If a dynamic request handler returns None with "wrap_result"
disabled, set the return status to 204.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Move upload handler registration out of the file manager.
Register the primary hander in the app module, and the
Octoprint Comptaiblity handler in octoprint_compat.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Move logging setup to the Server class and enable asyncio debugging.
Sanitize debug logging for all "/access" endpoints so tokens and
passwords are not logged.
SIgned-off-by: Eric Callahan <arksine.code@gmail.com>
Rather than add these arguments to the config, use a method to access them from the server object.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Perform reads in a thread so File I/O does not block.
This patch also disables ETags for static files. Tornado's default behavior of caching file hashes will not work as many of Moonraker's can be updated. The previous workaround to this was to recalculate the checksum if the modified date changed. This is inefficient as its behavior is not much different than using "If-Modified-Since".
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
This should prevent large file uploads from blocking the asyncio event loop for a long period of time.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
This allows eligible components to register themselves as API transports. By default the WebsocketManager is registered.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Clients can use this in situations where a browser may
prompt the user to take action prior to sending the
request. After the user accepts, Moonraker will redirect the user to the url provided in the request.
SIgned-off-by: Eric Callahan <arksine.code@gmail.com>
Image files (.png) are still granted unauthorized access, however all other files require that the request be authorized.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Clients may pass a json web token via the query string's "access_token" argument to authorize requests that do not allow modified headers.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Replace non-ASCII characters with "?" and add escaped unicode version of the file name to the "Content-Disposition" header to fix problems with thumbnails and downloading for the gcode file with non-ASCII characters in filename.
Signed-off-by: Uladzimir Palekh <visor.rti@gmail.com>
Generally speaking static files do not require authorization, so there should be little harm in bypassing auth checks. This allows clients to retrieve assets without XHRs or requesting tokens.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Log the current user for each request. Dont' log requests that return with 200, 204, 206, or 304 in release mode.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
CONFIG CHANGE: This deprecates the "enabled" option in the [authorization] section. Authorization will be enabled if the section is included in moonraker.conf, otherwise it will be disabled.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Force an update to cached file hashes should the modified time change. Re-enable the "should_return_304" check so clients can re-implement caching.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Some static files, such as logs, can change size during a request. This results in a content length mismatch and error. Cap the amount read based on the original content length.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
This handler provides consistent error reporting in the event that the client attempts to access an unknown endpoint. If the request is unauthorized, an 401 will be returned. Otherwise a 404 will be returned, however if CORS is available the CORS headers will be set.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Moving log level init to the app module and have it explicitly set the level. This allows the logging level to be toggled with a server restart. Default debug logging to False.
When debug logging is disabled do not log HTTP requests.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
This error is an indication that a JSON body was sent without the content type set to "application/json".
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
This PR is a minimal implementation of the Octoprint REST API that is required
for Cura to be able to establish a connection and send gcode/UFP files to
moonraker without errors.
Currently it only supports the "global apikey authentication" method.
Signed-off-by: Nickolas Grigoriadis <nagrigoriadis@gmail.com>
It is possible for the log files to be registered after a rollover, which can result in the file not existing. Force the log endpoints to register, bypassing the existance check.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
This will make klippy.log available in the event that Klippy has not successfully connected, assuming the log is available at the default location.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Tornado clears the headers when an error is detected, "set_default_headers" must be overrridden so that errors are properly returned.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Rather than allow all origins as was the default with "enable_cors", users may not specify the domains allowed. If "*" is specified, all domains are allowed.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Clients may provide arguments either in the query string or body. Reserved arguments "token" and "connection_id" are excluded from the result.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
