def admin():
# convert to dict
user = dict([(name, toDict(y)) for name, y in PYLOAD.getAllUserData().iteritems()])
perms = permlist()
for data in user.itervalues():
data["perms"] = {}
get_permission(data["perms"], data["permission"])
data["perms"]["admin"] = True if data["role"] is 0 else False
s = request.environ.get('beaker.session')
if request.environ.get('REQUEST_METHOD', "GET") == "POST":
for name in user:
if request.POST.get("%s|admin" % name, False):
user[name]["role"] = 0
user[name]["perms"]["admin"] = True
elif name != s["name"]:
user[name]["role"] = 1
user[name]["perms"]["admin"] = False
# set all perms to false
for perm in perms:
user[name]["perms"][perm] = False
for perm in request.POST.getall("%s|perms" % name):
user[name]["perms"][perm] = True
user[name]["permission"] = set_permission(user[name]["perms"])
PYLOAD.setUserPermission(name, user[name]["permission"], user[name]["role"])
return render_to_response("admin.html", {"users": user, "permlist": perms}, [pre_processor])
def admin():
# convert to dict
user = dict([(name, toDict(y)) for name, y in PYLOAD.getAllUserData().iteritems()])
perms = permlist()
for data in user.itervalues():
data["perms"] = {}
get_permission(data["perms"], data["permission"])
data["perms"]["admin"] = True if data["role"] is 0 else False
s = request.environ.get('beaker.session')
if request.environ.get('REQUEST_METHOD', "GET") == "POST":
for name in user:
if request.POST.get("%s|admin" % name, False):
user[name]["role"] = 0
user[name]["perms"]["admin"] = True
elif name != s["name"]:
user[name]["role"] = 1
user[name]["perms"]["admin"] = False
# set all perms to false
for perm in perms:
user[name]["perms"][perm] = False
for perm in request.POST.getall("%s|perms" % name):
user[name]["perms"][perm] = True
user[name]["permission"] = set_permission(user[name]["perms"])
PYLOAD.setUserPermission(name, user[name]["permission"], user[name]["role"])
return render_to_response("admin.html", {"users": user, "permlist": perms}, [pre_processor])
def link_order(ids):
try:
pid, pos = ids.split("|")
PYLOAD.orderFile(int(pid), int(pos))
return {"response": "success"}
except:
return HTTPError()
def pre_processor():
s = request.environ.get('beaker.session')
user = parse_userdata(s)
perms = parse_permissions(s)
status = {}
captcha = False
update = False
plugins = False
if user["is_authenticated"]:
status = PYLOAD.statusServer()
info = PYLOAD.getInfoByPlugin("UpdateManager")
captcha = PYLOAD.isCaptchaWaiting()
# check if update check is available
if info:
if info["pyload"] == "True": update = True
if info["plugins"] == "True": plugins = True
return {"user": user,
'status': status,
'captcha': captcha,
'perms': perms,
'url': request.url,
'update': update,
'plugins': plugins}
def add_package():
name = request.forms.get("add_name", "New Package").strip()
queue = int(request.forms['add_dest'])
links = decode(request.forms['add_links'])
links = links.split("\n")
pw = request.forms.get("add_password", "").strip("\n\r")
try:
f = request.files['add_file']
if not name or name == "New Package":
name = f.name
fpath = join(PYLOAD.getConfigValue("general", "download_folder"), "tmp_" + f.filename)
destination = open(fpath, 'wb')
copyfileobj(f.file, destination)
destination.close()
links.insert(0, fpath)
except:
pass
name = name.decode("utf8", "ignore")
links = map(lambda x: x.strip(), links)
links = filter(lambda x: x != "", links)
pack = PYLOAD.addPackage(name, links, queue)
if pw:
pw = pw.decode("utf8", "ignore")
data = {"password": pw}
PYLOAD.setPackageData(pack, data)
def call_api(func, args=""):
add_header(response)
s = request.environ.get('beaker.session')
auth = parse_auth(request.get_header('Authorization', ''))
# TODO: session as GET
if 'session' in request.POST:
# removes "' so it works on json strings
s = s.get_by_id(remove_chars(request.POST['session'], "'\""))
elif auth:
user = PYLOAD.checkAuth(auth[0], auth[1], request.environ.get('REMOTE_ADDR', None))
# if auth is correct create a pseudo session
if user: s = {'uid': user.uid}
api = get_user_api(s)
if not api:
return HTTPError(403, dumps("Forbidden"))
if not PYLOAD.isAuthorized(func, api.user):
return HTTPError(401, dumps("Unauthorized"))
args = args.split("/")[1:]
kwargs = {}
for x, y in chain(request.GET.iteritems(), request.POST.iteritems()):
if x == "session": continue
kwargs[x] = unquote(y)
try:
return callApi(api, func, *args, **kwargs)
except ExceptionObject, e:
return HTTPError(400, dumps(e))
def status():
try:
status = toDict(PYLOAD.statusServer())
status['captcha'] = PYLOAD.isCaptchaWaiting()
return status
except:
return HTTPError()
def pre_processor():
s = request.environ.get('beaker.session')
user = parse_userdata(s)
perms = parse_permissions(s)
status = {}
captcha = False
update = False
plugins = False
if user["is_authenticated"]:
status = PYLOAD.statusServer()
info = PYLOAD.getInfoByPlugin("UpdateManager")
captcha = PYLOAD.isCaptchaWaiting()
# check if update check is available
if info:
if info["pyload"] == "True": update = True
if info["plugins"] == "True": plugins = True
return {
"user": user,
'status': status,
'captcha': captcha,
'perms': perms,
'url': request.url,
'update': update,
'plugins': plugins
}
def index():
# the browser should not set this, but remove in case to to avoid cached requests
if 'HTTP_IF_MODIFIED_SINCE' in request.environ:
del request.environ['HTTP_IF_MODIFIED_SINCE']
if UNAVAILALBE:
return serve_static("unavailable.html")
resp = serve_static('index.html')
# set variable depending on setup mode
setup = 'false' if SETUP is None else 'true'
ws = PYLOAD.getWSAddress() if PYLOAD else False
external = PYLOAD.getConfigValue('webUI', 'external') if PYLOAD else None
web = None
if PYLOAD:
web = PYLOAD.getConfigValue('webUI', 'port')
elif SETUP:
web = SETUP.config['webUI']['port']
# Render variables into the html page
if resp.status_code == 200:
content = resp.body.read()
resp.body = template(content, ws=ws, web=web, setup=setup, external=external, prefix=PREFIX)
resp.content_length = len(resp.body) + 1
# these page should not be cached at all
resp.headers.append("Cache-Control", "no-cache")
# they are rendered and last modified would be wrong
if "Last-Modified" in resp.headers:
del resp.headers["Last-Modified"]
return resp
def add(request):
package = request.POST.get('referer', None)
urls = filter(lambda x: x != "", request.POST['urls'].split("\n"))
if package:
PYLOAD.addPackage(package, urls, paused=True)
else:
generate_and_add(urls, True)
return ""
def add(request):
package = request.POST.get('referer', None)
urls = filter(lambda x: x != "", request.POST['urls'].split("\n"))
if package:
PYLOAD.addPackage(package, urls, 0)
else:
PYLOAD.generateAndAddPackages(urls, 0)
return ""
def add(request):
package = request.POST.get('referer', None)
urls = filter(lambda x: x != "", request.POST['urls'].split("\n"))
if package:
PYLOAD.addPackage(package, urls, 0)
else:
PYLOAD.generateAndAddPackages(urls, 0)
return ""
def save_config(category):
for key, value in request.POST.iteritems():
try:
section, option = key.split("|")
except:
continue
if category == "general": category = "core"
PYLOAD.setConfigValue(section, option, decode(value), category)
def add(request):
package = request.POST.get('referer', None)
urls = filter(lambda x: x != "", request.POST['urls'].split("\n"))
if package:
PYLOAD.addPackage(package, urls, paused=True)
else:
generate_and_add(urls, True)
return ""
def call_api(func, args=""):
add_json_header(response)
s = request.environ.get('beaker.session')
# Accepts standard http auth
auth = parse_auth(request.get_header('Authorization', ''))
if 'session' in request.POST or 'session' in request.GET:
# removes "' so it works on json strings
s = s.get_by_id(remove_chars(request.params.get('session'), "'\""))
elif auth:
user = PYLOAD.checkAuth(auth[0], auth[1],
request.environ.get('REMOTE_ADDR', None))
# if auth is correct create a pseudo session
if user: s = {'uid': user.uid}
api = get_user_api(s)
if not api:
return error(401, "Unauthorized")
if not PYLOAD.isAuthorized(func, api.user):
return error(403, "Forbidden")
if not hasattr(PYLOAD.EXTERNAL, func) or func.startswith("_"):
print "Invalid API call", func
return error(404, "Not Found")
# TODO: possible encoding
# TODO Better error codes on invalid input
args = [loads(unquote(arg)) for arg in args.split("/")[1:]]
kwargs = {}
# accepts body as json dict
if request.json:
kwargs = request.json
# file upload, reads whole file into memory
for name, f in request.files.iteritems():
kwargs["filename"] = f.filename
content = StringIO()
f.save(content)
kwargs[name] = content.getvalue()
content.close()
# convert arguments from json to obj separately
for x, y in request.params.iteritems():
try:
if not x or not y or x == "session": continue
kwargs[x] = loads(unquote(y))
except Exception, e:
# Unsupported input
msg = "Invalid Input %s, %s : %s" % (x, y, e.message)
print_exc()
print msg
return error(415, msg)
def call_api(func, args=""):
add_json_header(response)
s = request.environ.get('beaker.session')
# Accepts standard http auth
auth = parse_auth(request.get_header('Authorization', ''))
if 'session' in request.POST or 'session' in request.GET:
# removes "' so it works on json strings
s = s.get_by_id(remove_chars(request.params.get('session'), "'\""))
elif auth:
user = PYLOAD.checkAuth(auth[0], auth[1], request.environ.get('REMOTE_ADDR', None))
# if auth is correct create a pseudo session
if user: s = {'uid': user.uid}
api = get_user_api(s)
if not api:
return error(401, "Unauthorized")
if not PYLOAD.isAuthorized(func, api.user):
return error(403, "Forbidden")
if not hasattr(PYLOAD.EXTERNAL, func) or func.startswith("_"):
print "Invalid API call", func
return error(404, "Not Found")
# TODO: possible encoding
# TODO Better error codes on invalid input
args = [loads(unquote(arg)) for arg in args.split("/")[1:]]
kwargs = {}
# accepts body as json dict
if request.json:
kwargs = request.json
# file upload, reads whole file into memory
for name, f in request.files.iteritems():
kwargs["filename"] = f.filename
content = StringIO()
f.save(content)
kwargs[name] = content.getvalue()
content.close()
# convert arguments from json to obj separately
for x, y in request.params.iteritems():
try:
if not x or not y or x == "session": continue
kwargs[x] = loads(unquote(y))
except Exception, e:
# Unsupported input
msg = "Invalid Input %s, %s : %s" % (x, y, e.message)
print_exc()
print msg
return error(415, msg)
def add():
package = request.forms.get(
"package",
request.forms.get("source", request.POST.get('referer', None)))
urls = [x.strip() for x in request.POST['urls'].split("\n") if x.strip()]
if package:
PYLOAD.addPackage(package, urls, 0)
else:
PYLOAD.generateAndAddPackages(urls, 0)
return ""
def edit_package():
try:
id = int(request.forms.get("pack_id"))
data = {"name": request.forms.get("pack_name").decode("utf8", "ignore"),
"folder": request.forms.get("pack_folder").decode("utf8", "ignore"),
"password": request.forms.get("pack_pws").decode("utf8", "ignore")}
PYLOAD.setPackageData(id, data)
return {"response": "success"}
except:
return HTTPError()
def index():
if UNAVAILALBE:
return server_static("unavailable.html")
if SETUP:
# TODO show different page
pass
f = server_static('index.html')
content = f.body.read()
f.body = template(content, ws=PYLOAD.getWSAddress(), web=PYLOAD.getConfigValue('webinterface', 'port'))
return f
def call_api(func, args=""):
add_header(response)
s = request.environ.get("beaker.session")
# Accepts standard http auth
auth = parse_auth(request.get_header("Authorization", ""))
if "session" in request.POST or "session" in request.GET:
# removes "' so it works on json strings
s = s.get_by_id(remove_chars(request.params.get("session"), "'\""))
elif auth:
user = PYLOAD.checkAuth(auth[0], auth[1], request.environ.get("REMOTE_ADDR", None))
# if auth is correct create a pseudo session
if user:
s = {"uid": user.uid}
api = get_user_api(s)
if not api:
return HTTPError(401, dumps("Unauthorized"), **response.headers)
if not PYLOAD.isAuthorized(func, api.user):
return HTTPError(403, dumps("Forbidden"), **response.headers)
if not hasattr(PYLOAD.EXTERNAL, func) or func.startswith("_"):
print "Invalid API call", func
return HTTPError(404, dumps("Not Found"), **response.headers)
# TODO: possible encoding
# TODO Better error codes on invalid input
args = [loads(unquote(arg)) for arg in args.split("/")[1:]]
kwargs = {}
# accepts body as json dict
if request.json:
kwargs = request.json
# convert arguments from json to obj separately
for x, y in chain(request.GET.iteritems(), request.POST.iteritems()):
if not x or not y or x == "session":
continue
kwargs[x] = loads(unquote(y))
try:
result = getattr(api, func)(*args, **kwargs)
# null is invalid json response
if result is None:
result = True
return dumps(result)
except ExceptionObject, e:
return HTTPError(400, dumps(e), **response.headers)
def config():
conf = PYLOAD.getConfig()
plugin = PYLOAD.getPluginConfig()
conf_menu = []
plugin_menu = []
for entry in sorted(conf.keys()):
conf_menu.append((entry, conf[entry].description))
for entry in sorted(plugin.keys()):
plugin_menu.append((entry, plugin[entry].description))
accs = PYLOAD.getAccounts(False)
for data in accs:
if data.trafficleft == -1:
data.trafficleft = _("unlimited")
elif not data.trafficleft:
data.trafficleft = _("not available")
else:
data.trafficleft = formatSize(data.trafficleft * 1024)
if data.validuntil == -1:
data.validuntil = _("unlimited")
elif not data.validuntil:
data.validuntil = _("not available")
else:
t = time.localtime(data.validuntil)
data.validuntil = time.strftime("%d.%m.%Y", t)
if "time" in data.options:
try:
data.options["time"] = data.options["time"][0]
except:
data.options["time"] = "0:00-0:00"
if "limitDL" in data.options:
data.options["limitdl"] = data.options["limitDL"][0]
else:
data.options["limitdl"] = "0"
return render_to_response(
'settings.html', {
'conf': {
'plugin': plugin_menu,
'general': conf_menu,
'accs': accs
},
'types': PYLOAD.getAccountTypes()
}, [pre_processor])
def packages():
print "/json/packages"
try:
data = PYLOAD.getQueue()
for package in data:
package['links'] = []
for file in PYLOAD.get_package_files(package['id']):
package['links'].append(PYLOAD.get_file_info(file))
return data
except:
return HTTPError()
def call_api(func, args=""):
add_header(response)
s = request.environ.get('beaker.session')
# Accepts standard http auth
auth = parse_auth(request.get_header('Authorization', ''))
if 'session' in request.POST or 'session' in request.GET:
# removes "' so it works on json strings
s = s.get_by_id(remove_chars(request.params.get('session'), "'\""))
elif auth:
user = PYLOAD.checkAuth(auth[0], auth[1],
request.environ.get('REMOTE_ADDR', None))
# if auth is correct create a pseudo session
if user: s = {'uid': user.uid}
api = get_user_api(s)
if not api:
return HTTPError(401, dumps("Unauthorized"), **response.headers)
if not PYLOAD.isAuthorized(func, api.user):
return HTTPError(403, dumps("Forbidden"), **response.headers)
if not hasattr(PYLOAD.EXTERNAL, func) or func.startswith("_"):
print "Invalid API call", func
return HTTPError(404, dumps("Not Found"), **response.headers)
# TODO: possible encoding
# TODO Better error codes on invalid input
args = [loads(unquote(arg)) for arg in args.split("/")[1:]]
kwargs = {}
# accepts body as json dict
if request.json:
kwargs = request.json
# convert arguments from json to obj separately
for x, y in chain(request.GET.iteritems(), request.POST.iteritems()):
if not x or not y or x == "session": continue
kwargs[x] = loads(unquote(y))
try:
result = getattr(api, func)(*args, **kwargs)
# null is invalid json response
if result is None: result = True
return dumps(result)
except ExceptionObject, e:
return HTTPError(400, dumps(e), **response.headers)
def flashgot():
if request.environ['HTTP_REFERER'] != "http://localhost:9666/flashgot" and request.environ['HTTP_REFERER'] != "http://127.0.0.1:9666/flashgot":
return HTTPError()
autostart = int(request.forms.get('autostart', 0))
package = request.forms.get('package', None)
urls = filter(lambda x: x != "", request.forms['urls'].split("\n"))
folder = request.forms.get('dir', None)
if package:
PYLOAD.addPackage(package, urls, autostart)
else:
PYLOAD.generateAndAddPackages(urls, autostart)
return ""
def index():
if UNAVAILALBE:
return server_static("unavailable.html")
if SETUP:
# TODO show different page
pass
f = server_static('index.html')
content = f.body.read()
f.body = template(content,
ws=PYLOAD.getWSAddress(),
web=PYLOAD.getConfigValue('webinterface', 'port'))
return f
def flashgot():
if request.environ['HTTP_REFERER'] != "http://localhost:9666/flashgot" and request.environ['HTTP_REFERER'] != "http://127.0.0.1:9666/flashgot":
return HTTPError()
autostart = int(request.forms.get('autostart', 0))
package = request.forms.get('package', None)
urls = filter(lambda x: x != "", request.forms['urls'].split("\n"))
folder = request.forms.get('dir', None)
if package:
PYLOAD.addPackage(package, urls, autostart)
else:
PYLOAD.generateAndAddPackages(urls, autostart)
return ""
def set_captcha():
if request.environ.get('REQUEST_METHOD', "GET") == "POST":
try:
PYLOAD.setCaptchaResult(request.forms["cap_id"], request.forms["cap_result"])
except:
pass
task = PYLOAD.getCaptchaTask()
if task.tid >= 0:
src = "data:image/%s;base64,%s" % (task.type, task.data)
return {'captcha': True, 'id': task.tid, 'src': src, 'result_type' : task.resultType}
else:
return {'captcha': False}
def addcrypted2():
package = request.forms.get("source", None)
crypted = request.forms["crypted"]
jk = request.forms["jk"]
crypted = standard_b64decode(unquote(crypted.replace(" ", "+")))
if JS:
jk = "%s f()" % jk
jk = JS.eval(jk)
else:
try:
jk = re.findall(r"return ('|\")(.+)('|\")", jk)[0][1]
except:
## Test for some known js functions to decode
if jk.find("dec") > -1 and jk.find("org") > -1:
org = re.findall(r"var org = ('|\")([^\"']+)", jk)[0][1]
jk = list(org)
jk.reverse()
jk = "".join(jk)
else:
print "Could not decrypt key, please install py-spidermonkey or ossp-js"
try:
Key = unhexlify(jk)
except:
print "Could not decrypt key, please install py-spidermonkey or ossp-js"
return "failed"
IV = Key
obj = AES.new(Key, AES.MODE_CBC, IV)
result = obj.decrypt(crypted).replace("\x00", "").replace("\r",
"").split("\n")
result = filter(lambda x: x != "", result)
try:
if package:
PYLOAD.addPackage(package, result, paused=True)
else:
generate_and_add(result, True)
except:
print_exc()
return "failed"
else:
return "success\r\n"
def addcrypted2():
package = request.forms.get(
"package",
request.forms.get("source", request.POST.get('referer', None)))
crypted = request.forms["crypted"]
jk = request.forms["jk"]
crypted = standard_b64decode(unquote(crypted.replace(" ", "+")))
if JS:
jk = "%s f()" % jk
jk = JS.eval(jk)
else:
try:
jk = re.findall(r"return ('|\")(.+)('|\")", jk)[0][1]
except:
## Test for some known js functions to decode
if jk.find("dec") > -1 and jk.find("org") > -1:
org = re.findall(r"var org = ('|\")([^\"']+)", jk)[0][1]
jk = list(org)
jk.reverse()
jk = "".join(jk)
else:
print "Could not decrypt key, please install py-spidermonkey or ossp-js"
try:
Key = unhexlify(jk)
except:
print "Could not decrypt key, please install py-spidermonkey or ossp-js"
return "failed"
IV = Key
obj = AES.new(Key, AES.MODE_CBC, IV)
urls = obj.decrypt(crypted).replace("\x00", "").replace("\r",
"").split("\n")
urls = [x.strip() for x in urls if x.strip()]
try:
if package:
PYLOAD.addPackage(package, urls, 0)
else:
PYLOAD.generateAndAddPackages(urls, 0)
except:
return "failed can't add"
else:
return "success\r\n"
def checksupport():
url = request.GET.get("url")
res = PYLOAD.checkURLs([url])
supported = (not res[0][1] is None)
return str(supported).lower()
def login():
add_header(response)
username = request.params.get("username")
password = request.params.get("password")
user = PYLOAD.checkAuth(username, password,
request.environ.get('REMOTE_ADDR', None))
if not user:
return dumps(False)
s = set_session(request, user)
# get the session id by dirty way, documentations seems wrong
try:
sid = s._headers["cookie_out"].split("=")[1].split(";")[0]
# reuse old session id
except:
sid = request.get_header(session.options['key'])
result = BaseEncoder().default(user)
result["session"] = sid
# Return full user information if needed
if request.params.get('user', None):
return dumps(result)
return dumps(sid)
def call_api(func, args=""):
response.headers.replace("Content-type", "application/json")
response.headers.append("Cache-Control", "no-cache, must-revalidate")
s = request.environ.get('beaker.session')
if 'session' in request.POST:
s = s.get_by_id(request.POST['session'])
if not s or not s.get("authenticated", False):
return HTTPError(403, json.dumps("Forbidden"))
if not PYLOAD.isAuthorized(func, {"role": s["role"], "permission": s["perms"]}):
return HTTPError(401, json.dumps("Unauthorized"))
args = args.split("/")[1:]
kwargs = {}
for x, y in chain(request.GET.iteritems(), request.POST.iteritems()):
if x == "session": continue
kwargs[x] = unquote(y)
try:
return callApi(func, *args, **kwargs)
except Exception, e:
print_exc()
return HTTPError(500, json.dumps({"error": e.message, "traceback": format_exc()}))
def addcrypted():
package = request.forms.get('referer', 'ClickAndLoad Package')
dlc = request.forms['crypted'].replace(" ", "+")
dlc_path = join(DL_ROOT, package.replace("/", "").replace("\\", "").replace(":", "") + ".dlc")
dlc_file = open(dlc_path, "wb")
dlc_file.write(dlc)
dlc_file.close()
try:
PYLOAD.addPackage(package, [dlc_path], 0)
except:
return HTTPError()
else:
return "success\r\n"
def checksupport():
url = request.GET.get("url")
res = PYLOAD.checkURLs([url])
supported = (not res[0][1] is None)
return str(supported).lower()
def index():
if UNAVAILALBE:
return server_static("unavailable.html")
if SETUP:
# TODO show different page
pass
resp = server_static('index.html')
# Render variables into the html page
if resp.status_code == 200:
content = resp.body.read()
resp.body = template(content, ws=PYLOAD.getWSAddress(), web=PYLOAD.getConfigValue('webinterface', 'port'))
return resp
def call_api(func, args=""):
add_header(response)
s = request.environ.get('beaker.session')
if 'session' in request.POST:
# removes "' so it works on json strings
s = s.get_by_id(remove_chars(request.POST['session'], "'\""))
api = get_user_api(s)
if not api:
return HTTPError(403, dumps("Forbidden"))
if not PYLOAD.isAuthorized(func, api.user):
return HTTPError(401, dumps("Unauthorized"))
args = args.split("/")[1:]
kwargs = {}
for x, y in chain(request.GET.iteritems(), request.POST.iteritems()):
if x == "session": continue
kwargs[x] = unquote(y)
try:
return callApi(func, *args, **kwargs)
except Exception, e:
print_exc()
return HTTPError(
500, dumps({
"error": e.message,
"traceback": format_exc()
}))
def load_config(category, section):
conf = None
if category == "general":
conf = PYLOAD.getConfigDict()
elif category == "plugin":
conf = PYLOAD.getPluginConfigDict()
for key, option in conf[section].iteritems():
if key in ("desc","outline"): continue
if ";" in option["type"]:
option["list"] = option["type"].split(";")
option["value"] = decode(option["value"])
return render_to_response("settings_item.html", {"skey": section, "section": conf[section]})
def downloads():
root = PYLOAD.getConfigValue("general", "download_folder")
if not isdir(root):
return base([_('Download directory not found.')])
data = {'folder': [], 'files': []}
items = listdir(fs_encode(root))
for item in sorted([fs_decode(x) for x in items]):
if isdir(save_join(root, item)):
folder = {'name': item, 'path': item, 'files': []}
files = listdir(save_join(root, item))
for file in sorted([fs_decode(x) for x in files]):
try:
if isfile(save_join(root, item, file)):
folder['files'].append(file)
except:
pass
data['folder'].append(folder)
elif isfile(join(root, item)):
data['files'].append(item)
return render_to_response('downloads.html', {'files': data},
[pre_processor])
def addcrypted():
package = request.forms.get('referer', 'ClickAndLoad Package')
dlc = request.forms['crypted'].replace(" ", "+")
dlc_path = join(DL_ROOT, save_filename(package) + ".dlc")
dlc_file = open(dlc_path, "wb")
dlc_file.write(dlc)
dlc_file.close()
try:
PYLOAD.addPackage(package, [dlc_path], 0)
except:
return HTTPError()
else:
return "success\r\n"
def login():
add_json_header(response)
username = request.params.get("username")
password = request.params.get("password")
user = PYLOAD.checkAuth(username, password, request.environ.get('REMOTE_ADDR', None))
if not user:
return json_response(False)
s = set_session(request, user)
# get the session id by dirty way, documentations seems wrong
try:
sid = s._headers["cookie_out"].split("=")[1].split(";")[0]
# reuse old session id
except:
sid = request.get_header(session.options['key'])
result = BaseEncoder().default(user)
result["session"] = sid
# Return full user information if needed
if request.params.get('user', None):
return dumps(result)
return json_response(sid)
def downloads():
root = PYLOAD.getConfigValue("general", "download_folder")
if not isdir(root):
return base([_('Download directory not found.')])
data = {
'folder': [],
'files': []
}
items = listdir(fs_encode(root))
for item in sorted([fs_decode(x) for x in items]):
if isdir(save_join(root, item)):
folder = {
'name': item,
'path': item,
'files': []
}
files = listdir(save_join(root, item))
for file in sorted([fs_decode(x) for x in files]):
try:
if isfile(save_join(root, item, file)):
folder['files'].append(file)
except:
pass
data['folder'].append(folder)
elif isfile(join(root, item)):
data['files'].append(item)
return render_to_response('downloads.html', {'files': data}, [pre_processor])
def call_api(func, args=""):
add_header(response)
s = request.environ.get('beaker.session')
if 'session' in request.POST:
# removes "' so it works on json strings
s = s.get_by_id(remove_chars(request.POST['session'], "'\""))
api = get_user_api(s)
if not api:
return HTTPError(403, dumps("Forbidden"))
if not PYLOAD.isAuthorized(func, api.user):
return HTTPError(401, dumps("Unauthorized"))
args = args.split("/")[1:]
kwargs = {}
for x, y in chain(request.GET.iteritems(), request.POST.iteritems()):
if x == "session": continue
kwargs[x] = unquote(y)
try:
return callApi(func, *args, **kwargs)
except Exception, e:
print_exc()
return HTTPError(500, dumps({"error": e.message, "traceback": format_exc()}))
def package(id):
try:
data = toDict(PYLOAD.getPackageData(id))
data["links"] = [toDict(x) for x in data["links"]]
for pyfile in data["links"]:
if pyfile["status"] == 0:
pyfile["icon"] = "status_finished.png"
elif pyfile["status"] in (2, 3):
pyfile["icon"] = "status_queue.png"
elif pyfile["status"] in (9, 1):
pyfile["icon"] = "status_offline.png"
elif pyfile["status"] == 5:
pyfile["icon"] = "status_waiting.png"
elif pyfile["status"] == 8:
pyfile["icon"] = "status_failed.png"
elif pyfile["status"] == 4:
pyfile["icon"] = "arrow_right.png"
elif pyfile["status"] in (11, 13):
pyfile["icon"] = "status_proc.png"
else:
pyfile["icon"] = "status_downloading.png"
tmp = data["links"]
tmp.sort(key=get_sort_key)
data["links"] = tmp
return data
except:
print_exc()
return HTTPError()
def addcrypted2():
package = request.forms.get("source", None)
crypted = request.forms["crypted"]
jk = request.forms["jk"]
crypted = standard_b64decode(unquote(crypted.replace(" ", "+")))
if JS:
jk = "%s f()" % jk
jk = JS.eval(jk)
else:
try:
jk = re.findall(r"return ('|\")(.+)('|\")", jk)[0][1]
except:
## Test for some known js functions to decode
if jk.find("dec") > -1 and jk.find("org") > -1:
org = re.findall(r"var org = ('|\")([^\"']+)", jk)[0][1]
jk = list(org)
jk.reverse()
jk = "".join(jk)
else:
print "Could not decrypt key, please install py-spidermonkey or ossp-js"
try:
Key = unhexlify(jk)
except:
print "Could not decrypt key, please install py-spidermonkey or ossp-js"
return "failed"
IV = Key
obj = AES.new(Key, AES.MODE_CBC, IV)
result = obj.decrypt(crypted).replace("\x00", "").replace("\r","").split("\n")
result = filter(lambda x: x != "", result)
try:
if package:
PYLOAD.addPackage(package, result, paused=True)
else:
generate_and_add(result, True)
except:
print_exc()
return "failed"
else:
return "success\r\n"
def login_post():
username = request.forms.get("username")
password = request.forms.get("password")
user = PYLOAD.checkAuth(username, password)
if not user:
return render_to_response("login.html", {"errors": True}, [pre_processor])
set_session(request, user)
return redirect("/")
def index():
if UNAVAILALBE:
return serve_static("unavailable.html")
resp = serve_static('index.html')
# set variable depending on setup mode
setup = 'false' if SETUP is None else 'true'
ws = PYLOAD.getWSAddress() if PYLOAD else False
web = PYLOAD.getConfigValue('webinterface', 'port') if PYLOAD else False
# Render variables into the html page
if resp.status_code == 200:
content = resp.body.read()
resp.body = template(content, ws=ws, web=web, setup=setup)
resp.content_length = len(resp.body)
return resp
def config():
conf = PYLOAD.getConfig()
plugin = PYLOAD.getPluginConfig()
conf_menu = []
plugin_menu = []
for entry in sorted(conf.keys()):
conf_menu.append((entry, conf[entry].description))
for entry in sorted(plugin.keys()):
plugin_menu.append((entry, plugin[entry].description))
accs = PYLOAD.getAccounts(False)
for data in accs:
if data.trafficleft == -1:
data.trafficleft = _("unlimited")
elif not data.trafficleft:
data.trafficleft = _("not available")
else:
data.trafficleft = formatSize(data.trafficleft * 1024)
if data.validuntil == -1:
data.validuntil = _("unlimited")
elif not data.validuntil :
data.validuntil = _("not available")
else:
t = time.localtime(data.validuntil)
data.validuntil = time.strftime("%d.%m.%Y", t)
if "time" in data.options:
try:
data.options["time"] = data.options["time"][0]
except:
data.options["time"] = "0:00-0:00"
if "limitDL" in data.options:
data.options["limitdl"] = data.options["limitDL"][0]
else:
data.options["limitdl"] = "0"
return render_to_response('settings.html',
{'conf': {'plugin': plugin_menu, 'general': conf_menu, 'accs': accs}, 'types': PYLOAD.getAccountTypes()},
[pre_processor])