def export(self, req, form):
"""Exports data"""
argd = wash_urlargd(form, {'ln': (str, CFG_SITE_LANG)})
ln = argd['ln']
user_info = collect_user_info(req)
(auth_code, auth_msg) = acc_authorize_action(user_info, 'runwebstatadmin')
if auth_code:
return page_not_authorized(req,
navtrail=self.navtrail % {'ln_link': (ln != CFG_SITE_LANG and '?ln=' + ln) or ''},
text=auth_msg,
navmenuid='export',
ln=ln)
argd = wash_urlargd(form, {"filename": (str, ""),
"mime": (str, "")})
# Check that the particular file exists and that it's OK to export
webstat_files = [x for x in os.listdir(CFG_TMPDIR) if x.startswith("webstat")]
if argd["filename"] not in webstat_files:
return "Bad file."
# Set correct header type
req.content_type = argd["mime"]
req.send_http_header()
# Rebuild path, send it to the user, and clean up.
filename = CFG_TMPDIR + '/' + argd["filename"]
req.sendfile(filename)
os.remove(filename)
def portalproxy(self, req, form):
"""
"""
argd_query = wash_urlargd(form, {
'option': (str, ''),
'tmpl': (str, ''),
'type': (str, ''),
'ordering': (str, ''),
'searchphrase': (str, ''),
'Itemid': (int, 0)
})
argd_post = wash_urlargd(form, {
'searchword': (str, '')
})
if argd_query['option'] == 'com_search' and argd_query['tmpl'] == 'raw' and argd_query['type'] == 'json' and argd_post['searchword']:
proxy = urllib2.urlopen("%s/index.php?%s" % (CFG_OPENAIRE_PORTAL_URL, urllib.urlencode(argd_query)), urllib.urlencode(argd_post))
content = proxy.read()
content = json.loads(content)
## HACK to transform relative URLs into full URLs to the Portal
if 'results' in content:
for elem in content['results']:
if 'url' in elem and elem['url'].startswith('/'):
elem['url'] = CFG_OPENAIRE_PORTAL_URL + elem['url']
return json.dumps(content)
return ""
def portalproxy(self, req, form):
"""
"""
argd_query = wash_urlargd(
form,
{
"option": (str, ""),
"tmpl": (str, ""),
"type": (str, ""),
"ordering": (str, ""),
"searchphrase": (str, ""),
"Itemid": (int, 0),
},
)
argd_post = wash_urlargd(form, {"searchword": (str, "")})
if (
argd_query["option"] == "com_search"
and argd_query["tmpl"] == "raw"
and argd_query["type"] == "json"
and argd_post["searchword"]
):
proxy = urllib2.urlopen(
"%s/index.php?%s" % (CFG_OPENAIRE_PORTAL_URL, urllib.urlencode(argd_query)), urllib.urlencode(argd_post)
)
content = proxy.read()
content = json.loads(content)
## HACK to transform relative URLs into full URLs to the Portal
if "results" in content:
for elem in content["results"]:
if "url" in elem and elem["url"].startswith("/"):
elem["url"] = CFG_OPENAIRE_PORTAL_URL + elem["url"]
return json.dumps(content)
return ""
def metadata(self, req, form):
""" Display Metadata file upload form """
argd = wash_urlargd(form, {'error': (int, 0),
'mode': (str, ""),
'submit_date': (str, "yyyy-mm-dd"),
'submit_time': (str, "hh:mm:ss")})
_ = gettext_set_language(argd['ln'])
not_authorized = user_authorization(req)
if not_authorized:
return not_authorized
uid = getUid(req)
body = batchuploader_templates.tmpl_display_menu(argd['ln'], ref="metadata")
body += batchuploader_templates.tmpl_display_web_metaupload_form(argd['ln'],
argd['error'], argd['mode'], argd['submit_date'],
argd['submit_time'])
title = _("Metadata batch upload")
return page(title = title,
body = body,
metaheaderadd = batchuploader_templates.tmpl_styles(),
uid = uid,
lastupdated = __lastupdated__,
req = req,
language = argd['ln'],
navmenuid = "batchuploader")
def getattachedfile(self, req, form):
"""
Returns a file uploaded to the submission 'drop box' by the
CKEditor.
"""
argd = wash_urlargd(form, {"file": (str, None), "type": (str, None), "uid": (int, 0)})
# Can user view this record, i.e. can user access its
# attachments?
uid = getUid(req)
user_info = collect_user_info(req)
if not argd["file"] is None:
# Prepare path to file on disk. Normalize the path so that
# ../ and other dangerous components are removed.
path = os.path.abspath(
CFG_PREFIX + "/var/tmp/attachfile/" + "/" + str(argd["uid"]) + "/" + argd["type"] + "/" + argd["file"]
)
# Check that we are really accessing attachements
# directory, for the declared record.
if path.startswith(CFG_PREFIX + "/var/tmp/attachfile/") and os.path.exists(path):
return stream_file(req, path)
# Send error 404 in all other cases
return apache.HTTP_NOT_FOUND
def __call__(self, req, form):
argd = wash_urlargd(form, {
'id' : (int, 0),
'format' : (str, '')})
formats_dict = get_output_formats(True)
formats = {}
for f in formats_dict.values():
if f['attrs']['visibility']:
formats[f['attrs']['code'].lower()] = f['attrs']['content_type']
del formats_dict
if argd['id'] and argd['format']:
## Translate back common format names
f = {
'nlm' : 'xn',
'marcxml' : 'xm',
'dc' : 'xd',
'endnote' : 'xe',
'mods' : 'xo'
}.get(argd['format'], argd['format'])
if f in formats:
redirect_to_url(req, '%s/%s/%s/export/%s' % (CFG_SITE_URL, CFG_SITE_RECORD, argd['id'], f))
else:
raise apache.SERVER_RETURN, apache.HTTP_NOT_ACCEPTABLE
elif argd['id']:
return websearch_templates.tmpl_unapi(formats, identifier=argd['id'])
else:
return websearch_templates.tmpl_unapi(formats)
def issue_control(self, req, form):
"""
page that allows full control over creating, backtracing, adding to,
removing from issues.
"""
argd = wash_urlargd(
form,
{
"name": (str, ""),
"add": (str, ""),
"action_publish": (str, "cfg"),
"issue_number": (list, []),
"ln": (str, ""),
},
)
redirect_to_url(
req,
CFG_SITE_SECURE_URL
+ "/admin/webjournal/webjournaladmin.py/issue_control?journal_name="
+ argd["name"]
+ "&ln="
+ argd["ln"]
+ "&issue="
+ argd["issue_number"]
+ "&action="
+ argd["action_publish"],
)
def uploadfile(self, req, form):
"""
Similar to /submit, but only consider files. Nice for
asynchronous Javascript uploads. Should be used to upload a
single file.
Also try to create an icon, and return URL to file(s) + icon(s)
Authentication is performed based on session ID passed as
parameter instead of cookie-based authentication, due to the
use of this URL by the Flash plugin (to upload multiple files
at once), which does not route cookies.
FIXME: consider adding /deletefile and /modifyfile functions +
parsing of additional parameters to rename files, add
comments, restrictions, etc.
"""
argd = wash_urlargd(form, {
'doctype': (str, ''),
'access': (str, ''),
'indir': (str, ''),
'session_id': (str, ''),
'rename': (str, ''),
})
curdir = None
if not form.has_key("indir") or \
not form.has_key("doctype") or \
not form.has_key("access"):
raise apache.SERVER_RETURN(apache.HTTP_BAD_REQUEST)
else:
curdir = os.path.join(CFG_WEBSUBMIT_STORAGEDIR,
argd['indir'],
argd['doctype'],
argd['access'])
user_info = collect_user_info(req)
if form.has_key("session_id"):
# Are we uploading using Flash, which does not transmit
# cookie? The expect to receive session_id as a form
# parameter. First check that IP addresses do not
# mismatch. A ValueError will be raises if there is
# something wrong
session = get_session(req=req, sid=argd['session_id'])
try:
session = get_session(req=req, sid=argd['session_id'])
except ValueError, e:
raise apache.SERVER_RETURN(apache.HTTP_BAD_REQUEST)
# Retrieve user information. We cannot rely on the session here.
res = run_sql("SELECT uid FROM session WHERE session_key=%s", (argd['session_id'],))
if len(res):
uid = res[0][0]
user_info = collect_user_info(uid)
try:
act_fd = file(os.path.join(curdir, 'act'))
action = act_fd.read()
act_fd.close()
except:
action = ""
def index(self, req, form):
""" The function called by default"""
argd = wash_urlargd(form, {
self._JSON_DATA_KEY: (str, ""),
})
# load the right message language
language = argd["ln"]
_ = gettext_set_language(language)
# check user credentials
(auth_code, auth_msg) = acc_authorize_action(req, "runbibeditmulti")
if 0 != auth_code:
return page_not_authorized(req = req,
ln = language,
text = auth_msg)
if argd[self._JSON_DATA_KEY]:
return self._process_json_request(form, req)
body = multi_edit_engine.perform_request_index(language)
title = _("Multi-Record Editor")
metaheaderadd = multi_edit_engine.get_scripts()
metaheaderadd = metaheaderadd + multi_edit_engine.get_css()
return page(title = title,
metaheaderadd = metaheaderadd,
body = body,
req = req,
language = language)
def websubmit_legacy_getfile(req, form):
""" Handle legacy /getfile.py URLs """
args = wash_urlargd(
form,
{
"recid": (int, 0),
"docid": (int, 0),
"version": (str, ""),
"name": (str, ""),
"format": (str, ""),
"ln": (str, CFG_SITE_LANG),
},
)
_ = gettext_set_language(args["ln"])
def _getfile_py(req, recid=0, docid=0, version="", name="", format="", ln=CFG_SITE_LANG):
if not recid:
## Let's obtain the recid from the docid
if docid:
try:
bibdoc = BibDoc(docid=docid)
recid = bibdoc.get_recid()
except InvenioWebSubmitFileError, e:
return warningMsg(
_("An error has happened in trying to retrieve the requested file."), req, CFG_SITE_NAME, ln
)
else:
return warningMsg(_("Not enough information to retrieve the document"), req, CFG_SITE_NAME, ln)
else:
def opensearchdescription(self, req, form):
"""OpenSearch description file"""
req.content_type = "application/opensearchdescription+xml"
req.send_http_header()
argd = wash_urlargd(form, {'ln': (str, CFG_SITE_LANG),
'verbose': (int, 0) })
return websearch_templates.tmpl_opensearch_description(ln=argd['ln'])
def authorships(self, req, form):
"""
Return list of authors used for auto-completion
in the authors field.
Return response as JSON.
"""
argd = wash_urlargd(form, {"publicationid": (str, ""), "term": (str, "")})
user_info = collect_user_info(req)
uid = user_info["uid"]
req.content_type = "application/json"
term = argd["term"]
publicationid = argd["publicationid"]
ret = get_favourite_authorships_for_user(uid, publicationid, term)
if ret:
return json.dumps(ret)
if ":" in term:
## an institution is being typed
name, institute = term.split(":", 1)
institute = institute.strip()
if len(institute) > 1:
institutes = [row[0] for row in get_kbr_keys("institutes", searchkey=institute, searchtype="s")]
institutes.sort()
return json.dumps(["%s: %s" % (name, institute) for institute in institutes[:100]])
return json.dumps([])
def sub(self, req, form):
"""DEPRECATED: /submit/sub is deprecated now, so raise email to the admin (but allow submission to continue anyway)"""
args = wash_urlargd(form, {"password": (str, "")})
uid = getUid(req)
if uid == -1 or CFG_ACCESS_CONTROL_LEVEL_SITE >= 1:
return page_not_authorized(req, "../sub/", navmenuid="submit")
try:
raise DeprecationWarning, 'submit/sub handler has been used. Please use submit/direct. e.g. "submit/sub?RN=123@SBIFOO" -> "submit/direct?RN=123&sub=SBIFOO"'
except DeprecationWarning:
register_exception(req=req, alert_admin=True)
ln = args["ln"]
_ = gettext_set_language(ln)
# DEMOBOO_RN=DEMO-BOOK-2008-001&ln=en&password=1223993532.26572%40APPDEMOBOO
params = dict(form)
password = args["password"]
if password:
del params["password"]
if "@" in password:
params["access"], params["sub"] = password.split("@", 1)
else:
params["sub"] = password
else:
args = str(req.args).split("@")
if len(args) > 1:
params = {"sub": args[-1]}
args = "@".join(args[:-1])
params.update(cgi.parse_qs(args))
else:
return warningMsg(_("Sorry, invalid URL..."), req, ln=ln)
url = "%s/submit/direct?%s" % (CFG_SITE_URL, urlencode(params, doseq=True))
redirect_to_url(req, url)
def display_job_result(self, req, form):
"""Displays the results of a job"""
argd = wash_urlargd(form, {
"result_id": (int, JobResult.ID_MISSING),
"output_format" : (int, Job.OUTPUT_FORMAT_MISSING)
})
# load the right message language
language = argd["ln"]
_ = gettext_set_language(language)
self._check_user_credentials(req, language)
user_id = self._get_user_id(req)
job_result_id = argd["result_id"]
output_format = argd["output_format"]
title = _("Export Job Result")
try:
body = perform_request_display_job_result(job_result_id = job_result_id,
output_format = output_format,
user_id = user_id,
language = language)
except AccessDeniedError:
self._redirect_to_not_authorised_page(req, language)
return page(title = title,
metaheaderadd = get_css(),
body = body,
req = req,
navmenuid = "fieldexporter",
titleprologue = get_navigation_menu(language),
navtrail = self._NAVTRAIL_EXPORT,
language = language)
def doilookup(self, req, form):
"""
Returns the metadata from the crossref website based on the DOI.
"""
args = wash_urlargd(form, {
'doi': (str, '')})
response = defaultdict(list)
if args['doi']:
doi = args['doi']
try:
marcxml_template = get_marcxml_for_doi(doi)
except CrossrefError:
# Just ignore Crossref errors
pass
else:
record = create_record(marcxml_template)[0]
if record:
# We need to convert this record structure to a simple dictionary
for key, value in record.items(): # key, value = (773, [([('0', 'PER:64142'), ...], ' ', ' ', '', 47)])
for val in value: # val = ([('0', 'PER:64142'), ...], ' ', ' ', '', 47)
ind1 = val[1].replace(" ", "_")
ind2 = val[2].replace(" ", "_")
for (k, v) in val[0]: # k, v = ('0', 'PER:5409')
response[key+ind1+ind2+k].append(v)
# The output dictionary is something like:
# {"100__a": ['Smith, J.'],
# "700__a": ['Anderson, J.', 'Someoneelse, E.'],
# "700__u": ['University1', 'University2']}
# return dictionary as JSON
return json.dumps(response)
def daemon(self, req, form):
""" Display content of folders where the daemon will look into """
argd = wash_urlargd(form, {})
_ = gettext_set_language(argd["ln"])
not_authorized = user_authorization(req, argd["ln"])
if not_authorized:
return not_authorized
docs = get_daemon_doc_files()
metadata = get_daemon_meta_files()
uid = getUid(req)
body = batchuploader_templates.tmpl_display_menu(argd["ln"], ref="daemon")
body += batchuploader_templates.tmpl_daemon_content(argd["ln"], docs, metadata)
title = _("Batch Uploader: Daemon monitor")
return page(
title=title,
body=body,
metaheaderadd=batchuploader_templates.tmpl_styles(),
uid=uid,
lastupdated=__lastupdated__,
req=req,
language=argd["ln"],
navmenuid="batchuploader",
)
def explorer(self, req, form):
""" Handles requests from the jQuery FileTree plugin in order to return
all filenames under the root dir (indicated in the 'dir' GET parameter)
"""
argd = wash_urlargd(form, {"dir": (str, "")})
root_dir = INFO_PREFIX + os.sep + argd["dir"]
file_html_list = ['<ul class="jqueryFileTree" style="display: none;">']
try:
file_html_list = ['<ul class="jqueryFileTree" style="display: none;">']
for f in os.listdir(root_dir):
ff = os.path.join(root_dir, f)
if os.path.isdir(ff):
file_html_list.append(
'<li class="directory collapsed"><a href="#" rel="%s/">%s</a></li>' % (argd["dir"] + f, f)
)
else:
e = os.path.splitext(f)[1][1:] # get .ext and remove dot
file_html_list.append(
'<li class="file ext_%s"><a href="#" rel="%s">%s</a></li>' % (e, argd["dir"] + f, f)
)
file_html_list.append("</ul>")
except Exception, e:
file_html_list.append("Could not load directory: %s" % str(e))
def compare_revisions(self, req, form):
"""Handle the compare revisions request"""
argd = wash_urlargd(form, { \
'ln': (str, CFG_SITE_LANG), \
'rev1' : (str, ''), \
'rev2' : (str, ''), \
'recid': (int, 0)})
ln = argd['ln']
uid = getUid(req)
_ = gettext_set_language(ln)
# Checking if currently logged user has permission to perform this request
auth_code, auth_message = acc_authorize_action(req, 'runbibedit')
if auth_code != 0:
return page_not_authorized(req=req, referer="/edit",
text=auth_message, navtrail=navtrail)
recid = argd['recid']
rev1 = argd['rev1']
rev2 = argd['rev2']
ln = argd['ln']
body, errors, warnings = perform_request_compare(ln, recid, rev1, rev2)
return page(title = _("Comparing two record revisions"),
body = body,
errors = errors,
warnings = warnings,
uid = uid,
language = ln,
navtrail = navtrail,
lastupdated = __lastupdated__,
req = req)
def legacy_collection(self, req, form):
"""Collection URL backward compatibility handling."""
accepted_args = dict(legacy_collection_default_urlargd)
argd = wash_urlargd(form, accepted_args)
# Treat `as' argument specially:
if argd.has_key('as'):
argd['aas'] = argd['as']
del argd['as']
# If we specify no collection, then we don't need to redirect
# the user, so that accessing <http://yoursite/> returns the
# default collection.
if not form.has_key('c'):
return display_collection(req, **argd)
# make the collection an element of the path, and keep the
# other query elements as is. If the collection is CFG_SITE_NAME,
# however, redirect to the main URL.
c = argd['c']
del argd['c']
if c == CFG_SITE_NAME:
target = '/'
else:
target = '/collection/' + quote(c)
# Treat `as' argument specially:
# We are going to redirect, so replace `aas' by `as' visible argument:
if argd.has_key('aas'):
argd['as'] = argd['aas']
del argd['aas']
target += make_canonical_urlargd(argd, legacy_collection_default_urlargd)
return redirect_to_url(req, target)
def wash_search_urlargd(form):
"""
Create canonical search arguments from those passed via web form.
"""
argd = wash_urlargd(form, search_results_default_urlargd)
if argd.has_key('as'):
argd['aas'] = argd['as']
del argd['as']
# Sometimes, users pass ot=245,700 instead of
# ot=245&ot=700. Normalize that.
ots = []
for ot in argd['ot']:
ots += ot.split(',')
argd['ot'] = ots
# We can either get the mode of function as
# action=<browse|search>, or by setting action_browse or
# action_search.
if argd['action_browse']:
argd['action'] = 'browse'
elif argd['action_search']:
argd['action'] = 'search'
else:
if argd['action'] not in ('browse', 'search'):
argd['action'] = 'search'
del argd['action_browse']
del argd['action_search']
if argd['em'] != "":
argd['em'] = argd['em'].split(",")
return argd
def search(self, req, form):
"""
Display search interface
"""
argd = wash_urlargd(
form,
{
"name": (str, ""),
"issue": (str, ""),
"archive_year": (str, ""),
"archive_issue": (str, ""),
"archive_select": (str, "False"),
"archive_date": (str, ""),
"archive_search": (str, "False"),
"ln": (str, CFG_SITE_LANG),
"verbose": (int, 0),
},
)
try:
# FIXME: if journal_name is empty, redirect
ln = wash_journal_language(argd["ln"])
washed_journal_name = wash_journal_name(ln, argd["name"])
archive_issue = wash_issue_number(ln, washed_journal_name, argd["archive_issue"])
archive_date = wash_archive_date(ln, washed_journal_name, argd["archive_date"])
archive_select = argd["archive_select"]
archive_search = argd["archive_search"]
except InvenioWebJournalNoJournalOnServerError, e:
register_exception(req=req)
return e.user_box(req)
def subscribe(self, req, form):
"""
Subscribe current user to receive email notification when new
comments are added to current discussion.
"""
argd = wash_urlargd(form, {'referer': (str, None)})
uid = getUid(req)
user_info = collect_user_info(req)
(auth_code, auth_msg) = check_user_can_view_comments(user_info, self.recid)
if isGuestUser(uid):
cookie = mail_cookie_create_authorize_action(VIEWRESTRCOLL, {'collection' : guess_primary_collection_of_a_record(self.recid)})
target = '/youraccount/login' + \
make_canonical_urlargd({'action': cookie, 'ln' : argd['ln'], 'referer' : \
CFG_SITE_URL + user_info['uri']}, {})
return redirect_to_url(req, target, norobot=True)
elif auth_code:
return page_not_authorized(req, "../", \
text = auth_msg)
success = subscribe_user_to_discussion(self.recid, uid)
display_url = "%s/record/%s/comments/display?subscribed=%s&ln=%s" % \
(CFG_SITE_URL, self.recid, str(success), argd['ln'])
redirect_to_url(req, display_url)
def display(self, req, form):
"""
Display approved latest added linkbacks of the invenio instance
"""
argd = wash_urlargd(form, {'rg': (int, CFG_WEBLINKBACK_LATEST_COUNT_DEFAULT)})
# count must be positive
if argd['rg'] < 0:
argd['rg'] = -argd['rg']
_ = gettext_set_language(argd['ln'])
body = perform_request_display_approved_latest_added_linkbacks(argd['rg'], argd['ln'], weblinkback_templates=weblinkback_templates)
navtrail = 'Recent Linkbacks'
mathjaxheader, jqueryheader = weblinkback_templates.tmpl_get_mathjaxheader_jqueryheader()
return pageheaderonly(title=navtrail,
navtrail=navtrail,
verbose=1,
metaheaderadd = mathjaxheader + jqueryheader,
req=req,
language=argd['ln'],
navmenuid='search',
navtrail_append_title_p=0) + \
websearch_templates.tmpl_search_pagestart(argd['ln']) + \
body + \
websearch_templates.tmpl_search_pageend(argd['ln']) + \
pagefooteronly(language=argd['ln'], req=req)
def article(self, req, form):
"""
Article page.
Washes all the parameters and stores them in journal_defaults dict
for subsequent format_elements.
Passes on to logic function and eventually returns HTML.
"""
argd = wash_urlargd(form, {'name': (str, ""),
'issue': (str, ""),
'category': (str, ""),
'number': (str, ""),
'ln': (str, ""),
}
)
try:
ln = wash_journal_language(argd['ln'])
journal_name = wash_journal_name(ln, argd['name'])
issue = wash_issue_number(ln, journal_name,
argd['issue'])
issue_year = issue.split('/')[1]
issue_number = issue.split('/')[0]
category = wash_category(ln, argd['category'], journal_name, issue_number)
number = wash_article_number(ln, argd['number'], journal_name)
recid = get_recid_from_legacy_number(issue, category, int(number))
except InvenioWebJournalNoJournalOnServerError, e:
register_exception(req=req)
return e.user_box(req)
def new_ticket(self, req, form):
"""handle a edit/new_ticket request"""
argd = wash_urlargd(form, {'ln': (str, CFG_SITE_LANG), 'recid': (int, 0)})
ln = argd['ln']
_ = gettext_set_language(ln)
auth_code, auth_message = acc_authorize_action(req, 'runbibedit')
if auth_code != 0:
return page_not_authorized(req=req, referer="/edit",
text=auth_message, navtrail=navtrail)
uid = getUid(req)
if argd['recid']:
(errmsg, url) = perform_request_newticket(argd['recid'], uid)
if errmsg:
return page(title = _("Failed to create a ticket"),
body = _("Error")+": "+errmsg,
errors = [],
warnings = [],
uid = uid,
language = ln,
navtrail = navtrail,
lastupdated = __lastupdated__,
req = req)
else:
#redirect..
redirect_to_url(req, url)
def _get_response(req):
"""
Constructs the response returned from the OpenID provider
@param req: request
@type req: invenio.webinterface_handler_wsgi.SimulatedModPythonRequest
"""
from invenio.webinterface_handler import wash_urlargd
from openid.consumer import consumer
content = {}
for key in req.form.keys():
content[key] = (str, '')
args = wash_urlargd(req.form, content)
if args.has_key('ln'):
del args['ln']
if args.has_key('referer'):
if not args['referer']:
del args['referer']
oidconsumer = consumer.Consumer({"id": get_session(req)}, None)
url = CFG_SITE_SECURE_URL + "/youraccount/login"
req.g['openid_provider_name'] = args['provider']
req.g['openid_response'] = oidconsumer.complete(args, url)
def robotupload(self, req, form):
"""Interface for robots used like this:
$ curl -F '[email protected]' -F 'mode=-i' http://cdsweb.cern.ch/batchuploader/robotupload -A invenio_webupload
"""
argd = wash_urlargd(form, {'file': (Field, None),
'mode': (str,None)})
cli_upload(req, argd['file'], argd['mode'])
def history(self, req, form):
"""Display upload history of the current user"""
argd = wash_urlargd(form, {})
_ = gettext_set_language(argd["ln"])
not_authorized = user_authorization(req, argd["ln"])
if not_authorized:
return not_authorized
uploaded_meta_files = get_user_metadata_uploads(req)
uploaded_doc_files = get_user_document_uploads(req)
uid = getUid(req)
body = batchuploader_templates.tmpl_display_menu(argd["ln"], ref="history")
body += batchuploader_templates.tmpl_upload_history(argd["ln"], uploaded_meta_files, uploaded_doc_files)
title = _("Upload history")
return page(
title=title,
body=body,
metaheaderadd=batchuploader_templates.tmpl_styles(),
uid=uid,
lastupdated=__lastupdated__,
req=req,
language=argd["ln"],
navmenuid="batchuploader",
)
def download_job_result(self, req, form):
"""Returns to the browser zip file containing the job result"""
argd = wash_urlargd(form, {
"result_id" : (int, JobResult.ID_MISSING),
"output_format" : (int, Job.OUTPUT_FORMAT_MISSING)
})
# load the right message language
language = argd["ln"]
job_result_id = argd["result_id"]
output_format = argd["output_format"]
user_id = self._get_user_id(req)
_ = gettext_set_language(language)
self._check_user_credentials(req, language)
title = _("Export Job Result")
try:
perform_request_download_job_result(req = req,
job_result_id = job_result_id,
output_format = output_format,
user_id = user_id,
language = language)
except AccessDeniedError:
self._redirect_to_not_authorised_page(req, language)
def search(self, req, form):
"""
Display search interface
"""
argd = wash_urlargd(form, {'name': (str, ""),
'issue': (str, ""),
'archive_year': (str, ""),
'archive_issue': (str, ""),
'archive_select': (str, "False"),
'archive_date': (str, ""),
'archive_search': (str, "False"),
'ln': (str, CFG_SITE_LANG),
'verbose': (int, 0)})
try:
# FIXME: if journal_name is empty, redirect
ln = wash_journal_language(argd['ln'])
washed_journal_name = wash_journal_name(ln, argd['name'])
archive_issue = wash_issue_number(ln, washed_journal_name,
argd['archive_issue'])
archive_date = wash_archive_date(ln, washed_journal_name,
argd['archive_date'])
archive_select = argd['archive_select']
archive_search = argd['archive_search']
except InvenioWebJournalNoJournalOnServerError, e:
register_exception(req=req)
return e.user_box(req)
def bibdocfile_legacy_getfile(req, form):
""" Handle legacy /getfile.py URLs """
args = wash_urlargd(
form, {
'recid': (int, 0),
'docid': (int, 0),
'version': (str, ''),
'name': (str, ''),
'format': (str, ''),
'ln': (str, CFG_SITE_LANG)
})
_ = gettext_set_language(args['ln'])
def _getfile_py(req,
recid=0,
docid=0,
version="",
name="",
docformat="",
ln=CFG_SITE_LANG):
if not recid:
## Let's obtain the recid from the docid
if docid:
try:
bibdoc = BibDoc(docid=docid)
recid = bibdoc.bibrec_links[0]["recid"]
except InvenioBibDocFileError:
return warning_page(
_("An error has happened in trying to retrieve the requested file."
), req, ln)
else:
return warning_page(
_('Not enough information to retrieve the document'), req,
ln)
else:
brd = BibRecDocs(recid)
if not name and docid:
## Let's obtain the name from the docid
try:
name = brd.get_docname(docid)
except InvenioBibDocFileError:
return warning_page(
_("An error has happened in trying to retrieving the requested file."
), req, ln)
docformat = normalize_format(docformat)
redirect_to_url(
req, '%s/%s/%s/files/%s%s?ln=%s%s' %
(CFG_SITE_URL, CFG_SITE_RECORD, recid, name, docformat, ln,
version and 'version=%s' % version or ''),
apache.HTTP_MOVED_PERMANENTLY)
return _getfile_py(req, **args)
def robotupload(self, req, form):
"""Interface for robots used like this:
$ curl -F '[email protected]' -F 'mode=-i' [-F 'callback_url=http://...' http://cdsweb.cern.ch/batchuploader/robotupload] -A invenio_webupload
"""
argd = wash_urlargd(form, {
'mode': (str, None),
'callback_url': (str, None)
})
cli_upload(req, form.get('file', None), argd['mode'],
argd['callback_url'])
def display(self, req, form):
"""
Displays all loans of a given user
@param ln: language
@return the page for inbox
"""
argd = wash_urlargd(form, {
'barcode': (str, ""),
'borrower_id': (int, 0),
'request_id': (int, 0)
})
# Check if user is logged
uid = getUid(req)
if CFG_ACCESS_CONTROL_LEVEL_SITE >= 1:
return page_not_authorized(req, "%s/yourloans/display" % \
(CFG_SITE_URL,),
navmenuid="yourloans")
elif uid == -1 or isGuestUser(uid):
return redirect_to_url(
req,
"%s/youraccount/login%s" %
(CFG_SITE_SECURE_URL,
make_canonical_urlargd(
{
'referer':
"%s/yourloans/display%s" %
(CFG_SITE_URL, make_canonical_urlargd(argd, {})),
"ln":
argd['ln']
}, {})),
norobot=True)
_ = gettext_set_language(argd['ln'])
user_info = collect_user_info(req)
if not user_info['precached_useloans']:
return page_not_authorized(req, "../", \
text = _("You are not authorized to use loans."))
body = perform_borrower_loans(uid=uid,
barcode=argd['barcode'],
borrower_id=argd['borrower_id'],
request_id=argd['request_id'],
ln=argd['ln'])
return page(title=_("Your Loans"),
body=body,
uid=uid,
lastupdated=__lastupdated__,
req=req,
language=argd['ln'],
navmenuid="yourloans",
secure_page_p=1)
def administrate(self, req, form):
"""Index page."""
argd = wash_urlargd(form, {'name': (str, ""),
'ln': (str, "")
})
try:
ln = wash_journal_language(argd['ln'])
journal_name = wash_journal_name(ln, argd['name'])
except InvenioWebJournalNoJournalOnServerError, e:
register_exception(req=req)
return e.user_box(req)
def regenerate(self, req, form):
"""
Clears the cache for the issue given.
"""
argd = wash_urlargd(form, {'name': (str, ""),
'issue': (str, ""),
'ln': (str, "")})
redirect_to_url(req, CFG_SITE_SECURE_URL + \
'/admin/webjournal/webjournaladmin.py/regenerate?journal_name=' + \
argd['name'] + '&ln=' + argd['ln'] + '&issue=' + argd['issue'])
def __extract_attribute(self, req):
"""
Load from the request the given assertion, extract all the attribute
to properly login the user, and verify that the data are actually
both well formed and signed correctly.
"""
from invenio.webinterface_handler import wash_urlargd
args = wash_urlargd(
req.form, {
'assertion': (str, ''),
'robot': (str, ''),
'digest': (str, ''),
'login_method': (str, '')
})
assertion = args['assertion']
digest = args['digest']
robot = args['robot']
login_method = args['login_method']
shared_key = load_robot_keys().get(login_method, {}).get(robot)
if shared_key is None:
raise InvenioWebAccessExternalAuthError(
"A key does not exist for robot: %s, login_method: %s" %
(robot, login_method))
if not self.verify(shared_key, assertion, digest):
raise InvenioWebAccessExternalAuthError(
"The provided assertion does not validate against the digest %s for robot %s"
% (repr(digest), repr(robot)))
if self.use_zlib:
try:
## Workaround to Perl implementation that does not add
## any padding to the base64 encoding.
needed_pad = (4 - len(assertion) % 4) % 4
assertion += needed_pad * '='
assertion = decompress(base64.urlsafe_b64decode(assertion))
except:
raise InvenioWebAccessExternalAuthError(
"The provided assertion is corrupted")
data = json_unicode_to_utf8(json.loads(assertion))
if not isinstance(data, dict):
raise InvenioWebAccessExternalAuthError(
"The provided assertion is invalid")
timeout = data[self.timeout_attribute_name]
if timeout < time.time():
raise InvenioWebAccessExternalAuthError(
"The provided assertion is expired")
userip = data.get(self.userip_attribute_name)
if not self.check_user_ip or (normalize_ip(
userip, self.check_user_ip) == normalize_ip(
req.remote_ip, self.check_user_ip)):
return data
else:
raise InvenioWebAccessExternalAuthError(
"The provided assertion has been issued for a different IP address (%s instead of %s)"
% (userip, req.remote_ip))
def job_queries(self, req, form):
"""Allows edition and manipulations of the queries of a job"""
argd = wash_urlargd(
form, {
"new_button": (str, ""),
"run_button": (str, ""),
"delete_button": (str, ""),
"selected_queries": (list, ""),
"job_id": (int, -1)
})
# load the right message language
language = argd["ln"]
_ = gettext_set_language(language)
self._check_user_credentials(req, language)
user_id = self._get_user_id(req)
job_id = argd["job_id"]
try:
# if the form is submitted through some of the buttons
# we should perform the appropriate action
if argd["new_button"]:
new_query_url = "%s?job_id=%s" % (self._EDIT_QUERY_URL, job_id)
self._redirect_to_page(req, new_query_url, language)
if argd["delete_button"]:
query_ids = argd["selected_queries"]
perform_request_delete_queries(query_ids=query_ids,
user_id=user_id,
language=language)
if argd["run_button"]:
title = _("Query Results")
query_ids = argd["selected_queries"]
body = perform_request_run_queries(query_ids=query_ids,
user_id=user_id,
job_id=job_id,
language=language)
else:
title = _("Export Job Queries")
body = perform_request_job_queries(job_id=job_id,
user_id=user_id,
language=language)
except AccessDeniedError:
self._redirect_to_not_authorised_page(req, language)
return page(title=title,
metaheaderadd=get_css(),
body=body,
req=req,
navmenuid="fieldexporter",
titleprologue=get_navigation_menu(language),
navtrail=self._NAVTRAIL_EXPORT,
language=language)
def not_authorized(self, req, form):
"""Displays page telling the user that
he is not authorised to access the resource"""
argd = wash_urlargd(form, {})
# load the right message language
language = argd["ln"]
_ = gettext_set_language(language)
text = _("You are not authorised to access this resource.")
return page_not_authorized(req=req, ln=language, text=text)
def confirm(self, req, form):
""" Function called after submitting the metadata upload form.
Shows a summary of actions to be performed and possible errors
"""
argd = wash_urlargd(form, {'metafile': (Field, None),
'filetype': (str, None),
'mode': (str, None),
'submit_date': (str, None),
'submit_time': (str, None),
'filename': (str, None),
'priority': (str, None),
'skip_simulation': (str, None),
'email_logs_to': (str, None)})
_ = gettext_set_language(argd['ln'])
# Check if the page is directly accessed or no file selected
if not argd['metafile']:
redirect_to_url(req, "%s/batchuploader/metadata"
% (CFG_SITE_SECURE_URL))
metafile = argd['metafile'].value
if argd['filetype'] != 'marcxml':
metafile = _transform_input_to_marcxml(file_input=metafile)
date = argd['submit_date'] not in ['yyyy-mm-dd', ''] \
and argd['submit_date'] or ''
time = argd['submit_time'] not in ['hh:mm:ss', ''] \
and argd['submit_time'] or ''
errors_upload = ''
skip_simulation = argd['skip_simulation'] == "skip"
if not skip_simulation:
errors_upload = perform_upload_check(metafile, argd['mode'])
body = batchuploader_templates.tmpl_display_confirm_page(argd['ln'],
metafile, argd['filetype'], argd['mode'], date,
time, argd['filename'], argd['priority'], errors_upload,
skip_simulation, argd['email_logs_to'])
uid = getUid(req)
navtrail = '''<a class="navtrail" href="%s/batchuploader/metadata">%s</a>''' % \
(CFG_SITE_SECURE_URL, _("Metadata batch upload"))
title = 'Confirm your actions'
return page(title = title,
body = body,
metaheaderadd = batchuploader_templates.tmpl_styles(),
uid = uid,
navtrail = navtrail,
lastupdated = __lastupdated__,
req = req,
language = argd['ln'],
navmenuid = "batchuploader")
def templates(self, req, form):
"""handle a edit/templates request"""
uid = getUid(req)
argd = wash_urlargd(form, {'ln': (str, CFG_SITE_LANG)})
# If it is an Ajax request, extract any JSON data.
ajax_request = False
if form.has_key('jsondata'):
json_data = json.loads(str(form['jsondata']))
# Deunicode all strings (Invenio doesn't have unicode
# support).
json_data = json_unicode_to_utf8(json_data)
ajax_request = True
json_response = {'resultCode': 0}
# Authorization.
user_info = collect_user_info(req)
if user_info['email'] == 'guest':
# User is not logged in.
if not ajax_request:
# Do not display the introductory recID selection box to guest
# users (as it used to be with v0.99.0):
dummy_auth_code, auth_message = acc_authorize_action(
req, 'runbibedit')
referer = '/edit'
return page_not_authorized(req=req,
referer=referer,
text=auth_message,
navtrail=navtrail)
else:
# Session has most likely timed out.
json_response.update({'resultCode': 100})
return json.dumps(json_response)
# Handle request.
if not ajax_request:
# Show BibEdit template management start page.
body, errors, warnings = perform_request_init_template_interface()
title = 'Record Editor Template Manager'
return page(title=title,
body=body,
errors=errors,
warnings=warnings,
uid=uid,
language=argd['ln'],
navtrail=navtrail_bibedit,
lastupdated=__lastupdated__,
req=req,
body_css_classes=['bibedit'])
else:
# Handle AJAX request.
json_response.update(
perform_request_ajax_template_interface(json_data))
return json.dumps(json_response)
def reject(self, req, form):
"""
Reject a linkback
"""
argd = wash_urlargd(form, {'linkbackid': (int, -1)})
authorization = self.check_authorization_moderatelinkbacks(req, argd)
if not authorization:
reject_linkback(argd['linkbackid'], collect_user_info(req))
return self.display(req, form)
else:
return authorization
def feature_record(self, req, form):
"""
Interface to feature a record. Will be saved in a flat file.
"""
argd = wash_urlargd(form, {'name': (str, ""),
'recid': (str, "init"),
'url': (str, "init"),
'ln': (str, "")})
redirect_to_url(req, CFG_SITE_SECURE_URL + \
'/admin/webjournal/webjournaladmin.py/feature_record?journal_name=' + \
argd['name'] + '&ln=' + argd['ln'] + '&recid='+ argd['recid'] + '&url='+ argd['url'])
def metasubmit(self, req, form):
""" Function called after submitting the metadata upload form.
Checks if input fields are correct before uploading.
"""
argd = wash_urlargd(form, {'metafile': (str, None),
'filetype': (str, None),
'mode': (str, None),
'submit_date': (str, None),
'submit_time': (str, None),
'filename': (str, None),
'priority': (str, None),
'email_logs_to': (str, None)})
_ = gettext_set_language(argd['ln'])
# Check if the page is directly accessed
if argd['metafile'] == None:
redirect_to_url(req, "%s/batchuploader/metadata"
% (CFG_SITE_SECURE_URL))
not_authorized = user_authorization(req, argd['ln'])
if not_authorized:
return not_authorized
date = argd['submit_date'] not in ['yyyy-mm-dd', ''] \
and argd['submit_date'] or ''
time = argd['submit_time'] not in ['hh:mm:ss', ''] \
and argd['submit_time'] or ''
auth_code, auth_message = metadata_upload(req,
argd['metafile'], argd['filetype'],
argd['mode'].split()[0],
date, time, argd['filename'], argd['ln'],
argd['priority'], argd['email_logs_to'])
if auth_code == 1: # not authorized
referer = '/batchuploader/'
return page_not_authorized(req=req, referer=referer,
text=auth_message, navmenuid="batchuploader")
else:
uid = getUid(req)
body = batchuploader_templates.tmpl_display_menu(argd['ln'])
body += batchuploader_templates.tmpl_upload_successful(argd['ln'])
title = _("Upload successful")
navtrail = '''<a class="navtrail" href="%s/batchuploader/metadata">%s</a>''' % \
(CFG_SITE_SECURE_URL, _("Metadata batch upload"))
return page(title = title,
body = body,
uid = uid,
navtrail = navtrail,
lastupdated = __lastupdated__,
req = req,
language = argd['ln'],
navmenuid = "batchuploader")
def display_msg(self, req, form):
"""
Display a message
@param msgid: id of message
@param ln: languae
@return: page
"""
argd = wash_urlargd(form, {
'msgid': (int, -1),
})
# Check if user is logged
uid = getUid(req)
if CFG_ACCESS_CONTROL_LEVEL_SITE >= 1:
return page_not_authorized(req, "%s/yourmessages/display_msg" % \
(CFG_SITE_URL,),
navmenuid="yourmessages")
elif uid == -1 or isGuestUser(uid):
return redirect_to_url(
req, "%s/youraccount/login%s" %
(CFG_SITE_SECURE_URL,
make_canonical_urlargd(
{
'referer':
"%s/yourmessages/display_msg%s" %
(CFG_SITE_URL, make_canonical_urlargd(argd, {})),
"ln":
argd['ln']
}, {})))
_ = gettext_set_language(argd['ln'])
user_info = collect_user_info(req)
if not user_info['precached_usemessages']:
return page_not_authorized(req, "../", \
text = _("You are not authorized to use messages."))
# Generate content
(body, errors,
warnings) = perform_request_display_msg(uid, argd['msgid'],
argd['ln'])
title = _("Read a message")
return page(title=title,
body=body,
navtrail=get_navtrail(argd['ln'], title),
uid=uid,
lastupdated=__lastupdated__,
req=req,
language=argd['ln'],
errors=errors,
warnings=warnings,
navmenuid="yourmessages",
secure_page_p=1)
def delete_all(self, req, form):
"""
Empty user's inbox
@param confimed: 1 if message is confirmed
@param ln: language
\return page
"""
argd = wash_urlargd(form, {
'confirmed': (int, 0),
})
# Check if user is logged
uid = getUid(req)
if CFG_ACCESS_CONTROL_LEVEL_SITE >= 1:
return page_not_authorized(req, "%s/yourmessages/delete_all" % \
(CFG_SITE_URL,),
navmenuid="yourmessages")
elif uid == -1 or isGuestUser(uid):
return redirect_to_url(
req, "%s/youraccount/login%s" %
(CFG_SITE_SECURE_URL,
make_canonical_urlargd(
{
'referer':
"%s/yourmessages/delete_all%s" %
(CFG_SITE_URL, make_canonical_urlargd(argd, {})),
"ln":
argd['ln']
}, {})))
_ = gettext_set_language(argd['ln'])
user_info = collect_user_info(req)
if not user_info['precached_usemessages']:
return page_not_authorized(req, "../", \
text = _("You are not authorized to use messages."))
# Generate content
(body, errors,
warnings) = perform_request_delete_all(uid, argd['confirmed'],
argd['ln'])
return page(title=_("Your Messages"),
body=body,
navtrail=get_navtrail(argd['ln']),
uid=uid,
lastupdated=__lastupdated__,
req=req,
language=argd['ln'],
errors=errors,
warnings=warnings,
navmenuid="yourmessages",
secure_page_p=1)
def get_record_ids(argstr, date_from, date_until):
"""Returns the local and external records found for a specific query and timeframe."""
argd = wash_urlargd(parse_qs(argstr), websearch_templates.search_results_default_urlargd)
p = argd.get('p', [])
c = argd.get('c', [])
cc = argd.get('cc', [])
aas = argd.get('aas', [])
f = argd.get('f', [])
so = argd.get('so', [])
sp = argd.get('sp', [])
ot = argd.get('ot', [])
p1 = argd.get('p1', [])
f1 = argd.get('f1', [])
m1 = argd.get('m1', [])
op1 = argd.get('op1', [])
p2 = argd.get('p2', [])
f2 = argd.get('f2', [])
m2 = argd.get('m2', [])
op2 = argd.get('op3', [])
p3 = argd.get('p3', [])
f3 = argd.get('f3', [])
m3 = argd.get('m3', [])
sc = argd.get('sc', [])
d1y, d1m, d1d = _date_to_tuple(date_from)
d2y, d2m, d2d = _date_to_tuple(date_until)
#alerts might contain collections that have been deleted
#check if such collections are in the query, and if yes, do not include them in the search
cc = get_coll_normalised_name(cc)
if not cc and not c: #the alarm was for an entire collection that does not exist anymore
return ([], ([], []))
if c: # some collections were defined in the query
c = [c_norm_name for c_norm_name in [get_coll_normalised_name(c_name) for c_name in c] if c_norm_name] #remove unknown collections from c
if not c: #none of the collection selected in the alert still exist
return ([], ([], []))
washed_colls = wash_colls(cc, c, sc, 0)
hosted_colls = washed_colls[3]
if hosted_colls:
req_args = "p=%s&f=%s&d1d=%s&d1m=%s&d1y=%s&d2d=%s&d2m=%s&d2y=%s&ap=%i" % (p, f, d1d, d1m, d1y, d2d, d2m, d2y, 0)
external_records = calculate_external_records(req_args, [p, p1, p2, p3], f, hosted_colls, CFG_EXTERNAL_COLLECTION_TIMEOUT, CFG_EXTERNAL_COLLECTION_MAXRESULTS_ALERTS)
else:
external_records = ([], [])
recids = perform_request_search(of='id', p=p, c=c, cc=cc, f=f, so=so, sp=sp, ot=ot,
aas=aas, p1=p1, f1=f1, m1=m1, op1=op1, p2=p2, f2=f2,
m2=m2, op2=op2, p3=p3, f3=f3, m3=m3, sc=sc, d1y=d1y,
d1m=d1m, d1d=d1d, d2y=d2y, d2m=d2m, d2d=d2d)
return (recids, external_records)
def __call__(self, req, form):
"""Called in case of URLs like /CFG_SITE_RECORD/123/files without
trailing slash.
"""
args = wash_urlargd(form, bibdocfile_templates.files_default_urlargd)
ln = args['ln']
link_ln = ''
if ln != CFG_SITE_LANG:
link_ln = '?ln=%s' % ln
return redirect_to_url(
req, '%s/%s/%s/files/%s' %
(CFG_SITE_URL, CFG_SITE_RECORD, self.recid, link_ln))
def oraclefriendly(self, req, form):
"""
This specifically for batchuploader with the oracle-friendly patch
"""
from invenio.webinterface_handler_wsgi_utils import handle_file_post
from invenio.bibdocfile import stream_file
argd = wash_urlargd(form, {"save": (str, ""), "results": (str, "")})
if req.method != 'POST':
body = """<p>Please send a FORM via POST.</p>"""
return page("test2", body=body, req=req)
if argd['save'] and argd['save'].startswith(CFG_TMPDIR):
open(argd['save'], "w").write(argd['results'])
return argd['results']
def summary(self, req, form):
args = wash_urlargd(form, {
'doctype': (str, ''),
'act': (str, ''),
'access': (str, ''),
'indir': (str, '')})
ln = args['ln']
uid = getUid(req)
if uid == -1 or CFG_ACCESS_CONTROL_LEVEL_SITE >= 1:
return page_not_authorized(req, "../summary",
navmenuid='submit')
t = ""
curdir = os.path.join(CFG_WEBSUBMIT_STORAGEDIR, args['indir'], args['doctype'], args['access'])
try:
assert(curdir == os.path.abspath(curdir))
except AssertionError:
register_exception(req=req, alert_admin=True, prefix='Possible cracking tentative: indir="%s", doctype="%s", access="%s"' % (args['indir'], args['doctype'], args['access']))
return warning_page("Invalid parameters", req, ln)
subname = "%s%s" % (args['act'], args['doctype'])
res = run_sql("select sdesc,fidesc,pagenb,level from sbmFIELD where subname=%s "
"order by pagenb,fieldnb", (subname,))
nbFields = 0
values = []
for arr in res:
if arr[0] != "":
val = {
'mandatory' : (arr[3] == 'M'),
'value' : '',
'page' : arr[2],
'name' : arr[0],
}
if os.path.exists(os.path.join(curdir, curdir, arr[1])):
fd = open(os.path.join(curdir, arr[1]),"r")
value = fd.read()
fd.close()
value = value.replace("\n"," ")
value = value.replace("Select:","")
else:
value = ""
val['value'] = value
values.append(val)
return websubmit_templates.tmpl_submit_summary(
ln = args['ln'],
values = values,
)
def legacyrobotupload(req, form):
"""Interface for robots used like this:
$ curl -F '[email protected]' -F 'mode=-i' [-F 'callback_url=http://...'] [-F 'nonce=1234'] http://cds.cern.ch/batchuploader/robotupload -A invenio_webupload
"""
argd = wash_urlargd(
form, {
'mode': (str, None),
'callback_url': (str, None),
'nonce': (str, None),
'special_treatment': (str, None)
})
return cli_upload(req, form.get('file', None), argd['mode'],
argd['callback_url'], argd['nonce'],
argd['special_treatment'])
def restupload(req, form):
"""Interface for robots used like this:
$ curl --data-binary '@localfile.xml' http://cds.cern.ch/batchuploader/robotupload/[insert|replace|correct|append]?[callback_url=http://...]&nonce=1234 -A invenio_webupload
"""
filepath, mimetype = handle_file_post(req)
argd = wash_urlargd(
form, {
'callback_url': (str, None),
'nonce': (str, None),
'special_treatment': (str, None)
})
return cli_upload(req, open(filepath), '--' + path[0],
argd['callback_url'], argd['nonce'],
argd['special_treatment'])
def issue_control(self, req, form):
"""
page that allows full control over creating, backtracing, adding to,
removing from issues.
"""
argd = wash_urlargd(form, {'name': (str, ""),
'add': (str, ""),
'action_publish': (str, "cfg"),
'issue_number': (list, []),
'ln': (str, "")})
redirect_to_url(req, CFG_SITE_SECURE_URL + \
'/admin/webjournal/webjournaladmin.py/issue_control?journal_name=' + \
argd['name'] + '&ln=' + argd['ln'] + '&issue=' + argd['issue_number'] + \
'&action=' + argd['action_publish'])
def jobs(self, req, form):
"""Displays all the jobs of a given user
and allows creation, deletion and execution of jobs"""
argd = wash_urlargd(
form, {
"new_button": (str, ""),
"run_button": (str, ""),
"delete_button": (str, ""),
"selected_jobs": (list, "")
})
# load the right message language
language = argd["ln"]
_ = gettext_set_language(language)
self._check_user_credentials(req, language)
user_id = self._get_user_id(req)
try:
# if the form is submitted through some of the buttons
# we should perform the appropriate action
if argd["new_button"]:
self._redirect_to_page(req, self._EDIT_JOB_URL, language)
elif argd["delete_button"]:
job_ids = argd["selected_jobs"]
perform_request_delete_jobs(job_ids=job_ids,
user_id=user_id,
language=language)
elif argd["run_button"]:
job_ids = argd["selected_jobs"]
perform_request_run_jobs(job_ids=job_ids,
user_id=user_id,
language=language)
self._redirect_to_page(req, self._JOB_HISTORY_URL, language)
user_id = self._get_user_id(req)
body = perform_request_jobs(user_id=user_id, language=language)
except AccessDeniedError:
self._redirect_to_not_authorised_page(req, language)
return page(title=_("Export Job Overview"),
metaheaderadd=get_css(),
body=body,
req=req,
navmenuid="fieldexporter",
titleprologue=get_navigation_menu(language),
navtrail=self._NAVTRAIL_EXPORT,
language=language)
def post2(self, req, form):
"""
This is to test L{handle_file_post} function.
"""
from invenio.webinterface_handler_wsgi_utils import handle_file_post
from invenio.bibdocfile import stream_file
argd = wash_urlargd(form, {"save": (str, "")})
if req.method != 'POST':
body = """<p>Please send a file via POST.</p>"""
return page("test2", body=body, req=req)
path, mimetype = handle_file_post(req)
if argd['save'] and argd['save'].startswith(CFG_TMPDIR):
open(argd['save'], "w").write(open(path).read())
return stream_file(req, path, mime=mimetype)
def contact(self, req, form):
"""
Display contact information for the journal.
"""
argd = wash_urlargd(form, {'name': (str, ""),
'ln': (str, ""),
'verbose': (int, 0)
})
try:
ln = wash_journal_language(argd['ln'])
washed_journal_name = wash_journal_name(ln, argd['name'])
except InvenioWebJournalNoJournalOnServerError, e:
register_exception(req=req)
return e.user_box(req)
def popup(self, req, form):
"""
simple pass-through function that serves as a checker for popups.
"""
argd = wash_urlargd(form, {'name': (str, ""),
'record': (str, ""),
'ln': (str, "")
})
try:
ln = wash_journal_language(argd['ln'])
washed_journal_name = wash_journal_name(ln, argd['name'])
record = wash_popup_record(ln, argd['record'], washed_journal_name)
except InvenioWebJournalNoJournalOnServerError, e:
register_exception(req=req)
return e.user_box(req)
def getuploadedfile(self, req, form):
"""
Stream uploaded files.
For the moment, restrict to files in ./curdir/files/uid or
./curdir/icons/uid directory, so that we are sure we stream
files only to the user who uploaded them.
"""
argd = wash_urlargd(
form, {
'indir': (str, None),
'doctype': (str, None),
'access': (str, None),
'icon': (int, 0),
'key': (str, None),
'filename': (str, None),
'nowait': (int, 0)
})
if None in argd.values():
raise apache.SERVER_RETURN(apache.HTTP_BAD_REQUEST)
uid = getUid(req)
if argd['icon']:
file_path = os.path.join(CFG_WEBSUBMIT_STORAGEDIR, argd['indir'],
argd['doctype'], argd['access'], 'icons',
str(uid), argd['key'], argd['filename'])
else:
file_path = os.path.join(CFG_WEBSUBMIT_STORAGEDIR, argd['indir'],
argd['doctype'], argd['access'], 'files',
str(uid), argd['key'], argd['filename'])
abs_file_path = os.path.abspath(file_path)
if abs_file_path.startswith(CFG_WEBSUBMIT_STORAGEDIR):
# Check if file exist. Note that icon might not yet have
# been created.
if not argd['nowait']:
for i in range(5):
if os.path.exists(abs_file_path):
return stream_file(req, abs_file_path)
time.sleep(1)
else:
if os.path.exists(abs_file_path):
return stream_file(req, abs_file_path)
# Send error 404 in all other cases
raise apache.SERVER_RETURN(apache.HTTP_NOT_FOUND)
def docsubmit(self, req, form):
""" Function called after submitting the document upload form.
Performs the appropiate action depending on the input parameters
"""
argd = wash_urlargd(
form, {
'docfolder': (str, ""),
'matching': (str, ""),
'mode': (str, ""),
'submit_date': (str, ""),
'submit_time': (str, ""),
'priority': (str, ""),
'email_logs_to': (str, "")
})
_ = gettext_set_language(argd['ln'])
not_authorized = user_authorization(req, argd['ln'])
if not_authorized:
return not_authorized
date = argd['submit_date'] not in ['yyyy-mm-dd', ''] \
and argd['submit_date'] or ''
time = argd['submit_time'] not in ['hh:mm:ss', ''] \
and argd['submit_time'] or ''
errors, info = document_upload(req, argd['docfolder'],
argd['matching'], argd['mode'], date,
time, argd['ln'], argd['priority'],
argd['email_logs_to'])
body = batchuploader_templates.tmpl_display_menu(argd['ln'])
uid = getUid(req)
navtrail = '''<a class="navtrail" href="%s/batchuploader/documents">%s</a>''' % \
(CFG_SITE_SECURE_URL, _("Document batch upload"))
body += batchuploader_templates.tmpl_display_web_docupload_result(
argd['ln'], errors, info)
title = _("Document batch upload result")
return page(title=title,
body=body,
metaheaderadd=batchuploader_templates.tmpl_styles(),
uid=uid,
navtrail=navtrail,
lastupdated=__lastupdated__,
req=req,
language=argd['ln'],
navmenuid="batchuploader")
def sendtrackback(self, req, form):
"""
Send a new trackback
"""
if CFG_WEBLINKBACK_TRACKBACK_ENABLED:
argd = wash_urlargd(form, {'url': (str, CFG_WEBLINKBACK_SUBSCRIPTION_DEFAULT_ARGUMENT_NAME),
'title': (str, CFG_WEBLINKBACK_SUBSCRIPTION_DEFAULT_ARGUMENT_NAME),
'excerpt': (str, CFG_WEBLINKBACK_SUBSCRIPTION_DEFAULT_ARGUMENT_NAME),
'blog_name': (str, CFG_WEBLINKBACK_SUBSCRIPTION_DEFAULT_ARGUMENT_NAME),
'id': (str, CFG_WEBLINKBACK_SUBSCRIPTION_DEFAULT_ARGUMENT_NAME),
'source': (str, CFG_WEBLINKBACK_SUBSCRIPTION_DEFAULT_ARGUMENT_NAME),
})
perform_sendtrackback(req, self.recid, argd['url'], argd['title'], argd['excerpt'], argd['blog_name'], argd['id'], argd['source'], argd['ln'])
else:
perform_sendtrackback_disabled(req)
def customevent_register(self, req, form):
"""Register a customevent and reload to it defined url"""
argd = wash_urlargd(
form, {
'event_id': (str, ""),
'arg': (str, ""),
'url': (str, ""),
'ln': (str, CFG_SITE_LANG)
})
params = argd['arg'].split(',')
if "WEBSTAT_IP" in params:
index = params.index("WEBSTAT_IP")
params[index] = str(req.remote_ip)
register_customevent(argd['event_id'], params)
return redirect_to_url(req, unquote(argd['url']),
apache.HTTP_MOVED_PERMANENTLY)
