionError as e:
# A failed thankyou email is not a show stopper, but is good to know.
paypal_log.error('Thankyou note email failed with error: %s' % e)
return http.HttpResponse('Success!')
def handler404(request):
return jingo.render(request, 'amo/404.lhtml', status=404)
def handler500(request):
arecibo = getattr(settings, 'ARECIBO_SERVER_URL', '')
if arecibo:
post(request, 500)
return jingo.render(request, 'amo/500.lhtml', status=500)
def loaded(request):
return http.HttpResponse('%s' % request.META['wsgi.loaded'],
content_type='text/plain')
@csrf_exempt
@require_POST
def cspreport(request):
"""Accept CSP reports and log them."""
report = ('blocked-uri', 'violated-directive', 'original-policy')
if not waffle.sample_is_active('csp-store-reports'):
return HttpResponse()
try:
v = json.loads(request.raw_post_data)['csp-report']
# CEF module wants a dictionary of environ, we want request
# to be the page with error on it, that's contained in the csp-report.
meta = request.META.copy()
method, url = v['request'].split(' ', 1)
meta.update({'REQUEST_METHOD': method, 'PATH_INFO': url})
v = [(k, v[k]) for k in report if k in v]
# This requires you to use the cef.formatter to get something nice out.
csp_log.warning('Violation', dict(environ=meta,
product='addons',
username=request.user,
data=v))
except Exception:
return HttpResponseBadRequest()
return HttpResponse()
@csrf_exempt
@post_required
def builder_pingback(request):
try:
data = dict(request.POST.items())
# We expect all these attributes to be available.
attrs = 'result msg location secret request'.split()
for attr in attrs:
assert attr in data, '%s not in %s' % (attr, data)
# Only AMO and the builder should know this secret.
assert data.get('secret') == settings.BUILDER_SECRET_KEY
except Exception:
jp_log.warning('Problem with builder pingback.', exc_info=True)
return http.HttpResponseBadRequest()
files.tasks.repackage_jetpack.delay(data)
return http.HttpResponse()
def graphite(request, site):
ctx = {'width': 586, 'height': 308}
ctx.update(request.GET.items())
ctx['site'] = site
return jingo.render(request, 'services/graphite.html', ctx)