def manage_variables(env, pageid): """ Overview page with variables (manage) """ if not loggedin(env): tmpl = jinjaenv.get_template('loginform.html') return template_render(tmpl, { 'session' : env['beaker.session']} ) user = Session.query(User).filter(User.id == \ env['beaker.session']['loggedin_id']).first() if not user: return None if user.admin_level < 1: return str('Access denied') tmpl = jinjaenv.get_template('managevariables.html') pageid = get_pageid(pageid) variables = Session.query(Variable).order_by(Variable.id).offset(\ (pageid-1) * RESULTS_PER_PAGE).limit(RESULTS_PER_PAGE).all() return template_render(tmpl, { 'session' : env ['beaker.session'], 'variables' : variables, 'pageid' : pageid, 'user' : user })
def general(env): """ Default page. """ if loggedin(env): tmpl = jinjaenv.get_template('meinpage.html') userid = env['beaker.session']['loggedin_id'] userinfo = ut.info(userid) user_commits = Session.query(Commit).filter(Commit.user_id == userid ). order_by(sqlalchemy.desc(Commit.id)).limit(5).all() script_commits = Session.query(Commit).join( (Script, Script.id == Commit.script_id)).filter( Script.owner_id == userid).order_by( sqlalchemy.desc(Commit.id)).limit(5).all() return template_render(tmpl, {'session' : env['beaker.session'], 'user' : userinfo['user'], 'ttc' : userinfo['time']['commit_time'], 'tc' : userinfo['time']['commit_amount'], 'own_commits' : user_commits, 'script_commits' : script_commits }) else: tmpl = jinjaenv.get_template('base.html') return template_render(tmpl, {'session' : env['beaker.session']} )
def general(env): """ Default page. """ if loggedin(env): tmpl = jinjaenv.get_template('meinpage.html') userid = env['beaker.session']['loggedin_id'] userinfo = ut.info(userid) user_commits = Session.query(Commit).filter( Commit.user_id == userid).order_by(sqlalchemy.desc( Commit.id)).limit(5).all() script_commits = Session.query(Commit).join( (Script, Script.id == Commit.script_id)).filter( Script.owner_id == userid).order_by(sqlalchemy.desc( Commit.id)).limit(5).all() return template_render( tmpl, { 'session': env['beaker.session'], 'user': userinfo['user'], 'ttc': userinfo['time']['commit_time'], 'tc': userinfo['time']['commit_amount'], 'own_commits': user_commits, 'script_commits': script_commits }) else: tmpl = jinjaenv.get_template('base.html') return template_render(tmpl, {'session': env['beaker.session']})
def manage_variables(env, pageid): """ Overview page with variables (manage) """ if not loggedin(env): tmpl = jinjaenv.get_template('loginform.html') return template_render(tmpl, {'session': env['beaker.session']}) user = Session.query(User).filter(User.id == \ env['beaker.session']['loggedin_id']).first() if not user: return None if user.admin_level < 1: return str('Access denied') tmpl = jinjaenv.get_template('managevariables.html') pageid = get_pageid(pageid) variables = Session.query(Variable).order_by(Variable.id).offset(\ (pageid-1) * RESULTS_PER_PAGE).limit(RESULTS_PER_PAGE).all() return template_render( tmpl, { 'session': env['beaker.session'], 'variables': variables, 'pageid': pageid, 'user': user })
def login(env): """ Login method. Handles both GET and POST requests. """ tmpl = jinjaenv.get_template('loginform.html') if str(env['REQUEST_METHOD']) == 'POST': data = read_post_data(env) if data is None: return str('Error: Invalid post data') if 'user' not in data or 'pass' not in data: return template_render(tmpl, { 'session': env['beaker.session'], 'loginfail': True }) data['user'] = urllib.unquote_plus(data['user']) data['pass'] = urllib.unquote_plus(data['pass']) data['pass'] = hashlib.sha256(data['pass']).hexdigest() # Does the user exist (and is the password valid)? res = Session.query(User).filter( func.lower(User.name) == data['user'].lower()).filter( User.password == data['pass']).first() if res: env['beaker.session']['loggedin'] = True env['beaker.session']['loggedin_id'] = res.id env['beaker.session']['loggedin_name'] = res.name # XXX: Do not rely on this. Only use for showing permissions where # extra checks aren't nessecary. EG: Fine for links, not fine for # actual db changes + access to pages. env['beaker.session']['loggedin_level'] = res.admin_level env['beaker.session'].save() log.log([], LVL_NOTABLE, PyLogger.INFO, 'Login %s : %s' % (env['REMOTE_ADDR'], data['user'])) return template_render( tmpl, { 'session': env['beaker.session'], 'loginsuccess': True, 'user': res }) else: log.log([], LVL_NOTABLE, PyLogger.INFO, 'Failed login %s : %s' % (env['REMOTE_ADDR'], data['user'])) return template_render(tmpl, { 'session': env['beaker.session'], 'loginfail': True }) elif str(env['REQUEST_METHOD']) == 'GET': return template_render(tmpl, {'session': env['beaker.session']}) else: return None
def user_commit(env, userid=None, pageid=None): """ Page with user commits. See ``usercommits.html'' for the template. """ pageid = get_pageid(pageid) tmpl = jinjaenv.get_template('usercommits.html') session = Session() user = Session.query(User).filter(User.id == userid).first() user_commits = ut.listc(user, (pageid - 1) * RESULTS_PER_PAGE, RESULTS_PER_PAGE) return template_render( tmpl, { 'user': user, 'commits': user_commits, 'pageid': pageid, 'session': env['beaker.session'] })
def login(env): """ Login method. Handles both GET and POST requests. """ tmpl = jinjaenv.get_template('loginform.html') if str(env['REQUEST_METHOD']) == 'POST': data = read_post_data(env) if data is None: return str('Error: Invalid post data') if 'user' not in data or 'pass' not in data: return template_render(tmpl, { 'session' : env['beaker.session'], 'loginfail' : True} ) data['user'] = urllib.unquote_plus(data['user']) data['pass'] = urllib.unquote_plus(data['pass']) data['pass'] = hashlib.sha256(data['pass']).hexdigest() # Does the user exist (and is the password valid)? res = Session.query(User).filter(func.lower(User.name) == data['user'].lower()).filter(User.password == data['pass']).first() if res: env['beaker.session']['loggedin'] = True env['beaker.session']['loggedin_id'] = res.id env['beaker.session']['loggedin_name'] = res.name # XXX: Do not rely on this. Only use for showing permissions where # extra checks aren't nessecary. EG: Fine for links, not fine for # actual db changes + access to pages. env['beaker.session']['loggedin_level'] = res.admin_level env['beaker.session'].save() log.log([], LVL_NOTABLE, PyLogger.INFO, 'Login %s : %s' % (env['REMOTE_ADDR'], data['user'])) return template_render(tmpl, { 'session' : env['beaker.session'], 'loginsuccess' : True, 'user' : res} ) else: log.log([], LVL_NOTABLE, PyLogger.INFO, 'Failed login %s : %s' % (env['REMOTE_ADDR'], data['user'])) return template_render(tmpl, { 'session' : env['beaker.session'], 'loginfail' : True} ) elif str(env['REQUEST_METHOD']) == 'GET': return template_render(tmpl, { 'session' : env['beaker.session']} ) else: return None
def update_user_script_cache(): """ """ print 'Updating user-script cache...' session = Session() update_query = str( session.query(User.id, Script.id, func.sum(Commit.timeadd), func.count(Commit.id)).join( (Commit, Commit.user_id == User.id)).join( (Script, Script.id == Commit.script_id)).group_by( User.id, Script.id)) session.execute('TRUNCATE TABLE uscache') # CASCADE? session.execute('INSERT INTO uscache %s' % update_query) session.commit() del session print 'Done updating user-script cache...'
def script_commit(env, scriptid=None,pageid=None): """ Page with commits to script. See ``scriptcommits.html'' for the template. """ pageid = get_pageid(pageid) tmpl = jinjaenv.get_template('scriptcommits.html') script = Session.query(Script).filter(Script.id==scriptid).first() return template_render(tmpl, { 'script' : script, 'commits' : st.listc(script, (pageid-1)*RESULTS_PER_PAGE, RESULTS_PER_PAGE), 'pageid' : pageid, 'session' : env['beaker.session']} )
def update_user_script_cache(): """ """ print 'Updating user-script cache...' session = Session() update_query = str(session.query(User.id, Script.id, func.sum(Commit.timeadd), func.count(Commit.id) ).join((Commit, Commit.user_id==User.id)).join( (Script, Script.id == Commit.script_id)).group_by( User.id, Script.id)) session.execute('TRUNCATE TABLE uscache') # CASCADE? session.execute('INSERT INTO uscache %s' % update_query) session.commit() del session print 'Done updating user-script cache...'
def update_user_script_variable_cache(): """ """ print 'Updating user-script-variable cache...' session = Session() update_query = str( session.query( User.id, Script.id, Variable.id, func.sum(CommitVar.amount)).join( (Commit, Commit.user_id == User.id)).join( (Script, Commit.script_id == Script.id)).join( (CommitVar, CommitVar.commit_id == Commit.id)).join( (Variable, Variable.id == CommitVar.variable_id)).group_by( User.id, Script.id, Variable.id)) session.execute('TRUNCATE TABLE usvcache') # CASCADE? session.execute('INSERT INTO usvcache %s' % update_query) session.commit() del session print 'Done updating user-script-variable cache...'
def update_user_script_variable_cache(): """ """ print 'Updating user-script-variable cache...' session = Session() update_query = str(session.query(User.id, Script.id, Variable.id, func.sum(CommitVar.amount)).join( (Commit, Commit.user_id == User.id)).join( (Script, Commit.script_id == Script.id)).join( (CommitVar, CommitVar.commit_id == Commit.id)).join( (Variable, Variable.id == CommitVar.variable_id)).group_by( User.id, Script.id, Variable.id)) session.execute('TRUNCATE TABLE usvcache') # CASCADE? session.execute('INSERT INTO usvcache %s' % update_query) session.commit() del session print 'Done updating user-script-variable cache...'
def user_commit(env, userid=None, pageid=None): """ Page with user commits. See ``usercommits.html'' for the template. """ pageid = get_pageid(pageid) tmpl = jinjaenv.get_template('usercommits.html') session = Session() user = Session.query(User).filter(User.id==userid).first() user_commits = ut.listc(user, (pageid-1)*RESULTS_PER_PAGE, RESULTS_PER_PAGE) return template_render(tmpl, { 'user' : user, 'commits' : user_commits, 'pageid' : pageid, 'session' : env['beaker.session']} )
def manage_scripts(env): """ Page to manage scripts. """ if not loggedin(env): tmpl = jinjaenv.get_template('loginform.html') return template_render(tmpl, {'session': env['beaker.session']}) user = Session.query(User).filter(User.id == \ env['beaker.session']['loggedin_id']).first() if not user: return None tmpl = jinjaenv.get_template('managescripts.html') return template_render(tmpl, { 'session': env['beaker.session'], 'user': user })
def manage_scripts(env): """ Page to manage scripts. """ if not loggedin(env): tmpl = jinjaenv.get_template('loginform.html') return template_render(tmpl, { 'session' : env['beaker.session']} ) user = Session.query(User).filter(User.id == \ env['beaker.session']['loggedin_id']).first() if not user: return None tmpl = jinjaenv.get_template('managescripts.html') return template_render(tmpl, { 'session' : env ['beaker.session'], 'user' : user })
def script_commit(env, scriptid=None, pageid=None): """ Page with commits to script. See ``scriptcommits.html'' for the template. """ pageid = get_pageid(pageid) tmpl = jinjaenv.get_template('scriptcommits.html') script = Session.query(Script).filter(Script.id == scriptid).first() return template_render( tmpl, { 'script': script, 'commits': st.listc(script, (pageid - 1) * RESULTS_PER_PAGE, RESULTS_PER_PAGE), 'pageid': pageid, 'session': env['beaker.session'] })
def register_user(env): """ Page to register a user. Handles POST and GET data. """ tmpl = jinjaenv.get_template('registeruser.html') session = Session() if str(env['REQUEST_METHOD']) == 'POST': data = read_post_data(env) if data is None: return str('Error: Invalid post data') if 'user' not in data or 'pass' not in data: return template_render( tmpl, { 'session': env['beaker.session'], 'registerfail': True, 'error': 'Post data not complete' }) data['user'] = urllib.unquote_plus(data['user']) data['pass'] = urllib.unquote_plus(data['pass']) if 'mail' in data: data['mail'] = urllib.unquote_plus(data['mail']) if len(data['user']) > 20 or len(data['pass']) > 20 or \ len(data['user']) == 0 or len(data['pass']) == 0: return template_render( tmpl, { 'session': env['beaker.session'], 'registerfail': True, 'error': 'Username or Password too long.' }) data['pass'] = hashlib.sha256(data['pass']).hexdigest() if 'mail' in data: if len(data['mail']) > 40: return template_render( tmpl, { 'session': env['beaker.session'], 'registerfail': True, 'error': 'Email address is too long' }) log.log([], LVL_VERBOSE, PyLogger.INFO, 'Register POST data: %s' % str(data)) if 'mail' in data and data['mail']: if not emailre.match(data['mail']): return template_render( tmpl, { 'session': env['beaker.session'], 'registerfail': True, 'error': 'Invalid Email.' }) # Does the user exist? res = session.query(User).filter( func.lower(User.name) == data['user'].lower()).first() if res: return template_render( tmpl, { 'session': env['beaker.session'], 'registerfail': True, 'error': 'Username already exists' }) user = User(data['user'], data['pass'], data['mail'] if 'mail' in data else None) session.add(user) try: session.commit() except sqlalchemy.exc.IntegrityError as e: session.rollback() print 'Rollback in register_user' print 'Post data:', data print 'Exception:', e return template_render( tmpl, { 'session': env['beaker.session'], 'registersuccess': True, 'user': user }) elif str(env['REQUEST_METHOD']) == 'GET': return template_render(tmpl, {'session': env['beaker.session']}) else: return None
def graph_commits_year_dyn(env, year=None, scriptid=None, userid=None, select_type='amount'): """ Generic function for month graphs. If month is None, the current month is used. If year is None, the current year is used. Valid select types: 'amount', 'minutes' """ if select_type not in ('amount', 'minutes'): return None if year is None: year = datetime.datetime.now().year else: year = int(year) if year < 1: return None if scriptid: script = st.info(scriptid) if script is None: return None if userid: user = ut.info(userid) if user is None: return None sel = { 'amount': Session.query(extract('day', Commit.timestamp), func.count('*'), extract('month', Commit.timestamp)), 'minutes': Session.query(extract('day', Commit.timestamp), func.sum(Commit.timeadd), extract('month', Commit.timestamp)) } if select_type not in sel: return None q = sel[select_type] if userid: q = q.filter(Commit.user_id == userid) if scriptid: q = q.filter(Commit.script_id == scriptid) q = q.filter(extract('year', Commit.timestamp) == year) q = q.group_by(extract('day', Commit.timestamp)) res = q.all() amount = range(364) for x in range(364): amount[x] = 0 # XXX: Use the month here to determine the ``day of the year''. for x in res: amount[int(x[0])] = x[1] if scriptid: title = ' to script: %s' % script['script'].name else: title = '' if userid: title += ' by user: %s' % user['user'].name s = gt.commit_bar(range(1, 365), amount, _title='Commits of year' + title, _xlabel='days', _ylabel='%s of commits' % select_type) return s
def graph_commits_year_dyn(env, year=None, scriptid=None, userid=None, select_type='amount'): """ Generic function for month graphs. If month is None, the current month is used. If year is None, the current year is used. Valid select types: 'amount', 'minutes' """ if select_type not in ('amount', 'minutes'): return None if year is None: year = datetime.datetime.now().year else: year = int(year) if year < 1: return None if scriptid: script = st.info(scriptid) if script is None: return None if userid: user = ut.info(userid) if user is None: return None sel = {'amount' : Session.query(extract('day', Commit.timestamp), func.count('*'), extract('month', Commit.timestamp)), 'minutes': Session.query(extract('day', Commit.timestamp), func.sum(Commit.timeadd), extract('month', Commit.timestamp)) } if select_type not in sel: return None q = sel[select_type] if userid: q = q.filter(Commit.user_id==userid) if scriptid: q = q.filter(Commit.script_id==scriptid) q = q.filter(extract('year', Commit.timestamp)==year) q = q.group_by(extract('day', Commit.timestamp)) res = q.all() amount = range(364) for x in range(364): amount[x] = 0 # XXX: Use the month here to determine the ``day of the year''. for x in res: amount[int(x[0])] = x[1] if scriptid: title = ' to script: %s' % script['script'].name else: title = '' if userid: title += ' by user: %s' % user['user'].name s = gt.commit_bar(range(1,365), amount, _title='Commits of year' + title, _xlabel='days', _ylabel='%s of commits' % select_type) return s
def create_script(env): """ Page to create a script. Handles both GET and POST. """ if not loggedin(env): tmpl = jinjaenv.get_template('loginform.html') return template_render(tmpl, {'session': env['beaker.session']}) session = Session() user = session.query(User).filter(User.id == \ env['beaker.session']['loggedin_id']).first() if not user: return None tmpl = jinjaenv.get_template('createscript.html') if str(env['REQUEST_METHOD']) == 'POST': data = read_post_data(env) if data is None: return str('Error: Invalid POST data') if 'script' in data: s = data['script'] s = urllib.unquote_plus(s) else: return template_render( tmpl, { 'session': env['beaker.session'], 'error': 'Error: Script contains invalid characters' }) if len(s) == 0 or len(s) > 20: return template_render( tmpl, { 'session': env['beaker.session'], 'error': 'Error: Script name has invalid length' }) res = session.query(Script).filter(Script.name == s).all() if res: return template_render( tmpl, { 'session': env['beaker.session'], 'error': 'Error: Script already exists' }) user = session.query(User).filter(User.id == \ env['beaker.session']['loggedin_id']).first() if not user: return template_render( tmpl, { 'session': env['beaker.session'], 'error': 'Error: Invalid user in session?' }) script = Script(s) script.owner = user session.add(script) try: session.commit() except sqlalchemy.exc.IntegrityError as e: session.rollback() print 'Rollback! create_script.' print 'Post data:', data print 'Exception:', e return template_render(tmpl, { 'session': env['beaker.session'], 'newscript': script }) return template_render(tmpl, {'session': env['beaker.session']})
def manage_script(env, scriptid): """ Page to manage a specific script. Handles both GET and POST. """ if not loggedin(env): tmpl = jinjaenv.get_template('loginform.html') return template_render(tmpl, { 'session' : env['beaker.session']} ) session = Session() user = session.query(User).filter(User.id == \ env['beaker.session']['loggedin_id']).first() if not user: return None script = session.query(Script).filter(Script.id == scriptid).first() if not script: return None if script.owner.name != user.name: return None if str(env['REQUEST_METHOD']) == 'POST': data = read_post_data(env) if data is None: return str('Error: Invalid POST data') if 'variable' in data: try: id = data['variable'] except ValueError: return str('Invalid POST data: Not a number') var = session.query(Variable).filter(Variable.id == id).first() if var is None: return str('Invalid POST data: No such variable') if var not in script.variables: script.variables.append(var) try: session.commit() except sqlalchemy.exc.IntegrityError as e: session.rollback() print 'Rollback in stats.py, manage_script:' print 'Postdata:', data print 'Exception:', e vars = session.query(Variable).filter(Variable.is_var==1).all() vars_intersect = filter(lambda x: x not in script.variables, vars) if \ script.variables is not None else vars tmpl = jinjaenv.get_template('managescript.html') return template_render(tmpl, { 'session' : env ['beaker.session'], 'script' : script, 'vars' : vars_intersect })
""" def __init__(self, app): self.app = app def __call__(self, env, start_response): try: ret = self.app(env, start_response) except Exception, e: print 'Exception in SessionHack:', e.message print '-' * 60 traceback.print_exc(file=sys.stdout) print '-' * 60 raise SessionHackException(e.message) finally: Session.rollback() return ret class ScheduledJob(object): """ Middleware for Scheduled Jobs. Rank updates, cache updates. """ def __init__(self, app): self.app = app def __call__(self, env, start_response): global last_rank_time global last_rank_process global last_rank_queue
# -*- coding: utf-8 -*- from sql import Para, AbstractPara, Session import datetime import xlrd from excel_parser import dayparser, excel from mptparser.time_parser import timeparse session = Session() sqlabspara = session.query(AbstractPara).all() week = [u'понедельник', u'вторник', u'среда', u'четверг', u'пятница', u'суббота'] now = datetime.date.today() if (int(datetime.datetime.strftime(now, '%W')) % 2) == 0: # числитель print 'Числитель' else: print 'Знаменатель' #print now.weekday() for abspara in sqlabspara: #Добавляем расписание на неделю в бд, откуда потем тащем в календарь for xday in xrange(0, 7): dateoffset = now + datetime.timedelta(days=xday) if dateoffset.weekday() == week.index(abspara.dayofweek): paradate = dateoffset start, end = timeparse(abspara.numberpara, paradate.weekday())
def manage_variable(env, variableid): """ Page to manage a variable. Handles both GET and POST. """ if not loggedin(env): tmpl = jinjaenv.get_template('loginform.html') return template_render(tmpl, {'session': env['beaker.session']}) session = Session() user = session.query(User).filter(User.id == \ env['beaker.session']['loggedin_id']).first() if not user: return None if user.admin_level < 1: return str('Access denied') tmpl = jinjaenv.get_template('managevariable.html') variable = session.query(Variable).filter(Variable.id == \ variableid).first() if not variable: return None if str(env['REQUEST_METHOD']) == 'POST': data = read_post_data(env) if data is None: return str('Invalid POST data') if 'newname' not in data: return str('Invalid POST data') data['newname'] = urllib.unquote_plus(data['newname']) if len(data['newname']) == 0 or len(data['newname']) > 20: return template_render( tmpl, { 'session': env['beaker.session'], 'error': 'Variable name too long.', }) res = session.query(Variable).filter( Variable.name == data['newname']).first() if res is None: variable.name = data['newname'] session.add(variable) try: session.commit() except sqlalchemy.exc.IntegrityError as e: session.rollback() print 'Rollback in manage_variable' print 'Post data:', data print 'Exception:', e else: return template_render( tmpl, { 'session': env['beaker.session'], 'error': 'Name already exists in the system.', 'variable': variable }) return template_render(tmpl, { 'session': env['beaker.session'], 'variable': variable })
def create_variable(env): """ Page to create a variable. Handles both GET and POST. """ if not loggedin(env): tmpl = jinjaenv.get_template('loginform.html') return template_render(tmpl, { 'session' : env['beaker.session']} ) session = Session() user = session.query(User).filter(User.id == \ env['beaker.session']['loggedin_id']).first() if not user: return None if user.admin_level < 1: return str('Access denied') tmpl = jinjaenv.get_template('createvariable.html') if str(env['REQUEST_METHOD']) == 'POST': data = read_post_data(env) if data is None: return str('Error: Invalid POST data') if 'variable' in data: s = data['variable'] s = urllib.unquote_plus(s) else: return template_render(tmpl, { 'session' : env ['beaker.session'], 'error' : 'Error: Variable name not specified'}) if len(s) == 0 or len(s) > 60: return template_render(tmpl, { 'session' : env ['beaker.session'], 'error' : 'Error: Variable name has invalid length'}) # 'on' when checked; not in data when not clicked. XXX if 'is_var' in data: v = 1 else: v = 0 res = session.query(Variable).filter(Variable.name == s).first() if res: return template_render(tmpl, { 'session' : env ['beaker.session'], 'error' : 'Error: Variable already exists'}) variable = Variable(s, v) session.add(variable) try: session.commit() except sqlalchemy.exc.IntegrityError as e: session.rollback() print 'Rollback! create_variable' print 'Post data:', data print 'Exception:', e return template_render(tmpl, { 'session' : env ['beaker.session'], 'newvariable' : variable}) return template_render(tmpl, {'session' : env['beaker.session'] })
def create_variable(env): """ Page to create a variable. Handles both GET and POST. """ if not loggedin(env): tmpl = jinjaenv.get_template('loginform.html') return template_render(tmpl, {'session': env['beaker.session']}) session = Session() user = session.query(User).filter(User.id == \ env['beaker.session']['loggedin_id']).first() if not user: return None if user.admin_level < 1: return str('Access denied') tmpl = jinjaenv.get_template('createvariable.html') if str(env['REQUEST_METHOD']) == 'POST': data = read_post_data(env) if data is None: return str('Error: Invalid POST data') if 'variable' in data: s = data['variable'] s = urllib.unquote_plus(s) else: return template_render( tmpl, { 'session': env['beaker.session'], 'error': 'Error: Variable name not specified' }) if len(s) == 0 or len(s) > 60: return template_render( tmpl, { 'session': env['beaker.session'], 'error': 'Error: Variable name has invalid length' }) # 'on' when checked; not in data when not clicked. XXX if 'is_var' in data: v = 1 else: v = 0 res = session.query(Variable).filter(Variable.name == s).first() if res: return template_render( tmpl, { 'session': env['beaker.session'], 'error': 'Error: Variable already exists' }) variable = Variable(s, v) session.add(variable) try: session.commit() except sqlalchemy.exc.IntegrityError as e: session.rollback() print 'Rollback! create_variable' print 'Post data:', data print 'Exception:', e return template_render(tmpl, { 'session': env['beaker.session'], 'newvariable': variable }) return template_render(tmpl, {'session': env['beaker.session']})
def api_commit(env): """ API to send a commit to the stats system using POST data. """ if str(env['REQUEST_METHOD']) != 'POST': # 404 return None data = read_post_data(env) if data is None: return None # XXX FIXME This is ugly pd = data.copy() pd['password'] = '******' log.log([], LVL_INFORMATIVE, PyLogger.INFO, 'API_COMMIT: %s, %s' % (env['REMOTE_ADDR'], pd)) if not 'user' in data or not 'password' in data: return '110' data['user'] = urllib.unquote_plus(data['user']) data['password'] = urllib.unquote_plus(data['password']) # if not alphanumspace.match(data['user']): # return '110' # # if not alphanumspace.match(data['password']): # return '110' data['password'] = hashlib.sha256(data['password']).hexdigest() session = Session() user = session.query(User).filter(User.name == data['user']).filter( User.password == data['password']).first() if not user: log.log([], LVL_NOTABLE, PyLogger.WARNING, 'API_COMMIT: %s, %s DENIED: No user' \ % (env['REMOTE_ADDR'], pd)) return '110' del data['user'] del data['password'] if not 'script' in data: log.log([], LVL_NOTABLE, PyLogger.WARNING, 'API_COMMIT: %s, %s DENIED: No script' \ % (env['REMOTE_ADDR'], pd)) return '120' data['script'] = urllib.unquote_plus(data['script']) script = session.query(Script).filter(Script.id == data['script']).first() if not script: log.log([], LVL_NOTABLE, PyLogger.WARNING, 'API_COMMIT: %s, %s DENIED: Invalid script' \ % (env['REMOTE_ADDR'], pd)) return '120' del data['script'] if not 'time' in data: log.log([], LVL_NOTABLE, PyLogger.WARNING, 'API_COMMIT: %s, %s DENIED: No time' \ % (env['REMOTE_ADDR'], pd)) return '130' try: time = int(data['time']) except ValueError: log.log([], LVL_NOTABLE, PyLogger.WARNING, 'API_COMMIT: %s, %s DENIED: Invalid time (int)' \ % (env['REMOTE_ADDR'], pd)) return '130' if time < 5 or time > 60: log.log([], LVL_NOTABLE, PyLogger.WARNING, 'API_COMMIT: %s, %s DENIED: Invalid time (range)' \ % (env['REMOTE_ADDR'], pd)) return '130' del data['time'] randoms = session.query(Variable).filter(Variable.is_var==0).all() script_vars = dict(zip([x.name.lower() for x in script.variables], script.variables)) script_vars.update(dict(zip([x.name.lower() for x in randoms], randoms))) script_vars.update(dict(zip([x.id for x in randoms], randoms))) script_vars.update(dict(zip([x.id for x in script.variables], script.variables))) vars = dict() for x, y in data.iteritems(): x = urllib.unquote_plus(x) x = x.lower() try: x = int(x) except ValueError: pass if x not in script_vars: log.log([], LVL_NOTABLE, PyLogger.WARNING, 'API_COMMIT: %s, %s DENIED: Invalid variable for script' \ % (env['REMOTE_ADDR'], pd)) return '140' try: v = int(y) except ValueError: log.log([], LVL_NOTABLE, PyLogger.WARNING, 'API_COMMIT: %s, %s DENIED: Invalid variable value' \ % (env['REMOTE_ADDR'], pd)) return '150' if v < 1 or v > 10000: log.log([], LVL_NOTABLE, PyLogger.WARNING, 'API_COMMIT: %s, %s DENIED: Invalid variable value (%d)' \ % (env['REMOTE_ADDR'], pd, v)) return '150' vars[script_vars[x]] = v res = ct.add(user, script, time, vars) if not res: log.log([], LVL_NOTABLE, PyLogger.WARNING, 'API_COMMIT: %s, %s DENIED: Internal error' \ % (env['REMOTE_ADDR'], pd)) return '160' return '100'
def api_commit(env): """ API to send a commit to the stats system using POST data. """ if str(env['REQUEST_METHOD']) != 'POST': # 404 return None data = read_post_data(env) if data is None: return None # XXX FIXME This is ugly pd = data.copy() pd['password'] = '******' log.log([], LVL_INFORMATIVE, PyLogger.INFO, 'API_COMMIT: %s, %s' % (env['REMOTE_ADDR'], pd)) if not 'user' in data or not 'password' in data: return '110' data['user'] = urllib.unquote_plus(data['user']) data['password'] = urllib.unquote_plus(data['password']) # if not alphanumspace.match(data['user']): # return '110' # # if not alphanumspace.match(data['password']): # return '110' data['password'] = hashlib.sha256(data['password']).hexdigest() session = Session() user = session.query(User).filter(User.name == data['user']).filter( User.password == data['password']).first() if not user: log.log([], LVL_NOTABLE, PyLogger.WARNING, 'API_COMMIT: %s, %s DENIED: No user' \ % (env['REMOTE_ADDR'], pd)) return '110' del data['user'] del data['password'] if not 'script' in data: log.log([], LVL_NOTABLE, PyLogger.WARNING, 'API_COMMIT: %s, %s DENIED: No script' \ % (env['REMOTE_ADDR'], pd)) return '120' data['script'] = urllib.unquote_plus(data['script']) script = session.query(Script).filter(Script.id == data['script']).first() if not script: log.log([], LVL_NOTABLE, PyLogger.WARNING, 'API_COMMIT: %s, %s DENIED: Invalid script' \ % (env['REMOTE_ADDR'], pd)) return '120' del data['script'] if not 'time' in data: log.log([], LVL_NOTABLE, PyLogger.WARNING, 'API_COMMIT: %s, %s DENIED: No time' \ % (env['REMOTE_ADDR'], pd)) return '130' try: time = int(data['time']) except ValueError: log.log([], LVL_NOTABLE, PyLogger.WARNING, 'API_COMMIT: %s, %s DENIED: Invalid time (int)' \ % (env['REMOTE_ADDR'], pd)) return '130' if time < 5 or time > 60: log.log([], LVL_NOTABLE, PyLogger.WARNING, 'API_COMMIT: %s, %s DENIED: Invalid time (range)' \ % (env['REMOTE_ADDR'], pd)) return '130' del data['time'] randoms = session.query(Variable).filter(Variable.is_var == 0).all() script_vars = dict( zip([x.name.lower() for x in script.variables], script.variables)) script_vars.update(dict(zip([x.name.lower() for x in randoms], randoms))) script_vars.update(dict(zip([x.id for x in randoms], randoms))) script_vars.update( dict(zip([x.id for x in script.variables], script.variables))) vars = dict() for x, y in data.iteritems(): x = urllib.unquote_plus(x) x = x.lower() try: x = int(x) except ValueError: pass if x not in script_vars: log.log([], LVL_NOTABLE, PyLogger.WARNING, 'API_COMMIT: %s, %s DENIED: Invalid variable for script' \ % (env['REMOTE_ADDR'], pd)) return '140' try: v = int(y) except ValueError: log.log([], LVL_NOTABLE, PyLogger.WARNING, 'API_COMMIT: %s, %s DENIED: Invalid variable value' \ % (env['REMOTE_ADDR'], pd)) return '150' if v < 1 or v > 10000: log.log([], LVL_NOTABLE, PyLogger.WARNING, 'API_COMMIT: %s, %s DENIED: Invalid variable value (%d)' \ % (env['REMOTE_ADDR'], pd, v)) return '150' vars[script_vars[x]] = v res = ct.add(user, script, time, vars) if not res: log.log([], LVL_NOTABLE, PyLogger.WARNING, 'API_COMMIT: %s, %s DENIED: Internal error' \ % (env['REMOTE_ADDR'], pd)) return '160' return '100'
def register_user(env): """ Page to register a user. Handles POST and GET data. """ tmpl = jinjaenv.get_template('registeruser.html') session = Session() if str(env['REQUEST_METHOD']) == 'POST': data = read_post_data(env) if data is None: return str('Error: Invalid post data') if 'user' not in data or 'pass' not in data: return template_render(tmpl, { 'session' : env['beaker.session'], 'registerfail' : True, 'error' : 'Post data not complete'} ) data['user'] = urllib.unquote_plus(data['user']) data['pass'] = urllib.unquote_plus(data['pass']) if 'mail' in data: data['mail'] = urllib.unquote_plus(data['mail']) if len(data['user']) > 20 or len(data['pass']) > 20 or \ len(data['user']) == 0 or len(data['pass']) == 0: return template_render(tmpl, { 'session' : env['beaker.session'], 'registerfail' : True, 'error' : 'Username or Password too long.'} ) data['pass'] = hashlib.sha256(data['pass']).hexdigest() if 'mail' in data: if len(data['mail']) > 40: return template_render(tmpl, { 'session' : env['beaker.session'], 'registerfail' : True, 'error' : 'Email address is too long'} ) log.log([], LVL_VERBOSE, PyLogger.INFO, 'Register POST data: %s' % str(data)) if 'mail' in data and data['mail']: if not emailre.match(data['mail']): return template_render(tmpl, { 'session' : env['beaker.session'], 'registerfail' : True, 'error': 'Invalid Email.'} ) # Does the user exist? res = session.query(User).filter(func.lower(User.name) == data['user'].lower()).first() if res: return template_render(tmpl, { 'session' : env['beaker.session'], 'registerfail' : True, 'error' : 'Username already exists'} ) user = User(data['user'], data['pass'], data['mail'] if 'mail' in data else None) session.add(user) try: session.commit() except sqlalchemy.exc.IntegrityError as e: session.rollback() print 'Rollback in register_user' print 'Post data:', data print 'Exception:', e return template_render(tmpl, { 'session' : env['beaker.session'], 'registersuccess' : True, 'user' : user} ) elif str(env['REQUEST_METHOD']) == 'GET': return template_render(tmpl, { 'session' : env['beaker.session']} ) else: return None
def create_script(env): """ Page to create a script. Handles both GET and POST. """ if not loggedin(env): tmpl = jinjaenv.get_template('loginform.html') return template_render(tmpl, { 'session' : env['beaker.session']} ) session = Session() user = session.query(User).filter(User.id == \ env['beaker.session']['loggedin_id']).first() if not user: return None tmpl = jinjaenv.get_template('createscript.html') if str(env['REQUEST_METHOD']) == 'POST': data = read_post_data(env) if data is None: return str('Error: Invalid POST data') if 'script' in data: s = data['script'] s = urllib.unquote_plus(s) else: return template_render(tmpl, { 'session' : env ['beaker.session'], 'error' : 'Error: Script contains invalid characters'}) if len(s) == 0 or len(s) > 20: return template_render(tmpl, { 'session' : env ['beaker.session'], 'error' : 'Error: Script name has invalid length'}) res = session.query(Script).filter(Script.name == s).all() if res: return template_render(tmpl, { 'session' : env ['beaker.session'], 'error' : 'Error: Script already exists'}) user = session.query(User).filter(User.id == \ env['beaker.session']['loggedin_id']).first() if not user: return template_render(tmpl, { 'session' : env ['beaker.session'], 'error' : 'Error: Invalid user in session?'}) script = Script(s) script.owner = user session.add(script) try: session.commit() except sqlalchemy.exc.IntegrityError as e: session.rollback() print 'Rollback! create_script.' print 'Post data:', data print 'Exception:', e return template_render(tmpl, { 'session' : env ['beaker.session'], 'newscript' : script }) return template_render(tmpl, { 'session' : env ['beaker.session'] })
def manage_script(env, scriptid): """ Page to manage a specific script. Handles both GET and POST. """ if not loggedin(env): tmpl = jinjaenv.get_template('loginform.html') return template_render(tmpl, {'session': env['beaker.session']}) session = Session() user = session.query(User).filter(User.id == \ env['beaker.session']['loggedin_id']).first() if not user: return None script = session.query(Script).filter(Script.id == scriptid).first() if not script: return None if script.owner.name != user.name: return None if str(env['REQUEST_METHOD']) == 'POST': data = read_post_data(env) if data is None: return str('Error: Invalid POST data') if 'variable' in data: try: id = data['variable'] except ValueError: return str('Invalid POST data: Not a number') var = session.query(Variable).filter(Variable.id == id).first() if var is None: return str('Invalid POST data: No such variable') if var not in script.variables: script.variables.append(var) try: session.commit() except sqlalchemy.exc.IntegrityError as e: session.rollback() print 'Rollback in stats.py, manage_script:' print 'Postdata:', data print 'Exception:', e vars = session.query(Variable).filter(Variable.is_var == 1).all() vars_intersect = filter(lambda x: x not in script.variables, vars) if \ script.variables is not None else vars tmpl = jinjaenv.get_template('managescript.html') return template_render(tmpl, { 'session': env['beaker.session'], 'script': script, 'vars': vars_intersect })
def manage_variable(env, variableid): """ Page to manage a variable. Handles both GET and POST. """ if not loggedin(env): tmpl = jinjaenv.get_template('loginform.html') return template_render(tmpl, { 'session' : env['beaker.session']} ) session = Session() user = session.query(User).filter(User.id == \ env['beaker.session']['loggedin_id']).first() if not user: return None if user.admin_level < 1: return str('Access denied') tmpl = jinjaenv.get_template('managevariable.html') variable = session.query(Variable).filter(Variable.id == \ variableid).first() if not variable: return None if str(env['REQUEST_METHOD']) == 'POST': data = read_post_data(env) if data is None: return str('Invalid POST data') if 'newname' not in data: return str('Invalid POST data') data['newname'] = urllib.unquote_plus(data['newname']) if len(data['newname']) == 0 or len(data['newname']) > 20: return template_render(tmpl, { 'session' : env ['beaker.session'], 'error' : 'Variable name too long.', }) res = session.query(Variable).filter(Variable.name == data['newname']).first() if res is None: variable.name = data['newname'] session.add(variable) try: session.commit() except sqlalchemy.exc.IntegrityError as e: session.rollback() print 'Rollback in manage_variable' print 'Post data:', data print 'Exception:', e else: return template_render(tmpl, { 'session' : env ['beaker.session'], 'error' : 'Name already exists in the system.', 'variable' : variable }) return template_render(tmpl, { 'session' : env['beaker.session'], 'variable' : variable })
the trace and error is only shown in the web page. """ def __init__(self, app): self.app = app def __call__(self, env, start_response): try: ret = self.app(env, start_response) except Exception, e: print 'Exception in SessionHack:', e.message print '-' * 60 traceback.print_exc(file=sys.stdout) print '-' * 60 raise SessionHackException(e.message) finally: Session.rollback() return ret class ScheduledJob(object): """ Middleware for Scheduled Jobs. Rank updates, cache updates. """ def __init__(self, app): self.app = app def __call__(self, env, start_response): global last_rank_time global last_rank_process global last_rank_queue