feat: user data in django

untitaker · untitaker · commit b4a3cb7eb50b · 2018-07-27T10:43:12.000+02:00
diff --git a/sentry_sdk/hub.py b/sentry_sdk/hub.py
@@ -15,7 +15,7 @@ def _internal_exceptions():
     try:
         yield
     except Exception:
-        Hub.current.capture_exception()
+        Hub.current.capture_internal_exception()
 
 
 class HubMeta(type):
diff --git a/sentry_sdk/integrations/_wsgi.py b/sentry_sdk/integrations/_wsgi.py
@@ -145,3 +145,17 @@ def files(self):
 
     def size_of_file(self, file):
         raise NotImplementedError()
+
+
+def get_client_ip(environ):
+    """
+    Naively yank the first IP address in an X-Forwarded-For header
+    and assume this is correct.
+
+    Note: Don't use this in security sensitive situations since this
+    value may be forged from a client.
+    """
+    try:
+        return environ['HTTP_X_FORWARDED_FOR'].split(',')[0].strip()
+    except (KeyError, IndexError):
+        return environ.get('REMOTE_ADDR')
diff --git a/sentry_sdk/integrations/django.py b/sentry_sdk/integrations/django.py
@@ -1,5 +1,6 @@
 from __future__ import absolute_import
 
+from django import VERSION as DJANGO_VERSION
 from django.core import signals
 
 try:
@@ -9,10 +10,18 @@
 
 from sentry_sdk import get_current_hub, configure_scope, capture_exception
 from sentry_sdk.hub import _internal_exceptions
-from ._wsgi import RequestExtractor
+from ._wsgi import RequestExtractor, get_client_ip
 from . import Integration
 
 
+if DJANGO_VERSION < (1, 10):
+    def is_authenticated(request_user):
+        return request_user.is_authenticated()
+else:
+    def is_authenticated(request_user):
+        return request_user.is_authenticated
+
+
 class DjangoIntegration(Integration):
     identifier = 'django'
 
@@ -46,6 +55,10 @@ def processor(event):
             with _internal_exceptions():
                 DjangoRequestExtractor(request).extract_into_event(event)
 
+            if 'user' not in event:
+                with _internal_exceptions():
+                    _set_user_info(request, event)
+
             # TODO: user info
 
         return processor
@@ -83,3 +96,24 @@ def files(self):
 
     def size_of_file(self, file):
         return file.size
+
+
+def _set_user_info(request, event):
+    event['user'] = user_info = {
+        'ip_address': get_client_ip(request.META),
+    }
+
+    user = getattr(request, "user", None)
+
+    if user is None or not is_authenticated(user):
+        return
+
+    try:
+        user_info['email'] = user.email
+    except Exception:
+        pass
+
+    try:
+        user_info['username'] = user.get_username()
+    except Exception:
+        pass
diff --git a/sentry_sdk/stripping.py b/sentry_sdk/stripping.py
@@ -12,10 +12,14 @@ def __init__(self, value, metadata):
 def flatten_metadata(obj):
     def inner(obj):
         if isinstance(obj, Mapping):
-            assert "" not in obj, "Merging metadata not supported"
             rv = {}
             meta = {}
             for k, v in obj.items():
+                # if we actually have "" keys in our data, throw them away. It's
+                # unclear how we would tell them apart from metadata
+                if k == "":
+                    continue
+
                 rv[k], meta[k] = inner(v)
                 if meta[k] is None:
                     del meta[k]
diff --git a/tests/integrations/django/myapp/settings.py b/tests/integrations/django/myapp/settings.py
@@ -66,7 +66,11 @@ def process_response(self, request, response):
         return response
 
 
-MIDDLEWARE_CLASSES = ["tests.integrations.django.myapp.settings.TestMiddleware"]
+MIDDLEWARE_CLASSES = [
+    'django.contrib.sessions.middleware.SessionMiddleware',
+    'django.contrib.auth.middleware.AuthenticationMiddleware',
+    "tests.integrations.django.myapp.settings.TestMiddleware"
+]
 
 if MiddlewareMixin is not object:
     MIDDLEWARE = MIDDLEWARE_CLASSES
diff --git a/tests/integrations/django/myapp/urls.py b/tests/integrations/django/myapp/urls.py
@@ -27,4 +27,5 @@
     path("view-exc", views.view_exc, name="view_exc"),
     path("middleware-exc", views.self_check, name="middleware_exc"),
     path("message", views.message, name="message"),
+    path("mylogin", views.mylogin, name="mylogin"),
 ]
diff --git a/tests/integrations/django/myapp/views.py b/tests/integrations/django/myapp/views.py
@@ -1,3 +1,5 @@
+from django.contrib.auth import login
+from django.contrib.auth.models import User
 from django.http import HttpResponse
 
 import sentry_sdk
@@ -16,3 +18,10 @@ def view_exc(request):
 def message(request):
     sentry_sdk.capture_message("hi")
     return HttpResponse("ok")
+
+
+def mylogin(request):
+    user = User.objects.create_user('john', 'lennon@thebeatles.com', 'johnpassword')
+    user.backend = 'django.contrib.auth.backends.ModelBackend'
+    login(request, user)
+    return HttpResponse("ok")
diff --git a/tests/integrations/django/test_basic.py b/tests/integrations/django/test_basic.py
@@ -58,3 +58,23 @@ def test_request_captured(client, capture_events):
         "query_string": "",
         "url": "http://testserver/message",
     }
+
+
+@pytest.mark.django_db
+def test_user_captured(client, capture_events):
+    events = capture_events()
+    response = client.get(reverse("mylogin"))
+    assert response.content == b'ok'
+
+    assert not events
+
+    response = client.get(reverse("message"))
+    assert response.content == b'ok'
+
+    event, = events
+
+    assert event['user'] == {
+        'email': 'lennon@thebeatles.com',
+        'ip_address': "127.0.0.1",
+        "username": "john"
+    }

Original file line number	Diff line number	Diff line change
`@@ -27,4 +27,5 @@`
`27`	`27`	`path("view-exc", views.view_exc, name="view_exc"),`
`28`	`28`	`path("middleware-exc", views.self_check, name="middleware_exc"),`
`29`	`29`	`path("message", views.message, name="message"),`
	`30`	`+ path("mylogin", views.mylogin, name="mylogin"),`
`30`	`31`	`]`