def __init__(self, request, content, repo, logged_in = False): self.request = request self.logged_in = logged_in self.repo = repo path, params, query, fragment = request.split_uri() self.request_path = path self.content = content self.callers_idea_of_service = get_header(HOST_HEADER, request.header) self.user_agent = get_header (USER_AGENT, request.header) accepts = get_header(ACCEPTS_HEADER, request.header) self.xml_request = accepts and (accepts.lower().strip() == "application/xml") self.fp = None self.request['Cache-Control'] = "no-store"
def is_logged_in (repo, request): if not repo.has_password: return true header_password = get_header(PASSWORD, request.header) if header_password and repo.check_password(header_password): return true if check_cookie(request, repo): return true return false
def handle_request(self, request): if request.command == 'post': cl = default_handler.get_header(CONTENT_LENGTH, request.header) ic = sample_input_collector(request, cl) request.collector = ic print request.header return script_handler.script_handler.handle_request(self, request)
def add_last_modified_headers(request, repo): request['X-UpLib-Repository-Last-Modified'] = http_date.build_http_date(repo.mod_time()) wants_doc_changes = get_header(DOC_CHANGES_SINCE_HEADER, request.header) if wants_doc_changes: try: wants_doc_changes = float(wants_doc_changes.strip()) except: pass else: docs = repo.get_touched_since(wants_doc_changes) request['X-UpLib-Docs-Modified'] = str(wants_doc_changes) + ";" + ";".join(["%s,%s" % (doc.id, doc.touch_time()) for doc in docs])
def check_cookie(request, repo): global MORSEL_KEY try: if not MORSEL_KEY: MORSEL_KEY = "uplibnonce%d" % repo.secure_port() cookiedata = get_header(COOKIE, request.header) cookie = Cookie.BaseCookie(cookiedata) morsel = cookie.get(MORSEL_KEY) return morsel and repo.check_cookie(morsel.value) except: t, v, s = sys.exc_info() note("error in check_cookie:\n%s\n", ''.join(traceback.format_exception(t, v, s))) return false
def handle_data (self, request, dp): # note(0, "handle_data: %s, dp is %s, command is %s", request, dp, request.command) if type(dp) == type(types.FileType): data = dp elif isinstance(dp, SelfDeletingFileObject): data = dp.open() elif isinstance(dp, StringIO): data = dp if request.command == 'HEAD' and not (request.uri.endswith(".jnlp") or request.uri.endswith(".jar")): # we don't do HEAD requests on /action methods, so send back 405 data.close() request['Allow'] = "GET, POST" request.reply_code = 405 request.done() return stat = true try: ct = get_header (CONTENT_TYPE, request.header) if (ct and (ct.strip().startswith("multipart/form-data") or ct.strip().startswith("application/x-www-form-urlencoded"))): #note(5, "processing %s; headers are:\n%s\ndata is\n<%s>\n", ct, request.header, _read_and_reset(data)) form = request_to_field_dict(request, data, request.angel_action[2]) data.close() data = None else: form = request_to_field_dict(request, None, request.angel_action[2]) # for key in form.keys(): # value = form[key] # note(3, "field %s: <%s>", key, value[:min(50, len(value))]) stat = self.do_action(request, form, data) if data: data.close() except: info = sys.exc_info() signal_python_exception(request, info) if stat: request.done()
def handle_request (self, request): request['Server'] = "UpLib/%s" % self.version request.version = '1.0' # stick with 1.0 for Medusa if request.command not in self.valid_commands: request.error (400) # bad request return self.hit_counter.increment() # note(0, "request is %s (%s):\n%s", request.command, request.uri, request.header); request.handler = "action" try: if not authorized(self.__repo__, request): handler = authentication_handler() # note(0, "not authorized") else: handler = self except: fakefile = StringIO() traceback.print_exc(None, fakefile) s = fakefile.getvalue() fakefile.close() request['Content-Type'] = "text/plain" request['Content-Length'] = len(s) request.reply_code = 500 request.push(s) request.done() return # check for payload query = request.angel_action[2] cl = get_header (CONTENT_LENGTH, request.header) if cl: note(4, "content-length is %s", cl) request.collector = data_collector (int(cl), request, handler) # no terminator while receiving POST data request.channel.set_terminator (None) # don't respond yet, wait until we've received the data... elif (handler != self): output_login_page(request) request.done() elif request.command == 'HEAD' and not (request.uri.endswith(".jnlp") or request.uri.endswith(".jar")): # we don't do HEAD requests on /action methods, so send back 405 # but allow head on .jnlp files request['Allow'] = "GET, POST" request.reply_code = 405 request.done() return else: try: if query: # there's a query, so process it dict = request_to_field_dict (request, None, request.angel_action[2]) if self.do_action(request, dict, None): request.done() else: if self.do_action(request, None, None): request.done() except: note("signalling exception in data-free request handler:\n%s", "".join(traceback.format_exception(*sys.exc_info())))
def handle_request (self, request): request['Server'] = "UpLib/%s" % self.version request.version = '1.0' # stick with 1.0 for Medusa if request.uri == "/ping": # too many things pinging us, turn off logging of ping request.log = _ignore_request_logging add_last_modified_headers(request, self.__repo__) request.error(200) return elif request.uri == "/login": handler = self elif request.uri == "/favicon.ico": handler = self elif request.uri == "/html/signedreadup.jar": handler = self elif request.uri == "/html/images/ReadUpJWS.gif": handler = self else: handler = error_handler(400) self.hit_counter.increment() cl = get_header (CONTENT_LENGTH, request.header) if cl: request.collector = data_collector (int(cl), request, handler) request.channel.set_terminator (None) # don't respond yet, wait until we've received the data... elif request.uri == "/favicon.ico": global FAVICON if not FAVICON: FAVICON = self.__repo__.get_favicon() if FAVICON: request.reply_code = 200 request["Content-Type"] = "image/vnd.microsoft.icon" request["Content-Length"] = len(FAVICON) request.push(FAVICON) request.done() else: request.error(404) elif request.uri == "/html/signedreadup.jar": jarpath = os.path.join(self.__repo__.html_folder(), "signedreadup.jar") # simplest way to do this is to create a response object r = response(request, None, self.__repo__) if not os.path.exists(jarpath): request.error(404) return else: r.return_file("application/x-java-archive", jarpath) request.done() elif request.uri == "/html/images/ReadUpJWS.gif": imgpath = os.path.join(self.__repo__.html_folder(), "images", "ReadUpJWS.gif") # simplest way to do this is to create a response object r = response(request, None, self.__repo__) if not os.path.exists(imgpath): request.error(404) return else: r.return_file("image/gif", imgpath) request.done() else: request.error(400)