Python app.app.config() Examples

def run_migrations_offline():
    """
    Run migrations in 'offline' mode.

    This configures the context with just a URL
    and not an Engine, though an Engine is acceptable
    here as well.  By skipping the Engine creation
    we don't even need a DBAPI to be available.

    Calls to context.execute() here emit the given string to the
    script output.
    """
    url = unquote(DB_URI)
    context.configure(url=url, target_metadata=target_metadata, transactional_ddl=True)
    context.config.attributes["progress_reporter"] = progress_reporter
    op = ProgressWrapper(alembic_op, NullReporter())

    with context.begin_transaction():
        context.run_migrations(op=op, tables=tables, tester=get_tester()) 

def post(self, username):
        # Ensure that we are using database auth.
        if app.config["AUTHENTICATION_TYPE"] != "Database":
            raise InvalidRequest("Cannot send a recovery e-mail for non-database auth")

        if SuperUserPermission().can():
            user = pre_oci_model.get_nonrobot_user(username)
            if user is None:
                raise NotFound()

            if superusers.is_superuser(username):
                raise InvalidRequest("Cannot send a recovery email for a superuser")

            code = pre_oci_model.create_reset_password_email_code(user.email)
            send_recovery_email(user.email, code)
            return {"email": user.email}

        raise Unauthorized() 

def v2_support_enabled():
    docker_ver = docker_version(request.user_agent.string)

    # Check if our version is one of the blacklisted versions, if we can't
    # identify the version (None) we will fail open and assume that it is
    # newer and therefore should not be blacklisted.
    if docker_ver is not None and Spec(app.config["BLACKLIST_V2_SPEC"]).match(docker_ver):
        abort(404)

    response = make_response("true", 200)

    if get_authenticated_context() is None:
        response = make_response("true", 401)

    response.headers.extend(get_auth_headers())
    return response 

def renderFeedsSourceTable(source, page=1):
	feeds = g.session.query(db.RssFeedPost) \
		.filter(db.RssFeedPost.srcname == source)  \
		.order_by(desc(db.RssFeedPost.published))

	if feeds is None:
		flash('No feeds? Something is /probably/ broken!.')
		return redirect(url_for('renderFeedsTable'))

	feed_entries = paginate(feeds, page, app.config['FEED_ITEMS_PER_PAGE'])

	return render_template('rss-pages/feeds.html',
						   subheader = "Source = '%s'" % source,
						   sequence_item   = feed_entries,
						   page            = page
						   ) 

def post(self, namespace_name, repo_name, trigger_uuid, field_name):
        """
        List the field values for a custom run field.
        """
        trigger = get_trigger(trigger_uuid)

        config = request.get_json() or None
        if AdministerRepositoryPermission(namespace_name, repo_name).can():
            handler = BuildTriggerHandler.get_handler(trigger, config)
            values = handler.list_field_values(field_name, limit=FIELD_VALUE_LIMIT)

            if values is None:
                raise NotFound()

            return {"values": values}
        else:
            raise Unauthorized() 

def define_json_response(schema_name):
    def wrapper(func):
        @add_method_metadata("response_schema", schema_name)
        @wraps(func)
        def wrapped(self, *args, **kwargs):
            schema = self.schemas[schema_name]
            resp = func(self, *args, **kwargs)

            if app.config["TESTING"]:
                try:
                    validate(resp, schema)
                except ValidationError as ex:
                    raise InvalidResponse(str(ex))

            return resp

        return wrapped

    return wrapper 

def upload_file():
	# check if the post request has the file part
	if 'file' not in request.files:
		resp = jsonify({'message' : 'No file part in the request'})
		resp.status_code = 400
		return resp
	file = request.files['file']
	if file.filename == '':
		resp = jsonify({'message' : 'No file selected for uploading'})
		resp.status_code = 400
		return resp
	if file and allowed_file(file.filename):
		filename = secure_filename(file.filename)
		file.save(os.path.join(os.path.dirname(os.path.abspath(__file__)), app.config['UPLOAD_FOLDER'], filename))
		resp = jsonify({'message' : 'File {} successfully uploaded to {}'.format(filename, os.path.dirname(os.path.abspath(__file__)))})
		resp.status_code = 201
		return resp
	else:
		resp = jsonify({'message' : 'Allowed file types are txt, csv, xlsx, xls'})
		resp.status_code = 400
		return resp 

def __init__(self, local=True):
        
        if local:
        # Class instance connection to Mongo
            self.connection = MongoClient()
    
            if config.AUTH:
                try:
                    self.connection.admin.authenticate(config.USERNAME, config.PASSWORD)
                except:
                    print('Error: Authentication failed. Please check:\n1. MongoDB credentials in config.py\n2. MongoDB uses the correct authentication schema (MONGODB-CR)\nFor more info. see https://github.com/bitslabsyr/stack/wiki/Installation')
                    sys.exit(1)
                
            # App-wide config file for project info access
            self.config_db = self.connection.config
            self.stack_config = self.config_db.config
        else:
            self.connection = MongoClient(config.CT_SERVER)
    
            if config.CT_AUTH:
                try:
                    self.connection.admin.authenticate(config.CT_USERNAME, config.CT_PASSWORD)
                except:
                    print('Error: Authentication failed at the central server. Please check:\n1. MongoDB credentials in config.py\n2. MongoDB uses the correct authentication schema (MONGODB-CR)\nFor more info. see https://github.com/bitslabsyr/stack/wiki/Installation')
                    sys.exit(1) 

def get_collector_detail(self, project_id, collector_id):
        """
        When passed a collector_id, returns that collectors details
        """
        project = self.get_project_detail(project_id)

        if project['status']:
            configdb = project['project_config_db']

            project_config_db = self.connection[configdb]
            coll = project_config_db.config

            collector = coll.find_one({'_id': ObjectId(collector_id)})
            if collector:
                collector['_id'] = str(collector['_id'])
                resp = {'status': 1, 'message': 'Success', 'collector': collector}
            else:
                resp = {'status': 0, 'message': 'Failed'}
        else:
            resp = {'status': 0, 'message': 'Failed'}

        return resp 

def get_network_detail(self, project_id, network):
        """
        Returns details for a network module. To be used by the Controller.
        """
        project = self.get_project_detail(project_id)

        if project['status']:
            configdb = project['project_config_db']

            project_config_db = self.connection[configdb]
            coll = project_config_db.config

            network = coll.find_one({'module': network})
            if network:
                network['_id'] = str(network['_id'])
                resp = {'status': 1, 'message': 'Success', 'network': network}
            else:
                resp = {'status': 0, 'message': 'Failed'}
        else:
            resp = {'status': 0, 'message': 'Failed'}

        return resp 

def check_readonly(func):
    """
    Validates that a non-GET method is not invoked when the registry is in read-only mode, unless
    explicitly marked as being allowed.
    """

    @wraps(func)
    def wrapper(*args, **kwargs):
        # Skip if a GET method.
        if request.method == "GET":
            return func(*args, **kwargs)

        # Skip if not in read only mode.
        if app.config.get("REGISTRY_STATE", "normal") != "readonly":
            return func(*args, **kwargs)

        # Skip if readonly access is allowed.
        if hasattr(func, "__readonly_call_allowed"):
            return func(*args, **kwargs)

        raise ReadOnlyModeException()

    return wrapper 

def attach_github_build_trigger(namespace_name, repo_name):
    permission = AdministerRepositoryPermission(namespace_name, repo_name)
    if permission.can():
        code = request.args.get("code")
        token = github_trigger.exchange_code_for_token(app.config, client, code)
        repo = model.repository.get_repository(namespace_name, repo_name)
        if not repo:
            msg = "Invalid repository: %s/%s" % (namespace_name, repo_name)
            abort(404, message=msg)
        elif repo.kind.name != "image":
            abort(501)

        trigger = model.build.create_build_trigger(repo, "github", token, current_user.db_user())
        repo_path = "%s/%s" % (namespace_name, repo_name)
        full_url = url_for("web.buildtrigger", path=repo_path, trigger=trigger.uuid)

        logger.debug("Redirecting to full url: %s", full_url)
        return redirect(full_url)

    abort(403) 

def renderFeedsTagTable(tag, page=1):
	query = g.session.query(db.RssFeedPost)
	# query = query.join(db.Tags)
	query = query.filter(db.RssFeedPost.tags.contains(tag))
	query = query.order_by(desc(db.RssFeedPost.published))

	feeds = query

	if feeds is None:
		flash('No feeds? Something is /probably/ broken!.')
		return redirect(url_for('renderFeedsTable'))

	feed_entries = paginate(feeds, page, app.config['FEED_ITEMS_PER_PAGE'])

	return render_template('rss-pages/feeds.html',
						   subheader = "Tag = '%s'" % tag,
						   sequence_item   = feed_entries,
						   page            = page
						   ) 

def test_perform_indexing(next_token, expected_next_token, initialized_db):
    app.config["SECURITY_SCANNER_V4_NAMESPACE_WHITELIST"] = ["devtable"]
    app.config["SECURITY_SCANNER_V4_ENDPOINT"] = "http://clairv4:6060"

    def secscan_api(*args, **kwargs):
        api = Mock()
        api.state.return_value = {"state": "abc"}
        api.index.return_value = ({"err": None, "state": IndexReportState.Index_Finished}, "abc")

        return api

    def layer_analyzer(*args, **kwargs):
        return Mock()

    with patch("data.secscan_model.secscan_v4_model.ClairSecurityScannerAPI", secscan_api):
        with patch("util.secscan.analyzer.LayerAnalyzer", layer_analyzer):
            secscan_model.configure(app, instance_keys, storage)

            assert secscan_model.perform_indexing(next_token) == expected_next_token 

def renderFeedsTable(page=1):

	feeds = g.session.query(db.RssFeedPost)       \
		.order_by(desc(db.RssFeedPost.published))


	feeds = feeds.options(joinedload('tag_rel'))
	feeds = feeds.options(joinedload('author_rel'))



	if feeds is None:
		flash('No feeds? Something is /probably/ broken!.')
		return redirect(url_for('renderFeedsTable'))

	feed_entries = paginate(feeds, page, app.config['FEED_ITEMS_PER_PAGE'])

	return render_template('rss-pages/feeds.html',
						   subheader = "",
						   sequence_item   = feed_entries,
						   page            = page
						   ) 

def allfile():
    if PCAPS == None:
        flash("请先上传要分析的数据包!")
        return redirect(url_for('upload'))
    else:
        filepath = app.config['FILE_FOLDER'] + 'All/'
        allfiles_dict = all_files(PCAPS, filepath)
        file = request.args.get('file')
        if file in allfiles_dict:
            filename = hashlib.md5(file.encode(
                'UTF-8')).hexdigest() + '.' + file.split('.')[-1]
            os.rename(filepath+file, filepath+filename)
            return send_from_directory(filepath, filename, as_attachment=True)
        else:
            return render_template('./fileextract/allfile.html', allfiles_dict=allfiles_dict)


# ----------------------------------------------错误处理页面--------------------------------------------- 

def ftpfile():
    if PCAPS == None:
        flash("请先上传要分析的数据包!")
        return redirect(url_for('upload'))
    else:
        host_ip = get_host_ip(PCAPS)
        filepath = app.config['FILE_FOLDER'] + 'FTP/'
        ftp_list = ftp_file(PCAPS, host_ip, filepath)
        file_dict = dict()
        for ftp in ftp_list:
            file_dict[os.path.split(ftp['filename'])[-1]] = ftp['filename']
        file = request.args.get('file')
        if file in file_dict:
            filename = hashlib.md5(file.encode(
                'UTF-8')).hexdigest() + '.' + file.split('.')[-1]
            os.rename(filepath+file, filepath+filename)
            return send_from_directory(filepath, filename, as_attachment=True)
        else:
            return render_template('./fileextract/ftpfile.html', ftp_list=ftp_list)

# 所有二进制文件提取 

def webfile():
    if PCAPS == None:
        flash("请先上传要分析的数据包!")
        return redirect(url_for('upload'))
    else:
        host_ip = get_host_ip(PCAPS)
        filepath = app.config['FILE_FOLDER'] + 'Web/'
        web_list = web_file(PCAPS, host_ip, filepath)
        file_dict = dict()
        for web in web_list:
            file_dict[os.path.split(web['filename'])[-1]] = web['filename']
        file = request.args.get('file')
        if file in file_dict:
            filename = hashlib.md5(file.encode(
                'UTF-8')).hexdigest() + '.' + file.split('.')[-1]
            os.rename(filepath+file, filepath+filename)
            return send_from_directory(filepath, filename, as_attachment=True)
        else:
            return render_template('./fileextract/webfile.html', web_list=web_list)

# Mail文件提取 

def test_perform_indexing_whitelist(initialized_db, set_secscan_config):
    app.config["SECURITY_SCANNER_V4_NAMESPACE_WHITELIST"] = ["devtable"]
    expected_manifests = (
        Manifest.select().join(Repository).join(User).where(User.username == "devtable")
    )

    secscan = V4SecurityScanner(app, instance_keys, storage)
    secscan._secscan_api = mock.Mock()
    secscan._secscan_api.state.return_value = {"state": "abc"}
    secscan._secscan_api.index.return_value = (
        {"err": None, "state": IndexReportState.Index_Finished},
        "abc",
    )

    next_token = secscan.perform_indexing()

    assert secscan._secscan_api.index.call_count == expected_manifests.count()
    for mss in ManifestSecurityStatus.select():
        assert mss.repository.namespace_user.username == "devtable"
    assert ManifestSecurityStatus.select().count() == expected_manifests.count()
    assert (
        Manifest.get_by_id(next_token.min_id - 1).repository.namespace_user.username == "devtable"
    ) 

def _sign_derived_image(verb, derived_image, queue_file):
    """
    Read from the queue file and sign the contents which are generated.

    This method runs in a separate process.
    """
    signature = None
    try:
        signature = signer.detached_sign(queue_file)
    except Exception as e:
        logger.exception(
            "Exception when signing %s deriving image %s: $s", verb, derived_image, str(e)
        )
        return

    # Setup the database (since this is a new process) and then disconnect immediately
    # once the operation completes.
    if not queue_file.raised_exception:
        with database.UseThenDisconnect(app.config):
            registry_model.set_derived_image_signature(derived_image, signer.name, signature) 

def _load_project_config_db(self, project_id):
        """
        Utility method to load a project account's config DB

        :param project_id:

        :return: project_config_db connection
        """
        # Finds project db
        project_info = self.get_project_detail(project_id)
        configdb = project_info['project_config_db']

        # Makes a connection to the config db
        project_config_db = self.connection[configdb]

        return project_config_db 

def test_perform_indexing_needs_reindexing(initialized_db, set_secscan_config):
    app.config["SECURITY_SCANNER_V4_NAMESPACE_WHITELIST"] = ["devtable"]
    expected_manifests = (
        Manifest.select().join(Repository).join(User).where(User.username == "devtable")
    )

    secscan = V4SecurityScanner(app, instance_keys, storage)
    secscan._secscan_api = mock.Mock()
    secscan._secscan_api.state.return_value = {"state": "xyz"}
    secscan._secscan_api.index.return_value = (
        {"err": None, "state": IndexReportState.Index_Finished},
        "xyz",
    )

    for manifest in expected_manifests:
        ManifestSecurityStatus.create(
            manifest=manifest,
            repository=manifest.repository,
            error_json={},
            index_status=IndexStatus.COMPLETED,
            indexer_hash="abc",
            indexer_version=IndexerVersion.V4,
            last_indexed=datetime.utcnow()
            - timedelta(seconds=app.config["SECURITY_SCANNER_V4_REINDEX_THRESHOLD"] + 60),
            metadata_json={},
        )

    secscan.perform_indexing()

    assert ManifestSecurityStatus.select().count() == expected_manifests.count()
    for mss in ManifestSecurityStatus.select():
        assert mss.indexer_hash == "xyz" 

def _ssl_cert():
    if app.config["PREFERRED_URL_SCHEME"] == "https":
        return [OVERRIDE_CONFIG_DIRECTORY + f for f in SSL_FILENAMES]

    return None 

def test_perform_indexing_failed(initialized_db, set_secscan_config):
    app.config["SECURITY_SCANNER_V4_NAMESPACE_WHITELIST"] = ["devtable"]
    expected_manifests = (
        Manifest.select().join(Repository).join(User).where(User.username == "devtable")
    )

    secscan = V4SecurityScanner(app, instance_keys, storage)
    secscan._secscan_api = mock.Mock()
    secscan._secscan_api.state.return_value = {"state": "abc"}
    secscan._secscan_api.index.return_value = (
        {"err": None, "state": IndexReportState.Index_Finished},
        "abc",
    )

    for manifest in expected_manifests:
        ManifestSecurityStatus.create(
            manifest=manifest,
            repository=manifest.repository,
            error_json={},
            index_status=IndexStatus.FAILED,
            indexer_hash="abc",
            indexer_version=IndexerVersion.V4,
            last_indexed=datetime.utcnow()
            - timedelta(seconds=app.config["SECURITY_SCANNER_V4_REINDEX_THRESHOLD"] + 60),
            metadata_json={},
        )

    secscan.perform_indexing()

    assert ManifestSecurityStatus.select().count() == expected_manifests.count()
    for mss in ManifestSecurityStatus.select():
        assert mss.index_status == IndexStatus.COMPLETED 

def test_perform_indexing_empty_whitelist(initialized_db, set_secscan_config):
    app.config["SECURITY_SCANNER_V4_NAMESPACE_WHITELIST"] = []
    secscan = V4SecurityScanner(app, instance_keys, storage)
    secscan._secscan_api = mock.Mock()
    secscan._secscan_api.state.return_value = {"state": "abc"}
    secscan._secscan_api.index.return_value = (
        {"err": None, "state": IndexReportState.Index_Finished},
        "abc",
    )

    next_token = secscan.perform_indexing()

    assert secscan._secscan_api.index.call_count == 0
    assert ManifestSecurityStatus.select().count() == 0
    assert next_token.min_id == Manifest.select(fn.Max(Manifest.id)).scalar() + 1 

def _upload_settings():
    """
    Returns the settings for instantiating a blob upload manager.
    """
    expiration_sec = app.config["PUSH_TEMP_TAG_EXPIRATION_SEC"]
    settings = BlobUploadSettings(
        maximum_blob_size=app.config["MAXIMUM_LAYER_SIZE"],
        committed_blob_expiration=expiration_sec,
    )
    return settings 

def _get_scope_regex():
    hostname = re.escape(app.config["SERVER_HOSTNAME"])
    scope_regex_string = SCOPE_REGEX_TEMPLATE.format(hostname)
    return re.compile(scope_regex_string) 

def post(self, namespace_name, repo_name, trigger_uuid):
        """
        Analyze the specified build trigger configuration.
        """
        trigger = get_trigger(trigger_uuid)

        if trigger.repository.namespace_user.username != namespace_name:
            raise NotFound()

        if trigger.repository.name != repo_name:
            raise NotFound()

        new_config_dict = request.get_json()["config"]
        handler = BuildTriggerHandler.get_handler(trigger, new_config_dict)
        server_hostname = app.config["SERVER_HOSTNAME"]
        try:
            trigger_analyzer = TriggerAnalyzer(
                handler,
                namespace_name,
                server_hostname,
                new_config_dict,
                AdministerOrganizationPermission(namespace_name).can(),
            )
            return trigger_analyzer.analyze_trigger()
        except TriggerException as rre:
            return {
                "status": "error",
                "message": "Could not analyze the repository: %s" % rre,
            }
        except NotImplementedError:
            return {
                "status": "notimplemented",
            } 

def set_secscan_config():
    app.config["SECURITY_SCANNER_V4_ENDPOINT"] = "http://clairv4:6060" 

def _upload_chunk(blob_uploader, commit_digest=None):
    """
    Performs uploading of a chunk of data in the current request's stream, via the blob uploader
    given.

    If commit_digest is specified, the upload is committed to a blob once the stream's data has been
    read and stored.
    """
    start_offset, length = _start_offset_and_length(request.headers.get("content-range"))
    if None in {start_offset, length}:
        raise InvalidRequest(message="Invalid range header")

    input_fp = get_input_stream(request)

    try:
        # Upload the data received.
        blob_uploader.upload_chunk(app.config, input_fp, start_offset, length)

        if commit_digest is not None:
            # Commit the upload to a blob.
            return blob_uploader.commit_to_blob(app.config, commit_digest)
    except BlobTooLargeException as ble:
        raise LayerTooLarge(uploaded=ble.uploaded, max_allowed=ble.max_allowed)
    except BlobRangeMismatchException:
        logger.exception("Exception when uploading blob to %s", blob_uploader.blob_upload_id)
        _abort_range_not_satisfiable(
            blob_uploader.blob_upload.byte_count, blob_uploader.blob_upload_id
        )
    except BlobUploadException:
        logger.exception("Exception when uploading blob to %s", blob_uploader.blob_upload_id)
        raise BlobUploadInvalid()