From 2232240a58169159f1ce1f0953a363f6331aa2bf Mon Sep 17 00:00:00 2001 From: robo-bo Date: Wed, 31 Aug 2022 14:57:24 +0300 Subject: [PATCH] server vulm improovements --- Sources/pyOpenRPA/Orchestrator/Server.py | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/Sources/pyOpenRPA/Orchestrator/Server.py b/Sources/pyOpenRPA/Orchestrator/Server.py index b034d71d..f902a876 100644 --- a/Sources/pyOpenRPA/Orchestrator/Server.py +++ b/Sources/pyOpenRPA/Orchestrator/Server.py @@ -83,6 +83,7 @@ def AuthenticateVerify(inRequest): ###################################### #Way 1 - try to find AuthToken lCookies = cookies.SimpleCookie(inRequest.headers.get("Cookie", "")) + global gSettingsDict #pdb.set_trace() if "AuthToken" in lCookies: lCookieAuthToken = lCookies.get("AuthToken", "").value @@ -148,6 +149,7 @@ def AuthenticateBlock(inRequest): def UserAccessCheckBefore(inMethod, inRequest): # Help def - Get access flag from dict #pdb.set_trace() + global gSettingsDict def HelpGetFlag(inAccessRuleItem, inRequest, inGlobalDict, inAuthenticateDict): if "FlagAccess" in inAccessRuleItem: return inAccessRuleItem["FlagAccess"] @@ -262,6 +264,7 @@ class testHTTPServer_RequestHandler(BaseHTTPRequestHandler): # Def to get hierarchy of the current user roles # if return {} - all is available def UserRoleHierarchyGet(self): + global gSettingsDict lDomainUpperStr = self.OpenRPA["Domain"].upper() lUserUpperStr = self.OpenRPA["User"].upper() return gSettingsDict.get("ServerDict", {}).get("AccessUsers", {}).get("RuleDomainUserDict", {}).get((lDomainUpperStr, lUserUpperStr), {}).get("RoleHierarchyAllowedDict", {}) @@ -269,6 +272,7 @@ class testHTTPServer_RequestHandler(BaseHTTPRequestHandler): #Tech def #return {"headers":[],"body":"","statuscode":111} def URLItemCheckDo(self, inURLItem, inMethod, inOnlyFlagUACBool = False): + global gSettingsDict ############################### #Tech sub def - do item ################################ @@ -427,6 +431,8 @@ class testHTTPServer_RequestHandler(BaseHTTPRequestHandler): def do_GET(self): try: + global gSettingsDict + self.settimeout(gSettingsDict["ServerDict"]["RequestTimeoutSecFloat"]) threading.current_thread().request = self self.OpenRPA = {} self.OpenRPA["AuthToken"] = None @@ -515,6 +521,8 @@ class testHTTPServer_RequestHandler(BaseHTTPRequestHandler): # POST def do_POST(self): try: + global gSettingsDict + self.settimeout(gSettingsDict["ServerDict"]["RequestTimeoutSecFloat"]) threading.current_thread().request = self lL = gSettingsDict["Logger"] self.OpenRPA = {} @@ -629,7 +637,6 @@ class ThreadedHTTPServer(ThreadingMixIn, HTTPServer): """Handle requests in a separate thread.""" def finish_request(self, request, client_address): try: - request.settimeout(gSettingsDict["ServerDict"]["RequestTimeoutSecFloat"]) # "super" can not be used because BaseServer is not created from object HTTPServer.finish_request(self, request, client_address) except ConnectionResetError as e: @@ -649,6 +656,7 @@ class RobotDaemonServer(Thread): # Update the global dict ServerSettings.SettingsUpdate(inGlobalDict) def run(self): + global gSettingsDict lL = gSettingsDict.get("Logger",None) try: lServerDict = gSettingsDict["ServerDict"]["ListenDict"][self.name]