Example #1
0
    def get_single_widget(my, widget, minimal=True):

        from pyasm.widget import BottomWdg
        from tactic.ui.app import TitleTopWdg
        if minimal: 
            top = TitleTopWdg()
        else:
            top = my.get_top_wdg()

        container = Widget()

        container.add( top )
        top.add( widget )
        container.add( BottomWdg() )
        container.get_display()
        return container
Example #2
0
    def handle_not_logged_in(my, allow_change_admin=True):

        site_obj = Site.get()
        site_obj.set_site("default")

        DbResource.clear_cache()

        from pyasm.widget import WebLoginWdg, BottomWdg
        from tactic.ui.app import TitleTopWdg

        from pyasm.biz import Project
        from tactic.ui.panel import HashPanelWdg

        web = WebContainer.get_web()

        widget = Widget()

        top = TitleTopWdg()
        widget.add(top)
        body = top.get_body()
        body.add_gradient("background", "background", 5, -20)
        body.add_color("color", "color")

        reset_request = web.get_form_value('reset_request') == 'true'
        if reset_request:
            from tactic.ui.widget import ResetPasswordWdg
            top.add(ResetPasswordWdg())
        else:
            reset_msg = web.get_form_value('reset_msg')
            if reset_msg:
                web.set_form_value(WebLoginWdg.LOGIN_MSG, reset_msg)

            web_wdg = None
            #sudo = Sudo()
            try:
                # get the project from the url because we are still
                # in the admin project at this stage
                current_project = web.get_context_name()
                try:
                    if current_project != "default":
                        project = Project.get_by_code(current_project)
                        assert project
                except Exception, e:
                    pass
                else:
Example #3
0
    def _get_display(my):

        # set up the security object
        from pyasm.security import Security, Sudo
        from pyasm.biz import Project
        from pyasm.web import WebContainer
        web = WebContainer.get_web()

        security = Security()
        security = my.handle_security(security)
        is_logged_in = security.is_logged_in()


        # guest mode
        #
        allow_guest = Config.get_value("security", "allow_guest")
        if allow_guest == 'true':
            allow_guest = True
        else:
            allow_guest = False

        guest_mode = Config.get_value("security", "guest_mode")
        if not guest_mode:
            guest_mode = 'restricted'

        #allow_guest = True
        #guest_mode = "full"



        # if not logged in, then log in as guest
        if not is_logged_in:
            if not allow_guest:
                return my.handle_not_logged_in()
            else:
                # login as guest
                security = Security()
                my.handle_guest_security(security)


        # for here on, the user is logged in
        login_name = Environment.get_user_name()



        # check if the user has permission to see this project
        project = web.get_context_name()
        if project == 'default':
            override_default = Config.get_value("install", "default_project")
            if override_default:
                project = override_default
        if project != 'default':
            security_version = get_security_version()
            if security_version == 1:
                default = "view"
                access = security.check_access("project", project, "view", default="view")
            else:
                default = "deny"
                key = { "code": project }
                key2 = { "code": "*" }
                #keys = [key]
                keys = [key, key2]
                access = security.check_access("project", keys, "allow", default=default)
        else:
            # you always have access to the default project
            access = True


        access = True
        if not access:
            if login_name == "guest":
                from pyasm.widget import WebLoginWdg

                msg = web.get_form_value(WebLoginWdg.LOGIN_MSG)
                if not msg:
                    msg = "User [%s] is not allowed to see this project [%s]" % (login_name, project)
                    web.set_form_value(WebLoginWdg.LOGIN_MSG, msg)
                return my.handle_not_logged_in(allow_change_admin=False)

            else:
                from pyasm.widget import WebLicenseWdg, BottomWdg, Error403Wdg
                widget = Widget()
                top = my.get_top_wdg()
                widget.add( top )
                widget.add( Error403Wdg() )
                widget.add( BottomWdg() )
                widget.get_display()
     
                return


        if login_name == 'guest' and guest_mode == "full":
            # some extra security for guest users
            guest_url_allow = Config.get_value("security", "guest_url_allow")
            if guest_url_allow:
                items = guest_url_allow.split("|")
                allowed = False
                if my.hash:
                    url = my.hash[0]
                else:
                    url = "index"
                for item in items:
                    item = item.strip("/")
                    if item == url:
                        allowed = True
                        break
                if not allowed:
                    return my.handle_not_logged_in()



        # some extra precautions in guest mode
        if login_name == 'guest' and guest_mode != "full":
            # show a restricted guest mode
            from pyasm.widget import WebLoginWdg, BottomWdg
            from tactic.ui.app import TitleTopWdg

            from pyasm.biz import Project
            from tactic.ui.panel import HashPanelWdg
            web = WebContainer.get_web()

            widget = Widget()
            top = TitleTopWdg()
            widget.add(top)
            body = top.get_body()
            body.add_gradient("background", "background", 5, -20)
            body.add_color("color", "color")

            # get the project from the url because we are still 
            # in the admin project at this stage
            current_project = web.get_context_name()
            try:
                if current_project != "default":
                    project = Project.get_by_code(current_project)
                    assert project
            except Exception, e:
                web_wdg = None
            else:
                if not current_project or current_project == "default":
                    current_project = Config.get_value("install", "default_project")
                if current_project and current_project != "default":
                    Project.set_project(current_project)

                    web_wdg = HashPanelWdg.get_widget_from_hash("/guest", return_none=True)
                    if web_wdg:
                        web_wdg = web_wdg.get_buffer_display()
                        top.add(web_wdg)
                else:
                    web_wdg = None

            if not web_wdg:
                msg = "No widget for Guest defined"
                web.set_form_value(WebLoginWdg.LOGIN_MSG, msg)
                top.add(WebLoginWdg() )


            # create a web app and run it through the pipeline
            web_app = WebApp()
            web_app.get_display(widget)
            return
Example #4
0
                        break
                if not allowed:
                    return my.handle_not_logged_in()

        # some extra precautions in guest mode
        if login_name == 'guest' and guest_mode != "full":
            # show a restricted guest mode
            from pyasm.widget import WebLoginWdg, BottomWdg
            from tactic.ui.app import TitleTopWdg

            from pyasm.biz import Project
            from tactic.ui.panel import HashPanelWdg
            web = WebContainer.get_web()

            widget = Widget()
            top = TitleTopWdg()
            widget.add(top)
            body = top.get_body()
            body.add_gradient("background", "background", 5, -20)
            body.add_color("color", "color")

            # get the project from the url because we are still
            # in the admin project at this stage
            current_project = web.get_context_name()
            try:
                if current_project != "default":
                    project = Project.get_by_code(current_project)
                    assert project
            except Exception, e:
                web_wdg = None
            else:
Example #5
0
    def _get_display(self):

        # set up the security object
        from pyasm.security import Security, Sudo
        from pyasm.biz import Project
        from pyasm.web import WebContainer
        web = WebContainer.get_web()

        # guest mode
        #
        allow_guest = Config.get_value("security", "allow_guest")
        if allow_guest == 'true':
            allow_guest = True
        else:
            allow_guest = False

        site_obj = Site.get()
        site_allow_guest = site_obj.allow_guest()
        if site_allow_guest != None:
            allow_guest = site_allow_guest

        security = Security()
        try:
            security = self.handle_security(security)
            is_logged_in = security.is_logged_in()
        except Exception as e:
            print("AppServer Exception: ", e)
            return self.handle_not_logged_in()

        guest_mode = Config.get_value("security", "guest_mode")
        if not guest_mode:
            guest_mode = 'restricted'

        # Test
        #allow_guest = True
        #guest_mode = "full"

        # if not logged in, then log in as guest
        if not is_logged_in:
            if not allow_guest:
                return self.handle_not_logged_in()
            else:
                # login as guest
                security = Security()
                self.handle_guest_security(security)

        # for here on, the user is logged in
        login_name = Environment.get_user_name()

        is_upload = '/UploadServer' in web.get_request_url().to_string()

        # check if the user has permission to see this project
        project = web.get_context_name()
        if project == 'default':
            override_default = Project.get_default_project()
            if override_default:
                project = override_default
        if is_upload:
            print("IS UPLOAD")
            access = True

        elif project != 'default':

            # make sure the security check is done on the appropriate site
            path_info = site_obj.get_request_path_info()
            if path_info:
                site = path_info.get("site")
                Site.set_site(site)
                s = Environment.get_security()
                has_site = True
            else:
                s = security
                has_site = False

            try:
                security_version = get_security_version()
                if security_version == 1:
                    default = "view"
                    access = s.check_access("project",
                                            project,
                                            "view",
                                            default="view")
                else:
                    default = "deny"
                    key = {"code": project}
                    key2 = {"code": "*"}
                    keys = [key, key2]
                    access = s.check_access("project",
                                            keys,
                                            "allow",
                                            default=default)
            finally:
                if has_site:
                    Site.pop_site()

        else:
            # you always have access to the default project
            access = True

        if not access:
            if login_name == "guest":
                from pyasm.widget import WebLoginWdg

                msg = web.get_form_value(WebLoginWdg.LOGIN_MSG)
                if not msg:
                    msg = "User [%s] is not allowed to see this project [%s]" % (
                        login_name, project)
                    web.set_form_value(WebLoginWdg.LOGIN_MSG, msg)
                return self.handle_not_logged_in(allow_change_admin=False)

            else:
                from pyasm.widget import BottomWdg, Error403Wdg
                widget = Widget()
                top = self.get_top_wdg()
                widget.add(top)
                widget.add(Error403Wdg())
                widget.add(BottomWdg())
                widget.get_display()
                if is_upload:
                    print(
                        "WARNING: User [%s] is not allowed to upload to project [%s]."
                        % (login_name, project))
                return

        if login_name == 'guest':
            # let the site handle the guest completely
            guest_wdg = site_obj.get_guest_wdg(self.hash)
            if guest_wdg:
                web_app = WebApp()
                web_app.get_display(guest_wdg)
                return

        # some extra precautions in guest mode
        if login_name == 'guest' and guest_mode != "full":
            # show a restricted guest mode
            from pyasm.widget import WebLoginWdg, BottomWdg
            from tactic.ui.app import TitleTopWdg

            from pyasm.biz import Project
            from tactic.ui.panel import HashPanelWdg
            web = WebContainer.get_web()

            widget = Widget()
            top = TitleTopWdg()
            widget.add(top)
            body = top.get_body()
            body.add_color("background", "background")
            body.add_color("color", "color")

            has_site = False

            # use the path to set the project and/or site
            path_info = site_obj.get_request_path_info()
            if path_info:
                path_site = path_info.get("site")

                try:
                    Site.set_site(path_site)
                    has_site = True
                except Exception as e:
                    print("WARNING: ", e)
                    current_project = web.get_context_name()
                else:
                    current_project = path_info.get("project_code")
                    if not current_project:
                        current_project = web.get_context_name()

            else:
                # get the project from the url because we are still
                # in the admin project at this stage
                current_project = web.get_context_name()

            sudo = Sudo()
            try:
                if current_project != "default":
                    project = Project.get_by_code(current_project,
                                                  use_cache=False)
                    if not project:
                        raise Exception("Project [%s] does not exist" %
                                        current_project)
            except Exception as e:
                print("WARNING: ", e)
                web_wdg = None
            else:
                if not current_project or current_project == "default":
                    current_project = Project.get_default_project()

                if current_project and current_project != "default":
                    try:
                        Project.set_project(current_project)
                    except SecurityException as e:
                        print(e)
                        if 'is not permitted to view project' in e.__str__():
                            pass
                        else:
                            raise

                    # find the guest views
                    #search = Search("config/url")
                    #urls = search.get_sobjects()
                    #open_hashes = [x.get("url").lstrip("/").split("/")[0] for x in urls]

                    link = "/%s" % "/".join(self.hash)

                    # guest views
                    open_hashes = site_obj.get_guest_hashes()

                    if len(self.hash) >= 1 and self.hash[0] in open_hashes:
                        web_wdg = HashPanelWdg.get_widget_from_hash(
                            link, return_none=True)
                    else:
                        web_wdg = None

                    if not web_wdg:
                        web_wdg = HashPanelWdg.get_widget_from_hash(
                            "/guest", return_none=True, kwargs={"hash": link})
                    if web_wdg:
                        if not isinstance(web_wdg, basestring):
                            web_wdg = web_wdg.get_buffer_display()
                        top.add(web_wdg)
                else:
                    web_wdg = None
            finally:
                sudo.exit()

                if has_site:
                    Site.pop_site()

            if not web_wdg:
                msg = "No default page defined for guest user. Please set up /guest in Custom URL."
                web.set_form_value(WebLoginWdg.LOGIN_MSG, msg)
                return self.handle_not_logged_in(allow_change_admin=False)

            # create a web app and run it through the pipeline
            web_app = WebApp()
            web_app.get_display(widget)
            return

        # Full access

        # if a guest has full access, then handle it here
        if login_name == 'guest' and guest_mode == "full":
            # some extra security for guest users
            guest_url_allow = Config.get_value("security", "guest_url_allow")
            if guest_url_allow:
                items = guest_url_allow.split("|")
                allowed = False
                if self.hash:
                    url = self.hash[0]
                else:
                    url = "index"
                for item in items:
                    item = item.strip("/")
                    if item == url:
                        allowed = True
                        break
                if not allowed:
                    return self.handle_not_logged_in()

        # Welcome message for first time run
        is_first_run = Environment.is_first_run()
        if is_first_run:
            from pyasm.widget import WebLoginWdg, BottomWdg
            top = self.get_top_wdg()

            from tactic.ui.app import PageHeaderWdg
            from tactic.ui.startup import DbConfigPanelWdg

            widget = DivWdg()
            widget.add(top)
            widget.add(DbConfigPanelWdg())
            widget.add(BottomWdg())

            web_app = WebApp()
            web_app.get_display(widget)
            return

        # handle licensing
        license = security.get_license()
        user_name = security.get_user_name()
        is_licensed = license.is_licensed()

        # handle url security
        url_security = UrlSecurity()
        html = url_security.get_display()
        if html:
            widget = Widget()
            widget.add(html.getvalue())
            widget.get_display()
            return

        web = WebContainer.get_web()

        # FIXME: although this works, it should be cleaned up

        # determine the type of request
        if '/UploadServer' in web.get_request_url().to_string():
            page_type = "upload"
        elif web.get_form_value("ajax") != "":
            page_type = "ajax"
        elif web.get_form_value("dynamic_file") != "":
            # this mode creates a file dynamically
            page_type = "dynamic_file"
        else:
            page_type = "normal"

        # TODO: the following could be combined into a page_init function
        # provide the opportunity to set some templates
        self.set_templates()
        self.add_triggers()

        self.init_web_container()

        # install the language
        Translation.install()

        path_info = site_obj.get_request_path_info()
        if path_info and path_info.get("site") != "default":
            Site.set_site(path_info.get("site"))
            project_code = path_info.get("project_code")

        # handle the case where the project does not exist
        project = Project.get(no_exception=True)
        if not project:
            from pyasm.widget import BottomWdg, Error404Wdg
            Project.set_project("admin")
            widget = Widget()
            top = self.get_top_wdg()
            widget.add(top)
            widget.add(Error404Wdg())
            widget.add(BottomWdg())
            widget.get_display()
            return widget

        # get the content of the page
        try:

            widget = self.get_content(page_type)

        except Exception as e:
            print("ERROR: ", e)
            from pyasm.widget import BottomWdg, Error403Wdg
            widget = Widget()
            top = self.get_top_wdg()
            widget.add(top)
            widget.add(Error403Wdg())
            widget.add(BottomWdg())
            widget.get_display()

        # put an annoying alert if there is a problem with the license
        if not is_licensed:
            # to be sure, reread license.  This gets around the problem
            # of the extra error message when uploading a new license
            license = security.reread_license()
            is_licensed = license.is_licensed()
            if not is_licensed:
                widget.add("<script>alert('%s')</script>" %
                           license.get_message())

        # create a web app and run it through the pipeline
        web_app = WebApp()
        web_app.get_display(widget)
Example #6
0
    def handle_not_logged_in(self, allow_change_admin=True):

        site_obj = Site.get()
        site_obj.set_site("default")

        DbResource.clear_cache()

        from pyasm.widget import WebLoginWdg, BottomWdg
        from tactic.ui.app import TitleTopWdg

        from pyasm.biz import Project
        from tactic.ui.panel import HashPanelWdg

        web = WebContainer.get_web()

        widget = Widget()

        top = TitleTopWdg()
        widget.add(top)
        body = top.get_body()
        #body.add_gradient("background", "background", 5, -20)
        body.add_color("background", "background")
        body.add_color("color", "color")

        reset_request = web.get_form_value('reset_request') == 'true'
        if reset_request:
            from tactic.ui.widget import ResetPasswordWdg
            top.add(ResetPasswordWdg())
        else:
            reset_msg = web.get_form_value('reset_msg')
            if reset_msg:
                web.set_form_value(WebLoginWdg.LOGIN_MSG, reset_msg)

            web_wdg = None
            sudo = Sudo()
            try:
                # get the project from the url because we are still
                # in the admin project at this stage
                current_project = web.get_context_name()
                try:
                    if current_project != "default":
                        project = Project.get_by_code(current_project)
                        assert project
                except Exception as e:
                    pass
                else:

                    # custom global site login widget
                    if not current_project or current_project == "default":
                        current_project = Project.get_default_project()
                    if current_project and current_project != "default":
                        try:
                            Project.set_project(current_project)
                        except SecurityException as e:
                            print(e)
                            if 'is not permitted to view project' not in e.__str__(
                            ):
                                raise

                        if not web_wdg:
                            web_wdg = site_obj.get_login_wdg()

                        if web_wdg:
                            if not isinstance(web_wdg, basestring):
                                web_wdg = web_wdg.get_buffer_display()
                            top.add(web_wdg)
                    else:
                        web_wdg = None

                # display default web login
                if not web_wdg:
                    # get login screen from Site
                    link = "/%s" % "/".join(self.hash)
                    web_wdg = site_obj.get_login_wdg(link)
                    if not web_wdg:
                        # else get the default one
                        web_wdg = WebLoginWdg(
                            allow_change_admin=allow_change_admin)

                    top.add(web_wdg)

            finally:
                # sudo out of scope here
                sudo.exit()
                pass

        # create a web app and run it through the pipeline
        web_app = WebApp()
        web_app.get_display(widget)
        return