def parse_dsd(dsd): """ DSD stands for dynamic service data and should be used for transfering IDs for news, topics, ... Take care for injection attacks! :param dsd: DSD string for parsing :return: (dict) Parsed DSD :since: v1.0.0 """ dsd = InputFilter.filter_control_chars(dsd) if ("+" not in dsd and VirtualRoute.RE_PLUS_ENCODED_CHAR.search(dsd) is not None): dsd = Uri.decode_query_value(dsd) elif (" " in dsd): dsd = Uri.encode_query_value(dsd) dsd = VirtualRoute.RE_DSD_PLUS_SPAM_CHAR.sub("++", dsd) dsd_list = dsd.split("++") _return = { } for dsd in dsd_list: dsd_element = dsd.strip().split("+", 1) if (len(dsd_element) > 1): _return[dsd_element[0]] = InputFilter.filter_control_chars(Uri.decode_query_value(dsd_element[1])) elif (len(dsd_element[0]) > 0): _return[dsd_element[0]] = "" # return _return
def execute_new(self, is_save_mode = False): # """ Action for "new" :since: v0.1.00 """ # pylint: disable=star-args tid = InputFilter.filter_file_path(self.request.get_dsd("dtid", "")) oid = InputFilter.filter_file_path(self.request.get_dsd("doid", "")) source_iline = InputFilter.filter_control_chars(self.request.get_dsd("source", "")).strip() target_iline = InputFilter.filter_control_chars(self.request.get_dsd("target", "")).strip() if (source_iline == ""): # source_iline = ("m=discuss;dsd=dpid+{0}".format(Link.encode_query_value(oid)) if (tid == "") else "m=discuss;dsd=dtid+{0}".format(Link.encode_query_value(tid)) ) # if (target_iline == ""): target_iline = "m=discuss;dsd=dpid+__id_d__" if (tid != ""): oid = tid self._execute_new("new", oid, source_iline = source_iline, target_iline = target_iline, is_save_mode = is_save_mode )
def execute_new(self, is_save_mode = False): # """ Action for "new" :since: v0.1.00 """ form_id = InputFilter.filter_control_chars(self.request.get_dsd("oform_id", "")).strip() form_field_id = InputFilter.filter_control_chars(self.request.get_dsd("oform_field_id", "")).strip() L10n.init("pas_http_core_form") form = FormProcessor(form_id) form.set_form_render_id(Binary.str(hexlify(urandom(16)))) if (is_save_mode): form.set_input_available() self._apply_new_form(form) if (is_save_mode and form.check()): # entry_data = self._save_new_form(form) form_store = form.get_form_store() form_store_dict = form_store.get_value_dict() form_store_field_id = "form_api_dynamic_{0}".format(form_field_id) entry_list = form_store_dict.get(form_store_field_id, [ ]) entry_list.append(entry_data) form_store_dict[form_store_field_id] = entry_list form_store.set_value_dict(form_store_dict) self._set_destroy_dom_result() # else: # content = { "title": self._get_form_action_new_title(), "on_closed_query": Link().build_url(Link.TYPE_QUERY_STRING, { "__request__": True, "a": "get" }) } content['form'] = { "object": form, "url_parameters": { "__request__": True, "a": "new-save" }, "button_title": "core_continue" } method = (self._set_replace_dom_oset_result if (is_save_mode) else self._set_append_overlay_dom_oset_result ) method("dynamic_form.overlay", content)
def execute_delete(self): """ Action for "delete" :since: v0.2.00 """ cid = InputFilter.filter_file_path(self.request.get_dsd("mcid", "")) source_iline = InputFilter.filter_control_chars(self.request.get_dsd("source", "")).strip() target_iline = InputFilter.filter_control_chars(self.request.get_dsd("target", "")).strip() if (source_iline == ""): source_iline = "m=mp;a=list_root_containers" if (target_iline == ""): target_iline = source_iline L10n.init("mp_core") session = (self.request.get_session() if (self.request.is_supported("session")) else None) user_profile = (None if (session is None) else session.get_user_profile()) if (user_profile is None or (not user_profile.is_type("ad")) ): raise TranslatableError("core_access_denied", 403) try: mp_entry = MpEntry.load_id(cid) except NothingMatchedException as handled_exception: raise TranslatableError("mp_core_cid_invalid", 404, _exception = handled_exception) if (self.response.is_supported("html_css_files")): self.response.add_theme_css_file("mini_default_sprite.min.css") Link.set_store("servicemenu", Link.TYPE_RELATIVE_URL, L10n.get("core_back"), { "__query__": re.sub("\\_\\_\\w+\\_\\_", "", source_iline) }, icon = "mini-default-back", priority = 7 ) if (not DatabaseTasks.is_available()): raise TranslatableException("pas_core_tasks_daemon_not_available") mp_entry.delete() database_tasks = DatabaseTasks.get_instance() database_tasks.add("dNG.pas.upnp.Resource.onDeleted.{0}".format(cid), "dNG.pas.upnp.Resource.onDeleted", 1, container_id = cid) database_tasks.add("dNG.pas.upnp.Resource.onRootContainerDeleted.{0}".format(cid), "dNG.pas.upnp.Resource.onRootContainerDeleted", 1, container_id = cid) target_iline = re.sub("\\_\\w+\\_\\_", "", target_iline) NotificationStore.get_instance().add_completed_info(L10n.get("mp_core_done_root_container_delete")) Link.clear_store("servicemenu") redirect_request = PredefinedHttpRequest() redirect_request.set_iline(target_iline) self.request.redirect(redirect_request)
def execute_logout(self): """ Action for "logout" :since: v0.2.00 """ source_iline = InputFilter.filter_control_chars(self.request.get_dsd("source", "")).strip() target_iline = InputFilter.filter_control_chars(self.request.get_dsd("target", "")).strip() if (target_iline == ""): if (Settings.is_defined("pas_http_user_logout_default_target_lang_{0}".format(self.request.get_lang()))): target_iline = Settings.get("pas_http_user_logout_default_target_lang_{0}".format(self.request.get_lang())) elif (Settings.is_defined("pas_http_user_logout_default_target")): target_iline = Settings.get("pas_http_user_logout_default_target") else: target_iline = source_iline # L10n.init("pas_http_user") if (self.response.is_supported("html_css_files")): self.response.add_theme_css_file("mini_default_sprite.min.css") Link.set_store("servicemenu", Link.TYPE_RELATIVE_URL, L10n.get("core_back"), { "__query__": re.sub("\\_\\_\\w+\\_\\_", "", source_iline) }, icon = "mini-default-back", priority = 7 ) if (not self.request.is_supported("session")): raise TranslatableError("core_unknown_error", 500) session = Session.load(session_create = False) if (session is not None): session.delete() self.request.set_session(None) # Link.clear_store("servicemenu") target_iline = re.sub("\\_\\_\\w+\\_\\_", "", target_iline) redirect_request = PredefinedHttpRequest() redirect_request.set_module("output") redirect_request.set_service("http") redirect_request.set_action("done") redirect_request.set_parameter_chained("title", L10n.get("pas_http_user_logout")) redirect_request.set_parameter_chained("message", L10n.get("pas_http_user_done_logout")) redirect_request.set_parameter_chained("target_iline", target_iline) self.request.redirect(redirect_request)
def execute(self): # """ Executes the processor. :since: v0.1.00 """ if (self.form is None or (not self.validate_settings(self.settings))): raise ValueException("Processor is not configured") lang = (self.settings['email_lang'] if ("email_lang" in self.settings) else L10n.get_instance().get_lang() ) sender = (InputFilter.filter_control_chars(self.form.get_input(self.settings['email_sender_field_name'])) if ("email_sender_field_name" in self.settings) else None ) subject = (InputFilter.filter_control_chars(self.form.get_input(self.settings['email_subject_field_name'])) if ("email_subject_field_name" in self.settings) else self.settings['email_subject_title'] ) if (subject is None or len(subject.strip()) < 1): raise ValueException("Given e-mail subject is invalid") content_list = [ ] titles = self.settings.get("form_field_titles", { }) for field_name in self.settings['email_content_field_names']: # value = InputFilter.filter_control_chars(self.form.get_input(field_name)) content_list.append("{0}:\n{1}".format((titles[field_name] if (field_name in titles) else field_name), value ) ) # content = "\n\n".join(content_list) DatabaseTasks.get_instance().add("dNG.pas.http.Form.sendEMail.{0}".format(Binary.str(hexlify(urandom(16)))), "dNG.pas.http.Form.sendEMail", 1, lang = lang, sender = sender, subject = subject, content = content )
def execute_register(self, is_save_mode = False): """ Action for "register" :since: v0.2.00 """ source_iline = InputFilter.filter_control_chars(self.request.get_dsd("source", "")).strip() target_iline = InputFilter.filter_control_chars(self.request.get_dsd("target", "")).strip() self._execute_register(source_iline = source_iline, target_iline = target_iline, is_save_mode = is_save_mode )
def execute_delete(self): # """ Action for "delete" :since: v0.1.00 """ form_field_id = InputFilter.filter_control_chars(self.request.get_dsd("oform_field_id", "")).strip() form_field_entry_position = InputFilter.filter_int(self.request.get_dsd("oform_field_entry_position", -1)) if (form_field_entry_position > -1): # form_store = self._get_form_store() form_store_dict = form_store.get_value_dict() form_store_field_id = "form_api_dynamic_{0}".format(form_field_id) entry_list = form_store_dict.get(form_store_field_id, [ ]) if (len(entry_list) > form_field_entry_position): del(entry_list[form_field_entry_position]) form_store_dict[form_store_field_id] = entry_list form_store.set_value_dict(form_store_dict) # redirect_request = PredefinedHttpRequest() redirect_request.set_module(self.request.get_module()) redirect_request.set_service(self.request.get_service()) redirect_request.set_action("get") redirect_request.set_dsd_dict(self.request.get_dsd_dict()) self.request.redirect(redirect_request)
def execute_get(self): # """ Action for "get" :since: v0.1.00 """ if (not self.response.is_supported("dict_result_renderer")): raise IOException("Unsupported response object for action") form_id = InputFilter.filter_control_chars(self.request.get_dsd("oform_id")) form_field_id = InputFilter.filter_control_chars(self.request.get_dsd("oform_field_id")) try: form_store = Processor.load_form_store_id(form_id) except NothingMatchedException as handled_exception: raise TranslatableException("core_access_denied", 403, _exception = handled_exception) self._handle_get_choices(form_store, form_field_id)
def get_app_configuration(self, api_version, template_type, client_details): """ Returns ApiEndpoint settings based on the given API version. :param api_version: API version requested :param template_type: Template type requested by the client :param client_details: JSON encoded client details :return: (dict) ApiEndpoint settings :since: v0.2.00 """ if (template_type == ""): template_type = "ten_foot_web" template_type = "leanback_{0}".format(InputFilter.filter_control_chars(template_type).strip()) session = Session.load() if (session.get("mp.leanback.user_agent") != self.client_user_agent): session.set("mp.leanback.access_granted", True) session.set("mp.leanback.user_agent", self.client_user_agent) session.set("mp.leanback.template_type", template_type) session.save() # url_parameters = { "m": "mp", "s": "leanback", "a": "dashboard", "uuid": session.get_uuid() } url = Link.get_preferred("upnp").build_url(Link.TYPE_ABSOLUTE_URL, url_parameters) return JsonResource().data_to_json({ "url": url })
def _get_form_store(self): # """ Returns the form store in use for this dynamic field. :return: (object) The form store in use for this dynamic field :since: v0.1.00 """ form_id = InputFilter.filter_control_chars(self.request.get_dsd("oform_id")) return FormProcessor.load_form_store_id(form_id)
def _get_form_field_list(self): # """ Returns the content of the form store for this dynamic field. :return: (dict) Content of the form store for this dynamic field :since: v0.1.00 """ form_field_id = InputFilter.filter_control_chars(self.request.get_dsd("oform_field_id")) form_value_dict = self._get_form_store().get_value_dict() return form_value_dict.get("form_api_dynamic_{0}".format(form_field_id), [ ])
def cookies(self): """ Returns request cookies. :return: (dict) Request cookie name as key and value :since: v1.0.0 """ _return = { } cookies = Header.get_field_list_dict(InputFilter.filter_control_chars(self.get_header("Cookie")), ";", "=") for cookie in cookies: _return[cookie['key']] = cookie['value'] return _return
def execute_reply(self, is_save_mode = False): # """ Action for "reply" :since: v0.1.00 """ # pylint: disable=star-args pid = InputFilter.filter_file_path(self.request.get_dsd("dpid", "")) source_iline = InputFilter.filter_control_chars(self.request.get_dsd("source", "")).strip() target_iline = InputFilter.filter_control_chars(self.request.get_dsd("target", "")).strip() if (source_iline == ""): source_iline = "m=discuss;dsd=dpid+{0}".format(Link.encode_query_value(pid)) if (target_iline == ""): target_iline = "m=discuss;dsd=dpid+__id_d__" self._execute_new("reply", pid = pid, source_iline = source_iline, target_iline = target_iline, is_save_mode = is_save_mode )
def get_view(self): """ Action for "view" :since: v1.0.0 """ cid = InputFilter.filter_file_path(self.request.get_parameter("cid", "")) source_iline = InputFilter.filter_control_chars(self.request.get_parameter("source", "")).strip() L10n.init("pas_http_core_contentfile") Settings.read_file("{0}/settings/pas_http_contentfiles.json".format(Settings.get("path_data"))) contentfiles = Settings.get("pas_http_contentfiles_list", { }) if (type(contentfiles) is not dict): raise TranslatableError("pas_http_core_contentfile_cid_invalid", 404) if (source_iline != ""): if (self.response.is_supported("html_css_files")): self.response.add_theme_css_file("mini_default_sprite.css") Link.set_store("servicemenu", Link.TYPE_RELATIVE_URL, L10n.get("core_back"), { "__query__": re.sub("\\_\\_\\w+\\_\\_", "", source_iline) }, icon = "mini-default-back", priority = 7 ) # if (cid not in contentfiles or "title" not in contentfiles[cid] or "filepath" not in contentfiles[cid] ): raise TranslatableError("pas_http_core_contentfile_cid_invalid", 404) file_content = FileContent.read(contentfiles[cid]['filepath']) if (file_content is None): raise TranslatableError("pas_http_core_contentfile_cid_invalid", 404) if (path.splitext(contentfiles[cid]['filepath'])[1].lower() == ".ftg"): file_content = FormTags.render(file_content) content = { "title": contentfiles[cid]['title'], "content": file_content } self.response.init() self.response.page_title = contentfiles[cid]['title'] self.response.add_oset_content("core.simple_content", content)
def execute_subscribe(self): # """ Action for "subscribe" :since: v0.1.00 """ _id = InputFilter.filter_file_path(self.request.get_dsd("oid", "")) source_iline = InputFilter.filter_control_chars(self.request.get_dsd("source", "")).strip() L10n.init("pas_http_datalinker") L10n.init("pas_http_subscription") if (self.response.is_supported("html_css_files")): self.response.add_theme_css_file("mini_default_sprite.min.css") if (len(source_iline) > 0): # Link.set_store("servicemenu", Link.TYPE_RELATIVE_URL, L10n.get("core_back"), { "__query__": re.sub("\\_\\_\\w+\\_\\_", "", source_iline) }, icon = "mini-default-back", priority = 7 ) # session = (self.request.get_session() if (self.request.is_supported("session")) else None) subscription_handler = self._get_subscription_handler(_id) if (subscription_handler is None): NotificationStore.get_instance().add_error(L10n.get("errors_pas_http_subscription_not_subscribable")) elif (not subscription_handler.is_subscribable_for_session_user(session)): NotificationStore.get_instance().add_error(L10n.get("errors_pas_http_subscription_not_subscribable")) else: # subscription_handler.set_session(session) if (not subscription_handler.is_subscribed()): subscription_handler.subscribe() NotificationStore.get_instance().add_completed_info(L10n.get("pas_http_subscription_done_subscribe")) # source_iline = re.sub("\\_\\_\\w+\\_\\_", "", source_iline) Link.clear_store("servicemenu") redirect_request = PredefinedHttpRequest() redirect_request.set_iline(source_iline) self.request.redirect(redirect_request)
def _read_parameters(self): """ Reads and returns the request parameters from the incoming request. :return: (dict) Request parameters :since: v1.0.0 """ _return = AbstractHttpRequest._read_parameters(self) request_body = self.prepare_body_instance(content_type_expected = "application/x-www-form-urlencoded") if (request_body is None): request_body = self.prepare_body_instance(content_type_expected = "multipart/form-data") if (isinstance(request_body, Mapping)): for key in request_body: _return[InputFilter.filter_control_chars(key)] = request_body[key] # return _return
def execute_api_get_configuration(self): """ Action for "api_get_configuration" :since: v0.2.00 """ user_agent = self.request.get_header("User-Agent") template_type = (self.request.get_parameter_chained("attype", "ten_foot_web") if (self.request.is_supported("parameters_chained")) else self.request.get_parameter("attype", "ten_foot_web") ) template_type = "leanback_{0}".format(InputFilter.filter_control_chars(template_type).strip()) self.response.init(True) self.response.set_header("Access-Control-Allow-Origin", "*") if (not self.response.is_supported("dict_result_renderer")): raise TranslatableError("core_access_denied", 403) self._ensure_access_granted() session = Session.load() if (session.get("mp.leanback.user_agent") != user_agent): session.set("mp.leanback.access_granted", True) session.set("mp.leanback.user_agent", user_agent) session.set("mp.leanback.template_type", template_type) session.set_cookie(Settings.get("pas_http_site_cookies_supported", True)) session.save() self.request.set_session(session) # url_parameters = { "m": "mp", "s": "leanback", "a": "dashboard", "uuid": session.get_uuid() } self.response.set_result({ "url": Link.get_preferred("upnp").build_url(Link.TYPE_ABSOLUTE_URL, url_parameters) })
def _check_username_not_registered(self, field, validator_context): """ Form validator that checks if the user name is not already registered. :param field: Form field :param validator_context: Form validator context :return: (str) Error message; None on success :since: v0.2.00 """ _return = None user_profile_class = NamedLoader.get_class("dNG.data.user.Profile") if (user_profile_class is None): _return = L10n.get("pas_http_core_form_error_internal_error") else: try: user_profile_class.load_username(InputFilter.filter_control_chars(field.get_value()), True) _return = L10n.get("pas_http_user_form_error_username_exists") except NothingMatchedException: pass # return _return
def execute_edit(self, is_save_mode = False): """ Action for "edit" :since: v0.2.00 """ did = InputFilter.filter_file_path(self.request.get_dsd("cdid", "")) source_iline = InputFilter.filter_control_chars(self.request.get_dsd("source", "")).strip() target_iline = InputFilter.filter_control_chars(self.request.get_dsd("target", "")).strip() source = source_iline if (source_iline == ""): source_iline = "m=contentor;dsd=cdid+{0}".format(Link.encode_query_value(did)) target = target_iline if (target_iline == ""): target_iline = source_iline L10n.init("pas_http_contentor") try: document = _Document.load_id(did) except NothingMatchedException as handled_exception: raise TranslatableError("pas_http_contentor_did_invalid", 404, _exception = handled_exception) session = (self.request.get_session() if (self.request.is_supported("session")) else None) if (session is not None): document.set_permission_session(session) if (not document.is_manageable()): raise TranslatableError("core_access_denied", 403) document_parent = document.load_parent() if (isinstance(document_parent, OwnableInstance) and (not document_parent.is_readable_for_session_user(session))): raise TranslatableError("core_access_denied", 403) if (self.response.is_supported("html_css_files")): self.response.add_theme_css_file("mini_default_sprite.min.css") Link.set_store("servicemenu", Link.TYPE_RELATIVE_URL, L10n.get("core_back"), { "__query__": re.sub("\\_\\_\\w+\\_\\_", "", source_iline) }, icon = "mini-default-back", priority = 7 ) if (not DatabaseTasks.is_available()): raise TranslatableException("pas_core_tasks_daemon_not_available") document_data = document.get_data_attributes("tag") form_id = InputFilter.filter_control_chars(self.request.get_parameter("form_id")) form = FormProcessor(form_id) form.set_context({ "category": document_parent, "form": "edit", "current_tag": document_data['tag'] }) if (is_save_mode): form.set_input_available() self._apply_form(form, document) if (is_save_mode and form.check()): document_title = InputFilter.filter_control_chars(form.get_value("ctitle")) document_tag = InputFilter.filter_control_chars(form.get_value("ctag")) document_description = InputFilter.filter_control_chars(form.get_value("cdescription")) document_content = InputFilter.filter_control_chars(form.get_value("ccontent")) document.set_data_attributes(time_sortable = time(), title = document_title, tag = document_tag, content = FormTags.encode(document_content), description = FormTags.encode(document_description) ) document.save() cid = (did if (document.is_main_entry()) else document_parent.get_id()) DatabaseTasks.get_instance().add("dNG.pas.contentor.Document.onUpdated.{0}".format(did), "dNG.pas.contentor.Document.onUpdated", 1, category_id = cid, document_id = did ) target_iline = target_iline.replace("__id_d__", "{0}".format(did)) target_iline = re.sub("\\_\\w+\\_\\_", "", target_iline) NotificationStore.get_instance().add_completed_info(L10n.get("pas_http_contentor_done_document_edit")) Link.clear_store("servicemenu") redirect_request = PredefinedHttpRequest() redirect_request.set_iline(target_iline) self.request.redirect(redirect_request) else: content = { "title": L10n.get("pas_http_contentor_document_edit") } content['form'] = { "object": form, "url_parameters": { "__request__": True, "a": "edit-save", "dsd": { "source": source, "target": target } }, "button_title": "pas_http_core_edit" } self.response.init() self.response.set_title(content['title']) self.response.add_oset_content("core.form", content)
def execute_new(self, is_save_mode = False): # """ Action for "new" :since: v0.1.00 """ # pylint: disable=star-args lid = InputFilter.filter_file_path(self.request.get_dsd("dlid", "")) oid = InputFilter.filter_file_path(self.request.get_dsd("doid", "")) source_iline = InputFilter.filter_control_chars(self.request.get_dsd("source", "")).strip() target_iline = InputFilter.filter_control_chars(self.request.get_dsd("target", "")).strip() source = source_iline if (source_iline == ""): # source_iline = ("m=discuss;dsd=dtid+{0}".format(Link.encode_query_value(oid)) if (lid == "") else "m=discuss;dsd=dlid+{0}".format(Link.encode_query_value(lid)) ) # target = target_iline if (target_iline == ""): target_iline = "m=discuss;dsd=dtid+__id_d__" L10n.init("pas_http_datalinker") L10n.init("pas_http_discuss") if (lid != ""): oid = lid try: _list = List.load_id(oid) except NothingMatchedException as handled_exception: raise TranslatableError("pas_http_datalinker_oid_invalid", 404, _exception = handled_exception) is_manageable = False session = (self.request.get_session() if (self.request.is_supported("session")) else None) if (isinstance(_list, OwnableInstance)): # if (not _list.is_writable_for_session_user(session)): raise TranslatableError("core_access_denied", 403) is_manageable = _list.is_manageable_for_session_user(session) # elif (session is not None): # user_profile = session.get_user_profile() if (user_profile is not None): is_manageable = user_profile.is_type("ad") # if (self.response.is_supported("html_css_files")): self.response.add_theme_css_file("mini_default_sprite.min.css") Link.set_store("servicemenu", Link.TYPE_RELATIVE_URL, L10n.get("core_back"), { "__query__": re.sub("\\_\\_\\w+\\_\\_", "", source_iline) }, icon = "mini-default-back", priority = 7 ) if (not DatabaseTasks.is_available()): raise TranslatableException("pas_core_tasks_daemon_not_available") form_id = InputFilter.filter_control_chars(self.request.get_parameter("form_id")) form = FormProcessor(form_id) form.set_context({ "form": "new", "list": _list }) if (is_save_mode): form.set_input_available() field = TextField("dtitle") field.set_title(L10n.get("pas_http_discuss_topic_title")) field.set_required() field.set_size(TextField.SIZE_LARGE) field.set_limits(int(Settings.get("pas_http_discuss_topic_title_min", 10))) form.add(field) if (is_manageable): # field = TextField("dtag") field.set_title(L10n.get("pas_http_discuss_topic_tag")) field.set_size(TextField.SIZE_SMALL) field.set_limits(_max = 255) field.set_validators([ self._check_tag_unique ]) form.add(field) # field = TextareaField("ddescription") field.set_title(L10n.get("pas_http_discuss_topic_description")) field.set_size(TextField.SIZE_SMALL) field.set_limits(_max = 255) form.add(field) field = FormTagsTextareaField("dpost") field.set_title(L10n.get("pas_http_discuss_post_content")) field.set_required() field.set_size(FormTagsTextareaField.SIZE_LARGE) field.set_limits(int(Settings.get("pas_http_discuss_post_content_min", 6))) form.add(field) if (is_save_mode and form.check()): # is_list = isinstance(_list, List) is_datalinker_entry = (True if (is_list) else isinstance(_list, List)) topic = _Topic() tid_d = None post = Post() topic_timestamp = time() topic_title = InputFilter.filter_control_chars(form.get_value("dtitle")) topic_description = InputFilter.filter_control_chars(form.get_value("ddescription")) topic_tag = (InputFilter.filter_control_chars(form.get_value("dtag")) if (is_manageable) else None ) post_content = InputFilter.filter_control_chars(form.get_value("dpost")) post_preview = re.sub("(\\n)+", " ", FormTags.sanitize(post_content)) if (len(post_preview) > 255): post_preview = "{0} ...".format(post_preview[:251]) topic_data = { "time_sortable": topic_timestamp, "title": FormTags.encode(topic_title), "tag": topic_tag, "author_ip": self.request.get_client_host(), "description": topic_description } user_profile = (None if (session is None) else session.get_user_profile()) if (user_profile is not None): topic_data['author_id'] = user_profile.get_id() post_data = { "time_sortable": topic_timestamp, "title": FormTags.encode(topic_title), "author_ip": self.request.get_client_host(), "content": FormTags.encode(post_content) } if (user_profile is not None): post_data['author_id'] = user_profile.get_id() with TransactionContext(): # topic.set_data_attributes(**topic_data) post.set_data_attributes(**post_data) if (is_list): _list.add_topic(topic, post, post_preview) elif (is_datalinker_entry): _list.add_entry(topic) topic.add_post(post, post_preview) topic.save() post.save() # pid = post.get_id() tid_d = topic.get_id() DatabaseTasks.get_instance().add("dNG.pas.discuss.Topic.onAdded.{0}".format(tid_d), "dNG.pas.discuss.Topic.onAdded", 1, list_id = oid, topic_id = tid_d, post_id = pid) target_iline = target_iline.replace("__id_d__", "{0}".format(tid_d)) target_iline = re.sub("\\_\\_\\w+\\_\\_", "", target_iline) NotificationStore.get_instance().add_completed_info(L10n.get("pas_http_discuss_done_topic_new")) Link.clear_store("servicemenu") redirect_request = PredefinedHttpRequest() redirect_request.set_iline(target_iline) self.request.redirect(redirect_request) # else: # content = { "title": L10n.get("pas_http_discuss_topic_new") } content['form'] = { "object": form, "url_parameters": { "__request__": True, "a": "new-save", "dsd": { "source": source, "target": target } }, "button_title": "pas_core_save" } self.response.init() self.response.set_title(content['title']) self.response.add_oset_content("core.form", content)
def execute_edit(self, is_save_mode = False): """ Action for "edit" :since: v0.2.00 """ pid = InputFilter.filter_file_path(self.request.get_dsd("upid", "")) source_iline = InputFilter.filter_control_chars(self.request.get_dsd("source", "")).strip() target_iline = InputFilter.filter_control_chars(self.request.get_dsd("target", "")).strip() source = source_iline if (source_iline == ""): source_iline = "m=user;s=profile;dsd=upid+{0}".format(Link.encode_query_value(pid)) target = target_iline if (target_iline == ""): target_iline = source_iline L10n.init("pas_http_user") session = (self.request.get_session() if (self.request.is_supported("session")) else None) session_user_is_administrator = False session_user_pid = None session_user_profile = None if (session is not None): session_user_pid = session.get_user_id() session_user_profile = session.get_user_profile() if (session_user_profile is not None): if (session_user_profile.is_valid()): session_user_is_administrator = session_user_profile.is_type("ad") if (pid == ""): pid = session_user_pid # # if (pid == ""): raise TranslatableError("pas_http_user_pid_invalid", 404) user_profile_class = NamedLoader.get_class("dNG.data.user.Profile") if (user_profile_class is None): raise TranslatableException("core_unknown_error") try: user_profile = user_profile_class.load_id(pid) except NothingMatchedException as handled_exception: raise TranslatableError("pas_http_user_pid_invalid", 404, _exception = handled_exception) if ((not session_user_is_administrator) and (pid != session_user_pid or (not user_profile.is_valid())) ): raise TranslatableError("core_access_denied", 403) if (self.response.is_supported("html_css_files")): self.response.add_theme_css_file("mini_default_sprite.min.css") Link.set_store("servicemenu", Link.TYPE_RELATIVE_URL, L10n.get("core_back"), { "__query__": re.sub("\\_\\_\\w+\\_\\_", "", source_iline) }, icon = "mini-default-back", priority = 7 ) edit_source = ("m=user;s=profile;a=edit;dsd=upid+{0}".format(Link.encode_query_value(pid)) if (source == "") else source) if (not user_profile.is_type("ex")): Link.set_store("servicemenu", Link.TYPE_RELATIVE_URL, (L10n.get("pas_http_user_change_username_or_password") if (Settings.get("pas_http_user_change_username_allowed", True)) else L10n.get("pas_http_user_change_password") ), { "m": "user", "s": "profile", "a": "change-username-password", "dsd": { "source": edit_source, "target": target } }, icon = "mini-default-option", priority = 3 ) if (not session_user_is_administrator): Link.set_store("servicemenu", Link.TYPE_RELATIVE_URL, L10n.get("pas_http_user_change_email"), { "m": "user", "s": "profile", "a": "change-email", "dsd": { "source": edit_source, "target": target } }, icon = "mini-default-option", priority = 3 ) # elif (Settings.get("pas_http_user_change_username_allowed", True)): Link.set_store("servicemenu", Link.TYPE_RELATIVE_URL, L10n.get("pas_http_user_change_username"), { "m": "user", "s": "profile", "a": "change-username", "dsd": { "source": edit_source, "target": target } }, icon = "mini-default-option", priority = 3 ) # if (not DatabaseTasks.is_available()): raise TranslatableException("pas_core_tasks_daemon_not_available") form_id = InputFilter.filter_control_chars(self.request.get_parameter("form_id")) form = FormProcessor(form_id) user_profile_data = user_profile.get_data_attributes("name", "email", "signature", "title") email = user_profile_data['email'] title = user_profile_data['title'] if (is_save_mode): form.set_input_available() if (session_user_is_administrator): field = EMailField("uemail") field.set_title(L10n.get("pas_http_user_email")) field.set_value(email) field.set_required() field.set_limits(_max = 255) form.add(field) else: field = InfoField("uemail") field.set_title(L10n.get("pas_http_user_email")) field.set_value(email) form.add(field) # field = FormTagsTextareaField("usignature") field.set_title(L10n.get("pas_http_user_signature")) field.set_value(user_profile_data['signature']) field.set_size(FormTagsTextareaField.SIZE_SMALL) field.set_limits(_max = 255) form.add(field) if (session_user_is_administrator): field = FormTagsTextField("utitle") field.set_title(L10n.get("pas_http_user_title")) field.set_value(title) field.set_limits(_max = 255) form.add(field) # if (is_save_mode and form.check()): if (session_user_is_administrator): email = InputFilter.filter_control_chars(form.get_value("uemail")) signature = InputFilter.filter_control_chars(form.get_value("usignature")) if (session_user_is_administrator): title = InputFilter.filter_control_chars(form.get_value("utitle")) original_user_profile_data = user_profile_data.copy() user_profile_data_changed = { "signature": FormTags.encode(signature) } if (session_user_is_administrator): user_profile_data_changed['email'] = email user_profile_data_changed['title'] = FormTags.encode(title) # user_profile.set_data_attributes(**user_profile_data_changed) user_profile.save() DatabaseTasks.get_instance().add("dNG.pas.user.Profile.onEdited.{0}".format(user_profile_data['name']), "dNG.pas.user.Profile.onEdited", 1, user_profile_id = pid, user_profile_data_changed = user_profile_data_changed, original_user_profile_data = original_user_profile_data ) target_iline = target_iline.replace("__id_d__", pid) target_iline = re.sub("\\_\\_\\w+\\_\\_", "", target_iline) NotificationStore.get_instance().add_completed_info(L10n.get("pas_http_user_done_change_profile")) Link.clear_store("servicemenu") redirect_request = PredefinedHttpRequest() redirect_request.set_iline(target_iline) self.request.redirect(redirect_request) else: content = { "title": L10n.get("pas_http_user_title_change_profile") } content['form'] = { "object": form, "url_parameters": { "__request__": True, "a": "edit-save", "dsd": { "source": source, "target": target } }, "button_title": "pas_http_core_edit" } self.response.init() self.response.set_title(content['title']) self.response.add_oset_content("core.form", content)
def execute_form(self, is_save_mode = False): # """ Action for "form" :since: v0.1.00 """ form_id = InputFilter.filter_file_path(self.request.get_dsd("fid", "")) source_iline = InputFilter.filter_control_chars(self.request.get_dsd("source", "")).strip() target_iline = InputFilter.filter_control_chars(self.request.get_dsd("target", "")).strip() source = source_iline target = target_iline if (target_iline == ""): # target_iline = (source_iline if (source_iline != "") else "s=file_form;dsd=fid+{0}".format(Link.encode_query_value(form_id)) ) # Hook.call("dNG.pas.http.l10n.services.FileForm.init", form_id = form_id) L10n.init("pas_http_file_form") if (self.response.is_supported("html_css_files")): self.response.add_theme_css_file("mini_default_sprite.min.css") Link.set_store("servicemenu", Link.TYPE_RELATIVE_URL, L10n.get("core_back"), { "__query__": re.sub("\\_\\_\\w+\\_\\_", "", source_iline) }, icon = "mini-default-back", priority = 7 ) file_path_name = path.abspath("{0}/forms/{1}.json".format(Settings.get("path_data"), form_id)) if ((not path.exists(file_path_name)) or (not os.access(file_path_name, os.R_OK)) ): raise TranslatableError("pas_http_file_form_not_found", 404) file_data = JsonFileContent.read(file_path_name) lang = self.request.get_lang() if (file_data is None or (("form_{0}".format(lang) not in file_data) and ("form" not in file_data)) or "execution" not in file_data or (not isinstance(file_data['execution'], dict)) or "processor" not in file_data['execution'] or (("title_{0}".format(lang) not in file_data) and ("title" not in file_data)) ): raise TranslatableException("pas_http_file_form_not_supported") if (source_iline == "" and (("html_back_url_{0}".format(lang) not in file_data) and ("html_back_url" not in file_data)) ): # Link.set_store("servicemenu", Link.TYPE_RELATIVE_URL, L10n.get("core_back"), { "__query__": (file_data["html_back_url_{0}".format(lang)] if ("html_back_url_{0}".format(lang) in file_data) else file_data['html_back_url'] ) }, icon = "mini-default-back", priority = 7 ) # form_id = InputFilter.filter_control_chars(self.request.get_parameter("form_id")) form = FormProcessor(form_id) if (is_save_mode): form.set_input_available() processor = NamedLoader.get_instance(file_data['execution']['processor']) if ((not isinstance(processor, AbstractFileFormProcessor)) or (not processor.validate_settings(file_data['execution'])) ): raise TranslatableException("pas_http_file_form_not_supported") form.load_definition(file_data["form_{0}".format(lang)] if ("form_{0}".format(lang) in file_data) else file_data['form']) if (is_save_mode and form.check()): # processor.set_form(form) processor.set_settings(file_data['execution']) processor.execute() target_iline = re.sub("\\_\\_\\w+\\_\\_", "", target_iline) title = (file_data["title_{0}".format(lang)] if ("title_{0}".format(lang) in file_data) else file_data['title']) if ("html_done_message_{0}".format(lang) in file_data): html_info = file_data["html_done_message_{0}".format(lang)] elif ("html_done_message" in file_data): html_info = file_data['html_done_message'] else: html_info = L10n.get("pas_http_core_form_done_message") NotificationStore.get_instance().add_completed_info(html_info) Link.clear_store("servicemenu") redirect_request = PredefinedHttpRequest() redirect_request.set_iline(target_iline) self.request.redirect(redirect_request) # else: # title = (file_data["title_{0}".format(lang)] if ("title_{0}".format(lang) in file_data) else file_data['title']) if ("html_title_{0}".format(lang) in file_data): html_title = file_data["html_title_{0}".format(lang)] elif ("html_title" in file_data): html_title = file_data['html_title'] else: html_title = XHtmlFormatting.escape(title) content = { "title": html_title } content['form'] = { "object": form, "url_parameters": { "__request__": True, "a": "form-save", "dsd": { "source": source, "target": target } }, "button_title": "core_continue" } self.response.init() self.response.set_title(title) self.response.add_oset_content("core.form", content)
def _execute_register(self, username = None, email = None, ex_type = None, source_iline = "", target_iline = "", is_save_mode = False): """ Action for "register" :param username: User name to be used :param email: Verified e-mail address to be used :param ex_type: Externally verified service identifier string :param source_iline: Source URI query string :param target_iline: Target URI query string :param is_save_mode: True if the form is submitted :since: v0.2.00 """ # pylint: disable=star-args source = source_iline if (source_iline == ""): source_iline = "m=user;a=services" target = target_iline if (target_iline == ""): if (Settings.is_defined("pas_http_user_register_default_target_lang_{0}".format(self.request.get_lang()))): target_iline = Settings.get("pas_http_user_register_default_target_lang_{0}".format(self.request.get_lang())) elif (Settings.is_defined("pas_http_user_register_default_target")): target_iline = Settings.get("pas_http_user_register_default_target") else: target_iline = source_iline # L10n.init("pas_http_core_form") L10n.init("pas_http_user") if (not Settings.get("pas_http_user_registration_allowed", True)): raise TranslatableError("pas_http_user_registration_disabled", 403) if (self.response.is_supported("html_css_files")): self.response.add_theme_css_file("mini_default_sprite.min.css") Link.set_store("servicemenu", Link.TYPE_RELATIVE_URL, L10n.get("core_back"), { "__query__": re.sub("\\_\\_\\w+\\_\\_", "", source_iline) }, icon = "mini-default-back", priority = 7 ) if (not DatabaseTasks.is_available()): raise TranslatableException("pas_core_tasks_daemon_not_available") form_id = InputFilter.filter_control_chars(self.request.get_parameter("form_id")) form = FormProcessor(form_id) if (is_save_mode): form.set_input_available() is_email_verified = (email is not None) if (not is_email_verified): field = EMailField("uemail") field.set_title(L10n.get("pas_http_user_email")) field.set_required() field.set_limits(_max = 255) field.set_validators([ self._check_email_not_registered ]) form.add(field) # if (username is None): field = TextField("uusername") field.set_required() field.set_limits(int(Settings.get("pas_http_core_username_min", 3)), 100) field.set_size(TextField.SIZE_SMALL) else: field = InfoField("uusername") field.set_value(username) # field.set_title(L10n.get("pas_core_username")) field.set_validators([ self._check_username_not_registered ]) form.add(field) if (is_email_verified): field = InfoField("uemail") field.set_title(L10n.get("pas_http_user_email")) field.set_value(email) field.set_validators([ self._check_email_not_registered ]) form.add(field) # if (ex_type is None): field = PasswordField("upassword") field.set_title(L10n.get("pas_http_user_password")) field.set_required() field.set_limits(int(Settings.get("pas_http_user_password_min", 6))) field.set_mode(PasswordField.PASSWORD_CLEARTEXT | PasswordField.PASSWORD_WITH_REPETITION) form.add(field) # tos_filepath = Settings.get_lang_associated("pas_http_user_tos_filepath", self.request.get_lang(), "{0}/settings/pas_user_tos.ftg".format(Settings.get("path_data")) ) field = FormTagsFileField("utos") field.set_title(L10n.get("pas_http_user_tos")) field.set_required() field.set_formtags_filepath(tos_filepath) form.add(field) tos_choices = [ { "title": L10n.get("core_yes"), "value": "accepted" }, { "title": L10n.get("core_no"), "value": "denied" } ] field = RadioField("utos_accepted") field.set_title(L10n.get("pas_http_user_tos_accepted")) field.set_choices(tos_choices) field.set_required() field.set_validators([ self._check_tos_accepted ]) form.add(field) if (is_save_mode and form.check()): if (not is_email_verified): email = InputFilter.filter_email_address(form.get_value("uemail")) if (username is None): username = InputFilter.filter_control_chars(form.get_value("uusername")) user_profile_class = NamedLoader.get_class("dNG.data.user.Profile") if (user_profile_class is None): raise TranslatableException("core_unknown_error") user_profile = user_profile_class() user_profile_data = { "name": username, "lang": self.request.get_lang(), "email": email } if (ex_type is None): password = InputFilter.filter_control_chars(form.get_value("upassword")) user_profile.set_password(password) else: user_profile_data['type'] = user_profile_class.TYPE_EXTERNAL_VERIFIED_MEMBER user_profile_data['type_ex'] = ex_type # with TransactionContext(): user_profile.set_data_attributes(**user_profile_data) if (not is_email_verified): user_profile.lock() else: user_profile.unlock() user_profile.save() # user_id = user_profile.get_id() if (not is_email_verified): cleanup_timeout_days = int(Settings.get("pas_http_user_registration_days", 28)) cleanup_timeout = (cleanup_timeout_days * 86400) vid = Md5.hash(urandom(32)) database_tasks = DatabaseTasks.get_instance() database_tasks.add("dNG.pas.user.Profile.delete.{0}".format(username), "dNG.pas.user.Profile.delete", cleanup_timeout, username = username ) database_tasks.add("dNG.pas.user.Profile.sendRegistrationEMail.{0}".format(username), "dNG.pas.user.Profile.sendRegistrationEMail", 1, username = username, vid = vid, vid_timeout_days = cleanup_timeout_days ) database_tasks.register_timeout(vid, "dNG.pas.user.Profile.registrationValidated", cleanup_timeout, username = username, vid = vid ) self._on_pending_registration(user_id, source_iline, target_iline) else: self._on_registration_completed(user_id, source_iline, target_iline) else: content = { "title": L10n.get("pas_http_user_registration") } content['form'] = { "object": form, "url_parameters": { "__request__": True, "a": "register-save", "dsd": { "source": source, "target": target } }, "button_title": "core_continue" } self.response.init() self.response.set_title(content['title']) self.response.add_oset_content("core.form", content)
def execute_view(self): """ Action for "view" :since: v0.2.00 """ pid = InputFilter.filter_file_path(self.request.get_dsd("upid", "")) source_iline = InputFilter.filter_control_chars(self.request.get_dsd("source", "")).strip() source = source_iline if (source_iline == ""): source_iline = "m=user;a=services" L10n.init("pas_http_user") session = (self.request.get_session() if (self.request.is_supported("session")) else None) session_user_is_administrator = False session_user_pid = None session_user_profile = None if (session is not None): session_user_pid = session.get_user_id() session_user_profile = session.get_user_profile() if (session_user_profile is not None and session_user_profile.is_valid()): session_user_is_administrator = session_user_profile.is_type("ad") if (pid == ""): pid = session_user_pid else: session_user_pid = None # if (pid == ""): raise TranslatableError("pas_http_user_pid_invalid", 404) user_profile_class = NamedLoader.get_class("dNG.data.user.Profile") if (user_profile_class is None): raise TranslatableException("core_unknown_error") try: user_profile = user_profile_class.load_id(pid) except NothingMatchedException as handled_exception: raise TranslatableError("pas_http_user_pid_invalid", 404, _exception = handled_exception) if (user_profile.is_deleted()): raise TranslatableError("pas_http_user_pid_invalid", 404) if (self.response.is_supported("html_css_files")): self.response.add_theme_css_file("mini_default_sprite.min.css") Link.set_store("servicemenu", Link.TYPE_RELATIVE_URL, L10n.get("core_back"), { "__query__": re.sub("\\_\\_\\w+\\_\\_", "", source_iline) }, icon = "mini-default-back", priority = 7 ) if (session_user_pid is not None): Link.set_store("servicemenu", Link.TYPE_RELATIVE_URL, L10n.get("pas_http_user_profile_edit"), { "m": "user", "s": "profile", "a": "edit", "dsd": { "source": source } }, icon = "mini-default-option", priority = 3 ) # user_profile_data = user_profile.get_data_attributes("type", "name", "email", "email_public", "title", "signature", "registration_ip", "registration_time", "lastvisit_ip", "lastvisit_time" ) view = FormView() if (user_profile_data['email'] != "" and session_user_profile is not None and session_user_profile.is_valid() ): field = InfoField("uemail") field.set_title(L10n.get("pas_http_user_email")) if (session_user_is_administrator or user_profile_data['email_public']): field.set_value(user_profile_data['email']) else: field.set_value(L10n.get("pas_http_user_send_email")) field.set_link(Link().build_url(Link.TYPE_RELATIVE_URL, { "m": "user", "s": "email", "dsd": { "upid": pid } } ) ) view.add(field) # if (user_profile_data['registration_time'] > 0): field = InfoField("uregistration_time") field.set_title(L10n.get("pas_http_user_registration_time")) field.set_value(DateTime.format_l10n(DateTime.TYPE_DATE_TIME_SHORT, user_profile_data['registration_time'])) view.add(field) if (session_user_is_administrator and user_profile_data['registration_ip'] != ""): field = InfoField("uregistration_ip") field.set_title(L10n.get("pas_http_user_registration_ip")) field.set_value(user_profile_data['registration_ip']) view.add(field) # # if (user_profile_data['lastvisit_time'] > 0): field = InfoField("ulastvisit_time") field.set_title(L10n.get("pas_http_user_lastvisit_time")) field.set_value(DateTime.format_l10n(DateTime.TYPE_DATE_TIME_SHORT, user_profile_data['lastvisit_time'])) view.add(field) if (session_user_is_administrator and user_profile_data['lastvisit_ip'] != ""): field = InfoField("ulastvisit_ip") field.set_title(L10n.get("pas_http_user_lastvisit_ip")) field.set_value(user_profile_data['lastvisit_ip']) view.add(field) # # content = { "title": user_profile_data['name'], "username": user_profile_data['name'], "usertitle": user_profile_data['title'], "signature": user_profile_data['signature'], "details_form_view": { "object": view } } self.response.init() self.response.set_title(user_profile_data['name']) self.response.add_oset_content("user.profile", content)
def execute_login_alternatives_list(self): """ Action for "login-alternatives-list" :since: v0.2.00 """ source_iline = InputFilter.filter_control_chars(self.request.get_dsd("source", "")).strip() target_iline = InputFilter.filter_control_chars(self.request.get_dsd("target", "")).strip() source = source_iline if (source_iline == ""): source_iline = "m=user;s=status;a=login" target = target_iline if (target_iline == ""): if (Settings.is_defined("pas_http_user_login_default_target_lang_{0}".format(self.request.get_lang()))): target_iline = Settings.get("pas_http_user_login_default_target_lang_{0}".format(self.request.get_lang())) elif (Settings.is_defined("pas_http_user_login_default_target")): target_iline = Settings.get("pas_http_user_login_default_target") else: target_iline = source_iline # L10n.init("pas_http_user") if (not self.request.is_supported("session")): raise TranslatableError("core_unknown_error", 500) services_list = Settings.get("pas_http_user_alternative_login_services_list") if ((not Settings.get("pas_http_site_cookies_supported", True)) or type(services_list) is not list ): raise TranslatableError("pas_http_user_alternative_login_methods_disabled", 403) if (self.response.is_supported("html_css_files")): self.response.add_theme_css_file("mini_default_sprite.min.css") Link.set_store("servicemenu", Link.TYPE_RELATIVE_URL, L10n.get("core_back"), { "__query__": re.sub("\\_\\_\\w+\\_\\_", "", source_iline) }, icon = "mini-default-back", priority = 7 ) extended_services_list = [ ] for service in services_list: if ("id" in service and "parameters" in service): extended_service = service.copy() extended_service['type'] = Link.TYPE_RELATIVE_URL if ("dsd" not in extended_service['parameters']): extended_service['parameters']['dsd'] = { } extended_service['parameters']['dsd']['usid'] = service['id'] extended_service['parameters']['dsd']['source'] = source extended_service['parameters']['dsd']['target'] = target extended_services_list.append(extended_service) # # content = { "title": L10n.get("pas_http_user_alternative_login_services"), "service_list": { "entries": extended_services_list } } self.response.init() self.response.set_title(content['title']) self.response.add_oset_content("core.service_list", content)
def execute_new(self, is_save_mode = False): """ Action for "new" :since: v0.2.00 """ # pylint: disable=star-args cid = InputFilter.filter_file_path(self.request.get_dsd("ccid", "")) oid = InputFilter.filter_file_path(self.request.get_dsd("coid", "")) source_iline = InputFilter.filter_control_chars(self.request.get_dsd("source", "")).strip() target_iline = InputFilter.filter_control_chars(self.request.get_dsd("target", "")).strip() source = source_iline if (source_iline == ""): source_iline = ("m=contentor;dsd=cdid+{0}".format(Link.encode_query_value(oid)) if (cid == "") else "m=contentor;dsd=ccid+{0}".format(Link.encode_query_value(cid)) ) # target = target_iline if (target_iline == ""): target_iline = "m=contentor;dsd=cdid+__id_d__" L10n.init("pas_http_contentor") L10n.init("pas_http_datalinker") if (cid != ""): oid = cid try: category = Category.load_id(oid) except NothingMatchedException as handled_exception: raise TranslatableError("pas_http_datalinker_oid_invalid", 404, _exception = handled_exception) session = (self.request.get_session() if (self.request.is_supported("session")) else None) if (isinstance(category, OwnableInstance) and (not category.is_writable_for_session_user(session))): raise TranslatableError("core_access_denied", 403) if (self.response.is_supported("html_css_files")): self.response.add_theme_css_file("mini_default_sprite.min.css") Link.set_store("servicemenu", Link.TYPE_RELATIVE_URL, L10n.get("core_back"), { "__query__": re.sub("\\_\\_\\w+\\_\\_", "", source_iline) }, icon = "mini-default-back", priority = 7 ) if (not DatabaseTasks.is_available()): raise TranslatableException("pas_core_tasks_daemon_not_available") form_id = InputFilter.filter_control_chars(self.request.get_parameter("form_id")) form = FormProcessor(form_id) form.set_context({ "category": category, "form": "new" }) if (is_save_mode): form.set_input_available() self._apply_form(form) if (is_save_mode and form.check()): document = _Document() did_d = None document_title = InputFilter.filter_control_chars(form.get_value("ctitle")) document_tag = InputFilter.filter_control_chars(form.get_value("ctag")) document_description = InputFilter.filter_control_chars(form.get_value("cdescription")) document_content = InputFilter.filter_control_chars(form.get_value("ccontent")) document_data = { "title": document_title, "tag": document_tag, "author_ip": self.request.get_client_host(), "content": FormTags.encode(document_content), "description": FormTags.encode(document_description) } user_profile = (None if (session is None) else session.get_user_profile()) if (user_profile is not None): document_data['author_id'] = user_profile.get_id() with TransactionContext(): document.set_data_attributes(**document_data) document.set_permission_session(session) document.set_manageable_if_logged_in() if (isinstance(category, DataLinker)): category.add_entry(document) document.save() # did_d = document.get_id() DatabaseTasks.get_instance().add("dNG.pas.contentor.Document.onAdded.{0}".format(did_d), "dNG.pas.contentor.Document.onAdded", 1, category_id = oid, document_id = did_d ) target_iline = target_iline.replace("__id_d__", "{0}".format(did_d)) target_iline = re.sub("\\_\\_\\w+\\_\\_", "", target_iline) NotificationStore.get_instance().add_completed_info(L10n.get("pas_http_contentor_done_document_new")) Link.clear_store("servicemenu") redirect_request = PredefinedHttpRequest() redirect_request.set_iline(target_iline) self.request.redirect(redirect_request) else: content = { "title": L10n.get("pas_http_contentor_document_new") } content['form'] = { "object": form, "url_parameters": { "__request__": True, "a": "new-save", "dsd": { "source": source, "target": target } }, "button_title": "pas_core_save" } self.response.init() self.response.set_title(content['title']) self.response.add_oset_content("core.form", content)
def execute_list(self): # """ Action for "list" :since: v0.1.00 """ lid = InputFilter.filter_file_path(self.request.get_dsd("dlid", "")) page = InputFilter.filter_int(self.request.get_dsd("dpage", 1)) sort_value = InputFilter.filter_control_chars(self.request.get_dsd("dsort", "")) if (lid == ""): lid = Settings.get("pas_http_discuss_list_default", "") L10n.init("pas_http_datalinker") L10n.init("pas_http_discuss") L10n.init("pas_http_subscription") try: _list = List.load_id(lid) except NothingMatchedException as handled_exception: raise TranslatableError("pas_http_discuss_lid_invalid", 404, _exception = handled_exception) session = (self.request.get_session() if (self.request.is_supported("session")) else None) if (session is not None): _list.set_permission_session(session) if (not _list.is_readable()): # if (session is None or session.get_user_profile() is None): raise TranslatableError("pas_http_discuss_lid_invalid", 404) else: raise TranslatableError("core_access_denied", 403) # if (self.response.is_supported("html_css_files")): self.response.add_theme_css_file("mini_default_sprite.min.css") is_hybrid_list = _list.is_hybrid_list() if (is_hybrid_list and _list.is_writable()): # Link.set_store("servicemenu", (Link.TYPE_RELATIVE_URL | Link.TYPE_JS_REQUIRED), L10n.get("pas_http_discuss_topic_new"), { "m": "discuss", "s": "topic", "a": "new", "dsd": { "dlid": lid } }, icon = "mini-default-option", priority = 3 ) # subscription_handler = (_list.get_subscription_handler() if (is_hybrid_list) else None) if (subscription_handler is not None and subscription_handler.is_subscribable_for_session_user(session)): # source = "m=discuss;dsd=dlid+{0}++dpage+{1}".format(lid, page) subscription_dsd = { "oid": lid, "source": source } if (subscription_handler.is_subscribed_by_session_user(session)): # Link.set_store("servicemenu", Link.TYPE_RELATIVE_URL, L10n.get("pas_http_subscription_unsubscribe"), { "m": "subscription", "s": "datalinker", "a": "unsubscribe", "dsd": subscription_dsd }, icon = "mini-default-option", priority = 3 ) # else: # Link.set_store("servicemenu", Link.TYPE_RELATIVE_URL, L10n.get("pas_http_subscription_subscribe"), { "m": "subscription", "s": "datalinker", "a": "subscribe", "dsd": subscription_dsd }, icon = "mini-default-option", priority = 3 ) # # if (_list.is_manageable()): # Link.set_store("servicemenu", (Link.TYPE_RELATIVE_URL | Link.TYPE_JS_REQUIRED), L10n.get("pas_http_discuss_list_manage"), { "m": "discuss", "s": "list", "a": "manage", "dsd": { "dlid": lid } }, icon = "mini-default-option", priority = 3 ) # list_data = _list.get_data_attributes("id", "id_main", "title", "time_sortable", "sub_entries", "hybrid_list", "description", "topics", "posts" ) content = { "id": list_data['id'], "title": list_data['title'], "description": list_data['description'], "time": list_data['time_sortable'], "topics": _list.get_total_topics_count(), "posts": _list.get_total_posts_count() } if (list_data['sub_entries'] > 0): # entry_renderer_attributes = { "type": DataLinkerTable.COLUMN_RENDERER_OSET, "oset_template_name": "discuss.list_column", "oset_row_attributes": [ "id", "title", "description" ] } latest_post_renderer_attributes = { "type": DataLinkerTable.COLUMN_RENDERER_OSET, "oset_template_name": "discuss.latest_post_column", "oset_row_attributes": [ "latest_timestamp", "latest_topic_id", "latest_author_id", "latest_preview" ] } table = DataLinkerTable(_list) table.add_column("entry", L10n.get("pas_http_discuss_list"), 30, sort_key = "title", renderer = entry_renderer_attributes ) table.add_column("total_topics", L10n.get("pas_http_discuss_topics"), 10, renderer = { "type": DataLinkerTable.COLUMN_RENDERER_SAFE_CONTENT, "css_text_align": "center" } ) table.add_column("total_posts", L10n.get("pas_http_discuss_posts"), 10, renderer = { "type": DataLinkerTable.COLUMN_RENDERER_SAFE_CONTENT, "css_text_align": "center" } ) table.add_column("latest_post", L10n.get("pas_http_discuss_latest_post"), 50, renderer = latest_post_renderer_attributes ) table.disable_sort("total_topics", "total_posts", "latest_post") table.set_limit(15) hookable_settings = HookableSettings("dNG.pas.http.discuss.List.getLimit", id = list_data['id'] ) limit = hookable_settings.get("pas_http_discuss_list_limit", 20) content['sub_entries'] = { "object": table } if (not is_hybrid_list): # content['sub_entries']['dsd_page_key'] = "dpage" content['sub_entries']['page'] = page table.set_limit(limit) content['sub_entries']['dsd_sort_key'] = "dsort" content['sub_entries']['sort_value'] = sort_value # # if (is_hybrid_list and list_data['topics'] > 0): # topic_renderer_attributes = { "type": DataLinkerTable.COLUMN_RENDERER_OSET, "oset_template_name": "discuss.topic_column", "oset_row_attributes": [ "id", "title", "description" ] } latest_post_renderer_attributes = { "type": DataLinkerTable.COLUMN_RENDERER_OSET, "oset_template_name": "discuss.last_post_column", "oset_row_attributes": [ "time_sortable", "last_id_author", "last_preview" ] } table = DataLinkerTable(_list) table.add_column("topic", L10n.get("pas_http_discuss_topic"), 40, sort_key = "title", renderer = topic_renderer_attributes ) table.add_column("posts", L10n.get("pas_http_discuss_posts"), 10, renderer = { "type": DataLinkerTable.COLUMN_RENDERER_SAFE_CONTENT, "css_text_align": "center" } ) table.add_column("latest_post", L10n.get("pas_http_discuss_latest_post"), 50, sort_key = "time_sortable", renderer = latest_post_renderer_attributes ) table.set_limit(15) table.set_sort_context("DiscussTopic") table.set_source_callbacks(_list.get_topics, _list.get_topics_count) content['topic_entries'] = { "object": table, "dsd_page_key": "dpage", "page": page, "dsd_sort_key": "dsort", "sort_value": sort_value } # list_parent = _list.load_parent() if (list_parent is not None and ((not isinstance(list_parent, OwnableInstance)) or list_parent.is_readable_for_session_user(session) ) ): # list_parent_data = list_parent.get_data_attributes("id", "id_main", "title") if (list_parent_data['id'] != lid): # content['parent'] = { "id": list_parent_data['id'], "main_id": list_parent_data['id_main'], "title": list_parent_data['title'] } # # self.response.init(True) self.response.set_expires_relative(+15) self.response.set_title(list_data['title']) self.response.add_oset_content(("discuss.hybrid_list" if (is_hybrid_list) else "discuss.list"), content ) if (self.response.is_supported("html_canonical_url")): # link_parameters = { "__virtual__": "/discuss/view/list", "dsd": { "dlid": lid, "dpage": page, "dsort": sort_value } } self.response.set_html_canonical_url(Link().build_url(Link.TYPE_VIRTUAL_PATH, link_parameters))
def _execute_validated_profile_change(self, _type, base_action, is_save_mode = False): """ Action for public "change-*" requests :since: v0.2.00 """ source_iline = InputFilter.filter_control_chars(self.request.get_dsd("source", "")).strip() target_iline = InputFilter.filter_control_chars(self.request.get_dsd("target", "")).strip() source = source_iline if (source_iline == ""): source_iline = "m=user" target = target_iline if (target_iline == ""): target_iline = source_iline L10n.init("pas_http_user") session = (self.request.get_session() if (self.request.is_supported("session")) else None) pid = None if (session is not None): pid = session.get_user_id() if (pid is None): raise TranslatableError("pas_http_user_pid_invalid", 404) user_profile_class = NamedLoader.get_class("dNG.data.user.Profile") if (user_profile_class is None): raise TranslatableException("core_unknown_error") try: user_profile = user_profile_class.load_id(pid) except NothingMatchedException as handled_exception: raise TranslatableError("pas_http_user_pid_invalid", 404, _exception = handled_exception) if (not user_profile.is_valid()): raise TranslatableError("core_access_denied", 403) if (self.response.is_supported("html_css_files")): self.response.add_theme_css_file("mini_default_sprite.min.css") if (source_iline == ""): source_iline = "m=user;s=profile;a=edit;dsd=upid+{0}".format(Link.encode_query_value(pid)) Link.set_store("servicemenu", Link.TYPE_RELATIVE_URL, L10n.get("core_back"), { "__query__": re.sub("\\_\\_\\w+\\_\\_", "", source_iline) }, icon = "mini-default-back", priority = 7 ) if (not DatabaseTasks.is_available()): raise TranslatableException("pas_core_tasks_daemon_not_available") change_email = (_type & Profile.CHANGE_TYPE_EMAIL == Profile.CHANGE_TYPE_EMAIL) change_password = ((not user_profile.is_type("ex")) and _type & Profile.CHANGE_TYPE_PASSWORD == Profile.CHANGE_TYPE_PASSWORD ) change_username = (Settings.get("pas_http_user_change_username_allowed", True) and _type & Profile.CHANGE_TYPE_USERNAME == Profile.CHANGE_TYPE_USERNAME ) form_id = InputFilter.filter_control_chars(self.request.get_parameter("form_id")) form = FormProcessor(form_id) user_profile_data = user_profile.get_data_attributes("name", "email") current_email = user_profile_data['email'] current_username = user_profile_data['name'] if (is_save_mode): form.set_input_available() if (not user_profile.is_type("ex")): field = PasswordField("upassword") field.set_title(L10n.get("pas_http_user_password_current")) field.set_required() field.set_limits(int(Settings.get("pas_http_user_password_min", 6))) field.set_mode(PasswordField.PASSWORD_CLEARTEXT) form.add(field) # if (change_username): field = TextField("uusername") field.set_title(L10n.get("pas_core_username")) field.set_value(current_username) field.set_required() field.set_limits(int(Settings.get("pas_http_core_username_min", 3)), 100) field.set_size(TextField.SIZE_SMALL) form.add(field) # if (change_email): field = EMailField("uemail") field.set_title(L10n.get("pas_http_user_email")) field.set_value(current_email) field.set_required() field.set_limits(_max = 255) form.add(field) # if (change_password): field = PasswordField("upassword_new") field.set_title(L10n.get("pas_http_user_password_new")) field.set_limits(int(Settings.get("pas_http_user_password_min", 6))) field.set_mode(PasswordField.PASSWORD_CLEARTEXT | PasswordField.PASSWORD_WITH_REPETITION) form.add(field) # if (is_save_mode and form.check()): if (not user_profile.is_type("ex")): current_password = InputFilter.filter_control_chars(form.get_value("upassword")) if (not user_profile.is_password_valid(current_password)): raise TranslatableError("pas_http_user_password_invalid", 403) # new_email = (InputFilter.filter_control_chars(form.get_value("uemail")) if (change_email) else None ) new_password = (InputFilter.filter_control_chars(form.get_value("upassword_new")) if (change_password) else None ) new_username = (InputFilter.filter_control_chars(form.get_value("uusername")) if (change_username) else None ) user_profile_data_changed = { } if (change_email and current_email != new_email): try: user_profile_class.load_email(new_email, True) raise TranslatableError("pas_http_user_email_exists", 403) except NothingMatchedException: pass # if (change_username and current_username != new_username): try: user_profile_class.load_username(new_username, True) raise TranslatableError("pas_http_user_username_exists", 403) except NothingMatchedException: pass user_profile_data_changed['name'] = new_username user_profile.set_data_attributes(**user_profile_data_changed) # if (not user_profile.is_type("ex")): if (change_password and new_password != "" and current_password != new_password ): user_profile.set_password(new_password) elif (change_username and current_username != new_username ): user_profile.set_password(current_password) # user_profile.save() database_tasks = DatabaseTasks.get_instance() username = (new_username if (new_username is not None) else current_username) if (len(user_profile_data_changed) > 0): original_user_profile_data = user_profile.get_data_attributes(*user_profile_data_changed.keys()) database_tasks.add("dNG.pas.user.Profile.onEdited.{0}".format(username), "dNG.pas.user.Profile.onEdited", 1, user_profile_id = pid, user_profile_data_changed = user_profile_data_changed, original_user_profile_data = original_user_profile_data ) # if (change_email and current_email != new_email): cleanup_timeout_days = int(Settings.get("pas_http_user_change_profile_days", 7)) cleanup_timeout = (cleanup_timeout_days * 86400) vid = Md5.hash(urandom(32)) database_tasks.add("dNG.pas.user.Profile.sendChangePendingEMail.{0}".format(username), "dNG.pas.user.Profile.sendChangePendingEMail", 1, username = username, recipient = new_email, vid = vid, vid_timeout_days = cleanup_timeout_days ) database_tasks.register_timeout(vid, "dNG.pas.user.Profile.changesConfirmed", cleanup_timeout, username = username, values_changed = { "email": new_email }, vid = vid ) # target_iline = target_iline.replace("__id_d__", pid) target_iline = re.sub("\\_\\_\\w+\\_\\_", "", target_iline) if (change_email and current_email != new_email ): NotificationStore.get_instance().add_info(L10n.get("pas_http_user_done_change_profile_pending")) else: NotificationStore.get_instance().add_completed_info(L10n.get("pas_http_user_done_change_profile")) Link.clear_store("servicemenu") redirect_request = PredefinedHttpRequest() redirect_request.set_iline(target_iline) self.request.redirect(redirect_request) else: content = { "title": L10n.get("pas_http_user_title_change_profile") } content['form'] = { "object": form, "url_parameters": { "__request__": True, "a": "{0}-save".format(base_action), "dsd": { "source": source, "target": target } }, "button_title": "pas_http_core_edit" } self.response.init() self.response.set_title(content['title']) self.response.add_oset_content("core.form", content)
def execute_login(self, is_save_mode = False): """ Action for "login" :since: v0.2.00 """ source_iline = InputFilter.filter_control_chars(self.request.get_dsd("source", "")).strip() target_iline = InputFilter.filter_control_chars(self.request.get_dsd("target", "")).strip() source = source_iline if (source_iline == ""): source_iline = "m=user;a=services" target = target_iline if (target_iline == ""): if (Settings.is_defined("pas_http_user_login_default_target_lang_{0}".format(self.request.get_lang()))): target_iline = Settings.get("pas_http_user_login_default_target_lang_{0}".format(self.request.get_lang())) elif (Settings.is_defined("pas_http_user_login_default_target")): target_iline = Settings.get("pas_http_user_login_default_target") elif (source == ""): target_iline = "m=user;a=services;lang=__lang__;theme=__theme__" else: target_iline = source_iline # L10n.init("pas_http_core_form") L10n.init("pas_http_user") if (self.response.is_supported("html_css_files")): self.response.add_theme_css_file("mini_default_sprite.min.css") Link.set_store("servicemenu", Link.TYPE_RELATIVE_URL, L10n.get("core_back"), { "__query__": re.sub("\\_\\_\\w+\\_\\_", "", source_iline) }, icon = "mini-default-back", priority = 7 ) if (not self.request.is_supported("session")): raise TranslatableError("core_unknown_error", 500) is_cookie_supported = Settings.get("pas_http_site_cookies_supported", True) if (is_cookie_supported and type(Settings.get("pas_http_user_alternative_login_services_list")) is list ): Link.set_store("servicemenu", Link.TYPE_RELATIVE_URL, L10n.get("pas_http_user_alternative_login_methods_view"), { "__request__": True, "a": "login-alternatives-list", "dsd": { "source": source, "target": target } }, icon = "mini-default-option", priority = 3 ) # form_id = InputFilter.filter_control_chars(self.request.get_parameter("form_id")) form = FormProcessor(form_id) if (is_save_mode): form.set_input_available() field = TextField("uusername") field.set_title(L10n.get("pas_core_username")) field.set_placeholder(L10n.get("pas_http_core_form_case_sensitive_placeholder")) field.set_required() field.set_limits(int(Settings.get("pas_http_core_username_min", 3)), 100) field.set_size(TextField.SIZE_SMALL) form.add(field) field = PasswordField("upassword") field.set_title(L10n.get("pas_http_user_password")) field.set_required() field.set_limits(int(Settings.get("pas_http_user_password_min", 6))) field.set_mode(PasswordField.PASSWORD_CLEARTEXT) form.add(field) if (is_cookie_supported): cookie_choices = [ { "value": "1", "title": L10n.get("core_yes") }, { "value": "0", "title": L10n.get("core_no") } ] field = RadioField("ucookie") field.set_title(L10n.get("pas_http_user_login_use_cookie")) field.set_value("1") field.set_choices(cookie_choices) field.set_required() form.add(field) # if (is_save_mode and form.check()): username = InputFilter.filter_control_chars(form.get_value("uusername")) password = InputFilter.filter_control_chars(form.get_value("upassword")) user_profile_class = NamedLoader.get_class("dNG.data.user.Profile") if (user_profile_class is None): raise TranslatableException("core_unknown_error") try: user_profile = user_profile_class.load_username(username) except NothingMatchedException as handled_exception: raise TranslatableError("pas_http_user_username_or_password_invalid", 403, _exception = handled_exception) user_profile_data = user_profile.get_data_attributes("id", "lang", "theme") if (user_profile.is_banned()): raise TranslatableError("pas_http_user_profile_banned", 403) if (user_profile.is_locked()): raise TranslatableError("pas_http_user_profile_locked", 403) if (user_profile.is_type("ex")): raise TranslatableError("pas_http_user_feature_not_available_for_external_verified_member", 403) if ((not user_profile.is_valid()) or (not user_profile.is_password_valid(password)) ): raise TranslatableError("pas_http_user_username_or_password_invalid", 403) session = Session.load() session.set("session.user_id", user_profile_data['id']) session.set_cookie(is_cookie_supported and form.get_value("ucookie") == "1") session.save() self.request.set_session(session) target_iline = target_iline.replace("__lang__", user_profile_data['lang']) target_iline = target_iline.replace("__theme__", user_profile_data['theme']) target_iline = re.sub("\\_\\_\\w+\\_\\_", "", target_iline) NotificationStore.get_instance().add_completed_info(L10n.get("pas_http_user_done_login")) Link.clear_store("servicemenu") redirect_request = PredefinedHttpRequest() redirect_request.set_iline(target_iline) self.request.redirect(redirect_request) else: content = { "title": L10n.get("pas_http_user_title_login") } content['form'] = { "object": form, "url_parameters": { "__request__": True, "a": "login-save", "dsd": { "source": source, "target": target } }, "button_title": "pas_core_login" } self.response.init() self.response.set_title(content['title']) self.response.add_oset_content("user.status.login", content)