def plot(request): """ http://stackoverflow.com/a/5515994/185820 """ import cStringIO from matplotlib.figure import Figure from matplotlib.backends.backend_agg import FigureCanvasAgg x, y = 4, 4 qs = parse_qs(request.query_string) if 'x' in qs: x = int(qs['x'][0]) if 'y' in qs: y = int(qs['y'][0]) fig = Figure(figsize=[x, y]) ax = fig.add_axes([.1, .1, .8, .8]) ax.scatter([1, 2], [3, 4]) canvas = FigureCanvasAgg(fig) # write image data to a string buffer and get the PNG image bytes buf = cStringIO.StringIO() canvas.print_png(buf) data = buf.getvalue() # write image bytes back to the browser response = Response(data) response.content_type = 'image/png' response.content_length = len(data) return response
def SendFile(self, file): """ Creates the response and sends the file back. Uses the FileIterator. #!date format """ if not file: return HTTPNotFound() last_mod = file.mtime() if not last_mod: last_mod = self.context.meta.pool_change r = Response(content_type=str(GetMimeTypeExtension(file.extension)), conditional_response=True) iterator = file.iterator() if iterator: r.app_iter = iterator else: try: r.body = file.read() except FileNotFound: raise NotFound r.content_length = file.size r.last_modified = last_mod r.etag = '%s-%s' % (last_mod, hash(file.path)) r.cache_expires(self.fileExpires) return r
def get_file_response(filename, document_root=None, accel_header=None): """helper the get a file response""" if not os.path.isfile(filename): return HTTPNotFound() resp = Response(content_type=get_mimetype(filename), conditional_response=True) resp.content_length = os.path.getsize(filename) resp.last_modified = os.path.getmtime(filename) resp.etag = '%s-%s-%s' % (os.path.getmtime(filename), os.path.getsize(filename), hash(filename)) if accel_header: if accel_header.lower() == "x-accel-redirect": # return full path filename = filename[len(os.path.dirname(document_root)):] filename = '/%s' % filename.strip('/') resp.headers[accel_header.title()] = filename elif accel_header.lower() == "x-sendfile": # return full path resp.headers[accel_header.title()] = filename else: raise RuntimeError( "Can't find a way to use your %s header" % accel_header) resp.app_iter = [b''] else: resp.app_iter = FileIterable(filename) return resp
def get_file_response(filename, document_root=None, accel_header=None): """helper the get a file response""" if not os.path.isfile(filename): return HTTPNotFound() resp = Response(content_type=get_mimetype(filename), conditional_response=True) resp.content_length = os.path.getsize(filename) resp.last_modified = os.path.getmtime(filename) resp.etag = '%s-%s-%s' % (os.path.getmtime(filename), os.path.getsize(filename), hash(filename)) if accel_header: if accel_header.lower() == "x-accel-redirect": # return full path filename = filename[len(os.path.dirname(document_root)):] filename = '/%s' % filename.strip('/') resp.headers[accel_header.title()] = filename elif accel_header.lower() == "x-sendfile": # return full path resp.headers[accel_header.title()] = filename else: raise RuntimeError("Can't find a way to use your %s header" % accel_header) resp.app_iter = [b''] else: resp.app_iter = FileIterable(filename) return resp
def __call__(self): data, record_data = self._really_do_it() data = json.dumps(data) file = tempfile.TemporaryFile() zip = zipfile.ZipFile(file, 'w', zipfile.ZIP_DEFLATED) zip.writestr('export.json', data) if record_data: try: zip.write(record_data, 'record_data.xml') finally: try: os.unlink(record_data) except: pass zip.close() length = file.tell() file.seek(0) res = Response(content_type='application/zip', charset=None) res.app_iter = FileIterator(file) res.content_length = length res.headers['Content-Disposition'] = 'attachment;filename=Export.zip' return res
def __call__(self): data, record_data = self._really_do_it() data = json.dumps(data) file = tempfile.TemporaryFile() zip = zipfile.ZipFile(file, "w", zipfile.ZIP_DEFLATED) zip.writestr("export.json", data) if record_data: try: zip.write(record_data, "record_data.xml") finally: try: os.unlink(record_data) except: pass zip.close() length = file.tell() file.seek(0) res = Response(content_type="application/zip", charset=None) res.app_iter = FileIterator(file) res.content_length = length res.headers["Content-Disposition"] = "attachment;filename=Export.zip" return res
def __call__(self): response = Response() response.content_disposition = 'attachment; filename="{}"'.format(self.context.filename) response.charset = 'utf-8' response.content_type = self.context.content_type response.body_file = self.context.content.open() response.content_length = self.context.size return response
def toolbar_handler(request): root_path = request.route_path("debugtoolbar.root") request.exc_history = exc_history remote_addr = request.remote_addr if request.path.startswith(root_path) or (not remote_addr in hosts): return handler(request) toolbar = DebugToolbar(request, panel_classes) request.debug_toolbar = toolbar _handler = handler for panel in toolbar.panels: _handler = panel.wrap_handler(_handler) try: response = _handler(request) except Exception: info = sys.exc_info() if exc_history is not None: tb = get_traceback(info=info, skip=1, show_hidden_frames=False, ignore_system_exceptions=True) for frame in tb.frames: exc_history.frames[frame.id] = frame exc_history.tracebacks[tb.id] = tb body = tb.render_full(request, evalex=True).encode("utf-8", "replace") response = Response(body, status=500) toolbar.process_response(response) return response raise else: if intercept_redirects: # Intercept http redirect codes and display an html page with a # link to the target. if response.status_int in redirect_codes: redirect_to = response.location redirect_code = response.status_int if redirect_to: content = render( "pyramid_debugtoolbar:templates/redirect.jinja2", {"redirect_to": redirect_to, "redirect_code": redirect_code}, ) content = content.encode(response.charset) response.content_length = len(content) response.location = None response.app_iter = [content] response.status_int = 200 toolbar.process_response(response) return response finally: # break circref del request.debug_toolbar
def download_file(request): url = request.application_url currentDir = os.path.dirname(os.path.realpath(__file__)) downloadFolder = currentDir + '/../downloads/' file = downloadFolder + request.GET.get('FileName') size = os.path.getsize(file) response = Response(content_type='application/force-download', content_disposition='attachment; filename=' + request.GET.get('FileName')) response.app_iter = open(file, 'rb') response.content_length = size return response
def captcha(request): form_id = request.matchdict.get('form_id', u'') # 2 routes: with and without form_id image, ctype = Captcha(request.client_addr, form_id).render() response = Response(body=image, content_type=ctype) response.content_length = len(image) response.cache_control = 'no-cache, no-store' return response
def serve_gridfs_file(file): response = Response() response.content_type = file.content_type response.last_modified = file.upload_date response.etag = file.md5 for chunk in file: response.body_file.write(chunk) file.close() response.content_length = file.length return response
def _build_csv_response(buffer, filename): body = buffer.getvalue() body = body.encode("utf-8") response = Response( content_type="text/csv", content_disposition="attachment; " "filename={}.csv".format(filename), ) response.app_iter = [body] buffer.seek(0, os.SEEK_END) response.content_length = len(body) return response
def _make_response(file_path): res = Response(content_type=_get_mimetype(file_path), conditional_response=True) res.app_iter = FileIterable(file_path) res.content_length = os.path.getsize(file_path) res.last_modified = os.path.getmtime(file_path) res.etag = '{0}-{1}-{2}'.format(os.path.getmtime(file_path), os.path.getsize(file_path), hash(file_path)) filename = os.path.basename(file_path) res.content_disposition = 'attachment; filename={0}'.format(filename) return res
def jsonrpc_error_response(error, id=None): """ Marshal a Python Exception into a webob ``Response`` object with a body that is a JSON string suitable for use as a JSON-RPC response with a content-type of ``application/json`` and return the response.""" body = json.dumps({"jsonrpc": "2.0", "id": id, "error": error.as_dict()}) response = Response(body) response.content_type = "application/json" response.content_length = len(body) return response
def download(self, value, filename, request): from mimetypes import guess_type content_type, encoding = guess_type(filename) file_path = value.file_path(filename) res = Response(content_type=content_type, conditional_response=True) res.app_iter = open(file_path,'rb') res.content_length = os.path.getsize(file_path) res.last_modified = os.path.getmtime(file_path) res.etag = '%s-%s-%s' % (os.path.getmtime(file_path), os.path.getsize(file_path), hash(file_path)) return res
def download_zip(request): check_login(request) res = Response(content_type='application/zip') res.headers.add('Content-Disposition', 'attachment;filename=saved-module.zip') save_dir = os.path.join(request.registry.settings['transform_dir'], request.session['upload_dir']) zipfile = open(os.path.join(save_dir, 'upload.zip'), 'rb') stat = os.fstat(zipfile.fileno()) res.app_iter = iter(lambda: zipfile.read(4096), '') res.content_length = stat.st_size res.last_modified = datetime.datetime.utcfromtimestamp( stat.st_mtime).strftime('%a, %d %b %Y %H:%M:%S GMT') return res
def jsonrpc_error_response(error, id=None): """ Marshal a Python Exception into a webob ``Response`` object with a body that is a JSON string suitable for use as a JSON-RPC response with a content-type of ``application/json`` and return the response.""" body = json.dumps({ 'jsonrpc': '2.0', 'id': id, 'error': error.as_dict(), }) response = Response(body) response.content_type = 'application/json' response.content_length = len(body) return response
def __call__(self): check_update = True if self.request.GET.get( 'check_update', 'true') == 'true' else False package = self.context.__parent__.__parent__ last_remote_version = Package.get_last_remote_version( self.proxy, package.name) if check_update: if not package.repository_is_up_to_date(last_remote_version): return not_found(self.request) response = Response() response.content_disposition = 'attachment; filename="{}"'.format( self.context.filename) response.charset = 'utf-8' response.content_type = self.context.content_type response.body_file = self.context.content.open() response.content_length = self.context.size return response
def serve(self, request): """ Serve the GridFS file referred to by this object. Returns a :class:`pyramid.response.Response` if a matching file was found in the GridFS. Otherwise returns :class:`pyramid.httpexceptions.HTTPNotFound`. """ file = self.get_gridfs_file(request) if file is None: return HTTPNotFound("No file found for %s." % repr(self._id)) response = Response() response.content_type = str(file.content_type) response.last_modified = file.upload_date response.etag = file.md5 for chunk in file: response.body_file.write(chunk) file.close() response.content_length = file.length return response
def __call__(self, context=None, request=None, **kw): if self.path is None: inst = self.__get__() return inst(context=context, request=request, **kw) result = self.render(context=context, request=request, **kw) if isinstance(result, basestring): response = Response(body=result) else: response = Response(app_iter=result) response.content_length = os.path.getsize(self.path) content_type = self.content_type if content_type is None: content_type = type(self).content_type response.content_type = content_type response.charset = self.encoding return response
def exception_view(exc, request): if isinstance(exc, xmlrpclib.Fault): fault = exc elif isinstance(exc, HTTPNotFound): fault = XmlRpcMethodNotFound() log.debug('xml-rpc method not found "%s"', request.rpc_method) elif isinstance(exc, ViewMapperArgsInvalid): fault = XmlRpcInvalidMethodParams() log.debug('xml-rpc method not found "%s"', request.rpc_method) else: fault = XmlRpcApplicationError() log.exception('xml-rpc exception "%s"', exc) xml = xmlrpclib.dumps(fault) response = Response(xml) response.content_type = "text/xml" response.content_length = len(xml) return response
def jsonrpc_error_response(error, id=None): """ Marshal a Python Exception into a webob ``Response`` object with a body that is a JSON string suitable for use as a JSON-RPC response with a content-type of ``application/json`` and return the response.""" if not isinstance(error, JsonRpcError): error = JsonRpcInternalError() body = json.dumps({ 'jsonrpc' : JSONRPC_VERSION, 'id' : id, 'error' : error.as_dict(), }) response = Response(body) response.content_type = 'application/json' response.content_length = len(body) return response
def downloadFile(request): # get key: filename {id} filename = request.matchdict['id'] db_key = db.get(filename) db_data = db_key.data # validate key exists in the db: if not db_key.exists: obj = ['result', {'msg': 'resource id: ' + filename + ' was not found'}] res = Response(status=404, json=obj) else: # get file location for download db_fdata = db_data[0] file_path = db_fdata['file_location']['local_path'] # call download routines res = Response(content_type=get_mimetype(file_path)) res.app_iter = FileIterable(file_path) res.content_length = os.path.getsize(file_path) res.status=200 return res
def cog(resource, request): request.resource_permission(PERM_READ) fn = env.raster_layer.workdir_filename(resource.fileobj) filesize = os.path.getsize(fn) if request.method == "HEAD": return Response( accept_ranges="bytes", content_length=filesize, content_type="image/geo+tiff" ) if request.method == "GET": if not resource.cog: raise ValidationError(_("Requested raster is not COG.")) range = request.range if range is None: raise ValidationError(_("Range header is missed or invalid.")) content_range = range.content_range(filesize) if content_range is None: raise ValidationError(_("Range %s can not be read." % range)) content_length = content_range.stop - content_range.start response = Response( status_code=206, content_range=content_range, content_type="image/geo+tiff" ) response.app_iter = RangeFileWrapper( open(fn, "rb"), offset=content_range.start, length=content_length ) response.content_length = content_length return response
def build_file_response(self, file_data, filename): # Do you really need to do this intermediate temporary file # write? How do you stream data into a response? response = Response() with NamedTemporaryFile(delete=True) as temp_file: temp_file.write(file_data) response = FileResponse(os.path.abspath(temp_file.name)) response.content_length = len(file_data) # This is unwise - you're looking at the slugged name for # content type designation. a png file with pdf in the # filename anywhere will report as pdf. Is there an # automatic way to do this based on writing the file to disk # then doing the inspection? if "png" in filename or "jpg" in filename or\ "jpeg" in filename: response.content_type = "image" elif "pdf" in filename: response.content_type = "application/pdf" return response
def db_backup(request): table = request.matchdict['table'] if table == 'categories': data = dump_table(DBSession.query(Category).all()) elif table == 'settings': data = dump_table(DBSession.query(Setting).all()) elif table == 'players': data = dump_table(DBSession.query(Player).all()) elif table == 'matches': data = dump_table(DBSession.query(Match).all()) elif table == 'teams': data = dump_table(DBSession.query(Team).all()) elif table == 'tips': data = dump_table(DBSession.query(Tip).all()) elif table == 'final': data = dump_table(DBSession.query(Final).all()) else: raise HTTPNotFound('unknown table: %(table)s' % request.matchdict) response = Response(headers={ 'mime-type': 'application/octet-stream' }, body=data) response.content_length = len(data) response.content_disposition = 'attachment;filename="%(table)s.dat"' % request.matchdict return response
def __call__(self, context=None, request=None, **kw): if request is None: request = get_current_request() if self.path is None: registry = request.registry inst = registry.queryAdapter(request, ISkinObject, name=self.name) if inst is None: inst = registry.getUtility(ISkinObject, name=self.name) return inst(context=context, request=request, **kw) result = self.render(context=context, request=request, **kw) if isinstance(result, string_types): response = Response(body=result) else: response = Response(app_iter=result) response.content_length = os.path.getsize(self.path) content_type = self.content_type if content_type is None: content_type = type(self).content_type response.content_type = content_type response.charset = self.encoding return response
def jsonrpc_response(data, id=None): """ Marshal a Python data structure into a webob ``Response`` object with a body that is a JSON string suitable for use as a JSON-RPC response with a content-type of ``application/json`` and return the response.""" if id is None: return Response(content_type="application/json") out = { 'jsonrpc' : JSONRPC_VERSION, 'id' : id, 'result' : data, } try: body = json.dumps(out) except Exception: return jsonrpc_error_response(JsonRpcInternalError(), id) response = Response(body) response.content_type = 'application/json' response.content_length = len(body) return response
def xmlrpc_endpoint(request): """A base view to be used with add_route to setup an XML-RPC dispatch endpoint Use this view with ``add_route`` to setup an XML-RPC endpoint, for example:: config.add_route('RPC2', '/apis/RPC2', view=xmlrpc_endpoint) XML-RPC methods should then be registered with ``add_view`` using the route_name of the endpoint, the name as the xmlrpc method name. Or for brevity, the :class:`~pyramid_rpc.xmlrpc.xmlrpc_view` decorator can be used. For example, to register an xmlrpc method 'list_users':: @xmlrpc_view() def list_users(request): args = request.rpc_args return {'users': [...]} Existing views that return a dict can be used with xmlrpc_view. """ params, method = parse_xmlrpc_request(request) request.rpc_args = request.xmlrpc_args = params # b/w compat xmlrpc_args view_callable = view_lookup(request, method=method) if not view_callable: return NotFound("No method of that name was found.") else: data = view_callable(request.context, request) xml = xmlrpc_marshal(data) response = Response(xml) response.content_type = 'text/xml' response.content_length = len(xml) return response
def __call__(self): request = self.request user = request.user if not user.vol.SuperUser: self._security_failure() sql = 'SELECT * FROM VOL_SHARE_VIEW_EN vo WHERE ' + request.viewdata.WhereClauseVOL.replace('NON_PUBLIC', 'XNP').replace('DELETION_DATE', 'XDEL').replace('UPDATE_DATE', 'XUPD').replace('vod.', 'vo.').replace('vo.MemberID=1', '1=1') log.debug('SQL: %s', sql) log.debug('sql: %s', sql) data = [u'<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n<ROOT xmlns="urn:ciocshare-schema-vol">'.encode('utf8')] with request.connmgr.get_connection('admin') as conn: cursor = conn.execute(sql) data.extend(u''.join([u'<RECORD VNUM="', unicode(x.VNUM), u'" RECORD_OWNER="', unicode(x.RECORD_OWNER), u'" HAS_ENGLISH="', unicode(x.HAS_ENGLISH), u'" HAS_FRENCH="', unicode(x.HAS_FRENCH), u'">'] + map(unicode, x[7:]) + [u'</RECORD>']).encode('utf8') for x in cursor.fetchall()) cursor.close() data.append(u'</ROOT>'.encode('utf8')) data = u'\r\n'.encode('utf8').join(data) file = tempfile.TemporaryFile() zip = zipfile.ZipFile(file, 'w', zipfile.ZIP_DEFLATED) zip.writestr('export.xml', data) zip.close() length = file.tell() file.seek(0) res = Response(content_type='application/zip', charset=None) res.app_iter = FileIterator(file) res.content_length = length res.headers['Content-Disposition'] = 'attachment;filename=Export.zip' return res
def __call__(self): request = self.request user = request.user if not user: return make_401_error("Access Denied", "Export") if "clbcexport" not in user.cic.ExternalAPIs: return make_401_error("Insufficient Permissions", "Export") with request.connmgr.get_connection("admin") as conn: cursor = conn.execute( "SELECT CAST(Vendor AS nvarchar(max)) AS Vendor FROM CLBC_VENDOR_EXPORT" ) data = [x[0] for x in cursor.fetchall()] cursor.close() data.insert(0, '<?xml version="1.0" encoding="UTF-8"?>\r\n<Vendors>') data.append("</Vendors>") data = "\r\n".join(data).encode("utf8") file = tempfile.TemporaryFile() zip = zipfile.ZipFile(file, "w", zipfile.ZIP_DEFLATED) zip.writestr("export.xml", data) zip.close() length = file.tell() file.seek(0) res = Response(content_type="application/zip", charset=None) res.app_iter = FileIterator(file) res.content_length = length res.headers["Content-Disposition"] = "attachment;filename=Export.zip" return res
def __call__(self): request = self.request user = request.user if not user: return make_401_error('Access Denied', 'Export') if 'clbcexport' not in user.cic.ExternalAPIs: return make_401_error('Insufficient Permissions', 'Export') with request.connmgr.get_connection('admin') as conn: cursor = conn.execute('SELECT CAST(Vendor AS nvarchar(max)) AS Vendor FROM CLBC_VENDOR_EXPORT') data = [x[0] for x in cursor.fetchall()] cursor.close() data.insert(0, u'<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n<Vendors>') data.append(u'</Vendors>') data = u'\r\n'.join(data).encode('utf8') file = tempfile.TemporaryFile() zip = zipfile.ZipFile(file, 'w', zipfile.ZIP_DEFLATED) zip.writestr('export.xml', data) zip.close() length = file.tell() file.seek(0) res = Response(content_type='application/zip', charset=None) res.app_iter = FileIterator(file) res.content_length = length res.headers['Content-Disposition'] = 'attachment;filename=Export.zip' return res
def toolbar_tween(request): root_path = request.route_path(ROOT_ROUTE_NAME) exclude = [root_path] + exclude_prefixes request.exc_history = exc_history last_proxy_addr = None try: p = request.path except UnicodeDecodeError as e: raise URLDecodeError(e.encoding, e.object, e.start, e.end, e.reason) starts_with_excluded = list(filter(None, map(p.startswith, exclude))) if request.remote_addr: last_proxy_addr = last_proxy(request.remote_addr) if last_proxy_addr is None \ or starts_with_excluded \ or not addr_in(last_proxy_addr, hosts) \ or auth_check and not auth_check(request): return handler(request) toolbar = DebugToolbar(request, panel_classes) request.debug_toolbar = toolbar _handler = handler for panel in toolbar.panels: _handler = panel.wrap_handler(_handler) try: response = _handler(request) except Exception: if exc_history is not None: tb = get_traceback(info=sys.exc_info(), skip=1, show_hidden_frames=False, ignore_system_exceptions=True) for frame in tb.frames: exc_history.frames[frame.id] = frame exc_history.tracebacks[tb.id] = tb body = tb.render_full(request).encode('utf-8', 'replace') response = Response(body, status=500) toolbar.process_response(response) qs = {'token': exc_history.token, 'tb': str(tb.id)} msg = 'Exception at %s\ntraceback url: %s' exc_url = request.route_url(EXC_ROUTE_NAME, _query=qs) exc_msg = msg % (request.url, exc_url) _logger.exception(exc_msg) return response else: _logger.exception('Exception at %s' % request.url) raise else: if intercept_redirects: # Intercept http redirect codes and display an html page with a # link to the target. if response.status_int in redirect_codes: redirect_to = response.location redirect_code = response.status_int if redirect_to: content = render( 'pyramid_debugtoolbar:templates/redirect.dbtmako', { 'redirect_to': redirect_to, 'redirect_code': redirect_code }, request=request) content = content.encode(response.charset) response.content_length = len(content) response.location = None response.app_iter = [content] response.status_int = 200 if not show_on_exc_only: toolbar.process_response(response) return response finally: # break circref del request.debug_toolbar
def __call__(self): make_zip = False request = self.request user = request.user filename = request.context.filename download_dir = os.path.join(const._app_path, "download") fnamelower = filename.lower() need_super = False user_dom = None if fnamelower.endswith("cic.zip"): need_super = True user_dom = user.cic elif fnamelower.endswith("vol.zip"): need_super = True user_dom = user.vol if need_super: if not user_dom.SuperUser: self._security_failure() else: username = filename.rsplit("_", 1) if len(username) != 2 or username[0] != user.Login.replace( " ", "_"): self._security_failure() if "/" in filename or "\\" in filename or ".." in filename or ":" in filename: self._security_failure() root, ext = os.path.splitext(filename) root2, ext2 = os.path.splitext(root) if ext.lower() == ".zip" and ext2: make_zip = True filename = root fullpath = None if fnamelower.endswith("cic.zip") or fnamelower.endswith("vol.zip"): fullpath = os.path.join( download_dir, str(request.dboptions.MemberID).join( os.path.splitext(filename)), ) else: fullpath = os.path.join(download_dir, filename) relativepath = os.path.relpath(fullpath, download_dir) if (".." in relativepath or "/" in relativepath or "\\" in relativepath or ":" in relativepath): self._security_failure() if not os.path.exists(fullpath): raise NotFound(_("File not found", request)) if make_zip: file = tempfile.TemporaryFile() zip = zipfile.ZipFile(file, "w", zipfile.ZIP_DEFLATED) zip.write(fullpath, strip_accents(filename)) zip.close() length = file.tell() file.seek(0) res = Response(content_type="application/zip", charset=None) res.app_iter = FileIterator(file) res.content_length = length res.last_modified = os.path.getmtime(fullpath) else: res = Response(content_type=get_mimetype(ext), conditional_response=True) res.app_iter = FileIterable(fullpath) res.content_length = os.path.getsize(fullpath) res.last_modified = os.path.getmtime(fullpath) res.etag = "{}-{}-{}".format( os.path.getmtime(fullpath), os.path.getsize(fullpath), hash(fullpath), ) res.headers[ "Content-Disposition"] = "attachment;filename=" + strip_accents( request.context.filename) return res
def toolbar_tween(request): root_path = request.route_path(ROOT_ROUTE_NAME) request.exc_history = exc_history remote_addr = request.remote_addr if (request.path.startswith(root_path) or (not remote_addr in hosts)): return handler(request) toolbar = DebugToolbar(request, panel_classes) request.debug_toolbar = toolbar _handler = handler for panel in toolbar.panels: _handler = panel.wrap_handler(_handler) try: response = _handler(request) except Exception: if exc_history is not None: tb = get_traceback(info=sys.exc_info(), skip=1, show_hidden_frames=False, ignore_system_exceptions=True) for frame in tb.frames: exc_history.frames[frame.id] = frame exc_history.tracebacks[tb.id] = tb body = tb.render_full(request).encode('utf-8', 'replace') response = Response(body, status=500) toolbar.process_response(response) qs = {'token': exc_history.token, 'tb': str(tb.id)} msg = 'Exception at %s\ntraceback url: %s' exc_url = request.route_url(EXC_ROUTE_NAME, _query=qs) exc_msg = msg % (request.url, exc_url) logger.exception(exc_msg) return response else: logger.exception('Exception at %s' % request.url) raise else: if intercept_redirects: # Intercept http redirect codes and display an html page with a # link to the target. if response.status_int in redirect_codes: redirect_to = response.location redirect_code = response.status_int if redirect_to: content = render( 'pyramid_debugtoolbar:templates/redirect.mako', { 'redirect_to': redirect_to, 'redirect_code': redirect_code }, request=request) content = content.encode(response.charset) response.content_length = len(content) response.location = None response.app_iter = [content] response.status_int = 200 toolbar.process_response(response) return response finally: # break circref del request.debug_toolbar
def toolbar_tween(request): root_path = request.route_path(ROOT_ROUTE_NAME) exclude = [root_path] + exclude_prefixes request.exc_history = exc_history last_proxy_addr = None try: p = request.path except UnicodeDecodeError as e: raise URLDecodeError(e.encoding, e.object, e.start, e.end, e.reason) starts_with_excluded = list(filter(None, map(p.startswith, exclude))) if request.remote_addr: last_proxy_addr = last_proxy(request.remote_addr) if last_proxy_addr is None \ or starts_with_excluded \ or not addr_in(last_proxy_addr, hosts) \ or auth_check and not auth_check(request): return handler(request) toolbar = DebugToolbar(request, panel_classes) request.debug_toolbar = toolbar _handler = handler for panel in toolbar.panels: _handler = panel.wrap_handler(_handler) try: response = _handler(request) except Exception: if exc_history is not None: tb = get_traceback(info=sys.exc_info(), skip=1, show_hidden_frames=False, ignore_system_exceptions=True) for frame in tb.frames: exc_history.frames[frame.id] = frame exc_history.tracebacks[tb.id] = tb body = tb.render_full(request).encode('utf-8', 'replace') response = Response(body, status=500) toolbar.process_response(response) qs = {'token': exc_history.token, 'tb': str(tb.id)} msg = 'Exception at %s\ntraceback url: %s' exc_url = request.route_url(EXC_ROUTE_NAME, _query=qs) exc_msg = msg % (request.url, exc_url) logger.exception(exc_msg) return response else: logger.exception('Exception at %s' % request.url) raise else: if intercept_redirects: # Intercept http redirect codes and display an html page with a # link to the target. if response.status_int in redirect_codes: redirect_to = response.location redirect_code = response.status_int if redirect_to: content = render( 'pyramid_debugtoolbar:templates/redirect.dbtmako', {'redirect_to': redirect_to, 'redirect_code': redirect_code}, request=request) content = content.encode(response.charset) response.content_length = len(content) response.location = None response.app_iter = [content] response.status_int = 200 if not show_on_exc_only: toolbar.process_response(response) return response finally: # break circref del request.debug_toolbar
def __call__(self): request = self.request user = request.user if not user: return make_401_error(u'Access Denied') if 'o211export' not in user.cic.ExternalAPIs: return make_401_error(u'Insufficient Permissions') model_state = modelstate.ModelState(request) model_state.schema = O211ExportOptionsSchema() model_state.form.method = None if not model_state.validate(): if model_state.is_error('date'): msg = u"Invalid date" elif model_state.is_error('feed'): msg = u"Invalid feed." else: msg = u"An unknown error occurred." return make_internal_server_error(msg) feed = model_state.value('feed') date = model_state.value('date') args = [] if not feed: sql = ['SELECT CAST(record AS nvarchar(max)) AS record FROM O211SC_RECORD_EXPORT btd'] if request.viewdata.cic.PB_ID: args.append(request.viewdata.cic.PB_ID) sql.append(" INNER JOIN CIC_BT_PB pb ON btd.NUM=pb.NUM AND pb.PB_ID=?") if date: args.append(date) sql.append(''' WHERE EXISTS (SELECT * FROM GBL_BaseTable_History h INNER JOIN GBL_FieldOption fo ON h.FieldID=fo.FieldID WHERE h.NUM=btd.NUM AND h.LangID=btd.LangID AND h.MODIFIED_DATE >= ? AND fo.FieldName IN ('ORG_LEVEL_1','ORG_LEVEL_2','ORG_LEVEL_3','ORG_LEVEL_4','ORG_LEVEL_5', 'ACCESSIBILITY','AFTER_HRS_PHONE','ALT_ORG','APPLICATION','AREAS_SERVED', 'CONTACT_1','CONTACT_2','EXEC_1','EXEC_2','VOLCONTACT', 'CRISIS_PHONE','ELIGIBILITY','E_MAIL','FAX','FORMER_ORG','HOURS','INTERSECTION', 'LANGUAGES','LOCATED_IN_CM','MAIL_ADDRESS','PUBLIC_COMMENTS', 'OFFICE_PHONE','SERVICE_LEVEL','RECORD_OWNER','DESCRIPTION','SITE_ADDRESS','SUBJECTS', 'TDD_PHONE','TOLL_FREE_PHONE','WWW_ADDRESS', 'UPDATE_DATE', 'NUM', 'SUBMIT_CHANGES_TO', 'SOURCE_DB') )''') sql = ' '.join(sql) elif feed == 'recordids': sql = ['SELECT CAST((SELECT id=btd.NUM, language=btd.Culture FROM O211SC_RECORD_EXPORT btd'] if request.viewdata.cic.PB_ID: args.append(request.viewdata.cic.PB_ID) sql.append(" INNER JOIN CIC_BT_PB pb ON btd.NUM=pb.NUM AND pb.PB_ID=?") sql.append("FOR XML PATH('record'), TYPE) AS nvarchar(max)) AS data ") sql = ' '.join(sql) elif feed == 'taxonomy': sql = "SELECT CAST(record AS nvarchar(max)) AS record from O211SC_TAXONOMY_EXPORT" elif feed == 'community': sql = "SELECT CAST(record AS nvarchar(max)) AS record from O211SC_COMMUNITY_EXPORT" else: #XXX we should never get here return make_internal_server_error(u'Invalid feed.') log.debug('sql: %s', sql) with request.connmgr.get_connection('admin') as conn: cursor = conn.execute(sql, *args) data = [x[0] for x in cursor.fetchall()] cursor.close() data.insert(0, u'<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n<records>') data.append(u'</records>') data = u'\r\n'.join(data).encode('utf8') file = tempfile.TemporaryFile() zip = zipfile.ZipFile(file, 'w', zipfile.ZIP_DEFLATED) zip.writestr('export.xml', data) zip.close() length = file.tell() file.seek(0) res = Response(content_type='application/zip', charset=None) res.app_iter = FileIterator(file) res.content_length = length res.headers['Content-Disposition'] = 'attachment;filename=Export.zip' return res
def __call__(self): request = self.request user = request.user if not user: return make_401_error("Access Denied") if "o211export" not in user.cic.ExternalAPIs: return make_401_error("Insufficient Permissions") model_state = modelstate.ModelState(request) model_state.schema = O211ExportOptionsSchema() model_state.form.method = None if not model_state.validate(): if model_state.is_error("date"): msg = "Invalid date" elif model_state.is_error("feed"): msg = "Invalid feed." else: msg = "An unknown error occurred." return make_internal_server_error(msg) feed = model_state.value("feed") date = model_state.value("date") args = [] if not feed: sql = [ "SELECT CAST(record AS nvarchar(max)) AS record FROM O211SC_RECORD_EXPORT btd" ] if request.viewdata.cic.PB_ID: args.append(request.viewdata.cic.PB_ID) sql.append( " INNER JOIN CIC_BT_PB pb ON btd.NUM=pb.NUM AND pb.PB_ID=?" ) if date: args.append(date) sql.append(""" WHERE EXISTS (SELECT * FROM GBL_BaseTable_History h INNER JOIN GBL_FieldOption fo ON h.FieldID=fo.FieldID WHERE h.NUM=btd.NUM AND h.LangID=btd.LangID AND h.MODIFIED_DATE >= ? AND fo.FieldName IN ('ORG_LEVEL_1','ORG_LEVEL_2','ORG_LEVEL_3','ORG_LEVEL_4','ORG_LEVEL_5', 'ACCESSIBILITY','AFTER_HRS_PHONE','ALT_ORG','APPLICATION','AREAS_SERVED', 'CONTACT_1','CONTACT_2','EXEC_1','EXEC_2','VOLCONTACT', 'CRISIS_PHONE','ELIGIBILITY','E_MAIL','FAX','FORMER_ORG','HOURS','INTERSECTION', 'LANGUAGES','LOCATED_IN_CM','MAIL_ADDRESS','PUBLIC_COMMENTS', 'OFFICE_PHONE','SERVICE_LEVEL','RECORD_OWNER','DESCRIPTION','SITE_ADDRESS','SUBJECTS', 'TDD_PHONE','TOLL_FREE_PHONE','WWW_ADDRESS', 'UPDATE_DATE', 'NUM', 'SUBMIT_CHANGES_TO', 'SOURCE_DB') )""") sql = " ".join(sql) elif feed == "recordids": sql = [ "SELECT CAST((SELECT id=btd.NUM, language=btd.Culture FROM O211SC_RECORD_EXPORT btd" ] if request.viewdata.cic.PB_ID: args.append(request.viewdata.cic.PB_ID) sql.append( " INNER JOIN CIC_BT_PB pb ON btd.NUM=pb.NUM AND pb.PB_ID=?" ) sql.append( "FOR XML PATH('record'), TYPE) AS nvarchar(max)) AS data ") sql = " ".join(sql) elif feed == "taxonomy": sql = "SELECT CAST(record AS nvarchar(max)) AS record from O211SC_TAXONOMY_EXPORT" elif feed == "community": sql = "SELECT CAST(record AS nvarchar(max)) AS record from O211SC_COMMUNITY_EXPORT" else: # XXX we should never get here return make_internal_server_error("Invalid feed.") log.debug("sql: %s", sql) with request.connmgr.get_connection("admin") as conn: cursor = conn.execute(sql, *args) data = [x[0] for x in cursor.fetchall()] cursor.close() data.insert(0, '<?xml version="1.0" encoding="UTF-8"?>\r\n<records>') data.append("</records>") data = "\r\n".join(data).encode("utf8") file = tempfile.TemporaryFile() zip = zipfile.ZipFile(file, "w", zipfile.ZIP_DEFLATED) zip.writestr("export.xml", data) zip.close() length = file.tell() file.seek(0) res = Response(content_type="application/zip", charset=None) res.app_iter = FileIterator(file) res.content_length = length res.headers["Content-Disposition"] = "attachment;filename=Export.zip" return res
def __call__(self): request = self.request user = request.user if not user.vol.SuperUser: self._security_failure() sql = ( "SELECT * FROM VOL_SHARE_VIEW_EN vo WHERE " + request.viewdata.WhereClauseVOL.replace("NON_PUBLIC", "XNP") .replace("DELETION_DATE", "XDEL") .replace("UPDATE_DATE", "XUPD") .replace("vod.", "vo.") .replace("vo.MemberID=1", "1=1") ) log.debug("SQL: %s", sql) log.debug("sql: %s", sql) data = [ b'<?xml version="1.0" encoding="UTF-8"?>\r\n<ROOT xmlns="urn:ciocshare-schema-vol">' ] with request.connmgr.get_connection("admin") as conn: cursor = conn.execute(sql) data.extend( "".join( [ '<RECORD VNUM="', str(x.VNUM), '" RECORD_OWNER="', str(x.RECORD_OWNER), '" HAS_ENGLISH="', str(x.HAS_ENGLISH), '" HAS_FRENCH="', str(x.HAS_FRENCH), '">', ] + list(map(str, x[7:])) + ["</RECORD>"] ).encode("utf8") for x in cursor.fetchall() ) cursor.close() data.append(b"</ROOT>") data = b"\r\n".join(data) file = tempfile.TemporaryFile() zip = zipfile.ZipFile(file, "w", zipfile.ZIP_DEFLATED) zip.writestr("export.xml", data) zip.close() length = file.tell() file.seek(0) res = Response(content_type="application/zip", charset=None) res.app_iter = FileIterator(file) res.content_length = length res.headers["Content-Disposition"] = "attachment;filename=Export.zip" return res
def toolbar_tween(request): root_path = request.route_path(ROOT_ROUTE_NAME) request.exc_history = exc_history remote_addr = request.remote_addr if remote_addr is None or request.path.startswith(root_path): return handler(request) else: for host in hosts: if ipaddr.IPAddress(remote_addr) in ipaddr.IPNetwork(host): break else: return handler(request) toolbar = DebugToolbar(request, panel_classes) request.debug_toolbar = toolbar _handler = handler for panel in toolbar.panels: _handler = panel.wrap_handler(_handler) try: response = _handler(request) except Exception: if exc_history is not None: tb = get_traceback(info=sys.exc_info(), skip=1, show_hidden_frames=False, ignore_system_exceptions=True) for frame in tb.frames: exc_history.frames[frame.id] = frame exc_history.tracebacks[tb.id] = tb body = tb.render_full(request).encode('utf-8', 'replace') response = Response(body, status=500) toolbar.process_response(response) qs = {'token':exc_history.token, 'tb':str(tb.id)} msg = 'Exception at %s\ntraceback url: %s' exc_url = request.route_url(EXC_ROUTE_NAME, _query=qs) exc_msg = msg % (request.url, exc_url) logger.exception(exc_msg) return response else: logger.exception('Exception at %s' % request.url) raise else: if intercept_redirects: # Intercept http redirect codes and display an html page with a # link to the target. if response.status_int in redirect_codes: redirect_to = response.location redirect_code = response.status_int if redirect_to: content = render( 'pyramid_debugtoolbar:templates/redirect.dbtmako', {'redirect_to': redirect_to, 'redirect_code': redirect_code}, request=request) content = content.encode(response.charset) response.content_length = len(content) response.location = None response.app_iter = [content] response.status_int = 200 toolbar.process_response(response) return response finally: # break circref del request.debug_toolbar
def __call__(self): make_zip = False request = self.request user = request.user filename = request.context.filename download_dir = os.path.join(const._app_path, 'download') fnamelower = filename.lower() need_super = False user_dom = None if fnamelower.endswith('cic.zip'): need_super = True user_dom = user.cic elif fnamelower.endswith('vol.zip'): need_super = True user_dom = user.vol if need_super: if not user_dom.SuperUser: self._security_failure() else: username = filename.rsplit('_', 1) if len(username) != 2 or username[0] != user.Login.replace(' ', '_'): self._security_failure() if '/' in filename or '\\' in filename or '..' in filename or \ ':' in filename: self._security_failure() root, ext = os.path.splitext(filename) root2, ext2 = os.path.splitext(root) if ext.lower() == '.zip' and ext2: make_zip = True filename = root fullpath = None if fnamelower.endswith('cic.zip') or fnamelower.endswith('vol.zip'): fullpath = os.path.join(download_dir, str(request.dboptions.MemberID).join(os.path.splitext(filename))) else: fullpath = os.path.join(download_dir, filename) relativepath = os.path.relpath(fullpath, download_dir) if '..' in relativepath or '/' in relativepath or '\\' in relativepath or \ ':' in relativepath: self._security_failure() if not os.path.exists(fullpath): raise NotFound(_('File not found', request)) if make_zip: file = tempfile.TemporaryFile() zip = zipfile.ZipFile(file, 'w', zipfile.ZIP_DEFLATED) zip.write(fullpath, strip_accents(filename)) zip.close() length = file.tell() file.seek(0) res = Response(content_type='application/zip', charset=None) res.app_iter = FileIterator(file) res.content_length = length res.last_modified = os.path.getmtime(fullpath) else: res = Response(content_type=get_mimetype(ext), conditional_response=True) res.app_iter = FileIterable(fullpath) res.content_length = os.path.getsize(fullpath) res.last_modified = os.path.getmtime(fullpath) res.etag = '%s-%s-%s' % (os.path.getmtime(fullpath), os.path.getsize(fullpath), hash(fullpath)) res.headers['Content-Disposition'] = 'attachment;filename=' + strip_accents(request.context.filename).encode('utf8') return res