server vulm improovements

2 years ago · 2232240a58
parent 0a9a62087d
commit 2232240a58
1 changed files with 9 additions and 1 deletions
--- a/Sources/pyOpenRPA/Orchestrator/Server.py
+++ b/Sources/pyOpenRPA/Orchestrator/Server.py
@ -83,6 +83,7 @@ def AuthenticateVerify(inRequest):
    ######################################
    #Way 1 - try to find AuthToken
    lCookies = cookies.SimpleCookie(inRequest.headers.get("Cookie", ""))
    global gSettingsDict
    #pdb.set_trace()
    if "AuthToken" in lCookies:
        lCookieAuthToken = lCookies.get("AuthToken", "").value
@ -148,6 +149,7 @@ def AuthenticateBlock(inRequest):
 def UserAccessCheckBefore(inMethod, inRequest):
    # Help def - Get access flag from dict
    #pdb.set_trace()
    global gSettingsDict
    def HelpGetFlag(inAccessRuleItem, inRequest, inGlobalDict, inAuthenticateDict):
        if "FlagAccess" in inAccessRuleItem:
            return inAccessRuleItem["FlagAccess"]
@ -262,6 +264,7 @@ class testHTTPServer_RequestHandler(BaseHTTPRequestHandler):
    # Def to get hierarchy of the current user roles
    # if return {} - all is available
    def UserRoleHierarchyGet(self):
        global gSettingsDict
        lDomainUpperStr = self.OpenRPA["Domain"].upper()
        lUserUpperStr = self.OpenRPA["User"].upper()
        return gSettingsDict.get("ServerDict", {}).get("AccessUsers", {}).get("RuleDomainUserDict", {}).get((lDomainUpperStr, lUserUpperStr), {}).get("RoleHierarchyAllowedDict", {})
@ -269,6 +272,7 @@ class testHTTPServer_RequestHandler(BaseHTTPRequestHandler):
    #Tech def
    #return {"headers":[],"body":"","statuscode":111}
    def URLItemCheckDo(self, inURLItem, inMethod, inOnlyFlagUACBool = False):
        global gSettingsDict
        ###############################
        #Tech sub def - do item
        ################################
@ -427,6 +431,8 @@ class testHTTPServer_RequestHandler(BaseHTTPRequestHandler):
    def do_GET(self):
        try:
            global gSettingsDict
            self.settimeout(gSettingsDict["ServerDict"]["RequestTimeoutSecFloat"])
            threading.current_thread().request = self
            self.OpenRPA = {}
            self.OpenRPA["AuthToken"] = None
@ -515,6 +521,8 @@ class testHTTPServer_RequestHandler(BaseHTTPRequestHandler):
    # POST
    def do_POST(self):
        try:
            global gSettingsDict
            self.settimeout(gSettingsDict["ServerDict"]["RequestTimeoutSecFloat"])
            threading.current_thread().request = self
            lL = gSettingsDict["Logger"]
            self.OpenRPA = {}
@ -629,7 +637,6 @@ class ThreadedHTTPServer(ThreadingMixIn, HTTPServer):
    """Handle requests in a separate thread."""
    def finish_request(self, request, client_address):
        try:
            request.settimeout(gSettingsDict["ServerDict"]["RequestTimeoutSecFloat"])
            # "super" can not be used because BaseServer is not created from object
            HTTPServer.finish_request(self, request, client_address)
        except ConnectionResetError as e:
@ -649,6 +656,7 @@ class RobotDaemonServer(Thread):
        # Update the global dict
        ServerSettings.SettingsUpdate(inGlobalDict)
    def run(self):
        global gSettingsDict
        lL = gSettingsDict.get("Logger",None)
        try:
            lServerDict = gSettingsDict["ServerDict"]["ListenDict"][self.name]