Merge remote-tracking branch 'upstream/main' into retry-gateway-errors

Author: kevin-bates

.pre-commit-config.yaml

@@ -30,7 +30,7 @@ repos:
         files: \.py$
 
   - repo: https://github.com/pre-commit/mirrors-mypy
-    rev: v0.961
+    rev: v0.971
     hooks:
       - id: mypy
         additional_dependencies: [types-requests]
@@ -41,39 +41,35 @@ repos:
       - id: prettier
 
   - repo: https://github.com/asottile/pyupgrade
-    rev: v2.37.1
+    rev: v2.37.3
     hooks:
       - id: pyupgrade
         args: [--py37-plus]
 
   - repo: https://github.com/PyCQA/doc8
-    rev: 0.11.2
+    rev: v1.0.0
     hooks:
       - id: doc8
         args: [--max-line-length=200]
         exclude: docs/source/other/full-config.rst
         stages: [manual]
 
   - repo: https://github.com/pycqa/flake8
-    rev: 4.0.1
+    rev: 5.0.4
     hooks:
       - id: flake8
         additional_dependencies:
-          [
-            "flake8-bugbear==20.1.4",
-            "flake8-logging-format==0.6.0",
-            "flake8-implicit-str-concat==0.2.0",
-          ]
+          ["flake8-bugbear==22.6.22", "flake8-implicit-str-concat==0.2.0"]
         stages: [manual]
 
   - repo: https://github.com/pre-commit/mirrors-eslint
-    rev: v8.19.0
+    rev: v8.21.0
     hooks:
       - id: eslint
         stages: [manual]
 
   - repo: https://github.com/sirosen/check-jsonschema
-    rev: 0.17.0
+    rev: 0.17.1
     hooks:
       - id: check-jsonschema
         name: "Check GitHub Workflows"

docs/source/operators/security.rst

@@ -101,7 +101,7 @@ as all requests requiring _authorization_ must first complete _authentication_.
 Identity Providers
 ******************
 
-The :class:`.IdentityProvider` class is responsible for the "authorization" step,
+The :class:`.IdentityProvider` class is responsible for the "authentication" step,
 identifying the user making the request,
 and constructing information about them.
 

jupyter_server/auth/identity.py

@@ -9,6 +9,7 @@
 
 import binascii
 import datetime
+import json
 import os
 import re
 import sys
@@ -24,6 +25,7 @@
 from jupyter_server.transutils import _i18n
 
 from .security import passwd_check, set_password
+from .utils import get_anonymous_username
 
 # circular imports for type checking
 if TYPE_CHECKING:
@@ -290,11 +292,28 @@ def user_to_cookie(self, user: User) -> str:
         Default is just the user's username.
         """
         # default: username is enough
-        return user.username
+        cookie = json.dumps(
+            {
+                "username": user.username,
+                "name": user.name,
+                "display_name": user.display_name,
+                "initials": user.initials,
+                "color": user.color,
+            }
+        )
+        return cookie
 
     def user_from_cookie(self, cookie_value: str) -> User | None:
         """Inverse of user_to_cookie"""
-        return User(username=cookie_value)
+        user = json.loads(cookie_value)
+        return User(
+            user["username"],
+            user["name"],
+            user["display_name"],
+            user["initials"],
+            None,
+            user["color"],
+        )
 
     def get_cookie_name(self, handler: JupyterHandler) -> str:
         """Return the login cookie name
@@ -396,7 +415,6 @@ def get_token(self, handler: JupyterHandler) -> str | None:
         - in URL parameters: ?token=<token>
         - in header: Authorization: token <token>
         """
-
         user_token = handler.get_argument("token", "")
         if not user_token:
             # get it from Authorization header
@@ -447,8 +465,12 @@ def generate_anonymous_user(self, handler: JupyterHandler) -> User:
         but does not identify a user.
         """
         user_id = uuid.uuid4().hex
+        moon = get_anonymous_username()
+        name = display_name = f"Anonymous {moon}"
+        initials = f"A{moon[0]}"
+        color = None
         handler.log.info(f"Generating new user for token-authenticated request: {user_id}")
-        return User(user_id)
+        return User(user_id, name, display_name, initials, None, color)
 
     def should_check_origin(self, handler: JupyterHandler) -> bool:
         """Should the Handler check for CORS origin validation?

jupyter_server/auth/utils.py

@@ -3,6 +3,7 @@
 # Copyright (c) Jupyter Development Team.
 # Distributed under the terms of the Modified BSD License.
 import importlib
+import random
 import re
 import warnings
 
@@ -74,3 +75,95 @@ def match_url_to_resource(url, regex_mapping=None):
         pattern = re.compile(regex)
         if pattern.fullmatch(url):
             return auth_resource
+
+
+# From https://en.wikipedia.org/wiki/Moons_of_Jupiter
+moons_of_jupyter = [
+    "Metis",
+    "Adrastea",
+    "Amalthea",
+    "Thebe",
+    "Io",
+    "Europa",
+    "Ganymede",
+    "Callisto",
+    "Themisto",
+    "Leda",
+    "Ersa",
+    "Pandia",
+    "Himalia",
+    "Lysithea",
+    "Elara",
+    "Dia",
+    "Carpo",
+    "Valetudo",
+    "Euporie",
+    "Eupheme",
+    # 'S/2003 J 18',
+    # 'S/2010 J 2',
+    "Helike",
+    # 'S/2003 J 16',
+    # 'S/2003 J 2',
+    "Euanthe",
+    # 'S/2017 J 7',
+    "Hermippe",
+    "Praxidike",
+    "Thyone",
+    "Thelxinoe",
+    # 'S/2017 J 3',
+    "Ananke",
+    "Mneme",
+    # 'S/2016 J 1',
+    "Orthosie",
+    "Harpalyke",
+    "Iocaste",
+    # 'S/2017 J 9',
+    # 'S/2003 J 12',
+    # 'S/2003 J 4',
+    "Erinome",
+    "Aitne",
+    "Herse",
+    "Taygete",
+    # 'S/2017 J 2',
+    # 'S/2017 J 6',
+    "Eukelade",
+    "Carme",
+    # 'S/2003 J 19',
+    "Isonoe",
+    # 'S/2003 J 10',
+    "Autonoe",
+    "Philophrosyne",
+    "Cyllene",
+    "Pasithee",
+    # 'S/2010 J 1',
+    "Pasiphae",
+    "Sponde",
+    # 'S/2017 J 8',
+    "Eurydome",
+    # 'S/2017 J 5',
+    "Kalyke",
+    "Hegemone",
+    "Kale",
+    "Kallichore",
+    # 'S/2011 J 1',
+    # 'S/2017 J 1',
+    "Chaldene",
+    "Arche",
+    "Eirene",
+    "Kore",
+    # 'S/2011 J 2',
+    # 'S/2003 J 9',
+    "Megaclite",
+    "Aoede",
+    # 'S/2003 J 23',
+    "Callirrhoe",
+    "Sinope",
+]
+
+
+def get_anonymous_username() -> str:
+    """
+    Get a random user-name based on the moons of Jupyter.
+    This function returns names like "Anonymous Io" or "Anonymous Metis".
+    """
+    return moons_of_jupyter[random.randint(0, len(moons_of_jupyter) - 1)]

jupyter_server/services/contents/filemanager.py

@@ -904,3 +904,13 @@ async def is_hidden(self, path):
         path = path.strip("/")
         os_path = self._get_os_path(path=path)
         return is_hidden(os_path, self.root_dir)
+
+    async def get_kernel_path(self, path, model=None):
+        """Return the initial API path of a kernel associated with a given notebook"""
+        if await self.dir_exists(path):
+            return path
+        if "/" in path:
+            parent_dir = path.rsplit("/", 1)[0]
+        else:
+            parent_dir = ""
+        return parent_dir

jupyter_server/services/contents/handlers.py

@@ -99,7 +99,8 @@ async def get(self, path=""):
 
         type = self.get_query_argument("type", default=None)
         if type not in {None, "directory", "file", "notebook"}:
-            raise web.HTTPError(400, "Type %r is invalid" % type)
+            # fall back to file if unknown type
+            type = "file"
 
         format = self.get_query_argument("format", default=None)
         if format not in {None, "text", "base64"}:
@@ -207,24 +208,22 @@ async def post(self, path=""):
             raise web.HTTPError(400, "Cannot POST to files, use PUT instead.")
 
         model = self.get_json_body()
-        copy_from = model.get("copy_from")
-        if (
-            copy_from
-            and (
-                await ensure_async(cm.is_hidden(path))
-                or await ensure_async(cm.is_hidden(copy_from))
-            )
-            and not cm.allow_hidden
-        ):
-            raise web.HTTPError(400, f"Cannot copy file or directory {path!r}")
-
-        if model is not None:
+        if model:
             copy_from = model.get("copy_from")
-            ext = model.get("ext", "")
-            type = model.get("type", "")
             if copy_from:
-                await self._copy(copy_from, path)
+                if not cm.allow_hidden and (
+                    await ensure_async(cm.is_hidden(path))
+                    or await ensure_async(cm.is_hidden(copy_from))
+                ):
+                    raise web.HTTPError(400, f"Cannot copy file or directory {path!r}")
+                else:
+                    await self._copy(copy_from, path)
             else:
+                ext = model.get("ext", "")
+                type = model.get("type", "")
+                if type not in {None, "", "directory", "file", "notebook"}:
+                    # fall back to file if unknown type
+                    type = "file"
                 await self._new_untitled(path, type=type, ext=ext)
         else:
             await self._new_untitled(path)

jupyter_server/services/nbconvert/handlers.py

@@ -11,11 +11,16 @@
 AUTH_RESOURCE = "nbconvert"
 
 
-LOCK = asyncio.Lock()
-
-
 class NbconvertRootHandler(APIHandler):
     auth_resource = AUTH_RESOURCE
+    _exporter_lock: asyncio.Lock
+
+    def initialize(self, **kwargs):
+        super().initialize(**kwargs)
+        # share lock across instances of this handler class
+        if not hasattr(self.__class__, "_exporter_lock"):
+            self.__class__._exporter_lock = asyncio.Lock()
+        self._exporter_lock = self.__class__._exporter_lock
 
     @web.authenticated
     @authorized
@@ -28,22 +33,22 @@ async def get(self):
         # Some exporters use the filesystem when instantiating, delegate that
         # to a thread so we don't block the event loop for it.
         exporters = await run_sync(base.get_export_names)
-        for exporter_name in exporters:
-            try:
-                async with LOCK:
+        async with self._exporter_lock:
+            for exporter_name in exporters:
+                try:
                     exporter_class = await run_sync(base.get_exporter, exporter_name)
-            except ValueError:
-                # I think the only way this will happen is if the entrypoint
-                # is uninstalled while this method is running
-                continue
-            # XXX: According to the docs, it looks like this should be set to None
-            # if the exporter shouldn't be exposed to the front-end and a friendly
-            # name if it should. However, none of the built-in exports have it defined.
-            # if not exporter_class.export_from_notebook:
-            #    continue
-            res[exporter_name] = {
-                "output_mimetype": exporter_class.output_mimetype,
-            }
+                except ValueError:
+                    # I think the only way this will happen is if the entrypoint
+                    # is uninstalled while this method is running
+                    continue
+                # XXX: According to the docs, it looks like this should be set to None
+                # if the exporter shouldn't be exposed to the front-end and a friendly
+                # name if it should. However, none of the built-in exports have it defined.
+                # if not exporter_class.export_from_notebook:
+                #    continue
+                res[exporter_name] = {
+                    "output_mimetype": exporter_class.output_mimetype,
+                }
 
         self.finish(json.dumps(res))
 

jupyter_server/services/sessions/sessionmanager.py

@@ -271,7 +271,7 @@ async def create_session(
     async def start_kernel_for_session(self, session_id, path, name, type, kernel_name):
         """Start a new kernel for a given session."""
         # allow contents manager to specify kernels cwd
-        kernel_path = self.contents_manager.get_kernel_path(path=path)
+        kernel_path = await ensure_async(self.contents_manager.get_kernel_path(path=path))
         kernel_id = await self.kernel_manager.start_kernel(
             path=kernel_path,
             kernel_name=kernel_name,

tests/services/contents/test_api.py

@@ -349,6 +349,10 @@ async def test_create_untitled(jp_fetch, contents, contents_dir, _check_created)
     r = await jp_fetch("api", "contents", path, method="POST", body=json.dumps({"ext": ".ipynb"}))
     _check_created(r, str(contents_dir), path, name, type="notebook")
 
+    name = "untitled"
+    r = await jp_fetch("api", "contents", path, method="POST", allow_nonstandard_methods=True)
+    _check_created(r, str(contents_dir), path, name=name, type="file")
+
 
 async def test_create_untitled_txt(jp_fetch, contents, contents_dir, _check_created):
     name = "untitled.txt"