Esempio n. 1
0
def set_subsciteit():
    # the r parameter gets added by javascript for POST requests so we
    # can reference c.site in api.py
    sr_name = request.environ.get("subsciteit", request.POST.get("r"))
    domain = request.environ.get("domain")

    can_stale = request.method.upper() in ("GET", "HEAD")

    default_sr = DefaultSR()
    c.site = default_sr
    if not sr_name:
        # check for cnames
        sub_domain = request.environ.get("sub_domain")
        if sub_domain and not sub_domain.endswith(g.media_domain):
            c.site = Subsciteit._by_domain(sub_domain) or default_sr
    elif sr_name == "r":
        # sciteits
        c.site = Sub
    elif "+" in sr_name:
        sr_names = sr_name.split("+")
        srs = set(Subsciteit._by_name(sr_names, stale=can_stale).values())
        if All in srs:
            c.site = All
        elif Friends in srs:
            c.site = Friends
        else:
            srs = [sr for sr in srs if not isinstance(sr, FakeSubsciteit)]
            if len(srs) == 0:
                c.site = MultiSciteit([], sr_name)
            elif len(srs) == 1:
                c.site = srs.pop()
            else:
                sr_ids = [sr._id for sr in srs]
                c.site = MultiSciteit(sr_ids, sr_name)
    else:
        try:
            c.site = Subsciteit._by_name(sr_name, stale=can_stale)
        except NotFound:
            sr_name = chksrname(sr_name)
            if sr_name:
                redirect_to("/sciteits/search?q=%s" % sr_name)
            elif not c.error_page and not request.path.startswith("/api/login/"):
                abort(404)

    # if we didn't find a subsciteit, check for a domain listing
    if not sr_name and isinstance(c.site, DefaultSR) and domain:
        c.site = DomainSR(domain)

    if isinstance(c.site, FakeSubsciteit):
        c.default_sr = True
Esempio n. 2
0
    def GET_document(self):
        try:
            # clear cookies the old fashioned way 
            c.cookies = Cookies()

            code =  request.GET.get('code', '')
            try:
                code = int(code)
            except ValueError:
                code = 404
            srname = request.GET.get('srname', '')
            takedown = request.GET.get('takedown', "")
            
            if srname:
                c.site = Subsciteit._by_name(srname)
            if c.render_style not in self.allowed_render_styles:
                if code not in (204, 304):
                     c.response.content = str(code)
                return c.response
            elif c.render_style == "api":
                c.response.content = "{error: %s}" % code
                return c.response
            elif takedown and code == 404:
                link = Link._by_fullname(takedown)
                return pages.TakedownPage(link).render()
            elif code == 403:
                return self.send403()
            elif code == 500:
                randmin = {'admin': rand.choice(self.admins)}
                failien_name = 'youbrokeit%d.png' % rand.randint(1, NUM_FAILIENS)
                failien_url = static(failien_name)
                return sciteitbroke % (failien_url, rand_strings.sadmessages % randmin)
            elif code == 503:
                return self.send503()
            elif code == 304:
                if request.GET.has_key('x-sup-id'):
                    x_sup_id = request.GET.get('x-sup-id')
                    if '\r\n' not in x_sup_id:
                        c.response.headers['x-sup-id'] = x_sup_id
		return c.response
            elif c.site:
                return self.send404()
            else:
                return "page not found"
        except:
            return handle_awful_failure("something really bad just happened.")
Esempio n. 3
0
    def pre(self):
        c.response_wrappers = []
        MinimalController.pre(self)

        set_cnameframe()

        # populate c.cookies unless we're on the unsafe media_domain
        if request.host != g.media_domain or g.media_domain == g.domain:
            try:
                for k, v in request.cookies.iteritems():
                    # minimalcontroller can still set cookies
                    if k not in c.cookies:
                        # we can unquote even if it's not quoted
                        c.cookies[k] = Cookie(value=unquote(v), dirty=False)
            except CookieError:
                # pylons or one of the associated retarded libraries
                # can't handle broken cookies
                request.environ["HTTP_COOKIE"] = ""

        c.firsttime = firsttime()

        # the user could have been logged in via one of the feeds
        maybe_admin = False

        # no logins for RSS feed unless valid_feed has already been called
        if not c.user:
            if c.extension != "rss":
                (c.user, maybe_admin) = valid_cookie(
                    c.cookies[g.login_cookie].value if g.login_cookie in c.cookies else ""
                )
                if c.user:
                    c.user_is_loggedin = True

            if not c.user:
                c.user = UnloggedUser(get_browser_langs())
                # patch for fixing mangled language preferences
                if not isinstance(c.user.pref_lang, basestring) or not all(
                    isinstance(x, basestring) for x in c.user.pref_content_langs
                ):
                    c.user.pref_lang = g.lang
                    c.user.pref_content_langs = [g.lang]
                    c.user._commit()
        if c.user_is_loggedin:
            if not c.user._loaded:
                c.user._load()
            c.modhash = c.user.modhash()
            if request.method.upper() == "GET":
                read_mod_cookie()
            if hasattr(c.user, "msgtime") and c.user.msgtime:
                c.have_messages = c.user.msgtime
            if hasattr(c.user, "modmsgtime"):
                c.show_mod_mail = True
                if c.user.modmsgtime:
                    c.have_mod_messages = c.user.modmsgtime
            else:
                c.show_mod_mail = Subsciteit.reverse_moderator_ids(c.user)
            c.user_is_admin = maybe_admin and c.user.name in g.admins
            c.user_special_distinguish = c.user.special_distinguish()
            c.user_is_sponsor = c.user_is_admin or c.user.name in g.sponsors
            if request.path != "/validuser" and not g.disallow_db_writes:
                c.user.update_last_visit(c.start_time)

        c.over18 = over18()

        # set_browser_langs()
        set_host_lang()
        set_iface_lang()
        set_content_lang()
        set_recent_clicks()
        # used for HTML-lite templates
        set_colors()

        # set some environmental variables in case we hit an abort
        if not isinstance(c.site, FakeSubsciteit):
            request.environ["SCITEIT_NAME"] = c.site.name

        # random sciteit trickery -- have to do this after the content lang is set
        if c.site == Random:
            c.site = Subsciteit.random_sciteit()
            redirect_to("/" + c.site.path.strip("/") + request.path)
        elif c.site == RandomNSFW:
            c.site = Subsciteit.random_sciteit(over18=True)
            redirect_to("/" + c.site.path.strip("/") + request.path)

        if not request.path.startswith("/api/login/"):
            # check that the site is available:
            if c.site.spammy() and not c.user_is_admin and not c.error_page:
                abort(404, "not found")

            # check if the user has access to this subsciteit
            if not c.site.can_view(c.user) and not c.error_page:
                abort(403, "forbidden")

            # check over 18
            if (
                c.site.over_18
                and not c.over18
                and request.path not in ("/frame", "/over18")
                and c.render_style == "html"
            ):
                return self.intermediate_redirect("/over18")

        # check whether to allow custom styles
        c.allow_styles = self.allow_stylesheets
        if g.css_killswitch:
            c.allow_styles = False
        # if the preference is set and we're not at a cname
        elif not c.user.pref_show_stylesheets and not c.cname:
            c.allow_styles = False
        # if the site has a cname, but we're not using it
        elif c.site.domain and c.site.css_on_cname and not c.cname:
            c.allow_styles = False