def edit_page(self, context): self.load_visit(context) page_context = self.new_page_context(context) if context.group is None: raise wsgi.PageNotAuthorized try: query = context.get_query() logging.debug("edit key=%s", query['id']) key = odata.uri_literal_from_str(query.get('id', '')).value with context.group['Notices'].open() \ as collection: collection.set_expand({'User': None}) entity = collection[key] user = entity['User'].get_entity() if not (context.user and context.user == user): # only the owner can edit their post raise wsgi.PageNotAuthorized page_context['id_attr'] = xml.escape_char_data7( odata.FormatURILiteral(entity['ID']), True) page_context['title_attr'] = xml.escape_char_data7( entity['Title'].value, True) page_context['description'] = entity['Description'].value page_context[self.csrf_token] = context.session.sid() except ValueError: raise wsgi.BadRequest except KeyError: raise wsgi.PageNotFound data = self.render_template(context, 'notices/edit_form.html', page_context) context.set_status(200) return self.html_response(context, data)
def consumers_page(self, context): page_context = self.new_context_dictionary(context) # add errors errors = set(("duplicate_key",)) query = context.get_query() error = query.get("error", "") for e in errors: page_context[e] = e == error owner = self.get_owner(context) if owner is None: # we require an owner to be logged in raise wsgi.PageNotAuthorized page_context["user_name"] = owner["FullName"].value silo = owner["Silo"].get_entity() page_context["silo"] = silo consumer_list = [] with silo["Consumers"].open() as collection: collection.set_orderby(odata.Parser("Handle asc").parse_orderby_option()) for consumer in collection.itervalues(): citem = {} consumer = lti.ToolConsumer(consumer, self.app_cipher) query = urllib.urlencode({"cid": odata.ODataURI.format_literal(consumer.entity["ID"])}) citem["consumer"] = consumer citem["cedit_link"] = xml.escape_char_data7("edit?" + query, True) citem["cdel_link"] = xml.escape_char_data7("del?" + query, True) consumer_list.append(citem) query = urllib.urlencode({"silo": odata.ODataURI.format_literal(silo["ID"])}) page_context["cadd_link"] = xml.escape_char_data7("add?" + query, True) page_context["consumers"] = consumer_list page_context[self.csrf_token] = context.session.sid data = self.render_template(context, "consumers/index.html", page_context) context.set_status(200) return self.html_response(context, data)
def ctest_page(self, context, target_url, return_url, sid): """Provides a template driven cookie test page It is based on the template:: jinjaapp/ctest.html Shown after blocked cookies are detected. See :meth:`pyslet.wsgi.SessionApp.ctest_page` for details. The Django context contains three additional variables with values 'ctest_attr', 'return_attr' and 'sid_attr', all *quoted and HTML-escaped* ready to be used as attribute values. The ctest_attr variable contains the URL that can be used as a form target suitable for opening in a new browser window. The other two values are the originally requested URL and the session id respectively and must be submitted as hidden values on the form.""" c = self.new_context_dictionary(context) c['ctest_attr'] = xml.escape_char_data7(target_url, True) c['return_attr'] = xml.escape_char_data7(return_url, True) c['sid_attr'] = xml.escape_char_data7(sid, True) data = self.render_template(context, 'jinjaapp/ctest.html', c) context.set_status(200) return self.html_response(context, data)
def ctest_page(self, context, target_url, return_url, sid): """Provides a template driven cookie test page It is based on the template:: djangoapp/ctest.html Shown after blocked cookies are detected. See :meth:`pyslet.wsgi.SessionApp.ctest_page` for details. The Django context contains three additional variables with values 'ctest_attr', 'return_attr' and 'sid_attr', all *quoted and HTML-escaped* ready to be used as attribute values. The ctest_attr variable contains the URL that can be used as a form target suitable for opening in a new browser window. The other two values are the originally requested URL and the session id respectively and must be submitted as hidden values on the form.""" c = self.new_page_context(context) c['ctest_attr'] = xml.escape_char_data7(target_url, True) c['return_attr'] = xml.escape_char_data7(return_url, True) c['sid_attr'] = xml.escape_char_data7(sid, True) data = self.render_template(context, 'djangoapp/ctest.html', c) context.set_status(200) return self.html_response(context, data)
def new_page_context(self, context): page_context = super(NoticeBoard, self).new_page_context(context) app_root = str(context.get_app_root()) page_context['css_attr'] = xml.escape_char_data7( app_root + 'css/base.css', True) page_context['favicon_attr'] = xml.escape_char_data7( app_root + 'images/favicon.ico', True) return page_context
def new_context_dictionary(self, context): context_dict = super(NoticeBoard, self).new_context_dictionary(context) app_root = str(context.get_app_root()) context_dict['css_attr'] = xml.escape_char_data7( app_root + 'css/base.css', True) context_dict['favicon_attr'] = xml.escape_char_data7( app_root + 'images/favicon.ico', True) return context_dict
def delete_page(self, context): self.load_visit(context) context_dict = self.new_context_dictionary(context) if context.group is None: raise wsgi.PageNotAuthorized try: query = context.get_query() key = odata.uri_literal_from_str(query.get('id', '')).value with context.group['Notices'].open() \ as collection: collection.set_expand({'User': None}) entity = collection[key] user = entity['User'].get_entity() if (not (context.user and context.user == user) and not (context.permissions & self.WRITE_PERMISSION)): # only the owner or user with write permissions can delete raise wsgi.PageNotAuthorized context_dict['id_attr'] = xml.escape_char_data7( odata.FormatURILiteral(entity['ID']), True) context_dict['title'] = entity['Title'].value context_dict['description'] = entity['Description'].value context_dict[self.csrf_token] = context.session.sid except ValueError: raise wsgi.BadRequest except KeyError: raise wsgi.PageNotFound data = self.render_template(context, 'notices/del_form.html', context_dict) context.set_status(200) return self.html_response(context, data)
def add_page(self, context): self.load_visit(context) page_context = self.new_page_context(context) page_context['title_attr'] = xml.escape_char_data7('', True) page_context['description'] = '' page_context[self.csrf_token] = context.session.sid() data = self.render_template(context, 'notices/add_form.html', page_context) context.set_status(200) return self.html_response(context, data)
def consumers_page(self, context): page_context = self.new_page_context(context) # add errors errors = set(('duplicate_key', )) query = context.get_query() error = query.get('error', '') for e in errors: page_context[e] = (e == error) owner = context.session.get_owner() if owner is None: # we require an owner to be logged in raise wsgi.PageNotAuthorized page_context['user_name'] = owner['FullName'].value silo = owner['Silo'].get_entity() page_context['silo'] = silo consumer_list = [] with silo['Consumers'].open() as collection: collection.set_orderby( odata.Parser('Handle asc').parse_orderby_option()) for consumer in collection.itervalues(): citem = {} consumer = lti.ToolConsumer(consumer, self.app_cipher) query = urllib.urlencode({ 'cid': odata.ODataURI.format_literal(consumer.entity['ID']) }) citem['consumer'] = consumer citem['cedit_link'] = xml.escape_char_data7( 'edit?' + query, True) citem['cdel_link'] = xml.escape_char_data7( 'del?' + query, True) consumer_list.append(citem) query = urllib.urlencode( {'silo': odata.ODataURI.format_literal(silo['ID'])}) page_context['cadd_link'] = xml.escape_char_data7( 'add?' + query, True) page_context['consumers'] = consumer_list page_context[self.csrf_token] = context.session.sid() data = self.render_template(context, 'consumers/index.html', page_context) context.set_status(200) return self.html_response(context, data)
def consumers_page(self, context): page_context = self.new_page_context(context) # add errors errors = set(('duplicate_key', )) query = context.get_query() error = query.get('error', '') for e in errors: page_context[e] = (e == error) owner = context.session.get_owner() if owner is None: # we require an owner to be logged in raise wsgi.PageNotAuthorized page_context['user_name'] = owner['FullName'].value silo = owner['Silo'].get_entity() page_context['silo'] = silo consumer_list = [] with silo['Consumers'].open() as collection: collection.set_orderby( odata.Parser('Handle asc').parse_orderby_option()) for consumer in collection.itervalues(): citem = {} consumer = lti.ToolConsumer(consumer, self.app_cipher) query = urllib.urlencode( {'cid': odata.ODataURI.format_literal(consumer.entity['ID'])}) citem['consumer'] = consumer citem['cedit_link'] = xml.escape_char_data7( 'edit?' + query, True) citem['cdel_link'] = xml.escape_char_data7( 'del?' + query, True) consumer_list.append(citem) query = urllib.urlencode( {'silo': odata.ODataURI.format_literal(silo['ID'])}) page_context['cadd_link'] = xml.escape_char_data7( 'add?' + query, True) page_context['consumers'] = consumer_list page_context[self.csrf_token] = context.session.sid() data = self.render_template(context, 'consumers/index.html', page_context) context.set_status(200) return self.html_response(context, data)
def logout(self, context): page_context = self.new_context_dictionary(context) page_context["logout"] = True page_context["got_user"] = False if self.google_id: page_context["google_sso"] = True page_context["gclient_id_attr"] = xml.escape_char_data7(self.google_id, True) else: page_context["google_sso"] = False page_context[self.csrf_token] = context.session.sid data = self.render_template(context, "mthome.html", page_context) context.set_status(200) return self.html_response(context, data)
def logout(self, context): page_context = self.new_page_context(context) page_context['logout'] = True page_context['got_user'] = False if self.google_id: page_context['google_sso'] = True page_context['gclient_id_attr'] = xml.escape_char_data7( self.google_id, True) else: page_context['google_sso'] = False page_context[self.csrf_token] = context.session.sid() data = self.render_template(context, 'mthome.html', page_context) context.set_status(200) return self.html_response(context, data)
def error_page(self, context, code=500): """Provides a template driven error response It is based on the template:: jinjaapp/error.html The Django context contains two additional variables with values suitably escaped for placing into the *content* of an HTML element. They are 'code' and 'msg' representing the HTTP error code and message string respectively.""" context.set_status(code) c = self.new_context_dictionary(context) c["code"] = str(code) c["msg"] = xml.escape_char_data7(context.status_message) data = self.render_template(context, 'jinjaapp/error.html', c) return self.html_response(context, data)
def error_page(self, context, code=500): """Provides a template driven error response It is based on the template:: djangoapp/error.html The Django context contains two additional variables with values suitably escaped for placing into the *content* of an HTML element. They are 'code' and 'msg' representing the HTTP error code and message string respectively.""" context.set_status(code) c = self.new_page_context(context) c["code"] = str(code) c["msg"] = xml.escape_char_data7(context.status_message) data = self.render_template(context, 'djangoapp/error.html', c) return self.html_response(context, data)
def home(self, context): page_context = self.new_context_dictionary(context) current_owner = self.get_owner(context) page_context["logout"] = False if current_owner: page_context["got_user"] = True page_context["user_name"] = current_owner["FullName"].value else: page_context["got_user"] = False if self.google_id: page_context["google_sso"] = True page_context["gclient_id_attr"] = xml.escape_char_data7(self.google_id, True) page_context[self.csrf_token] = context.session.sid else: page_context["google_sso"] = False data = self.render_template(context, "mthome.html", page_context) context.set_status(200) return self.html_response(context, data)
def home(self, context): page_context = self.new_page_context(context) current_owner = context.session.get_owner() page_context['logout'] = False if current_owner: page_context['got_user'] = True page_context['user_name'] = current_owner['FullName'].value else: page_context['got_user'] = False if self.google_id: page_context['google_sso'] = True page_context['gclient_id_attr'] = xml.escape_char_data7( self.google_id, True) page_context[self.csrf_token] = context.session.sid() else: page_context['google_sso'] = False data = self.render_template(context, 'mthome.html', page_context) context.set_status(200) return self.html_response(context, data)
def consumer_edit_page(self, context): page_context = self.new_context_dictionary(context) owner = self.get_owner(context) if owner is None: # we require an owner to be logged in raise wsgi.PageNotAuthorized page_context["owner"] = owner silo = owner["Silo"].get_entity() page_context["silo"] = silo query = context.get_query() cid = odata.uri_literal_from_str(query.get("cid", "")).value with silo["Consumers"].open() as collection: try: consumer = lti.ToolConsumer(collection[cid], self.app_cipher) except KeyError: raise wsgi.PageNotAuthorized page_context["consumer"] = consumer page_context["cid_attr"] = xml.escape_char_data7(str(cid), True) page_context[self.csrf_token] = context.session.sid data = self.render_template(context, "consumers/edit_form.html", page_context) context.set_status(200) return self.html_response(context, data)
def consumer_edit_page(self, context): page_context = self.new_page_context(context) owner = context.session.get_owner() if owner is None: # we require an owner to be logged in raise wsgi.PageNotAuthorized page_context['owner'] = owner silo = owner['Silo'].GetEntity() page_context['silo'] = silo query = context.get_query() cid = odata.ParseURILiteral(query.get('cid', '')).value with silo['Consumers'].OpenCollection() as collection: try: consumer = lti.ToolConsumer(collection[cid], self.app_cipher) except KeyError: raise wsgi.PageNotAuthorized page_context['consumer'] = consumer page_context['cid_attr'] = xml.escape_char_data7(str(cid), True) page_context[self.csrf_token] = context.session.sid() data = self.render_template(context, 'consumers/edit_form.html', page_context) context.set_status(200) return self.html_response(context, data)
def consumer_edit_page(self, context): page_context = self.new_page_context(context) owner = context.session.get_owner() if owner is None: # we require an owner to be logged in raise wsgi.PageNotAuthorized page_context['owner'] = owner silo = owner['Silo'].get_entity() page_context['silo'] = silo query = context.get_query() cid = odata.uri_literal_from_str(query.get('cid', '')).value with silo['Consumers'].open() as collection: try: consumer = lti.ToolConsumer(collection[cid], self.app_cipher) except KeyError: raise wsgi.PageNotAuthorized page_context['consumer'] = consumer page_context['cid_attr'] = xml.escape_char_data7(str(cid), True) page_context[self.csrf_token] = context.session.sid() data = self.render_template(context, 'consumers/edit_form.html', page_context) context.set_status(200) return self.html_response(context, data)
def redirect_page(self, context, location, code=303): """Provides a template driven redirection page These are rarely shown to users in modern browsers but if automated redirection fails for some reason then this page may be visible. It is based on the template:: djangoapp/redirect.html The Django context contains an additional variable called 'location_attr' which contains a *quoted and HTML-escaped* string suitable for replacing an attribute value, e.g.:: <a href={{ location|safe }}>click here</a>""" c = self.new_page_context(context) c['location_attr'] = xml.escape_char_data7(str(location), True) data = self.render_template(context, 'djangoapp/redirect.html', c) context.add_header("Location", str(location)) context.add_header("Content-Type", "text/html") context.add_header("Content-Length", str(len(data))) context.set_status(code) context.start_response() return [str(data)]
def redirect_page(self, context, location, code=303): """Provides a template driven redirection page These are rarely shown to users in modern browsers but if automated redirection fails for some reason then this page may be visible. It is based on the template:: jinjaapp/redirect.html The Jinja context contains an additional variable called 'location_attr' which contains a *quoted and HTML-escaped* string suitable for replacing an attribute value, e.g.:: <a href={{ location|safe }}>click here</a>""" c = self.new_context_dictionary(context) c['location_attr'] = xml.escape_char_data7(str(location), True) data = self.render_template(context, 'jinjaapp/redirect.html', c) context.add_header("Location", str(location)) context.add_header("Content-Type", "text/html") context.add_header("Content-Length", str(len(data))) context.set_status(code) context.start_response() return [str(data)]
def es_table(es, index_items): result = """<h3><a id=%(anchor)s>%(title)s</a></h3> %(summary)s %(description)s <table class="typedef"> <thead> <th>Name</th> <th>Type</th> <th>Multiplicity</th> <th>Description</th> <th>Notes</th> </thead> <tbody>%(body)s</tbody> </table>""" params = { 'anchor': xml.escape_char_data7(es.name, True), 'title': '', 'summary': '', 'description': '', 'body': ''} tb = [] type = es.entityType if type.has_stream(): params['title'] = (xml.escape_char_data7(es.name) + " <em>(Media Resource)</em>") else: params['title'] = xml.escape_char_data7(es.name) typedoc = type.Documentation if typedoc is not None: if typedoc.Summary is not None: params['summary'] = ( '<p class="summary">%s</p>' % xml.escape_char_data7(typedoc.Summary.get_value())) if typedoc.LongDescription is not None: params['description'] = ( '<p class="description">%s</p>' % xml.escape_char_data7(typedoc.LongDescription.get_value())) for p in type.Property: if p.name in es.keys: tr = ['<tr class="key">'] else: tr = ["<tr>"] link = '%s.%s' % (es.name, p.name) tr.append("<td><a id=%s>%s</a></td>" % ( xml.EscapeCharData(link, True), xml.escape_char_data7(p.name))) index_items.append((p.name, link, "property of %s" % es.name)) tr.append("<td>%s</td>" % xml.escape_char_data7(p.type)) tr.append("<td>%s</td>" % ("Optional" if p.nullable else "Required")) summary = description = "" if p.Documentation is not None: if p.Documentation.Summary: summary = p.Documentation.Summary.get_value() if p.Documentation.LongDescription: description = p.Documentation.LongDescription.get_value() tr.append("<td>%s</td>" % xml.escape_char_data7(summary)) tr.append("<td>%s</td>" % xml.escape_char_data7(description)) tr.append("</tr>") tb.append(string.join(tr, '')) for np in type.NavigationProperty: tr = ['<tr class="navigation">'] link = '%s.%s' % (es.name, np.name) tr.append("<td><a id=%s>%s</a></td>" % ( xml.EscapeCharData(link, True), xml.escape_char_data7(np.name))) index_items.append((np.name, link, "navigation property of %s" % es.name)) tr.append("<td><em>%s</em></td>" % xml.escape_char_data7(es.get_target(np.name).name)) tr.append("<td>%s</td>" % edm.multiplicity_to_str(np.to_end.multiplicity)) summary = description = "" if np.Documentation is not None: if np.Documentation.Summary: summary = np.Documentation.Summary.get_value() if np.Documentation.LongDescription: description = np.Documentation.LongDescription.get_value() tr.append("<td>%s</td>" % xml.escape_char_data7(summary)) tr.append("<td>%s</td>" % xml.escape_char_data7(description)) tr.append("</tr>") tb.append(string.join(tr, '')) params['body'] = string.join(tb, '\n') return result % params
def write_doc(doc, template, out): if not isinstance(doc.root, edmx.Edmx): return "Source was not a DataServices document" with open(template, 'rb') as f: data = f.read() params = { 'namespace': "", 'summary': "Schema Documentation", 'description': '', 'entity_list': "<p>Not supported in this version</p>", 'tables': "<p>Not supported in this version</p>", 'index': "<p>Not supported in this version</p>", 'date': str(iso.TimePoint.from_now()) } ds = doc.root.DataServices if len(ds.Schema) != 1: logging.warn("Documenting the first Schema tag only") params['namespace'] = xml.escape_char_data7(ds.Schema[0].name) sdoc = ds.Schema[0].Documentation if sdoc is not None: if sdoc.Summary is not None: params['summary'] = "%s" % xml.escape_char_data7( sdoc.Summary.get_value()) if sdoc.LongDescription is not None: params['description'] = "%s" % xml.escape_char_data7( sdoc.LongDescription.get_value()) tables = [] dl_items = [] index_items = [] for ec in ds.Schema[0].EntityContainer: if not ec.is_default_entity_container(): logging.warn("Ignoring non-default EntityContainer: %s", ec.name) continue es_list = [] for es in ec.EntitySet: es_list.append(es.name) es_list.sort() for esn in es_list: es = ec[esn] dl_items.append('<dt><a href=%s>%s</a></dt>' % (xml.escape_char_data7("#" + es.name, True), xml.escape_char_data7(es.name))) index_items.append((es.name, es.name, "entity set")) if es.Documentation is not None: if es.Documentation.Summary is not None: dl_items.append('<dd>%s</dd>' % xml.escape_char_data7( es.Documentation.Summary.get_value())) tables.append(es_table(es, index_items)) params['entity_list'] = string.join(dl_items, '\n') params['tables'] = string.join(tables, "\n\n") index_items.sort() index_dl = [] cname = '' for name, link, note in index_items: if name != cname: index_dl.append('<dt>%s</dt>' % xml.escape_char_data7(name)) cname = name index_dl.append('<dd><a href=%s>%s</a></dd>' % (xml.escape_char_data7("#" + link, True), xml.escape_char_data7(note))) params['index'] = string.join(index_dl, '\n') out.write(data % params) return 0