def rest__send_user_feedback__email(): """ REST API endpoint: send user feedback by email along with screen capture attachments """ def sanitize_input(req): req_dict = req.get_json() url = req_dict['url'] note = req_dict['note'] img = decode_base64_uri(req_dict['img']) html = req_dict['html'] user_agent = req_dict['browser']['userAgent'] return RZ_User_Feedback(url=url, note=note, img=img, html=html, user_agent=user_agent) try: u_feedback = sanitize_input(request) except: log.warn('failed to sanitize inputs. request: %s' % request) return make_response__json(status=400) # bad Request # FIXME: should be async via celery (or another method) session_user = session.get('username') msg_body = [ 'Feedback from user:'******'', 'user: %s' % (session_user if session_user else "<not-logged-in>"), 'user-agent: %s' % (u_feedback.user_agent), 'watching URL: %s' % (u_feedback.url), 'user-note: %s' % (u_feedback.note), '' ] msg_body = '\n'.join(msg_body) try: send_email__flask_ctx( recipients=[current_app.rz_config.feedback_recipient], subject="User Feedback", body=msg_body, attachments=[ ('feedback_screenshot.png', 'image/png', u_feedback.img), ('feedback_page.html', 'text/html', u_feedback.html.encode('utf-8')), ]) return make_response__json() # return empty json response except Exception: log.exception( 'send_user_feedback__email: exception while sending email' ) # exception derived from stack return make_response__json(status=500)
def rest__send_user_feedback__email(): """ REST API endpoint: send user feedback by email along with screen capture attachments """ def sanitize_input(req): req_dict = req.get_json() url = req_dict['url'] note = req_dict['note'] img = decode_base64_uri(req_dict['img']) html = req_dict['html'] user_agent = req_dict['browser']['userAgent'] return RZ_User_Feedback(url=url, note=note, img=img, html=html, user_agent=user_agent) try: u_feedback = sanitize_input(request) except: log.warn('failed to sanitize inputs. request: %s' % request) return make_response__json(status=400) # bad Request # FIXME: should be async via celery (or another method) session_user = session.get('username') msg_body = ['Feedback from user:'******'', 'user: %s' % (session_user if session_user else "<not-logged-in>"), 'user-agent: %s' % (u_feedback.user_agent), 'watching URL: %s' % (u_feedback.url), 'user-note: %s' % (u_feedback.note), '' ] msg_body = '\n'.join(msg_body) try: send_email__flask_ctx(recipients=[current_app.rz_config.feedback_recipient], subject="User Feedback", body=msg_body, attachments=[('feedback_screenshot.png', 'image/png', u_feedback.img), ('feedback_page.html', 'text/html', u_feedback.html.encode('utf-8')), ]) return make_response__json() # return empty json response except Exception: log.exception('send_user_feedback__email: exception while sending email') # exception derived from stack return make_response__json(status=500)
def socketio_route_handler(url_path): # FIXME: rm if unused if None == request.environ.get('socketio'): # attempt ws upgrade process for non socketio clients header__upgrade = request.headers.get('Upgrade') if 'websocket' == header__upgrade: resp = make_response__http__empty(101) # 'switching protocols' HTTP status code resp.headers['Upgrade'] = 'websocket' resp.headers['Connection'] = 'Upgrade' rmt_addr, rmt_port = request.req_probe__sock_addr.probe_client_socket_addr__ws_conn(request.environ) log.debug('ws: \'Upgrade: websocket\' header detected, serving \'101\': remote-socket-addr: %s:%s' % (rmt_addr, rmt_port)) return resp else: raise Exception('ws: failed to obtain socketio object from WSGI environment') # init websocket-env ws_req_env = WS_Req_Env() ws_req_env.kernel = kernel ws_req_env.peer_sock_addr = ws_srv.req_probe__sock_addr.probe_client_socket_addr__ws_conn(request.environ) try: socketio_manage(request.environ, {'/graph': WebSocket_Graph_NS}, ws_req_env) # connect socketio manager except: log.exception("ws: exception while handling connection", exc_info=True) return make_response__json(status=HTTP_STATUS__500_INTERNAL_SERVER_ERROR)
def rest__login(): def sanitize_input(req): req_json = request.get_json() email_address = req_json['email_address'] p = req_json['password'] return email_address, p if request.method == 'POST': try: email_address, p = sanitize_input(request) except: log.warn('failed to sanitize inputs. request: %s' % request) return make_response__json( status=HTTP_STATUS__401_UNAUTORIZED) # return empty response u_account = None try: _uid, u_account = current_app.user_db.lookup_user__by_email_address( email_address) except: log.warn( 'login: login attempt to unknown account: email_address: \'%s\'' % (email_address)) return make_response__json( status=HTTP_STATUS__401_UNAUTORIZED) # return empty response try: salt = current_app.rz_config.secret_key pw_hash = hash_pw(p, salt) current_app.user_db.validate_login( email_address=u_account.email_address, pw_hash=pw_hash) except Exception as e: # login failed log.warn('login: unauthorized: user: %s' % (email_address)) return make_response__json( status=HTTP_STATUS__401_UNAUTORIZED) # return empty response # login successful session['username'] = email_address log.debug('login: success: user: %s' % (email_address)) return make_response__json( status=HTTP_STATUS__200_OK) # return empty response if request.method == 'GET': return render_template( 'login.html', signup_enabled=current_app.rz_config.signup_enabled)
def rzdoc__create(rzdoc_name): """ create RZ doc """ s_rzdoc_name = sanitize_input__rzdoc_name(rzdoc_name) kernel = flask.current_app.kernel ctx = __context__common(rzdoc_name=None) # avoid rzdoc cache lookup exception try: kernel.rzdoc__create(s_rzdoc_name, ctx) except RZDoc_Exception__already_exists as e: return common_resp_handle__server_error(error='rzdoc already exists') return make_response__json(status=HTTP_STATUS__201_CREATED)
def rzdoc__create(rzdoc_name): """ create RZ doc """ s_rzdoc_name = sanitize_input__rzdoc_name(rzdoc_name) kernel = flask.current_app.kernel ctx = __context__common( rzdoc_name=None) # avoid rzdoc cache lookup exception try: kernel.rzdoc__create(s_rzdoc_name, ctx) except RZDoc_Exception__already_exists as e: return common_resp_handle__server_error(error='rzdoc already exists') return make_response__json(status=HTTP_STATUS__201_CREATED)
def rest__login(): def sanitize_input(req): req_json = request.get_json() email_address = req_json['email_address'] p = req_json['password'] return email_address, p if request.method == 'POST': try: email_address, p = sanitize_input(request) except: log.warn('failed to sanitize inputs. request: %s' % request) return make_response__json(status=HTTP_STATUS__401_UNAUTORIZED) # return empty response u_account = None try: _uid, u_account = current_app.user_db.lookup_user__by_email_address(email_address) except: log.warn('login: login attempt to unknown account: email_address: \'%s\'' % (email_address)) return make_response__json(status=HTTP_STATUS__401_UNAUTORIZED) # return empty response try: salt = current_app.rz_config.secret_key pw_hash = hash_pw(p, salt) current_app.user_db.validate_login(email_address=u_account.email_address, pw_hash=pw_hash) except Exception as e: # login failed log.warn('login: unauthorized: user: %s' % (email_address)) return make_response__json(status=HTTP_STATUS__401_UNAUTORIZED) # return empty response # login successful session['username'] = email_address log.debug('login: success: user: %s' % (email_address)) return make_response__json(status=HTTP_STATUS__200_OK) # return empty response if request.method == 'GET': return render_template('login.html', signup_enabled=current_app.rz_config.signup_enabled)
def rest__logout(): """ REST API endpoint: logout """ # remove the username from the session if it's there u = session.pop('username', None) assert None != u # assert user session was found - note: /logout is login protected log.debug('logout: success: user: %s' % (u)) # redirect on GET, invalidate cookie on GET/POST if request.method == 'GET': resp = make_response(redirect(url_for('login'))) if request.method == 'POST': resp = make_response__json() resp.set_cookie(key='session', value='', expires=0) # UNIX timestamp 0 return resp
def socketio_route_handler(url_path): # FIXME: rm if unused if None == request.environ.get( 'socketio' ): # attempt ws upgrade process for non socketio clients header__upgrade = request.headers.get('Upgrade') if 'websocket' == header__upgrade: resp = make_response__http__empty( 101) # 'switching protocols' HTTP status code resp.headers['Upgrade'] = 'websocket' resp.headers['Connection'] = 'Upgrade' rmt_addr, rmt_port = request.req_probe__sock_addr.probe_client_socket_addr__ws_conn( request.environ) log.debug( 'ws: \'Upgrade: websocket\' header detected, serving \'101\': remote-socket-addr: %s:%s' % (rmt_addr, rmt_port)) return resp else: raise Exception( 'ws: failed to obtain socketio object from WSGI environment' ) # init websocket-env ws_req_env = WS_Req_Env() ws_req_env.kernel = kernel ws_req_env.peer_sock_addr = ws_srv.req_probe__sock_addr.probe_client_socket_addr__ws_conn( request.environ) try: socketio_manage(request.environ, {'/graph': WebSocket_Graph_NS}, ws_req_env) # connect socketio manager except: log.exception("ws: exception while handling connection", exc_info=True) return make_response__json( status=HTTP_STATUS__500_INTERNAL_SERVER_ERROR)
def rzdoc__delete(rzdoc_name): kernel = flask.current_app.kernel ctx = __context__common(rzdoc_name) kernel.rzdoc__delete(ctx.rzdoc, ctx) return make_response__json(status=HTTP_STATUS__204_NO_CONTENT)