Exemple #1
0
def errmsg_no_email(session, req):
	"""html error message when email address lookup fails"""
	msg = 'Please contact <a href="mailto:%s">%s</a> and provide us with your email address' % (org.support_email_address, org.support_email_address)
	username = core.getUsername(session, req)
	if username is not None:
		msg += ' and username (<code>%s</code>)' % username
	msg += "."
	return """\
%s
<p>
Research Computing has no email address for you on file.
You must have a valid email address in order to continue with this process.
%s
</p>
""" % (greeting(session, req), msg)
Exemple #2
0
def greeting(session, req):
	"""html used at the very top of pages"""
	greeting = "Hello"
	username = core.getUsername(session, req)
	if username is not None: greeting += " %s" % org.getFullName(username)
	msg = """\
<p>
%s,
</p>
<br /><!--(because our paragraph margin-* css is off; remove on other sites)-->
""" % greeting
	if config.AUTH_TYPE=='HTTP':
		msg += """\
<p>
<small>(If you are not %s, you must close your browser and restart.)</small>
</p>
<br /><!--(because our paragraph margin-* css is off; remove on other sites)-->
""" % (fullname)
	return msg
Exemple #3
0
def downloadHandler(req):
    """otec protection for, and customization of, file downloads, i.e. dynamic non-html content"""

    #--- BEGIN TEMPLATE CODE...

    try:
        from mod_python import apache, util, Session

        session = Session.Session(req)
        form = util.FieldStorage(req, keep_blank_values=1)

        req.add_common_vars()

        base_url_dir = os.path.dirname(
            req.subprocess_env['SCRIPT_URI'])  #e.g. 'https://SERVER/PATH/'
        base_fs_dir = os.path.dirname(req.subprocess_env['SCRIPT_FILENAME'])

        msg = "request from ip [%s] from user [%s]" % (
            req.subprocess_env['REMOTE_ADDR'], core.getUsername(session, req))
        core.log(msg, session, req)

        core.sessionCheck(session, req)

        #--- ...END TEMPLATE CODE

        import otec

        #reset otec defaults; make sure this is in sync with index.psp, else import order will matter
        otec.OTEC_DIR = os.path.join(config2.ROOT_DIR, 'otec')
        otec.DEBUG = config.DEBUG

        username = core.getUsername(session, req)
        if username is None:
            raise Exception(
                "internal error: openauth must be behind some compatible authentication wall"
            )

        #check the otec
        code = None
        try:
            code = form['otec']
        except KeyError:
            pass
        if code is None or not otec.isValid(code) or not code.startswith(
                username):
            msg = "expired, invalid, or unprovided otec for user [%s]: %s" % (
                username, code)
            core.log(msg, session, req)
            req.internal_redirect(os.path.join(base_url_dir, 'fail_otec.psp'))
            return apache.OK

        msg = "accepted otec [%s] for user [%s]" % (code, username)
        core.log(msg, session, req)

        #detemine what file to serve up
        try:
            f = os.path.basename(req.uri)
            if f not in ('qrcode.png', '%s-openauth.zip' % username):
                raise BreakOut
        except (KeyError, BreakOut):
            msg = "unexpected download [%s] by user [%s]" % (f, username)
            core.log(msg, session, req)
            req.internal_redirect(
                os.path.join(base_url_dir, 'fail_general.psp'))
            return apache.OK

        #handle feeding out the bytes
        if f == 'qrcode.png':
            bytes = getQRCodeBytes(username)
            req.headers_out.add('Pragma', 'no-cache')
            req.headers_out.add('Content-Type', 'image/png')
            req.write(bytes)
        elif f == ('%s-openauth.zip' % username):
            bytes = getZipBytes(username)
            req.headers_out.add('Content-Disposition',
                                'attachment; filename="%s"' % f)
            req.headers_out.add('Content-Type', 'application/zip')
            req.write(bytes)

        #delete the otec
        try:
            otec.delete(code)
            msg = "deleted otec [%s] for user [%s]" % (code, username)
            core.log(msg, session, req)
        except Exception, e:
            msg = "ERROR: failed to delete otec [%s] for user [%s]: %s" % (
                code, username, e)
            core.log(msg, session, req, e)
            pass  #everything else worked, and the user is good to go; the otec will expire anyways

        #--- BEGIN TEMPLATE CODE...

        return apache.OK
Exemple #4
0
        try:
            otec.delete(code)
            msg = "deleted otec [%s] for user [%s]" % (code, username)
            core.log(msg, session, req)
        except Exception, e:
            msg = "ERROR: failed to delete otec [%s] for user [%s]: %s" % (
                code, username, e)
            core.log(msg, session, req, e)
            pass  #everything else worked, and the user is good to go; the otec will expire anyways

        #--- BEGIN TEMPLATE CODE...

        return apache.OK
    except apache.SERVER_RETURN:
        ##if it's re-raised, sessions start over; passing seems wrong but it's the only way I know of to make sessions persist across redirect
        #raise
        pass
    except Exception, e:
        if not ('core' in globals() and 'session' in locals()
                and 'base_url_dir' in locals()):
            raise  #just bailout and let the server handle it (if configured with PythonDebug On, the traceback will be shown to the user)
        else:
            msg = "ERROR: uncaught exception when handling user [%s]: %s" % (
                core.getUsername(session, req), e)
            core.log(msg, session, req, e)
            req.internal_redirect(
                os.path.join(base_url_dir, 'fail_general.psp'))
            return apache.OK  #(not sure if this does anything)

    #--- ...END TEMPLATE CODE
Exemple #5
0
def downloadHandler(req):
	"""otec protection for, and customization of, file downloads, i.e. dynamic non-html content"""


	#--- BEGIN TEMPLATE CODE...

	try:
		from mod_python import apache, util, Session
		
		session = Session.Session(req)
		form = util.FieldStorage(req, keep_blank_values=1)

		req.add_common_vars()
		
		base_url_dir = os.path.dirname(req.subprocess_env['SCRIPT_URI'])  #e.g. 'https://SERVER/PATH/'
		base_fs_dir  = os.path.dirname(req.subprocess_env['SCRIPT_FILENAME'])
		
		msg = "request from ip [%s] from user [%s]" % (req.subprocess_env['REMOTE_ADDR'], core.getUsername(session, req))
		core.log(msg, session, req)
		
		core.sessionCheck(session, req)

		#--- ...END TEMPLATE CODE
		
		
		import otec

		#reset otec defaults; make sure this is in sync with index.psp, else import order will matter
		otec.OTEC_DIR = os.path.join(config2.ROOT_DIR, 'otec')
		otec.DEBUG = config.DEBUG

		username = core.getUsername(session, req)
		if username is None:
			raise Exception("internal error: openauth must be behind some compatible authentication wall")
		
		#check the otec
		code = None
		try:
			code = form['otec']
		except KeyError:
			pass
		if code is None or not otec.isValid(code) or not code.startswith(username):
			msg = "expired, invalid, or unprovided otec for user [%s]: %s" % (username, code)
			core.log(msg, session, req)
			req.internal_redirect(os.path.join(base_url_dir, 'fail_otec.psp'))
			return apache.OK
				
		msg = "accepted otec [%s] for user [%s]" % (code, username)
		core.log(msg, session, req)
		
		#detemine what file to serve up
		try:
			f = os.path.basename(req.uri)
			if f not in ('qrcode.png', '%s-openauth.zip' % username): raise BreakOut
		except (KeyError, BreakOut):
			msg = "unexpected download [%s] by user [%s]" % (f, username)
			core.log(msg, session, req)
			req.internal_redirect(os.path.join(base_url_dir, 'fail_general.psp'))
			return apache.OK
		
		#handle feeding out the bytes
		if   f=='qrcode.png':
			bytes = getQRCodeBytes(username)
			req.headers_out.add('Pragma', 'no-cache')
			req.headers_out.add('Content-Type', 'image/png')
			req.write(bytes)
		elif f==('%s-openauth.zip' % username):
			bytes = getZipBytes(username)
			req.headers_out.add('Content-Disposition', 'attachment; filename="%s"' % f)
			req.headers_out.add('Content-Type'       , 'application/zip')
			req.write(bytes)
		
		#delete the otec
		try:
			otec.delete(code)
			msg = "deleted otec [%s] for user [%s]" % (code, username)
			core.log(msg, session, req)
		except Exception, e:
			msg = "ERROR: failed to delete otec [%s] for user [%s]: %s" % (code, username, e)
			core.log(msg, session, req, e)
			pass  #everything else worked, and the user is good to go; the otec will expire anyways


		#--- BEGIN TEMPLATE CODE...
		
		return apache.OK
Exemple #6
0
			req.write(bytes)
		
		#delete the otec
		try:
			otec.delete(code)
			msg = "deleted otec [%s] for user [%s]" % (code, username)
			core.log(msg, session, req)
		except Exception, e:
			msg = "ERROR: failed to delete otec [%s] for user [%s]: %s" % (code, username, e)
			core.log(msg, session, req, e)
			pass  #everything else worked, and the user is good to go; the otec will expire anyways


		#--- BEGIN TEMPLATE CODE...
		
		return apache.OK
	except apache.SERVER_RETURN:
		##if it's re-raised, sessions start over; passing seems wrong but it's the only way I know of to make sessions persist across redirect
		#raise
		pass
	except Exception, e:
		if not ( 'core' in globals() and 'session' in locals() and 'base_url_dir' in locals() ):
			raise  #just bailout and let the server handle it (if configured with PythonDebug On, the traceback will be shown to the user)
		else:
			msg = "ERROR: uncaught exception when handling user [%s]: %s" % (core.getUsername(session, req), e)
			core.log(msg, session, req, e)
			req.internal_redirect(os.path.join(base_url_dir, 'fail_general.psp'))
			return apache.OK  #(not sure if this does anything)
	
	#--- ...END TEMPLATE CODE
Exemple #7
0
def img(req):
	"""serve a png image"""



	#--- BEGIN TEMPLATE CODE...
	
	try:
		from mod_python import apache, util, Session
		
		session = Session.Session(req)
		form = util.FieldStorage(req, keep_blank_values=1)
		
		req.add_common_vars()

		base_url_path = req.subprocess_env['REQUEST_URI'].split('?',1)[0]  #e.g. /PATH/FILENAME.psp, of 'https://SERVER/PATH/FILENAME.psp?FOO=BAR'
		base_url_dir = os.path.dirname(base_url_path)  #e.g. /PATH, of 'https://SERVER/PATH/FILENAME.psp?FOO=BAR'
		base_fs_dir  = os.path.dirname(req.subprocess_env['SCRIPT_FILENAME'])
		
		msg = "request from ip [%s] from user [%s]" % (req.subprocess_env['REMOTE_ADDR'], core.getUsername(session, req))
		core.log(msg, session, req)
		
		core.sessionCheck(session, req)

		#--- ...END TEMPLATE CODE



		import urllib, urllib2

		if form.has_key('job') and form.has_key('path'):
			#(these will be the un-quoted values (i.e. '/' instead of '%2F')
			path = str(form['path']).strip()
			job  = str(form['job']).strip()

			if req.is_https():
				protocol = 'https'
			else:
				protocol = 'http'

			imgurl = '%s://localhost/%s/data/%s/philesight/?cmd=img&path=%s' % (protocol, base_url_dir.lstrip('/'), job, urllib.quote(path))

			msg = 'image request for job [%s], path [%s]; serving [%s]' % (job, path, imgurl)
			core.log(msg, session, req)
			
			bytes = urllib2.urlopen(imgurl).read()
			req.headers_out.add('Content-Type', 'image/png')
			req.write(bytes)
		else:
			#FIXME
			raise Exception("internal error: handling of incomplete img query string not yet implemented")



		#--- BEGIN TEMPLATE CODE...

		return apache.OK
	except apache.SERVER_RETURN:
		##if it's re-raised, sessions start over; passing seems wrong but it's the only way I know of to make sessions persist across redirect
		#raise
		raise
	except Exception, e:
		if not ( 'core' in globals() and 'session' in locals() and 'base_url_dir' in locals() ):
			raise  #just bailout and let the server handle it (if configured with PythonDebug On, the traceback will be shown to the user)
		else:
			msg = "ERROR: exception when handling user [%s]: %s" % (core.getUsername(session, req), e)
			core.log(msg, session, req, e)
			##FIXME -- this causes server to hang
			#req.internal_redirect(os.path.join(base_url_dir,'imgfail.psp'))
			return apache.OK  #(not sure if this does anything)