def sendmailUser_mask(req, id, err=0):
v = getAdminStdVars(req)
v["path"] = req.path[1:]
if id in["execute", "execu"]:
userid = req.params.get("userid")
user = getUser(userid)
if not user:
path = req.path[1:].split("/")
user = getExternalUser(userid, path[-1])
password = makeRandomPassword()
user.resetPassword(password)
text = req.params.get("text")
text = text.replace("[wird eingesetzt]", password)
try:
mail.sendmail(req.params.get("from"), req.params.get("email"), req.params.get("subject"), text)
except mail.SocketError:
print "Socket error while sending mail"
req.setStatus(httpstatus.HTTP_INTERNAL_SERVER_ERROR)
return req.getTAL("web/admin/modules/user.html", v, macro="sendmailerror")
return req.getTAL("web/admin/modules/user.html", v, macro="sendmaildone")
user = getUser(id)
if not user:
path = req.path[1:].split("/")
user = getExternalUser(id, path[-1])
collections = []
seen = {}
access = acl.AccessData(user=user)
for node in getAllCollections():
if access.hasReadAccess(node):
if access.hasWriteAccess(node):
collections.append(node.name + " (lesen/schreiben)")
seen[node.id] = None
for node in tree.getRoot("collections").getChildren():
if access.hasReadAccess(node) and node.id not in seen:
collections.append(node.name + " (nur lesen)")
x = {}
x["name"] = "%s %s" % (user.getFirstName(), user.getLastName())
if(x["name"] == ""):
x["name"] = user.getName()
x["host"] = config.get("host.name")
x["login"] = user.getName()
x["isEditor"] = user.isEditor()
x["collections"] = list()
x["groups"] = user.getGroups()
x["groups"].sort()
x["language"] = lang(req)
x["collections"] = collections
x["collections"].sort()
v["mailtext"] = req.getTAL("web/admin/modules/user.html", x, macro="emailtext").strip()
v["email"] = user.getEmail()
v["userid"] = user.getName()
return req.getTAL("web/admin/modules/user.html", v, macro="sendmail")
def update_node(req, path, params, data, id):
# get the user and verify the signature
if params.get('user'):
user = users.getUser(params.get('user'))
userAccess = AccessData(user=user)
if userAccess.user:
valid = userAccess.verify_request_signature(req.fullpath, params)
if not valid:
userAccess = None
else:
userAccess = None
else:
user = users.getUser('Gast')
userAccess = AccessData(user=user)
node = tree.getNode(id)
# check user access
if userAccess and userAccess.hasAccess(node, "write"):
pass
else:
s = "No Access"
req.write(s)
d = {
'status': 'fail',
'html_response_code': '403',
'errormessage': 'no access'
}
return d['html_response_code'], len(s), d
node.name = params.get('name')
metadata = json.loads(params.get('metadata'))
# set provided metadata
for key, value in metadata.iteritems():
node.set(u(key), u(value))
# service flags
node.set("updateuser", user.getName())
node.set("updatetime", format_date())
node.setDirty()
d = {
'status': 'OK',
'html_response_code': '200',
'build_response_end': time.time()
}
s = "OK"
# we need to write in case of POST request, send as buffer wil not work
req.write(s)
req.reply_headers['updatetime'] = node.get('updatetime')
return d['html_response_code'], len(s), d
def update_node(req, path, params, data, id):
# get the user and verify the signature
if params.get('user'):
user = users.getUser(params.get('user'))
userAccess = AccessData(user=user)
if userAccess.user:
valid = userAccess.verify_request_signature(req.fullpath, params)
if not valid:
userAccess = None
else:
userAccess = None
else:
user = users.getUser('Gast')
userAccess = AccessData(user=user)
node = tree.getNode(id)
# check user access
if userAccess and userAccess.hasAccess(node, "write"):
pass
else:
s = "No Access"
req.write(s)
d = {
'status': 'fail',
'html_response_code': '403',
'errormessage': 'no access'}
return d['html_response_code'], len(s), d
node.name = params.get('name')
metadata = json.loads(params.get('metadata'))
# set provided metadata
for key, value in metadata.iteritems():
node.set(u(key), u(value))
# service flags
node.set("updateuser", user.getName())
node.set("updatetime", format_date())
node.setDirty()
d = {
'status': 'OK',
'html_response_code': '200',
'build_response_end': time.time()}
s = "OK"
# we need to write in case of POST request, send as buffer wil not work
req.write(s)
req.reply_headers['updatetime'] = node.get('updatetime')
return d['html_response_code'], len(s), d
def _get_node_owner(self, node):
try:
node_owner = getUser(node["creator"])
if node_owner:
return node_owner
except KeyError:
pass
try:
node_owner = getUser(node["updateuser"])
if node_owner:
return node_owner
except KeyError:
pass
return None
def search_nodes(query, mapping_prefix='Z3950_search_'):
"""
Search nodes that match the query.
'query' is a tree of QueryBoolNode and QueryMatchNode objects.
Query root nodes are configured by a naming convention. The names
of mappings that starting with the given 'mapping_prefix' must end
with a node ID, which is then used as root node for the search
based on that field mapping.
"""
# find root nodes and their mappings
roots_and_mappings = []
for mapping_node in mapping.getMappings():
name = mapping_node.getName()
if not name.startswith(mapping_prefix):
continue
try:
node_id = name[len(mapping_prefix):]
roots_and_mappings.append((tree.getNode(node_id), mapping_node))
except tree.NoSuchNodeError:
logg.error(
"Configuration problem detected: Z39.50 search mapping '%s' found, "
"but no matching root node with ID '%s'", name, node_id)
if not roots_and_mappings:
logg.info('no mappings configured, skipping search')
return []
logg.debug('using mapping roots: %s',
[(n1.id, n2.id) for (n1, n2) in roots_and_mappings])
# run one search per root node
node_ids = []
guestaccess = acl.AccessData(
user=users.getUser(config.get('user.guestuser')))
for root_node, mapping_node in roots_and_mappings:
# map query fields to node attributes
field_mapping = {}
for field in mapping_node.getChildren():
field_mapping[field.getName()] = field.getDescription().split(';')
# FIXME: this is redundant - why build an infix query string
# just to parse it afterwards?
query_string = query.build_query_string(field_mapping)
if query_string is None:
logg.info('unable to map query: [%r] using mapping %s', query,
field_mapping)
continue
logg.info('executing query: %s', query_string)
for n in root_node.search(query_string):
if guestaccess.hasReadAccess(n):
node_ids.append(n.id)
#node_ids.append( root_node.search(query_string).getIDs() )
# use a round-robin algorithm to merge the separate query results
# in order to produce maximally diverse results in the first hits
# return merge_ids_as_round_robin(node_ids)
return node_ids
def search_nodes(query, mapping_prefix='Z3950_search_'):
"""
Search nodes that match the query.
'query' is a tree of QueryBoolNode and QueryMatchNode objects.
Query root nodes are configured by a naming convention. The names
of mappings that starting with the given 'mapping_prefix' must end
with a node ID, which is then used as root node for the search
based on that field mapping.
"""
# find root nodes and their mappings
roots_and_mappings = []
for mapping_node in mapping.getMappings():
name = mapping_node.getName()
if not name.startswith(mapping_prefix):
continue
try:
node_id = name[len(mapping_prefix):]
roots_and_mappings.append((tree.getNode(node_id), mapping_node))
except tree.NoSuchNodeError:
logg.error("Configuration problem detected: Z39.50 search mapping '%s' found, "
"but no matching root node with ID '%s'", name, node_id)
if not roots_and_mappings:
logg.info('no mappings configured, skipping search')
return []
logg.debug('using mapping roots: %s', [(n1.id, n2.id) for (n1, n2) in roots_and_mappings])
# run one search per root node
node_ids = []
guestaccess = acl.AccessData(user=users.getUser(config.get('user.guestuser')))
for root_node, mapping_node in roots_and_mappings:
# map query fields to node attributes
field_mapping = {}
for field in mapping_node.getChildren():
field_mapping[field.getName()] = field.getDescription().split(';')
# FIXME: this is redundant - why build an infix query string
# just to parse it afterwards?
query_string = query.build_query_string(field_mapping)
if query_string is None:
logg.info('unable to map query: [%r] using mapping %s', query, field_mapping)
continue
logg.info('executing query: %s', query_string)
for n in root_node.search(query_string):
if guestaccess.hasReadAccess(n):
node_ids.append(n.id)
#node_ids.append( root_node.search(query_string).getIDs() )
# use a round-robin algorithm to merge the separate query results
# in order to produce maximally diverse results in the first hits
# return merge_ids_as_round_robin(node_ids)
return node_ids
def getNodeListXMLForUser(node, readuser=None, exclude_filetypes=[], attribute_name_filter=None):
if readuser:
# only write child data if children_access_user has read access
children_access = AccessData(user=users.getUser(readuser))
else:
children_access = None
wr = _StringWriter()
wr.write('<nodelist exportversion="%s">\n' % getInformation()["version"])
node.writexml(wr, children_access=children_access, exclude_filetypes=exclude_filetypes, attribute_name_filter=attribute_name_filter)
wr.write("</nodelist>\n")
return wr.get()
def getNodeListXMLForUser(node, readuser=None, exclude_filetypes=[], attribute_name_filter=None):
if readuser:
# only write child data if children_access_user has read access
children_access = AccessData(user=users.getUser(readuser))
else:
children_access = None
wr = _StringWriter()
wr.write('<nodelist exportversion="%s">\n' % getInformation()["version"])
node.writexml(wr, children_access=children_access, exclude_filetypes=exclude_filetypes, attribute_name_filter=attribute_name_filter)
wr.write("</nodelist>\n")
return wr.get()
def initSetList(req=None):
global SET_LIST
if req:
access = acl.AccessData(req)
else:
import core.users as users
access = acl.AccessData(user=users.getUser('Gast'))
oaisets.loadGroups()
SET_LIST = oaisets.GROUPS
OUT('OAI: initSetList: found %s set groups: %s' % (len(SET_LIST), str(SET_LIST)))
if DEBUG:
timetable_update(req, "leaving initSetList")
def editUser_mask(req, id, err=0):
ugroups = []
usertype = req.params.get("usertype", "intern")
newuser = 0
if err == 0 and id == "": # new user
user = tree.Node("", type="user")
user.setOption("c")
newuser = 1
elif err == 0 and id != "": # edit user
if usertype == "intern":
user = getUser(id)
else:
user = getExternalUser(id)
else:
# error while filling values
option = ""
for key in req.params.keys():
if key.startswith("option_"):
option += key[7]
for usergroup in req.params.get("usergroups", "").split(";"):
ugroups += [usergroup]
user = tree.Node("", type="user")
user.setName(req.params.get("username", ""))
user.setEmail(req.params.get("email", ""))
user.setOption(option)
user.setLastName(req.params.get("lastname", ""))
user.setFirstName(req.params.get("firstname", ""))
user.setTelephone(req.params.get("telephone", ""))
user.setComment(req.params.get("comment", ""))
user.setOrganisation(req.params.get("organisation", ""))
v = getAdminStdVars(req)
v["error"] = err
v["user"] = user
v["groups"] = loadGroupsFromDB()
v["ugroups"] = ugroups
v["useroption"] = useroption
v["id"] = id
v["usertype"] = usertype
v["filtertype"] = req.params.get("filtertype", "")
v["actpage"] = req.params.get("actpage")
v["newuser"] = newuser
v["usertypes"] = getExternalAuthentificators()
return req.getTAL("web/admin/modules/user.html", v, macro="modify")
def editUser_mask(req, id, err=0):
ugroups = []
usertype = req.params.get("usertype", "intern")
newuser = 0
if err == 0 and id == "": # new user
user = tree.Node("", type="user")
user.setOption("c")
newuser = 1
elif err == 0 and id != "": # edit user
if usertype == "intern":
user = getUser(id)
else:
user = getExternalUser(id)
else:
# error while filling values
option = ""
for key in req.params.keys():
if key.startswith("option_"):
option += key[7]
for usergroup in req.params.get("usergroups", "").split(";"):
ugroups += [usergroup]
user = tree.Node("", type="user")
user.setName(req.params.get("username", ""))
user.setEmail(req.params.get("email", ""))
user.setOption(option)
user.setLastName(req.params.get("lastname", ""))
user.setFirstName(req.params.get("firstname", ""))
user.setTelephone(req.params.get("telephone", ""))
user.setComment(req.params.get("comment", ""))
user.setOrganisation(req.params.get("organisation", ""))
v = getAdminStdVars(req)
v["error"] = err
v["user"] = user
v["groups"] = loadGroupsFromDB()
v["ugroups"] = ugroups
v["useroption"] = useroption
v["id"] = id
v["usertype"] = usertype
v["filtertype"] = req.params.get("filtertype", "")
v["actpage"] = req.params.get("actpage")
v["newuser"] = newuser
v["usertypes"] = getExternalAuthentificators()
return req.getTAL("web/admin/modules/user.html", v, macro="modify")
def initSetList(req=None):
global SET_LIST
if req:
access = acl.AccessData(req)
else:
import core.users as users
access = acl.AccessData(user=users.getUser('Gast'))
oaisets.loadGroups()
SET_LIST = oaisets.GROUPS
OUT('OAI: initSetList: found %s set groups: %s' %
(len(SET_LIST), str(SET_LIST)))
if DEBUG:
timetable_update(req, "leaving initSetList")
def getAccessRights(node):
""" Get acccess rights for the public.
The values returned descend from
http://wiki.surffoundation.nl/display/standards/info-eu-repo/#info-eu-repo-AccessRights.
This values are used by OpenAIRE portal.
"""
try: # if node.get('updatetime') is empty, the method parse_date would raise an exception
l_date = parse_date(node.get('updatetime'))
except:
l_date = date.now()
guestAccess = AccessData(user=users.getUser('Gast'))
if date.now() < l_date:
return "embargoedAccess"
elif guestAccess.hasAccess(node, 'read'):
if guestAccess.hasAccess(node, 'data'):
return "openAccess"
else:
return "restrictedAccess"
else:
return "closedAccess"
def getAccessRights(node):
""" Get acccess rights for the public.
The values returned descend from
http://wiki.surffoundation.nl/display/standards/info-eu-repo/#info-eu-repo-AccessRights.
This values are used by OpenAIRE portal.
"""
try: # if node.get('updatetime') is empty, the method parse_date would raise an exception
l_date = parse_date(node.get('updatetime'))
except:
l_date = date.now()
guestAccess = AccessData(user=users.getUser('Gast'))
if date.now() < l_date:
return "embargoedAccess"
elif guestAccess.hasAccess(node, 'read'):
if guestAccess.hasAccess(node, 'data'):
return "openAccess"
else:
return "restrictedAccess"
else:
return "closedAccess"
def get_sheme(req, path, params, data, name):
atime = starttime = time.time()
r_timetable = []
userAccess = None
# get the user and verify the signature
if params.get('user'):
# user=users.getUser(params.get('user'))
#userAccess = AccessData(user=user)
_user = users.getUser(params.get('user'))
if not _user: # user of dynamic
class dummyuser: # dummy user class
def getGroups(self): # return all groups with given dynamic user
return [g.name for g in tree.getRoot('usergroups').getChildren() if g.get(
'allow_dynamic') == '1' and params.get('user') in g.get('dynamic_users')]
def getName(self):
return params.get('user')
def getDirID(self): # unique identifier
return params.get('user')
def isAdmin(self):
return 0
_user = dummyuser()
userAccess = AccessData(user=_user)
if userAccess.user is not None:
valid = userAccess.verify_request_signature(req.fullpath, params)
if not valid:
userAccess = None
else:
userAccess = None
if userAccess is None:
d = {}
d['status'] = 'fail'
d['html_response_code'] = '403' # denied
return d['html_response_code'], 0, d
d = {}
d['timetable'] = []
d['status'] = 'ok'
d['html_response_code'] = '200' # ok
d['build_response_end'] = time.time()
if r_timetable:
d['timetable'] = r_timetable[:]
if name.endswith('/'):
name = name[:-1]
s = exportMetaScheme(name)
def compressForDeflate(s):
import gzip
return gzip.zlib.compress(s, 9)
def compressForGzip(s):
import cStringIO
import gzip
buffer = cStringIO.StringIO()
gzfile = gzip.GzipFile(mode='wb', fileobj=buffer, compresslevel=9)
gzfile.write(s)
gzfile.close()
return buffer.getvalue()
if 'deflate' in req.params:
size_uncompressed = len(s)
compressed_s = compressForDeflate(s)
s = compressed_s
size_compressed = len(s)
try:
percentage = 100.0 * size_compressed / size_uncompressed
except:
percentage = 100.0
req.reply_headers['Content-Encoding'] = "deflate"
d['timetable'].append(["'deflate' in request: executed compressForDeflate(s), %d bytes -> %d bytes (compressed to: %.1f %%)" %
(size_uncompressed, size_compressed, percentage), time.time() - atime])
atime = time.time()
elif 'gzip' in req.params:
size_uncompressed = len(s)
compressed_s = compressForGzip(s)
s = compressed_s
size_compressed = len(s)
try:
percentage = 100.0 * size_compressed / size_uncompressed
except:
percentage = 100.0
req.reply_headers['Content-Encoding'] = "gzip"
d['timetable'].append(["'gzip' in request: executed compressForGzip(s), %d bytes -> %d bytes (compressed to: %.1f %%)" %
(size_uncompressed, size_compressed, percentage), time.time() - atime])
atime = time.time()
mimetype = 'text/html'
req.reply_headers['Content-Type'] = "text/xml; charset=utf-8"
req.reply_headers['Content-Length'] = len(s)
req.sendAsBuffer(s, mimetype, force=1)
d['timetable'].append(["executed req.sendAsBuffer, %d bytes, mimetype='%s'" % (len(s), mimetype), time.time() - atime])
atime = time.time()
return d['html_response_code'], len(s), d
import time
import logging
import core.tree as tree
import core.users as users
from core import config
from core.acl import AccessData
from schema.schema import exportMetaScheme
from utils.utils import getMimeType
from web.services.cache import Cache
logger = logging.getLogger('services')
host = "http://" + config.get("host.name")
guestAccess = AccessData(user=users.getUser('Gast'))
collections = tree.getRoot('collections')
FILTERCACHE_NODECOUNT_THRESHOLD = 2000000
filtercache = Cache(maxcount=10, verbose=True)
searchcache = Cache(maxcount=10, verbose=True)
resultcache = Cache(maxcount=25, verbose=True)
SEND_TIMETABLE = False
def get_sheme(req, path, params, data, name):
atime = starttime = time.time()
def sendmailUser_mask(req, id, err=0):
v = getAdminStdVars(req)
v["path"] = req.path[1:]
if id in ["execute", "execu"]:
userid = req.params.get("userid")
user = getUser(userid)
if not user:
path = req.path[1:].split("/")
user = getExternalUser(userid, path[-1])
password = makeRandomPassword()
user.resetPassword(password)
text = req.params.get("text")
text = text.replace("[wird eingesetzt]", password)
try:
mail.sendmail(req.params.get("from"), req.params.get("email"),
req.params.get("subject"), text)
except mail.SocketError:
print "Socket error while sending mail"
req.setStatus(httpstatus.HTTP_INTERNAL_SERVER_ERROR)
return req.getTAL("web/admin/modules/user.html",
v,
macro="sendmailerror")
return req.getTAL("web/admin/modules/user.html",
v,
macro="sendmaildone")
user = getUser(id)
if not user:
path = req.path[1:].split("/")
user = getExternalUser(id, path[-1])
collections = []
seen = {}
access = acl.AccessData(user=user)
for node in getAllCollections():
if access.hasReadAccess(node):
if access.hasWriteAccess(node):
collections.append(node.name + " (lesen/schreiben)")
seen[node.id] = None
for node in tree.getRoot("collections").getChildren():
if access.hasReadAccess(node) and node.id not in seen:
collections.append(node.name + " (nur lesen)")
x = {}
x["name"] = "%s %s" % (user.getFirstName(), user.getLastName())
if (x["name"] == ""):
x["name"] = user.getName()
x["host"] = config.get("host.name")
x["login"] = user.getName()
x["isEditor"] = user.isEditor()
x["collections"] = list()
x["groups"] = user.getGroups()
x["groups"].sort()
x["language"] = lang(req)
x["collections"] = collections
x["collections"].sort()
v["mailtext"] = req.getTAL("web/admin/modules/user.html",
x,
macro="emailtext").strip()
v["email"] = user.getEmail()
v["userid"] = user.getName()
return req.getTAL("web/admin/modules/user.html", v, macro="sendmail")
import os
import time
import logging
import core.tree as tree
import core.users as users
from core import config
from core.acl import AccessData
from schema.schema import exportMetaScheme
from utils.utils import getMimeType
from web.services.cache import Cache
logger = logging.getLogger('services')
host = "http://" + config.get("host.name")
guestAccess = AccessData(user=users.getUser('Gast'))
collections = tree.getRoot('collections')
FILTERCACHE_NODECOUNT_THRESHOLD = 2000000
filtercache = Cache(maxcount=10, verbose=True)
searchcache = Cache(maxcount=10, verbose=True)
resultcache = Cache(maxcount=25, verbose=True)
SEND_TIMETABLE = False
def get_sheme(req, path, params, data, name):
atime = starttime = time.time()
r_timetable = []
def getRootAccess():
return AccessData(user=users.getUser(config.get('user.adminuser', 'Administrator')))
def validate(req, op):
"""standard validator"""
try:
if "style" in req.params:
req.write(view(req))
return ""
for key in req.params.keys():
if key.startswith("new"):
# create new user
return editUser_mask(req, "")
elif key.startswith("edit_"):
# edit user
return editUser_mask(req, str(key[key.index("_") + 1:-2]))
elif key.startswith("sendmail_") and req.params.get("form_op", "") != "cancel":
# send email
return sendmailUser_mask(req, str(key[key.index("_") + 1:-2]))
elif key.startswith("delete_"):
# delete user
user_from_request = users.getUserFromRequest(req)
username_from_form = key[7:-2]
dyn_auths = getDynamicUserAuthenticators()
isDynamic = False
for dyn_auth in dyn_auths:
if username_from_form.startswith(dyn_auth + "|"):
isDynamic = (username_from_form, dyn_auth)
break
if isDynamic:
log.info("%r is requesting logout of dynamic user %r (%r)" % (user_from_request.getName(), isDynamic[0], isDynamic[1]))
deleteUser(isDynamic[0], isDynamic[1])
else:
usertype = req.params.get("usertype", "intern")
usernode = getUser(key[7:-2])
if not usertype.strip():
usertype = usernode.getUserType()
if usertype == 'users':
# function deleteUser expects usertype='intern'
# for children if root->users, but getUserType()
# returns 'users' for those
usertype = 'intern'
log.info("%r is requesting deletion of user %r (%r, %r)" %
(user_from_request.getName(), usernode.name, usernode.id, usertype))
deleteUser(usernode, usertype=usertype)
del_index = users_cache.index(usernode)
del users_cache[del_index]
searchterm_was = req.params.get("searchterm_was", "")
if searchterm_was:
req.params['action'] = 'search'
req.params['searchterm'] = searchterm_was
req.params['use_macro'] = 'view'
req.params['execute_search'] = searchterm_was
break
elif key.startswith("tointern_"):
moveUserToIntern(key[9:-2])
break
elif key.startswith("reset_"):
# reset password
if req.params["change_passwd"] != "":
getUser(key[6:-2]).resetPassword(req.params["change_passwd"])
else:
getUser(key[6:-2]).resetPassword(config.settings["user.passwd"])
break
if "form_op" in req.params.keys():
_option = ""
for key in req.params.keys():
if key.startswith("option_"):
_option += key[7]
if req.params.get("form_op") == "save_new":
# save user values
if req.params.get("username", "") == "" or req.params.get("usergroups", "") == "" or req.params.get("email", "") == "":
return editUser_mask(req, "", 1) # no username or group selected
elif existUser(req.params.get("username")):
return editUser_mask(req, "", 2) # user still existing
else:
create_user(
req.params.get("username"),
req.params.get("email"),
req.params.get("usergroups").replace(
";",
","),
pwd=req.params.get(
"password",
""),
lastname=req.params.get(
"lastname",
""),
firstname=req.params.get("firstname"),
telephone=req.params.get("telephone"),
comment=req.params.get("comment"),
option=_option,
organisation=req.params.get(
"organisation",
""),
identificator=req.params.get(
"identificator",
""),
type=req.params.get(
"usertype",
"intern"))
elif req.params["form_op"] == "save_edit":
# update user
if req.params.get("email", "") == "" or req.params.get("username", "") == "" or req.params.get("usergroups", "") == "":
return editUser_mask(req, req.params.get("id"), 1) # no username, email or group selected
else:
update_user(
req.params.get(
"id",
0),
req.params.get(
"username",
""),
req.params.get(
"email",
""),
req.params.get(
"usergroups",
"").replace(
";",
","),
lastname=req.params.get("lastname"),
firstname=req.params.get("firstname"),
telephone=req.params.get("telephone"),
comment=req.params.get("comment"),
option=_option,
organisation=req.params.get(
"organisation",
""),
identificator=req.params.get(
"identificator",
""),
type=req.params.get(
"usertype",
"intern"))
flush_users_cache()
return view(req)
except:
print "Warning: couldn't load module for type", type
print sys.exc_info()[0], sys.exc_info()[1]
traceback.print_tb(sys.exc_info()[2])
def create():
"""
Creates the sitemap files and the sitemap index files which are located at /web/root/
"""
logging.getLogger('everything').info(
'Creating Sitemaps and Sitemap Index...')
base_dir = os.path.abspath(
os.path.join(os.path.dirname(__file__), os.pardir))
hostname = config.get('host.name')
root = tree.getRoot('collections')
all_nodes = root.getAllChildren()
user = users.getUser('Gast')
access = acl.AccessData(user=user)
sitemaps = []
node_dict = {
'collection': [],
'directory': [],
'document': [],
'dissertation': [],
'image': [],
'video': [],
'audio': [],
}
for node in all_nodes:
# Arkitekt had a guest field that is actually not visible
if access.hasAccess(node, 'read'):
for node_type in node_dict.keys():
if node_type in tree.getNode(node.id).type:
node_dict[node_type].append(
(node.id, tree.getNode(node.id).get('updatetime')))
# Reassign node_dict to a dict where empty values were removed
node_dict = dict((k, v) for k, v in node_dict.iteritems() if v)
# Sitemap can have at most 50k entries
for key in node_dict.keys():
if key in ('dissertation', 'document', 'image'):
priority_level = '1.0'
elif key == 'videos':
priority_level = '0.8'
else:
priority_level = '0.5'
# Create multiple sitemaps for node lists > 50k
if len(node_dict[key]) > 50000:
partitions = int(ceil((len(node_dict[key]) / 50000.)))
for partition_number in range(partitions):
sitemap = Sitemap(
base_dir, ''.join(
['sitemap-',
str(key),
str(partition_number), '.xml']), hostname)
sitemaps.append(sitemap.name)
sitemap.create_sitemap(
node_dict[key][partition_number *
50000:(partition_number + 1) * 50000],
priority_level)
else:
sitemap = Sitemap(base_dir, ''.join(['sitemap-', key, '.xml']),
hostname)
sitemaps.append(sitemap.name)
sitemap.create_sitemap(node_dict[key], priority_level)
siteindex = SitemapIndex(base_dir, 'sitemap-index.xml', hostname)
now = '+'.join(
[datetime.datetime.now().strftime('%Y-%m-%dT%H:%M:%S'), '02:00'])
siteindex.create_sitemap_index(sitemaps, now)
logging.getLogger('everything').info(
'Generation of Sitemaps and SitemapIndex Complete')
def upload_new_node(req, path, params, data):
try:
uploadfile = params['data']
del params['data']
except KeyError:
uploadfile = None
# get the user and verify the signature
if params.get('user'):
# user=users.getUser(params.get('user'))
#userAccess = AccessData(user=user)
_user = users.getUser(params.get('user'))
if not _user: # user of dynamic
class dummyuser: # dummy user class
# return all groups with given dynamic user
def getGroups(self):
return [
g.name
for g in tree.getRoot('usergroups').getChildren()
if g.get('allow_dynamic') == '1'
and params.get('user') in g.get('dynamic_users')
]
def getName(self):
return params.get('user')
def getDirID(self): # unique identifier
return params.get('user')
def isAdmin(self):
return 0
_user = dummyuser()
userAccess = AccessData(user=_user)
if userAccess.user:
user = userAccess.user
if not userAccess.verify_request_signature(req.fullpath + '?',
params):
userAccess = None
else:
userAccess = None
else:
user = users.getUser(config.get('user.guestuser'))
userAccess = AccessData(user=user)
parent = tree.getNode(params.get('parent'))
# check user access
if userAccess and userAccess.hasAccess(parent, "write"):
pass
else:
s = "No Access"
req.write(s)
d = {
'status': 'fail',
'html_response_code': '403',
'errormessage': 'no access'
}
logger.error("user has no edit permission for node %s" % parent)
return d['html_response_code'], len(s), d
datatype = params.get('type')
uploaddir = users.getUploadDir(user)
n = tree.Node(name=params.get('name'), type=datatype)
if isinstance(uploadfile, types.InstanceType): # file object used
nfile = importFile(uploadfile.filename, uploadfile.tempname)
else: # string used
nfile = importFileFromData('uploadTest.jpg',
base64.b64decode(uploadfile))
if nfile:
n.addFile(nfile)
else:
logger.error("error in file uploadservice")
try: # test metadata
metadata = json.loads(params.get('metadata'))
except ValueError:
metadata = dict()
# set provided metadata
for key, value in metadata.iteritems():
n.set(u(key), u(value))
# service flags
n.set("creator", user.getName())
n.set("creationtime", format_date())
parent.addChild(n)
# process the file, we've added to the new node
if hasattr(n, "event_files_changed"):
try:
n.event_files_changed()
except OperationException as e:
for file in n.getFiles():
if os.path.exists(file.retrieveFile()):
os.remove(file.retrieveFile())
raise OperationException(e.value)
# make sure the new node is visible immediately from the web service and
# the search index gets updated
n.setDirty()
tree.remove_from_nodecaches(parent)
d = {
'status': 'Created',
'html_response_code': '201',
'build_response_end': time.time()
}
s = "Created"
# provide the uploader with the new node ID
req.reply_headers['NodeID'] = n.id
# we need to write in case of POST request, send as buffer will not work
req.write(s)
return d['html_response_code'], len(s), d
def get_sheme(req, path, params, data, name):
atime = starttime = time.time()
r_timetable = []
userAccess = None
# get the user and verify the signature
if params.get('user'):
# user=users.getUser(params.get('user'))
#userAccess = AccessData(user=user)
_user = users.getUser(params.get('user'))
if not _user: # user of dynamic
class dummyuser: # dummy user class
def getGroups(
self): # return all groups with given dynamic user
return [
g.name
for g in tree.getRoot('usergroups').getChildren()
if g.get('allow_dynamic') == '1'
and params.get('user') in g.get('dynamic_users')
]
def getName(self):
return params.get('user')
def getDirID(self): # unique identifier
return params.get('user')
def isAdmin(self):
return 0
_user = dummyuser()
userAccess = AccessData(user=_user)
if userAccess.user is not None:
valid = userAccess.verify_request_signature(req.fullpath, params)
if not valid:
userAccess = None
else:
userAccess = None
if userAccess is None:
d = {}
d['status'] = 'fail'
d['html_response_code'] = '403' # denied
return d['html_response_code'], 0, d
d = {}
d['timetable'] = []
d['status'] = 'ok'
d['html_response_code'] = '200' # ok
d['build_response_end'] = time.time()
if r_timetable:
d['timetable'] = r_timetable[:]
if name.endswith('/'):
name = name[:-1]
s = exportMetaScheme(name)
def compressForDeflate(s):
import gzip
return gzip.zlib.compress(s, 9)
def compressForGzip(s):
import cStringIO
import gzip
buffer = cStringIO.StringIO()
gzfile = gzip.GzipFile(mode='wb', fileobj=buffer, compresslevel=9)
gzfile.write(s)
gzfile.close()
return buffer.getvalue()
if 'deflate' in req.params:
size_uncompressed = len(s)
compressed_s = compressForDeflate(s)
s = compressed_s
size_compressed = len(s)
try:
percentage = 100.0 * size_compressed / size_uncompressed
except:
percentage = 100.0
req.reply_headers['Content-Encoding'] = "deflate"
d['timetable'].append([
"'deflate' in request: executed compressForDeflate(s), %d bytes -> %d bytes (compressed to: %.1f %%)"
% (size_uncompressed, size_compressed, percentage),
time.time() - atime
])
atime = time.time()
elif 'gzip' in req.params:
size_uncompressed = len(s)
compressed_s = compressForGzip(s)
s = compressed_s
size_compressed = len(s)
try:
percentage = 100.0 * size_compressed / size_uncompressed
except:
percentage = 100.0
req.reply_headers['Content-Encoding'] = "gzip"
d['timetable'].append([
"'gzip' in request: executed compressForGzip(s), %d bytes -> %d bytes (compressed to: %.1f %%)"
% (size_uncompressed, size_compressed, percentage),
time.time() - atime
])
atime = time.time()
mimetype = 'text/html'
req.reply_headers['Content-Type'] = "text/xml; charset=utf-8"
req.reply_headers['Content-Length'] = len(s)
req.sendAsBuffer(s, mimetype, force=1)
d['timetable'].append([
"executed req.sendAsBuffer, %d bytes, mimetype='%s'" %
(len(s), mimetype),
time.time() - atime
])
atime = time.time()
return d['html_response_code'], len(s), d
def show_node_big(self, req, template="workflow/workflow.html", macro="object_step"):
# the workflow operations (node forwarding, key assignment,
# parent node handling) are highly non-reentrant, so protect
# everything with a global lock
global workflow_lock
workflow_lock.acquire()
try:
access = acl.AccessData(req)
key = req.params.get("key", req.session.get("key", ""))
req.session["key"] = key
if "obj" in req.params:
nodes = [tree.getNode(id) for id in req.params['obj'].split(',')]
for node in nodes:
if not access.hasWriteAccess(self) and \
(key != node.get("key")): # no permission
link = '(' + self.name + ')'
try:
return req.getTAL(template, {"node": node, "link": link, "email": config.get("email.workflow")}, macro=macro)
except:
return ""
if 'action' in req.params:
if access.hasWriteAccess(self):
if req.params.get('action') == 'delete':
for node in nodes:
for parent in node.getParents():
parent.removeChild(node)
elif req.params.get('action').startswith('move_'):
step = tree.getNode(req.params.get('action').replace('move_', ''))
for node in nodes:
for parent in node.getParents():
parent.removeChild(node)
step.addChild(node)
return self.show_workflow_step(req)
else:
node = nodes[0]
if self in node.getParents():
# set correct language for workflow for guest user only
if node.get('key') == node.get('system.key') and getUserFromRequest(req) == getUser(config.get('user.guestuser')):
switch_language(req, node.get('system.wflanguage'))
link = req.makeLink("/mask", {"id": self.id})
if "forcetrue" in req.params:
return self.forwardAndShow(node, True, req, link=link)
if "forcefalse" in req.params:
return self.forwardAndShow(node, False, req, link=link)
return self.show_workflow_node(node, req)
else:
return self.show_workflow_notexist(node, req)
else:
return self.show_workflow_step(req)
finally:
workflow_lock.release()
def upload_new_node(req, path, params, data):
try:
uploadfile = params['data']
del params['data']
except KeyError:
uploadfile = None
# get the user and verify the signature
if params.get('user'):
# user=users.getUser(params.get('user'))
#userAccess = AccessData(user=user)
_user = users.getUser(params.get('user'))
if not _user: # user of dynamic
class dummyuser: # dummy user class
# return all groups with given dynamic user
def getGroups(self):
return [g.name for g in tree.getRoot('usergroups').getChildren() if g.get(
'allow_dynamic') == '1' and params.get('user') in g.get('dynamic_users')]
def getName(self):
return params.get('user')
def getDirID(self): # unique identifier
return params.get('user')
def isAdmin(self):
return 0
_user = dummyuser()
userAccess = AccessData(user=_user)
if userAccess.user:
user = userAccess.user
if not userAccess.verify_request_signature(
req.fullpath +
'?',
params):
userAccess = None
else:
userAccess = None
else:
user = users.getUser(config.get('user.guestuser'))
userAccess = AccessData(user=user)
parent = tree.getNode(params.get('parent'))
# check user access
if userAccess and userAccess.hasAccess(parent, "write"):
pass
else:
s = "No Access"
req.write(s)
d = {
'status': 'fail',
'html_response_code': '403',
'errormessage': 'no access'}
logger.error("user has no edit permission for node %s" % parent)
return d['html_response_code'], len(s), d
datatype = params.get('type')
uploaddir = users.getUploadDir(user)
n = tree.Node(name=params.get('name'), type=datatype)
if isinstance(uploadfile, types.InstanceType): # file object used
nfile = importFile(uploadfile.filename, uploadfile.tempname)
else: # string used
nfile = importFileFromData(
'uploadTest.jpg',
base64.b64decode(uploadfile))
if nfile:
n.addFile(nfile)
else:
logger.error("error in file uploadservice")
try: # test metadata
metadata = json.loads(params.get('metadata'))
except ValueError:
metadata = dict()
# set provided metadata
for key, value in metadata.iteritems():
n.set(u(key), u(value))
# service flags
n.set("creator", user.getName())
n.set("creationtime", format_date())
parent.addChild(n)
# process the file, we've added to the new node
if hasattr(n, "event_files_changed"):
try:
n.event_files_changed()
except OperationException as e:
for file in n.getFiles():
if os.path.exists(file.retrieveFile()):
os.remove(file.retrieveFile())
raise OperationException(e.value)
# make sure the new node is visible immediately from the web service and
# the search index gets updated
n.setDirty()
tree.remove_from_nodecaches(parent)
d = {
'status': 'Created',
'html_response_code': '201',
'build_response_end': time.time()}
s = "Created"
# provide the uploader with the new node ID
req.reply_headers['NodeID'] = n.id
# we need to write in case of POST request, send as buffer will not work
req.write(s)
return d['html_response_code'], len(s), d
def pwdforgotten(req):
if len(req.params) > 3: # user changed to browsing
return buildURL(req)
navframe = frame.getNavigationFrame(req)
navframe.feedback(req)
if req.params.get("action",
"") == "activate": # do activation of new password
id, key = req.params.get("key").replace("/", "").split('-')
targetuser = users.getUser(id)
if targetuser.get("newpassword.activation_key") == key:
newpassword = targetuser.get("newpassword.password")
if newpassword:
targetuser.set("password", newpassword)
print "password reset for user '%s' (id=%s) reset" % (
targetuser.getName(), targetuser.id)
targetuser.removeAttribute("newpassword.password")
targetuser.set("newpassword.time_activated",
date.format_date())
logging.getLogger('usertracing').info(
"new password activated for user: %s - was requested: %s by %s"
% (targetuser.getName(),
targetuser.get("newpassword.time_requested"),
targetuser.get("newpassword.request_ip")))
navframe.write(
req,
req.getTAL(theme.getTemplate("login.html"),
{"username": targetuser.getName()},
macro="pwdforgotten_password_activated"))
return httpstatus.HTTP_OK
else:
print "invalid key: wrong key or already used key"
navframe.write(
req,
req.getTAL(
theme.getTemplate("login.html"),
{"message": "pwdforgotten_password_invalid_key"},
macro="pwdforgotten_message"))
return httpstatus.HTTP_OK
elif "user" in req.params: # create email with activation information
username = req.params.get("user", "")
if username == '':
req.params['error'] = "pwdforgotten_noentry"
else:
targetuser = users.getUser(username)
if not targetuser or not targetuser.canChangePWD():
logging.getLogger('usertracing').info(
"new password requested for non-existing user: "******"pwdforgotten_nosuchuser"
else:
password = users.makeRandomPassword()
randomkey = mkKey()
targetuser.set("newpassword.password",
hashlib.md5(password).hexdigest())
targetuser.set("newpassword.time_requested",
date.format_date())
targetuser.set("newpassword.activation_key", randomkey)
targetuser.set("newpassword.request_ip", req.ip)
v = {}
v["name"] = targetuser.getName()
v["host"] = config.get("host.name")
v["login"] = targetuser.getName()
v["language"] = lang(req)
v["activationlink"] = v[
"host"] + "/pwdforgotten?action=activate&key=%s-%s" % (
targetuser.id, randomkey)
v["email"] = targetuser.getEmail()
v["userid"] = targetuser.getName()
# going to send the mail
try:
mailtext = req.getTAL(theme.getTemplate("login.html"),
v,
macro="emailtext")
mailtext = mailtext.strip().replace(
"[$newpassword]",
password).replace("[wird eingesetzt]", password)
mail.sendmail(config.get("email.admin"),
targetuser.getEmail(),
t(lang(req), "pwdforgotten_email_subject"),
mailtext)
logging.getLogger('usertracing').info(
"new password requested for user: %s - activation email sent"
% username)
navframe.write(
req,
req.getTAL(theme.getTemplate("login.html"),
{"message": "pwdforgotten_butmailnowsent"},
macro="pwdforgotten_message"))
return httpstatus.HTTP_OK
except mail.SocketError:
print "Socket error while sending mail"
logging.getLogger('usertracing').info(
"new password requested for user: %s - failed to send activation email"
% username)
return req.getTAL(
theme.getTemplate("login.html"),
{"message": "pwdforgotten_emailsenderror"},
macro="pwdforgotten_message")
# standard operation
navframe.write(
req,
req.getTAL(theme.getTemplate("login.html"), {
"error": req.params.get("error"),
"user": users.getUserFromRequest(req)
},
macro="pwdforgotten"))
return httpstatus.HTTP_OK
def pwdforgotten(req):
if len(req.params) > 3: # user changed to browsing
return buildURL(req)
navframe = frame.getNavigationFrame(req)
navframe.feedback(req)
if req.params.get("action", "") == "activate": # do activation of new password
id, key = req.params.get("key").replace("/", "").split('-')
targetuser = users.getUser(id)
if targetuser.get("newpassword.activation_key") == key:
newpassword = targetuser.get("newpassword.password")
if newpassword:
targetuser.set("password", newpassword)
print "password reset for user '%s' (id=%s) reset" % (targetuser.getName(), targetuser.id)
targetuser.removeAttribute("newpassword.password")
targetuser.set("newpassword.time_activated", date.format_date())
logging.getLogger('usertracing').info(
"new password activated for user: %s - was requested: %s by %s" %
(targetuser.getName(),
targetuser.get("newpassword.time_requested"),
targetuser.get("newpassword.request_ip")))
navframe.write(
req, req.getTAL(
theme.getTemplate("login.html"), {
"username": targetuser.getName()}, macro="pwdforgotten_password_activated"))
return httpstatus.HTTP_OK
else:
print "invalid key: wrong key or already used key"
navframe.write(
req, req.getTAL(
theme.getTemplate("login.html"), {
"message": "pwdforgotten_password_invalid_key"}, macro="pwdforgotten_message"))
return httpstatus.HTTP_OK
elif "user" in req.params: # create email with activation information
username = req.params.get("user", "")
if username == '':
req.params['error'] = "pwdforgotten_noentry"
else:
targetuser = users.getUser(username)
if not targetuser or not targetuser.canChangePWD():
logging.getLogger('usertracing').info("new password requested for non-existing user: "******"pwdforgotten_nosuchuser"
else:
password = users.makeRandomPassword()
randomkey = mkKey()
targetuser.set("newpassword.password", hashlib.md5(password).hexdigest())
targetuser.set("newpassword.time_requested", date.format_date())
targetuser.set("newpassword.activation_key", randomkey)
targetuser.set("newpassword.request_ip", req.ip)
v = {}
v["name"] = targetuser.getName()
v["host"] = config.get("host.name")
v["login"] = targetuser.getName()
v["language"] = lang(req)
v["activationlink"] = v["host"] + "/pwdforgotten?action=activate&key=%s-%s" % (targetuser.id, randomkey)
v["email"] = targetuser.getEmail()
v["userid"] = targetuser.getName()
# going to send the mail
try:
mailtext = req.getTAL(theme.getTemplate("login.html"), v, macro="emailtext")
mailtext = mailtext.strip().replace("[$newpassword]", password).replace("[wird eingesetzt]", password)
mail.sendmail(config.get("email.admin"), targetuser.getEmail(), t(lang(req), "pwdforgotten_email_subject"), mailtext)
logging.getLogger('usertracing').info("new password requested for user: %s - activation email sent" % username)
navframe.write(
req, req.getTAL(
theme.getTemplate("login.html"), {
"message": "pwdforgotten_butmailnowsent"}, macro="pwdforgotten_message"))
return httpstatus.HTTP_OK
except mail.SocketError:
print "Socket error while sending mail"
logging.getLogger('usertracing').info(
"new password requested for user: %s - failed to send activation email" % username)
return req.getTAL(
theme.getTemplate("login.html"), {"message": "pwdforgotten_emailsenderror"}, macro="pwdforgotten_message")
# standard operation
navframe.write(req, req.getTAL(theme.getTemplate("login.html"), {
"error": req.params.get("error"), "user": users.getUserFromRequest(req)}, macro="pwdforgotten"))
return httpstatus.HTTP_OK
def __init__(self):
self.folded = 0
self.name = "common"
self.user = users.getUser(config.get("user.guestuser", ""))
def validate(req, op):
"""standard validator"""
try:
if "style" in req.params:
req.write(view(req))
return ""
for key in req.params.keys():
if key.startswith("new"):
# create new user
return editUser_mask(req, "")
elif key.startswith("edit_"):
# edit user
return editUser_mask(req, str(key[key.index("_") + 1:-2]))
elif key.startswith("sendmail_") and req.params.get(
"form_op", "") != "cancel":
# send email
return sendmailUser_mask(req, str(key[key.index("_") + 1:-2]))
elif key.startswith("delete_"):
# delete user
user_from_request = users.getUserFromRequest(req)
username_from_form = key[7:-2]
dyn_auths = getDynamicUserAuthenticators()
isDynamic = False
for dyn_auth in dyn_auths:
if username_from_form.startswith(dyn_auth + "|"):
isDynamic = (username_from_form, dyn_auth)
break
if isDynamic:
log.info(
"%r is requesting logout of dynamic user %r (%r)" %
(user_from_request.getName(), isDynamic[0],
isDynamic[1]))
deleteUser(isDynamic[0], isDynamic[1])
else:
usertype = req.params.get("usertype", "intern")
usernode = getUser(key[7:-2])
if not usertype.strip():
usertype = usernode.getUserType()
if usertype == 'users':
# function deleteUser expects usertype='intern'
# for children if root->users, but getUserType()
# returns 'users' for those
usertype = 'intern'
log.info("%r is requesting deletion of user %r (%r, %r)" %
(user_from_request.getName(), usernode.name,
usernode.id, usertype))
deleteUser(usernode, usertype=usertype)
del_index = users_cache.index(usernode)
del users_cache[del_index]
searchterm_was = req.params.get("searchterm_was", "")
if searchterm_was:
req.params['action'] = 'search'
req.params['searchterm'] = searchterm_was
req.params['use_macro'] = 'view'
req.params['execute_search'] = searchterm_was
break
elif key.startswith("tointern_"):
moveUserToIntern(key[9:-2])
break
elif key.startswith("reset_"):
# reset password
if req.params["change_passwd"] != "":
getUser(key[6:-2]).resetPassword(
req.params["change_passwd"])
else:
getUser(key[6:-2]).resetPassword(
config.settings["user.passwd"])
break
if "form_op" in req.params.keys():
_option = ""
for key in req.params.keys():
if key.startswith("option_"):
_option += key[7]
if req.params.get("form_op") == "save_new":
# save user values
if req.params.get("username", "") == "" or req.params.get(
"usergroups", "") == "" or req.params.get("email",
"") == "":
return editUser_mask(req, "",
1) # no username or group selected
elif existUser(req.params.get("username")):
return editUser_mask(req, "", 2) # user still existing
else:
create_user(
req.params.get("username"),
req.params.get("email"),
req.params.get("usergroups").replace(";", ","),
pwd=req.params.get("password", ""),
lastname=req.params.get("lastname", ""),
firstname=req.params.get("firstname"),
telephone=req.params.get("telephone"),
comment=req.params.get("comment"),
option=_option,
organisation=req.params.get("organisation", ""),
identificator=req.params.get("identificator", ""),
type=req.params.get("usertype", "intern"))
elif req.params["form_op"] == "save_edit":
# update user
if req.params.get("email", "") == "" or req.params.get(
"username", "") == "" or req.params.get(
"usergroups", "") == "":
return editUser_mask(
req, req.params.get("id"),
1) # no username, email or group selected
else:
update_user(
req.params.get("id", 0),
req.params.get("username", ""),
req.params.get("email", ""),
req.params.get("usergroups", "").replace(";", ","),
lastname=req.params.get("lastname"),
firstname=req.params.get("firstname"),
telephone=req.params.get("telephone"),
comment=req.params.get("comment"),
option=_option,
organisation=req.params.get("organisation", ""),
identificator=req.params.get("identificator", ""),
type=req.params.get("usertype", "intern"))
flush_users_cache()
return view(req)
except:
print "Warning: couldn't load module for type", type
print sys.exc_info()[0], sys.exc_info()[1]
traceback.print_tb(sys.exc_info()[2])
def getContent(req, ids):
"""
The standard method, which has to be implemented by every module.
It's called in edit.py, where all the modules will be identified.
"""
user = users.getUserFromRequest(req)
access = acl.AccessData(req)
node = tree.getNode(ids[0])
access_nobody = 'nicht Jeder'
# first prove if the user has the required rights to call this module
if 'sortfiles' in users.getHideMenusForUser(
user) or not access.hasWriteAccess(node):
req.setStatus(httpstatus.HTTP_FORBIDDEN)
return req.getTAL('web/edit/edit.html', {}, macro='access_error')
if node.isContainer():
nodes = ', '.join(node.getChildren().getIDs())
else:
nodes = node.get('node.id')
v = {
'msg': '',
'urn_institutionid': config.get('urn.institutionid'),
'urn_pubtypes': config.get('urn.pubtypes').split(';'),
'namespaces': config.get('urn.namespace').split(';'),
'user': user,
'nodes': nodes,
'type': req.params.get('id_type'),
'show_form': True,
'namespace': req.params.get('namespace'),
'urn_type': req.params.get('urn_type'),
'host': config.get('host.name'),
'creator': users.getUser(node.get('creator'))
}
if user.isAdmin():
if 'id_type' in req.params:
if req.params.get('id_type') == 'hash':
createHash(node)
if req.params.get('id_type') == 'urn':
createUrn(node, req.params.get('namespace'),
req.params.get('urn_type'))
if req.params.get('id_type') == 'doi':
try:
createDOI(node)
except:
return req.error(500,
"doi was not successfully registered")
if any(identifier in node.attributes
for identifier in ('hash', 'urn', 'doi')):
if not node.get('system.identifierdate'):
node.set('system.identifierdate', date.now())
if node.get('system.identifierstate') != '2':
node.set('system.identifierstate', '2')
# add nobody rule if not set
if node.getAccess('write') is None:
node.setAccess('write', access_nobody)
else:
if access_nobody not in node.getAccess('write'):
node.setAccess(
'write', ','.join(
[node.getAccess('write'), access_nobody]))
try:
mailtext = req.getTAL(
'web/edit/modules/identifier.html',
v,
macro='generate_identifier_usr_mail_2')
mail.sendmail(
config.get('email.admin'),
users.getUser(node.get('creator')).get('email'),
'Vergabe eines Idektifikators / Generation of an Identifier',
mailtext)
except mail.SocketError:
logging.getLogger('backend').error(
'failed to send Autorenvertrag mail to user %s' %
node.get('creator'))
v['msg'] = t(lang(req), 'edit_identifier_mail_fail')
if node.get('system.identifierstate') != '2':
v['msg'] = t(lang(req), 'edit_identifier_state_0_1_admin')
else:
v['msg'] = t(lang(req), 'edit_identifier_state_2_admin')
else:
if pathutils.isDescendantOf(node, tree.getRoot('collections')):
if not node.get('system.identifierstate'):
if 'id_type' in req.params:
try:
# fetch autorenvertrag
attachment = []
autorenvertrag_name = 'formular_autorenvertrag.pdf'
autorenvertrag_path = os.path.join(
config.get('paths.tempdir'), autorenvertrag_name)
if not os.path.isfile(autorenvertrag_path):
logging.getLogger('backend').error(
"Unable to attach Autorenvergrag. Attachment file not found: '%s'"
% autorenvertrag_path)
raise IOError(
'Autorenvertrag was not located on disk at %s. Please send this error message to %s'
% (autorenvertrag_path,
config.get('email.admin')))
else:
attachment.append(
(autorenvertrag_path, 'Autorenvertrag.pdf'))
# notify user
mailtext_user = req.getTAL(
'web/edit/modules/identifier.html',
v,
macro='generate_identifier_usr_mail_1_' +
lang(req))
mail.sendmail(
config.get('email.admin'),
user.get('email'),
t(lang(req), 'edit_identifier_mail_title_usr_1'),
mailtext_user,
attachments_paths_and_filenames=attachment)
# notify admin
mailtext_admin = req.getTAL(
'web/edit/modules/identifier.html',
v,
macro='generate_identifier_admin_mail')
mail.sendmail(
config.get('email.admin'),
config.get('email.admin'),
'Antrag auf Vergabe eines Identifikators',
mailtext_admin)
node.set('system.identifierstate', '1')
# add nobody rule
print node.getAccess('write')
if node.getAccess('write') is None:
node.setAccess('write', access_nobody)
else:
if access_nobody not in node.getAccess('write'):
node.setAccess(
'write', ','.join([
node.getAccess('write'), access_nobody
]))
except mail.SocketError:
logging.getLogger('backend').error(
'failed to send identifier request mail')
v['msg'] = t(lang(req), 'edit_identifier_mail_fail')
else:
v['msg'] = t(lang(req), 'edit_identifier_state_0_usr')
if node.get('system.identifierstate') == '1':
v['show_form'] = False
v['msg'] = t(lang(req), 'edit_identifier_state_1_usr')
else:
v['show_form'] = False
v['msg'] = t(lang(req), 'edit_identifier_state_published')
v['hash_val'] = node.get('hash')
v['urn_val'] = node.get('urn')
v['doi_val'] = node.get('doi')
# hides form if all identifier types are already set
if all(idents != ''
for idents in (v['hash_val'], v['urn_val'], v['doi_val'])):
v['show_form'] = False
v['msg'] = t(lang(req), 'edit_identifier_all_types_set')
return req.getTAL('web/edit/modules/identifier.html',
v,
macro='set_identifier')
def getContent(req, ids):
"""
The standard method, which has to be implemented by every module.
It's called in edit.py, where all the modules will be identified.
"""
user = users.getUserFromRequest(req)
access = acl.AccessData(req)
node = tree.getNode(ids[0])
access_nobody = 'nicht Jeder'
# first prove if the user has the required rights to call this module
if 'sortfiles' in users.getHideMenusForUser(user) or not access.hasWriteAccess(node):
req.setStatus(httpstatus.HTTP_FORBIDDEN)
return req.getTAL('web/edit/edit.html', {}, macro='access_error')
if node.isContainer():
nodes = ', '.join(node.getChildren().getIDs())
else:
nodes = node.get('node.id')
v = {'msg': '',
'urn_institutionid': config.get('urn.institutionid'),
'urn_pubtypes': config.get('urn.pubtypes').split(';'),
'namespaces': config.get('urn.namespace').split(';'),
'user': user,
'nodes': nodes,
'type': req.params.get('id_type'),
'show_form': True,
'namespace': req.params.get('namespace'),
'urn_type': req.params.get('urn_type'),
'host': config.get('host.name'),
'creator': users.getUser(node.get('creator'))
}
if user.isAdmin():
if 'id_type' in req.params:
if req.params.get('id_type') == 'hash':
createHash(node)
if req.params.get('id_type') == 'urn':
createUrn(node, req.params.get('namespace'), req.params.get('urn_type'))
if req.params.get('id_type') == 'doi':
try:
createDOI(node)
except:
return req.error(500, "doi was not successfully registered")
if any(identifier in node.attributes for identifier in ('hash', 'urn', 'doi')):
if not node.get('system.identifierdate'):
node.set('system.identifierdate', date.now())
if node.get('system.identifierstate') != '2':
node.set('system.identifierstate', '2')
# add nobody rule if not set
if node.getAccess('write') is None:
node.setAccess('write', access_nobody)
else:
if access_nobody not in node.getAccess('write'):
node.setAccess('write', ','.join([node.getAccess('write'), access_nobody]))
try:
mailtext = req.getTAL('web/edit/modules/identifier.html', v, macro='generate_identifier_usr_mail_2')
mail.sendmail(config.get('email.admin'),
users.getUser(node.get('creator')).get('email'),
'Vergabe eines Idektifikators / Generation of an Identifier',
mailtext)
except mail.SocketError:
logging.getLogger('backend').error('failed to send Autorenvertrag mail to user %s' % node.get('creator'))
v['msg'] = t(lang(req), 'edit_identifier_mail_fail')
if node.get('system.identifierstate') != '2':
v['msg'] = t(lang(req), 'edit_identifier_state_0_1_admin')
else:
v['msg'] = t(lang(req), 'edit_identifier_state_2_admin')
else:
if pathutils.isDescendantOf(node, tree.getRoot('collections')):
if not node.get('system.identifierstate'):
if 'id_type' in req.params:
try:
# fetch autorenvertrag
attachment = []
autorenvertrag_name = 'formular_autorenvertrag.pdf'
autorenvertrag_path = os.path.join(config.get('paths.tempdir'),
autorenvertrag_name)
if not os.path.isfile(autorenvertrag_path):
logging.getLogger('backend').error(
"Unable to attach Autorenvergrag. Attachment file not found: '%s'" % autorenvertrag_path)
raise IOError('Autorenvertrag was not located on disk at %s. Please send this error message to %s' %
(autorenvertrag_path, config.get('email.admin')))
else:
attachment.append((autorenvertrag_path, 'Autorenvertrag.pdf'))
# notify user
mailtext_user = req.getTAL(
'web/edit/modules/identifier.html', v, macro='generate_identifier_usr_mail_1_' + lang(req))
mail.sendmail(config.get('email.admin'),
user.get('email'),
t(lang(req), 'edit_identifier_mail_title_usr_1'),
mailtext_user,
attachments_paths_and_filenames=attachment)
# notify admin
mailtext_admin = req.getTAL('web/edit/modules/identifier.html', v, macro='generate_identifier_admin_mail')
mail.sendmail(config.get('email.admin'),
config.get('email.admin'),
'Antrag auf Vergabe eines Identifikators',
mailtext_admin)
node.set('system.identifierstate', '1')
# add nobody rule
print node.getAccess('write')
if node.getAccess('write') is None:
node.setAccess('write', access_nobody)
else:
if access_nobody not in node.getAccess('write'):
node.setAccess('write', ','.join([node.getAccess('write'), access_nobody]))
except mail.SocketError:
logging.getLogger('backend').error('failed to send identifier request mail')
v['msg'] = t(lang(req), 'edit_identifier_mail_fail')
else:
v['msg'] = t(lang(req), 'edit_identifier_state_0_usr')
if node.get('system.identifierstate') == '1':
v['show_form'] = False
v['msg'] = t(lang(req), 'edit_identifier_state_1_usr')
else:
v['show_form'] = False
v['msg'] = t(lang(req), 'edit_identifier_state_published')
v['hash_val'] = node.get('hash')
v['urn_val'] = node.get('urn')
v['doi_val'] = node.get('doi')
# hides form if all identifier types are already set
if all(idents != '' for idents in (v['hash_val'], v['urn_val'], v['doi_val'])):
v['show_form'] = False
v['msg'] = t(lang(req), 'edit_identifier_all_types_set')
return req.getTAL('web/edit/modules/identifier.html', v, macro='set_identifier')
def create():
"""
Creates the sitemap files and the sitemap index files which are located at /web/root/
"""
logging.getLogger("everything").info("Creating Sitemaps and Sitemap Index...")
base_dir = os.path.abspath(os.path.join(os.path.dirname(__file__), os.pardir))
hostname = config.get("host.name")
root = tree.getRoot("collections")
all_nodes = root.getAllChildren()
user = users.getUser("Gast")
access = acl.AccessData(user=user)
sitemaps = []
node_dict = {
"collection": [],
"directory": [],
"document": [],
"dissertation": [],
"image": [],
"video": [],
"audio": [],
}
for node in all_nodes:
# Arkitekt had a guest field that is actually not visible
if access.hasAccess(node, "read"):
for node_type in node_dict.keys():
if node_type in tree.getNode(node.id).type:
node_dict[node_type].append((node.id, tree.getNode(node.id).get("updatetime")))
# Reassign node_dict to a dict where empty values were removed
node_dict = dict((k, v) for k, v in node_dict.iteritems() if v)
# Sitemap can have at most 50k entries
for key in node_dict.keys():
if key in ("dissertation", "document", "image"):
priority_level = "1.0"
elif key == "videos":
priority_level = "0.8"
else:
priority_level = "0.5"
# Create multiple sitemaps for node lists > 50k
if len(node_dict[key]) > 50000:
partitions = int(ceil((len(node_dict[key]) / 50000.0)))
for partition_number in range(partitions):
sitemap = Sitemap(base_dir, "".join(["sitemap-", str(key), str(partition_number), ".xml"]), hostname)
sitemaps.append(sitemap.name)
sitemap.create_sitemap(
node_dict[key][partition_number * 50000 : (partition_number + 1) * 50000], priority_level
)
else:
sitemap = Sitemap(base_dir, "".join(["sitemap-", key, ".xml"]), hostname)
sitemaps.append(sitemap.name)
sitemap.create_sitemap(node_dict[key], priority_level)
siteindex = SitemapIndex(base_dir, "sitemap-index.xml", hostname)
now = "+".join([datetime.datetime.now().strftime("%Y-%m-%dT%H:%M:%S"), "02:00"])
siteindex.create_sitemap_index(sitemaps, now)
logging.getLogger("everything").info("Generation of Sitemaps and SitemapIndex Complete")
def show_node_big(self, req, template="workflow/workflow.html", macro="object_step"):
# the workflow operations (node forwarding, key assignment,
# parent node handling) are highly non-reentrant, so protect
# everything with a global lock
global workflow_lock
workflow_lock.acquire()
try:
access = acl.AccessData(req)
key = req.params.get("key", req.session.get("key", ""))
req.session["key"] = key
if "obj" in req.params:
nodes = [tree.getNode(id) for id in req.params["obj"].split(",")]
for node in nodes:
if not access.hasWriteAccess(self) and (key != node.get("key")): # no permission
link = "(" + self.name + ")"
try:
return req.getTAL(
template,
{"node": node, "link": link, "email": config.get("email.workflow")},
macro=macro,
)
except:
return ""
if "action" in req.params:
if access.hasWriteAccess(self):
if req.params.get("action") == "delete":
for node in nodes:
for parent in node.getParents():
parent.removeChild(node)
elif req.params.get("action").startswith("move_"):
step = tree.getNode(req.params.get("action").replace("move_", ""))
for node in nodes:
for parent in node.getParents():
parent.removeChild(node)
step.addChild(node)
return self.show_workflow_step(req)
else:
node = nodes[0]
if self in node.getParents():
# set correct language for workflow for guest user only
if node.get("key") == node.get("system.key") and getUserFromRequest(req) == getUser(
config.get("user.guestuser")
):
switch_language(req, node.get("system.wflanguage"))
link = req.makeLink("/mask", {"id": self.id})
if "forcetrue" in req.params:
return self.forwardAndShow(node, True, req, link=link)
if "forcefalse" in req.params:
return self.forwardAndShow(node, False, req, link=link)
return self.show_workflow_node(node, req)
else:
return self.show_workflow_notexist(node, req)
else:
return self.show_workflow_step(req)
finally:
workflow_lock.release()
