Skip to content

Commit

Permalink
Merge pull request tableau#444 from tableau/dev
Browse files Browse the repository at this point in the history
Auth bugs fixes
  • Loading branch information
harold-xi authored Aug 26, 2020
2 parents b526e1a + a45b467 commit 71c790f
Show file tree
Hide file tree
Showing 7 changed files with 98 additions and 8 deletions.
3 changes: 2 additions & 1 deletion CHANGELOG
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Changelog

## v2.1.0
## v2.2.0

### Breaking changes

Expand All @@ -11,6 +11,7 @@

- When TabPy is running with no console attached it is not failing
with 500 when trying to respond with 401 status.
- tabpy.query() failing when auth is configured.

### Improvements

Expand Down
2 changes: 1 addition & 1 deletion tabpy/VERSION
Original file line number Diff line number Diff line change
@@ -1 +1 @@
2.1.0
2.2.0
8 changes: 4 additions & 4 deletions tabpy/tabpy_server/handlers/evaluation_plane_handler.py
Original file line number Diff line number Diff line change
Expand Up @@ -10,18 +10,19 @@


class RestrictedTabPy:
def __init__(self, protocol, port, logger, timeout):
def __init__(self, protocol, port, logger, timeout, headers):
self.protocol = protocol
self.port = port
self.logger = logger
self.timeout = timeout
self.headers = headers

def query(self, name, *args, **kwargs):
url = f"{self.protocol}://localhost:{self.port}/query/{name}"
self.logger.log(logging.DEBUG, f"Querying {url}...")
internal_data = {"data": args or kwargs}
data = json.dumps(internal_data)
headers = {"content-type": "application/json"}
headers = self.headers
response = requests.post(
url=url, data=data, headers=headers, timeout=self.timeout, verify=False
)
Expand Down Expand Up @@ -73,7 +74,6 @@ def _post_impl(self):
"the format _arg1, _arg2, _argN",
)
return

function_to_evaluate = f"def _user_script(tabpy{arguments_str}):\n"
for u in user_code.splitlines():
function_to_evaluate += " " + u + "\n"
Expand Down Expand Up @@ -126,7 +126,7 @@ def post(self):
@gen.coroutine
def _call_subprocess(self, function_to_evaluate, arguments):
restricted_tabpy = RestrictedTabPy(
self.protocol, self.port, self.logger, self.eval_timeout
self.protocol, self.port, self.logger, self.eval_timeout, self.request.headers
)
# Exec does not run the function, so it does not block.
exec(function_to_evaluate, globals())
Expand Down
1 change: 0 additions & 1 deletion tabpy/tabpy_server/handlers/util.py
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@ class AuthErrorStates(Enum):
NotAuthorized = auto()
NotRequired = auto()


def hash_password(username, pwd):
"""
Hashes password using PKDBF2 method:
Expand Down
57 changes: 57 additions & 0 deletions tests/integration/resources/deploy_and_evaluate_model_auth.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
[TabPy]
# TABPY_QUERY_OBJECT_PATH = /tmp/query_objects
TABPY_PORT = 9009
# TABPY_STATE_PATH = ./tabpy/tabpy_server

# Where static pages live
# TABPY_STATIC_PATH = ./tabpy/tabpy_server/static

# For how to configure TabPy authentication read
# Authentication section in docs/server-config.md.
TABPY_PWD_FILE = ./tests/integration/resources/pwdfile.txt

# To set up secure TabPy uncomment and modify the following lines.
# Note only PEM-encoded x509 certificates are supported.
# TABPY_TRANSFER_PROTOCOL = https
# TABPY_CERTIFICATE_FILE = path/to/certificate/file.crt
# TABPY_KEY_FILE = path/to/key/file.key

# Log additional request details including caller IP, full URL, client
# end user info if provided.
# TABPY_LOG_DETAILS = true

# Configure how long a custom script provided to the /evaluate method
# will run before throwing a TimeoutError.
# The value should be a float representing the timeout time in seconds.
#TABPY_EVALUATE_TIMEOUT = 30

[loggers]
keys=root

[handlers]
keys=rootHandler,rotatingFileHandler

[formatters]
keys=rootFormatter

[logger_root]
level=DEBUG
handlers=rootHandler,rotatingFileHandler
qualname=root
propagete=0

[handler_rootHandler]
class=StreamHandler
level=DEBUG
formatter=rootFormatter
args=(sys.stdout,)

[handler_rotatingFileHandler]
class=handlers.RotatingFileHandler
level=DEBUG
formatter=rootFormatter
args=('tabpy_log.log', 'a', 1000000, 5)

[formatter_rootFormatter]
format=%(asctime)s [%(levelname)s] (%(filename)s:%(module)s:%(lineno)d): %(message)s
datefmt=%Y-%m-%d,%H:%M:%S
34 changes: 34 additions & 0 deletions tests/integration/test_deploy_and_evaluate_model_auth_on.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
from . import integ_test_base


class TestDeployAndEvaluateModelAuthOn(integ_test_base.IntegTestBase):
def _get_config_file_name(self) -> str:
return "./tests/integration/resources/deploy_and_evaluate_model_auth.conf"

def _get_port(self) -> str:
return "9009"

def test_deploy_and_evaluate_model(self):
# Uncomment the following line to preserve
# test case output and other files (config, state, ect.)
# in system temp folder.
# self.set_delete_temp_folder(False)

self.deploy_models(self._get_username(), self._get_password())

headers = {
"Content-Type": "application/json",
"Authorization": "Basic dXNlcjE6UEBzc3cwcmQ=",
"Host": "localhost:9009",
}
payload = """{
"data": { "_arg1": ["happy", "sad", "neutral"] },
"script":
"return tabpy.query('Sentiment Analysis',_arg1)['response']"
}"""

conn = self._get_connection()
conn.request("POST", "/evaluate", payload, headers)
SentimentAnalysis_eval = conn.getresponse()
self.assertEqual(200, SentimentAnalysis_eval.status)
SentimentAnalysis_eval.read()
1 change: 0 additions & 1 deletion tests/unit/server_tests/test_endpoint_handler.py
Original file line number Diff line number Diff line change
Expand Up @@ -162,4 +162,3 @@ def test_creds_no_auth_fails(self):
},
)
self.assertEqual(400, response.code)

0 comments on commit 71c790f

Please sign in to comment.