forked from pulp/pulp_container
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
ref #9500 Required PR: pulp/pulpcore#1751
- Loading branch information
Showing
12 changed files
with
412 additions
and
97 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Enabled caching responses from the registry. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,125 @@ | ||
from aiohttp.web_exceptions import HTTPForbidden | ||
|
||
from pulpcore.plugin.cache import CacheKeys, ContentCache, SyncContentCache | ||
|
||
from pulp_container.app.models import ContainerDistribution | ||
|
||
ACCEPT_HEADER_KEY = "accept_header" | ||
|
||
|
||
class RegistryCache: | ||
"""A class that overrides the default key specs.""" | ||
|
||
def __init__(self, base_key=None, expires_ttl=None, auth=None): | ||
"""Initialize the parent class with the plugin's specific keys.""" | ||
updated_keys = (CacheKeys.path, CacheKeys.method, ACCEPT_HEADER_KEY) | ||
super().__init__(base_key=base_key, expires_ttl=expires_ttl, keys=updated_keys, auth=auth) | ||
|
||
|
||
class RegistryContentCache(RegistryCache, ContentCache): | ||
"""A wrapper around the Redis content cache handler tailored for the content application.""" | ||
|
||
def make_key(self, request): | ||
"""Make a key composed of the request's path, method, host, and accept header.""" | ||
all_keys = { | ||
CacheKeys.path: request.path, | ||
CacheKeys.method: request.method, | ||
CacheKeys.host: request.url.host, | ||
ACCEPT_HEADER_KEY: request.headers["accept"], | ||
} | ||
key = ":".join(all_keys[k] for k in self.keys) | ||
return key | ||
|
||
|
||
class RegistryApiCache(RegistryCache, SyncContentCache): | ||
"""A wrapper around the Redis content cache handler tailored for the registry API.""" | ||
|
||
def make_key(self, request): | ||
"""Make a key composed of the request's path, method, host, and accept header.""" | ||
all_keys = { | ||
CacheKeys.path: request.path, | ||
CacheKeys.method: request.method, | ||
CacheKeys.host: request.get_host(), | ||
ACCEPT_HEADER_KEY: request.headers["accept"], | ||
} | ||
key = ":".join(all_keys[k] for k in self.keys) | ||
return key | ||
|
||
|
||
def auth_cached(request, cached, base_key): | ||
""" | ||
Authentication check for the cached stream_content handler | ||
Args: | ||
request (:class:`aiohttp.web.request`): The request from the client. | ||
cached (:class:`CacheAiohttp`): The Pulp cache | ||
base_key (str): The base_key associated with this response | ||
""" | ||
guard_key = "DISTRO#GUARD#PRESENT" | ||
present = cached.get(guard_key, base_key=base_key) | ||
if present == b"True" or present is None: | ||
path = request.resolver_match.kwargs["path"] | ||
distro = ContainerDistribution.objects.select_related( | ||
"repository", "repository_version", "publication", "remote" | ||
).get(base_path=path) | ||
try: | ||
guard = _permit(request, distro) | ||
except HTTPForbidden: | ||
guard = True | ||
raise | ||
finally: | ||
if not present: | ||
cached.set(guard_key, str(guard), base_key=base_key) | ||
|
||
|
||
def _permit(request, distribution): | ||
""" | ||
Permit the request. | ||
Authorization is delegated to the optional content-guard associated with the distribution. | ||
Args: | ||
request (:class:`aiohttp.web.Request`): A request for a published file. | ||
distribution (detail of :class:`pulpcore.plugin.models.Distribution`): The matched | ||
distribution. | ||
Raises: | ||
:class:`aiohttp.web_exceptions.HTTPForbidden`: When not permitted. | ||
""" | ||
guard = distribution.content_guard | ||
if not guard: | ||
return False | ||
try: | ||
guard.cast().permit(request) | ||
except PermissionError as pe: | ||
raise HTTPForbidden(reason=str(pe)) | ||
return True | ||
|
||
|
||
def find_base_path_cached(request, cached): | ||
""" | ||
Finds the base-path to use for the base-key in the cache | ||
Args: | ||
request (:class:`aiohttp.web.request`): The request from the client. | ||
cached (:class:`CacheAiohttp`): The Pulp cache | ||
Returns: | ||
str: The base-path associated with this request | ||
""" | ||
path = request.resolver_match.kwargs["path"] | ||
base_paths = [path] | ||
multiplied_base_paths = [] | ||
for i, base_path in enumerate(base_paths): | ||
copied_by_index_base_path = [base_path for _ in range(i + 1)] | ||
multiplied_base_paths.extend(copied_by_index_base_path) | ||
index_p1 = cached.exists(base_key=multiplied_base_paths) | ||
if index_p1: | ||
return base_paths[index_p1 - 1] | ||
else: | ||
distro = ContainerDistribution.objects.select_related( | ||
"repository", "repository_version", "publication", "remote" | ||
).get(base_path=path) | ||
return distro.base_path |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.