kinto 18.1.0__py3-none-any.whl → 20.4.0__py3-none-any.whl

kinto/__init__.py

@@ -38,6 +38,7 @@ DEFAULT_SETTINGS = {
     "record_id_generator": "kinto.views.RelaxedUUID",
     "project_name": "kinto",
     "admin_assets_path": None,
+    "metrics_matchdict_fields": ["bucket_id", "collection_id", "group_id", "record_id"],
 }
 
 

kinto/__main__.py

@@ -9,7 +9,6 @@ from pyramid.paster import bootstrap
 from pyramid.scripts import pserve
 
 from kinto import __version__
-from kinto import scripts as kinto_scripts
 from kinto.config import init
 from kinto.core import scripts as core_scripts
 from kinto.plugins.accounts import scripts as accounts_scripts
@@ -33,7 +32,6 @@ def main(args=None):
         "migrate",
         "flush-cache",
         "version",
-        "rebuild-quotas",
         "create-user",
     )
     subparsers = parser.add_subparsers(
@@ -107,16 +105,6 @@ def main(args=None):
                 default=False,
             )
 
-        elif command == "rebuild-quotas":
-            subparser.add_argument(
-                "--dry-run",
-                action="store_true",
-                help="Simulate the rebuild operation and show information",
-                dest="dry_run",
-                required=False,
-                default=False,
-            )
-
         elif command == "start":
             subparser.add_argument(
                 "--reload",
@@ -161,8 +149,7 @@ def main(args=None):
         if not backend:
             while True:
                 prompt = (
-                    "Select the backend you would like to use: "
-                    "(1 - postgresql, default - memory) "
+                    "Select the backend you would like to use: (1 - postgresql, default - memory) "
                 )
                 answer = input(prompt).strip()
                 try:
@@ -215,11 +202,6 @@ def main(args=None):
         env = bootstrap(config_file, options={"command": "flush-cache"})
         core_scripts.flush_cache(env)
 
-    elif which_command == "rebuild-quotas":
-        dry_run = parsed_args["dry_run"]
-        env = bootstrap(config_file, options={"command": "rebuild-quotas"})
-        return kinto_scripts.rebuild_quotas(env, dry_run=dry_run)
-
     elif which_command == "create-user":
         username = parsed_args["username"]
         password = parsed_args["password"]

kinto/config/kinto.tpl

@@ -36,7 +36,6 @@ kinto.includes = kinto.plugins.default_bucket
                  kinto.plugins.admin
                  kinto.plugins.accounts
 #                kinto.plugins.history
-#                kinto.plugins.quotas
 
 # Backends
 # https://kinto.readthedocs.io/en/latest/configuration/settings.html#storage
@@ -104,18 +103,6 @@ kinto.account_create_principals = system.Everyone
 kinto.account_write_principals = account:admin
 # Allow administrators to create buckets
 kinto.bucket_create_principals = account:admin
-# Enable the "account_validation" option.
-# kinto.account_validation = true
-# Set the sender for the validation email.
-# kinto.account_validation.email_sender = "admin@example.com"
-# Set the regular expression used to validate a proper email address.
-# kinto.account_validation.email_regexp = "^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\\.[a-zA-Z0-9-.]+$"
-
-# Mail configuration (needed for the account validation option), see https://docs.pylonsproject.org/projects/pyramid_mailer/en/latest/#configuration
-# mail.host = localhost
-# mail.port = 25
-# mail.username = someusername
-# mail.password = somepassword
 
 # Notifications
 # https://kinto.readthedocs.io/en/latest/configuration/settings.html#notifications
@@ -258,7 +245,7 @@ keys = root, kinto
 keys = console
 
 [formatters]
-keys = color
+keys = color, json
 
 [logger_root]
 level = INFO
@@ -271,10 +258,13 @@ qualname = kinto
 propagate = 0
 
 [handler_console]
-class = StreamHandler
+class = kinto.core.StreamHandlerWithRequestID
 args = (sys.stderr,)
 level = NOTSET
 formatter = color
 
 [formatter_color]
 class = logging_color_formatter.ColorFormatter
+
+[formatter_json]
+class = kinto.core.JsonLogFormatter

kinto/contribute.json

@@ -0,0 +1,27 @@
+{
+  "name": "Kinto",
+  "description": "Kinto is a minimalist JSON storage service with synchronisation and sharing abilities.",
+  "repository": {
+    "url": "https://github.com/Kinto/kinto",
+    "license": "Apache License (2.0)",
+    "tests": "https://github.com/Kinto/kinto/actions"
+  },
+  "participate": {
+    "home": "https://kinto.readthedocs.io/en/latest/community.html#how-to-contribute",
+    "docs": "https://kinto.readthedocs.io/",
+    "irc": "irc://irc.freenode.org/#kinto",
+    "irc-contacts": ["alexis", "leplatrem", "magopian", "natim", "NiKo`"]
+  },
+  "bugs": {
+    "list": "https://github.com/Kinto/kinto/issues",
+    "report": "https://github.com/Kinto/kinto/issues/new"
+  },
+  "keywords": [
+    "JSON",
+    "Python",
+    "Pyramid",
+    "REST",
+    "API",
+    "Database"
+  ]
+}

kinto/core/__init__.py

@@ -4,11 +4,11 @@ import logging
 import tempfile
 
 import pkg_resources
-from cornice import Service as CorniceService
 from dockerflow import logging as dockerflow_logging
 from pyramid.settings import aslist
 
 from kinto.core import errors, events
+from kinto.core.cornice import Service as CorniceService
 from kinto.core.initialization import (  # NOQA
     initialize,
     install_middlewares,
@@ -66,8 +66,8 @@ DEFAULT_SETTINGS = {
         "kinto.core.initialization.setup_authentication",
         "kinto.core.initialization.setup_backoff",
         "kinto.core.initialization.setup_sentry",
-        "kinto.core.initialization.setup_statsd",
         "kinto.core.initialization.setup_listeners",
+        "kinto.core.initialization.setup_metrics",
         "kinto.core.events.setup_transaction_hook",
     ),
     "event_listeners": "",
@@ -96,6 +96,7 @@ DEFAULT_SETTINGS = {
     "statsd_backend": "kinto.core.statsd",
     "statsd_prefix": "kinto.core",
     "statsd_url": None,
+    "metrics_matchdict_fields": [],
     "storage_backend": "",
     "storage_url": "",
     "storage_max_fetch_size": 10000,
@@ -109,10 +110,8 @@ DEFAULT_SETTINGS = {
     "trailing_slash_redirect_ttl_seconds": 3600,
     "multiauth.groupfinder": "kinto.core.authorization.groupfinder",
     "multiauth.policies": "",
-    "multiauth.policy.basicauth.use": (
-        "kinto.core.authentication." "BasicAuthAuthenticationPolicy"
-    ),
-    "multiauth.authorization_policy": ("kinto.core.authorization." "AuthorizationPolicy"),
+    "multiauth.policy.basicauth.use": "kinto.core.authentication.BasicAuthAuthenticationPolicy",
+    "multiauth.authorization_policy": "kinto.core.authorization.AuthorizationPolicy",
 }
 
 
@@ -152,6 +151,20 @@ class JsonLogFormatter(dockerflow_logging.JsonLogFormatter):
         self.logger_name = logger_name
 
 
+class StreamHandlerWithRequestID(logging.StreamHandler):
+    """
+    A custom StreamHandler that adds the Dockerflow's `RequestIdLogFilter`.
+
+    Defining a custom handler seems to be the only way to bypass the fact that
+    ``logging.config.fileConfig()`` does not load filters from ``.ini`` files.
+    """
+
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        filter_ = dockerflow_logging.RequestIdLogFilter()
+        self.addFilter(filter_)
+
+
 def get_user_info(request):
     # Default user info (shown in hello view for example).
     user_info = {"id": request.prefixed_userid, "principals": request.prefixed_principals}
@@ -187,10 +200,10 @@ def includeme(config):
     config.add_request_method(events.notify_resource_event, name="notify_resource_event")
 
     # Setup cornice.
-    config.include("cornice")
+    config.include("kinto.core.cornice")
 
     # Setup cornice api documentation
-    config.include("cornice_swagger")
+    config.include("kinto.core.cornice_swagger")
 
     # Per-request transaction.
     config.include("pyramid_tm")

kinto/core/cornice/__init__.py

@@ -0,0 +1,93 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this file,
+# You can obtain one at http://mozilla.org/MPL/2.0/.
+import logging
+from functools import partial
+
+from pyramid.events import NewRequest
+from pyramid.httpexceptions import HTTPForbidden, HTTPNotFound
+from pyramid.security import NO_PERMISSION_REQUIRED
+from pyramid.settings import asbool, aslist
+
+from kinto.core.cornice.errors import Errors  # NOQA
+from kinto.core.cornice.pyramidhook import (
+    handle_exceptions,
+    register_resource_views,
+    register_service_views,
+    wrap_request,
+)
+from kinto.core.cornice.renderer import CorniceRenderer
+from kinto.core.cornice.service import Service  # NOQA
+from kinto.core.cornice.util import ContentTypePredicate, current_service
+
+
+logger = logging.getLogger("cornice")
+
+
+def set_localizer_for_languages(event, available_languages, default_locale_name):
+    """
+    Sets the current locale based on the incoming Accept-Language header, if
+    present, and sets a localizer attribute on the request object based on
+    the current locale.
+
+    To be used as an event handler, this function needs to be partially applied
+    with the available_languages and default_locale_name arguments. The
+    resulting function will be an event handler which takes an event object as
+    its only argument.
+    """
+    request = event.request
+    if request.accept_language:
+        accepted = request.accept_language.lookup(available_languages, default=default_locale_name)
+        request._LOCALE_ = accepted
+
+
+def setup_localization(config):
+    """
+    Setup localization based on the available_languages and
+    pyramid.default_locale_name settings.
+
+    These settings are named after suggestions from the "Internationalization
+    and Localization" section of the Pyramid documentation.
+    """
+    try:
+        config.add_translation_dirs("colander:locale/")
+        settings = config.get_settings()
+        available_languages = aslist(settings["available_languages"])
+        default_locale_name = settings.get("pyramid.default_locale_name", "en")
+        set_localizer = partial(
+            set_localizer_for_languages,
+            available_languages=available_languages,
+            default_locale_name=default_locale_name,
+        )
+        config.add_subscriber(set_localizer, NewRequest)
+    except ImportError:  # pragma: no cover
+        # add_translation_dirs raises an ImportError if colander is not
+        # installed
+        pass
+
+
+def includeme(config):
+    """Include the Cornice definitions"""
+    # attributes required to maintain services
+    config.registry.cornice_services = {}
+
+    settings = config.get_settings()
+
+    # localization request subscriber must be set before first call
+    # for request.localizer (in wrap_request)
+    if settings.get("available_languages"):
+        setup_localization(config)
+
+    config.add_directive("add_cornice_service", register_service_views)
+    config.add_directive("add_cornice_resource", register_resource_views)
+    config.add_subscriber(wrap_request, NewRequest)
+    config.add_renderer("cornicejson", CorniceRenderer())
+    config.add_view_predicate("content_type", ContentTypePredicate)
+    config.add_request_method(current_service, reify=True)
+
+    if asbool(settings.get("handle_exceptions", True)):
+        config.add_view(handle_exceptions, context=Exception, permission=NO_PERMISSION_REQUIRED)
+        config.add_view(handle_exceptions, context=HTTPNotFound, permission=NO_PERMISSION_REQUIRED)
+        config.add_view(
+            handle_exceptions, context=HTTPForbidden, permission=NO_PERMISSION_REQUIRED
+        )

kinto/core/cornice/cors.py

@@ -0,0 +1,144 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this file,
+# You can obtain one at http://mozilla.org/MPL/2.0/.
+import fnmatch
+import functools
+
+from pyramid.settings import asbool
+
+
+CORS_PARAMETERS = (
+    "cors_headers",
+    "cors_enabled",
+    "cors_origins",
+    "cors_credentials",
+    "cors_max_age",
+    "cors_expose_all_headers",
+)
+
+
+def get_cors_preflight_view(service):
+    """Return a view for the OPTION method.
+
+    Checks that the User-Agent is authorized to do a request to the server, and
+    to this particular service, and add the various checks that are specified
+    in http://www.w3.org/TR/cors/#resource-processing-model.
+    """
+
+    def _preflight_view(request):
+        response = request.response
+        origin = request.headers.get("Origin")
+        supported_headers = service.cors_supported_headers_for()
+
+        if not origin:
+            request.errors.add("header", "Origin", "this header is mandatory")
+
+        requested_method = request.headers.get("Access-Control-Request-Method")
+        if not requested_method:
+            request.errors.add(
+                "header", "Access-Control-Request-Method", "this header is mandatory"
+            )
+
+        if not (requested_method and origin):
+            return
+
+        requested_headers = request.headers.get("Access-Control-Request-Headers", ())
+
+        if requested_headers:
+            requested_headers = map(str.strip, requested_headers.split(","))
+
+        if requested_method not in service.cors_supported_methods:
+            request.errors.add("header", "Access-Control-Request-Method", "Method not allowed")
+
+        if not service.cors_expose_all_headers:
+            for h in requested_headers:
+                if h.lower() not in [s.lower() for s in supported_headers]:
+                    request.errors.add(
+                        "header", "Access-Control-Request-Headers", 'Header "%s" not allowed' % h
+                    )
+
+        supported_headers = set(supported_headers) | set(requested_headers)
+
+        response.headers["Access-Control-Allow-Headers"] = ",".join(supported_headers)
+
+        response.headers["Access-Control-Allow-Methods"] = ",".join(service.cors_supported_methods)
+
+        max_age = service.cors_max_age_for(requested_method)
+        if max_age is not None:
+            response.headers["Access-Control-Max-Age"] = str(max_age)
+
+        return None
+
+    return _preflight_view
+
+
+def _get_method(request):
+    """Return what's supposed to be the method for CORS operations.
+    (e.g if the verb is options, look at the A-C-Request-Method header,
+    otherwise return the HTTP verb).
+    """
+    if request.method == "OPTIONS":
+        method = request.headers.get("Access-Control-Request-Method", request.method)
+    else:
+        method = request.method
+    return method
+
+
+def ensure_origin(service, request, response=None, **kwargs):
+    """Ensure that the origin header is set and allowed."""
+    response = response or request.response
+
+    # Don't check this twice.
+    if not request.info.get("cors_checked", False):
+        method = _get_method(request)
+
+        origin = request.headers.get("Origin")
+
+        if not origin:
+            always_cors = asbool(request.registry.settings.get("cornice.always_cors"))
+            # With this setting, if the service origins has "*", then
+            # always return CORS headers.
+            origins = getattr(service, "cors_origins", [])
+            if always_cors and "*" in origins:
+                origin = "*"
+
+        if origin:
+            if not any([fnmatch.fnmatchcase(origin, o) for o in service.cors_origins_for(method)]):
+                request.errors.add("header", "Origin", "%s not allowed" % origin)
+            elif service.cors_support_credentials_for(method):
+                response.headers["Access-Control-Allow-Origin"] = origin
+            else:
+                if any([o == "*" for o in service.cors_origins_for(method)]):
+                    response.headers["Access-Control-Allow-Origin"] = "*"
+                else:
+                    response.headers["Access-Control-Allow-Origin"] = origin
+        request.info["cors_checked"] = True
+    return response
+
+
+def get_cors_validator(service):
+    return functools.partial(ensure_origin, service)
+
+
+def apply_cors_post_request(service, request, response):
+    """Handles CORS-related post-request things.
+
+    Add some response headers, such as the Expose-Headers and the
+    Allow-Credentials ones.
+    """
+    response = ensure_origin(service, request, response)
+    method = _get_method(request)
+
+    if (
+        service.cors_support_credentials_for(method)
+        and "Access-Control-Allow-Credentials" not in response.headers
+    ):
+        response.headers["Access-Control-Allow-Credentials"] = "true"
+
+    if request.method != "OPTIONS":
+        # Which headers are exposed?
+        supported_headers = service.cors_supported_headers_for(request.method)
+        if supported_headers:
+            response.headers["Access-Control-Expose-Headers"] = ", ".join(supported_headers)
+
+    return response

kinto/core/cornice/errors.py

@@ -0,0 +1,40 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this file,
+# You can obtain one at http://mozilla.org/MPL/2.0/.
+import json
+
+from pyramid.i18n import TranslationString
+
+
+class Errors(list):
+    """Holds Request errors"""
+
+    def __init__(self, status=400, localizer=None):
+        self.status = status
+        self.localizer = localizer
+        super(Errors, self).__init__()
+
+    def add(self, location, name=None, description=None, **kw):
+        """Registers a new error."""
+        allowed = ("body", "querystring", "url", "header", "path", "cookies", "method")
+        if location != "" and location not in allowed:
+            raise ValueError("%r not in %s" % (location, allowed))
+
+        if isinstance(description, TranslationString) and self.localizer:
+            description = self.localizer.translate(description)
+
+        self.append(dict(location=location, name=name, description=description, **kw))
+
+    @classmethod
+    def from_json(cls, string):
+        """Transforms a json string into an `Errors` instance"""
+        obj = json.loads(string.decode())
+        return Errors.from_list(obj.get("errors", []))
+
+    @classmethod
+    def from_list(cls, obj):
+        """Transforms a python list into an `Errors` instance"""
+        errors = Errors()
+        for error in obj:
+            errors.add(**error)
+        return errors