Current File : //opt/alt/python37/lib/python3.7/site-packages/raven/contrib/django/views.py
"""
raven.contrib.django.views
~~~~~~~~~~~~~~~~~~~~~~~~~~

:copyright: (c) 2010-2012 by the Sentry Team, see AUTHORS for more details.
:license: BSD, see LICENSE for more details.
"""
from __future__ import absolute_import

from functools import wraps

from django.conf import settings
from django.http import HttpResponse, HttpResponseForbidden, HttpResponseBadRequest
from django.views.decorators.cache import never_cache
from django.views.decorators.csrf import csrf_exempt
from django.views.decorators.http import require_http_methods

from raven.utils.compat import string_types
from raven.contrib.django.models import client
from raven.utils import json


def is_valid_origin(origin):
    if not settings.SENTRY_ALLOW_ORIGIN:
        return False

    if settings.SENTRY_ALLOW_ORIGIN == '*':
        return True

    if not origin:
        return False

    origin = origin.lower()
    for value in settings.SENTRY_ALLOW_ORIGIN:
        if isinstance(value, string_types):
            if value.lower() == origin:
                return True
        else:
            if value.match(origin):
                return True

    return False


def with_origin(func):
    @wraps(func)
    def wrapped(request, *args, **kwargs):
        origin = request.META.get('HTTP_ORIGIN')

        if not is_valid_origin(origin):
            return HttpResponseForbidden()

        response = func(request, *args, **kwargs)
        response['Access-Control-Allow-Origin'] = origin
        response['Access-Control-Allow-Methods'] = 'GET, POST, OPTIONS'

        return response
    return wrapped


def extract_auth_vars(request):
    """
    raven-js will pass both Authorization and X-Sentry-Auth depending on the browser
    and server configurations.
    """
    if request.META.get('HTTP_X_SENTRY_AUTH', '').startswith('Sentry'):
        return request.META['HTTP_X_SENTRY_AUTH']
    elif request.META.get('HTTP_AUTHORIZATION', '').startswith('Sentry'):
        return request.META['HTTP_AUTHORIZATION']
    else:
        # Try to construct from GET request
        args = [
            '%s=%s' % i
            for i in request.GET.items()
            if i[0].startswith('sentry_') and i[0] != 'sentry_data'
        ]
        if args:
            return 'Sentry %s' % ', '.join(args)
    return None


@csrf_exempt
@require_http_methods(['GET', 'POST', 'OPTIONS'])
@never_cache
@with_origin
def report(request, project_id=None):
    if request.method == 'OPTIONS':
        return HttpResponse()

    if request.method == 'POST':
        if hasattr(request, 'body'):
            data = request.body
        else:
            data = request.raw_post_data
    else:
        data = request.GET.get('sentry_data')

    if not data:
        return HttpResponseBadRequest()

    try:
        decoded = json.loads(data.decode('utf8'))
    except json.JSONDecodeError:
        return HttpResponseBadRequest()

    client.send(auth_header=extract_auth_vars(request), **decoded)

    return HttpResponse()