def POST(self):
rtn = None
try:
if session.has_token() is False:
anonymous_user = user.login(user.ANONYMOUS_ACCOUNT_NAME, None)
session.set_token(anonymous_user)
operation = user.get_operation(handler_class=self.get_qualified_name())
if operation is not None:
paramnames = operation.get_resource_oql_paramnames()
oqlparams = self._get_resource_oql_params(paramnames)
if user.has_permission(self._get_user_id(), operation.operation_key, oqlparams=oqlparams):
rtn = self.execute()
else:
if session.get_token().is_anonymous():
raise SessionExpiredError(session.get_token())
else:
raise UnauthorizedError()
else:
raise CoreError("%s is not related to operation.", self.get_qualified_name())
except BaseException, e:
msg = str(e)
msg += traceback.format_exc()
log.get_logger().error(msg)
rtn = self._new_rtn(e=e).to_json()
def _get_resource_oql_params(self, paramnames):
oqlparams = {}
if len(paramnames) > 0:
data = self._get_data()
for paramname in paramnames:
if hasattr(session.get_token(), paramname):
oqlparams[paramname] = getattr(session.get_token(), paramname)
elif data.has_key(paramname):
oqlparams[paramname] = data[paramname]
else:
raise UnauthorizedError()
return oqlparams
def execute(self):
web.header("Content-Type", "application/x-javascript")
translations = {}
langs = conf.get_supported_languages()
for lang in langs:
results = i18n.fetch_i18ns(locale=lang, return_dic=True)
translations[lang] = results
js = "var I18N = {"
js += "translations : %s," % jsonutil.to_json(translations)
js += "defaultLanguage : '%s'" % conf.get_preferred_language()
js += "};"
js += "var G_VERSION='%s';" % conf.G_VERSION
js += "var EMPTY_UID=%d;" % model.EMPTY_UID
js += "var LOGIN_USER=%s;" % jsonutil.to_json(session.get_token().to_dict())
js += conf.dynamicjs_hook()
return js
def _get_user_id(self):
return session.get_token().user_id
def decrypt_password(password):
password = password.decode('hex')
return cryptoutil.rsa_decrypt(password, session.get_token().rsa_key)
