Mercurial > p > roundup > code

annotate roundup/cgi/client.py @ 3972:eee76dd4a09f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
'Make a Copy' failed with more than one person in nosy list [SF#1906147]
author Richard Jones <richard@users.sourceforge.net>
date Fri, 07 Mar 2008 00:35:47 +0000
parents 57ad3e2c2545
children 0112e9e1d068
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3916
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
1 # $Id: client.py,v 1.238 2007-09-22 21:20:57 jpend Exp $
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
2
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
3 """WWW request handler (also used in the stand-alone server).
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
4 """
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
5 __docformat__ = 'restructuredtext'
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
6
2928
81c99c857b57 applied patch [SF#1067690]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2923
diff changeset
7 import base64, binascii, cgi, codecs, mimetypes, os
81c99c857b57 applied patch [SF#1067690]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2923
diff changeset
8 import random, re, rfc822, stat, time, urllib, urlparse
3628
ed76f7ee34c4 handle connection loss when responding to web requests
Richard Jones <richard@users.sourceforge.net>
parents: 3606
diff changeset
9 import Cookie, socket, errno
3916
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
10 from Cookie import CookieError, BaseCookie, SimpleCookie
2233
3d9bb1a052d1 fix random seeding for forking server
Richard Jones <richard@users.sourceforge.net>
parents: 2230
diff changeset
11
2004
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1987
diff changeset
12 from roundup import roundupdb, date, hyperdb, password
2557
ff02e9851592 translator object must be Roundup Translation Service...
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2514
diff changeset
13 from roundup.cgi import templating, cgitb, TranslationService
2004
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1987
diff changeset
14 from roundup.cgi.actions import *
3396
Richard Jones <richard@users.sourceforge.net>
parents: 3388
diff changeset
15 from roundup.exceptions import *
2004
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1987
diff changeset
16 from roundup.cgi.exceptions import *
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1987
diff changeset
17 from roundup.cgi.form_parser import FormParser
1799
071ea6fc803f Extracted duplicated mail-sending code...
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1798
diff changeset
18 from roundup.mailer import Mailer, MessageSendError
3427
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
19 from roundup.cgi import accept_language
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
20
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
21 def initialiseSecurity(security):
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
22 '''Create some Permissions and Roles on the security object
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
23
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
24 This function is directly invoked by security.Security.__init__()
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
25 as a part of the Security object instantiation.
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
26 '''
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
27 p = security.addPermission(name="Web Access",
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
28 description="User may access the web interface")
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
29 security.addPermissionToRole('Admin', p)
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
30
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
31 # doing Role stuff through the web - make sure Admin can
3276
3124e578db02 Email fixes:
Richard Jones <richard@users.sourceforge.net>
parents: 3069
diff changeset
32 # TODO: deprecate this and use a property-based control
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
33 p = security.addPermission(name="Web Roles",
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
34 description="User may manipulate user Roles through the web")
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
35 security.addPermissionToRole('Admin', p)
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
36
1684
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1656
diff changeset
37 # used to clean messages passed through CGI variables - HTML-escape any tag
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1656
diff changeset
38 # that isn't <a href="">, <i>, <b> and <br> (including XHTML variants) so
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1656
diff changeset
39 # that people can't pass through nasties like <script>, <iframe>, ...
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1656
diff changeset
40 CLEAN_MESSAGE_RE = r'(<(/?(.*?)(\s*href="[^"]")?\s*/?)>)'
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1656
diff changeset
41 def clean_message(message, mc=re.compile(CLEAN_MESSAGE_RE, re.I)):
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1656
diff changeset
42 return mc.sub(clean_message_callback, message)
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1656
diff changeset
43 def clean_message_callback(match, ok={'a':1,'i':1,'b':1,'br':1}):
1656
ee730d990989 fix cross-site-scripting bug
Richard Jones <richard@users.sourceforge.net>
parents: 1654
diff changeset
44 ''' Strip all non <a>,<i>,<b> and <br> tags from a string
ee730d990989 fix cross-site-scripting bug
Richard Jones <richard@users.sourceforge.net>
parents: 1654
diff changeset
45 '''
1684
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1656
diff changeset
46 if ok.has_key(match.group(3).lower()):
1656
ee730d990989 fix cross-site-scripting bug
Richard Jones <richard@users.sourceforge.net>
parents: 1654
diff changeset
47 return match.group(1)
ee730d990989 fix cross-site-scripting bug
Richard Jones <richard@users.sourceforge.net>
parents: 1654
diff changeset
48 return '&lt;%s&gt;'%match.group(2)
ee730d990989 fix cross-site-scripting bug
Richard Jones <richard@users.sourceforge.net>
parents: 1654
diff changeset
49
3916
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
50
3554
5e70726a86dd fixed schema migration problem when Class keys were removed
Richard Jones <richard@users.sourceforge.net>
parents: 3551
diff changeset
51 error_message = ""'''<html><head><title>An error has occurred</title></head>
5e70726a86dd fixed schema migration problem when Class keys were removed
Richard Jones <richard@users.sourceforge.net>
parents: 3551
diff changeset
52 <body><h1>An error has occurred</h1>
3551
3c70ab03c917 translate error message shown instead of tracebacks, add page title
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3548
diff changeset
53 <p>A problem was encountered processing your request.
3c70ab03c917 translate error message shown instead of tracebacks, add page title
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3548
diff changeset
54 The tracker maintainers have been notified of the problem.</p>
3c70ab03c917 translate error message shown instead of tracebacks, add page title
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3548
diff changeset
55 </body></html>'''
3548
61d48244e7a8 login may now be for a single session
Richard Jones <richard@users.sourceforge.net>
parents: 3494
diff changeset
56
3916
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
57
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
58 class LiberalCookie(SimpleCookie):
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
59 ''' Python's SimpleCookie throws an exception if the cookie uses invalid
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
60 syntax. Other applications on the same server may have done precisely
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
61 this, preventing roundup from working through no fault of roundup.
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
62 Numerous other python apps have run into the same problem:
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
63
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
64 trac: http://trac.edgewall.org/ticket/2256
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
65 mailman: http://bugs.python.org/issue472646
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
66
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
67 This particular implementation comes from trac's solution to the
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
68 problem. Unfortunately it requires some hackery in SimpleCookie's
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
69 internals to provide a more liberal __set method.
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
70 '''
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
71 def load(self, rawdata, ignore_parse_errors=True):
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
72 if ignore_parse_errors:
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
73 self.bad_cookies = []
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
74 self._BaseCookie__set = self._loose_set
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
75 SimpleCookie.load(self, rawdata)
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
76 if ignore_parse_errors:
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
77 self._BaseCookie__set = self._strict_set
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
78 for key in self.bad_cookies:
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
79 del self[key]
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
80
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
81 _strict_set = BaseCookie._BaseCookie__set
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
82
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
83 def _loose_set(self, key, real_value, coded_value):
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
84 try:
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
85 self._strict_set(key, real_value, coded_value)
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
86 except CookieError:
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
87 self.bad_cookies.append(key)
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
88 dict.__setitem__(self, key, None)
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
89
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
90
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
91 class Client:
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
92 '''Instantiate to handle one CGI request.
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
93
1244
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
94 See inner_main for request processing.
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
95
1244
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
96 Client attributes at instantiation:
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
97
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
98 - "path" is the PATH_INFO inside the instance (with no leading '/')
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
99 - "base" is the base URL for the instance
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
100 - "form" is the cgi form, an instance of FieldStorage from the standard
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
101 cgi module
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
102 - "additional_headers" is a dictionary of additional HTTP headers that
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
103 should be sent to the client
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
104 - "response_code" is the HTTP response code to send to the client
2557
ff02e9851592 translator object must be Roundup Translation Service...
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2514
diff changeset
105 - "translator" is TranslationService instance
1244
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
106
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
107 During the processing of a request, the following attributes are used:
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
108
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
109 - "error_message" holds a list of error messages
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
110 - "ok_message" holds a list of OK messages
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
111 - "session" is the current user session id
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
112 - "user" is the current user's name
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
113 - "userid" is the current user's id
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
114 - "template" is the current :template context
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
115 - "classname" is the current class context name
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
116 - "nodeid" is the current context item id
1244
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
117
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
118 User Identification:
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
119 If the user has no login cookie, then they are anonymous and are logged
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
120 in as that user. This typically gives them all Permissions assigned to the
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
121 Anonymous Role.
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
122
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
123 Once a user logs in, they are assigned a session. The Client instance
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
124 keeps the nodeid of the session as the "session" attribute.
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
125
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
126 Special form variables:
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
127 Note that in various places throughout this code, special form
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
128 variables of the form :<name> are used. The colon (":") part may
1436
2f6647cf5345 bugger, dropping support for "+" special char
Richard Jones <richard@users.sourceforge.net>
parents: 1435
diff changeset
129 actually be one of either ":" or "@".
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
130 '''
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
131
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
132 # charset used for data storage and form templates
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
133 # Note: must be in lower case for comparisons!
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
134 # XXX take this from instance.config?
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
135 STORAGE_CHARSET = 'utf-8'
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
136
1421
90bb11eb40dc oops, forgot the templating :)
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
137 #
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
138 # special form variables
1421
90bb11eb40dc oops, forgot the templating :)
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
139 #
1436
2f6647cf5345 bugger, dropping support for "+" special char
Richard Jones <richard@users.sourceforge.net>
parents: 1435
diff changeset
140 FV_TEMPLATE = re.compile(r'[@:]template')
2f6647cf5345 bugger, dropping support for "+" special char
Richard Jones <richard@users.sourceforge.net>
parents: 1435
diff changeset
141 FV_OK_MESSAGE = re.compile(r'[@:]ok_message')
2f6647cf5345 bugger, dropping support for "+" special char
Richard Jones <richard@users.sourceforge.net>
parents: 1435
diff changeset
142 FV_ERROR_MESSAGE = re.compile(r'[@:]error_message')
1421
90bb11eb40dc oops, forgot the templating :)
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
143
90bb11eb40dc oops, forgot the templating :)
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
144 # Note: index page stuff doesn't appear here:
90bb11eb40dc oops, forgot the templating :)
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
145 # columns, sort, sortdir, filter, group, groupdir, search_text,
90bb11eb40dc oops, forgot the templating :)
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
146 # pagesize, startwith
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
147
3760
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
148 # list of network error codes that shouldn't be reported to tracker admin
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
149 # (error descriptions from FreeBSD intro(2))
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
150 IGNORE_NET_ERRORS = (
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
151 # A write on a pipe, socket or FIFO for which there is
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
152 # no process to read the data.
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
153 errno.EPIPE,
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
154 # A connection was forcibly closed by a peer.
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
155 # This normally results from a loss of the connection
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
156 # on the remote socket due to a timeout or a reboot.
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
157 errno.ECONNRESET,
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
158 # Software caused connection abort. A connection abort
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
159 # was caused internal to your host machine.
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
160 errno.ECONNABORTED,
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
161 # A connect or send request failed because the connected party
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
162 # did not properly respond after a period of time.
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
163 errno.ETIMEDOUT,
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
164 )
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
165
2467
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
166 def __init__(self, instance, request, env, form=None, translator=None):
2233
3d9bb1a052d1 fix random seeding for forking server
Richard Jones <richard@users.sourceforge.net>
parents: 2230
diff changeset
167 # re-seed the random number generator
3d9bb1a052d1 fix random seeding for forking server
Richard Jones <richard@users.sourceforge.net>
parents: 2230
diff changeset
168 random.seed()
2230
ca2664e095be disable forking server when os.fork() not available [SF#938586]
Richard Jones <richard@users.sourceforge.net>
parents: 2183
diff changeset
169 self.start = time.time()
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
170 self.instance = instance
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
171 self.request = request
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
172 self.env = env
2467
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
173 self.setTranslator(translator)
1799
071ea6fc803f Extracted duplicated mail-sending code...
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1798
diff changeset
174 self.mailer = Mailer(instance.config)
1004
5f12d3259f31 logout works better now
Richard Jones <richard@users.sourceforge.net>
parents: 1003
diff changeset
175
1157
26c8cb2162d7 fixed various URL / base URL issues
Richard Jones <richard@users.sourceforge.net>
parents: 1153
diff changeset
176 # save off the path
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
177 self.path = env['PATH_INFO']
1004
5f12d3259f31 logout works better now
Richard Jones <richard@users.sourceforge.net>
parents: 1003
diff changeset
178
1398
b3e1e9ab0500 fixed cookie path to use TRACKER_WEB [SF#667020]
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
179 # this is the base URL for this tracker
1157
26c8cb2162d7 fixed various URL / base URL issues
Richard Jones <richard@users.sourceforge.net>
parents: 1153
diff changeset
180 self.base = self.instance.config.TRACKER_WEB
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
181
2183
ac24a9c74cca be paranoid about TRACKER_WEB
Richard Jones <richard@users.sourceforge.net>
parents: 2137
diff changeset
182 # check the tracker_we setting
ac24a9c74cca be paranoid about TRACKER_WEB
Richard Jones <richard@users.sourceforge.net>
parents: 2137
diff changeset
183 if not self.base.endswith('/'):
ac24a9c74cca be paranoid about TRACKER_WEB
Richard Jones <richard@users.sourceforge.net>
parents: 2137
diff changeset
184 self.base = self.base + '/'
ac24a9c74cca be paranoid about TRACKER_WEB
Richard Jones <richard@users.sourceforge.net>
parents: 2137
diff changeset
185
1398
b3e1e9ab0500 fixed cookie path to use TRACKER_WEB [SF#667020]
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
186 # this is the "cookie path" for this tracker (ie. the path part of
b3e1e9ab0500 fixed cookie path to use TRACKER_WEB [SF#667020]
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
187 # the "base" url)
b3e1e9ab0500 fixed cookie path to use TRACKER_WEB [SF#667020]
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
188 self.cookie_path = urlparse.urlparse(self.base)[2]
1414
b4630d078c08 another attempt to fix cookie misbehaviour
Richard Jones <richard@users.sourceforge.net>
parents: 1409
diff changeset
189 self.cookie_name = 'roundup_session_' + re.sub('[^a-zA-Z]', '',
b4630d078c08 another attempt to fix cookie misbehaviour
Richard Jones <richard@users.sourceforge.net>
parents: 1409
diff changeset
190 self.instance.config.TRACKER_NAME)
2946
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
191 # cookies to set in http responce
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
192 # {(path, name): (value, expire)}
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
193 self.add_cookies = {}
1398
b3e1e9ab0500 fixed cookie path to use TRACKER_WEB [SF#667020]
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
194
1157
26c8cb2162d7 fixed various URL / base URL issues
Richard Jones <richard@users.sourceforge.net>
parents: 1153
diff changeset
195 # see if we need to re-parse the environment for the form (eg Zope)
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
196 if form is None:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
197 self.form = cgi.FieldStorage(environ=env)
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
198 else:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
199 self.form = form
1157
26c8cb2162d7 fixed various URL / base URL issues
Richard Jones <richard@users.sourceforge.net>
parents: 1153
diff changeset
200
26c8cb2162d7 fixed various URL / base URL issues
Richard Jones <richard@users.sourceforge.net>
parents: 1153
diff changeset
201 # turn debugging on/off
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
202 try:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
203 self.debug = int(env.get("ROUNDUP_DEBUG", 0))
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
204 except ValueError:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
205 # someone gave us a non-int debug level, turn it off
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
206 self.debug = 0
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
207
1157
26c8cb2162d7 fixed various URL / base URL issues
Richard Jones <richard@users.sourceforge.net>
parents: 1153
diff changeset
208 # flag to indicate that the HTTP headers have been sent
26c8cb2162d7 fixed various URL / base URL issues
Richard Jones <richard@users.sourceforge.net>
parents: 1153
diff changeset
209 self.headers_done = 0
26c8cb2162d7 fixed various URL / base URL issues
Richard Jones <richard@users.sourceforge.net>
parents: 1153
diff changeset
210
1120
c26471971d18 Exposed the Batch mechanism through the top-level "utils" variable.
Richard Jones <richard@users.sourceforge.net>
parents: 1103
diff changeset
211 # additional headers to send with the request - must be registered
c26471971d18 Exposed the Batch mechanism through the top-level "utils" variable.
Richard Jones <richard@users.sourceforge.net>
parents: 1103
diff changeset
212 # before the first write
c26471971d18 Exposed the Batch mechanism through the top-level "utils" variable.
Richard Jones <richard@users.sourceforge.net>
parents: 1103
diff changeset
213 self.additional_headers = {}
c26471971d18 Exposed the Batch mechanism through the top-level "utils" variable.
Richard Jones <richard@users.sourceforge.net>
parents: 1103
diff changeset
214 self.response_code = 200
c26471971d18 Exposed the Batch mechanism through the top-level "utils" variable.
Richard Jones <richard@users.sourceforge.net>
parents: 1103
diff changeset
215
2947
e611be5ee6c4 initialize self.charset early to enable html output for tracebacks...
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2946
diff changeset
216 # default character set
e611be5ee6c4 initialize self.charset early to enable html output for tracebacks...
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2946
diff changeset
217 self.charset = self.STORAGE_CHARSET
e611be5ee6c4 initialize self.charset early to enable html output for tracebacks...
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2946
diff changeset
218
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
219 # parse cookies (used in charset and session lookups)
3916
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
220 # use our own LiberalCookie to handle bad apps on the same
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
221 # server that have set cookies that are out of spec
57ad3e2c2545 handle bad cookies
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3900
diff changeset
222 self.cookie = LiberalCookie(self.env.get('HTTP_COOKIE', ''))
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
223
2928
81c99c857b57 applied patch [SF#1067690]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2923
diff changeset
224 self.user = None
81c99c857b57 applied patch [SF#1067690]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2923
diff changeset
225 self.userid = None
2948
deda13909085 factor out get_action_class so it may be called from other places
Richard Jones <richard@users.sourceforge.net>
parents: 2947
diff changeset
226 self.nodeid = None
deda13909085 factor out get_action_class so it may be called from other places
Richard Jones <richard@users.sourceforge.net>
parents: 2947
diff changeset
227 self.classname = None
deda13909085 factor out get_action_class so it may be called from other places
Richard Jones <richard@users.sourceforge.net>
parents: 2947
diff changeset
228 self.template = None
2928
81c99c857b57 applied patch [SF#1067690]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2923
diff changeset
229
2467
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
230 def setTranslator(self, translator=None):
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
231 """Replace the translation engine
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
232
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
233 'translator'
2557
ff02e9851592 translator object must be Roundup Translation Service...
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2514
diff changeset
234 is TranslationService instance.
ff02e9851592 translator object must be Roundup Translation Service...
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2514
diff changeset
235 It must define methods 'translate' (TAL-compatible i18n),
ff02e9851592 translator object must be Roundup Translation Service...
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2514
diff changeset
236 'gettext' and 'ngettext' (gettext-compatible i18n).
2467
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
237
2557
ff02e9851592 translator object must be Roundup Translation Service...
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2514
diff changeset
238 If omitted, create default TranslationService.
2467
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
239 """
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
240 if translator is None:
2808
18c28d22b3b5 pass tracker home directory to get_translation()
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2800
diff changeset
241 translator = TranslationService.get_translation(
2923
29563959c026 language defaults to config option TRACKER_LANGUAGE
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2906
diff changeset
242 language=self.instance.config["TRACKER_LANGUAGE"],
2808
18c28d22b3b5 pass tracker home directory to get_translation()
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2800
diff changeset
243 tracker_home=self.instance.config["TRACKER_HOME"])
2467
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
244 self.translator = translator
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
245 self._ = self.gettext = translator.gettext
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
246 self.ngettext = translator.ngettext
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
247
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
248 def main(self):
1133
36ec30d286ea Cleaned up CHANGES/TODO
Richard Jones <richard@users.sourceforge.net>
parents: 1130
diff changeset
249 ''' Wrap the real main in a try/finally so we always close off the db.
36ec30d286ea Cleaned up CHANGES/TODO
Richard Jones <richard@users.sourceforge.net>
parents: 1130
diff changeset
250 '''
36ec30d286ea Cleaned up CHANGES/TODO
Richard Jones <richard@users.sourceforge.net>
parents: 1130
diff changeset
251 try:
36ec30d286ea Cleaned up CHANGES/TODO
Richard Jones <richard@users.sourceforge.net>
parents: 1130
diff changeset
252 self.inner_main()
36ec30d286ea Cleaned up CHANGES/TODO
Richard Jones <richard@users.sourceforge.net>
parents: 1130
diff changeset
253 finally:
36ec30d286ea Cleaned up CHANGES/TODO
Richard Jones <richard@users.sourceforge.net>
parents: 1130
diff changeset
254 if hasattr(self, 'db'):
36ec30d286ea Cleaned up CHANGES/TODO
Richard Jones <richard@users.sourceforge.net>
parents: 1130
diff changeset
255 self.db.close()
36ec30d286ea Cleaned up CHANGES/TODO
Richard Jones <richard@users.sourceforge.net>
parents: 1130
diff changeset
256
36ec30d286ea Cleaned up CHANGES/TODO
Richard Jones <richard@users.sourceforge.net>
parents: 1130
diff changeset
257 def inner_main(self):
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
258 '''Process a request.
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
259
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
260 The most common requests are handled like so:
1054
3d8ea16347aa more explanatory docstring
Richard Jones <richard@users.sourceforge.net>
parents: 1053
diff changeset
261
3427
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
262 1. look for charset and language preferences, set up user locale
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
263 see determine_charset, determine_language
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
264 2. figure out who we are, defaulting to the "anonymous" user
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
265 see determine_user
3427
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
266 3. figure out what the request is for - the context
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
267 see determine_context
3427
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
268 4. handle any requested action (item edit, search, ...)
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
269 see handle_action
3427
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
270 5. render a template, resulting in HTML output
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
271
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
272 In some situations, exceptions occur:
1054
3d8ea16347aa more explanatory docstring
Richard Jones <richard@users.sourceforge.net>
parents: 1053
diff changeset
273
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
274 - HTTP Redirect (generally raised by an action)
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
275 - SendFile (generally raised by determine_context)
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
276 serve up a FileClass "content" property
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
277 - SendStaticFile (generally raised by determine_context)
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
278 serve up a file from the tracker "html" directory
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
279 - Unauthorised (generally raised by an action)
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
280 the action is cancelled, the request is rendered and an error
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
281 message is displayed indicating that permission was not
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
282 granted for the action to take place
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
283 - templating.Unauthorised (templating action not permitted)
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
284 raised by an attempted rendering of a template when the user
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
285 doesn't have permission
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
286 - NotFound (raised wherever it needs to be)
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
287 percolates up to the CGI interface that called the client
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
288 '''
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
289 self.ok_message = []
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
290 self.error_message = []
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
291 try:
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
292 self.determine_charset()
3427
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
293 self.determine_language()
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
294
2938
463902a0fbbb determine user before context:
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2937
diff changeset
295 # make sure we're identified (even anonymously)
463902a0fbbb determine user before context:
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2937
diff changeset
296 self.determine_user()
463902a0fbbb determine user before context:
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2937
diff changeset
297
1697
c9f67f2f7ba7 don't open the database for static files
Richard Jones <richard@users.sourceforge.net>
parents: 1692
diff changeset
298 # figure out the context and desired content template
c9f67f2f7ba7 don't open the database for static files
Richard Jones <richard@users.sourceforge.net>
parents: 1692
diff changeset
299 self.determine_context()
c9f67f2f7ba7 don't open the database for static files
Richard Jones <richard@users.sourceforge.net>
parents: 1692
diff changeset
300
1054
3d8ea16347aa more explanatory docstring
Richard Jones <richard@users.sourceforge.net>
parents: 1053
diff changeset
301 # possibly handle a form submit action (may change self.classname
3d8ea16347aa more explanatory docstring
Richard Jones <richard@users.sourceforge.net>
parents: 1053
diff changeset
302 # and self.template, and may also append error/ok_messages)
2045
d124af927369 Forward-porting of fixes from the maintenance branch.
Richard Jones <richard@users.sourceforge.net>
parents: 2032
diff changeset
303 html = self.handle_action()
d124af927369 Forward-porting of fixes from the maintenance branch.
Richard Jones <richard@users.sourceforge.net>
parents: 2032
diff changeset
304
d124af927369 Forward-porting of fixes from the maintenance branch.
Richard Jones <richard@users.sourceforge.net>
parents: 2032
diff changeset
305 if html:
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
306 self.write_html(html)
2045
d124af927369 Forward-porting of fixes from the maintenance branch.
Richard Jones <richard@users.sourceforge.net>
parents: 2032
diff changeset
307 return
1579
07a6b8587bc2 removed Pragma: no-cache...
Richard Jones <richard@users.sourceforge.net>
parents: 1562
diff changeset
308
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
309 # now render the page
1130
89bd02ffe4af tell clients/caches not to cache our dynamic bits
Richard Jones <richard@users.sourceforge.net>
parents: 1129
diff changeset
310 # we don't want clients caching our dynamic pages
89bd02ffe4af tell clients/caches not to cache our dynamic bits
Richard Jones <richard@users.sourceforge.net>
parents: 1129
diff changeset
311 self.additional_headers['Cache-Control'] = 'no-cache'
1579
07a6b8587bc2 removed Pragma: no-cache...
Richard Jones <richard@users.sourceforge.net>
parents: 1562
diff changeset
312 # Pragma: no-cache makes Mozilla and its ilk double-load all pages!!
07a6b8587bc2 removed Pragma: no-cache...
Richard Jones <richard@users.sourceforge.net>
parents: 1562
diff changeset
313 # self.additional_headers['Pragma'] = 'no-cache'
1552
68ef6deefcf1 cgi fixes
Richard Jones <richard@users.sourceforge.net>
parents: 1538
diff changeset
314
2799
9605965569b0 disallow caching of pages with error and/or ok messages.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2724
diff changeset
315 # pages with messages added expire right now
9605965569b0 disallow caching of pages with error and/or ok messages.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2724
diff changeset
316 # simple views may be cached for a small amount of time
9605965569b0 disallow caching of pages with error and/or ok messages.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2724
diff changeset
317 # TODO? make page expire time configurable
2988
f4023f1cc1d6 apply IE caching "fix" to automatically serve up all pages expired
Richard Jones <richard@users.sourceforge.net>
parents: 2952
diff changeset
318 # <rj> always expire pages, as IE just doesn't seem to do the
f4023f1cc1d6 apply IE caching "fix" to automatically serve up all pages expired
Richard Jones <richard@users.sourceforge.net>
parents: 2952
diff changeset
319 # right thing here :(
f4023f1cc1d6 apply IE caching "fix" to automatically serve up all pages expired
Richard Jones <richard@users.sourceforge.net>
parents: 2952
diff changeset
320 date = time.time() - 1
f4023f1cc1d6 apply IE caching "fix" to automatically serve up all pages expired
Richard Jones <richard@users.sourceforge.net>
parents: 2952
diff changeset
321 #if self.error_message or self.ok_message:
f4023f1cc1d6 apply IE caching "fix" to automatically serve up all pages expired
Richard Jones <richard@users.sourceforge.net>
parents: 2952
diff changeset
322 # date = time.time() - 1
f4023f1cc1d6 apply IE caching "fix" to automatically serve up all pages expired
Richard Jones <richard@users.sourceforge.net>
parents: 2952
diff changeset
323 #else:
f4023f1cc1d6 apply IE caching "fix" to automatically serve up all pages expired
Richard Jones <richard@users.sourceforge.net>
parents: 2952
diff changeset
324 # date = time.time() + 5
2799
9605965569b0 disallow caching of pages with error and/or ok messages.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2724
diff changeset
325 self.additional_headers['Expires'] = rfc822.formatdate(date)
1130
89bd02ffe4af tell clients/caches not to cache our dynamic bits
Richard Jones <richard@users.sourceforge.net>
parents: 1129
diff changeset
326
1204
b862bbf2067a Replaced the content() callback ickiness with Page Template macro usage
Richard Jones <richard@users.sourceforge.net>
parents: 1196
diff changeset
327 # render the content
3896
fca0365521fc ignore client shutdown exceptions when sending responses
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3867
diff changeset
328 try:
fca0365521fc ignore client shutdown exceptions when sending responses
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3867
diff changeset
329 self.write_html(self.renderContext())
fca0365521fc ignore client shutdown exceptions when sending responses
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3867
diff changeset
330 except IOError:
3900
182ba3207899 wrap comment to less than 75 chars
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3898
diff changeset
331 # IOErrors here are due to the client disconnecting before
182ba3207899 wrap comment to less than 75 chars
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3898
diff changeset
332 # recieving the reply.
3896
fca0365521fc ignore client shutdown exceptions when sending responses
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3867
diff changeset
333 pass
2230
ca2664e095be disable forking server when os.fork() not available [SF#938586]
Richard Jones <richard@users.sourceforge.net>
parents: 2183
diff changeset
334
2052
78e6a1e4984e forward-port from maint branch
Richard Jones <richard@users.sourceforge.net>
parents: 2046
diff changeset
335 except SeriousError, message:
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
336 self.write_html(str(message))
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
337 except Redirect, url:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
338 # let's redirect - if the url isn't None, then we need to do
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
339 # the headers, otherwise the headers have been set before the
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
340 # exception was raised
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
341 if url:
3736
a2d22d0de0bc WSGI support via roundup.cgi.wsgi_handler
Richard Jones <richard@users.sourceforge.net>
parents: 3687
diff changeset
342 self.additional_headers['Location'] = str(url)
1120
c26471971d18 Exposed the Batch mechanism through the top-level "utils" variable.
Richard Jones <richard@users.sourceforge.net>
parents: 1103
diff changeset
343 self.response_code = 302
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
344 self.write_html('Redirecting to <a href="%s">%s</a>'%(url, url))
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
345 except SendFile, designator:
3069
4ef775d2c8d1 handle NotModified for non-static files (patch [SF#1095790])
Richard Jones <richard@users.sourceforge.net>
parents: 2988
diff changeset
346 try:
4ef775d2c8d1 handle NotModified for non-static files (patch [SF#1095790])
Richard Jones <richard@users.sourceforge.net>
parents: 2988
diff changeset
347 self.serve_file(designator)
4ef775d2c8d1 handle NotModified for non-static files (patch [SF#1095790])
Richard Jones <richard@users.sourceforge.net>
parents: 2988
diff changeset
348 except NotModified:
4ef775d2c8d1 handle NotModified for non-static files (patch [SF#1095790])
Richard Jones <richard@users.sourceforge.net>
parents: 2988
diff changeset
349 # send the 304 response
3736
a2d22d0de0bc WSGI support via roundup.cgi.wsgi_handler
Richard Jones <richard@users.sourceforge.net>
parents: 3687
diff changeset
350 self.response_code = 304
a2d22d0de0bc WSGI support via roundup.cgi.wsgi_handler
Richard Jones <richard@users.sourceforge.net>
parents: 3687
diff changeset
351 self.header()
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
352 except SendStaticFile, file:
1469
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
353 try:
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
354 self.serve_static_file(str(file))
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
355 except NotModified:
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
356 # send the 304 response
3736
a2d22d0de0bc WSGI support via roundup.cgi.wsgi_handler
Richard Jones <richard@users.sourceforge.net>
parents: 3687
diff changeset
357 self.response_code = 304
a2d22d0de0bc WSGI support via roundup.cgi.wsgi_handler
Richard Jones <richard@users.sourceforge.net>
parents: 3687
diff changeset
358 self.header()
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
359 except Unauthorised, message:
1977
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
360 # users may always see the front page
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
361 self.classname = self.nodeid = None
1467
378081f066cc registration is now a two-step process with confirmation from the
Richard Jones <richard@users.sourceforge.net>
parents: 1456
diff changeset
362 self.template = ''
1244
8dd4f736370b merge from maintenance branch
Richard Jones <richard@users.sourceforge.net>
parents: 1236
diff changeset
363 self.error_message.append(message)
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
364 self.write_html(self.renderContext())
3898
dd00c917fc40 per-tracker 404 templating
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3896
diff changeset
365 except NotFound, e:
dd00c917fc40 per-tracker 404 templating
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3896
diff changeset
366 self.response_code = 404
dd00c917fc40 per-tracker 404 templating
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3896
diff changeset
367 self.template = '404'
dd00c917fc40 per-tracker 404 templating
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3896
diff changeset
368 try:
dd00c917fc40 per-tracker 404 templating
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3896
diff changeset
369 cl = self.db.getclass(self.classname)
dd00c917fc40 per-tracker 404 templating
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3896
diff changeset
370 self.write_html(self.renderContext())
dd00c917fc40 per-tracker 404 templating
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3896
diff changeset
371 except KeyError:
dd00c917fc40 per-tracker 404 templating
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3896
diff changeset
372 # we can't map the URL to a class we know about
dd00c917fc40 per-tracker 404 templating
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3896
diff changeset
373 # reraise the NotFound and let roundup_server
dd00c917fc40 per-tracker 404 templating
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3896
diff changeset
374 # handle it
dd00c917fc40 per-tracker 404 templating
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3896
diff changeset
375 raise NotFound, e
1818
85fd3d0e7d81 Actually use FormError, so we can move the handling up to inner_main().
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1807
diff changeset
376 except FormError, e:
2467
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
377 self.error_message.append(self._('Form Error: ') + str(e))
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
378 self.write_html(self.renderContext())
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
379 except:
3554
5e70726a86dd fixed schema migration problem when Class keys were removed
Richard Jones <richard@users.sourceforge.net>
parents: 3551
diff changeset
380 if self.instance.config.WEB_DEBUG:
3548
61d48244e7a8 login may now be for a single session
Richard Jones <richard@users.sourceforge.net>
parents: 3494
diff changeset
381 self.write_html(cgitb.html(i18n=self.translator))
61d48244e7a8 login may now be for a single session
Richard Jones <richard@users.sourceforge.net>
parents: 3494
diff changeset
382 else:
61d48244e7a8 login may now be for a single session
Richard Jones <richard@users.sourceforge.net>
parents: 3494
diff changeset
383 self.mailer.exception_message()
3551
3c70ab03c917 translate error message shown instead of tracebacks, add page title
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3548
diff changeset
384 return self.write_html(self._(error_message))
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
385
1372
3931614b1cce cleaning old unused sessions only once per hour, not on every cgi request
Andrey Lebedev <kedder@users.sourceforge.net>
parents: 1358
diff changeset
386 def clean_sessions(self):
1937
4c850112895b Some reformatting and fixing docstrings for emacs.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1936
diff changeset
387 """Age sessions, remove when they haven't been used for a week.
2032
5a7ec0c63095 fixes to some unit tests, and a cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2019
diff changeset
388
1937
4c850112895b Some reformatting and fixing docstrings for emacs.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1936
diff changeset
389 Do it only once an hour.
1477
ed725179953d Added password reset facility for forgotten passwords.
Richard Jones <richard@users.sourceforge.net>
parents: 1472
diff changeset
390
1937
4c850112895b Some reformatting and fixing docstrings for emacs.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1936
diff changeset
391 Note: also cleans One Time Keys, and other "session" based stuff.
4c850112895b Some reformatting and fixing docstrings for emacs.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1936
diff changeset
392 """
2082
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents: 2052
diff changeset
393 sessions = self.db.getSessionManager()
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents: 2052
diff changeset
394 last_clean = sessions.get('last_clean', 'last_use', 0)
1372
3931614b1cce cleaning old unused sessions only once per hour, not on every cgi request
Andrey Lebedev <kedder@users.sourceforge.net>
parents: 1358
diff changeset
395
2046
f913b6beac35 document and make easier the actions-returning-content idiom
Richard Jones <richard@users.sourceforge.net>
parents: 2045
diff changeset
396 # time to clean?
2928
81c99c857b57 applied patch [SF#1067690]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2923
diff changeset
397 #week = 60*60*24*7
1372
3931614b1cce cleaning old unused sessions only once per hour, not on every cgi request
Andrey Lebedev <kedder@users.sourceforge.net>
parents: 1358
diff changeset
398 hour = 60*60
3931614b1cce cleaning old unused sessions only once per hour, not on every cgi request
Andrey Lebedev <kedder@users.sourceforge.net>
parents: 1358
diff changeset
399 now = time.time()
2046
f913b6beac35 document and make easier the actions-returning-content idiom
Richard Jones <richard@users.sourceforge.net>
parents: 2045
diff changeset
400 if now - last_clean < hour:
f913b6beac35 document and make easier the actions-returning-content idiom
Richard Jones <richard@users.sourceforge.net>
parents: 2045
diff changeset
401 return
f913b6beac35 document and make easier the actions-returning-content idiom
Richard Jones <richard@users.sourceforge.net>
parents: 2045
diff changeset
402
2082
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents: 2052
diff changeset
403 sessions.clean(now)
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents: 2052
diff changeset
404 self.db.getOTKManager().clean(now)
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents: 2052
diff changeset
405 sessions.set('last_clean', last_use=time.time())
3687
ff9f4ca42454 Postgres backend allows transaction collisions to be ignored when...
Richard Jones <richard@users.sourceforge.net>
parents: 3628
diff changeset
406 self.db.commit(fail_ok=True)
1372
3931614b1cce cleaning old unused sessions only once per hour, not on every cgi request
Andrey Lebedev <kedder@users.sourceforge.net>
parents: 1358
diff changeset
407
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
408 def determine_charset(self):
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
409 """Look for client charset in the form parameters or browser cookie.
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
410
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
411 If no charset requested by client, use storage charset (utf-8).
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
412
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
413 If the charset is found, and differs from the storage charset,
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
414 recode all form fields of type 'text/plain'
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
415 """
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
416 # look for client charset
2946
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
417 charset_parameter = 0
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
418 if self.form.has_key('@charset'):
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
419 charset = self.form['@charset'].value
2946
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
420 if charset.lower() == "none":
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
421 charset = ""
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
422 charset_parameter = 1
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
423 elif self.cookie.has_key('roundup_charset'):
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
424 charset = self.cookie['roundup_charset'].value
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
425 else:
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
426 charset = None
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
427 if charset:
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
428 # make sure the charset is recognized
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
429 try:
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
430 codecs.lookup(charset)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
431 except LookupError:
2467
76ead526113d client instances may be used as translation engines.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2366
diff changeset
432 self.error_message.append(self._('Unrecognized charset: %r')
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
433 % charset)
2946
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
434 charset_parameter = 0
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
435 else:
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
436 self.charset = charset.lower()
2946
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
437 # If we've got a character set in request parameters,
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
438 # set the browser cookie to keep the preference.
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
439 # This is done after codecs.lookup to make sure
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
440 # that we aren't keeping a wrong value.
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
441 if charset_parameter:
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
442 self.add_cookie('roundup_charset', charset)
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
443
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
444 # if client charset is different from the storage charset,
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
445 # recode form fields
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
446 # XXX this requires FieldStorage from Python library.
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
447 # mod_python FieldStorage is not supported!
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
448 if self.charset != self.STORAGE_CHARSET:
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
449 decoder = codecs.getdecoder(self.charset)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
450 encoder = codecs.getencoder(self.STORAGE_CHARSET)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
451 re_charref = re.compile('&#([0-9]+|x[0-9a-f]+);', re.IGNORECASE)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
452 def _decode_charref(matchobj):
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
453 num = matchobj.group(1)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
454 if num[0].lower() == 'x':
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
455 uc = int(num[1:], 16)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
456 else:
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
457 uc = int(num)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
458 return unichr(uc)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
459
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
460 for field_name in self.form.keys():
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
461 field = self.form[field_name]
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
462 if (field.type == 'text/plain') and not field.filename:
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
463 try:
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
464 value = decoder(field.value)[0]
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
465 except UnicodeError:
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
466 continue
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
467 value = re_charref.sub(_decode_charref, value)
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
468 field.value = encoder(value)[0]
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
469
3427
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
470 def determine_language(self):
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
471 """Determine the language"""
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
472 # look for language parameter
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
473 # then for language cookie
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
474 # last for the Accept-Language header
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
475 if self.form.has_key("@language"):
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
476 language = self.form["@language"].value
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
477 if language.lower() == "none":
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
478 language = ""
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
479 self.add_cookie("roundup_language", language)
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
480 elif self.cookie.has_key("roundup_language"):
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
481 language = self.cookie["roundup_language"].value
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
482 elif self.instance.config["WEB_USE_BROWSER_LANGUAGE"]:
3557
ea471747d5aa fix failure with browsers not sending "Accept-Language" header [SF#1429646]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3554
diff changeset
483 hal = self.env.get('HTTP_ACCEPT_LANGUAGE')
3427
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
484 language = accept_language.parse(hal)
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
485 else:
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
486 language = ""
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
487
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
488 self.language = language
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
489 if language:
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
490 self.setTranslator(TranslationService.get_translation(
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
491 language,
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
492 tracker_home=self.instance.config["TRACKER_HOME"]))
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
493
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
494 def determine_user(self):
3427
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
495 """Determine who the user is"""
1724
bc4f0aec594e oops, we really do need a database
Richard Jones <richard@users.sourceforge.net>
parents: 1719
diff changeset
496 self.opendb('admin')
bc4f0aec594e oops, we really do need a database
Richard Jones <richard@users.sourceforge.net>
parents: 1719
diff changeset
497
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
498 # make sure we have the session Class
1372
3931614b1cce cleaning old unused sessions only once per hour, not on every cgi request
Andrey Lebedev <kedder@users.sourceforge.net>
parents: 1358
diff changeset
499 self.clean_sessions()
2082
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents: 2052
diff changeset
500 sessions = self.db.getSessionManager()
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
501
3453
8e3c0b88afad prefer http authorization over cookie sessions [SF#1396134]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3427
diff changeset
502 user = None
8e3c0b88afad prefer http authorization over cookie sessions [SF#1396134]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3427
diff changeset
503 # first up, try http authorization if enabled
8e3c0b88afad prefer http authorization over cookie sessions [SF#1396134]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3427
diff changeset
504 if self.instance.config['WEB_HTTP_AUTH']:
3356
2913b42c0810 enabled disabling of REMOTE_USER for when it's not a valid username
Richard Jones <richard@users.sourceforge.net>
parents: 3276
diff changeset
505 if self.env.has_key('REMOTE_USER'):
3453
8e3c0b88afad prefer http authorization over cookie sessions [SF#1396134]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3427
diff changeset
506 # we have external auth (e.g. by Apache)
3356
2913b42c0810 enabled disabling of REMOTE_USER for when it's not a valid username
Richard Jones <richard@users.sourceforge.net>
parents: 3276
diff changeset
507 user = self.env['REMOTE_USER']
2913b42c0810 enabled disabling of REMOTE_USER for when it's not a valid username
Richard Jones <richard@users.sourceforge.net>
parents: 3276
diff changeset
508 elif self.env.get('HTTP_AUTHORIZATION', ''):
3453
8e3c0b88afad prefer http authorization over cookie sessions [SF#1396134]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3427
diff changeset
509 # try handling Basic Auth ourselves
3356
2913b42c0810 enabled disabling of REMOTE_USER for when it's not a valid username
Richard Jones <richard@users.sourceforge.net>
parents: 3276
diff changeset
510 auth = self.env['HTTP_AUTHORIZATION']
2913b42c0810 enabled disabling of REMOTE_USER for when it's not a valid username
Richard Jones <richard@users.sourceforge.net>
parents: 3276
diff changeset
511 scheme, challenge = auth.split(' ', 1)
2913b42c0810 enabled disabling of REMOTE_USER for when it's not a valid username
Richard Jones <richard@users.sourceforge.net>
parents: 3276
diff changeset
512 if scheme.lower() == 'basic':
2913b42c0810 enabled disabling of REMOTE_USER for when it's not a valid username
Richard Jones <richard@users.sourceforge.net>
parents: 3276
diff changeset
513 try:
2913b42c0810 enabled disabling of REMOTE_USER for when it's not a valid username
Richard Jones <richard@users.sourceforge.net>
parents: 3276
diff changeset
514 decoded = base64.decodestring(challenge)
2913b42c0810 enabled disabling of REMOTE_USER for when it's not a valid username
Richard Jones <richard@users.sourceforge.net>
parents: 3276
diff changeset
515 except TypeError:
2913b42c0810 enabled disabling of REMOTE_USER for when it's not a valid username
Richard Jones <richard@users.sourceforge.net>
parents: 3276
diff changeset
516 # invalid challenge
2913b42c0810 enabled disabling of REMOTE_USER for when it's not a valid username
Richard Jones <richard@users.sourceforge.net>
parents: 3276
diff changeset
517 pass
2913b42c0810 enabled disabling of REMOTE_USER for when it's not a valid username
Richard Jones <richard@users.sourceforge.net>
parents: 3276
diff changeset
518 username, password = decoded.split(':')
2913b42c0810 enabled disabling of REMOTE_USER for when it's not a valid username
Richard Jones <richard@users.sourceforge.net>
parents: 3276
diff changeset
519 try:
2913b42c0810 enabled disabling of REMOTE_USER for when it's not a valid username
Richard Jones <richard@users.sourceforge.net>
parents: 3276
diff changeset
520 login = self.get_action_class('login')(self)
2913b42c0810 enabled disabling of REMOTE_USER for when it's not a valid username
Richard Jones <richard@users.sourceforge.net>
parents: 3276
diff changeset
521 login.verifyLogin(username, password)
2913b42c0810 enabled disabling of REMOTE_USER for when it's not a valid username
Richard Jones <richard@users.sourceforge.net>
parents: 3276
diff changeset
522 except LoginError, err:
2913b42c0810 enabled disabling of REMOTE_USER for when it's not a valid username
Richard Jones <richard@users.sourceforge.net>
parents: 3276
diff changeset
523 self.make_user_anonymous()
2913b42c0810 enabled disabling of REMOTE_USER for when it's not a valid username
Richard Jones <richard@users.sourceforge.net>
parents: 3276
diff changeset
524 self.response_code = 403
2913b42c0810 enabled disabling of REMOTE_USER for when it's not a valid username
Richard Jones <richard@users.sourceforge.net>
parents: 3276
diff changeset
525 raise Unauthorised, err
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
526
3356
2913b42c0810 enabled disabling of REMOTE_USER for when it's not a valid username
Richard Jones <richard@users.sourceforge.net>
parents: 3276
diff changeset
527 user = username
2928
81c99c857b57 applied patch [SF#1067690]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2923
diff changeset
528
3453
8e3c0b88afad prefer http authorization over cookie sessions [SF#1396134]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3427
diff changeset
529 # if user was not set by http authorization, try session cookie
3605
91c759d9271d dangling connections in session handling [SF#1463359]
Richard Jones <richard@users.sourceforge.net>
parents: 3557
diff changeset
530 if (not user and self.cookie.has_key(self.cookie_name)
91c759d9271d dangling connections in session handling [SF#1463359]
Richard Jones <richard@users.sourceforge.net>
parents: 3557
diff changeset
531 and (self.cookie[self.cookie_name].value != 'deleted')):
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
532 # get the session key from the cookie
3453
8e3c0b88afad prefer http authorization over cookie sessions [SF#1396134]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3427
diff changeset
533 self.session = self.cookie[self.cookie_name].value
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
534 # get the user from the session
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
535 try:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
536 # update the lifetime datestamp
2046
f913b6beac35 document and make easier the actions-returning-content idiom
Richard Jones <richard@users.sourceforge.net>
parents: 2045
diff changeset
537 sessions.updateTimestamp(self.session)
3606
04dc3eef67b7 reduced frequency of session timestamp update
Richard Jones <richard@users.sourceforge.net>
parents: 3605
diff changeset
538 self.db.commit()
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
539 user = sessions.get(self.session, 'user')
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
540 except KeyError:
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
541 # not valid, ignore id
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
542 pass
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
543
3453
8e3c0b88afad prefer http authorization over cookie sessions [SF#1396134]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3427
diff changeset
544 # if no user name set by http authorization or session cookie
8e3c0b88afad prefer http authorization over cookie sessions [SF#1396134]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3427
diff changeset
545 # the user is anonymous
8e3c0b88afad prefer http authorization over cookie sessions [SF#1396134]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3427
diff changeset
546 if not user:
8e3c0b88afad prefer http authorization over cookie sessions [SF#1396134]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3427
diff changeset
547 user = 'anonymous'
8e3c0b88afad prefer http authorization over cookie sessions [SF#1396134]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3427
diff changeset
548
8e3c0b88afad prefer http authorization over cookie sessions [SF#1396134]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3427
diff changeset
549 # sanity check on the user still being valid,
8e3c0b88afad prefer http authorization over cookie sessions [SF#1396134]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3427
diff changeset
550 # getting the userid at the same time
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
551 try:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
552 self.userid = self.db.user.lookup(user)
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
553 except (KeyError, TypeError):
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
554 user = 'anonymous'
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
555
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
556 # make sure the anonymous user is valid if we're using it
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
557 if user == 'anonymous':
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
558 self.make_user_anonymous()
2649
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2638
diff changeset
559 if not self.db.security.hasPermission('Web Access', self.userid):
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2638
diff changeset
560 raise Unauthorised, self._("Anonymous users are not "
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2638
diff changeset
561 "allowed to use the web interface")
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
562 else:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
563 self.user = user
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
564
1003
f89b8d32291b Hack hack hack...
Richard Jones <richard@users.sourceforge.net>
parents: 1002
diff changeset
565 # reopen the database as the correct user
f89b8d32291b Hack hack hack...
Richard Jones <richard@users.sourceforge.net>
parents: 1002
diff changeset
566 self.opendb(self.user)
f89b8d32291b Hack hack hack...
Richard Jones <richard@users.sourceforge.net>
parents: 1002
diff changeset
567
2940
00f609d53a8c tweaks to last patch
Richard Jones <richard@users.sourceforge.net>
parents: 2938
diff changeset
568 def opendb(self, username):
3427
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
569 """Open the database and set the current user.
2940
00f609d53a8c tweaks to last patch
Richard Jones <richard@users.sourceforge.net>
parents: 2938
diff changeset
570
00f609d53a8c tweaks to last patch
Richard Jones <richard@users.sourceforge.net>
parents: 2938
diff changeset
571 Opens a database once. On subsequent calls only the user is set on
00f609d53a8c tweaks to last patch
Richard Jones <richard@users.sourceforge.net>
parents: 2938
diff changeset
572 the database object the instance.optimize is set. If we are in
00f609d53a8c tweaks to last patch
Richard Jones <richard@users.sourceforge.net>
parents: 2938
diff changeset
573 "Development Mode" (cf. roundup_server) then the database is always
00f609d53a8c tweaks to last patch
Richard Jones <richard@users.sourceforge.net>
parents: 2938
diff changeset
574 re-opened.
3427
198fe87b0254 add language detection (patch [SF#1360321])
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3396
diff changeset
575 """
2940
00f609d53a8c tweaks to last patch
Richard Jones <richard@users.sourceforge.net>
parents: 2938
diff changeset
576 # don't do anything if the db is open and the user has not changed
00f609d53a8c tweaks to last patch
Richard Jones <richard@users.sourceforge.net>
parents: 2938
diff changeset
577 if hasattr(self, 'db') and self.db.isCurrentUser(username):
00f609d53a8c tweaks to last patch
Richard Jones <richard@users.sourceforge.net>
parents: 2938
diff changeset
578 return
00f609d53a8c tweaks to last patch
Richard Jones <richard@users.sourceforge.net>
parents: 2938
diff changeset
579
00f609d53a8c tweaks to last patch
Richard Jones <richard@users.sourceforge.net>
parents: 2938
diff changeset
580 # open the database or only set the user
00f609d53a8c tweaks to last patch
Richard Jones <richard@users.sourceforge.net>
parents: 2938
diff changeset
581 if not hasattr(self, 'db'):
00f609d53a8c tweaks to last patch
Richard Jones <richard@users.sourceforge.net>
parents: 2938
diff changeset
582 self.db = self.instance.open(username)
00f609d53a8c tweaks to last patch
Richard Jones <richard@users.sourceforge.net>
parents: 2938
diff changeset
583 else:
00f609d53a8c tweaks to last patch
Richard Jones <richard@users.sourceforge.net>
parents: 2938
diff changeset
584 if self.instance.optimize:
00f609d53a8c tweaks to last patch
Richard Jones <richard@users.sourceforge.net>
parents: 2938
diff changeset
585 self.db.setCurrentUser(username)
00f609d53a8c tweaks to last patch
Richard Jones <richard@users.sourceforge.net>
parents: 2938
diff changeset
586 else:
00f609d53a8c tweaks to last patch
Richard Jones <richard@users.sourceforge.net>
parents: 2938
diff changeset
587 self.db.close()
00f609d53a8c tweaks to last patch
Richard Jones <richard@users.sourceforge.net>
parents: 2938
diff changeset
588 self.db = self.instance.open(username)
00f609d53a8c tweaks to last patch
Richard Jones <richard@users.sourceforge.net>
parents: 2938
diff changeset
589
2829
aa1cb9df09c3 ignore leading zeroes in the ID part of a node designator
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2808
diff changeset
590 def determine_context(self, dre=re.compile(r'([^\d]+)0*(\d+)')):
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
591 """Determine the context of this page from the URL:
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
592
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
593 The URL path after the instance identifier is examined. The path
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
594 is generally only one entry long.
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
595
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
596 - if there is no path, then we are in the "home" context.
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
597 - if the path is "_file", then the additional path entry
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
598 specifies the filename of a static file we're to serve up
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
599 from the instance "html" directory. Raises a SendStaticFile
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
600 exception.(*)
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
601 - if there is something in the path (eg "issue"), it identifies
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
602 the tracker class we're to display.
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
603 - if the path is an item designator (eg "issue123"), then we're
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
604 to display a specific item.
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
605 - if the path starts with an item designator and is longer than
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
606 one entry, then we're assumed to be handling an item of a
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
607 FileClass, and the extra path information gives the filename
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
608 that the client is going to label the download with (ie
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
609 "file123/image.png" is nicer to download than "file123"). This
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
610 raises a SendFile exception.(*)
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
611
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
612 Both of the "*" types of contexts stop before we bother to
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
613 determine the template we're going to use. That's because they
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
614 don't actually use templates.
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
615
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
616 The template used is specified by the :template CGI variable,
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
617 which defaults to:
1053
b28393def972 more explanatory docsting
Richard Jones <richard@users.sourceforge.net>
parents: 1051
diff changeset
618
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
619 - only classname suplied: "index"
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
620 - full item designator supplied: "item"
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
621
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
622 We set:
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
623
1041
c28603c9f831 Class help and generic class editing done.
Richard Jones <richard@users.sourceforge.net>
parents: 1029
diff changeset
624 self.classname - the class to display, can be None
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
625
1041
c28603c9f831 Class help and generic class editing done.
Richard Jones <richard@users.sourceforge.net>
parents: 1029
diff changeset
626 self.template - the template to render the current context with
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
627
1041
c28603c9f831 Class help and generic class editing done.
Richard Jones <richard@users.sourceforge.net>
parents: 1029
diff changeset
628 self.nodeid - the nodeid of the class we're displaying
1937
4c850112895b Some reformatting and fixing docstrings for emacs.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1936
diff changeset
629 """
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
630 # default the optional variables
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
631 self.classname = None
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
632 self.nodeid = None
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
633
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
634 # see if a template or messages are specified
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
635 template_override = ok_message = error_message = None
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
636 for key in self.form.keys():
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
637 if self.FV_TEMPLATE.match(key):
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
638 template_override = self.form[key].value
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
639 elif self.FV_OK_MESSAGE.match(key):
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
640 ok_message = self.form[key].value
1684
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1656
diff changeset
641 ok_message = clean_message(ok_message)
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
642 elif self.FV_ERROR_MESSAGE.match(key):
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
643 error_message = self.form[key].value
1684
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1656
diff changeset
644 error_message = clean_message(error_message)
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
645
1977
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
646 # see if we were passed in a message
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
647 if ok_message:
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
648 self.ok_message.append(ok_message)
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
649 if error_message:
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
650 self.error_message.append(error_message)
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
651
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
652 # determine the classname and possibly nodeid
1157
26c8cb2162d7 fixed various URL / base URL issues
Richard Jones <richard@users.sourceforge.net>
parents: 1153
diff changeset
653 path = self.path.split('/')
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
654 if not path or path[0] in ('', 'home', 'index'):
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
655 if template_override is not None:
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
656 self.template = template_override
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
657 else:
1041
c28603c9f831 Class help and generic class editing done.
Richard Jones <richard@users.sourceforge.net>
parents: 1029
diff changeset
658 self.template = ''
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
659 return
1911
f5c804379c85 fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents: 1905
diff changeset
660 elif path[0] in ('_file', '@@file'):
1427
37e712e77a99 trackers' templates directory can contain subdirectories with static files
Andrey Lebedev <kedder@users.sourceforge.net>
parents: 1426
diff changeset
661 raise SendStaticFile, os.path.join(*path[1:])
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
662 else:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
663 self.classname = path[0]
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
664 if len(path) > 1:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
665 # send the file identified by the designator in path[0]
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
666 raise SendFile, path[0]
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
667
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
668 # see if we got a designator
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
669 m = dre.match(self.classname)
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
670 if m:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
671 self.classname = m.group(1)
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
672 self.nodeid = m.group(2)
3494
5a56abcf1b22 catch bad classname in URL (related to [SF#1240541])
Richard Jones <richard@users.sourceforge.net>
parents: 3453
diff changeset
673 try:
5a56abcf1b22 catch bad classname in URL (related to [SF#1240541])
Richard Jones <richard@users.sourceforge.net>
parents: 3453
diff changeset
674 klass = self.db.getclass(self.classname)
5a56abcf1b22 catch bad classname in URL (related to [SF#1240541])
Richard Jones <richard@users.sourceforge.net>
parents: 3453
diff changeset
675 except KeyError:
5a56abcf1b22 catch bad classname in URL (related to [SF#1240541])
Richard Jones <richard@users.sourceforge.net>
parents: 3453
diff changeset
676 raise NotFound, '%s/%s'%(self.classname, self.nodeid)
5a56abcf1b22 catch bad classname in URL (related to [SF#1240541])
Richard Jones <richard@users.sourceforge.net>
parents: 3453
diff changeset
677 if not klass.hasnode(self.nodeid):
1153
0455eccad866 raise not found earlier, where it makes more sense to the user
Richard Jones <richard@users.sourceforge.net>
parents: 1152
diff changeset
678 raise NotFound, '%s/%s'%(self.classname, self.nodeid)
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
679 # with a designator, we default to item view
1041
c28603c9f831 Class help and generic class editing done.
Richard Jones <richard@users.sourceforge.net>
parents: 1029
diff changeset
680 self.template = 'item'
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
681 else:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
682 # with only a class, we default to index view
1041
c28603c9f831 Class help and generic class editing done.
Richard Jones <richard@users.sourceforge.net>
parents: 1029
diff changeset
683 self.template = 'index'
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
684
1288
ad8de51d7cd5 handle "classname" URL path errors cleaner (generate a 404)
Richard Jones <richard@users.sourceforge.net>
parents: 1277
diff changeset
685 # make sure the classname is valid
ad8de51d7cd5 handle "classname" URL path errors cleaner (generate a 404)
Richard Jones <richard@users.sourceforge.net>
parents: 1277
diff changeset
686 try:
ad8de51d7cd5 handle "classname" URL path errors cleaner (generate a 404)
Richard Jones <richard@users.sourceforge.net>
parents: 1277
diff changeset
687 self.db.getclass(self.classname)
ad8de51d7cd5 handle "classname" URL path errors cleaner (generate a 404)
Richard Jones <richard@users.sourceforge.net>
parents: 1277
diff changeset
688 except KeyError:
ad8de51d7cd5 handle "classname" URL path errors cleaner (generate a 404)
Richard Jones <richard@users.sourceforge.net>
parents: 1277
diff changeset
689 raise NotFound, self.classname
ad8de51d7cd5 handle "classname" URL path errors cleaner (generate a 404)
Richard Jones <richard@users.sourceforge.net>
parents: 1277
diff changeset
690
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
691 # see if we have a template override
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
692 if template_override is not None:
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1417
diff changeset
693 self.template = template_override
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
694
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
695 def serve_file(self, designator, dre=re.compile(r'([^\d]+)(\d+)')):
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
696 ''' Serve the file from the content property of the designated item.
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
697 '''
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
698 m = dre.match(str(designator))
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
699 if not m:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
700 raise NotFound, str(designator)
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
701 classname, nodeid = m.group(1), m.group(2)
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
702
1967
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
703 klass = self.db.getclass(classname)
1946
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
704
1967
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
705 # make sure we have the appropriate properties
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
706 props = klass.getprops()
1977
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
707 if not props.has_key('type'):
1967
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
708 raise NotFound, designator
1977
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
709 if not props.has_key('content'):
1967
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
710 raise NotFound, designator
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
711
2870
795cdba40c05 enforce View Permission when serving file content [SF#1050470]
Richard Jones <richard@users.sourceforge.net>
parents: 2864
diff changeset
712 # make sure we have permission
795cdba40c05 enforce View Permission when serving file content [SF#1050470]
Richard Jones <richard@users.sourceforge.net>
parents: 2864
diff changeset
713 if not self.db.security.hasPermission('View', self.userid,
795cdba40c05 enforce View Permission when serving file content [SF#1050470]
Richard Jones <richard@users.sourceforge.net>
parents: 2864
diff changeset
714 classname, 'content', nodeid):
795cdba40c05 enforce View Permission when serving file content [SF#1050470]
Richard Jones <richard@users.sourceforge.net>
parents: 2864
diff changeset
715 raise Unauthorised, self._("You are not allowed to view "
795cdba40c05 enforce View Permission when serving file content [SF#1050470]
Richard Jones <richard@users.sourceforge.net>
parents: 2864
diff changeset
716 "this file.")
795cdba40c05 enforce View Permission when serving file content [SF#1050470]
Richard Jones <richard@users.sourceforge.net>
parents: 2864
diff changeset
717
1967
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
718 mime_type = klass.get(nodeid, 'type')
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
719 content = klass.get(nodeid, 'content')
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
720 lmt = klass.get(nodeid, 'activity').timestamp()
1946
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
721
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
722 self._serve_file(lmt, mime_type, content)
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
723
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
724 def serve_static_file(self, file):
1946
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
725 ''' Serve up the file named from the templates dir
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
726 '''
2864
930e780c751f support STATIC_FILES directory in addition to TEMPLATES
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2853
diff changeset
727 # figure the filename - try STATIC_FILES, then TEMPLATES dir
930e780c751f support STATIC_FILES directory in addition to TEMPLATES
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2853
diff changeset
728 for dir_option in ('STATIC_FILES', 'TEMPLATES'):
930e780c751f support STATIC_FILES directory in addition to TEMPLATES
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2853
diff changeset
729 prefix = self.instance.config[dir_option]
930e780c751f support STATIC_FILES directory in addition to TEMPLATES
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2853
diff changeset
730 if not prefix:
930e780c751f support STATIC_FILES directory in addition to TEMPLATES
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2853
diff changeset
731 continue
930e780c751f support STATIC_FILES directory in addition to TEMPLATES
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2853
diff changeset
732 # ensure the load doesn't try to poke outside
930e780c751f support STATIC_FILES directory in addition to TEMPLATES
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2853
diff changeset
733 # of the static files directory
930e780c751f support STATIC_FILES directory in addition to TEMPLATES
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2853
diff changeset
734 prefix = os.path.normpath(prefix)
930e780c751f support STATIC_FILES directory in addition to TEMPLATES
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2853
diff changeset
735 filename = os.path.normpath(os.path.join(prefix, file))
930e780c751f support STATIC_FILES directory in addition to TEMPLATES
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2853
diff changeset
736 if os.path.isfile(filename) and filename.startswith(prefix):
930e780c751f support STATIC_FILES directory in addition to TEMPLATES
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2853
diff changeset
737 break
930e780c751f support STATIC_FILES directory in addition to TEMPLATES
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2853
diff changeset
738 else:
2366
1d46cd2f83f6 fix security hole in serve_static_file
Richard Jones <richard@users.sourceforge.net>
parents: 2279
diff changeset
739 raise NotFound, file
1946
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
740
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
741 # last-modified time
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
742 lmt = os.stat(filename)[stat.ST_MTIME]
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
743
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
744 # detemine meta-type
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
745 file = str(file)
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
746 mime_type = mimetypes.guess_type(file)[0]
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
747 if not mime_type:
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
748 if file.endswith('.css'):
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
749 mime_type = 'text/css'
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
750 else:
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
751 mime_type = 'text/plain'
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
752
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
753 # snarf the content
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
754 f = open(filename, 'rb')
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
755 try:
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
756 content = f.read()
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
757 finally:
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
758 f.close()
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
759
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
760 self._serve_file(lmt, mime_type, content)
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
761
2246
9db7d2842222 fixed static file serving
Richard Jones <richard@users.sourceforge.net>
parents: 2244
diff changeset
762 def _serve_file(self, lmt, mime_type, content):
1946
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
763 ''' guts of serve_file() and serve_static_file()
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
764 '''
3736
a2d22d0de0bc WSGI support via roundup.cgi.wsgi_handler
Richard Jones <richard@users.sourceforge.net>
parents: 3687
diff changeset
765 # spit out headers
a2d22d0de0bc WSGI support via roundup.cgi.wsgi_handler
Richard Jones <richard@users.sourceforge.net>
parents: 3687
diff changeset
766 self.additional_headers['Content-Type'] = mime_type
a2d22d0de0bc WSGI support via roundup.cgi.wsgi_handler
Richard Jones <richard@users.sourceforge.net>
parents: 3687
diff changeset
767 self.additional_headers['Content-Length'] = str(len(content))
3800
75d3896929bb really fix the last-modified code
Richard Jones <richard@users.sourceforge.net>
parents: 3796
diff changeset
768 self.additional_headers['Last-Modified'] = rfc822.formatdate(lmt)
3736
a2d22d0de0bc WSGI support via roundup.cgi.wsgi_handler
Richard Jones <richard@users.sourceforge.net>
parents: 3687
diff changeset
769
1498
203f6a154b30 even better if-modified-since handling for cgi-bin
Andrey Lebedev <kedder@users.sourceforge.net>
parents: 1497
diff changeset
770 ims = None
1469
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
771 # see if there's an if-modified-since...
3736
a2d22d0de0bc WSGI support via roundup.cgi.wsgi_handler
Richard Jones <richard@users.sourceforge.net>
parents: 3687
diff changeset
772 # XXX see which interfaces set this
a2d22d0de0bc WSGI support via roundup.cgi.wsgi_handler
Richard Jones <richard@users.sourceforge.net>
parents: 3687
diff changeset
773 #if hasattr(self.request, 'headers'):
a2d22d0de0bc WSGI support via roundup.cgi.wsgi_handler
Richard Jones <richard@users.sourceforge.net>
parents: 3687
diff changeset
774 #ims = self.request.headers.getheader('if-modified-since')
a2d22d0de0bc WSGI support via roundup.cgi.wsgi_handler
Richard Jones <richard@users.sourceforge.net>
parents: 3687
diff changeset
775 if self.env.has_key('HTTP_IF_MODIFIED_SINCE'):
1497
2704d8438823 better if-modified-since handling for cgi-bin
Richard Jones <richard@users.sourceforge.net>
parents: 1477
diff changeset
776 # cgi will put the header in the env var
1469
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
777 ims = self.env['HTTP_IF_MODIFIED_SINCE']
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
778 if ims:
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
779 ims = rfc822.parsedate(ims)[:6]
3800
75d3896929bb really fix the last-modified code
Richard Jones <richard@users.sourceforge.net>
parents: 3796
diff changeset
780 lmtt = time.gmtime(lmt)[:6]
1469
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
781 if lmtt <= ims:
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
782 raise NotModified
79d8956de3f5 implemented last-modified and if-modified-since support
Richard Jones <richard@users.sourceforge.net>
parents: 1468
diff changeset
783
1946
c538a64b94a7 Refactored CGI file serving so that FileClass contents are...
Richard Jones <richard@users.sourceforge.net>
parents: 1937
diff changeset
784 self.write(content)
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
785
1204
b862bbf2067a Replaced the content() callback ickiness with Page Template macro usage
Richard Jones <richard@users.sourceforge.net>
parents: 1196
diff changeset
786 def renderContext(self):
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
787 ''' Return a PageTemplate for the named page
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
788 '''
1204
b862bbf2067a Replaced the content() callback ickiness with Page Template macro usage
Richard Jones <richard@users.sourceforge.net>
parents: 1196
diff changeset
789 name = self.classname
b862bbf2067a Replaced the content() callback ickiness with Page Template macro usage
Richard Jones <richard@users.sourceforge.net>
parents: 1196
diff changeset
790 extension = self.template
2853
6d34622fd5f8 use templates collection kept in the tracker instance...
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2830
diff changeset
791 pt = self.instance.templates.get(name, extension)
1204
b862bbf2067a Replaced the content() callback ickiness with Page Template macro usage
Richard Jones <richard@users.sourceforge.net>
parents: 1196
diff changeset
792
1103
db787cef1385 handled some XXXs
Richard Jones <richard@users.sourceforge.net>
parents: 1096
diff changeset
793 # catch errors so we can handle PT rendering errors more nicely
1204
b862bbf2067a Replaced the content() callback ickiness with Page Template macro usage
Richard Jones <richard@users.sourceforge.net>
parents: 1196
diff changeset
794 args = {
b862bbf2067a Replaced the content() callback ickiness with Page Template macro usage
Richard Jones <richard@users.sourceforge.net>
parents: 1196
diff changeset
795 'ok_message': self.ok_message,
b862bbf2067a Replaced the content() callback ickiness with Page Template macro usage
Richard Jones <richard@users.sourceforge.net>
parents: 1196
diff changeset
796 'error_message': self.error_message
b862bbf2067a Replaced the content() callback ickiness with Page Template macro usage
Richard Jones <richard@users.sourceforge.net>
parents: 1196
diff changeset
797 }
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
798 try:
1016
d6c13142e7b9 Keep a cache of compiled PageTemplates.
Richard Jones <richard@users.sourceforge.net>
parents: 1008
diff changeset
799 # let the template render figure stuff out
1967
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
800 result = pt.render(self, None, None, **args)
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
801 self.additional_headers['Content-Type'] = pt.content_type
2942
a50e4f7c9276 look for CGI_SHOW_TIMING in self.env instead of os.environ;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2940
diff changeset
802 if self.env.get('CGI_SHOW_TIMING', ''):
a50e4f7c9276 look for CGI_SHOW_TIMING in self.env instead of os.environ;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2940
diff changeset
803 if self.env['CGI_SHOW_TIMING'].upper() == 'COMMENT':
a50e4f7c9276 look for CGI_SHOW_TIMING in self.env instead of os.environ;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2940
diff changeset
804 timings = {'starttag': '<!-- ', 'endtag': ' -->'}
a50e4f7c9276 look for CGI_SHOW_TIMING in self.env instead of os.environ;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2940
diff changeset
805 else:
a50e4f7c9276 look for CGI_SHOW_TIMING in self.env instead of os.environ;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2940
diff changeset
806 timings = {'starttag': '<p>', 'endtag': '</p>'}
a50e4f7c9276 look for CGI_SHOW_TIMING in self.env instead of os.environ;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2940
diff changeset
807 timings['seconds'] = time.time()-self.start
a50e4f7c9276 look for CGI_SHOW_TIMING in self.env instead of os.environ;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2940
diff changeset
808 s = self._('%(starttag)sTime elapsed: %(seconds)fs%(endtag)s\n'
a50e4f7c9276 look for CGI_SHOW_TIMING in self.env instead of os.environ;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2940
diff changeset
809 ) % timings
2237
f624fc20f8fe added capturing of stats
Richard Jones <richard@users.sourceforge.net>
parents: 2233
diff changeset
810 if hasattr(self.db, 'stats'):
2942
a50e4f7c9276 look for CGI_SHOW_TIMING in self.env instead of os.environ;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2940
diff changeset
811 timings.update(self.db.stats)
a50e4f7c9276 look for CGI_SHOW_TIMING in self.env instead of os.environ;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2940
diff changeset
812 s += self._("%(starttag)sCache hits: %(cache_hits)d,"
a50e4f7c9276 look for CGI_SHOW_TIMING in self.env instead of os.environ;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2940
diff changeset
813 " misses %(cache_misses)d."
a50e4f7c9276 look for CGI_SHOW_TIMING in self.env instead of os.environ;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2940
diff changeset
814 " Loading items: %(get_items)f secs."
a50e4f7c9276 look for CGI_SHOW_TIMING in self.env instead of os.environ;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2940
diff changeset
815 " Filtering: %(filtering)f secs."
a50e4f7c9276 look for CGI_SHOW_TIMING in self.env instead of os.environ;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2940
diff changeset
816 "%(endtag)s\n") % timings
2237
f624fc20f8fe added capturing of stats
Richard Jones <richard@users.sourceforge.net>
parents: 2233
diff changeset
817 s += '</body>'
2230
ca2664e095be disable forking server when os.fork() not available [SF#938586]
Richard Jones <richard@users.sourceforge.net>
parents: 2183
diff changeset
818 result = result.replace('</body>', s)
1967
d30cd44321f2 commit old file-serving bugfix, and new pt content-type fix
Richard Jones <richard@users.sourceforge.net>
parents: 1946
diff changeset
819 return result
1977
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
820 except templating.NoTemplate, message:
1068
665730c27d29 nicer template absence error
Richard Jones <richard@users.sourceforge.net>
parents: 1065
diff changeset
821 return '<strong>%s</strong>'%message
1977
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
822 except templating.Unauthorised, message:
f96592a7c357 changes to support the new templating Unauthorised exception.
Richard Jones <richard@users.sourceforge.net>
parents: 1973
diff changeset
823 raise Unauthorised, str(message)
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
824 except:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
825 # everything else
2565
89c5e8564dad passs the message translator to cgitb functions
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2557
diff changeset
826 return cgitb.pt_html(i18n=self.translator)
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
827
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
828 # these are the actions that are available
2904
b1ad7add1a2c back out
Richard Jones <richard@users.sourceforge.net>
parents: 2903
diff changeset
829 actions = (
b1ad7add1a2c back out
Richard Jones <richard@users.sourceforge.net>
parents: 2903
diff changeset
830 ('edit', EditItemAction),
b1ad7add1a2c back out
Richard Jones <richard@users.sourceforge.net>
parents: 2903
diff changeset
831 ('editcsv', EditCSVAction),
b1ad7add1a2c back out
Richard Jones <richard@users.sourceforge.net>
parents: 2903
diff changeset
832 ('new', NewItemAction),
b1ad7add1a2c back out
Richard Jones <richard@users.sourceforge.net>
parents: 2903
diff changeset
833 ('register', RegisterAction),
b1ad7add1a2c back out
Richard Jones <richard@users.sourceforge.net>
parents: 2903
diff changeset
834 ('confrego', ConfRegoAction),
b1ad7add1a2c back out
Richard Jones <richard@users.sourceforge.net>
parents: 2903
diff changeset
835 ('passrst', PassResetAction),
b1ad7add1a2c back out
Richard Jones <richard@users.sourceforge.net>
parents: 2903
diff changeset
836 ('login', LoginAction),
b1ad7add1a2c back out
Richard Jones <richard@users.sourceforge.net>
parents: 2903
diff changeset
837 ('logout', LogoutAction),
b1ad7add1a2c back out
Richard Jones <richard@users.sourceforge.net>
parents: 2903
diff changeset
838 ('search', SearchAction),
b1ad7add1a2c back out
Richard Jones <richard@users.sourceforge.net>
parents: 2903
diff changeset
839 ('retire', RetireAction),
b1ad7add1a2c back out
Richard Jones <richard@users.sourceforge.net>
parents: 2903
diff changeset
840 ('show', ShowAction),
b1ad7add1a2c back out
Richard Jones <richard@users.sourceforge.net>
parents: 2903
diff changeset
841 ('export_csv', ExportCSVAction),
b1ad7add1a2c back out
Richard Jones <richard@users.sourceforge.net>
parents: 2903
diff changeset
842 )
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
843 def handle_action(self):
1467
378081f066cc registration is now a two-step process with confirmation from the
Richard Jones <richard@users.sourceforge.net>
parents: 1456
diff changeset
844 ''' Determine whether there should be an Action called.
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
845
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
846 The action is defined by the form variable :action which
1477
ed725179953d Added password reset facility for forgotten passwords.
Richard Jones <richard@users.sourceforge.net>
parents: 1472
diff changeset
847 identifies the method on this object to call. The actions
2904
b1ad7add1a2c back out
Richard Jones <richard@users.sourceforge.net>
parents: 2903
diff changeset
848 are defined in the "actions" sequence on this class.
2045
d124af927369 Forward-porting of fixes from the maintenance branch.
Richard Jones <richard@users.sourceforge.net>
parents: 2032
diff changeset
849
d124af927369 Forward-porting of fixes from the maintenance branch.
Richard Jones <richard@users.sourceforge.net>
parents: 2032
diff changeset
850 Actions may return a page (by default HTML) to return to the
d124af927369 Forward-porting of fixes from the maintenance branch.
Richard Jones <richard@users.sourceforge.net>
parents: 2032
diff changeset
851 user, bypassing the usual template rendering.
3388
0c66acaea802 present Reject exception messages to web users [SF#1237685]
Richard Jones <richard@users.sourceforge.net>
parents: 3356
diff changeset
852
0c66acaea802 present Reject exception messages to web users [SF#1237685]
Richard Jones <richard@users.sourceforge.net>
parents: 3356
diff changeset
853 We explicitly catch Reject and ValueError exceptions and
0c66acaea802 present Reject exception messages to web users [SF#1237685]
Richard Jones <richard@users.sourceforge.net>
parents: 3356
diff changeset
854 present their messages to the user.
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
855 '''
1467
378081f066cc registration is now a two-step process with confirmation from the
Richard Jones <richard@users.sourceforge.net>
parents: 1456
diff changeset
856 if self.form.has_key(':action'):
378081f066cc registration is now a two-step process with confirmation from the
Richard Jones <richard@users.sourceforge.net>
parents: 1456
diff changeset
857 action = self.form[':action'].value.lower()
378081f066cc registration is now a two-step process with confirmation from the
Richard Jones <richard@users.sourceforge.net>
parents: 1456
diff changeset
858 elif self.form.has_key('@action'):
378081f066cc registration is now a two-step process with confirmation from the
Richard Jones <richard@users.sourceforge.net>
parents: 1456
diff changeset
859 action = self.form['@action'].value.lower()
378081f066cc registration is now a two-step process with confirmation from the
Richard Jones <richard@users.sourceforge.net>
parents: 1456
diff changeset
860 else:
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
861 return None
2638
18e86941c950 Load up extensions in the tracker "extensions" directory.
Richard Jones <richard@users.sourceforge.net>
parents: 2592
diff changeset
862
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
863 try:
2948
deda13909085 factor out get_action_class so it may be called from other places
Richard Jones <richard@users.sourceforge.net>
parents: 2947
diff changeset
864 action_klass = self.get_action_class(action)
2019
8fab5d394f22 Call actions in a different way so we won't hide any bad TypeErrors.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 2018
diff changeset
865
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
866 # call the mapped action
2019
8fab5d394f22 Call actions in a different way so we won't hide any bad TypeErrors.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 2018
diff changeset
867 if isinstance(action_klass, type('')):
8fab5d394f22 Call actions in a different way so we won't hide any bad TypeErrors.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 2018
diff changeset
868 # old way of specifying actions
2045
d124af927369 Forward-porting of fixes from the maintenance branch.
Richard Jones <richard@users.sourceforge.net>
parents: 2032
diff changeset
869 return getattr(self, action_klass)()
2019
8fab5d394f22 Call actions in a different way so we won't hide any bad TypeErrors.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 2018
diff changeset
870 else:
2045
d124af927369 Forward-porting of fixes from the maintenance branch.
Richard Jones <richard@users.sourceforge.net>
parents: 2032
diff changeset
871 return action_klass(self).execute()
2032
5a7ec0c63095 fixes to some unit tests, and a cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 2019
diff changeset
872
3388
0c66acaea802 present Reject exception messages to web users [SF#1237685]
Richard Jones <richard@users.sourceforge.net>
parents: 3356
diff changeset
873 except (ValueError, Reject), err:
2004
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1987
diff changeset
874 self.error_message.append(str(err))
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
875
2948
deda13909085 factor out get_action_class so it may be called from other places
Richard Jones <richard@users.sourceforge.net>
parents: 2947
diff changeset
876 def get_action_class(self, action_name):
deda13909085 factor out get_action_class so it may be called from other places
Richard Jones <richard@users.sourceforge.net>
parents: 2947
diff changeset
877 if (hasattr(self.instance, 'cgi_actions') and
deda13909085 factor out get_action_class so it may be called from other places
Richard Jones <richard@users.sourceforge.net>
parents: 2947
diff changeset
878 self.instance.cgi_actions.has_key(action_name)):
deda13909085 factor out get_action_class so it may be called from other places
Richard Jones <richard@users.sourceforge.net>
parents: 2947
diff changeset
879 # tracker-defined action
deda13909085 factor out get_action_class so it may be called from other places
Richard Jones <richard@users.sourceforge.net>
parents: 2947
diff changeset
880 action_klass = self.instance.cgi_actions[action_name]
deda13909085 factor out get_action_class so it may be called from other places
Richard Jones <richard@users.sourceforge.net>
parents: 2947
diff changeset
881 else:
deda13909085 factor out get_action_class so it may be called from other places
Richard Jones <richard@users.sourceforge.net>
parents: 2947
diff changeset
882 # go with a default
deda13909085 factor out get_action_class so it may be called from other places
Richard Jones <richard@users.sourceforge.net>
parents: 2947
diff changeset
883 for name, action_klass in self.actions:
deda13909085 factor out get_action_class so it may be called from other places
Richard Jones <richard@users.sourceforge.net>
parents: 2947
diff changeset
884 if name == action_name:
deda13909085 factor out get_action_class so it may be called from other places
Richard Jones <richard@users.sourceforge.net>
parents: 2947
diff changeset
885 break
deda13909085 factor out get_action_class so it may be called from other places
Richard Jones <richard@users.sourceforge.net>
parents: 2947
diff changeset
886 else:
deda13909085 factor out get_action_class so it may be called from other places
Richard Jones <richard@users.sourceforge.net>
parents: 2947
diff changeset
887 raise ValueError, 'No such action "%s"'%action_name
deda13909085 factor out get_action_class so it may be called from other places
Richard Jones <richard@users.sourceforge.net>
parents: 2947
diff changeset
888 return action_klass
deda13909085 factor out get_action_class so it may be called from other places
Richard Jones <richard@users.sourceforge.net>
parents: 2947
diff changeset
889
3760
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
890 def _socket_op(self, call, *args, **kwargs):
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
891 """Execute socket-related operation, catch common network errors
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
892
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
893 Parameters:
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
894 call: a callable to execute
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
895 args, kwargs: call arguments
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
896
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
897 """
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
898 try:
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
899 call(*args, **kwargs)
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
900 except socket.error, err:
3807
c27aafab067d Band-aid over handling of netework errors.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3800
diff changeset
901 err_errno = getattr (err, 'errno', None)
3808
36eb9e8faf30 Real handling of network errors.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3807
diff changeset
902 if err_errno is None:
36eb9e8faf30 Real handling of network errors.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3807
diff changeset
903 try:
36eb9e8faf30 Real handling of network errors.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3807
diff changeset
904 err_errno = err[0]
36eb9e8faf30 Real handling of network errors.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3807
diff changeset
905 except TypeError:
36eb9e8faf30 Real handling of network errors.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3807
diff changeset
906 pass
3807
c27aafab067d Band-aid over handling of netework errors.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3800
diff changeset
907 if err_errno not in self.IGNORE_NET_ERRORS:
3760
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
908 raise
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
909
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
910 def write(self, content):
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
911 if not self.headers_done:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
912 self.header()
2592
5a8d9465827e implement the HTTP HEAD command [SF#992544]
Richard Jones <richard@users.sourceforge.net>
parents: 2565
diff changeset
913 if self.env['REQUEST_METHOD'] != 'HEAD':
3760
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
914 self._socket_op(self.request.wfile.write, content)
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
915
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
916 def write_html(self, content):
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
917 if not self.headers_done:
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
918 # at this point, we are sure about Content-Type
3867
2563ddf71cd7 Enabled over-riding of content-type in web interface (thanks John Mitchell)
Richard Jones <richard@users.sourceforge.net>
parents: 3808
diff changeset
919 if not self.additional_headers.has_key('Content-Type'):
2563ddf71cd7 Enabled over-riding of content-type in web interface (thanks John Mitchell)
Richard Jones <richard@users.sourceforge.net>
parents: 3808
diff changeset
920 self.additional_headers['Content-Type'] = \
2563ddf71cd7 Enabled over-riding of content-type in web interface (thanks John Mitchell)
Richard Jones <richard@users.sourceforge.net>
parents: 3808
diff changeset
921 'text/html; charset=%s' % self.charset
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
922 self.header()
2592
5a8d9465827e implement the HTTP HEAD command [SF#992544]
Richard Jones <richard@users.sourceforge.net>
parents: 2565
diff changeset
923
5a8d9465827e implement the HTTP HEAD command [SF#992544]
Richard Jones <richard@users.sourceforge.net>
parents: 2565
diff changeset
924 if self.env['REQUEST_METHOD'] == 'HEAD':
5a8d9465827e implement the HTTP HEAD command [SF#992544]
Richard Jones <richard@users.sourceforge.net>
parents: 2565
diff changeset
925 # client doesn't care about content
5a8d9465827e implement the HTTP HEAD command [SF#992544]
Richard Jones <richard@users.sourceforge.net>
parents: 2565
diff changeset
926 return
5a8d9465827e implement the HTTP HEAD command [SF#992544]
Richard Jones <richard@users.sourceforge.net>
parents: 2565
diff changeset
927
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
928 if self.charset != self.STORAGE_CHARSET:
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
929 # recode output
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
930 content = content.decode(self.STORAGE_CHARSET, 'replace')
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
931 content = content.encode(self.charset, 'xmlcharrefreplace')
2592
5a8d9465827e implement the HTTP HEAD command [SF#992544]
Richard Jones <richard@users.sourceforge.net>
parents: 2565
diff changeset
932
5a8d9465827e implement the HTTP HEAD command [SF#992544]
Richard Jones <richard@users.sourceforge.net>
parents: 2565
diff changeset
933 # and write
3760
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
934 self._socket_op(self.request.wfile.write, content)
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
935
2046
f913b6beac35 document and make easier the actions-returning-content idiom
Richard Jones <richard@users.sourceforge.net>
parents: 2045
diff changeset
936 def setHeader(self, header, value):
f913b6beac35 document and make easier the actions-returning-content idiom
Richard Jones <richard@users.sourceforge.net>
parents: 2045
diff changeset
937 '''Override a header to be returned to the user's browser.
f913b6beac35 document and make easier the actions-returning-content idiom
Richard Jones <richard@users.sourceforge.net>
parents: 2045
diff changeset
938 '''
f913b6beac35 document and make easier the actions-returning-content idiom
Richard Jones <richard@users.sourceforge.net>
parents: 2045
diff changeset
939 self.additional_headers[header] = value
f913b6beac35 document and make easier the actions-returning-content idiom
Richard Jones <richard@users.sourceforge.net>
parents: 2045
diff changeset
940
1120
c26471971d18 Exposed the Batch mechanism through the top-level "utils" variable.
Richard Jones <richard@users.sourceforge.net>
parents: 1103
diff changeset
941 def header(self, headers=None, response=None):
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
942 '''Put up the appropriate header.
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
943 '''
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
944 if headers is None:
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
945 headers = {'Content-Type':'text/html; charset=utf-8'}
1120
c26471971d18 Exposed the Batch mechanism through the top-level "utils" variable.
Richard Jones <richard@users.sourceforge.net>
parents: 1103
diff changeset
946 if response is None:
c26471971d18 Exposed the Batch mechanism through the top-level "utils" variable.
Richard Jones <richard@users.sourceforge.net>
parents: 1103
diff changeset
947 response = self.response_code
1130
89bd02ffe4af tell clients/caches not to cache our dynamic bits
Richard Jones <richard@users.sourceforge.net>
parents: 1129
diff changeset
948
89bd02ffe4af tell clients/caches not to cache our dynamic bits
Richard Jones <richard@users.sourceforge.net>
parents: 1129
diff changeset
949 # update with additional info
1120
c26471971d18 Exposed the Batch mechanism through the top-level "utils" variable.
Richard Jones <richard@users.sourceforge.net>
parents: 1103
diff changeset
950 headers.update(self.additional_headers)
1130
89bd02ffe4af tell clients/caches not to cache our dynamic bits
Richard Jones <richard@users.sourceforge.net>
parents: 1129
diff changeset
951
2279
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
952 if headers.get('Content-Type', 'text/html') == 'text/html':
297e46e22e04 implemented HTTP charset negotiation.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2248
diff changeset
953 headers['Content-Type'] = 'text/html; charset=utf-8'
3736
a2d22d0de0bc WSGI support via roundup.cgi.wsgi_handler
Richard Jones <richard@users.sourceforge.net>
parents: 3687
diff changeset
954
a2d22d0de0bc WSGI support via roundup.cgi.wsgi_handler
Richard Jones <richard@users.sourceforge.net>
parents: 3687
diff changeset
955 headers = headers.items()
a2d22d0de0bc WSGI support via roundup.cgi.wsgi_handler
Richard Jones <richard@users.sourceforge.net>
parents: 3687
diff changeset
956
2946
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
957 for ((path, name), (value, expire)) in self.add_cookies.items():
3548
61d48244e7a8 login may now be for a single session
Richard Jones <richard@users.sourceforge.net>
parents: 3494
diff changeset
958 cookie = "%s=%s; Path=%s;"%(name, value, path)
61d48244e7a8 login may now be for a single session
Richard Jones <richard@users.sourceforge.net>
parents: 3494
diff changeset
959 if expire is not None:
61d48244e7a8 login may now be for a single session
Richard Jones <richard@users.sourceforge.net>
parents: 3494
diff changeset
960 cookie += " expires=%s;"%Cookie._getdate(expire)
3736
a2d22d0de0bc WSGI support via roundup.cgi.wsgi_handler
Richard Jones <richard@users.sourceforge.net>
parents: 3687
diff changeset
961 headers.append(('Set-Cookie', cookie))
a2d22d0de0bc WSGI support via roundup.cgi.wsgi_handler
Richard Jones <richard@users.sourceforge.net>
parents: 3687
diff changeset
962
3760
b8f52d030f1a ignore common network errors, like "Connection reset by peer"
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 3736
diff changeset
963 self._socket_op(self.request.start_response, headers, response)
3736
a2d22d0de0bc WSGI support via roundup.cgi.wsgi_handler
Richard Jones <richard@users.sourceforge.net>
parents: 3687
diff changeset
964
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
965 self.headers_done = 1
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
966 if self.debug:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
967 self.headers_sent = headers
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
968
2946
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
969 def add_cookie(self, name, value, expire=86400*365, path=None):
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
970 """Set a cookie value to be sent in HTTP headers
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
971
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
972 Parameters:
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
973 name:
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
974 cookie name
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
975 value:
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
976 cookie value
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
977 expire:
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
978 cookie expiration time (seconds).
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
979 If value is empty (meaning "delete cookie"),
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
980 expiration time is forced in the past
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
981 and this argument is ignored.
3548
61d48244e7a8 login may now be for a single session
Richard Jones <richard@users.sourceforge.net>
parents: 3494
diff changeset
982 If None, the cookie will expire at end-of-session.
2946
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
983 If omitted, the cookie will be kept for a year.
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
984 path:
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
985 cookie path (optional)
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
986
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
987 """
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
988 if path is None:
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
989 path = self.cookie_path
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
990 if not value:
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
991 expire = -1
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
992 self.add_cookies[(path, name)] = (value, expire)
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
993
3548
61d48244e7a8 login may now be for a single session
Richard Jones <richard@users.sourceforge.net>
parents: 3494
diff changeset
994 def set_cookie(self, user, expire=None):
1937
4c850112895b Some reformatting and fixing docstrings for emacs.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1936
diff changeset
995 """Set up a session cookie for the user.
4c850112895b Some reformatting and fixing docstrings for emacs.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1936
diff changeset
996
4c850112895b Some reformatting and fixing docstrings for emacs.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1936
diff changeset
997 Also store away the user's login info against the session.
4c850112895b Some reformatting and fixing docstrings for emacs.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1936
diff changeset
998 """
2233
3d9bb1a052d1 fix random seeding for forking server
Richard Jones <richard@users.sourceforge.net>
parents: 2230
diff changeset
999 sessions = self.db.getSessionManager()
3d9bb1a052d1 fix random seeding for forking server
Richard Jones <richard@users.sourceforge.net>
parents: 2230
diff changeset
1000
2244
ac4f295499a4 fixed journal marshalling in RDBMS backends [SF#943627]
Richard Jones <richard@users.sourceforge.net>
parents: 2237
diff changeset
1001 # generate a unique session key
ac4f295499a4 fixed journal marshalling in RDBMS backends [SF#943627]
Richard Jones <richard@users.sourceforge.net>
parents: 2237
diff changeset
1002 while 1:
2233
3d9bb1a052d1 fix random seeding for forking server
Richard Jones <richard@users.sourceforge.net>
parents: 2230
diff changeset
1003 s = '%s%s'%(time.time(), random.random())
2244
ac4f295499a4 fixed journal marshalling in RDBMS backends [SF#943627]
Richard Jones <richard@users.sourceforge.net>
parents: 2237
diff changeset
1004 s = binascii.b2a_base64(s).strip()
ac4f295499a4 fixed journal marshalling in RDBMS backends [SF#943627]
Richard Jones <richard@users.sourceforge.net>
parents: 2237
diff changeset
1005 if not sessions.exists(s):
ac4f295499a4 fixed journal marshalling in RDBMS backends [SF#943627]
Richard Jones <richard@users.sourceforge.net>
parents: 2237
diff changeset
1006 break
ac4f295499a4 fixed journal marshalling in RDBMS backends [SF#943627]
Richard Jones <richard@users.sourceforge.net>
parents: 2237
diff changeset
1007 self.session = s
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1008
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1009 # clean up the base64
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1010 if self.session[-1] == '=':
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1011 if self.session[-2] == '=':
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1012 self.session = self.session[:-2]
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1013 else:
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1014 self.session = self.session[:-1]
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1015
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1016 # insert the session in the sessiondb
2082
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents: 2052
diff changeset
1017 sessions.set(self.session, user=user)
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents: 2052
diff changeset
1018 self.db.commit()
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1019
2946
661028d24cd2 support for multiple cookie headers in single http response;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2942
diff changeset
1020 # add session cookie
3548
61d48244e7a8 login may now be for a single session
Richard Jones <richard@users.sourceforge.net>
parents: 3494
diff changeset
1021 self.add_cookie(self.cookie_name, self.session, expire=expire)
985
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1022
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1023 def make_user_anonymous(self):
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1024 ''' Make us anonymous
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1025
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1026 This method used to handle non-existence of the 'anonymous'
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1027 user, but that user is mandatory now.
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1028 '''
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1029 self.userid = self.db.user.lookup('anonymous')
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1030 self.user = 'anonymous'
55ab0c5b49f9 New CGI interface support
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1031
1801
9f9d35f3d8f7 Change the message asking for confirmation of registration...
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1799
diff changeset
1032 def standard_message(self, to, subject, body, author=None):
2248
cd7e6d6288c6 fixed rego from email address [SF#947414]
Richard Jones <richard@users.sourceforge.net>
parents: 2246
diff changeset
1033 '''Send a standard email message from Roundup.
cd7e6d6288c6 fixed rego from email address [SF#947414]
Richard Jones <richard@users.sourceforge.net>
parents: 2246
diff changeset
1034
cd7e6d6288c6 fixed rego from email address [SF#947414]
Richard Jones <richard@users.sourceforge.net>
parents: 2246
diff changeset
1035 "to" - recipients list
cd7e6d6288c6 fixed rego from email address [SF#947414]
Richard Jones <richard@users.sourceforge.net>
parents: 2246
diff changeset
1036 "subject" - Subject
cd7e6d6288c6 fixed rego from email address [SF#947414]
Richard Jones <richard@users.sourceforge.net>
parents: 2246
diff changeset
1037 "body" - Message
cd7e6d6288c6 fixed rego from email address [SF#947414]
Richard Jones <richard@users.sourceforge.net>
parents: 2246
diff changeset
1038 "author" - (name, address) tuple or None for admin email
cd7e6d6288c6 fixed rego from email address [SF#947414]
Richard Jones <richard@users.sourceforge.net>
parents: 2246
diff changeset
1039
cd7e6d6288c6 fixed rego from email address [SF#947414]
Richard Jones <richard@users.sourceforge.net>
parents: 2246
diff changeset
1040 Arguments are passed to the Mailer.standard_message code.
cd7e6d6288c6 fixed rego from email address [SF#947414]
Richard Jones <richard@users.sourceforge.net>
parents: 2246
diff changeset
1041 '''
1799
071ea6fc803f Extracted duplicated mail-sending code...
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1798
diff changeset
1042 try:
1801
9f9d35f3d8f7 Change the message asking for confirmation of registration...
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1799
diff changeset
1043 self.mailer.standard_message(to, subject, body, author)
1802
fe9d122f1bb1 Fix misnamed exception clause.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1801
diff changeset
1044 except MessageSendError, e:
1799
071ea6fc803f Extracted duplicated mail-sending code...
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1798
diff changeset
1045 self.error_message.append(str(e))
2248
cd7e6d6288c6 fixed rego from email address [SF#947414]
Richard Jones <richard@users.sourceforge.net>
parents: 2246
diff changeset
1046 return 0
cd7e6d6288c6 fixed rego from email address [SF#947414]
Richard Jones <richard@users.sourceforge.net>
parents: 2246
diff changeset
1047 return 1
1467
378081f066cc registration is now a two-step process with confirmation from the
Richard Jones <richard@users.sourceforge.net>
parents: 1456
diff changeset
1048
2107
b7404a96b58a minor pre-release / test fixes
Richard Jones <richard@users.sourceforge.net>
parents: 2082
diff changeset
1049 def parsePropsFromForm(self, create=0):
2010
1b11ffd8015e forward-porting of fixed edit action / parsePropsFromForm...
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
1050 return FormParser(self).parse(create=create)
1b11ffd8015e forward-porting of fixed edit action / parsePropsFromForm...
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
1051
2799
9605965569b0 disallow caching of pages with error and/or ok messages.
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2724
diff changeset
1052 # vim: set et sts=4 sw=4 :
Roundup Issue Tracker: http://roundup-tracker.org/