daniel156161/simple-nanoshare
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

feat(logging): add NanoShare wide event instrumentation
Build and Push Docker Container / build-and-push (push) Failing after 51s
Details

Browse Source 
- Register quart_common wide-event logging during app setup so every HTTP request emits one canonical structured event.

- Replace the inline security middleware with reusable quart_common security middleware wiring and move skip path configuration into app constants.

- Add NanoShare-specific wide-event context for health checks, auth/error handlers, file list/edit/delete/serve flows and upload outcomes.

- Rename runtime logging/project metadata from simple-picoshare to nanoshare where it is emitted in service context.

- Update my_helpers and quart_common submodules for Convex/wide-event integration and reusable security middleware support.

- Add NanoShare middleware tests covering safe user context, client IP enrichment, missing Convex handling and Convex security lookup failures.
This commit is contained in:
Daniel Dolezal
2026-05-13 20:22:43 +02:00
parent 26536a3cde
commit 9c731d6e67
12 changed files with 208 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files
routes/side/main.py
+12
View File
@@ -3,6 +3,7 @@ from my_modules.functions import get_ip
from my_modules.app.setup import LIMITER
from my_modules.app.logger import logger
from my_modules.expiry import parse_expires
from quart_common.web.wide_event import add_wide_event_context
from quart import (
Blueprint,
@@ -40,12 +41,14 @@ async def index():
@side_main_bp.route('/access')
@login_required
async def access_list(user):
add_wide_event_context(nanoshare={"operation": "access_list"})
access_data = await current_app.convex.get_all_access(user_id=user['sub'])
return await render_template("views/webpage/access/list.htm", access_logs=access_data)
@side_main_bp.route('/files')
@login_required
async def files_list(user):
add_wide_event_context(nanoshare={"operation": "files_list"})
files_data = await current_app.convex.get_files(user_id=user['sub'])
return await render_template("views/webpage/files/list.htm",
files=files_data
@@ -54,6 +57,7 @@ async def files_list(user):
@side_main_bp.route('/files/<path:file_id>/info')
@login_required
async def file_info(file_id, user):
add_wide_event_context(nanoshare={"operation": "file_info", "file_id": file_id})
files_data = await current_app.convex.get_files(user_id=user["sub"])
file_data = find_file(files_data, file_id)
if not file_data:
@@ -71,6 +75,7 @@ async def file_info(file_id, user):
@side_main_bp.route("/files/<path:file_id>/edit")
@login_required
async def file_edit(file_id, user):
add_wide_event_context(nanoshare={"operation": "file_edit", "file_id": file_id})
file_data = await current_app.convex.get_file_informations(file_id=file_id, user_id=user["sub"])
if not file_data:
abort(404)
@@ -83,6 +88,7 @@ async def file_edit(file_id, user):
@side_main_bp.put("/api/file/<path:file_id>")
@login_required
async def file_edit_api(file_id, user):
add_wide_event_context(nanoshare={"operation": "file_update", "file_id": file_id})
files_data = await current_app.convex.get_files(user_id=user["sub"])
if not find_file(files_data, file_id):
return jsonify({"ok": False, "error": "File not found"}), 404
@@ -115,6 +121,7 @@ async def file_edit_api(file_id, user):
@side_main_bp.delete("/api/file/<path:file_id>")
@login_required
async def file_delete_api(file_id, user):
add_wide_event_context(nanoshare={"operation": "file_delete", "file_id": file_id})
files_data = await current_app.convex.get_files(user_id=user["sub"])
if not find_file(files_data, file_id):
return jsonify({"ok": False, "error": "File not found"}), 404
@@ -125,10 +132,12 @@ async def file_delete_api(file_id, user):
@side_main_bp.route("/-<file_id>")
@LIMITER.limit("10 per minute;500 per hour;")
async def serve_file(file_id: str):
add_wide_event_context(nanoshare={"operation": "serve_file", "file_id": file_id})
file_data = await current_app.convex.get_file(file_id=file_id)
disable_logging = False
if not file_data:
add_wide_event_context(nanoshare={"operation_status": "not_found"})
abort(404)
user = session.get('user')
@@ -136,6 +145,7 @@ async def serve_file(file_id: str):
disable_logging = True
if file_data.get("expired", None):
add_wide_event_context(nanoshare={"operation_status": "expired", "owner_request": disable_logging})
if not disable_logging:
await current_app.convex.add_file_access(file_id=file_id, ip_address=get_ip(), user_agent=request.user_agent, status="expired")
return Response("This file has expired.", status=410, headers={
@@ -149,10 +159,12 @@ async def serve_file(file_id: str):
force_download = request.args.get("download") in {"1", "true", "yes"}
if not file_data.get('db_image_url', None):
add_wide_event_context(nanoshare={"operation_status": "missing_storage", "owner_request": disable_logging})
if not disable_logging:
await current_app.convex.add_file_access(file_id=file_id, ip_address=get_ip(), user_agent=request.user_agent, status="error")
abort(404)
add_wide_event_context(nanoshare={"operation_status": "served", "owner_request": disable_logging, "content_type": content_type, "download": force_download})
if not disable_logging:
await current_app.convex.add_file_access(file_id=file_id, ip_address=get_ip(), user_agent=request.user_agent, status="ok")
routes/side/upload.py
+11
View File
@@ -1,6 +1,7 @@
from my_modules.decoratory.header import login_required
from my_modules.expiry import parse_expires, ensure_utc
from my_modules.file_meta import iso_stamp_filename, format_size
from quart_common.web.wide_event import add_wide_event_context
from quart import Blueprint, request, jsonify, current_app
import asyncio, hashlib
@@ -73,10 +74,13 @@ async def api_upload(user):
text = form.get('text', '')
orphan_registry = getattr(current_app, 'orphan_storage_registry', None)
add_wide_event_context(nanoshare={"operation": "upload", "has_file": bool(files.get('file')), "has_text": bool(text.strip())})
uploaded = files.get('file')
expires_at_dt = ensure_utc(parse_expires(expires_raw))
if not uploaded and not text.strip():
add_wide_event_context(nanoshare={"operation_status": "missing_content"})
return jsonify({'ok': False, 'error': 'No content provided'}), 400
content_type = None
@@ -84,6 +88,7 @@ async def api_upload(user):
# --- binary upload path ---
if uploaded:
fname = uploaded.filename or ''
add_wide_event_context(nanoshare={"upload_type": "file", "filename_present": bool(fname)})
ctype = uploaded.mimetype or 'application/octet-stream'
content_type = ctype
storage_id = None
@@ -115,6 +120,7 @@ async def api_upload(user):
)
if storage_id:
reused_orphan_storage_id = True
add_wide_event_context(nanoshare={"reused_orphan_storage_id": True})
else:
storage_id, sent_size = await current_app.convex.send_stream_to_storage(stream=stream,content_type=content_type)
size_bytes = sent_size
@@ -128,6 +134,7 @@ async def api_upload(user):
)
if storage_id:
reused_orphan_storage_id = True
add_wide_event_context(nanoshare={"reused_orphan_storage_id": True})
else:
storage_id = await current_app.convex.send_to_storage(data=data, content_type=content_type)
size_bytes = len(data)
@@ -151,6 +158,7 @@ async def api_upload(user):
# --- text upload path ---
elif text.strip():
add_wide_event_context(nanoshare={"upload_type": "text"})
data = text.encode('utf-8')
fname = iso_stamp_filename('pasted', 'txt')
fingerprint = fingerprint_bytes(data)
@@ -160,6 +168,8 @@ async def api_upload(user):
else None
)
reused_orphan_storage_id = bool(storage_id)
if reused_orphan_storage_id:
add_wide_event_context(nanoshare={"reused_orphan_storage_id": True})
if not storage_id:
storage_id = await current_app.convex.send_to_storage(
data=data, content_type='text/plain'
@@ -183,4 +193,5 @@ async def api_upload(user):
await orphan_registry.remember(user['sub'], fingerprint, storage_id)
raise
add_wide_event_context(nanoshare={"operation_status": "uploaded", "content_type": content_type})
return jsonify({'ok': True})