Mercurial > p > roundup > code

annotate roundup/cgi/client.py @ 2806:845e87d5e3ba

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
translator objects now have the following search path: - selected locale messages in the tracker locale dir - selected locale messages in the system locale dir - english messages in the tracker locale dir - english messages in the system locale dir automatically compile .mo files if needed (found .po file and .mo is missing or .po mtime is greater that .mo mtime) removed support for python < 2.0. gettext module is now required. get_translation: removed 'domain' argument, added 'tracker_home' argument
author Alexander Smishlajev <a1s@users.sourceforge.net>
date Sat, 23 Oct 2004 14:03:34 +0000
parents 3adcdd5b9247
children 18c28d22b3b5
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
2800
3adcdd5b9247 argh. never commit without running the code first!!!
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2799
diff changeset
1 # $Id: client.py,v 1.190 2004-10-20 06:36:06 a1s Exp $
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
2
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
3 """WWW request handler (also used in the stand-alone server).
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
4 """
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
5 __docformat__ = 'restructuredtext'
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
6
1008
10ed4791f969 Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents: 1005
diff changeset
7 import os, os.path, cgi, StringIO, urlparse, re, traceback, mimetypes, urllib
2004
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1987
diff changeset
8 import binascii, Cookie, time, random, stat, rfc822
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
9 import codecs
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
10
2233
3d9bb1a052d1 fix random seeding for forking server
Richard Jones <richard@users.sourceforge.net>
parents: 2230
diff changeset
11
2004
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1987
diff changeset
12 from roundup import roundupdb, date, hyperdb, password
2557
ff02e9851592 translator object must be Roundup Translation Service...
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2514
diff changeset
13 from roundup.cgi import templating, cgitb, TranslationService
2004
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1987
diff changeset
14 from roundup.cgi.actions import *
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1987
diff changeset
15 from roundup.cgi.exceptions import *
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1987
diff changeset
16 from roundup.cgi.form_parser import FormParser
1799
071ea6fc803f Extracted duplicated mail-sending code...
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1798
diff changeset
17 from roundup.mailer import Mailer, MessageSendError
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
18
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
19 def initialiseSecurity(security):
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
20 '''Create some Permissions and Roles on the security object
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
21
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
22 This function is directly invoked by security.Security.__init__()
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
23 as a part of the Security object instantiation.
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
24 '''
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
25 p = security.addPermission(name="Web Access",
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
26 description="User may access the web interface")
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
27 security.addPermissionToRole('Admin', p)
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
28
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
29 # doing Role stuff through the web - make sure Admin can
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
30 p = security.addPermission(name="Web Roles",
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
31 description="User may manipulate user Roles through the web")
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
32 security.addPermissionToRole('Admin', p)
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
33
1684
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1656
diff changeset
34 # used to clean messages passed through CGI variables - HTML-escape any tag
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1656
diff changeset
35 # that isn't <a href="">, <i>, <b> and <br> (including XHTML variants) so
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1656
diff changeset
36 # that people can't pass through nasties like <script>, <iframe>, ...
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1656
diff changeset
37 CLEAN_MESSAGE_RE = r'(<(/?(.*?)(\s*href="[^"]")?\s*/?)>)'
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1656
diff changeset
38 def clean_message(message, mc=re.compile(CLEAN_MESSAGE_RE, re.I)):
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1656
diff changeset
39 return mc.sub(clean_message_callback, message)
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1656
diff changeset
40 def clean_message_callback(match, ok={'a':1,'i':1,'b':1,'br':1}):
1656
ee730d990989 fix cross-site-scripting bug
Richard Jones <richard@users.sourceforge.net>
parents: 1654
diff changeset
41 ''' Strip all non <a>,<i>,<b> and <br> tags from a string
ee730d990989 fix cross-site-scripting bug
Richard Jones <richard@users.sourceforge.net>
parents: 1654
diff changeset
42 '''
1684
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1656
diff changeset
43 if ok.has_key(match.group(3).lower()):
1656
ee730d990989 fix cross-site-scripting bug
Richard Jones <richard@users.sourceforge.net>
parents: 1654
diff changeset
44 return match.group(1)
ee730d990989 fix cross-site-scripting bug
Richard Jones <richard@users.sourceforge.net>
parents: 1654
diff changeset
45 return '&lt;%s&gt;'%match.group(2)
ee730d990989 fix cross-site-scripting bug
Richard Jones <richard@users.sourceforge.net>
parents: 1654
diff changeset
46
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
47 class Client:
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
48 '''Instantiate to handle one CGI request.
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
49
1244
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
50 See inner_main for request processing.
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
51
1244
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
52 Client attributes at instantiation:
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
53
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
54 - "path" is the PATH_INFO inside the instance (with no leading '/')
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
55 - "base" is the base URL for the instance
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
56 - "form" is the cgi form, an instance of FieldStorage from the standard
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
57 cgi module
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
58 - "additional_headers" is a dictionary of additional HTTP headers that
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
59 should be sent to the client
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
60 - "response_code" is the HTTP response code to send to the client
2557
ff02e9851592 translator object must be Roundup Translation Service...
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2514
diff changeset
61 - "translator" is TranslationService instance
1244
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
62
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
63 During the processing of a request, the following attributes are used:
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
64
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
65 - "error_message" holds a list of error messages
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
66 - "ok_message" holds a list of OK messages
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
67 - "session" is the current user session id
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
68 - "user" is the current user's name
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
69 - "userid" is the current user's id
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
70 - "template" is the current :template context
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
71 - "classname" is the current class context name
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
72 - "nodeid" is the current context item id
1244
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
73
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
74 User Identification:
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
75 If the user has no login cookie, then they are anonymous and are logged
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
76 in as that user. This typically gives them all Permissions assigned to the
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
77 Anonymous Role.
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
78
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
79 Once a user logs in, they are assigned a session. The Client instance
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
80 keeps the nodeid of the session as the "session" attribute.
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
81
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
82 Special form variables:
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
83 Note that in various places throughout this code, special form
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
84 variables of the form :<name> are used. The colon (":") part may
1436
2f6647cf5345 bugger, dropping support for "+" special char
Richard Jones <richard@users.sourceforge.net>
parents: 1435
diff changeset
85 actually be one of either ":" or "@".
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
86 '''
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
87
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
88 # charset used for data storage and form templates
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
89 # Note: must be in lower case for comparisons!
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
90 # XXX take this from instance.config?
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
91 STORAGE_CHARSET = 'utf-8'
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
92
1421
90bb11eb40dc oops, forgot the templating :)
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
93 #
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
94 # special form variables
1421
90bb11eb40dc oops, forgot the templating :)
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
95 #
1436
2f6647cf5345 bugger, dropping support for "+" special char
Richard Jones <richard@users.sourceforge.net>
parents: 1435
diff changeset
96 FV_TEMPLATE = re.compile(r'[@:]template')
2f6647cf5345 bugger, dropping support for "+" special char
Richard Jones <richard@users.sourceforge.net>
parents: 1435
diff changeset
97 FV_OK_MESSAGE = re.compile(r'[@:]ok_message')
2f6647cf5345 bugger, dropping support for "+" special char
Richard Jones <richard@users.sourceforge.net>
parents: 1435
diff changeset
98 FV_ERROR_MESSAGE = re.compile(r'[@:]error_message')
1421
90bb11eb40dc oops, forgot the templating :)
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
99
90bb11eb40dc oops, forgot the templating :)
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
100 # Note: index page stuff doesn't appear here:
90bb11eb40dc oops, forgot the templating :)
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
101 # columns, sort, sortdir, filter, group, groupdir, search_text,
90bb11eb40dc oops, forgot the templating :)
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
102 # pagesize, startwith
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
103
2467
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
104 def __init__(self, instance, request, env, form=None, translator=None):
2233
3d9bb1a052d1 fix random seeding for forking server
Richard Jones <richard@users.sourceforge.net>
parents: 2230
diff changeset
105 # re-seed the random number generator
3d9bb1a052d1 fix random seeding for forking server
Richard Jones <richard@users.sourceforge.net>
parents: 2230
diff changeset
106 random.seed()
2230
ca2664e095be disable forking server when os.fork() not available [SF#938586]
Richard Jones <richard@users.sourceforge.net>
parents: 2183
diff changeset
107 self.start = time.time()
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
108 self.instance = instance
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
109 self.request = request
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
110 self.env = env
2467
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
111 self.setTranslator(translator)
1799
071ea6fc803f Extracted duplicated mail-sending code...
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1798
diff changeset
112 self.mailer = Mailer(instance.config)
1004
5f12d3259f31 logout works better now
Richard Jones <richard@users.sourceforge.net>
parents: 1003
diff changeset
113
1157
26c8cb2162d7 fixed various URL / base URL issues
Richard Jones <richard@users.sourceforge.net>
parents: 1153
diff changeset
114 # save off the path
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
115 self.path = env['PATH_INFO']
1004
5f12d3259f31 logout works better now
Richard Jones <richard@users.sourceforge.net>
parents: 1003
diff changeset
116
1398
b3e1e9ab0500 fixed cookie path to use TRACKER_WEB [SF#667020]
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
117 # this is the base URL for this tracker
1157
26c8cb2162d7 fixed various URL / base URL issues
Richard Jones <richard@users.sourceforge.net>
parents: 1153
diff changeset
118 self.base = self.instance.config.TRACKER_WEB
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
119
2183
ac24a9c74cca be paranoid about TRACKER_WEB
Richard Jones <richard@users.sourceforge.net>
parents: 2137
diff changeset
120 # check the tracker_we setting
ac24a9c74cca be paranoid about TRACKER_WEB
Richard Jones <richard@users.sourceforge.net>
parents: 2137
diff changeset
121 if not self.base.endswith('/'):
ac24a9c74cca be paranoid about TRACKER_WEB
Richard Jones <richard@users.sourceforge.net>
parents: 2137
diff changeset
122 self.base = self.base + '/'
ac24a9c74cca be paranoid about TRACKER_WEB
Richard Jones <richard@users.sourceforge.net>
parents: 2137
diff changeset
123
1398
b3e1e9ab0500 fixed cookie path to use TRACKER_WEB [SF#667020]
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
124 # this is the "cookie path" for this tracker (ie. the path part of
b3e1e9ab0500 fixed cookie path to use TRACKER_WEB [SF#667020]
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
125 # the "base" url)
b3e1e9ab0500 fixed cookie path to use TRACKER_WEB [SF#667020]
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
126 self.cookie_path = urlparse.urlparse(self.base)[2]
1414
b4630d078c08 another attempt to fix cookie misbehaviour
Richard Jones <richard@users.sourceforge.net>
parents: 1409
diff changeset
127 self.cookie_name = 'roundup_session_' + re.sub('[^a-zA-Z]', '',
b4630d078c08 another attempt to fix cookie misbehaviour
Richard Jones <richard@users.sourceforge.net>
parents: 1409
diff changeset
128 self.instance.config.TRACKER_NAME)
1398
b3e1e9ab0500 fixed cookie path to use TRACKER_WEB [SF#667020]
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
129
1157
26c8cb2162d7 fixed various URL / base URL issues
Richard Jones <richard@users.sourceforge.net>
parents: 1153
diff changeset
130 # see if we need to re-parse the environment for the form (eg Zope)
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
131 if form is None:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
132 self.form = cgi.FieldStorage(environ=env)
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
133 else:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
134 self.form = form
1157
26c8cb2162d7 fixed various URL / base URL issues
Richard Jones <richard@users.sourceforge.net>
parents: 1153
diff changeset
135
26c8cb2162d7 fixed various URL / base URL issues
Richard Jones <richard@users.sourceforge.net>
parents: 1153
diff changeset
136 # turn debugging on/off
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
137 try:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
138 self.debug = int(env.get("ROUNDUP_DEBUG", 0))
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
139 except ValueError:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
140 # someone gave us a non-int debug level, turn it off
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
141 self.debug = 0
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
142
1157
26c8cb2162d7 fixed various URL / base URL issues
Richard Jones <richard@users.sourceforge.net>
parents: 1153
diff changeset
143 # flag to indicate that the HTTP headers have been sent
26c8cb2162d7 fixed various URL / base URL issues
Richard Jones <richard@users.sourceforge.net>
parents: 1153
diff changeset
144 self.headers_done = 0
26c8cb2162d7 fixed various URL / base URL issues
Richard Jones <richard@users.sourceforge.net>
parents: 1153
diff changeset
145
1120
c26471971d18 Exposed the Batch mechanism through the top-level "utils" variable.
Richard Jones <richard@users.sourceforge.net>
parents: 1103
diff changeset
146 # additional headers to send with the request - must be registered
c26471971d18 Exposed the Batch mechanism through the top-level "utils" variable.
Richard Jones <richard@users.sourceforge.net>
parents: 1103
diff changeset
147 # before the first write
c26471971d18 Exposed the Batch mechanism through the top-level "utils" variable.
Richard Jones <richard@users.sourceforge.net>
parents: 1103
diff changeset
148 self.additional_headers = {}
c26471971d18 Exposed the Batch mechanism through the top-level "utils" variable.
Richard Jones <richard@users.sourceforge.net>
parents: 1103
diff changeset
149 self.response_code = 200
c26471971d18 Exposed the Batch mechanism through the top-level "utils" variable.
Richard Jones <richard@users.sourceforge.net>
parents: 1103
diff changeset
150
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
151 # parse cookies (used in charset and session lookups)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
152 self.cookie = Cookie.SimpleCookie(self.env.get('HTTP_COOKIE', ''))
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
153
2467
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
154 def setTranslator(self, translator=None):
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
155 """Replace the translation engine
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
156
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
157 'translator'
2557
ff02e9851592 translator object must be Roundup Translation Service...
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2514
diff changeset
158 is TranslationService instance.
ff02e9851592 translator object must be Roundup Translation Service...
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2514
diff changeset
159 It must define methods 'translate' (TAL-compatible i18n),
ff02e9851592 translator object must be Roundup Translation Service...
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2514
diff changeset
160 'gettext' and 'ngettext' (gettext-compatible i18n).
2467
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
161
2557
ff02e9851592 translator object must be Roundup Translation Service...
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2514
diff changeset
162 If omitted, create default TranslationService.
2467
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
163 """
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
164 if translator is None:
2557
ff02e9851592 translator object must be Roundup Translation Service...
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2514
diff changeset
165 translator = TranslationService.get_translation()
2467
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
166 self.translator = translator
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
167 self._ = self.gettext = translator.gettext
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
168 self.ngettext = translator.ngettext
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
169
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
170 def main(self):
1133
36ec30d286ea Cleaned up CHANGES/TODO
Richard Jones <richard@users.sourceforge.net>
parents: 1130
diff changeset
171 ''' Wrap the real main in a try/finally so we always close off the db.
36ec30d286ea Cleaned up CHANGES/TODO
Richard Jones <richard@users.sourceforge.net>
parents: 1130
diff changeset
172 '''
36ec30d286ea Cleaned up CHANGES/TODO
Richard Jones <richard@users.sourceforge.net>
parents: 1130
diff changeset
173 try:
36ec30d286ea Cleaned up CHANGES/TODO
Richard Jones <richard@users.sourceforge.net>
parents: 1130
diff changeset
174 self.inner_main()
36ec30d286ea Cleaned up CHANGES/TODO
Richard Jones <richard@users.sourceforge.net>
parents: 1130
diff changeset
175 finally:
36ec30d286ea Cleaned up CHANGES/TODO
Richard Jones <richard@users.sourceforge.net>
parents: 1130
diff changeset
176 if hasattr(self, 'db'):
36ec30d286ea Cleaned up CHANGES/TODO
Richard Jones <richard@users.sourceforge.net>
parents: 1130
diff changeset
177 self.db.close()
36ec30d286ea Cleaned up CHANGES/TODO
Richard Jones <richard@users.sourceforge.net>
parents: 1130
diff changeset
178
36ec30d286ea Cleaned up CHANGES/TODO
Richard Jones <richard@users.sourceforge.net>
parents: 1130
diff changeset
179 def inner_main(self):
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
180 '''Process a request.
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
181
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
182 The most common requests are handled like so:
1054
3d8ea16347aa more explanatory docstring
Richard Jones <richard@users.sourceforge.net>
parents: 1053
diff changeset
183
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
184 1. figure out who we are, defaulting to the "anonymous" user
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
185 see determine_user
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
186 2. figure out what the request is for - the context
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
187 see determine_context
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
188 3. handle any requested action (item edit, search, ...)
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
189 see handle_action
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
190 4. render a template, resulting in HTML output
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
191
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
192 In some situations, exceptions occur:
1054
3d8ea16347aa more explanatory docstring
Richard Jones <richard@users.sourceforge.net>
parents: 1053
diff changeset
193
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
194 - HTTP Redirect (generally raised by an action)
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
195 - SendFile (generally raised by determine_context)
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
196 serve up a FileClass "content" property
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
197 - SendStaticFile (generally raised by determine_context)
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
198 serve up a file from the tracker "html" directory
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
199 - Unauthorised (generally raised by an action)
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
200 the action is cancelled, the request is rendered and an error
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
201 message is displayed indicating that permission was not
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
202 granted for the action to take place
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
203 - templating.Unauthorised (templating action not permitted)
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
204 raised by an attempted rendering of a template when the user
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
205 doesn't have permission
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
206 - NotFound (raised wherever it needs to be)
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
207 percolates up to the CGI interface that called the client
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
208 '''
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
209 self.ok_message = []
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
210 self.error_message = []
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
211 try:
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
212 self.determine_charset()
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
213
1697
c9f67f2f7ba7 don't open the database for static files
Richard Jones <richard@users.sourceforge.net>
parents: 1692
diff changeset
214 # figure out the context and desired content template
c9f67f2f7ba7 don't open the database for static files
Richard Jones <richard@users.sourceforge.net>
parents: 1692
diff changeset
215 # do this first so we don't authenticate for static files
c9f67f2f7ba7 don't open the database for static files
Richard Jones <richard@users.sourceforge.net>
parents: 1692
diff changeset
216 # Note: this method opens the database as "admin" in order to
c9f67f2f7ba7 don't open the database for static files
Richard Jones <richard@users.sourceforge.net>
parents: 1692
diff changeset
217 # perform context checks
c9f67f2f7ba7 don't open the database for static files
Richard Jones <richard@users.sourceforge.net>
parents: 1692
diff changeset
218 self.determine_context()
c9f67f2f7ba7 don't open the database for static files
Richard Jones <richard@users.sourceforge.net>
parents: 1692
diff changeset
219
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
220 # make sure we're identified (even anonymously)
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
221 self.determine_user()
1697
c9f67f2f7ba7 don't open the database for static files
Richard Jones <richard@users.sourceforge.net>
parents: 1692
diff changeset
222
1054
3d8ea16347aa more explanatory docstring
Richard Jones <richard@users.sourceforge.net>
parents: 1053
diff changeset
223 # possibly handle a form submit action (may change self.classname
3d8ea16347aa more explanatory docstring
Richard Jones <richard@users.sourceforge.net>
parents: 1053
diff changeset
224 # and self.template, and may also append error/ok_messages)
2045
d124af927369 Forward-porting of fixes from the maintenance branch.
Richard Jones <richard@users.sourceforge.net>
parents: 2032
diff changeset
225 html = self.handle_action()
d124af927369 Forward-porting of fixes from the maintenance branch.
Richard Jones <richard@users.sourceforge.net>
parents: 2032
diff changeset
226
d124af927369 Forward-porting of fixes from the maintenance branch.
Richard Jones <richard@users.sourceforge.net>
parents: 2032
diff changeset
227 if html:
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
228 self.write_html(html)
2045
d124af927369 Forward-porting of fixes from the maintenance branch.
Richard Jones <richard@users.sourceforge.net>
parents: 2032
diff changeset
229 return
1579
07a6b8587bc2 removed Pragma: no-cache...
Richard Jones <richard@users.sourceforge.net>
parents: 1562
diff changeset
230
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
231 # now render the page
1130
89bd02ffe4af tell clients/caches not to cache our dynamic bits
Richard Jones <richard@users.sourceforge.net>
parents: 1129
diff changeset
232 # we don't want clients caching our dynamic pages
89bd02ffe4af tell clients/caches not to cache our dynamic bits
Richard Jones <richard@users.sourceforge.net>
parents: 1129
diff changeset
233 self.additional_headers['Cache-Control'] = 'no-cache'
1579
07a6b8587bc2 removed Pragma: no-cache...
Richard Jones <richard@users.sourceforge.net>
parents: 1562
diff changeset
234 # Pragma: no-cache makes Mozilla and its ilk double-load all pages!!
07a6b8587bc2 removed Pragma: no-cache...
Richard Jones <richard@users.sourceforge.net>
parents: 1562
diff changeset
235 # self.additional_headers['Pragma'] = 'no-cache'
1552
68ef6deefcf1 cgi fixes
Richard Jones <richard@users.sourceforge.net>
parents: 1538
diff changeset
236
2799
9605965569b0 disallow caching of pages with error and/or ok messages.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2724
diff changeset
237 # pages with messages added expire right now
9605965569b0 disallow caching of pages with error and/or ok messages.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2724
diff changeset
238 # simple views may be cached for a small amount of time
9605965569b0 disallow caching of pages with error and/or ok messages.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2724
diff changeset
239 # TODO? make page expire time configurable
9605965569b0 disallow caching of pages with error and/or ok messages.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2724
diff changeset
240 if self.error_message or self.ok_message:
9605965569b0 disallow caching of pages with error and/or ok messages.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2724
diff changeset
241 date = time.time() - 1
9605965569b0 disallow caching of pages with error and/or ok messages.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2724
diff changeset
242 else:
9605965569b0 disallow caching of pages with error and/or ok messages.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2724
diff changeset
243 date = time.time() + 5
9605965569b0 disallow caching of pages with error and/or ok messages.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2724
diff changeset
244 self.additional_headers['Expires'] = rfc822.formatdate(date)
1130
89bd02ffe4af tell clients/caches not to cache our dynamic bits
Richard Jones <richard@users.sourceforge.net>
parents: 1129
diff changeset
245
1204
b862bbf2067a Replaced the content() callback ickiness with Page Template macro usage
Richard Jones <richard@users.sourceforge.net>
parents: 1196
diff changeset
246 # render the content
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
247 self.write_html(self.renderContext())
2230
ca2664e095be disable forking server when os.fork() not available [SF#938586]
Richard Jones <richard@users.sourceforge.net>
parents: 2183
diff changeset
248
2052
78e6a1e4984e forward-port from maint branch
Richard Jones <richard@users.sourceforge.net>
parents: 2046
diff changeset
249 except SeriousError, message:
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
250 self.write_html(str(message))
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
251 except Redirect, url:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
252 # let's redirect - if the url isn't None, then we need to do
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
253 # the headers, otherwise the headers have been set before the
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
254 # exception was raised
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
255 if url:
1120
c26471971d18 Exposed the Batch mechanism through the top-level "utils" variable.
Richard Jones <richard@users.sourceforge.net>
parents: 1103
diff changeset
256 self.additional_headers['Location'] = url
c26471971d18 Exposed the Batch mechanism through the top-level "utils" variable.
Richard Jones <richard@users.sourceforge.net>
parents: 1103
diff changeset
257 self.response_code = 302
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
258 self.write_html('Redirecting to <a href="%s">%s</a>'%(url, url))
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
259 except SendFile, designator:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
260 self.serve_file(designator)
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
261 except SendStaticFile, file:
1469
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
262 try:
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
263 self.serve_static_file(str(file))
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
264 except NotModified:
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
265 # send the 304 response
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
266 self.request.send_response(304)
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
267 self.request.end_headers()
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
268 except Unauthorised, message:
1977
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
269 # users may always see the front page
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
270 self.classname = self.nodeid = None
1467
378081f066cc registration is now a two-step process with confirmation from the
Richard Jones <richard@users.sourceforge.net>
parents: 1456
diff changeset
271 self.template = ''
1244
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
272 self.error_message.append(message)
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
273 self.write_html(self.renderContext())
1210
619ab5de5af0 [SF#613310] traceback on onexistant items
Richard Jones <richard@users.sourceforge.net>
parents: 1204
diff changeset
274 except NotFound:
619ab5de5af0 [SF#613310] traceback on onexistant items
Richard Jones <richard@users.sourceforge.net>
parents: 1204
diff changeset
275 # pass through
619ab5de5af0 [SF#613310] traceback on onexistant items
Richard Jones <richard@users.sourceforge.net>
parents: 1204
diff changeset
276 raise
1818
85fd3d0e7d81 Actually use FormError, so we can move the handling up to inner_main().
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1807
diff changeset
277 except FormError, e:
2467
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
278 self.error_message.append(self._('Form Error: ') + str(e))
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
279 self.write_html(self.renderContext())
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
280 except:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
281 # everything else
2565
89c5e8564dad passs the message translator to cgitb functions
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2557
diff changeset
282 self.write_html(cgitb.html(i18n=self.translator))
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
283
1372
3931614b1cce cleaning old unused sessions only once per hour, not on every cgi request
Andrey Lebedev <kedder@users.sourceforge.net>
parents: 1358
diff changeset
284 def clean_sessions(self):
1937
4c850112895b Some reformatting and fixing docstrings for emacs.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1936
diff changeset
285 """Age sessions, remove when they haven't been used for a week.
2032
5a7ec0c63095 fixes to some unit tests, and a cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2019
diff changeset
286
1937
4c850112895b Some reformatting and fixing docstrings for emacs.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1936
diff changeset
287 Do it only once an hour.
1477
ed725179953d Added password reset facility for forgotten passwords.
Richard Jones <richard@users.sourceforge.net>
parents: 1472
diff changeset
288
1937
4c850112895b Some reformatting and fixing docstrings for emacs.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1936
diff changeset
289 Note: also cleans One Time Keys, and other "session" based stuff.
4c850112895b Some reformatting and fixing docstrings for emacs.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1936
diff changeset
290 """
2082
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents: 2052
diff changeset
291 sessions = self.db.getSessionManager()
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents: 2052
diff changeset
292 last_clean = sessions.get('last_clean', 'last_use', 0)
1372
3931614b1cce cleaning old unused sessions only once per hour, not on every cgi request
Andrey Lebedev <kedder@users.sourceforge.net>
parents: 1358
diff changeset
293
2046
f913b6beac35 document and make easier the actions-returning-content idiom
Richard Jones <richard@users.sourceforge.net>
parents: 2045
diff changeset
294 # time to clean?
1372
3931614b1cce cleaning old unused sessions only once per hour, not on every cgi request
Andrey Lebedev <kedder@users.sourceforge.net>
parents: 1358
diff changeset
295 week = 60*60*24*7
3931614b1cce cleaning old unused sessions only once per hour, not on every cgi request
Andrey Lebedev <kedder@users.sourceforge.net>
parents: 1358
diff changeset
296 hour = 60*60
3931614b1cce cleaning old unused sessions only once per hour, not on every cgi request
Andrey Lebedev <kedder@users.sourceforge.net>
parents: 1358
diff changeset
297 now = time.time()
2046
f913b6beac35 document and make easier the actions-returning-content idiom
Richard Jones <richard@users.sourceforge.net>
parents: 2045
diff changeset
298 if now - last_clean < hour:
f913b6beac35 document and make easier the actions-returning-content idiom
Richard Jones <richard@users.sourceforge.net>
parents: 2045
diff changeset
299 return
f913b6beac35 document and make easier the actions-returning-content idiom
Richard Jones <richard@users.sourceforge.net>
parents: 2045
diff changeset
300
2082
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents: 2052
diff changeset
301 sessions.clean(now)
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents: 2052
diff changeset
302 self.db.getOTKManager().clean(now)
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents: 2052
diff changeset
303 sessions.set('last_clean', last_use=time.time())
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents: 2052
diff changeset
304 self.db.commit()
1372
3931614b1cce cleaning old unused sessions only once per hour, not on every cgi request
Andrey Lebedev <kedder@users.sourceforge.net>
parents: 1358
diff changeset
305
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
306 def determine_charset(self):
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
307 """Look for client charset in the form parameters or browser cookie.
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
308
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
309 If no charset requested by client, use storage charset (utf-8).
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
310
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
311 If the charset is found, and differs from the storage charset,
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
312 recode all form fields of type 'text/plain'
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
313 """
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
314 # default to storage charset
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
315 self.charset = self.STORAGE_CHARSET
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
316 # look for client charset
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
317 if self.form.has_key('@charset'):
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
318 charset = self.form['@charset'].value
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
319 elif self.cookie.has_key('roundup_charset'):
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
320 charset = self.cookie['roundup_charset'].value
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
321 else:
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
322 charset = None
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
323 if charset:
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
324 # make sure the charset is recognized
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
325 try:
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
326 codecs.lookup(charset)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
327 except LookupError:
2467
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
328 self.error_message.append(self._('Unrecognized charset: %r')
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
329 % charset)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
330 else:
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
331 self.charset = charset.lower()
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
332
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
333 # if client charset is different from the storage charset,
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
334 # recode form fields
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
335 # XXX this requires FieldStorage from Python library.
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
336 # mod_python FieldStorage is not supported!
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
337 if self.charset != self.STORAGE_CHARSET:
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
338 decoder = codecs.getdecoder(self.charset)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
339 encoder = codecs.getencoder(self.STORAGE_CHARSET)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
340 re_charref = re.compile('&#([0-9]+|x[0-9a-f]+);', re.IGNORECASE)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
341 def _decode_charref(matchobj):
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
342 num = matchobj.group(1)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
343 if num[0].lower() == 'x':
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
344 uc = int(num[1:], 16)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
345 else:
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
346 uc = int(num)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
347 return unichr(uc)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
348
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
349 for field_name in self.form.keys():
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
350 field = self.form[field_name]
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
351 if (field.type == 'text/plain') and not field.filename:
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
352 try:
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
353 value = decoder(field.value)[0]
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
354 except UnicodeError:
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
355 continue
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
356 value = re_charref.sub(_decode_charref, value)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
357 field.value = encoder(value)[0]
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
358
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
359 def determine_user(self):
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
360 ''' Determine who the user is
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
361 '''
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
362 # determine the uid to use
1724
bc4f0aec594e oops, we really do need a database
Richard Jones <richard@users.sourceforge.net>
parents: 1719
diff changeset
363 self.opendb('admin')
bc4f0aec594e oops, we really do need a database
Richard Jones <richard@users.sourceforge.net>
parents: 1719
diff changeset
364
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
365 # make sure we have the session Class
1372
3931614b1cce cleaning old unused sessions only once per hour, not on every cgi request
Andrey Lebedev <kedder@users.sourceforge.net>
parents: 1358
diff changeset
366 self.clean_sessions()
2082
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents: 2052
diff changeset
367 sessions = self.db.getSessionManager()
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
368
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
369 # first up, try the REMOTE_USER var (from HTTP Basic Auth handled
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
370 # by a front-end HTTP server)
2724
7b1c440dba92 fix lookup of REMOTE_USER [SF#1002923]
Richard Jones <richard@users.sourceforge.net>
parents: 2655
diff changeset
371 if self.env.has_key('REMOTE_USER'):
7b1c440dba92 fix lookup of REMOTE_USER [SF#1002923]
Richard Jones <richard@users.sourceforge.net>
parents: 2655
diff changeset
372 user = self.env['REMOTE_USER']
7b1c440dba92 fix lookup of REMOTE_USER [SF#1002923]
Richard Jones <richard@users.sourceforge.net>
parents: 2655
diff changeset
373 else:
7b1c440dba92 fix lookup of REMOTE_USER [SF#1002923]
Richard Jones <richard@users.sourceforge.net>
parents: 2655
diff changeset
374 user = 'anonymous'
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
375
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
376 # look up the user session cookie (may override the REMOTE_USER)
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
377 cookie = self.cookie
1414
b4630d078c08 another attempt to fix cookie misbehaviour
Richard Jones <richard@users.sourceforge.net>
parents: 1409
diff changeset
378 if (cookie.has_key(self.cookie_name) and
b4630d078c08 another attempt to fix cookie misbehaviour
Richard Jones <richard@users.sourceforge.net>
parents: 1409
diff changeset
379 cookie[self.cookie_name].value != 'deleted'):
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
380
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
381 # get the session key from the cookie
1414
b4630d078c08 another attempt to fix cookie misbehaviour
Richard Jones <richard@users.sourceforge.net>
parents: 1409
diff changeset
382 self.session = cookie[self.cookie_name].value
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
383 # get the user from the session
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
384 try:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
385 # update the lifetime datestamp
2046
f913b6beac35 document and make easier the actions-returning-content idiom
Richard Jones <richard@users.sourceforge.net>
parents: 2045
diff changeset
386 sessions.updateTimestamp(self.session)
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
387 user = sessions.get(self.session, 'user')
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
388 except KeyError:
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
389 # not valid, ignore id
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
390 pass
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
391
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
392 # sanity check on the user still being valid, getting the userid
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
393 # at the same time
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
394 try:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
395 self.userid = self.db.user.lookup(user)
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
396 except (KeyError, TypeError):
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
397 user = 'anonymous'
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
398
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
399 # make sure the anonymous user is valid if we're using it
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
400 if user == 'anonymous':
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
401 self.make_user_anonymous()
2649
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2638
diff changeset
402 if not self.db.security.hasPermission('Web Access', self.userid):
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2638
diff changeset
403 raise Unauthorised, self._("Anonymous users are not "
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2638
diff changeset
404 "allowed to use the web interface")
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
405 else:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
406 self.user = user
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
407
1003
f89b8d32291b Hack hack hack...
Richard Jones <richard@users.sourceforge.net>
parents: 1002
diff changeset
408 # reopen the database as the correct user
f89b8d32291b Hack hack hack...
Richard Jones <richard@users.sourceforge.net>
parents: 1002
diff changeset
409 self.opendb(self.user)
f89b8d32291b Hack hack hack...
Richard Jones <richard@users.sourceforge.net>
parents: 1002
diff changeset
410
1684
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1656
diff changeset
411 def determine_context(self, dre=re.compile(r'([^\d]+)(\d+)')):
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
412 """Determine the context of this page from the URL:
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
413
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
414 The URL path after the instance identifier is examined. The path
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
415 is generally only one entry long.
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
416
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
417 - if there is no path, then we are in the "home" context.
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
418 - if the path is "_file", then the additional path entry
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
419 specifies the filename of a static file we're to serve up
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
420 from the instance "html" directory. Raises a SendStaticFile
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
421 exception.(*)
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
422 - if there is something in the path (eg "issue"), it identifies
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
423 the tracker class we're to display.
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
424 - if the path is an item designator (eg "issue123"), then we're
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
425 to display a specific item.
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
426 - if the path starts with an item designator and is longer than
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
427 one entry, then we're assumed to be handling an item of a
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
428 FileClass, and the extra path information gives the filename
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
429 that the client is going to label the download with (ie
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
430 "file123/image.png" is nicer to download than "file123"). This
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
431 raises a SendFile exception.(*)
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
432
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
433 Both of the "*" types of contexts stop before we bother to
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
434 determine the template we're going to use. That's because they
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
435 don't actually use templates.
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
436
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
437 The template used is specified by the :template CGI variable,
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
438 which defaults to:
1053
b28393def972 more explanatory docsting
Richard Jones <richard@users.sourceforge.net>
parents: 1051
diff changeset
439
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
440 - only classname suplied: "index"
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
441 - full item designator supplied: "item"
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
442
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
443 We set:
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
444
1041
c28603c9f831 Class help and generic class editing done.
Richard Jones <richard@users.sourceforge.net>
parents: 1029
diff changeset
445 self.classname - the class to display, can be None
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
446
1041
c28603c9f831 Class help and generic class editing done.
Richard Jones <richard@users.sourceforge.net>
parents: 1029
diff changeset
447 self.template - the template to render the current context with
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
448
1041
c28603c9f831 Class help and generic class editing done.
Richard Jones <richard@users.sourceforge.net>
parents: 1029
diff changeset
449 self.nodeid - the nodeid of the class we're displaying
1937
4c850112895b Some reformatting and fixing docstrings for emacs.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1936
diff changeset
450 """
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
451 # default the optional variables
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
452 self.classname = None
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
453 self.nodeid = None
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
454
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
455 # see if a template or messages are specified
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
456 template_override = ok_message = error_message = None
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
457 for key in self.form.keys():
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
458 if self.FV_TEMPLATE.match(key):
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
459 template_override = self.form[key].value
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
460 elif self.FV_OK_MESSAGE.match(key):
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
461 ok_message = self.form[key].value
1684
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1656
diff changeset
462 ok_message = clean_message(ok_message)
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
463 elif self.FV_ERROR_MESSAGE.match(key):
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
464 error_message = self.form[key].value
1684
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1656
diff changeset
465 error_message = clean_message(error_message)
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
466
1977
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
467 # see if we were passed in a message
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
468 if ok_message:
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
469 self.ok_message.append(ok_message)
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
470 if error_message:
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
471 self.error_message.append(error_message)
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
472
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
473 # determine the classname and possibly nodeid
1157
26c8cb2162d7 fixed various URL / base URL issues
Richard Jones <richard@users.sourceforge.net>
parents: 1153
diff changeset
474 path = self.path.split('/')
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
475 if not path or path[0] in ('', 'home', 'index'):
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
476 if template_override is not None:
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
477 self.template = template_override
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
478 else:
1041
c28603c9f831 Class help and generic class editing done.
Richard Jones <richard@users.sourceforge.net>
parents: 1029
diff changeset
479 self.template = ''
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
480 return
1911
f5c804379c85 fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents: 1905
diff changeset
481 elif path[0] in ('_file', '@@file'):
1427
37e712e77a99 trackers' templates directory can contain subdirectories with static files
Andrey Lebedev <kedder@users.sourceforge.net>
parents: 1426
diff changeset
482 raise SendStaticFile, os.path.join(*path[1:])
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
483 else:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
484 self.classname = path[0]
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
485 if len(path) > 1:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
486 # send the file identified by the designator in path[0]
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
487 raise SendFile, path[0]
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
488
1697
c9f67f2f7ba7 don't open the database for static files
Richard Jones <richard@users.sourceforge.net>
parents: 1692
diff changeset
489 # we need the db for further context stuff - open it as admin
c9f67f2f7ba7 don't open the database for static files
Richard Jones <richard@users.sourceforge.net>
parents: 1692
diff changeset
490 self.opendb('admin')
c9f67f2f7ba7 don't open the database for static files
Richard Jones <richard@users.sourceforge.net>
parents: 1692
diff changeset
491
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
492 # see if we got a designator
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
493 m = dre.match(self.classname)
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
494 if m:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
495 self.classname = m.group(1)
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
496 self.nodeid = m.group(2)
1153
0455eccad866 raise not found earlier, where it makes more sense to the user
Richard Jones <richard@users.sourceforge.net>
parents: 1152
diff changeset
497 if not self.db.getclass(self.classname).hasnode(self.nodeid):
0455eccad866 raise not found earlier, where it makes more sense to the user
Richard Jones <richard@users.sourceforge.net>
parents: 1152
diff changeset
498 raise NotFound, '%s/%s'%(self.classname, self.nodeid)
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
499 # with a designator, we default to item view
1041
c28603c9f831 Class help and generic class editing done.
Richard Jones <richard@users.sourceforge.net>
parents: 1029
diff changeset
500 self.template = 'item'
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
501 else:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
502 # with only a class, we default to index view
1041
c28603c9f831 Class help and generic class editing done.
Richard Jones <richard@users.sourceforge.net>
parents: 1029
diff changeset
503 self.template = 'index'
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
504
1288
ad8de51d7cd5 handle "classname" URL path errors cleaner (generate a 404)
Richard Jones <richard@users.sourceforge.net>
parents: 1277
diff changeset
505 # make sure the classname is valid
ad8de51d7cd5 handle "classname" URL path errors cleaner (generate a 404)
Richard Jones <richard@users.sourceforge.net>
parents: 1277
diff changeset
506 try:
ad8de51d7cd5 handle "classname" URL path errors cleaner (generate a 404)
Richard Jones <richard@users.sourceforge.net>
parents: 1277
diff changeset
507 self.db.getclass(self.classname)
ad8de51d7cd5 handle "classname" URL path errors cleaner (generate a 404)
Richard Jones <richard@users.sourceforge.net>
parents: 1277
diff changeset
508 except KeyError:
ad8de51d7cd5 handle "classname" URL path errors cleaner (generate a 404)
Richard Jones <richard@users.sourceforge.net>
parents: 1277
diff changeset
509 raise NotFound, self.classname
ad8de51d7cd5 handle "classname" URL path errors cleaner (generate a 404)
Richard Jones <richard@users.sourceforge.net>
parents: 1277
diff changeset
510
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
511 # see if we have a template override
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
512 if template_override is not None:
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
513 self.template = template_override
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
514
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
515 def serve_file(self, designator, dre=re.compile(r'([^\d]+)(\d+)')):
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
516 ''' Serve the file from the content property of the designated item.
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
517 '''
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
518 m = dre.match(str(designator))
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
519 if not m:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
520 raise NotFound, str(designator)
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
521 classname, nodeid = m.group(1), m.group(2)
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
522
1742
2223e184f9d2 fix file downloading
Richard Jones <richard@users.sourceforge.net>
parents: 1737
diff changeset
523 self.opendb('admin')
1967
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
524 klass = self.db.getclass(classname)
1946
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
525
1967
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
526 # make sure we have the appropriate properties
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
527 props = klass.getprops()
1977
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
528 if not props.has_key('type'):
1967
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
529 raise NotFound, designator
1977
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
530 if not props.has_key('content'):
1967
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
531 raise NotFound, designator
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
532
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
533 mime_type = klass.get(nodeid, 'type')
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
534 content = klass.get(nodeid, 'content')
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
535 lmt = klass.get(nodeid, 'activity').timestamp()
1946
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
536
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
537 self._serve_file(lmt, mime_type, content)
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
538
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
539 def serve_static_file(self, file):
1946
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
540 ''' Serve up the file named from the templates dir
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
541 '''
2366
1d46cd2f83f6 fix security hole in serve_static_file
Richard Jones <richard@users.sourceforge.net>
parents: 2279
diff changeset
542 # figure the filename - ensure the load doesn't try to poke
1d46cd2f83f6 fix security hole in serve_static_file
Richard Jones <richard@users.sourceforge.net>
parents: 2279
diff changeset
543 # outside of the static files dir
1d46cd2f83f6 fix security hole in serve_static_file
Richard Jones <richard@users.sourceforge.net>
parents: 2279
diff changeset
544 prefix = getattr(self.instance.config, 'STATIC_FILES',
1d46cd2f83f6 fix security hole in serve_static_file
Richard Jones <richard@users.sourceforge.net>
parents: 2279
diff changeset
545 self.instance.config.TEMPLATES)
2655
edaa8ba86bd0 fix static file path normalisation in security check (thanks David Linke)
Richard Jones <richard@users.sourceforge.net>
parents: 2649
diff changeset
546
edaa8ba86bd0 fix static file path normalisation in security check (thanks David Linke)
Richard Jones <richard@users.sourceforge.net>
parents: 2649
diff changeset
547 # normalise the prefix and filename for the startswith comparison
edaa8ba86bd0 fix static file path normalisation in security check (thanks David Linke)
Richard Jones <richard@users.sourceforge.net>
parents: 2649
diff changeset
548 prefix = os.path.normpath(prefix)
2366
1d46cd2f83f6 fix security hole in serve_static_file
Richard Jones <richard@users.sourceforge.net>
parents: 2279
diff changeset
549 filename = os.path.normpath(os.path.join(prefix, file))
1d46cd2f83f6 fix security hole in serve_static_file
Richard Jones <richard@users.sourceforge.net>
parents: 2279
diff changeset
550 if not filename.startswith(prefix):
1d46cd2f83f6 fix security hole in serve_static_file
Richard Jones <richard@users.sourceforge.net>
parents: 2279
diff changeset
551 raise NotFound, file
1946
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
552
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
553 # last-modified time
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
554 lmt = os.stat(filename)[stat.ST_MTIME]
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
555
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
556 # detemine meta-type
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
557 file = str(file)
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
558 mime_type = mimetypes.guess_type(file)[0]
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
559 if not mime_type:
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
560 if file.endswith('.css'):
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
561 mime_type = 'text/css'
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
562 else:
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
563 mime_type = 'text/plain'
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
564
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
565 # snarf the content
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
566 f = open(filename, 'rb')
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
567 try:
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
568 content = f.read()
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
569 finally:
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
570 f.close()
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
571
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
572 self._serve_file(lmt, mime_type, content)
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
573
2246
9db7d2842222 fixed static file serving
Richard Jones <richard@users.sourceforge.net>
parents: 2244
diff changeset
574 def _serve_file(self, lmt, mime_type, content):
1946
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
575 ''' guts of serve_file() and serve_static_file()
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
576 '''
1498
203f6a154b30 even better if-modified-since handling for cgi-bin
Andrey Lebedev <kedder@users.sourceforge.net>
parents: 1497
diff changeset
577 ims = None
1469
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
578 # see if there's an if-modified-since...
1497
2704d8438823 better if-modified-since handling for cgi-bin
Richard Jones <richard@users.sourceforge.net>
parents: 1477
diff changeset
579 if hasattr(self.request, 'headers'):
2704d8438823 better if-modified-since handling for cgi-bin
Richard Jones <richard@users.sourceforge.net>
parents: 1477
diff changeset
580 ims = self.request.headers.getheader('if-modified-since')
2704d8438823 better if-modified-since handling for cgi-bin
Richard Jones <richard@users.sourceforge.net>
parents: 1477
diff changeset
581 elif self.env.has_key('HTTP_IF_MODIFIED_SINCE'):
2704d8438823 better if-modified-since handling for cgi-bin
Richard Jones <richard@users.sourceforge.net>
parents: 1477
diff changeset
582 # cgi will put the header in the env var
1469
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
583 ims = self.env['HTTP_IF_MODIFIED_SINCE']
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
584 if ims:
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
585 ims = rfc822.parsedate(ims)[:6]
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
586 lmtt = time.gmtime(lmt)[:6]
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
587 if lmtt <= ims:
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
588 raise NotModified
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
589
1946
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
590 # spit out headers
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
591 self.additional_headers['Content-Type'] = mime_type
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
592 self.additional_headers['Content-Length'] = len(content)
2246
9db7d2842222 fixed static file serving
Richard Jones <richard@users.sourceforge.net>
parents: 2244
diff changeset
593 lmt = rfc822.formatdate(lmt)
1946
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
594 self.additional_headers['Last-Modifed'] = lmt
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
595 self.write(content)
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
596
1204
b862bbf2067a Replaced the content() callback ickiness with Page Template macro usage
Richard Jones <richard@users.sourceforge.net>
parents: 1196
diff changeset
597 def renderContext(self):
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
598 ''' Return a PageTemplate for the named page
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
599 '''
1204
b862bbf2067a Replaced the content() callback ickiness with Page Template macro usage
Richard Jones <richard@users.sourceforge.net>
parents: 1196
diff changeset
600 name = self.classname
b862bbf2067a Replaced the content() callback ickiness with Page Template macro usage
Richard Jones <richard@users.sourceforge.net>
parents: 1196
diff changeset
601 extension = self.template
1977
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
602 pt = templating.Templates(self.instance.config.TEMPLATES).get(name,
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
603 extension)
1204
b862bbf2067a Replaced the content() callback ickiness with Page Template macro usage
Richard Jones <richard@users.sourceforge.net>
parents: 1196
diff changeset
604
1103
db787cef1385 handled some XXXs
Richard Jones <richard@users.sourceforge.net>
parents: 1096
diff changeset
605 # catch errors so we can handle PT rendering errors more nicely
1204
b862bbf2067a Replaced the content() callback ickiness with Page Template macro usage
Richard Jones <richard@users.sourceforge.net>
parents: 1196
diff changeset
606 args = {
b862bbf2067a Replaced the content() callback ickiness with Page Template macro usage
Richard Jones <richard@users.sourceforge.net>
parents: 1196
diff changeset
607 'ok_message': self.ok_message,
b862bbf2067a Replaced the content() callback ickiness with Page Template macro usage
Richard Jones <richard@users.sourceforge.net>
parents: 1196
diff changeset
608 'error_message': self.error_message
b862bbf2067a Replaced the content() callback ickiness with Page Template macro usage
Richard Jones <richard@users.sourceforge.net>
parents: 1196
diff changeset
609 }
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
610 try:
1016
d6c13142e7b9 Keep a cache of compiled PageTemplates.
Richard Jones <richard@users.sourceforge.net>
parents: 1008
diff changeset
611 # let the template render figure stuff out
1967
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
612 result = pt.render(self, None, None, **args)
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
613 self.additional_headers['Content-Type'] = pt.content_type
2230
ca2664e095be disable forking server when os.fork() not available [SF#938586]
Richard Jones <richard@users.sourceforge.net>
parents: 2183
diff changeset
614 if os.environ.get('CGI_SHOW_TIMING', ''):
2237
f624fc20f8fe added capturing of stats
Richard Jones <richard@users.sourceforge.net>
parents: 2233
diff changeset
615 s = '<p>Time elapsed: %fs</p>'%(time.time()-self.start)
f624fc20f8fe added capturing of stats
Richard Jones <richard@users.sourceforge.net>
parents: 2233
diff changeset
616 if hasattr(self.db, 'stats'):
f624fc20f8fe added capturing of stats
Richard Jones <richard@users.sourceforge.net>
parents: 2233
diff changeset
617 s += '''<p>Cache hits: %(cache_hits)d,
f624fc20f8fe added capturing of stats
Richard Jones <richard@users.sourceforge.net>
parents: 2233
diff changeset
618 misses %(cache_misses)d.
f624fc20f8fe added capturing of stats
Richard Jones <richard@users.sourceforge.net>
parents: 2233
diff changeset
619 Loading items: %(get_items)f secs.
f624fc20f8fe added capturing of stats
Richard Jones <richard@users.sourceforge.net>
parents: 2233
diff changeset
620 Filtering: %(filtering)f secs.
f624fc20f8fe added capturing of stats
Richard Jones <richard@users.sourceforge.net>
parents: 2233
diff changeset
621 </p>'''%self.db.stats
f624fc20f8fe added capturing of stats
Richard Jones <richard@users.sourceforge.net>
parents: 2233
diff changeset
622 s += '</body>'
2230
ca2664e095be disable forking server when os.fork() not available [SF#938586]
Richard Jones <richard@users.sourceforge.net>
parents: 2183
diff changeset
623 result = result.replace('</body>', s)
1967
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
624 return result
1977
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
625 except templating.NoTemplate, message:
1068
665730c27d29 nicer template absence error
Richard Jones <richard@users.sourceforge.net>
parents: 1065
diff changeset
626 return '<strong>%s</strong>'%message
1977
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
627 except templating.Unauthorised, message:
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
628 raise Unauthorised, str(message)
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
629 except:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
630 # everything else
2565
89c5e8564dad passs the message translator to cgitb functions
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2557
diff changeset
631 return cgitb.pt_html(i18n=self.translator)
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
632
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
633 # these are the actions that are available
1151
7e0024954954 making it easier to add new actions, and more docco
Richard Jones <richard@users.sourceforge.net>
parents: 1144
diff changeset
634 actions = (
2112
b86f0627b07c added CSV download of index / search results
Richard Jones <richard@users.sourceforge.net>
parents: 2107
diff changeset
635 ('edit', EditItemAction),
b86f0627b07c added CSV download of index / search results
Richard Jones <richard@users.sourceforge.net>
parents: 2107
diff changeset
636 ('editcsv', EditCSVAction),
b86f0627b07c added CSV download of index / search results
Richard Jones <richard@users.sourceforge.net>
parents: 2107
diff changeset
637 ('new', NewItemAction),
b86f0627b07c added CSV download of index / search results
Richard Jones <richard@users.sourceforge.net>
parents: 2107
diff changeset
638 ('register', RegisterAction),
b86f0627b07c added CSV download of index / search results
Richard Jones <richard@users.sourceforge.net>
parents: 2107
diff changeset
639 ('confrego', ConfRegoAction),
b86f0627b07c added CSV download of index / search results
Richard Jones <richard@users.sourceforge.net>
parents: 2107
diff changeset
640 ('passrst', PassResetAction),
b86f0627b07c added CSV download of index / search results
Richard Jones <richard@users.sourceforge.net>
parents: 2107
diff changeset
641 ('login', LoginAction),
b86f0627b07c added CSV download of index / search results
Richard Jones <richard@users.sourceforge.net>
parents: 2107
diff changeset
642 ('logout', LogoutAction),
b86f0627b07c added CSV download of index / search results
Richard Jones <richard@users.sourceforge.net>
parents: 2107
diff changeset
643 ('search', SearchAction),
b86f0627b07c added CSV download of index / search results
Richard Jones <richard@users.sourceforge.net>
parents: 2107
diff changeset
644 ('retire', RetireAction),
b86f0627b07c added CSV download of index / search results
Richard Jones <richard@users.sourceforge.net>
parents: 2107
diff changeset
645 ('show', ShowAction),
b86f0627b07c added CSV download of index / search results
Richard Jones <richard@users.sourceforge.net>
parents: 2107
diff changeset
646 ('export_csv', ExportCSVAction),
1151
7e0024954954 making it easier to add new actions, and more docco
Richard Jones <richard@users.sourceforge.net>
parents: 1144
diff changeset
647 )
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
648 def handle_action(self):
1467
378081f066cc registration is now a two-step process with confirmation from the
Richard Jones <richard@users.sourceforge.net>
parents: 1456
diff changeset
649 ''' Determine whether there should be an Action called.
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
650
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
651 The action is defined by the form variable :action which
1477
ed725179953d Added password reset facility for forgotten passwords.
Richard Jones <richard@users.sourceforge.net>
parents: 1472
diff changeset
652 identifies the method on this object to call. The actions
ed725179953d Added password reset facility for forgotten passwords.
Richard Jones <richard@users.sourceforge.net>
parents: 1472
diff changeset
653 are defined in the "actions" sequence on this class.
2045
d124af927369 Forward-porting of fixes from the maintenance branch.
Richard Jones <richard@users.sourceforge.net>
parents: 2032
diff changeset
654
d124af927369 Forward-porting of fixes from the maintenance branch.
Richard Jones <richard@users.sourceforge.net>
parents: 2032
diff changeset
655 Actions may return a page (by default HTML) to return to the
d124af927369 Forward-porting of fixes from the maintenance branch.
Richard Jones <richard@users.sourceforge.net>
parents: 2032
diff changeset
656 user, bypassing the usual template rendering.
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
657 '''
1467
378081f066cc registration is now a two-step process with confirmation from the
Richard Jones <richard@users.sourceforge.net>
parents: 1456
diff changeset
658 if self.form.has_key(':action'):
378081f066cc registration is now a two-step process with confirmation from the
Richard Jones <richard@users.sourceforge.net>
parents: 1456
diff changeset
659 action = self.form[':action'].value.lower()
378081f066cc registration is now a two-step process with confirmation from the
Richard Jones <richard@users.sourceforge.net>
parents: 1456
diff changeset
660 elif self.form.has_key('@action'):
378081f066cc registration is now a two-step process with confirmation from the
Richard Jones <richard@users.sourceforge.net>
parents: 1456
diff changeset
661 action = self.form['@action'].value.lower()
378081f066cc registration is now a two-step process with confirmation from the
Richard Jones <richard@users.sourceforge.net>
parents: 1456
diff changeset
662 else:
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
663 return None
2638
18e86941c950 Load up extensions in the tracker "extensions" directory.
Richard Jones <richard@users.sourceforge.net>
parents: 2592
diff changeset
664
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
665 try:
2638
18e86941c950 Load up extensions in the tracker "extensions" directory.
Richard Jones <richard@users.sourceforge.net>
parents: 2592
diff changeset
666 if (hasattr(self.instance, 'cgi_actions') and
18e86941c950 Load up extensions in the tracker "extensions" directory.
Richard Jones <richard@users.sourceforge.net>
parents: 2592
diff changeset
667 self.instance.cgi_actions.has_key(action)):
18e86941c950 Load up extensions in the tracker "extensions" directory.
Richard Jones <richard@users.sourceforge.net>
parents: 2592
diff changeset
668 # tracker-defined action
18e86941c950 Load up extensions in the tracker "extensions" directory.
Richard Jones <richard@users.sourceforge.net>
parents: 2592
diff changeset
669 action_klass = self.instance.cgi_actions[action]
1151
7e0024954954 making it easier to add new actions, and more docco
Richard Jones <richard@users.sourceforge.net>
parents: 1144
diff changeset
670 else:
2638
18e86941c950 Load up extensions in the tracker "extensions" directory.
Richard Jones <richard@users.sourceforge.net>
parents: 2592
diff changeset
671 # go with a default
18e86941c950 Load up extensions in the tracker "extensions" directory.
Richard Jones <richard@users.sourceforge.net>
parents: 2592
diff changeset
672 for name, action_klass in self.actions:
18e86941c950 Load up extensions in the tracker "extensions" directory.
Richard Jones <richard@users.sourceforge.net>
parents: 2592
diff changeset
673 if name == action:
18e86941c950 Load up extensions in the tracker "extensions" directory.
Richard Jones <richard@users.sourceforge.net>
parents: 2592
diff changeset
674 break
18e86941c950 Load up extensions in the tracker "extensions" directory.
Richard Jones <richard@users.sourceforge.net>
parents: 2592
diff changeset
675 else:
18e86941c950 Load up extensions in the tracker "extensions" directory.
Richard Jones <richard@users.sourceforge.net>
parents: 2592
diff changeset
676 raise ValueError, 'No such action "%s"'%action
2019
8fab5d394f22 Call actions in a different way so we won't hide any bad TypeErrors.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 2018
diff changeset
677
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
678 # call the mapped action
2019
8fab5d394f22 Call actions in a different way so we won't hide any bad TypeErrors.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 2018
diff changeset
679 if isinstance(action_klass, type('')):
8fab5d394f22 Call actions in a different way so we won't hide any bad TypeErrors.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 2018
diff changeset
680 # old way of specifying actions
2045
d124af927369 Forward-porting of fixes from the maintenance branch.
Richard Jones <richard@users.sourceforge.net>
parents: 2032
diff changeset
681 return getattr(self, action_klass)()
2019
8fab5d394f22 Call actions in a different way so we won't hide any bad TypeErrors.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 2018
diff changeset
682 else:
2045
d124af927369 Forward-porting of fixes from the maintenance branch.
Richard Jones <richard@users.sourceforge.net>
parents: 2032
diff changeset
683 return action_klass(self).execute()
2032
5a7ec0c63095 fixes to some unit tests, and a cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2019
diff changeset
684
2004
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1987
diff changeset
685 except ValueError, err:
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1987
diff changeset
686 self.error_message.append(str(err))
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
687
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
688 def write(self, content):
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
689 if not self.headers_done:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
690 self.header()
2592
5a8d9465827e implement the HTTP HEAD command [SF#992544]
Richard Jones <richard@users.sourceforge.net>
parents: 2565
diff changeset
691 if self.env['REQUEST_METHOD'] != 'HEAD':
5a8d9465827e implement the HTTP HEAD command [SF#992544]
Richard Jones <richard@users.sourceforge.net>
parents: 2565
diff changeset
692 self.request.wfile.write(content)
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
693
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
694 def write_html(self, content):
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
695 if not self.headers_done:
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
696 # at this point, we are sure about Content-Type
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
697 self.additional_headers['Content-Type'] = \
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
698 'text/html; charset=%s' % self.charset
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
699 # set the charset cookie
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
700 # Note: we want to preserve the session cookie
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
701 # set by LoginAction or ConfRegoAction.
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
702 # i think that's ok: user does not perform
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
703 # two actions (login and charset toggle) simultaneously.
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
704 if not self.additional_headers.has_key('Set-Cookie'):
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
705 # the charset is remembered for a year
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
706 expire = Cookie._getdate(86400*365)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
707 self.additional_headers['Set-Cookie'] = \
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
708 'roundup_charset=%s; expires=%s; Path=%s;' % (
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
709 self.charset, expire, self.cookie_path)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
710 self.header()
2592
5a8d9465827e implement the HTTP HEAD command [SF#992544]
Richard Jones <richard@users.sourceforge.net>
parents: 2565
diff changeset
711
5a8d9465827e implement the HTTP HEAD command [SF#992544]
Richard Jones <richard@users.sourceforge.net>
parents: 2565
diff changeset
712 if self.env['REQUEST_METHOD'] == 'HEAD':
5a8d9465827e implement the HTTP HEAD command [SF#992544]
Richard Jones <richard@users.sourceforge.net>
parents: 2565
diff changeset
713 # client doesn't care about content
5a8d9465827e implement the HTTP HEAD command [SF#992544]
Richard Jones <richard@users.sourceforge.net>
parents: 2565
diff changeset
714 return
5a8d9465827e implement the HTTP HEAD command [SF#992544]
Richard Jones <richard@users.sourceforge.net>
parents: 2565
diff changeset
715
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
716 if self.charset != self.STORAGE_CHARSET:
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
717 # recode output
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
718 content = content.decode(self.STORAGE_CHARSET, 'replace')
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
719 content = content.encode(self.charset, 'xmlcharrefreplace')
2592
5a8d9465827e implement the HTTP HEAD command [SF#992544]
Richard Jones <richard@users.sourceforge.net>
parents: 2565
diff changeset
720
5a8d9465827e implement the HTTP HEAD command [SF#992544]
Richard Jones <richard@users.sourceforge.net>
parents: 2565
diff changeset
721 # and write
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
722 self.request.wfile.write(content)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
723
2046
f913b6beac35 document and make easier the actions-returning-content idiom
Richard Jones <richard@users.sourceforge.net>
parents: 2045
diff changeset
724 def setHeader(self, header, value):
f913b6beac35 document and make easier the actions-returning-content idiom
Richard Jones <richard@users.sourceforge.net>
parents: 2045
diff changeset
725 '''Override a header to be returned to the user's browser.
f913b6beac35 document and make easier the actions-returning-content idiom
Richard Jones <richard@users.sourceforge.net>
parents: 2045
diff changeset
726 '''
f913b6beac35 document and make easier the actions-returning-content idiom
Richard Jones <richard@users.sourceforge.net>
parents: 2045
diff changeset
727 self.additional_headers[header] = value
f913b6beac35 document and make easier the actions-returning-content idiom
Richard Jones <richard@users.sourceforge.net>
parents: 2045
diff changeset
728
1120
c26471971d18 Exposed the Batch mechanism through the top-level "utils" variable.
Richard Jones <richard@users.sourceforge.net>
parents: 1103
diff changeset
729 def header(self, headers=None, response=None):
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
730 '''Put up the appropriate header.
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
731 '''
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
732 if headers is None:
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
733 headers = {'Content-Type':'text/html; charset=utf-8'}
1120
c26471971d18 Exposed the Batch mechanism through the top-level "utils" variable.
Richard Jones <richard@users.sourceforge.net>
parents: 1103
diff changeset
734 if response is None:
c26471971d18 Exposed the Batch mechanism through the top-level "utils" variable.
Richard Jones <richard@users.sourceforge.net>
parents: 1103
diff changeset
735 response = self.response_code
1130
89bd02ffe4af tell clients/caches not to cache our dynamic bits
Richard Jones <richard@users.sourceforge.net>
parents: 1129
diff changeset
736
89bd02ffe4af tell clients/caches not to cache our dynamic bits
Richard Jones <richard@users.sourceforge.net>
parents: 1129
diff changeset
737 # update with additional info
1120
c26471971d18 Exposed the Batch mechanism through the top-level "utils" variable.
Richard Jones <richard@users.sourceforge.net>
parents: 1103
diff changeset
738 headers.update(self.additional_headers)
1130
89bd02ffe4af tell clients/caches not to cache our dynamic bits
Richard Jones <richard@users.sourceforge.net>
parents: 1129
diff changeset
739
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
740 if headers.get('Content-Type', 'text/html') == 'text/html':
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
741 headers['Content-Type'] = 'text/html; charset=utf-8'
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
742 self.request.send_response(response)
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
743 for entry in headers.items():
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
744 self.request.send_header(*entry)
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
745 self.request.end_headers()
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
746 self.headers_done = 1
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
747 if self.debug:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
748 self.headers_sent = headers
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
749
1235
7441653e5330 added hook for external password validation, and some more docco
Richard Jones <richard@users.sourceforge.net>
parents: 1225
diff changeset
750 def set_cookie(self, user):
1937
4c850112895b Some reformatting and fixing docstrings for emacs.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1936
diff changeset
751 """Set up a session cookie for the user.
4c850112895b Some reformatting and fixing docstrings for emacs.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1936
diff changeset
752
4c850112895b Some reformatting and fixing docstrings for emacs.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1936
diff changeset
753 Also store away the user's login info against the session.
4c850112895b Some reformatting and fixing docstrings for emacs.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1936
diff changeset
754 """
2233
3d9bb1a052d1 fix random seeding for forking server
Richard Jones <richard@users.sourceforge.net>
parents: 2230
diff changeset
755 sessions = self.db.getSessionManager()
3d9bb1a052d1 fix random seeding for forking server
Richard Jones <richard@users.sourceforge.net>
parents: 2230
diff changeset
756
2244
ac4f295499a4 fixed journal marshalling in RDBMS backends [SF#943627]
Richard Jones <richard@users.sourceforge.net>
parents: 2237
diff changeset
757 # generate a unique session key
ac4f295499a4 fixed journal marshalling in RDBMS backends [SF#943627]
Richard Jones <richard@users.sourceforge.net>
parents: 2237
diff changeset
758 while 1:
2233
3d9bb1a052d1 fix random seeding for forking server
Richard Jones <richard@users.sourceforge.net>
parents: 2230
diff changeset
759 s = '%s%s'%(time.time(), random.random())
2244
ac4f295499a4 fixed journal marshalling in RDBMS backends [SF#943627]
Richard Jones <richard@users.sourceforge.net>
parents: 2237
diff changeset
760 s = binascii.b2a_base64(s).strip()
ac4f295499a4 fixed journal marshalling in RDBMS backends [SF#943627]
Richard Jones <richard@users.sourceforge.net>
parents: 2237
diff changeset
761 if not sessions.exists(s):
ac4f295499a4 fixed journal marshalling in RDBMS backends [SF#943627]
Richard Jones <richard@users.sourceforge.net>
parents: 2237
diff changeset
762 break
ac4f295499a4 fixed journal marshalling in RDBMS backends [SF#943627]
Richard Jones <richard@users.sourceforge.net>
parents: 2237
diff changeset
763 self.session = s
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
764
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
765 # clean up the base64
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
766 if self.session[-1] == '=':
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
767 if self.session[-2] == '=':
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
768 self.session = self.session[:-2]
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
769 else:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
770 self.session = self.session[:-1]
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
771
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
772 # insert the session in the sessiondb
2082
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents: 2052
diff changeset
773 sessions.set(self.session, user=user)
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents: 2052
diff changeset
774 self.db.commit()
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
775
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
776 # expire us in a long, long time
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
777 expire = Cookie._getdate(86400*365)
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
778
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
779 # generate the cookie path - make sure it has a trailing '/'
1120
c26471971d18 Exposed the Batch mechanism through the top-level "utils" variable.
Richard Jones <richard@users.sourceforge.net>
parents: 1103
diff changeset
780 self.additional_headers['Set-Cookie'] = \
1414
b4630d078c08 another attempt to fix cookie misbehaviour
Richard Jones <richard@users.sourceforge.net>
parents: 1409
diff changeset
781 '%s=%s; expires=%s; Path=%s;'%(self.cookie_name, self.session,
b4630d078c08 another attempt to fix cookie misbehaviour
Richard Jones <richard@users.sourceforge.net>
parents: 1409
diff changeset
782 expire, self.cookie_path)
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
783
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
784 def make_user_anonymous(self):
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
785 ''' Make us anonymous
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
786
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
787 This method used to handle non-existence of the 'anonymous'
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
788 user, but that user is mandatory now.
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
789 '''
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
790 self.userid = self.db.user.lookup('anonymous')
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
791 self.user = 'anonymous'
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
792
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
793 def opendb(self, user):
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
794 ''' Open the database.
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
795 '''
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
796 # open the db if the user has changed
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
797 if not hasattr(self, 'db') or user != self.db.journaltag:
1167
75e5f2055ca9 missed a db close
Richard Jones <richard@users.sourceforge.net>
parents: 1161
diff changeset
798 if hasattr(self, 'db'):
75e5f2055ca9 missed a db close
Richard Jones <richard@users.sourceforge.net>
parents: 1161
diff changeset
799 self.db.close()
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
800 self.db = self.instance.open(user)
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
801
1801
9f9d35f3d8f7 Change the message asking for confirmation of registration...
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1799
diff changeset
802 def standard_message(self, to, subject, body, author=None):
2248
cd7e6d6288c6 fixed rego from email address [SF#947414]
Richard Jones <richard@users.sourceforge.net>
parents: 2246
diff changeset
803 '''Send a standard email message from Roundup.
cd7e6d6288c6 fixed rego from email address [SF#947414]
Richard Jones <richard@users.sourceforge.net>
parents: 2246
diff changeset
804
cd7e6d6288c6 fixed rego from email address [SF#947414]
Richard Jones <richard@users.sourceforge.net>
parents: 2246
diff changeset
805 "to" - recipients list
cd7e6d6288c6 fixed rego from email address [SF#947414]
Richard Jones <richard@users.sourceforge.net>
parents: 2246
diff changeset
806 "subject" - Subject
cd7e6d6288c6 fixed rego from email address [SF#947414]
Richard Jones <richard@users.sourceforge.net>
parents: 2246
diff changeset
807 "body" - Message
cd7e6d6288c6 fixed rego from email address [SF#947414]
Richard Jones <richard@users.sourceforge.net>
parents: 2246
diff changeset
808 "author" - (name, address) tuple or None for admin email
cd7e6d6288c6 fixed rego from email address [SF#947414]
Richard Jones <richard@users.sourceforge.net>
parents: 2246
diff changeset
809
cd7e6d6288c6 fixed rego from email address [SF#947414]
Richard Jones <richard@users.sourceforge.net>
parents: 2246
diff changeset
810 Arguments are passed to the Mailer.standard_message code.
cd7e6d6288c6 fixed rego from email address [SF#947414]
Richard Jones <richard@users.sourceforge.net>
parents: 2246
diff changeset
811 '''
1799
071ea6fc803f Extracted duplicated mail-sending code...
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1798
diff changeset
812 try:
1801
9f9d35f3d8f7 Change the message asking for confirmation of registration...
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1799
diff changeset
813 self.mailer.standard_message(to, subject, body, author)
1802
fe9d122f1bb1 Fix misnamed exception clause.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1801
diff changeset
814 except MessageSendError, e:
1799
071ea6fc803f Extracted duplicated mail-sending code...
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1798
diff changeset
815 self.error_message.append(str(e))
2248
cd7e6d6288c6 fixed rego from email address [SF#947414]
Richard Jones <richard@users.sourceforge.net>
parents: 2246
diff changeset
816 return 0
cd7e6d6288c6 fixed rego from email address [SF#947414]
Richard Jones <richard@users.sourceforge.net>
parents: 2246
diff changeset
817 return 1
1467
378081f066cc registration is now a two-step process with confirmation from the
Richard Jones <richard@users.sourceforge.net>
parents: 1456
diff changeset
818
2107
b7404a96b58a minor pre-release / test fixes
Richard Jones <richard@users.sourceforge.net>
parents: 2082
diff changeset
819 def parsePropsFromForm(self, create=0):
2010
1b11ffd8015e forward-porting of fixed edit action / parsePropsFromForm...
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
820 return FormParser(self).parse(create=create)
1b11ffd8015e forward-porting of fixed edit action / parsePropsFromForm...
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
821
2799
9605965569b0 disallow caching of pages with error and/or ok messages.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2724
diff changeset
822 # vim: set et sts=4 sw=4 :
Roundup Issue Tracker: http://roundup-tracker.org/