def user(self, username):
pages.require("/admin/users.edit")
return pages.get_template("auth/user.html").render(
usergroups=auth.Users[username]['groups'],
groups=sorted(auth.Groups.keys()),
password=auth.Users[username]['password'],
username=username)
def page(self,module,dummy2,page,*args,**kwargs):
#Permission handling for pages
if 'require-permissions' in modules.ActiveModules[module][page]:
for i in modules.ActiveModules[module][page]['require-permissions']:
pages.require(i)
with modules.modulesLock: #need to find an alternaive to this lock
if modules.ActiveModules[module][page]['resource-type'] == 'page':
#Allow a page to specify that it can only be accessed via POST or such
if "require-method" in modules.ActiveModules[module][page]:
if cherrypy.request.method not in modules.ActiveModules[module][page]['require-method']:
#Raise a redirect the the wrongmethod error page
raise cherrypy.HTTPRedirect('/errors/wrongmethod')
#This is pretty much the worst perfoming piece of code in the system.
#Every single request it compiles a new template and renders that, but not before loading two files from
#Disk. But I don't feel like writing another ten pages of bookkeeping code today. []TODO
if 'no-navheader' in modules.ActiveModules[module][page]:
if modules.ActiveModules[module][page]['no-navheader']:
header = util.readfile('pages/pageheader_nonav.html')
else:
header = util.readfile('pages/pageheader.html')
else:
header = util.readfile('pages/pageheader.html')
return mako.template.Template(
header+
modules.ActiveModules[module][page]['body']+
util.readfile('pages/pagefooter.html')
).render(
kaithem = kaithem.kaithem,
request = cherrypy.request,
)
def servelog(self,filename):
pages.require('/users/logs.view')
#Make sure the user can't acess any file on the server like this
print(filename)
if not filename.startswith(os.path.join(directories.logdir,'dumps')):
raise RuntimeError("Security Violation")
return serve_file(filename, "application/x-download",os.path.split(filename)[1])
def newmoduletarget(self, **kwargs):
global scopes
pages.require("/admin/modules.edit")
global moduleschanged
moduleschanged = True
#If there is no module by that name, create a blank template and the scope obj
with modulesLock:
if kwargs['name'] not in ActiveModules:
ActiveModules[kwargs['name']] = {
"__description": {
"resource-type": "module-description",
"text": "Module info here"
}
}
#Create the scope that code in the module will run in
scopes[kwargs['name']] = obj()
#Go directly to the newly created module
messagebus.postMessage(
"/system/notifications",
"User " + pages.getAcessingUser() + " Created Module " +
kwargs['name'])
raise cherrypy.HTTPRedirect("/modules/module/" +
util.url(kwargs['name']))
else:
return pages.get_template("error.html").render(
info=" A module already exists by that name,")
def resourceEditPage(module, resource):
pages.require("/admin/modules.view")
with modulesLock:
resourceinquestion = ActiveModules[module][resource]
if resourceinquestion['resource-type'] == 'permission':
return permissionEditPage(module, resource)
if resourceinquestion['resource-type'] == 'event':
return pages.get_template("modules/events/event.html").render(
module=module,
name=resource,
event=ActiveModules[module][resource])
if resourceinquestion['resource-type'] == 'page':
if 'require-permissions' in resourceinquestion:
requiredpermissions = resourceinquestion['require-permissions']
else:
requiredpermissions = []
return pages.get_template("modules/pages/page.html").render(
module=module,
name=resource,
page=ActiveModules[module][resource],
requiredpermissions=requiredpermissions)
def addResourceTarget(module,type,name,kwargs):
pages.require("/admin/modules.edit")
#Create a permission
if type == 'permission':
with modulesLock:
if kwargs['name'] in ActiveModules[module]:
raise cherrypy.HTTPRedirect("/errors/alreadyexists")
else:
ActiveModules[module] [kwargs['name']]= {"resource-type":"permission","description":kwargs['description']}
#has its own lock
auth.importPermissionsFromModules() #sync auth's list of permissions
raise cherrypy.HTTPRedirect("/modules/module/" +util.url(module)+ '/resource/' + util.url(name) )
if type == 'event':
with modulesLock:
if kwargs['name'] not in ActiveModules[module]:
ActiveModules[module] [kwargs['name']]= {"resource-type":"event","trigger":"False","action":"pass",
"once":True}
#newevt maintains a cache of precompiled events that must be kept in sync with
#the modules
newevt.updateOneEvent(kwargs['name'],module)
raise cherrypy.HTTPRedirect("/modules/module/"+util.url(module)+'/resource/'+util.url(name))
else:
raise cherrypy.HTTPRedirect("/errors/alreadyexists")
if type == 'page':
with modulesLock:
if kwargs['name'] not in ActiveModules[module]:
ActiveModules[module][kwargs['name']]= {"resource-type":"page","body":"Content here",'no-navheader':True}
#newevt maintains a cache of precompiled events that must be kept in sync with
#the modules
raise cherrypy.HTTPRedirect("/modules/module/"+util.url(module)+'/resource/'+util.url(name))
else:
raise cherrypy.HTTPRedirect("/errors/alreadyexists")
def page(self, module, dummy2, page, *args, **kwargs):
#Permission handling for pages
if 'require-permissions' in modules.ActiveModules[module][page]:
for i in modules.ActiveModules[module][page][
'require-permissions']:
pages.require(i)
with modules.modulesLock: #need to find an alternaive to this lock
if modules.ActiveModules[module][page]['resource-type'] == 'page':
#Allow a page to specify that it can only be accessed via POST or such
if "require-method" in modules.ActiveModules[module][page]:
if cherrypy.request.method not in modules.ActiveModules[
module][page]['require-method']:
#Raise a redirect the the wrongmethod error page
raise cherrypy.HTTPRedirect('/errors/wrongmethod')
#This is pretty much the worst perfoming piece of code in the system.
#Every single request it compiles a new template and renders that, but not before loading two files from
#Disk. But I don't feel like writing another ten pages of bookkeeping code today. []TODO
if 'no-navheader' in modules.ActiveModules[module][page]:
if modules.ActiveModules[module][page]['no-navheader']:
header = util.readfile('pages/pageheader_nonav.html')
else:
header = util.readfile('pages/pageheader.html')
else:
header = util.readfile('pages/pageheader.html')
return mako.template.Template(
header + modules.ActiveModules[module][page]['body'] +
util.readfile('pages/pagefooter.html')).render(
kaithem=kaithem.kaithem,
request=cherrypy.request,
)
def user(self,username):
pages.require("/admin/users.edit")
return pages.get_template("auth/user.html").render(
usergroups=auth.Users[username]['groups'],
groups= sorted(auth.Groups.keys()),
password = auth.Users[username]['password'],
username = username)
def newgrouptarget(self,**kwargs):
#THIS IS A HACK TO PREVENT UNICODE STRINGS IN PY2.XX FROM GETTING THROUGH
#BECAUSE QUOTE() IS USUALLY WHERE THEY CRASH. #AWFULHACK
quote(kwargs['groupname'])
pages.require("/admin/users.edit")
#create the new user
auth.addGroup(kwargs['groupname'])
#Take the user back to the users page
raise cherrypy.HTTPRedirect("/auth/")
def newgrouptarget(self, **kwargs):
#THIS IS A HACK TO PREVENT UNICODE STRINGS IN PY2.XX FROM GETTING THROUGH
#BECAUSE QUOTE() IS USUALLY WHERE THEY CRASH. #AWFULHACK
quote(kwargs['groupname'])
pages.require("/admin/users.edit")
#create the new user
auth.addGroup(kwargs['groupname'])
#Take the user back to the users page
raise cherrypy.HTTPRedirect("/auth/")
def deletemoduletarget(self,**kwargs):
pages.require("/admin/modules.edit")
with modulesLock:
ActiveModules.pop(kwargs['name'])
#Get rid of any lingering cached events
newevt.removeModuleEvents(kwargs['name'])
#Get rid of any permissions defined in the modules.
auth.importPermissionsFromModules()
raise cherrypy.HTTPRedirect("/modules")
def deletetarget(self,**kwargs):
pages.require("/admin/persistancefiles.edit")
with persistance_dict_connection_lock:
#If there are only two references(the one passed to getrefcount and the dit entry)
#That means that no user code is keeping a reference and it is not in use.
if sys.getrefcount(persistancedicts[kwargs['name']]) == 2:
del persistancedicts[kwargs['name']]
else:
raise cherrypy.HTTPRedirect("/errors/inuse")
def newusertarget(self,**kwargs):
#THIS IS A HACK TO PREVENT UNICODE STRINGS IN PY2.XX FROM GETTING THROUGH
#BECAUSE QUOTE() IS USUALLY WHERE THEY CRASH. #AWFULHACK
quote(kwargs['username'])
pages.require("/admin/users.edit")
#create the new user
auth.addUser(kwargs['username'],kwargs['password'])
#Take the user back to the users page
messagebus.postMessage('/system/notifications','New user "'+kwargs['username']+'" added')
raise cherrypy.HTTPRedirect("/auth/")
def resourceUpdateTarget(module, resource, kwargs):
pages.require("/admin/modules.edit")
global moduleschanged
moduleschanged = True
with modulesLock:
t = ActiveModules[module][resource]['resource-type']
resourceobj = ActiveModules[module][resource]
if t == 'permission':
resourceobj['description'] = kwargs['description']
#has its own lock
auth.importPermissionsFromModules(
) #sync auth's list of permissions
if t == 'event':
e = newevt.Event(kwargs['trigger'], kwargs['action'],
{}) #Test compile, throw error on fail.
resourceobj['trigger'] = kwargs['trigger']
resourceobj['action'] = kwargs['action']
resourceobj['setup'] = kwargs['setup']
resourceobj['priority'] = max([int(kwargs['priority']), 0])
resourceobj['continual'] = 'continual' in kwargs
resourceobj['rate-limit'] = float(kwargs['ratelimit'])
#I really need to do something about this possibly brittle bookkeeping system
#But anyway, when the active modules thing changes we must update the newevt cache thing.
newevt.updateOneEvent(resource, module)
if t == 'page':
resourceobj['body'] = kwargs['body']
resourceobj['no-navheader'] = 'no-navheader' in kwargs
resourceobj['no-header'] = 'no-header' in kwargs
resourceobj['dont-show-in-index'] = 'dont-show-in-index' in kwargs
#Method checkboxes
resourceobj['require-method'] = []
if 'allow-GET' in kwargs:
resourceobj['require-method'].append('GET')
if 'allow-POST' in kwargs:
resourceobj['require-method'].append('POST')
#permission checkboxes
resourceobj['require-permissions'] = []
for i in kwargs:
#Since HTTP args don't have namespaces we prefix all the permission checkboxes with permission
if i[:10] == 'Permission':
if kwargs[i] == 'true':
resourceobj['require-permissions'].append(i[10:])
usrpages.updateOnePage(resource, module)
messagebus.postMessage(
"/system/notifications", "User " + pages.getAcessingUser() +
" modified resource " + resource + " of module " + module)
#Return user to the module page
raise cherrypy.HTTPRedirect(
"/modules/module/" +
util.url(module)) #+'/resource/'+util.url(resource))
def newusertarget(self, **kwargs):
#THIS IS A HACK TO PREVENT UNICODE STRINGS IN PY2.XX FROM GETTING THROUGH
#BECAUSE QUOTE() IS USUALLY WHERE THEY CRASH. #AWFULHACK
quote(kwargs['username'])
pages.require("/admin/users.edit")
#create the new user
auth.addUser(kwargs['username'], kwargs['password'])
#Take the user back to the users page
messagebus.postMessage('/system/notifications',
'New user "' + kwargs['username'] + '" added')
raise cherrypy.HTTPRedirect("/auth/")
def setlogging(self, txt):
pages.require('/admin/logging.edit')
global loglistchanged
loglistchanged = True
global toSave
toSave = set()
for line in txt.split("\n"):
line = line.strip()
if line.startswith("/"):
line = line[1:]
toSave.add(line)
return pages.get_template('logging/index.html').render()
def deletemoduletarget(self,**kwargs):
pages.require("/admin/modules.edit")
global moduleschanged
moduleschanged = True
with modulesLock:
ActiveModules.pop(kwargs['name'])
#Get rid of any lingering cached events
newevt.removeModuleEvents(kwargs['name'])
#Get rid of any permissions defined in the modules.
auth.importPermissionsFromModules()
usrpages.removeModulePages(kwargs['name'])
messagebus.postMessage("/system/notifications","User "+ pages.getAcessingUser() + " Deleted module " + kwargs['name'])
raise cherrypy.HTTPRedirect("/modules")
def updategroup(self,group,**kwargs):
pages.require("/admin/users.edit")
auth.Groups[group]['permissions'] = []
#Handle all the group permission checkboxes
for i in kwargs:
#Since HTTP args don't have namespaces we prefix all the permission checkboxes with permission
if i[:10] == 'Permission':
if kwargs[i] == 'true':
auth.addGroupPermission(group,i[10:])
#Take the user back to the users page
auth.generateUserPermissions() #update all users to have the new permissions lists
raise cherrypy.HTTPRedirect("/auth")
def addResourceTarget(module, type, name, kwargs):
pages.require("/admin/modules.edit")
global moduleschanged
moduleschanged = True
def insertResource(r):
ActiveModules[module][kwargs['name']] = r
with modulesLock:
#Check if a resource by that name is already there
if kwargs['name'] in ActiveModules[module]:
raise cherrypy.HTTPRedirect("/errors/alreadyexists")
#Create a permission
if type == 'permission':
insertResource({
"resource-type": "permission",
"description": kwargs['description']
})
#has its own lock
auth.importPermissionsFromModules(
) #sync auth's list of permissions
if type == 'event':
insertResource({
"resource-type": "event",
"trigger": "False",
"action": "pass",
"once": True
})
#newevt maintains a cache of precompiled events that must be kept in sync with
#the modules
newevt.updateOneEvent(kwargs['name'], module)
if type == 'page':
insertResource({
"resource-type": "page",
"body": "Content here",
'no-navheader': True
})
usrpages.updateOnePage(kwargs['name'], module)
messagebus.postMessage(
"/system/notifications",
"User " + pages.getAcessingUser() + " added resource " +
kwargs['name'] + " of type " + type + " to module " + module)
#Take the user straight to the resource page
raise cherrypy.HTTPRedirect("/modules/module/" + util.url(module) +
'/resource/' + util.url(name))
def addResourceDispatcher(module,type):
pages.require("/admin/modules.edit")
#Return a crud to add a new permission
if type == 'permission':
return pages.get_template("modules/permissions/new.html").render(module=module)
#return a crud to add a new event
if type == 'event':
return pages.get_template("modules/events/new.html").render(module=module)
#return a crud to add a new event
if type == 'page':
return pages.get_template("modules/pages/new.html").render(module=module)
def updategroup(self, group, **kwargs):
pages.require("/admin/users.edit")
auth.Groups[group]['permissions'] = []
#Handle all the group permission checkboxes
for i in kwargs:
#Since HTTP args don't have namespaces we prefix all the permission checkboxes with permission
if i[:10] == 'Permission':
if kwargs[i] == 'true':
auth.addGroupPermission(group, i[10:])
#Take the user back to the users page
auth.generateUserPermissions(
) #update all users to have the new permissions lists
raise cherrypy.HTTPRedirect("/auth")
def resourceUpdateTarget(module,resource,kwargs):
pages.require("/admin/modules.edit")
global moduleschanged
moduleschanged = True
with modulesLock:
t = ActiveModules[module][resource]['resource-type']
resourceobj = ActiveModules[module][resource]
if t == 'permission':
resourceobj['description'] = kwargs['description']
#has its own lock
auth.importPermissionsFromModules() #sync auth's list of permissions
if t == 'event':
e = newevt.Event(kwargs['trigger'],kwargs['action'],{})#Test compile, throw error on fail.
resourceobj['trigger'] = kwargs['trigger']
resourceobj['action'] = kwargs['action']
resourceobj['setup'] = kwargs['setup']
resourceobj['priority'] = max([int(kwargs['priority']),0])
resourceobj['continual'] = 'continual' in kwargs
resourceobj['rate-limit'] = float(kwargs['ratelimit'])
#I really need to do something about this possibly brittle bookkeeping system
#But anyway, when the active modules thing changes we must update the newevt cache thing.
newevt.updateOneEvent(resource,module)
if t == 'page':
resourceobj['body'] = kwargs['body']
resourceobj['no-navheader'] = 'no-navheader' in kwargs
resourceobj['no-header'] = 'no-header' in kwargs
resourceobj['dont-show-in-index'] = 'dont-show-in-index' in kwargs
#Method checkboxes
resourceobj['require-method'] = []
if 'allow-GET' in kwargs:
resourceobj['require-method'].append('GET')
if 'allow-POST' in kwargs:
resourceobj['require-method'].append('POST')
#permission checkboxes
resourceobj['require-permissions'] = []
for i in kwargs:
#Since HTTP args don't have namespaces we prefix all the permission checkboxes with permission
if i[:10] == 'Permission':
if kwargs[i] == 'true':
resourceobj['require-permissions'].append(i[10:])
usrpages.updateOnePage(resource,module)
messagebus.postMessage("/system/notifications", "User "+ pages.getAcessingUser() + " modified resource " +
resource + " of module " + module)
#Return user to the module page
raise cherrypy.HTTPRedirect("/modules/module/"+util.url(module))#+'/resource/'+util.url(resource))
def deletemoduletarget(self, **kwargs):
pages.require("/admin/modules.edit")
global moduleschanged
moduleschanged = True
with modulesLock:
ActiveModules.pop(kwargs['name'])
#Get rid of any lingering cached events
newevt.removeModuleEvents(kwargs['name'])
#Get rid of any permissions defined in the modules.
auth.importPermissionsFromModules()
usrpages.removeModulePages(kwargs['name'])
messagebus.postMessage(
"/system/notifications", "User " + pages.getAcessingUser() +
" Deleted module " + kwargs['name'])
raise cherrypy.HTTPRedirect("/modules")
def newmoduletarget(self,**kwargs):
global scopes
pages.require("/admin/modules.edit")
#If there is no module by that name, create a blank template and the scope obj
with modulesLock:
if kwargs['name'] not in ActiveModules:
ActiveModules[kwargs['name']] = {"__description":
{"resource-type":"module-description",
"text":"Module info here"}}
#Create the scope that code in the module will run in
scopes[kwargs['name']] = {}
#Go directly to the newly created module
raise cherrypy.HTTPRedirect("/modules/module/"+util.url(kwargs['name']))
else:
return pages.get_template("error.html").render(info = " A module already exists by that name,")
def addResourceDispatcher(module, type):
pages.require("/admin/modules.edit")
#Return a crud to add a new permission
if type == 'permission':
return pages.get_template("modules/permissions/new.html").render(
module=module)
#return a crud to add a new event
if type == 'event':
return pages.get_template("modules/events/new.html").render(
module=module)
#return a crud to add a new event
if type == 'page':
return pages.get_template("modules/pages/new.html").render(
module=module)
def newmoduletarget(self,**kwargs):
global scopes
pages.require("/admin/modules.edit")
global moduleschanged
moduleschanged = True
#If there is no module by that name, create a blank template and the scope obj
with modulesLock:
if kwargs['name'] not in ActiveModules:
ActiveModules[kwargs['name']] = {"__description":
{"resource-type":"module-description",
"text":"Module info here"}}
#Create the scope that code in the module will run in
scopes[kwargs['name']] = obj()
#Go directly to the newly created module
messagebus.postMessage("/system/notifications","User "+ pages.getAcessingUser() + " Created Module " + kwargs['name'])
raise cherrypy.HTTPRedirect("/modules/module/"+util.url(kwargs['name']))
else:
return pages.get_template("error.html").render(info = " A module already exists by that name,")
def default(self,module,pagename,*args,**kwargs):
global _page_list_lock
with _page_list_lock:
page = _Pages[module][pagename]
page.lastaccessed = time.time()
#Check user permissions
for i in page.permissions:
pages.require(i)
#Check HTTP Method
if cherrypy.request.method not in page.methods:
#Raise a redirect the the wrongmethod error page
raise cherrypy.HTTPRedirect('/errors/wrongmethod')
try:
return page.template.render(
kaithem = kaithemobj.kaithem,
request = cherrypy.request,
module = modules.scopes[module],
path = args,
kwargs = kwargs
)
except Exception as e:
#The HTTPRedirect is NOT an error, and should not be handled like one.
#So we just reraise it unchanged
if isinstance(e,cherrypy.HTTPRedirect):
raise e
#The way we let users securely serve static files is to simply
#Give them a function that raises this special exception
if isinstance(e,kaithemobj.ServeFileInsteadOfRenderingPageException):
return cherrypy.lib.static.serve_file(e.f_filepath,e.f_MIME,e.f_name)
#When an error happens, log it and save the time
#Note that we are logging to the compiled event object
page.errors.append([time.strftime(config['time-format']),e])
#Keep oly the most recent 25 errors
#If this is the first error(high level: transition from ok to not ok)
#send a global system messsage that will go to the front page.
if len(page.errors)==1:
messagebus.postMessage('/system/notifications',
"Page "+pagename+" of module "+module+
" may need attention")
raise (e)
def addResourceTarget(module,type,name,kwargs):
pages.require("/admin/modules.edit")
global moduleschanged
moduleschanged = True
def insertResource(r):
ActiveModules[module][kwargs['name']] = r
with modulesLock:
#Check if a resource by that name is already there
if kwargs['name'] in ActiveModules[module]:
raise cherrypy.HTTPRedirect("/errors/alreadyexists")
#Create a permission
if type == 'permission':
insertResource({
"resource-type":"permission",
"description":kwargs['description']})
#has its own lock
auth.importPermissionsFromModules() #sync auth's list of permissions
if type == 'event':
insertResource({
"resource-type":"event",
"trigger":"False",
"action":"pass",
"once":True})
#newevt maintains a cache of precompiled events that must be kept in sync with
#the modules
newevt.updateOneEvent(kwargs['name'],module)
if type == 'page':
insertResource({
"resource-type":"page",
"body":"Content here",
'no-navheader':True})
usrpages.updateOnePage(kwargs['name'],module)
messagebus.postMessage("/system/notifications", "User "+ pages.getAcessingUser() + " added resource " +
kwargs['name'] + " of type " + type+" to module " + module)
#Take the user straight to the resource page
raise cherrypy.HTTPRedirect("/modules/module/"+util.url(module)+'/resource/'+util.url(name))
def resourceEditPage(module,resource):
pages.require("/admin/modules.view")
with modulesLock:
resourceinquestion = ActiveModules[module][resource]
if resourceinquestion['resource-type'] == 'permission':
return permissionEditPage(module, resource)
if resourceinquestion['resource-type'] == 'event':
return pages.get_template("/modules/events/event.html").render(module =module,name =resource,event
=ActiveModules[module][resource])
if resourceinquestion['resource-type'] == 'page':
if 'require-permissions' in resourceinquestion:
requiredpermissions = resourceinquestion['require-permissions']
else:
requiredpermissions = []
return pages.get_template("/modules/pages/page.html").render(module=module,name=resource,
page=ActiveModules[module][resource],requiredpermissions = requiredpermissions)
def module(self,module,*path,**kwargs):
#If we are not performing an action on a module just going to its page
if not path:
pages.require("/admin/modules.view")
return pages.get_template("modules/module.html").render(module = ActiveModules[module],name = module)
else:
#This gets the interface to add a page
if path[0] == 'addresource':
#path[1] tells what type of resource is being created and addResourceDispatcher returns the appropriate crud screen
return addResourceDispatcher(module,path[1])
#This case handles the POST request from the new resource target
if path[0] == 'addresourcetarget':
return addResourceTarget(module,path[1],kwargs['name'],kwargs)
#This case shows the information and editing page for one resource
if path[0] == 'resource':
return resourceEditPage(module,path[1])
#This goes to a dispatcher that takes into account the type of resource and updates everything about the resource.
if path[0] == 'updateresource':
return resourceUpdateTarget(module,path[1],kwargs)
#This returns a page to delete any resource by name
if path[0] == 'deleteresource':
pages.require("/admin/modules.edit")
return pages.get_template("modules/deleteresource.html").render(module=module)
#This handles the POST request to actually do the deletion
if path[0] == 'deleteresourcetarget':
pages.require("/admin/modules.edit")
with modulesLock:
r = ActiveModules[module].pop(kwargs['name'])
#Annoying bookkeeping crap to get rid of the cached crap
if r['resource-type'] == 'event':
newevt.removeOneEvent(kwargs['name'])
if r['resource-type'] == 'permission':
auth.importPermissionsFromModules() #sync auth's list of permissions
raise cherrypy.HTTPRedirect('/modules')
#This is the target used to change the name and description(basic info) of a module
if path[0] == 'update':
pages.require("/admin/modules.edit")
with modulesLock:
ActiveModules[kwargs['name']] = ActiveModules.pop(module)
ActiveModules[module]['__description']['text'] = kwargs['description']
raise cherrypy.HTTPRedirect('/modules/module/'+util.url(kwargs['name']))
def resourceUpdateTarget(module,resource,kwargs):
pages.require("/admin/modules.edit")
t = ActiveModules[module][resource]['resource-type']
if t == 'permission':
with modulesLock:
ActiveModules[module][resource]['description'] = kwargs['description']
#has its own lock
auth.importPermissionsFromModules() #sync auth's list of permissions
if t == 'event':
with modulesLock:
e = newevt.Event(kwargs['trigger'],kwargs['action'],{})#Test compile, throw error on fail.
ActiveModules[module][resource]['trigger'] = kwargs['trigger']
ActiveModules[module][resource]['action'] = kwargs['action']
#I really need to do something about this possibly brittle bookkeeping system
#But anyway, when the active modules thing changes we must update the newevt cache thing.
newevt.updateOneEvent(resource,module)
if t == 'page':
with modulesLock:
pageinquestion = ActiveModules[module][resource]
pageinquestion['body'] = kwargs['body']
pageinquestion['no-navheader'] = 'no-navheader' in kwargs
#Method checkboxes
pageinquestion['require-method'] = []
if 'allow-GET' in kwargs:
pageinquestion['require-method'].append('GET')
if 'allow-POST' in kwargs:
pageinquestion['require-method'].append('POST')
#permission checkboxes
pageinquestion['require-permissions'] = []
for i in kwargs:
#Since HTTP args don't have namespaces we prefix all the permission checkboxes with permission
if i[:10] == 'Permission':
if kwargs[i] == 'true':
pageinquestion['require-permissions'].append(i[10:])
#Return user to the module page
raise cherrypy.HTTPRedirect("/modules/module/"+util.url(module))#+'/resource/'+util.url(resource))
def index(self):
#Require permissions and render page. A lotta that in this file.
pages.require("/admin/modules.view")
return pages.get_template("modules/index.html").render(ActiveModules = ActiveModules)
def savetarget(self):
pages.require("/admin/settings.edit")
util.SaveAllState()
messagebus.postMessage("/system/notifications","Global server state was saved to disk")
raise cherrypy.HTTPRedirect('/')
def archive(self):
pages.require('/users/logs.view')
return pages.get_template('logging/archive.html').render(files = listlogdumps())
def newgroup(self):
pages.require("/admin/users.edit")
return pages.get_template("auth/newgroup.html").render()
def deletegroup(self, **kwargs):
pages.require("/admin/users.edit")
return pages.get_template("auth/deletegroup.html").render()
def deletegroup(self,**kwargs):
pages.require("/admin/users.edit")
return pages.get_template("auth/deletegroup.html").render()
def viewall(self, topic):
pages.require('/users/logs.view')
return pages.get_template('logging/topic.html').render(topicname=topic)
def clearall(self,topic):
pages.require('/admin/logging.edit')
log.pop(topic)
return pages.get_template('logging/index.html').render()
def save(self):
pages.require("/admin/settings.edit")
return pages.get_template("settings/save.html").render()
def index(self):
pages.require("/admin/settings.view")
return pages.get_template("settings/index.html").render()
def index(self):
pages.require("/admin/users.edit")
return pages.get_template("auth/index.html").render(auth = auth)
def deluser(self,**kwargs):
pages.require("/admin/users.edit")
auth.removeUser(kwargs['user'])
raise cherrypy.HTTPRedirect("/auth")
def newgroup(self):
pages.require("/admin/users.edit")
return pages.get_template("auth/newgroup.html").render()
def deletemodule(self):
pages.require("/admin/modules.edit")
return pages.get_template("modules/delete.html").render()
def deluser(self, **kwargs):
pages.require("/admin/users.edit")
auth.removeUser(kwargs['user'])
raise cherrypy.HTTPRedirect("/auth")
def delgroup(self, **kwargs):
pages.require("/admin/users.edit")
auth.removeGroup(kwargs['group'])
raise cherrypy.HTTPRedirect("/auth")
def group(self, group):
pages.require("/admin/users.edit")
return pages.get_template("auth/group.html").render(auth=auth,
name=group)
def delgroup(self,**kwargs):
pages.require("/admin/users.edit")
auth.removeGroup(kwargs['group'])
raise cherrypy.HTTPRedirect("/auth")
def index(self):
pages.require("/admin/users.edit")
return pages.get_template("auth/index.html").render(auth=auth)
def index(self):
pages.require("/admin/persistancefiles.view")
return pages.get_template("persistfiles/delete.html").render()
def permissionEditPage(module,resource):
pages.require("/admin/modules.view")
return pages.get_template("modules/permissions/permission.html").render(module = module,
permission = resource, description = ActiveModules[module][resource]['description'])
def savetarget(self):
pages.require("/admin/settings.edit")
util.SaveAllState()
raise cherrypy.HTTPRedirect('/')
def save(self, *path, **data):
pages.require('/admin/settings.edit')
return pages.get_template('save.html').render()
def group(self,group):
pages.require("/admin/users.edit")
return pages.get_template("auth/group.html").render(
auth = auth, name = group)
