request.is_xhr problem
Hi!
Encoutered a problem: when submitting a file upload form via AJAX (by
means of jquery.form plugin, it uses iframe/ technique when a input
type=file / is in the form) analysing request.is_xhr is always
gives False.
Googling has brought me
http://www.ender.com/2008/04/jquery-the-jquery-form-plugin.html
In short, iframe / technique used doesn't set HTTP_X_REQUESTED_WITH
request header which is the only indicator for request.is_xhr that a
request was the AJAX one. However, if file field is being submitted,
request.environ contains a FieldStrorage, like:
...
webob._parsed_post_vars (MultiDict([('Image--image', FieldStorage
('Image--image', 'sss.zip'))])
...
So how can I _reliably_ detect AJAX request? Does it make sense to
update request.is_xhr logic in Paste package itself?
TIA,
--
Vladimir
--
You received this message because you are subscribed to the Google Groups
pylons-discuss group.
To post to this group, send email to pylons-disc...@googlegroups.com.
To unsubscribe from this group, send email to
pylons-discuss+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en.
Re: prefixmiddleware behind proxy generates correct h.url's, but redirect's dont keep 'https'
Hi, Just in case anyone else runs into this, the proxy must forward the variable X_FORWARDED_PROTO, and not, as a few other posts i found suggest: X_FORWARDED_PROTOCOL. So for nginx use in your location section where you are proxying: proxy_set_header X_FORWARDED_PROTO $scheme; Cheers, Damian On Jan 29, 5:28 pm, Damian damiandimm...@gmail.com wrote: Hi, I'm just moving my webapp which runs in apache/mod_wsgi behind an nginx proxy. I've set it up to use the prefixmiddleware and all the https url_for'ed url's generate as expected. Unfortunately this doesn't seem to be the case for redirect_to urls, as these send me to the http, not the https url.. Am I missing something? Cheers, Damian -- You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-disc...@googlegroups.com. To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
Re: Big file upload progress bar
Try upgrading Pylons to development version, Enrico. I've modified a lot of files to reflect your changes, but in your site you say that gp.fileupload can be used without modifying your application So I want to start again with a fresh paster project, what is the minimum configuration to use your module? I want to use it in a production application, so I don't want to use a development version of Pylons. Thanks for your time -- You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-disc...@googlegroups.com. To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
Re: Big file upload progress bar
Try upgrading Pylons to development version, Enrico. I've modified a lot of files to reflect your changes, but in your site you say that gp.fileupload can be used without modifying your application So I want to start again with a fresh paster project, what is the minimum configuration to use your module? I want to use it in a production application, so I don't want to use a development version of Pylons. I'm not in charge in gp.fileupload, Gael is. But you had error: AttributeError: No configuration has been registered for this process or thread and I know it is fixed by upgrading pylons. -- Vladimir -- You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-disc...@googlegroups.com. To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
Re: request.is_xhr problem
On 02/01/2010 11:15 AM, Vladimir Dronnikov wrote:
Hi!
Encoutered a problem: when submitting a file upload form via AJAX (by
means of jquery.form plugin, it uses iframe/ technique when a input
type=file / is in the form) analysing request.is_xhr is always
gives False.
Googling has brought me
http://www.ender.com/2008/04/jquery-the-jquery-form-plugin.html
In short, iframe / technique used doesn't set HTTP_X_REQUESTED_WITH
request header which is the only indicator for request.is_xhr that a
request was the AJAX one. However, if file field is being submitted,
request.environ contains a FieldStrorage, like:
...
webob._parsed_post_vars (MultiDict([('Image--image', FieldStorage
('Image--image', 'sss.zip'))])
...
So how can I _reliably_ detect AJAX request? Does it make sense to
update request.is_xhr logic in Paste package itself?
TIA,
--
Vladimir
The iframe file upload technique is the only one available because you
can't push files through xhr. So technically that isn't an XHR request.
So I suppose you want to mark such uploads as being asynchronous to
the page their iframes originate within?
Vlad
--
You received this message because you are subscribed to the Google Groups
pylons-discuss group.
To post to this group, send email to pylons-disc...@googlegroups.com.
To unsubscribe from this group, send email to
pylons-discuss+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en.
Re: request.is_xhr problem
The iframe file upload technique is the only one available because you can't push files through xhr. So technically that isn't an XHR request. So I suppose you want to mark such uploads as being asynchronous to the page their iframes originate within? Yep. And want it be consistent and standard thru all the code. We could thoroughly choose a POST variable name and make request object respect it. I vote for _ajax (similar to _method). -- Vladimir -- You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-disc...@googlegroups.com. To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
Re: request.is_xhr problem
On 02/01/2010 06:25 PM, Vladimir Dronnikov wrote: The iframe file upload technique is the only one available because you can't push files through xhr. So technically that isn't an XHR request. So I suppose you want to mark such uploads as being asynchronous to the page their iframes originate within? Yep. And want it be consistent and standard thru all the code. We could thoroughly choose a POST variable name and make request object respect it. I vote for _ajax (similar to _method). -- Vladimir I see what you mean. But isn't the actual header dependent on the JS library used? I suppose most of the major ones send the same one (HTTP_X_REQUESTED_WITH). Perhaps the surogate var should be _x_requested_with? Just a thought, because ajax is so... well, lame. I, for one, never use AJAX but AJAJ. :))) Curious, though. Why do you need to know when the request came from xhr or async upload form? Vlad -- You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-disc...@googlegroups.com. To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
Re: request.is_xhr problem
_x_requested_with? Just a thought, because ajax is so... well, lame. Don't mind. Curious, though. Why do you need to know when the request came from xhr or async upload form? My templates behave differently depending on which way they were requested. If requested in vanilla way, they should serve complete HTML markup. If requested via AJAX\c\c\c\c:) _x_requested_with, they should serve just bare contents. That is evident part. Now quirky one. I load a bare form into jquery-ui dialog() and setup the form be ajaxSubmit()ted. User submits the form and if the request was OK, controller serves an empty string and I close the dialog. If request is not OK, controller serves the content (with errors) of validating form, I see the answer is not an empty string and reload that content back to the dialog for further editing. This method degrades gracefully for javascript-less clients to just plain pages (of complete HTML markup). So to know how the form was submitted is critical here. This can be easily done analysing request.is_xhr property. This technique has been working well until the forms start to contain upload fields. I pull the initial content of the form into the dialog well, but upon receiving the request, the controller goes to wrong branch (since request.is_xhr is False) and serves complete markup instead of empty string. I'm pretty sure people exist facing the same problem. Thus the post. -- Vladimir -- You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-disc...@googlegroups.com. To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
Re: request.is_xhr problem
On 02/01/2010 07:15 PM, Vladimir Dronnikov wrote: My templates behave differently depending on which way they were requested. If requested in vanilla way, they should serve complete HTML markup. If requested via AJAX\c\c\c\c:) _x_requested_with, they should serve just bare contents. That is evident part. Now quirky one. I load a bare form into jquery-ui dialog() and setup the form be ajaxSubmit()ted. User submits the form and if the request was OK, controller serves an empty string and I close the dialog. If request is not OK, controller serves the content (with errors) of validating form, I see the answer is not an empty string and reload that content back to the dialog for further editing. This method degrades gracefully for javascript-less clients to just plain pages (of complete HTML markup). So to know how the form was submitted is critical here. This can be easily done analysing request.is_xhr property. This technique has been working well until the forms start to contain upload fields. I pull the initial content of the form into the dialog well, but upon receiving the request, the controller goes to wrong branch (since request.is_xhr is False) and serves complete markup instead of empty string. I'm pretty sure people exist facing the same problem. Thus the post. -- Vladimir I understand your problem. I don't know how and if you can modify jQuery (I use it only for the effects), but I solve that problem by sending proper Accept header. If it is application/json, the controller returns json data. If it contains text/html (which will also be the case for plain requests with no JS), it returns templated HTML. I also solve errors with http status codes, and the JS (xhr) client that received the response will only show the content if it is text/plain, in order to avoid inserting entire formatted HTML page into the div that shows action results. Vlad -- You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-disc...@googlegroups.com. To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
Re: request.is_xhr problem
I understand your problem. I don't know how and if you can modify jQuery (I use it only for the effects), but I solve that problem by sending proper Accept header. If it is application/json, the controller returns json data. If it contains text/html (which will also be the case for plain requests with no JS), it returns templated HTML. I also solve errors with http status codes, and the JS (xhr) client that received the response will only show the content if it is text/plain, in order to avoid inserting entire formatted HTML page into the div that shows action results. The problem is that I receive (and hence can analyse) only text, not XMLHTTPRequest object. So no status code and no means to determine what I've got: JSON or XML or XHTML. That is drawback of jquery.form plugin I'm using. -- Vladimir Vlad -- You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-disc...@googlegroups.com. To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en. -- You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-disc...@googlegroups.com. To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
Re: Do your models handle all the data logic?
On 01/31/2010 09:07 PM, Mike Orr wrote: There are several philosophies on this. MVC has strayed far from its original meaning, and there are several equally valid interpretations of it. Yeah, I just wasn't sure of the best practice in Pylons. The examples seem to use the models as pure ORM maps, with minor exception like the QuickWiki tutorial and the formatting method added to the model. I prefer a medium model. I have class methods in my ORM objects for all the logical collections of records my app requires. So one method to iterate the recent records for the home page. Another to do a search. Another to iterate all reacords, But I don't resolve queries into lists. I return the query object so that the controller or template can iterate it, get a record count, etc. Your approach is very much like mine, with the exception that it is Pylons/SQLAlchemy specific with returning the query object. Good idea because my current practice is to return arrays of model classes (PDO's FETCH_CLASS mode), so that the controller can call individual methods on rows of classes if needed. The only drawback to this is separating full vs. limited data, for example if you needed only some fields that make sense in the list, so the method returning these takes a list class fields to load, aside to limit and offset of the rows. Complicated, but imho provides best separation of concerns and with that offers a good level of DRY. Also, good number of row retrievals requires a hierarchical list, so I have a helper class that constructs multilevel arrays (which would be dictionaries in Pylons), and linear arrays with appended field that designates its level in otherwise hierarchical list. This is particularly useful when using same set of rows to construct: - tables (pure list of rows) - Navigational constructs (hierarchical dictionaries) - SELECT html elements with '--' added for the number of levels it is nested in the tree. But for all that I need the class methods (static methods in PHP) to always return same format of data. Be it classes of models in question or dictionaries. There are a few people who have been pushing most of their logic into PostgreSQL stored procedures and triggers, and using its roles to enforce permissions. Aruynn Shaw has done the most work on this that I've seen, but last I looked it hadn't gotten onto PyPI and was hard to find. This looks like the best link: https://projects.commandprompt.com/public/ I like to push only data related logic into stored procedures and triggers. If nothing then for one reason: tampering with pure SQL will have same result as if the application interface was used, otherwise one risks corrupting the data. Especially if more than one administrator is involved. I also toyed with having no queries at all in the application except simple calls to stored procedures that deal with the data. This approach for example would turn models into nothing more than simple ORM maps, with a few extra methods that directly call stored procedures. I understand that this might lose the benefit of a certain level of caching that occurs within SQLAlchemy... - Exceptable: convert PostgreSQL exceptions to Python exceptions. Thanks, I'll be needing this! - Simpycity: a Python db layer for calling PostgreSQL stored procedures. (Not compatible with SQLAlchemy.) I'll take a look. - VerticallyChallenged: authorization via database roles, with Repoze.who for authentication. (This one doesn't seem to be online yet.) Other than for DB administration, I don't see the point in this. :) But, oh, well... That's what Exceptable is for. I think it could be made more pythonic, but I haven't had a need for it myself so I haven't had an incentive to How else are SQL errors raised in Python, then? I suppose it is driver specific? Thanks, Vlad -- You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-disc...@googlegroups.com. To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
Re: Do your models handle all the data logic?
On 01/31/2010 06:16 PM, Wyatt Baldwin wrote: This is the approach I use. My thinking is that the model should be separate from any user interface or application. I view a Pylons app as a (thin) layer that adapts a model (and perhaps services) to the Web (as a UI or Web services). As such, I usually implement the model in a separate Python package. Precisely. But it also cuts down the code required, especially if complex apps where more than one controller would like same operation on a model. Nitpicky style point: the prevalent style for function/method names in Python is load_by_id. See PEP 8. Yup, I've read the style guidelines, I just used the method names that I currently use in PHP. Thanks, though! Vlad -- You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-disc...@googlegroups.com. To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
Re: Do your models handle all the data logic?
On Mon, Feb 1, 2010 at 11:30 AM, Haron Media i...@haronmedia.com wrote:
Also, good number of row retrievals requires a hierarchical list, so I
have a helper class that constructs multilevel arrays (which would be
dictionaries in Pylons),
Oh, I do this too. If the controller really wants a dict or
hierarchical structure or scalar result rather than an iterable of ORM
instances, I calculate that and return it.
I like to push only data related logic into stored procedures and
triggers. If nothing then for one reason: tampering with pure SQL will
have same result as if the application interface was used, otherwise one
risks corrupting the data. Especially if more than one administrator is
involved.
Well, they believe strongly in PostgreSQL and use its unique features
(which means the applications aren't portable to other SQLAlchemy
databases). The argument is that you get a lot of efficiency, data
integrity guarantees, and security if you push logic to the lowest
database level. So that you won't ever have another client
accessing/writing it in an inconsistent way. Plus it's neutral to
client programming languages.
I also toyed with having no queries at all in the application except
simple calls to stored procedures that deal with the data. This approach
for example would turn models into nothing more than simple ORM maps,
with a few extra methods that directly call stored procedures. I
understand that this might lose the benefit of a certain level of
caching that occurs within SQLAlchemy...
The SQLAlchemy session caches mapped records in case you ask for them
again. I'm not sure that matters much in a Pylons application. The
session is cleared after every request, and how often do you make
repeated calls for the same record within a request? You have the
record in a variable, why do you need to fetch it again?
Postgres functions can return ad hoc rows or tables, so you'd have
to have a lot of ORM classes if you wanted to map all those. Either
that or just use the raw ResultProxy.
- Exceptable: convert PostgreSQL exceptions to Python exceptions.
Thanks, I'll be needing this!
It does what you said your code does: it catches general Postgres
exceptions and parses the message to raise a specific Python
exception.
- VerticallyChallenged: authorization via database roles, with
Repoze.who for authentication. (This one doesn't seem to be online
yet.)
Other than for DB administration, I don't see the point in this. :)
The argument is that Postgres' built-in authorization is better tested
than anything you can write on your own. Plus, by protecting the data
at the lowest database level, you can be sure that no Python or other
utility can bypass your security policy.
The downside is that it's meant for a limited number of Postgres
users, and is not attuned to a web application that may create dozens
of users in a week. So it only works if you can map your web users
into a few pre-specified database users. You would also have to log
into the database with the highest-permission user and then switch
down using a SQL statement, similar to Unix 'su'. But I'm not sure how
you'd go up in privilege again in another request (if you're reusing
the same connection).
The other thing is it doesn't have row-based permissions, only
table-based. Unless it was added in PostgreSQL 8.4. Although I suppose
you can mimic row-based permissions in a stored procedure.
The other issue is how to get all your stored procedures into the
database. The solution seems to be text SQL files in your version
control system.
How else are SQL errors raised in Python, then? I suppose it is driver
specific?
I did a few tests with MySQL (I'm not using Postgres myself yet) and got:
sqlalchemy.exc.ProgrammingError # SQL syntax
sqlalchemy.exc.IntegrityError# Duplicate primary key
OperationalError: (OperationalError) (1048, Column 'name' cannot be null)
# I can't tell who raised this exception.
InvalidRequestError: The transaction is inactive due to a rollback in
a subtransaction. Issue rollback() to cancel the transaction.
# This was the primary error raised when the previous
# occurred during a session.commit().
FlushError: New instance User at 0xa65b5ac with identity key (class
'rlink.model.auth.User', ('mike@example.com',)) conflicts with
persistent instance User at 0xa749e6c
# Raised during another session.commit()
So it looks like all of them except maybe the third are generic
SQLAlchemy exceptions.
--
Mike Orr sluggos...@gmail.com
--
You received this message because you are subscribed to the Google Groups
pylons-discuss group.
To post to this group, send email to pylons-disc...@googlegroups.com.
To unsubscribe from this group, send email to
pylons-discuss+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en.
Re: request.is_xhr problem
W liście Vladimir Dronnikov z dnia poniedziałek 01 lutego 2010: The iframe file upload technique is the only one available because you can't push files through xhr. So technically that isn't an XHR request. So I suppose you want to mark such uploads as being asynchronous to the page their iframes originate within? Yep. And want it be consistent and standard thru all the code. We could thoroughly choose a POST variable name and make request object respect it. I vote for _ajax (similar to _method). Security risk. For is_xhr requests you can disable CSRF checks, as there is no known way of sending a cross-site forged request with this header set. But it's trivial to spoof one more field. -- Paweł Stradomski -- You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-disc...@googlegroups.com. To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
Re: request.is_xhr problem
Security risk. For is_xhr requests you can disable CSRF checks, as there is no known way of sending a cross-site forged request with this header set. But it's trivial to spoof one more field. Is there a way to fix the issue? I can't believe it's _intended_ that one can't upload files via XMLHTTPRequest. -- Vladimir -- You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-disc...@googlegroups.com. To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
Re: request.is_xhr problem
W liście Vladimir Dronnikov z dnia poniedziałek 01 lutego 2010: Security risk. For is_xhr requests you can disable CSRF checks, as there is no known way of sending a cross-site forged request with this header set. But it's trivial to spoof one more field. Is there a way to fix the issue? I can't believe it's _intended_ that one can't upload files via XMLHTTPRequest. Use latest browsers only: http://hacks.mozilla.org/2009/12/uploading-files- with-xmlhttprequest/ So, for 99% of us - no, there is no way (not with XMLHTTPRequest - you can use eg. flash, or iframes, as you are doing now). Alas, if you do perform CSRF checks anyway, you can still use hidden field method, as you suggested. -- Paweł Stradomski -- You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-disc...@googlegroups.com. To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
Re: Do your models handle all the data logic?
There are a few people who have been pushing most of their logic into PostgreSQL stored procedures and triggers, and using its roles to enforce permissions. Aruynn Shaw has done the most work on this that I've seen, but last I looked it hadn't gotten onto PyPI and was hard to find. This looks like the best link: https://projects.commandprompt.com/public/ - Exceptable: convert PostgreSQL exceptions to Python exceptions. - Simpycity: a Python db layer for calling PostgreSQL stored procedures. (Not compatible with SQLAlchemy.) - VerticallyChallenged: authorization via database roles, with Repoze.who for authentication. (This one doesn't seem to be online yet.) The links are, in order: https://projects.commandprompt.com/public/exceptable/ https://projects.commandprompt.com/public/simpycity/ https://projects.commandprompt.com/public/verticallychallenged/ VC I haven't updated the wiki/written docs for yet.. but it's coming. :) The repo can be viewed https://projects.commandprompt.com/public/verticallychallenged/repo/ If you want to use these and reach a dead end, let me know and I can put you in touch with Aurynn. Maybe that will help prod her to make PyPI releases. :) I *am* trying on this, I ran into a bug with my setup.py not pulling in the required SQL files. :( The problem with that is that the DB engine throws a generic Constraint Violation from which I have to extract constraint name, and produce a meaningful message to the user, like Name already exists, please try another. Therefore I catch generic SQL exceptions in the model save() method, and re-throw custom exceptions made for the model like, for example, NameDuplicateError, or EmailDuplicateError, etc... so the controller can catch these and send back proper message, or alter the form to highlight fields in question. That's what Exceptable is for. I think it could be made more pythonic, but I haven't had a need for it myself so I haven't had an incentive to. Yes, this is exactly the problem that Exceptable is designed to solve. If you can give me an exact example of the constraint error, I can add a check into Exceptable proper. Thanks, -- Aurynn Shaw The PostgreSQL Company - Command Prompt, Inc. 1.503.667.4564 ext 103 PostgreSQL Replication, Consulting, Custom Development, 24x7 support We are all in the gutter, but some of us are looking at the stars. -- Oscar Wilde as...@commandprompt.com -- You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-disc...@googlegroups.com. To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
Re: Do your models handle all the data logic?
Other than for DB administration, I don't see the point in this. :) The argument is that Postgres' built-in authorization is better tested than anything you can write on your own. Plus, by protecting the data at the lowest database level, you can be sure that no Python or other utility can bypass your security policy. Yes. :) By enforcing it at the database level, any client connecting to the database will need to play by the same rules, short of being a database superuser. The downside is that it's meant for a limited number of Postgres users, and is not attuned to a web application that may create dozens of users in a week. So it only works if you can map your web users into a few pre-specified database users. You would also have to log into the database with the highest-permission user and then switch down using a SQL statement, similar to Unix 'su'. But I'm not sure how you'd go up in privilege again in another request (if you're reusing the same connection). This is also true; Vertically Challenged requires that the database roles being used are just that - roles that define specific actions. Users are then stored in a table as normal, and mapped to the correct role at session initiation via the Postgres command SET ROLE. SET ROLE allows for the permissions change to be undone, as well, so that a database handle can be reset to use the more permissible role at the end of the execution session. The other thing is it doesn't have row-based permissions, only table-based. Unless it was added in PostgreSQL 8.4. Although I suppose you can mimic row-based permissions in a stored procedure. It wasn't, though column-level permissions are available. So far, stored procedures are the only way to allow for row-level permissions. The other issue is how to get all your stored procedures into the database. The solution seems to be text SQL files in your version control system. This is what we do, though PG9.0 is going to allow for DO blocks. Combined with pl/pythonu, it should be possible to issue queries which encapsulate (for example) pickled code from the Python layer. As pl/pythonu is an untrusted language, this *will* require a database superuser, though. :( Regards, -- Aurynn Shaw The PostgreSQL Company - Command Prompt, Inc. 1.503.667.4564 ext 103 PostgreSQL Replication, Consulting, Custom Development, 24x7 support We are all in the gutter, but some of us are looking at the stars. -- Oscar Wilde as...@commandprompt.com -- You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-disc...@googlegroups.com. To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
Re: prefixmiddleware behind proxy generates correct h.url's, but redirect's dont keep 'https'
On Feb 2, 12:30 am, Damian damiandimm...@gmail.com wrote: Hi, Just in case anyone else runs into this, the proxy must forward the variable X_FORWARDED_PROTO, and not, as a few other posts i found suggest: X_FORWARDED_PROTOCOL. So for nginx use in your location section where you are proxying: proxy_set_header X_FORWARDED_PROTO $scheme; Technically you would use 'X-Forwarded-Proto' which is the normal convention for case on HTTP headers. This will be automatically converted to HTTP_X_FORWARDED_PROTO by web server/WSGI adapter on backend. Graham Cheers, Damian On Jan 29, 5:28 pm, Damian damiandimm...@gmail.com wrote: Hi, I'm just moving my webapp which runs in apache/mod_wsgi behind an nginx proxy. I've set it up to use the prefixmiddleware and all the https url_for'ed url's generate as expected. Unfortunately this doesn't seem to be the case for redirect_to urls, as these send me to the http, not the https url.. Am I missing something? Cheers, Damian -- You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-disc...@googlegroups.com. To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
Re: MySQL has gone away (again)
As far as i know, this problem is caused by having sqlalchemy.pool_recycle value larger than my.cnf [mysqld] connect_timeout I wasn't able to verify this in my environment. I set sqlalchemy.pool_recycle to 30 and connect_timeout to 60 in my.cnf and I still was getting 'MySQL server has gone away' errors. I tested this by setting my.ini and sqlalchemy variables then restarting MySQL and Pylons. After making an initial page request, I waited waited for set periods before making a second (non-cached) request. In each test, the errors started appearing right after the wait_timeout. After trying various configurations of wait_timeout, connect_timeout, and sqlalchemy.pool_recycle, the only variable that appeared to have a direct impact on my particular manifestation of this problem was wait_timeout. This makes some sense after reading the MySQL docs on this error: http://dev.mysql.com/doc/refman/5.0/en/gone-away.html -Chris On Jan 21, 9:21 pm, Didip Kerabat did...@gmail.com wrote: As far as i know, this problem is caused by having sqlalchemy.pool_recycle value larger than my.cnf [mysqld] connect_timeout - Didip - On Thu, Jan 21, 2010 at 8:15 AM, Ross Vandegrift r...@kallisti.us wrote: On Thu, Jan 21, 2010 at 12:05:43AM -0800, grassoalvaro wrote: mysql.config wait_timeout=90 max_allowed_packet=1M connect_timeout=300 I fixed my pylons configurations set pool_size to 60 but didn't help. Application is very simple, just 2 controllers, nothing complicated (this app .I have many others with the same problem. Currently i'm using cron to sending one GET request on every minute but this is ugly). In cases where I've run into this, I've turned the pool_recycle time way down - mine is set to 30, and this fixed the issue. Note that this is a workaround for another problem - in my case, I happen to know that there is a firewall that prevents long-lived TCP sessions from sitting idle. This causes pooled connections to go away without notifying the application stack. In theory, the better solution would be to fix that firewall's config. In practice, reducing the pool_recycle time doesn't affect my very light database load. Ross -- Ross Vandegrift r...@kallisti.us If the fight gets hot, the songs get hotter. If the going gets tough, the songs get tougher. --Woody Guthrie -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAktYfYcACgkQMlMoONfO+HAA/wCeI3s0bCFHkHB9GvQOdF3NThUO 5+oAoM3oPevLy4hENZF3ny4jF0MhF/3Q =dq1w -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-disc...@googlegroups.com. To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
