From 2a995e369ac05d4e44110dd0a51822c3dc5db63d Mon Sep 17 00:00:00 2001 From: antuarc Date: Fri, 30 Aug 2024 13:16:41 +1000 Subject: [PATCH] [QOLDEV-935] clean up obsolete Pylons intercepts --- ckanext/qgov/common/intercepts.py | 82 ------------------------------- 1 file changed, 82 deletions(-) diff --git a/ckanext/qgov/common/intercepts.py b/ckanext/qgov/common/intercepts.py index cebaa99..c8644a4 100644 --- a/ckanext/qgov/common/intercepts.py +++ b/ckanext/qgov/common/intercepts.py @@ -63,40 +63,6 @@ def set_intercepts(): schemas.default_resource_schema = default_resource_schema -def set_pylons_intercepts(): - from ckan.controllers.user import UserController - from ckan.controllers.package import PackageController - try: - from ckan.controllers.storage import StorageController - storage_enabled = True - except ImportError: - storage_enabled = False - from ckan.lib import base - from ckan.controllers import group, package, user - - global LOGGED_IN, PACKAGE_EDIT, RESOURCE_EDIT, RESOURCE_DOWNLOAD, STORAGE_DOWNLOAD, ABORT - LOGGED_IN = UserController.logged_in - PACKAGE_EDIT = PackageController._save_edit - RESOURCE_EDIT = PackageController.resource_edit - RESOURCE_DOWNLOAD = PackageController.resource_download - ABORT = base.abort - - UserController.logged_in = logged_in - PackageController._save_edit = save_edit - PackageController.resource_edit = validate_resource_edit - - if storage_enabled: - STORAGE_DOWNLOAD = StorageController.file - StorageController.file = storage_download_with_headers - PackageController.resource_download = resource_download_with_headers - - # Monkey-patch ourselves into the 404 handler - base.abort = abort_with_purl - group.abort = abort_with_purl - package.abort = abort_with_purl - user.abort = abort_with_purl - - def user_password_validator(key, data, errors, context): """ Strengthen the built-in password validation to require more length and complexity. """ @@ -215,22 +181,6 @@ def user_update(original_action, context, data_dict): return return_value -def logged_in(self): - """ Provide a custom error code when login fails due to account lockout. - """ - if not c.user: - # a number of failed login attempts greater than 10 indicates - # that the locked user is associated with the current request - redis_conn = connect_to_redis() - - for key in redis_conn.keys('{}.ckanext.qgov.login_attempts.*'.format(g.site_id)): - login_attempts = redis_conn.get(key) - if login_attempts > 10: - redis_conn.set(key, 10, ex=LOGIN_THROTTLE_EXPIRY) - return self.login('account-locked') - return LOGGED_IN(self) - - def save_edit(self, name_or_id, context, package_type=None): ''' Intercept save_edit @@ -283,35 +233,3 @@ def validate_resource_edit(self, id, resource_id, h.flash_error("CSV was NOT validated against the selected schema") return RESOURCE_EDIT(self, id, resource_id, data, errors, error_summary) - - -def _set_download_headers(response): - response.headers['Content-Disposition'] = 'attachment' - response.headers['X-Content-Type-Options'] = 'nosniff' - - -def storage_download_with_headers(self, label): - """ Add security headers to protect against download-based exploits. - """ - file_download = STORAGE_DOWNLOAD(self, label) - _set_download_headers(toolkit.response) - return file_download - - -def resource_download_with_headers(self, id, resource_id, filename=None): - """ Add security headers to protect against download-based exploits. - """ - file_download = RESOURCE_DOWNLOAD(self, id, resource_id, filename) - _set_download_headers(toolkit.response) - return file_download - - -def abort_with_purl(status_code=None, detail='', headers=None, comment=None): - """ Consult PURL about a 404, redirecting if it reports a new URL. - """ - if status_code == 404: - redirect_url = get_purl_response(request.url) - if redirect_url: - return redirect_to(redirect_url, 301) - - return ABORT(status_code, detail, headers, comment)