Mercurial > p > roundup > code
comparison roundup/cgi/client.py @ 1244:8dd4f736370b
merge from maintenance branch
| author | Richard Jones <richard@users.sourceforge.net> |
|---|---|
| date | Thu, 03 Oct 2002 06:56:30 +0000 |
| parents | dd52bf10f934 |
| children | 6c24a86a12ae |
comparison
equal
deleted
inserted
replaced
| 1243:3a028d2f7830 | 1244:8dd4f736370b |
|---|---|
| 1 # $Id: client.py,v 1.48 2002-09-27 01:04:38 richard Exp $ | 1 # $Id: client.py,v 1.49 2002-10-03 06:56:29 richard Exp $ |
| 2 | 2 |
| 3 __doc__ = """ | 3 __doc__ = """ |
| 4 WWW request handler (also used in the stand-alone server). | 4 WWW request handler (also used in the stand-alone server). |
| 5 """ | 5 """ |
| 6 | 6 |
| 46 p = security.addPermission(name="Web Roles", | 46 p = security.addPermission(name="Web Roles", |
| 47 description="User may manipulate user Roles through the web") | 47 description="User may manipulate user Roles through the web") |
| 48 security.addPermissionToRole('Admin', p) | 48 security.addPermissionToRole('Admin', p) |
| 49 | 49 |
| 50 class Client: | 50 class Client: |
| 51 ''' | 51 ''' Instantiate to handle one CGI request. |
| 52 A note about login | 52 |
| 53 ------------------ | 53 See inner_main for request processing. |
| 54 | 54 |
| 55 If the user has no login cookie, then they are anonymous. There | 55 Client attributes at instantiation: |
| 56 are two levels of anonymous use. If there is no 'anonymous' user, there | |
| 57 is no login at all and the database is opened in read-only mode. If the | |
| 58 'anonymous' user exists, the user is logged in using that user (though | |
| 59 there is no cookie). This allows them to modify the database, and all | |
| 60 modifications are attributed to the 'anonymous' user. | |
| 61 | |
| 62 Once a user logs in, they are assigned a session. The Client instance | |
| 63 keeps the nodeid of the session as the "session" attribute. | |
| 64 | |
| 65 Client attributes: | |
| 66 "path" is the PATH_INFO inside the instance (with no leading '/') | 56 "path" is the PATH_INFO inside the instance (with no leading '/') |
| 67 "base" is the base URL for the instance | 57 "base" is the base URL for the instance |
| 58 "form" is the cgi form, an instance of FieldStorage from the standard | |
| 59 cgi module | |
| 60 "additional_headers" is a dictionary of additional HTTP headers that | |
| 61 should be sent to the client | |
| 62 "response_code" is the HTTP response code to send to the client | |
| 63 | |
| 64 During the processing of a request, the following attributes are used: | |
| 65 "error_message" holds a list of error messages | |
| 66 "ok_message" holds a list of OK messages | |
| 67 "session" is the current user session id | |
| 68 "user" is the current user's name | |
| 69 "userid" is the current user's id | |
| 70 "template" is the current :template context | |
| 71 "classname" is the current class context name | |
| 72 "nodeid" is the current context item id | |
| 73 | |
| 74 User Identification: | |
| 75 If the user has no login cookie, then they are anonymous and are logged | |
| 76 in as that user. This typically gives them all Permissions assigned to the | |
| 77 Anonymous Role. | |
| 78 | |
| 79 Once a user logs in, they are assigned a session. The Client instance | |
| 80 keeps the nodeid of the session as the "session" attribute. | |
| 68 ''' | 81 ''' |
| 69 | 82 |
| 70 def __init__(self, instance, request, env, form=None): | 83 def __init__(self, instance, request, env, form=None): |
| 71 hyperdb.traceMark() | 84 hyperdb.traceMark() |
| 72 self.instance = instance | 85 self.instance = instance |
| 132 message is displayed indicating that permission was not | 145 message is displayed indicating that permission was not |
| 133 granted for the action to take place | 146 granted for the action to take place |
| 134 - NotFound (raised wherever it needs to be) | 147 - NotFound (raised wherever it needs to be) |
| 135 percolates up to the CGI interface that called the client | 148 percolates up to the CGI interface that called the client |
| 136 ''' | 149 ''' |
| 137 self.content_action = None | |
| 138 self.ok_message = [] | 150 self.ok_message = [] |
| 139 self.error_message = [] | 151 self.error_message = [] |
| 140 try: | 152 try: |
| 141 # make sure we're identified (even anonymously) | 153 # make sure we're identified (even anonymously) |
| 142 self.determine_user() | 154 self.determine_user() |
| 165 except SendFile, designator: | 177 except SendFile, designator: |
| 166 self.serve_file(designator) | 178 self.serve_file(designator) |
| 167 except SendStaticFile, file: | 179 except SendStaticFile, file: |
| 168 self.serve_static_file(str(file)) | 180 self.serve_static_file(str(file)) |
| 169 except Unauthorised, message: | 181 except Unauthorised, message: |
| 170 self.write(self.renderTemplate('page', '', error_message=message)) | 182 self.classname=None |
| 183 self.template='' | |
| 184 self.error_message.append(message) | |
| 185 self.write(self.renderContext()) | |
| 171 except NotFound: | 186 except NotFound: |
| 172 # pass through | 187 # pass through |
| 173 raise | 188 raise |
| 174 except: | 189 except: |
| 175 # everything else | 190 # everything else |