Context Navigation

Modify ↓

#11799 new enhancement

Log messages when permission checks fail rather than traceback

Reported by:	Ryan J Ollos	Owned by:	osimons
Priority:	normal	Component:	XmlRpcPlugin
Severity:	normal	Keywords:
Cc:	Olemis Lang	Trac Release:

Description (last modified by Ryan J Ollos)

Looking in the log files I see many entries like the following:

2014-05-28 12:13:22,695 Trac[web_ui] ERROR: RPC(XML-RPC) Error
Traceback (most recent call last):
  File "build/bdist.linux-x86_64/egg/tracrpc/web_ui.py", line 149, in _rpc_process
    req.perm.require('XML_RPC') # Need at least XML_RPC
  File "/usr/local/python26_trac10/lib/python2.6/site-packages/Trac-1.0.1-py2.6.egg/trac/perm.py", line 579, in require
    raise PermissionError(action, resource, self.env)
PermissionError

Web requests on the other hand are trapped and logged:

2014-05-28 17:01:26,569 Trac[main] WARNING: [12.234.78.2] HTTPForbidden: 403 Forbidden (WIKI_VIEW privileges are required to perform this operation on WikiStart. You don't have the required permissions.)

I'm wondering if we could trap and log XmlRpc requests as warnings. I haven't done more than look at the code yet, but I could probably propose a patch.

Attachments (0)

Change History (5)

comment:1 Changed 9 years ago by Ryan J Ollos

Description:	modified (diff)

comment:2 Changed 8 years ago by Jun Omae

tracrpc/web_ui.py

diff --git a/tracrpc/web_ui.py b/tracrpc/web_ui.py
index d738e87..3fd77d6 100644

  from trac.wiki.formatter import wiki_to_oneliner
 from tracrpc.api import XMLRPCSystem, IRPCProtocol, ProtocolException, \
                           RPCError, ServiceException
 from tracrpc.util import accepts_mimetype
+from tracrpc.util import accepts_mimetype, exception_to_unicode
 __all__ = ['RPCWeb']
-…
+ class RPCWeb(Component):
                 result = (XMLRPCSystem(self.env).get_method(method_name)(req, args))[0]
                 if isinstance(result, GeneratorType):
                     result = list(result)
             except (RPCError, PermissionError, ResourceNotFound), e:
+            except (TracError, PermissionError, ResourceNotFound), e:
                 raise
             except Exception:
                 e, tb = sys.exc_info()[-2:]
-…
+ class RPCWeb(Component):
                 protocol.send_rpc_result(req, result)
         except RequestDone :
             raise
+        except (RPCError, PermissionError, ResourceNotFound), e:
+            self.log.exception("RPC(%s) Error", proto_id)
+        except (TracError, PermissionError, ResourceNotFound), e:
+            self.log.warning("RPC(%s) [%s] %s", proto_id, req.remote_addr,
+                             exception_to_unicode(e))
             try :
                 protocol.send_rpc_error(req, e)
             except RequestDone :

After the patch:

2016-10-07 19:28:11,665 Trac[web_ui] WARNING: RPC(JSON-RPC) [192.168.11.27] PermissionError: XML_RPC privileges are required to perform this operation. You don't have the required permissions.

Version 2, edited 8 years ago by Jun Omae (previous) (next) (diff)

comment:3 Changed 8 years ago by Ryan J Ollos

The changes look nice. Okay to merge?

comment:4 Changed 8 years ago by Jun Omae

Fine by me. Could you please review patch in comment:14:ticket:12408?

comment:5 Changed 7 years ago by Ryan J Ollos

Running the latest (r16279), I noticed the following in the logs:

2017-03-20 17:17:23,690 Trac[web_ui] WARNING: RPC(XML-RPC) [82.236.185.165] PermissionError: XML_RPC privileges are required to perform this operation. You don't have the required permissions.

HTTPForbidden should probably be logged.

Modify Ticket

Change Properties

Summary:
Type:	Priority:
Component:	Severity:
Keywords:	Cc:	Set your email in Preferences
Trac Release:

Action

leave as new The owner will remain osimons.

Add Comment

Your email or username:

E-mail address and name can be saved in the Preferences.

You may use WikiFormatting here.

Attachments ↑ Description ↑

Note: See TracTickets for help on using tickets.

Download in other formats: