forked from Screenly/Anthias
/
server.py
576 lines (433 loc) · 16.2 KB
/
server.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
#!/usr/bin/env python
# -*- coding: utf8 -*-
__author__ = "Viktor Petersson"
__copyright__ = "Copyright 2012, WireLoad Inc"
__license__ = "Dual License: GPLv2 and Commercial License"
__version__ = "0.1.2"
__email__ = "vpetersson@wireload.net"
from datetime import datetime, timedelta
from functools import wraps
from hurry.filesize import size
from os import path, makedirs, getloadavg, statvfs, mkdir, getenv
from re import split as re_split
from requests import get as req_get, head as req_head
from sh import git
from subprocess import check_output
from uptime import uptime
from urlparse import urlparse
import json
import os
import traceback
import uuid
import bottlesession # [bknittel] added/authentication
# Initiate logging
#import logging
#logging.basicConfig(level=logging.DEBUG,
# filename='/tmp/screenly_server.log',
# format='%(asctime)s %(message)s',
# datefmt='%a, %d %b %Y %H:%M:%S')
#
#logging.debug('Starting server.py')
#from StringIO import StringIO
#from PIL import Image
from bottle import route, run, request, error, static_file, response, redirect
from bottle import HTTPResponse
from bottlehaml import haml_template
from db import connection
from utils import json_dump
from utils import get_node_ip
from utils import tok_replace # [bknittel] added/token replacement
from settings import settings, DEFAULTS
get_current_time = datetime.utcnow
required_username = settings['username']
required_password = settings['password']
#logging.debug ('Setting credentials ' + required_username + ':' + required_password)
# Initialize session manager
if not required_username:
session_manager = bottlesession.PreconfiguredSession({'valid':True, 'name': '', 'new': False})
#logging.info('Not using authentication in web interface')
else:
session_manager = bottlesession.MemorySession()
#logging.info('Using authentication in web interface')
valid_user = bottlesession.authenticator(session_manager)
################################
# Utilities
################################
def validate_uri(uri):
"""Simple URL verification.
>>> validate_uri("hello")
False
>>> validate_uri("ftp://example.com")
False
>>> validate_uri("http://")
False
>>> validate_uri("http://wireload.net/logo.png")
True
>>> validate_uri("https://wireload.net/logo.png")
True
"""
uri_check = urlparse(uri)
return bool(uri_check.scheme in ('http', 'https') and uri_check.netloc)
def make_json_response(obj):
response.content_type = "application/json"
return json_dump(obj)
def api_error(error):
response.content_type = "application/json"
response.status = 500
return json_dump({'error': error})
def is_up_to_date():
"""
Determine if there is any update available.
Used in conjunction with check_update() in viewer.py.
"""
sha_file = path.join(getenv('HOME'), '.screenly', 'latest_screenly_sha')
# Until this has been created by viewer.py, let's just assume we're up to date.
if not os.path.exists(sha_file):
return True
try:
with open(sha_file, 'r') as f:
latest_sha = f.read().strip()
except:
latest_sha = None
if latest_sha:
try:
check_sha = git('branch', '--contains', latest_sha)
return 'master' in check_sha
except:
return False
# If we weren't able to verify with remote side,
# we'll set up_to_date to true in order to hide
# the 'update available' message
else:
return True
def template(template_name, **context):
"""Screenly template response generator. Shares the
same function signature as Bottle's template() method
but also injects some global context."""
# Add global contexts
context['up_to_date'] = is_up_to_date()
context['required_username'] = required_username
return haml_template(template_name, **context)
################################
# Model
################################
FIELDS = [
"asset_id", "name", "uri", "start_date",
"end_date", "duration", "mimetype"
]
def initiate_db():
# Create config dir if it doesn't exist
if not path.isdir(settings.get_configdir()):
makedirs(settings.get_configdir())
c = connection.cursor()
# Check if the asset-table exist. If it doesn't, create it.
c.execute("SELECT name FROM sqlite_master WHERE type='table' AND name='assets'")
asset_table = c.fetchone()
if not asset_table:
c.execute("CREATE TABLE assets (asset_id TEXT, name TEXT, uri TEXT, md5 TEXT, start_date TIMESTAMP, end_date TIMESTAMP, duration TEXT, mimetype TEXT)")
return "Initiated database."
@route('/auth/login', method='POST')
@route('/auth/login', method='GET')
def login():
session = session_manager.get_session()
session['valid'] = False
username = request.POST.get('username')
password = request.POST.get('password')
username = username.strip() if username else ""
password = password.strip() if password else ""
if username == "":
# whether get or post
#logging.debug('login() called, method=' + request.method + ', no username or password')
message = "Please specify username and password"
return template('login', message=message)
#logging.debug('login() called, method=POST, username=' + username + ', password=' + password)
#logging.debug('expected password=' + required_password)
if session['new']:
message = "Cookies must be enabled to be able to authenticate."
return template('login', message=message)
if password == required_password and username == required_username:
session['valid'] = True
session['name'] = username
#logging.debug('password is valid')
if not session['valid']:
message = "Username or password is invalid"
return template('login', message=message)
#logging.debug('Saving session')
session_manager.save(session)
#logging.debug('Getting redir path')
redirpath = request.get_cookie('validuserloginredirect')
if not redirpath:
redirpath = "/"
#logging.debug('Did not find validuserloginredirect cookie')
#logging.debug('Redirecting to ' + redirpath)
redirect(redirpath)
@route('/auth/logout')
@valid_user()
def logout():
# actually, instead of marking session as invalid, we should just delete it
# unfortunately, the session manager does not allow us to do that (yet?)
session = session_manager.get_session()
session['valid'] = False
session_manager.save(session)
redirect('/auth/login')
def is_active(asset, at_time=None):
"""Accepts an asset dictionary and determines if it
is active at the given time. If no time is specified, 'now' is used.
>>> asset = {'asset_id': u'4c8dbce552edb5812d3a866cfe5f159d', 'mimetype': u'web', 'name': u'WireLoad', 'end_date': datetime(2013, 1, 19, 23, 59), 'uri': u'http://www.wireload.net', 'duration': u'5', 'start_date': datetime(2013, 1, 16, 0, 0)};
>>> is_active(asset, datetime(2013, 1, 16, 12, 00))
True
>>> is_active(asset, datetime(2014, 1, 1))
False
"""
if not (asset['start_date'] and asset['end_date']):
return False
at_time = at_time or get_current_time()
return (asset['start_date'] < at_time and asset['end_date'] > at_time)
def fetch_assets(keys=FIELDS, order_by="name"):
"""Fetches all assets from the database and returns their
data as a list of dictionaries corresponding to each asset."""
c = connection.cursor()
c.execute("SELECT %s FROM assets ORDER BY %s" % (", ".join(keys), order_by))
assets = []
for asset in c.fetchall():
dictionary = {}
for i in range(len(keys)):
dictionary[keys[i]] = asset[i]
assets.append(dictionary)
return assets
def get_playlist():
"Returns all currently active assets."
return [asset for asset in fetch_assets() if is_active(asset)]
def fetch_asset(asset_id, keys=FIELDS):
c = connection.cursor()
c.execute("SELECT %s FROM assets WHERE asset_id=?" % ", ".join(keys), (asset_id,))
assets = []
for asset in c.fetchall():
dictionary = {}
for i in range(len(keys)):
dictionary[keys[i]] = asset[i]
assets.append(dictionary)
if len(assets):
asset = assets[0]
asset.update({'is_active': is_active(asset)})
return asset
def insert_asset(asset):
c = connection.cursor()
c.execute(
"INSERT INTO assets (%s) VALUES (%s)" % (", ".join(asset.keys()), ",".join(["?"] * len(asset.keys()))),
asset.values()
)
connection.commit()
asset.update({'is_active': is_active(asset)})
return asset
def update_asset(asset_id, asset):
del asset['asset_id']
c = connection.cursor()
query = "UPDATE assets SET %s=? WHERE asset_id=?" % "=?, ".join(asset.keys())
c.execute(query, asset.values() + [asset_id])
connection.commit()
asset.update({'asset_id': asset_id})
asset.update({'is_active': is_active(asset)})
return asset
def delete_asset(asset_id):
c = connection.cursor()
c.execute("DELETE FROM assets WHERE asset_id=?", (asset_id,))
connection.commit()
################################
# API
################################
def prepare_asset(request):
data = request.POST or request.FORM or {}
if 'model' in data:
data = json.loads(data['model'])
def get(key):
val = data.get(key, '')
return val.strip() if isinstance(val, basestring) else val
if all([
get('name'),
get('uri') or (request.files.file_upload != ""),
get('mimetype')]):
asset = {
'name': get('name').decode('UTF-8'),
'mimetype': get('mimetype'),
'asset_id': get('asset_id'),
}
uri = get('uri') or False
if not asset['asset_id']:
asset['asset_id'] = uuid.uuid4().hex
try:
file_upload = request.files.file_upload
filename = file_upload.filename
except AttributeError:
file_upload = None
filename = None
if filename and 'web' in asset['mimetype']:
raise Exception("Invalid combination. Can't upload a web resource.")
if uri and filename:
raise Exception("Invalid combination. Can't select both URI and a file.")
if uri and not uri.startswith('/'):
actual_uri = tok_replace(uri) # [bknittel] Use actual_uri in tests below
if not validate_uri(actual_uri):
raise Exception("Invalid URL. Failed to add asset.")
if "image" in asset['mimetype']:
file = req_get(actual_uri, allow_redirects=True)
else:
file = req_head(actual_uri, allow_redirects=True)
if file.status_code == 200:
asset['uri'] = uri
# strict_uri = file.url
else:
raise Exception("Could not retrieve file. Check the asset URL.")
else:
asset['uri'] = uri
if filename:
asset['uri'] = path.join(settings.get_asset_folder(), asset['asset_id'])
with open(asset['uri'], 'w') as f:
while True:
chunk = file_upload.file.read(1024)
if not chunk:
break
f.write(chunk)
if "video" in asset['mimetype']:
asset['duration'] = "N/A"
else:
# crashes if it's not an int. we want that.
asset['duration'] = int(get('duration'))
if get('start_date'):
asset['start_date'] = datetime.strptime(get('start_date').split(".")[0], "%Y-%m-%dT%H:%M:%S")
else:
asset['start_date'] = ""
if get('end_date'):
asset['end_date'] = datetime.strptime(get('end_date').split(".")[0], "%Y-%m-%dT%H:%M:%S")
else:
asset['end_date'] = ""
if not asset['asset_id']:
raise Exception
if not asset['uri']:
raise Exception
return asset
else:
raise Exception("Not enough information provided. Please specify 'name', 'uri', and 'mimetype'.")
@route('/api/assets', method="GET")
def api_assets():
assets = fetch_assets()
for asset in assets:
asset['is_active'] = is_active(asset)
return make_json_response(assets)
# api view decorator. handles errors
def api(view):
@wraps(view)
def api_view(*args, **kwargs):
try:
return make_json_response(view(*args, **kwargs))
except HTTPResponse:
raise
except Exception as e:
traceback.print_exc()
return api_error(unicode(e))
return api_view
@route('/api/assets', method="POST")
@api
def add_asset():
return insert_asset(prepare_asset(request))
@route('/api/assets/:asset_id', method="GET")
@api
def edit_asset(asset_id):
return fetch_asset(asset_id)
@route('/api/assets/:asset_id', method=["PUT", "POST"])
@api
def edit_asset(asset_id):
return update_asset(asset_id, prepare_asset(request))
@route('/api/assets/:asset_id', method="DELETE")
@api
def remove_asset(asset_id):
asset = fetch_asset(asset_id)
try:
if asset['uri'].startswith(settings.get_asset_folder()):
os.remove(asset['uri'])
except OSError:
pass
delete_asset(asset_id)
response.status = 204 # return an OK with no content
################################
# Views
################################
@route('/')
@valid_user()
def viewIndex():
ctx = {'default_duration': settings['default_duration']}
return template('index',**ctx)
@route('/settings', method=["GET", "POST"])
@valid_user()
def settings_page():
context = {'flash': None}
if request.method == "POST":
for field, default in DEFAULTS['viewer'].items():
value = request.POST.get(field, default)
if isinstance(default, bool):
value = value == 'on'
elif isinstance(default, int):
value = int(value)
settings[field] = value
try:
settings.save()
context['flash'] = {'class': "success", 'message': "Settings were successfully saved."}
except IOError as e:
context['flash'] = {'class': "error", 'message': e}
else:
settings.load()
for field, default in DEFAULTS['viewer'].items():
context[field] = settings[field]
return template('settings', **context)
@route('/system_info')
@valid_user()
def system_info():
viewer_log_file = '/tmp/screenly_viewer.log'
if path.exists(viewer_log_file):
viewlog = check_output(['tail', '-n', '20', viewer_log_file]).split('\n')
else:
viewlog = ["(no viewer log present -- is only the screenly server running?)\n"]
# Get load average from last 15 minutes and round to two digits.
loadavg = round(getloadavg()[2], 2)
try:
run_tvservice = check_output(['tvservice', '-s'])
display_info = re_split('\||,', run_tvservice.strip('state:'))
except:
display_info = False
# Calculate disk space
slash = statvfs("/")
free_space = size(slash.f_bavail * slash.f_frsize)
# Get uptime
uptime_in_seconds = uptime()
system_uptime = timedelta(seconds=uptime_in_seconds)
return template('system_info', viewlog=viewlog, loadavg=loadavg, free_space=free_space, uptime=system_uptime, display_info=display_info)
@route('/splash_page')
def splash_page():
my_ip = get_node_ip()
if my_ip:
ip_lookup = True
url = "http://{}:{}".format(my_ip, settings.get_listen_port())
else:
ip_lookup = False
url = "Unable to look up your installation's IP address."
return template('splash_page', ip_lookup=ip_lookup, url=url)
@error(403)
def mistake403(code):
return 'The parameter you passed has the wrong format!'
@error(404)
def mistake404(code):
return 'Sorry, this page does not exist!'
################################
# Static
################################
@route('/static/:path#.+#', name='static')
def static(path):
return static_file(path, root='static')
if __name__ == "__main__":
# Make sure the asset folder exist. If not, create it
if not path.isdir(settings.get_asset_folder()):
mkdir(settings.get_asset_folder())
initiate_db()
run(host=settings.get_listen_ip(),
port=settings.get_listen_port(),
reloader=True)