def _write_error_page(req, msg):
req.content_type = "text/html; charset=utf-8"
req.send_http_header()
us = _("Server")
try:
us = _("%s Server") % uvm_login.get_company_name()
except:
pass
if not type(us) is str:
us = us.encode("utf-8")
if not type(msg) is str:
msg = msg.encode("utf-8")
html = """\
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>%s</title>
<script type="text/javascript">if (top.location!=location) top.location.href=document.location.href;</script>
<style type="text/css">
/* <![CDATA[ */
@import url(/images/base.css);
/* ]]> */
</style>
</head>
<body class="loginPage">
<div id="main" style="width: 500px; margin: 50px auto 0 auto;">
<form class="form-signin">
<center>
<img style="margin-bottom:10px; max-width: 150px; max-height: 140px;" src="/images/BrandingLogo.png"><br/>
<span class="form-signin-heading"><strong>%s</strong></span>
<br/>
<br/>
<span class="form-signin-heading"><font color="red"><em>%s</em></font></span>
</center>
</form>
</div>
</body>
</html>""" % (us,us, cgi.escape(msg))
req.write(html)
def _write_loading_page(req):
req.content_type = "text/html; charset=utf-8"
req.send_http_header()
msg = 'Server is starting. Please wait.'
us = _("Server")
try:
us = _("%s Server") % uvm_login.get_company_name()
except:
pass
if not type(us) is str:
us = us.encode("utf-8")
if not type(msg) is str:
msg = msg.encode("utf-8")
html = """\
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>%s</title>
<script type="text/javascript">if (top.location!=location) top.location.href=document.location.href;</script>
<script>
function poll(fn, success_callback, interval) {
function p() {
if(fn()) {
success_callback();
}
else {
setTimeout(p, interval);
}
};
setTimeout(p, interval);
}
var numPeriod = 0;
poll(
function() {
var xmlHttp = new XMLHttpRequest();
// load yourself and see if you get this page again
// 0fKAvHm1Nzi5adJpzpI3
xmlHttp.open( "GET", window.location.href, false ); // synchronous request
xmlHttp.send( null );
var text = xmlHttp.responseText;
if (text.indexOf("0fKAvHm1Nzi5adJpzpI3") > -1) {
var loading_message_element = document.getElementById('loading_message');
numPeriod = (numPeriod + 1) %% 4;
loading_message_element.innerHTML = "%s" + Array(numPeriod+1).join(".") + Array(4-numPeriod).join(" ");
return false; // got loading page still
} else {
return true; // did not get loading page
}
},
function() {
window.location.reload(true);
},
1000
);
</script>
<style type="text/css">
/* <![CDATA[ */
@import url(/images/base.css);
/* ]]> */
</style>
</head>
<body class="loginPage">
<div id="main" style="width: 500px; margin: 50px auto 0 auto;">
<form class="form-signin">
<center>
<img style="margin-bottom:10px;" src="/images/BrandingLogo.png"><br/>
<br/>
<br/>
<span class="form-signin-heading">
<div id="loading_message" style="color:white; font-size:20px; font-weight:bold; text-align:center">%s </div>
</span>
</center>
</form>
</div>
</body>
</html>""" % (us, cgi.escape(msg), cgi.escape(msg))
req.write(html)
def login(req, url=None, realm='Administrator', token=None):
uvm_login.setup_gettext()
options = req.get_options()
args = util.parse_qs(req.args or '')
error_msg = None
if req.form.has_key('username') or req.form.has_key('password'):
error_msg = '%s' % cgi.escape(
_('Error: Username and Password do not match'))
connection = req.connection
(addr, port) = connection.local_addr
is_local = re.match('127\.', connection.remote_ip)
if connection.remote_ip == '::1':
is_local = True
if port == 80 and not get_uvm_settings_item(
'system', 'httpAdministrationAllowed') and not is_local:
write_error_page(req, "Permission denied")
return
if token != None and get_uvm_settings_item('system', 'cloudEnabled'):
if _valid_token(req, token):
sess = Session.Session(req, lock=0)
sess.lock()
sess.set_timeout(uvm_login.SESSION_TIMEOUT)
uvm_login.save_session_user(sess, realm, "token")
sess.save()
sess.unlock()
if url == None:
return apache.OK
else:
url = re.sub('[^A-Za-z0-9-_/.#?=]', '', url) # sanitize input
if req.form.has_key('fragment') and req.form['fragment'] != '':
url = url + req.form['fragment']
util.redirect(req, url)
return
if req.form.has_key('username') and req.form.has_key('password'):
username = req.form['username']
password = req.form['password']
# debug
# req.log_error("User:Pass = %s %s" % (username,password))
if _valid_login(req, realm, username, password):
sess = Session.Session(req, lock=0)
sess.lock()
sess.set_timeout(uvm_login.SESSION_TIMEOUT)
uvm_login.save_session_user(sess, realm, username)
sess.save()
sess.unlock()
if url == None:
return apache.OK
else:
url = re.sub('[^A-Za-z0-9-_/.#?=]', '', url) # sanitize input
if req.form.has_key('fragment') and req.form['fragment'] != '':
url = url + req.form['fragment']
util.redirect(req, url)
return
company_name = uvm_login.get_company_name()
title = _("Administrator Login")
# some i18n company_names cause exception here, so wrap to handle this
# revert to "Administrator Login" if exception occurs
try:
title = cgi.escape(_("%s Administrator Login") % company_name)
except:
pass
host = cgi.escape(req.hostname)
_write_login_form(req, title, host, error_msg)
def login(req, url=None, realm='Administrator', token=None):
uvm_login.setup_gettext()
options = req.get_options()
args = util.parse_qs(req.args or '')
error_msg = None
if req.form.has_key('username') or req.form.has_key('password'):
error_msg = '%s' % cgi.escape(_('Error: Username and Password do not match'))
connection = req.connection
(addr, port) = connection.local_addr
is_local = re.match('127\.', connection.remote_ip)
if connection.remote_ip == '::1':
is_local = True
if port == 80 and not get_uvm_settings_item('system','httpAdministrationAllowed') and not is_local:
write_error_page(req, "Permission denied")
return
if token != None and get_uvm_settings_item('system','cloudEnabled'):
if _valid_token(req, token):
sess = Session.Session(req, lock=0)
sess.lock()
sess.set_timeout(uvm_login.SESSION_TIMEOUT)
uvm_login.save_session_user(sess, realm, "token")
sess.save()
sess.unlock()
if url == None:
return apache.OK
else:
url = re.sub('[^A-Za-z0-9-_/.#?=]','',url) # sanitize input
if req.form.has_key('fragment') and req.form['fragment'] != '':
url = url + req.form['fragment']
util.redirect(req, url)
return
if req.form.has_key('username') and req.form.has_key('password'):
username = req.form['username']
password = req.form['password']
# debug
# req.log_error("User:Pass = %s %s" % (username,password))
if _valid_login(req, realm, username, password):
sess = Session.Session(req, lock=0)
sess.lock()
sess.set_timeout(uvm_login.SESSION_TIMEOUT)
uvm_login.save_session_user(sess, realm, username)
sess.save()
sess.unlock()
if url == None:
return apache.OK
else:
url = re.sub('[^A-Za-z0-9-_/.#?=]','',url) # sanitize input
if req.form.has_key('fragment') and req.form['fragment'] != '':
url = url + req.form['fragment']
util.redirect(req, url)
return
company_name = uvm_login.get_company_name()
title = _("Administrator Login")
# some i18n company_names cause exception here, so wrap to handle this
# revert to "Administrator Login" if exception occurs
try:
title = cgi.escape(_("%s Administrator Login") % company_name)
except:
pass
host = cgi.escape(req.hostname)
_write_login_form(req, title, host, error_msg)