source: MILK/trunk/milk_server/milk_server/lib/ndgInterface.py @ 4535

# Copyright (C) 2007 STFC & NERC (Science and Technology Facilities Council).
# This software may be distributed under the terms of the
# Q Public License, version 1.0 or later.
# http://ndg.nerc.ac.uk/public_docs/QPublic_license.txt
"""
Manages interface to NDG documents and data, including caching 
"""

from cache import Cache
from csml_cache import CSMLExtractCache
import os, logging
from ndgUtils import ndgRetrieve, ndgObject, xmlHandler2
from pylons import request, session

from pylons import g # for handle to access control PEP interface
try:
    from ndg.security.common.authz.pdp import PDPError
    from ndg.security.common.authz.pep import PEPError
except ImportError, e:
    from warnings import warn
    warn(__name__ + ": access control is disabled: %s" % e, RuntimeWarning)

class ndgInterface:
    
    def __init__(self):
        ''' Instantiate with three level cache:
                - a file cache
                - a xmlhandler object cache, and
                - a parsed CSML object cache.'''

        self.CSMLDataCache=CSMLExtractCache(
                request.environ['paste.config']['app_conf']['tmp_dir'],max_size=10)
        self.CSMLDocCache=Cache(max_size=10)
        self.XMLHCache=Cache(max_size=10)
        

    def GetXML(self,uri,outputSchema='', useCache=True):
        ''' 
        This method provides a secure interface to the server
        document cache and a remote NDG exist. It is assumed that
        the local filesystem is protected in that you can't get to
        files except via the CSML api
        @param uri: ndg format uri to locate doc from
        @keyword outputSchema: format to return doc in
        @keyword useCache: check for data in the cache and use this, if set to
        True (the default)   
        '''
        #    Note that this method should not be used to obtain
        #unsecured discovery documents, these are called directly
        #in the retrieve controller!

        logging.info("Getting XML from uri, '%s' (outputschema: '%s')" \
                     %(uri, outputSchema))
        try:
            ndgO=ndgObject(uri)
            localFile=0
        except ValueError:
            ''' It's a local file not an ndg identifier '''
            logging.info("File appears to be local - look for it there...")
            ndgO=uri
            localFile=1
        
        if session and 'ndgCleared' in session:
            cleared=session['ndgCleared']
        else:
            cleared=None
        
        if outputSchema or not useCache:
            #bypass the cache ...
            status,xmlh=ndgRetrieve(ndgO,
                                    request.environ['ndgConfig'],
                                    output=outputSchema,
                                    discovery=g.standalone)
        else:
            try:
                xmlh=self.XMLHCache[uri]
                status=1
                logging.info('XMLH Cache hit for [%s]'%uri)
            except:
                logging.info('XMLH Cache miss for [%s]'%uri)
                if localFile:
                    status,xmlH=self.__getLocal(uri)
                else:    
                    status,xmlh=ndgRetrieve(ndgO,
                                            request.environ['ndgConfig'],
                                            output=outputSchema,
                                            discovery=g.standalone)
                if status: 
                    self.XMLHCache[uri]=xmlh
            
        if not status: return status,xmlh
        
        # convert doc to an XML tree
        xmlh=xmlHandler2.xmlHandler(xmlh,string=1)
        
        # valid values of the return objects SHOULD BE 
        #   ok:         status=1, xmlh=an xml handler instance.
        #   exceptions, status=0, xmlh='Exception(e)'
        
        status,xmlh=self.__gatekeep(ndgO,xmlh)
        if status:
            if cleared is None:
                session['ndgCleared']=[uri]
            else:
                session['ndgCleared'].append(uri)
            session.save()
       
        return status,xmlh
            

    def __gatekeep(self,uri,x):
        ''' This is the NDG gatekeeper '''
        if 'ndgSec' in session:
            securityTokens=session['ndgSec']
        else:
            securityTokens=None

        if not hasattr(g, 'pep'):
            if not g.standalone:
                raise PEPError(\
                "Security is disabled but the standalone flag is set to False")
                
            logging.info("__gatekeep: access control is disabled - standalone " + \
                     "config flag is set")
            
        try:
            # Arguments are: a handle to the resource and a handle to the users
            # security tokens
            g.pep(dict(uri=uri, doc=x), securityTokens, None)
            return True, x
        
        except PDPError, e:
            # Caught a known access control condition
            return False, 'Access Denied for %s %s' % (uri, e)

                
    def __getLocal(self,uri):
        ''' Returns a local csml file (used for testing) '''
        csml_dir = request.environ['paste.config']['app_conf']['csml_dir']
        path = os.path.join(csml_dir, file)
        if os.path.exists(path+'.csml'):
            f = path+'.csml'
        elif os.path.exists(path+'.xml'):
            f = path +'.xml'
        else:
            return 0, '<p>Cannot find CSML file %s</p>' % file
        r=f.read()
        return 1,r     
       


interface=ndgInterface()