def getIndirectUrlLockList(self, url, principal=None): """Return a list of valid lockDicts, that protect <path> directly or indirectly. If a principal is given, only locks owned by this principal are returned. Side effect: expired locks for this path and all parents are purged. """ url = normalizeLockRoot(url) lockList = [] u = url while u: ll = self.storage.getLockList(u, includeRoot=True, includeChildren=False, tokenOnly=False) for l in ll: if u != url and l["depth"] != "infinity": continue # We only consider parents with Depth: infinity # TODO: handle shared locks in some way? # if (l["scope"] == "shared" and lockscope == "shared" # and principal != l["principal"]): # continue # Only compatible with shared locks by other users if principal is None or principal == l["principal"]: lockList.append(l) u = util.getUriParent(u) return lockList
def _put_new_text_file( self, provider, environ, file_path, file_content, ): # This part id a reproduction of # wsgidav.request_server.RequestServer#doPUT # Grab parent folder where create file parentRes = provider.getResourceInst( util.getUriParent(file_path), environ, ) assert parentRes, 'we should found folder for {0}'.format(file_path) new_resource = parentRes.createEmptyResource( util.getUriName(file_path), ) write_object = new_resource.beginWrite( contentType='application/octet-stream', ) write_object.write(file_content) write_object.close() new_resource.endWrite(withErrors=False) # Now file should exist return provider.getResourceInst( file_path, environ, )
def webdav_put_new_test_file_helper( provider: TracimDavProvider, environ: typing.Dict[str, typing.Any], file_path: str, file_content: bytes, ) -> _DAVResource: # This part id a reproduction of # wsgidav.request_server.RequestServer#doPUT # INFO - G.M - 2019-07-11 - set content_length to correct value according to file_content environ["CONTENT_LENGTH"] = len(file_content) # Grab parent folder where create file parentRes = provider.getResourceInst(wsgidav_util.getUriParent(file_path), environ) assert parentRes, "we should found folder for {0}".format(file_path) new_resource = parentRes.createEmptyResource( wsgidav_util.getUriName(file_path)) write_object = new_resource.beginWrite( contentType="application/octet-stream") write_object.write(file_content) write_object.close() new_resource.endWrite(withErrors=False) # Now file should exist return provider.getResourceInst(file_path, environ)
def _put_new_text_file( self, provider, environ, file_path, file_content, ): # This part id a reproduction of # wsgidav.request_server.RequestServer#doPUT # Grab parent folder where create file parentRes = provider.getResourceInst( util.getUriParent(file_path), environ, ) ok_(parentRes, msg='we should found folder for {0}'.format(file_path)) new_resource = parentRes.createEmptyResource( util.getUriName(file_path), ) write_object = new_resource.beginWrite( contentType='application/octet-stream', ) write_object.write(file_content) write_object.close() new_resource.endWrite(withErrors=False) # Now file should exist return provider.getResourceInst( file_path, environ, )
def handleDelete(self): if self.provider.readonly: raise DAVError(HTTP_FORBIDDEN) self.provider.lockManager.checkWritePermission(self.path, self.environ["HTTP_DEPTH"], self.environ["wsgidav.ifLockTokenList"], self.environ["wsgidav.username"]) func_name = "delete" xml_data = """{"path": "%s"}""" % self.path ret = managers.dispatcher.dispatch_action(self._app_id, self._obj_id, func_name, "",xml_data) if ret: return True else: if self.path == "/": get_properties.invalidate( self._app_id, self._obj_id, "/" ) else: get_properties.invalidate( self._app_id, self._obj_id, posixpath.normpath(util.getUriParent(self.path))) raise DAVError(HTTP_FORBIDDEN)
def checkWritePermission(self, url, depth, tokenList, principal): """Check, if <principal> can modify <url>, otherwise raise HTTP_LOCKED. If modifying <url> is prevented by a lock, DAVError(HTTP_LOCKED) is raised. An embedded DAVErrorCondition contains the conflicting locks. <url> may be modified by <principal>, if it is not currently locked directly or indirectly (i.e. by a locked parent). For depth-infinity operations, <url> also must not have locked children. It is not enough to check whether a lock is owned by <principal>, but also the token must be passed with the request. Because <principal> may run two different applications. See http://www.webdav.org/specs/rfc4918.html#lock-model http://www.webdav.org/specs/rfc4918.html#rfc.section.7.4 TODO: verify assumptions: - Parent locks WILL NOT be conflicting, if they are depth-0. - Exclusive child locks WILL be conflicting, even if they are owned by <principal>. @param url: URL that shall be modified, created, moved, or deleted @param depth: "0"|"infinity" @param tokenList: list of lock tokens, that the principal submitted in If: header @param principal: name of the principal requesting a lock @return: None or raise error """ assert compat.is_native(url) assert depth in ("0", "infinity") _logger.debug("checkWritePermission(%s, %s, %s, %s)" % (url, depth, tokenList, principal)) # Error precondition to collect conflicting URLs errcond = DAVErrorCondition(PRECONDITION_CODE_LockConflict) self._lock.acquireRead() try: # Check url and all parents for conflicting locks u = url while u: ll = self.getUrlLockList(u) _logger.debug(" checking %s" % u) for l in ll: _logger.debug(" l=%s" % lockString(l)) if u != url and l["depth"] != "infinity": # We only consider parents with Depth: inifinity continue elif principal == l["principal"] and l[ "token"] in tokenList: # User owns this lock continue else: # Token is owned by principal, but not passed with lock # list _logger.debug(" -> DENIED due to locked parent %s" % lockString(l)) errcond.add_href(l["root"]) u = util.getUriParent(u) if depth == "infinity": # Check child URLs for conflicting locks childLocks = self.storage.getLockList(url, includeRoot=False, includeChildren=True, tokenOnly=False) for l in childLocks: assert util.isChildUri(url, l["root"]) # if util.isChildUri(url, l["root"]): _logger.debug(" -> DENIED due to locked child %s" % lockString(l)) errcond.add_href(l["root"]) finally: self._lock.release() # If there were conflicts, raise HTTP_LOCKED for <url>, and pass # conflicting resource with 'no-conflicting-lock' precondition if len(errcond.hrefs) > 0: raise DAVError(HTTP_LOCKED, errcondition=errcond) return
def _checkLockPermission(self, url, locktype, lockscope, lockdepth, tokenList, principal): """Check, if <principal> can lock <url>, otherwise raise an error. If locking <url> would create a conflict, DAVError(HTTP_LOCKED) is raised. An embedded DAVErrorCondition contains the conflicting resource. @see http://www.webdav.org/specs/rfc4918.html#lock-model - Parent locks WILL NOT be conflicting, if they are depth-0. - Exclusive depth-infinity parent locks WILL be conflicting, even if they are owned by <principal>. - Child locks WILL NOT be conflicting, if we request a depth-0 lock. - Exclusive child locks WILL be conflicting, even if they are owned by <principal>. (7.7) - It is not enough to check whether a lock is owned by <principal>, but also the token must be passed with the request. (Because <principal> may run two different applications on his client.) - <principal> cannot lock-exclusive, if he holds a parent shared-lock. (This would only make sense, if he was the only shared-lock holder.) - TODO: litmus tries to acquire a shared lock on one resource twice (locks: 27 'double_sharedlock') and fails, when we return HTTP_LOCKED. So we allow multi shared locks on a resource even for the same principal. @param url: URL that shall be locked @param locktype: "write" @param lockscope: "shared"|"exclusive" @param lockdepth: "0"|"infinity" @param tokenList: list of lock tokens, that the user submitted in If: header @param principal: name of the principal requesting a lock @return: None (or raise) """ assert locktype == "write" assert lockscope in ("shared", "exclusive") assert lockdepth in ("0", "infinity") _logger.debug("checkLockPermission(%s, %s, %s, %s)" % (url, lockscope, lockdepth, principal)) # Error precondition to collect conflicting URLs errcond = DAVErrorCondition(PRECONDITION_CODE_LockConflict) self._lock.acquireRead() try: # Check url and all parents for conflicting locks u = url while u: ll = self.getUrlLockList(u) for l in ll: _logger.debug(" check parent %s, %s" % (u, lockString(l))) if u != url and l["depth"] != "infinity": # We only consider parents with Depth: infinity continue elif l["scope"] == "shared" and lockscope == "shared": # Only compatible with shared locks (even by same # principal) continue # Lock conflict _logger.debug(" -> DENIED due to locked parent %s" % lockString(l)) errcond.add_href(l["root"]) u = util.getUriParent(u) if lockdepth == "infinity": # Check child URLs for conflicting locks childLocks = self.storage.getLockList(url, includeRoot=False, includeChildren=True, tokenOnly=False) for l in childLocks: assert util.isChildUri(url, l["root"]) # if util.isChildUri(url, l["root"]): _logger.debug(" -> DENIED due to locked child %s" % lockString(l)) errcond.add_href(l["root"]) finally: self._lock.release() # If there were conflicts, raise HTTP_LOCKED for <url>, and pass # conflicting resource with 'no-conflicting-lock' precondition if len(errcond.hrefs) > 0: raise DAVError(HTTP_LOCKED, errcondition=errcond) return
def _listDirectory(self, davres, environ, start_response): """ @see: http://www.webdav.org/specs/rfc4918.html#rfc.section.9.4 """ assert davres.isCollection dirConfig = environ["wsgidav.config"].get("dir_browser", {}) displaypath = compat.unquote(davres.getHref()) isReadOnly = environ["wsgidav.provider"].isReadOnly() trailer = dirConfig.get("response_trailer") if trailer: trailer = trailer.replace("${version}", "<a href='https://github.com/mar10/wsgidav/'>WsgiDAV/%s</a>" % __version__) trailer = trailer.replace("${time}", util.getRfc1123Time()) else: trailer = ("<a href='https://github.com/mar10/wsgidav/'>WsgiDAV/%s</a> - %s" % (__version__, util.getRfc1123Time())) html = [] html.append( "<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01//EN' " "'http://www.w3.org/TR/html4/strict.dtd'>") html.append("<html>") html.append("<head>") html.append( "<meta http-equiv='Content-Type' content='text/html; charset=UTF-8'>") html.append("<meta name='generator' content='WsgiDAV %s'>" % __version__) html.append("<title>WsgiDAV - Index of %s </title>" % displaypath) html.append("<script type='text/javascript'>%s</script>" % PAGE_SCRIPT) html.append("<style type='text/css'>%s</style>" % PAGE_CSS) # Special CSS to enable MS Internet Explorer behaviour if dirConfig.get("ms_mount"): html.append( "<style type='text/css'> A {behavior: url(#default#AnchorClick);} </style>") if dirConfig.get("ms_sharepoint_plugin"): html.append( "<object id='winFirefoxPlugin' type='application/x-sharepoint' width='0' " "height='0' style=''visibility: hidden;'></object>") html.append("</head>") html.append("<body onload='onLoad()'>") # Title html.append("<h1>Index of %s</h1>" % displaypath) # Add DAV-Mount link and Web-Folder link links = [] if dirConfig.get("davmount"): links.append("<a title='Open this folder in a WebDAV client.' " "href='%s?davmount'>Mount</a>" % util.makeCompleteUrl(environ)) if dirConfig.get("ms_mount"): links.append("<a title='Open as Web Folder (requires Microsoft Internet Explorer)' " "href='' FOLDER='%s'>Open as Web Folder</a>" % util.makeCompleteUrl(environ)) # html.append("<a href='' FOLDER='%ssetup.py'>Open setup.py as WebDAV</a>" % util.makeCompleteUrl(environ)) if links: html.append("<p>%s</p>" % " – ".join(links)) html.append("<hr>") # Listing html.append("<table onclick='return onClickTable(event)'>") html.append("<thead>") html.append( "<tr><th>Name</th> <th>Type</th> <th class='right'>Size</th> " "<th class='right'>Last modified</th> </tr>") html.append("</thead>") html.append("<tbody>") if davres.path in ("", "/"): html.append( "<tr><td>Top level share</td> <td></td> <td></td> <td></td> </tr>") else: parentUrl = util.getUriParent(davres.getHref()) html.append("<tr><td><a href='" + parentUrl + "'>Parent Directory</a></td> <td></td> <td></td> <td></td> </tr>") # Ask collection for member info list dirInfoList = davres.getDirectoryInfo() if dirInfoList is None: # No pre-build info: traverse members dirInfoList = [] childList = davres.getDescendants(depth="1", addSelf=False) for res in childList: di = res.getDisplayInfo() href = res.getHref() infoDict = {"href": href, "class": "", "displayName": res.getDisplayName(), "lastModified": res.getLastModified(), "isCollection": res.isCollection, "contentLength": res.getContentLength(), "displayType": di.get("type"), "displayTypeComment": di.get("typeComment"), } if not isReadOnly and not res.isCollection: ext = os.path.splitext(href)[1].lstrip(".").lower() officeType = msOfficeExtToTypeMap.get(ext) if officeType: # print "OT", officeType # print "OT", dirConfig if dirConfig.get("ms_sharepoint_plugin"): infoDict["class"] = "msoffice" elif dirConfig.get("ms_sharepoint_urls"): infoDict[ "href"] = "ms-%s:ofe|u|%s" % (officeType, href) dirInfoList.append(infoDict) # for infoDict in dirInfoList: lastModified = infoDict.get("lastModified") if lastModified is None: infoDict["strModified"] = "" else: infoDict["strModified"] = util.getRfc1123Time(lastModified) infoDict["strSize"] = "-" if not infoDict.get("isCollection"): contentLength = infoDict.get("contentLength") if contentLength is not None: infoDict["strSize"] = util.byteNumberString(contentLength) html.append("""\ <tr><td><a href="%(href)s" class="%(class)s">%(displayName)s</a></td> <td>%(displayType)s</td> <td class='right'>%(strSize)s</td> <td class='right'>%(strModified)s</td></tr>""" % infoDict) html.append("</tbody>") html.append("</table>") html.append("<hr>") if "http_authenticator.username" in environ: if environ.get("http_authenticator.username"): html.append("<p>Authenticated user: '******', realm: '%s'.</p>" % (environ.get("http_authenticator.username"), environ.get("http_authenticator.realm"))) # else: # html.append("<p>Anonymous</p>") if trailer: html.append("<p class='trailer'>%s</p>" % trailer) html.append("</body></html>") body = "\n".join(html) body = compat.to_bytes(body) start_response("200 OK", [("Content-Type", "text/html"), ("Content-Length", str(len(body))), ("Date", util.getRfc1123Time()), ]) return [body]
def change_parents_property(app_id, obj_id, path, propname, value): change_property_value(app_id, obj_id, path, propname, value) for key in cache: if (key[0], key[1]) == (app_id, obj_id) and posixpath.normpath(util.getUriParent(path)) == os.path.normpath(key[2]): change_parents_property(app_id, obj_id, key[2], propname, value)
def _get_context(self, environ, davres): """ @see: http://www.webdav.org/specs/rfc4918.html#rfc.section.9.4 """ assert davres.isCollection dirConfig = environ["wsgidav.config"].get("dir_browser", {}) isReadOnly = environ["wsgidav.provider"].isReadOnly() context = { "htdocs": (self.config.get("mount_path") or "") + ASSET_SHARE, "rows": [], "version": __version__, "displaypath": compat.unquote(davres.getHref()), "url": davres.getHref(), # util.makeCompleteUrl(environ), "parentUrl": util.getUriParent(davres.getHref()), "config": dirConfig, "isReadOnly": isReadOnly, } trailer = dirConfig.get("response_trailer") if trailer: trailer = trailer.replace( "${version}", "<a href='https://github.com/mar10/wsgidav/'>WsgiDAV/{}</a>". format(__version__)) trailer = trailer.replace("${time}", util.getRfc1123Time()) else: trailer = ( "<a href='https://github.com/mar10/wsgidav/'>WsgiDAV/{}</a> - {}" .format(__version__, util.getRfc1123Time())) context["trailer"] = trailer rows = context["rows"] # Ask collection for member info list dirInfoList = davres.getDirectoryInfo() if dirInfoList is None: # No pre-build info: traverse members dirInfoList = [] childList = davres.getDescendants(depth="1", addSelf=False) for res in childList: di = res.getDisplayInfo() href = res.getHref() classes = [] if res.isCollection: classes.append("directory") entry = { "href": href, "class": " ".join(classes), "displayName": res.getDisplayName(), "lastModified": res.getLastModified(), "isCollection": res.isCollection, "contentLength": res.getContentLength(), "displayType": di.get("type"), "displayTypeComment": di.get("typeComment"), } if not isReadOnly and not res.isCollection: ext = os.path.splitext(href)[1].lstrip(".").lower() officeType = msOfficeExtToTypeMap.get(ext) if officeType: if dirConfig.get("ms_sharepoint_plugin"): entry["class"] = "msoffice" elif dirConfig.get("ms_sharepoint_urls"): entry["href"] = "ms-{}:ofe|u|{}".format( officeType, href) dirInfoList.append(entry) # ignore_patterns = dirConfig.get("ignore", []) for entry in dirInfoList: # Skip ignore patterns ignore = False for pat in ignore_patterns: if fnmatch(entry["displayName"], pat): _logger.debug("Ignore {}".format(entry["displayName"])) ignore = True break if ignore: continue # lastModified = entry.get("lastModified") if lastModified is None: entry["strModified"] = "" else: entry["strModified"] = util.getRfc1123Time(lastModified) entry["strSize"] = "-" if not entry.get("isCollection"): contentLength = entry.get("contentLength") if contentLength is not None: entry["strSize"] = util.byteNumberString(contentLength) rows.append(entry) # sort sort = "name" if sort == "name": rows.sort(key=lambda v: "{}{}".format(not v["isCollection"], v[ "displayName"].lower())) if "http_authenticator.username" in environ: context["username"] = environ.get( "http_authenticator.username") or "anonymous" context["realm"] = environ.get("http_authenticator.realm") return context
def parent(self): return util.getUriParent(self.path)