IT-Naturschutz/konova
7
1
Fork 0
Code Issues 6 Pull Requests 1 Actions Projects Releases 28 Wiki Activity

Merge pull request 'Custom exception reporter' (#369) from custom_exception_reporter into master

Browse Source 
Reviewed-on: SGD-Nord/konova#369
This commit is contained in:
mpeltriaux 2023-12-11 11:22:12 +01:00
commit 0a6918942a
3 changed files with 71 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
konova/settings.py
View File

@ -19,6 +19,7 @@ from konova.sub_settings.sso_settings import *
from konova.sub_settings.table_settings import * from konova.sub_settings.table_settings import *
from konova.sub_settings.lanis_settings import * from konova.sub_settings.lanis_settings import *
from konova.sub_settings.wfs_parcel_settings import * from konova.sub_settings.wfs_parcel_settings import *
from konova.sub_settings.logging_settings import *
# Max upload size for POST forms # Max upload size for POST forms
DATA_UPLOAD_MAX_MEMORY_SIZE = 5242880 DATA_UPLOAD_MAX_MEMORY_SIZE = 5242880

8
konova/sub_settings/logging_settings.py Normal file
View File

@ -0,0 +1,8 @@
"""
Author: Michel Peltriaux
Organization: Struktur- und Genehmigungsdirektion Nord, Rhineland-Palatinate, Germany
Contact: ksp-servicestelle@sgdnord.rlp.de
Created on: 11.12.23
"""
DEFAULT_EXCEPTION_REPORTER = "konova.utils.exception_reporter.KonovaExceptionReporter"

62
konova/utils/exception_reporter.py Normal file
View File

@ -0,0 +1,62 @@
"""
Author: Michel Peltriaux
Organization: Struktur- und Genehmigungsdirektion Nord, Rhineland-Palatinate, Germany
Contact: ksp-servicestelle@sgdnord.rlp.de
Created on: 11.12.23
"""
from django.views.debug import ExceptionReporter
class KonovaExceptionReporter(ExceptionReporter):
""" Custom exception reporter class
Adapts the base functionality of ExceptionReporter but adds whitelist filtering to prevent sensitive data
to be exploitable via mail delivery.
References:
https://docs.djangoproject.com/en/4.2/ref/logging/#handlers
"""
def _filter_traceback_data(self, tb_data: dict):
""" Filters given traceback data according to whitelist
Args:
tb_data (dict): Aggregates traceback data
Returns:
clean_data (dict): Whitelist based filtered traceback data
"""
whitelist = [
"is_email",
"unicdoe_hint",
"frames",
"request",
"user_str",
"sys_executable",
"sys_version_info",
"raising_view_name",
"exception_type",
"exception_value",
]
clean_data = dict()
for entry in whitelist:
try:
clean_data[entry] = tb_data[entry]
except KeyError:
continue
return clean_data
def get_traceback_data(self):
""" Custom traceback data aggregation
Returns:
tb_data (dict): The traceback data
"""
tb_data = super().get_traceback_data()
if self.is_email:
tb_data = self._filter_traceback_data(tb_data)
return tb_data