py_tasks_melange: comparison app/django/contrib/sessions/backends/file.py

equal deleted inserted replaced

-:6641e941ef1e
+:ff1a9aa48cfd
+import errno
 import os
 import tempfile
 from django.conf import settings
-from django.contrib.sessions.backends.base import SessionBase
+from django.contrib.sessions.backends.base import SessionBase, CreateError
 from django.core.exceptions import SuspiciousOperation, ImproperlyConfigured
 class SessionStore(SessionBase):
 """
 Implements a file based session store.
 """
 if not self.storage_path:
 self.storage_path = tempfile.gettempdir()
 # Make sure the storage path is valid.
 if not os.path.isdir(self.storage_path):
-raise ImproperlyConfigured("The session storage path %r doesn't exist. "\
+raise ImproperlyConfigured(
-"Please set your SESSION_FILE_PATH setting "\
+"The session storage path %r doesn't exist. Please set your"
-"to an existing directory in which Django "\
+" SESSION_FILE_PATH setting to an existing directory in which"
-"can store session data." % self.storage_path)
+" Django can store session data." % self.storage_path)
 self.file_prefix = settings.SESSION_COOKIE_NAME
 super(SessionStore, self).__init__(session_key)
 def _key_to_file(self, session_key=None):
 """
 if session_key is None:
 session_key = self.session_key
 # Make sure we're not vulnerable to directory traversal. Session keys
-# should always be md5s, so they should never contain directory components.
+# should always be md5s, so they should never contain directory
+# components.
 if os.path.sep in session_key:
-raise SuspiciousOperation("Invalid characters (directory components) in session key")
+raise SuspiciousOperation(
+"Invalid characters (directory components) in session key")
 return os.path.join(self.storage_path, self.file_prefix + session_key)
 def load(self):
 session_data = {}
 try:
 session_file = open(self._key_to_file(), "rb")
 try:
-try:
+file_data = session_file.read()
-session_data = self.decode(session_file.read())
+# Don't fail if there is no data in the session file.
-except(EOFError, SuspiciousOperation):
+# We may have opened the empty placeholder file.
-self._session_key = self._get_new_session_key()
+if file_data:
-self._session_cache = {}
+try:
-self.save()
+session_data = self.decode(file_data)
-# Ensure the user is notified via a new cookie.
+except (EOFError, SuspiciousOperation):
-self.modified = True
+self.create()
 finally:
 session_file.close()
-except(IOError):
+except IOError:
 pass
 return session_data
-def save(self):
+def create(self):
+while True:
+self._session_key = self._get_new_session_key()
+try:
+self.save(must_create=True)
+except CreateError:
+continue
+self.modified = True
+self._session_cache = {}
+return
+def save(self, must_create=False):
+# Get the session data now, before we start messing
+# with the file it is stored within.
+session_data = self._get_session(no_load=must_create)
+session_file_name = self._key_to_file()
 try:
-f = open(self._key_to_file(self.session_key), "wb")
+# Make sure the file exists.  If it does not already exist, an
+# empty placeholder file is created.
+flags = os.O_WRONLY | os.O_CREAT | getattr(os, 'O_BINARY', 0)
+if must_create:
+flags |= os.O_EXCL
+fd = os.open(session_file_name, flags)
+os.close(fd)
+except OSError, e:
+if must_create and e.errno == errno.EEXIST:
+raise CreateError
+raise
+# Write the session file without interfering with other threads
+# or processes.  By writing to an atomically generated temporary
+# file and then using the atomic os.rename() to make the complete
+# file visible, we avoid having to lock the session file, while
+# still maintaining its integrity.
+#
+# Note: Locking the session file was explored, but rejected in part
+# because in order to be atomic and cross-platform, it required a
+# long-lived lock file for each session, doubling the number of
+# files in the session storage directory at any given time.  This
+# rename solution is cleaner and avoids any additional overhead
+# when reading the session data, which is the more common case
+# unless SESSION_SAVE_EVERY_REQUEST = True.
+#
+# See ticket #8616.
+dir, prefix = os.path.split(session_file_name)
+try:
+output_file_fd, output_file_name = tempfile.mkstemp(dir=dir,
+prefix=prefix + '_out_')
+renamed = False
 try:
-f.write(self.encode(self._session))
+try:
+os.write(output_file_fd, self.encode(session_data))
+finally:
+os.close(output_file_fd)
+os.rename(output_file_name, session_file_name)
+renamed = True
 finally:
-f.close()
+if not renamed:
-except(IOError, EOFError):
+os.unlink(output_file_name)
+except (OSError, IOError, EOFError):
 pass
 def exists(self, session_key):
 if os.path.exists(self._key_to_file(session_key)):
 return True
 return False
-def delete(self, session_key):
+def delete(self, session_key=None):
+if session_key is None:
+if self._session_key is None:
+return
+session_key = self._session_key
 try:
 os.unlink(self._key_to_file(session_key))
 except OSError:
 pass

changeset 323	ff1a9aa48cfd
parent 54	03e267d67478