def handler(req, fields = None, is_profiling = False):
# Create an object that contains all data about the request and
# helper functions for creating valid HTML. Parse URI and
# store results in the request object for later usage.
__builtin__.html = html_mod_python(req, fields)
response_code = apache.OK
try:
config.load_config() # load multisite.mk etc.
html.init_modes()
init_profiling(is_profiling)
# Make sure all plugins are avaiable as early as possible. At least
# we need the plugins (i.e. the permissions declared in these) at the
# time before the first login for generating auth.php.
modules.load_all_plugins()
# Get page handler.
handler = modules.get_handler(html.myfile, page_not_found)
# Some pages do skip authentication. This is done by adding
# noauth: to the page hander, e.g. "noauth:run_cron" : ...
if handler == page_not_found:
handler = modules.get_handler("noauth:" + html.myfile, page_not_found)
if handler != page_not_found:
try:
# Call userdb page hooks which are executed on a regular base to e.g. syncronize
# information withough explicit user triggered actions
userdb.hook_page()
handler()
except Exception, e:
html.write(str(e))
if config.debug:
html.write(html.attrencode(format_exception()))
raise FinalizeRequest()
# Is the user set by the webserver? otherwise use the cookie based auth
if not html.is_logged_in():
config.auth_type = 'cookie'
# When not authed tell the browser to ask for the password
html.login(login.check_auth())
if not html.is_logged_in():
if fail_silently():
# While api call don't show the login dialog
raise MKUnauthenticatedException(_('You are not authenticated.'))
# Redirect to the login-dialog with the current url as original target
# Never render the login form directly when accessing urls like "index.py"
# or "dashboard.py". This results in strange problems.
if html.myfile != 'login':
html.http_redirect(defaults.url_prefix + 'check_mk/login.py?_origtarget=%s' %
html.urlencode(html.makeuri([])))
# Initialize the i18n for the login dialog. This might be overridden
# later after user login
i18n.localize(html.var("lang", config.get_language()))
# This either displays the login page or validates the information submitted
# to the login form. After successful login a http redirect to the originally
# requested page is performed.
login.page_login(plain_error())
raise FinalizeRequest()
else:
# In case of basic auth the user is already known, but we still need to decide
# whether or not the user is an automation user (which is allowed to use transid=-1)
if html.var("_secret"):
login.check_auth_automation()
# Call userdb page hooks which are executed on a regular base to e.g. syncronize
# information withough explicit user triggered actions
userdb.hook_page()
# Set all permissions, read site config, and similar stuff
config.login(html.user)
html.load_help_visible()
# Initialize the multiste i18n. This will be replaced by
# language settings stored in the user profile after the user
# has been initialized
i18n.localize(html.var("lang", config.get_language()))
# All plugins might have to be reloaded due to a language change
modules.load_all_plugins()
# User allowed to login at all?
if not config.may("general.use"):
reason = _("You are not authorized to use Check_MK Multisite. Sorry. "
"You are logged in as <b>%s</b>.") % config.user_id
if len(config.user_role_ids):
reason += _("Your roles are <b>%s</b>. " % ", ".join(config.user_role_ids))
else:
reason += _("<b>You do not have any roles.</b> ")
reason += _("If you think this is an error, "
"please ask your administrator to check the permissions configuration.")
if config.auth_type == 'cookie':
reason += _('<p>You have been logged out. Please reload the page to re-authenticate.</p>')
login.del_auth_cookie()
raise MKAuthException(reason)
handler()
def handler(req, fields = None, profiling = True):
req.content_type = "text/html; charset=UTF-8"
req.header_sent = False
# Create an object that contains all data about the request and
# helper functions for creating valid HTML. Parse URI and
# store results in the request object for later usage.
html = html_mod_python(req, fields)
html.enable_debug = config.debug
html.id = {} # create unique ID for this request
__builtin__.html = html
response_code = apache.OK
try:
# Ajax-Functions want no HTML output in case of an error but
# just a plain server result code of 500
fail_silently = html.has_var("_ajaxid")
# Webservice functions may decide to get a normal result code
# but a text with an error message in case of an error
plain_error = html.has_var("_plain_error")
config.load_config() # load multisite.mk
if html.var("debug"): # Debug flag may be set via URL
config.debug = True
if html.var("screenshotmode") or config.screenshotmode: # Omit fancy background, make it white
html.screenshotmode = True
html.enable_debug = config.debug
html.set_buffering(config.buffered_http_stream)
# profiling can be enabled in multisite.mk
if profiling and config.profile:
import cProfile # , pstats, sys, StringIO, tempfile
# the profiler loses the memory about all modules. We need to hand over
# the request object in the apache module.
# Ubuntu: install python-profiler when using this feature
profilefile = defaults.var_dir + "/web/multisite.profile"
retcode = cProfile.runctx(
"import index; "
"index.handler(profile_req, profile_fields, False)",
{'profile_req': req, 'profile_fields': html.fields}, {}, profilefile)
file(profilefile + ".py", "w").write(
"#!/usr/bin/python\n"
"import pstats\n"
"stats = pstats.Stats(%r)\n"
"stats.sort_stats('time').print_stats()\n" % profilefile)
os.chmod(profilefile + ".py", 0755)
release_all_locks()
return apache.OK
# Make sure all plugins are avaiable as early as possible. At least
# we need the plugins (i.e. the permissions declared in these) at the
# time before the first login for generating auth.php.
load_all_plugins()
# Detect mobile devices
if html.has_var("mobile"):
html.mobile = not not html.var("mobile")
else:
user_agent = html.req.headers_in.get('User-Agent', '')
html.mobile = mobile.is_mobile(user_agent)
# Redirect to mobile GUI if we are a mobile device and
# the URL is /
if html.myfile == "index" and html.mobile:
html.myfile = "mobile"
# Get page handler.
handler = pagehandlers.get(html.myfile, page_not_found)
# First initialization of the default permissions. Needs to be done before the auth_file
# (auth.php) ist written (it's done during showing the login page for the first time).
# Must be loaded before the "automation" call to have the general.* permissions available
# during automation action processing (e.g. hooks triggered by restart)
default_permissions.load()
# Some pages do skip authentication. This is done by adding
# noauth: to the page hander, e.g. "noauth:run_cron" : ...
if handler == page_not_found:
handler = pagehandlers.get("noauth:" + html.myfile, page_not_found)
if handler != page_not_found:
try:
# Call userdb page hooks which are executed on a regular base to e.g. syncronize
# information withough explicit user triggered actions
userdb.hook_page()
handler()
except Exception, e:
html.write(str(e))
if config.debug:
html.write(html.attrencode(format_exception()))
release_all_locks()
return apache.OK
# Prepare output format
output_format = html.var("output_format", "html")
html.set_output_format(output_format)
# Is the user set by the webserver? otherwise use the cookie based auth
if not html.user or type(html.user) != str:
config.auth_type = 'cookie'
# When not authed tell the browser to ask for the password
html.user = login.check_auth()
if html.user == '':
if fail_silently:
# While api call don't show the login dialog
raise MKUnauthenticatedException(_('You are not authenticated.'))
# Redirect to the login-dialog with the current url as original target
# Never render the login form directly when accessing urls like "index.py"
# or "dashboard.py". This results in strange problems.
if html.myfile != 'login':
html.http_redirect(defaults.url_prefix + 'check_mk/login.py?_origtarget=%s' %
html.urlencode(html.makeuri([])))
# Initialize the i18n for the login dialog. This might be overridden
# later after user login
load_language(html.var("lang", config.get_language()))
# This either displays the login page or validates the information submitted
# to the login form. After successful login a http redirect to the originally
# requested page is performed.
login.page_login(plain_error)
release_all_locks()
return apache.OK
else:
# In case of basic auth the user is already known, but we still need to decide
# whether or not the user is an automation user (which is allowed to use transid=-1)
if html.var("_secret"):
login.check_auth_automation()
# Call userdb page hooks which are executed on a regular base to e.g. syncronize
# information withough explicit user triggered actions
userdb.hook_page()
# Set all permissions, read site config, and similar stuff
config.login(html.user)
html.load_help_visible()
# Initialize the multiste i18n. This will be replaced by
# language settings stored in the user profile after the user
# has been initialized
load_language(html.var("lang", config.get_language()))
# All plugins might have to be reloaded due to a language change
load_all_plugins()
# Reload default permissions (maybe reload due to language change)
default_permissions.load()
# User allowed to login at all?
if not config.may("general.use"):
reason = _("You are not authorized to use Check_MK Multisite. Sorry. "
"You are logged in as <b>%s</b>.") % config.user_id
if len(config.user_role_ids):
reason += _("Your roles are <b>%s</b>. " % ", ".join(config.user_role_ids))
else:
reason += _("<b>You do not have any roles.</b> ")
reason += _("If you think this is an error, "
"please ask your administrator to check the permissions configuration.")
if config.auth_type == 'cookie':
reason += _('<p>You have been logged out. Please reload the page to re-authenticate.</p>')
login.del_auth_cookie()
raise MKAuthException(reason)
handler()
def handler(req, fields = None, is_profiling = False):
# Create an object that contains all data about the request and
# helper functions for creating valid HTML. Parse URI and
# store results in the request object for later usage.
__builtin__.html = html_mod_python(req, fields)
response_code = apache.OK
try:
config.load_config() # load multisite.mk etc.
init_profiling(is_profiling)
html.init_modes()
# Make sure all plugins are avaiable as early as possible. At least
# we need the plugins (i.e. the permissions declared in these) at the
# time before the first login for generating auth.php.
modules.load_all_plugins()
# Get page handler.
handler = modules.get_handler(html.myfile, page_not_found)
# Some pages do skip authentication. This is done by adding
# noauth: to the page hander, e.g. "noauth:run_cron" : ...
if handler == page_not_found:
handler = modules.get_handler("noauth:" + html.myfile, page_not_found)
if handler != page_not_found:
try:
handler()
except Exception, e:
html.write("%s" % e)
if config.debug:
html.write(html.attrencode(format_exception()))
raise FinalizeRequest()
# Is the user set by the webserver? otherwise use the cookie based auth
if not html.is_logged_in():
config.auth_type = 'cookie'
# When not authed tell the browser to ask for the password
html.login(login.check_auth())
if not html.is_logged_in():
if fail_silently():
# While api call don't show the login dialog
raise MKUnauthenticatedException(_('You are not authenticated.'))
# Redirect to the login-dialog with the current url as original target
# Never render the login form directly when accessing urls like "index.py"
# or "dashboard.py". This results in strange problems.
if html.myfile != 'login':
html.http_redirect(defaults.url_prefix + 'check_mk/login.py?_origtarget=%s' %
html.urlencode(html.makeuri([])))
# Initialize the i18n for the login dialog. This might be overridden
# later after user login
i18n.localize(html.var("lang", config.get_language()))
# This either displays the login page or validates the information submitted
# to the login form. After successful login a http redirect to the originally
# requested page is performed.
login.page_login(plain_error())
raise FinalizeRequest()
else:
# In case of basic auth the user is already known, but we still need to decide
# whether or not the user is an automation user (which is allowed to use transid=-1)
if html.var("_secret"):
login.check_auth_automation()
# Set all permissions, read site config, and similar stuff
config.login(html.user)
html.load_help_visible()
# Initialize the multiste i18n. This will be replaced by
# language settings stored in the user profile after the user
# has been initialized
previous_language = current_language
i18n.localize(html.var("lang", config.get_language()))
# All plugins might have to be reloaded due to a language change. Only trigger
# a second plugin loading when the user is really using a custom localized GUI.
# Otherwise the load_all_plugins() at the beginning of the request is sufficient.
if current_language != previous_language:
modules.load_all_plugins()
# User allowed to login at all?
if not config.may("general.use"):
reason = _("You are not authorized to use Check_MK Multisite. Sorry. "
"You are logged in as <b>%s</b>.") % config.user_id
if len(config.user_role_ids):
reason += _("Your roles are <b>%s</b>. " % ", ".join(config.user_role_ids))
else:
reason += _("<b>You do not have any roles.</b> ")
reason += _("If you think this is an error, "
"please ask your administrator to check the permissions configuration.")
if config.auth_type == 'cookie':
reason += _('<p>You have been logged out. Please reload the page to re-authenticate.</p>')
login.del_auth_cookie()
raise MKAuthException(reason)
handler()
def handler(req, fields=None, profiling=True):
req.content_type = "text/html; charset=UTF-8"
req.header_sent = False
# Create an object that contains all data about the request and
# helper functions for creating valid HTML. Parse URI and
# store results in the request object for later usage.
html = html_mod_python(req, fields)
html.enable_debug = config.debug
html.id = {} # create unique ID for this request
__builtin__.html = html
response_code = apache.OK
try:
# Ajax-Functions want no HTML output in case of an error but
# just a plain server result code of 500
fail_silently = html.has_var("_ajaxid")
# Webservice functions may decide to get a normal result code
# but a text with an error message in case of an error
plain_error = html.has_var("_plain_error")
config.load_config() # load multisite.mk
if html.var("debug"): # Debug flag may be set via URL
config.debug = True
if html.var(
"screenshotmode"
) or config.screenshotmode: # Omit fancy background, make it white
html.screenshotmode = True
html.enable_debug = config.debug
html.set_buffering(config.buffered_http_stream)
# profiling can be enabled in multisite.mk
if profiling and config.profile:
import cProfile # , pstats, sys, StringIO, tempfile
# the profiler loses the memory about all modules. We need to hand over
# the request object in the apache module.
# Ubuntu: install python-profiler when using this feature
profilefile = defaults.var_dir + "/web/multisite.profile"
retcode = cProfile.runctx(
"import index; "
"index.handler(profile_req, profile_fields, False)", {
'profile_req': req,
'profile_fields': html.fields
}, {}, profilefile)
file(profilefile + ".py", "w").write(
"#!/usr/bin/python\n"
"import pstats\n"
"stats = pstats.Stats(%r)\n"
"stats.sort_stats('time').print_stats()\n" % profilefile)
os.chmod(profilefile + ".py", 0755)
release_all_locks()
return apache.OK
# Make sure all plugins are avaiable as early as possible. At least
# we need the plugins (i.e. the permissions declared in these) at the
# time before the first login for generating auth.php.
load_all_plugins()
# Detect mobile devices
if html.has_var("mobile"):
html.mobile = not not html.var("mobile")
else:
user_agent = html.req.headers_in.get('User-Agent', '')
html.mobile = mobile.is_mobile(user_agent)
# Redirect to mobile GUI if we are a mobile device and
# the URL is /
if html.myfile == "index" and html.mobile:
html.myfile = "mobile"
# Get page handler.
handler = pagehandlers.get(html.myfile, page_not_found)
# First initialization of the default permissions. Needs to be done before the auth_file
# (auth.php) ist written (it's done during showing the login page for the first time).
# Must be loaded before the "automation" call to have the general.* permissions available
# during automation action processing (e.g. hooks triggered by restart)
default_permissions.load()
# Some pages do skip authentication. This is done by adding
# noauth: to the page hander, e.g. "noauth:run_cron" : ...
if handler == page_not_found:
handler = pagehandlers.get("noauth:" + html.myfile, page_not_found)
if handler != page_not_found:
try:
# Call userdb page hooks which are executed on a regular base to e.g. syncronize
# information withough explicit user triggered actions
userdb.hook_page()
handler()
except Exception, e:
html.write(str(e))
if config.debug:
html.write(html.attrencode(format_exception()))
release_all_locks()
return apache.OK
# Prepare output format
output_format = html.var("output_format", "html")
html.set_output_format(output_format)
# Is the user set by the webserver? otherwise use the cookie based auth
if not html.user or type(html.user) != str:
config.auth_type = 'cookie'
# When not authed tell the browser to ask for the password
html.user = login.check_auth()
if html.user == '':
if fail_silently:
# While api call don't show the login dialog
raise MKUnauthenticatedException(
_('You are not authenticated.'))
# Redirect to the login-dialog with the current url as original target
# Never render the login form directly when accessing urls like "index.py"
# or "dashboard.py". This results in strange problems.
if html.myfile != 'login':
html.http_redirect(defaults.url_prefix +
'check_mk/login.py?_origtarget=%s' %
html.urlencode(html.makeuri([])))
# Initialize the i18n for the login dialog. This might be overridden
# later after user login
load_language(html.var("lang", config.get_language()))
# This either displays the login page or validates the information submitted
# to the login form. After successful login a http redirect to the originally
# requested page is performed.
login.page_login(plain_error)
release_all_locks()
return apache.OK
else:
# In case of basic auth the user is already known, but we still need to decide
# whether or not the user is an automation user (which is allowed to use transid=-1)
if html.var("_secret"):
login.check_auth_automation()
# Call userdb page hooks which are executed on a regular base to e.g. syncronize
# information withough explicit user triggered actions
userdb.hook_page()
# Set all permissions, read site config, and similar stuff
config.login(html.user)
html.load_help_visible()
# Initialize the multiste i18n. This will be replaced by
# language settings stored in the user profile after the user
# has been initialized
load_language(html.var("lang", config.get_language()))
# All plugins might have to be reloaded due to a language change
load_all_plugins()
# Reload default permissions (maybe reload due to language change)
default_permissions.load()
# User allowed to login at all?
if not config.may("general.use"):
reason = _(
"You are not authorized to use Check_MK Multisite. Sorry. "
"You are logged in as <b>%s</b>.") % config.user_id
if len(config.user_role_ids):
reason += _("Your roles are <b>%s</b>. " %
", ".join(config.user_role_ids))
else:
reason += _("<b>You do not have any roles.</b> ")
reason += _(
"If you think this is an error, "
"please ask your administrator to check the permissions configuration."
)
if config.auth_type == 'cookie':
reason += _(
'<p>You have been logged out. Please reload the page to re-authenticate.</p>'
)
login.del_auth_cookie()
raise MKAuthException(reason)
handler()