This is a common feature found in online banking, where the user wants to download the transaction history. It allows the importing data into another financial tool for analysis, auditing, or double bookkeeping.
For our case study, we will export using PyroServiceExporter. However, we only want to expose the logs and none of the other functions. You may recall that PyroServiceExporter exposes all the methods its target object. In order to do this, we need a separate service that can delegate to our controller, and instead expose it.
- Create a public-facing service, which will contain exposes services.
class SpringBankPublic(object): def __init__(self, controller): self.controller = controller def history(self, id): return self.controller.history(id)
This class is pretty simple. The constructor call requires a copy of controller. It has only one method, the one intended for public exposure.
- Export the public-facing service in the application context using Pyro.
@Object def public_service(self): return SpringBankPublic(self.controller()) @Object def spring_bank_exporter(self): exporter = PyroServiceExporter() exporter.service_name = "springbank" exporter.service = self.public_service() return exporter from springpython.remoting.pyro import *
In order to run this code, the following import statement must be added:
from springpython.remoting.pyro import *
- Write a simple client script that will remotely connect to the public service, and retrieve one of the accounts.
from springpython.config import * from springpython.remoting.pyro import * class RemoteClient(PythonConfig): def __init__(self): PythonConfig.__init__(self) @Object def client(self): service = PyroProxyFactory() service.service_url = "PYROLOC://localhost:7766/springbank" return service if __name__ == "__main__": from springpython.context import ApplicationContext ctx = ApplicationContext(RemoteClient()) service = ctx.get_object("client") for row in service.history(1): print rowThis client script connects through Pyro module. It requests the history of Account 1, and then prints it out in raw form on the screen.
This easily fetches the raw data we requested. It is a perfect example of how to pipe raw data to other machines.
Note
This form of raw data access has no security restrictions and would be ill advised for exposure to an untrusted network. This type of data would also be more secure if Pyro was configured with SSL. However, at this point in time, Spring Python does not support configuring Pyro with SSL.
- Let's create a raw version visible through the web layer.
@cherrypy.expose def raw_history(self, id): return str(self.controller.history(id))
This basically takes the results of the
historycall, converts them to a string, and returns it for display with no extra HTML formatting. - Let's secure
raw_historywith the same protections ashistory.@Object def filter_security_interceptor(self): filter = FilterSecurityInterceptor() filter.auth_manager = self.auth_manager() filter.access_decision_mgr = self.access_decision_mgr() filter.sessionStrategy = self.session_strategy() filter.obj_def_source = [ ("/raw_history.*", ["OWNER"]), ("/history.*", ["OWNER"]), ("/.*", ["ROLE_CUSTOMER", "ROLE_MGR", "ROLE_SUPERVISOR"]) ] return filter
Now it's possible to write a web-based script that would get redirected to the login page. It must supply login credentials. After that, it can issue the URL necessary to retrieve Python's literal array of dictionaries. It could then convert it to a Python data structure, and harvest the data.