def notify_subscribers(configuration, forum_base, vgrid_name, thread, author, url): """Send notifications to all users subscribing to forum in forum_base""" subscribers = list_subscribers(forum_base, thread) threads = [] notify = [] for proto in configuration.notify_protocols: notify.append('%s: SETTINGS' % proto) for target in subscribers: job_dict = {'NOTIFY': notify, 'JOB_ID': 'NOJOBID', 'USER_CERT': target} notifier = notify_user_thread( job_dict, [vgrid_name, author, url], 'FORUMUPDATE', configuration.logger, '', configuration, ) notifier.join(0) threads.append(notifier) for notifier in threads: # Try finishing delivery but do not block forever on one message notifier.join(30)
def requeue_job( job_dict, failed_msg, job_queue, executing_queue, configuration, logger, ): """Requeue a failed job by moving it from executing_queue to job_queue""" if not job_dict: msg = 'requeue_job: %s is no longer in executing queue' print failed_msg logger.info(failed_msg) else: executing_queue.dequeue_job_by_id(job_dict['JOB_ID']) failed_timestamp = time.gmtime() # Clean up the server for files assosiated with the executing job if not job_dict.has_key('SESSIONID')\ or not job_dict.has_key('IOSESSIONID')\ or not server_cleanup( job_dict['SESSIONID'], job_dict['IOSESSIONID'], job_dict['LOCALJOBNAME'], job_dict['JOB_ID'], configuration, logger, ): logger.error('could not clean up MiG server') print 'CLEAN UP FAILED' client_dir = client_id_dir(job_dict['USER_CERT']) # Remove job result files, if they have arrived as the result is not valid # This can happen with sandboxes as they can't be stopped serverside status_prefix = os.path.join(configuration.user_home, client_dir, job_dict['JOB_ID']) io.delete_file(status_prefix + '.status', logger) io.delete_file(status_prefix + '.stdout', logger) io.delete_file(status_prefix + '.stderr', logger) # Generate execution history if not job_dict.has_key('EXECUTION_HISTORY'): job_dict['EXECUTION_HISTORY'] = [] history_dict = { 'QUEUED_TIMESTAMP': job_dict['QUEUED_TIMESTAMP'], 'EXECUTING_TIMESTAMP': job_dict['EXECUTING_TIMESTAMP'], 'FAILED_TIMESTAMP': failed_timestamp, 'FAILED_MESSAGE': failed_msg, 'UNIQUE_RESOURCE_NAME': job_dict['UNIQUE_RESOURCE_NAME'], 'RESOURCE_VGRID': job_dict.get('RESOURCE_VGRID', ''), 'PUBLICNAME': job_dict.get('PUBLICNAME', 'HIDDEN'), } job_dict['EXECUTION_HISTORY'].append(history_dict) # Retry if retries left job_dict['RETRY_COUNT'] = job_dict.get('RETRY_COUNT', 0) + 1 unique_resource_name = job_dict['UNIQUE_RESOURCE_NAME'] mrsl_file = os.path.join(configuration.mrsl_files_dir, client_dir, job_dict['JOB_ID'] + '.mRSL') job_retries = job_dict.get('RETRIES', configuration.job_retries) if job_dict['RETRY_COUNT'] <= job_retries: job_dict['STATUS'] = 'QUEUED' job_dict['QUEUED_TIMESTAMP'] = time.gmtime() del job_dict['EXECUTING_TIMESTAMP'] del job_dict['UNIQUE_RESOURCE_NAME'] del job_dict['EXE'] del job_dict['RESOURCE_CONFIG'] del job_dict['LOCALJOBNAME'] if job_dict.has_key('SESSIONID'): del job_dict['SESSIONID'] if job_dict.has_key('IOSESSIONID'): del job_dict['IOSESSIONID'] if job_dict.has_key('PUBLICNAME'): del job_dict['PUBLICNAME'] if job_dict.has_key('RESOURCE_VGRID'): del job_dict['RESOURCE_VGRID'] io.pickle(job_dict, mrsl_file, logger) # Requeue job last in queue for retry later job_queue.enqueue_job(job_dict, job_queue.queue_length()) msg = \ '%s failed to execute job %s - requeue for retry %d of %d'\ % (unique_resource_name, job_dict['JOB_ID'], job_dict['RETRY_COUNT'], job_retries) print msg logger.info(msg) else: job_dict['STATUS'] = 'FAILED' job_dict['FAILED_TIMESTAMP'] = failed_timestamp io.pickle(job_dict, mrsl_file, logger) # tell the user the sad news msg = 'Gave up on executing job %s after %d retries'\ % (job_dict['JOB_ID'], job_retries) logger.error(msg) print msg notify_user_thread( job_dict, configuration.myfiles_py_location, 'FAILED', logger, False, configuration, )
def main(client_id, user_arguments_dict): """Main function used by front end""" (configuration, logger, output_objects, op_name) = \ initialize_main_variables(client_id, op_header=False) defaults = signature()[1] title_entry = find_entry(output_objects, 'title') label = "%s" % configuration.site_vgrid_label title_entry['text'] = '%s send request' % configuration.short_title output_objects.append({ 'object_type': 'header', 'text': '%s send request' % configuration.short_title }) (validate_status, accepted) = validate_input_and_cert( user_arguments_dict, defaults, output_objects, client_id, configuration, allow_rejects=False, ) if not validate_status: return (accepted, returnvalues.CLIENT_ERROR) target_id = client_id vgrid_name = accepted['vgrid_name'][-1].strip() visible_user_names = accepted['cert_id'] visible_res_names = accepted['unique_resource_name'] request_type = accepted['request_type'][-1].strip().lower() request_text = accepted['request_text'][-1].strip() protocols = [proto.strip() for proto in accepted['protocol']] use_any = False if any_protocol in protocols: use_any = True protocols = configuration.notify_protocols protocols = [proto.lower() for proto in protocols] if not safe_handler(configuration, 'post', op_name, client_id, get_csrf_limit(configuration), accepted): output_objects.append({ 'object_type': 'error_text', 'text': '''Only accepting CSRF-filtered POST requests to prevent unintended updates''' }) return (output_objects, returnvalues.CLIENT_ERROR) valid_request_types = [ 'resourceowner', 'resourceaccept', 'resourcereject', 'vgridowner', 'vgridmember', 'vgridresource', 'vgridaccept', 'vgridreject', 'plain' ] if not request_type in valid_request_types: output_objects.append({ 'object_type': 'error_text', 'text': '%s is not a valid request_type (valid types: %s)!' % (request_type.lower(), valid_request_types) }) return (output_objects, returnvalues.CLIENT_ERROR) if not protocols: output_objects.append({ 'object_type': 'error_text', 'text': 'No protocol specified!' }) return (output_objects, returnvalues.CLIENT_ERROR) user_map = get_user_map(configuration) reply_to = user_map[client_id][USERID] # Try to point replies to client_id email client_email = extract_field(reply_to, 'email') if request_type == "plain": if not visible_user_names: output_objects.append({ 'object_type': 'error_text', 'text': 'No user ID specified!' }) return (output_objects, returnvalues.CLIENT_ERROR) user_id = visible_user_names[-1].strip() anon_map = anon_to_real_user_map(configuration) if anon_map.has_key(user_id): user_id = anon_map[user_id] if not user_map.has_key(user_id): output_objects.append({ 'object_type': 'error_text', 'text': 'No such user: %s' % user_id }) return (output_objects, returnvalues.CLIENT_ERROR) target_name = user_id user_dict = user_map[user_id] vgrid_access = user_vgrid_access(configuration, client_id) vgrids_allow_email = user_dict[CONF].get('VGRIDS_ALLOW_EMAIL', []) vgrids_allow_im = user_dict[CONF].get('VGRIDS_ALLOW_IM', []) if any_vgrid in vgrids_allow_email: email_vgrids = vgrid_access else: email_vgrids = set(vgrids_allow_email).intersection(vgrid_access) if any_vgrid in vgrids_allow_im: im_vgrids = vgrid_access else: im_vgrids = set(vgrids_allow_im).intersection(vgrid_access) if use_any: # Do not try disabled protocols if ANY was requested if not email_vgrids: protocols = [ proto for proto in protocols if proto not in email_keyword_list ] if not im_vgrids: protocols = [ proto for proto in protocols if proto in email_keyword_list ] if not email_vgrids and [ proto for proto in protocols if proto in email_keyword_list ]: output_objects.append({ 'object_type': 'error_text', 'text': 'You are not allowed to send emails to %s!' % user_id }) return (output_objects, returnvalues.CLIENT_ERROR) if not im_vgrids and [ proto for proto in protocols if proto not in email_keyword_list ]: output_objects.append({ 'object_type': 'error_text', 'text': 'You are not allowed to send instant messages to %s!' % user_id }) return (output_objects, returnvalues.CLIENT_ERROR) for proto in protocols: if not user_dict[CONF].get(proto.upper(), False): if use_any: # Remove missing protocols if ANY protocol was requested protocols = [i for i in protocols if i != proto] else: output_objects.append({ 'object_type': 'error_text', 'text': 'User %s does not accept %s messages!' % (user_id, proto) }) return (output_objects, returnvalues.CLIENT_ERROR) if not protocols: output_objects.append({ 'object_type': 'error_text', 'text': 'User %s does not accept requested protocol(s) messages!' % user_id }) return (output_objects, returnvalues.CLIENT_ERROR) target_list = [user_id] elif request_type in ["vgridaccept", "vgridreject"]: # Always allow accept messages but only between owners/members if not visible_user_names and not visible_res_names: output_objects.append({ 'object_type': 'error_text', 'text': 'No user or resource ID specified!' }) return (output_objects, returnvalues.CLIENT_ERROR) if not vgrid_name: output_objects.append({ 'object_type': 'error_text', 'text': 'No vgrid_name specified!' }) return (output_objects, returnvalues.CLIENT_ERROR) if vgrid_name.upper() == default_vgrid.upper(): output_objects.append({ 'object_type': 'error_text', 'text': 'No requests for %s are allowed!' % default_vgrid }) return (output_objects, returnvalues.CLIENT_ERROR) if not vgrid_is_owner(vgrid_name, client_id, configuration): output_objects.append({ 'object_type': 'error_text', 'text': 'You are not an owner of %s or a parent %s!' % (vgrid_name, label) }) return (output_objects, returnvalues.CLIENT_ERROR) # NOTE: we support exactly one vgrid but multiple users/resources here if visible_user_names: logger.info("setting user recipients: %s" % visible_user_names) target_list = [user_id.strip() for user_id in visible_user_names] elif visible_res_names: # vgrid resource accept - lookup and notify resource owners logger.info("setting res owner recipients: %s" % visible_res_names) target_list = [] for unique_resource_name in visible_res_names: logger.info("loading res owners for %s" % unique_resource_name) (load_status, res_owners) = resource_owners(configuration, unique_resource_name) if not load_status: output_objects.append({ 'object_type': 'error_text', 'text': 'Could not lookup owners of %s!' % unique_resource_name }) continue logger.info("adding res owners to recipients: %s" % res_owners) target_list += [user_id for user_id in res_owners] target_id = '%s %s owners' % (vgrid_name, label) target_name = vgrid_name elif request_type in ["resourceaccept", "resourcereject"]: # Always allow accept messages between actual resource owners if not visible_user_names: output_objects.append({ 'object_type': 'error_text', 'text': 'No user ID specified!' }) return (output_objects, returnvalues.CLIENT_ERROR) if not visible_res_names: output_objects.append({ 'object_type': 'error_text', 'text': 'No resource ID specified!' }) return (output_objects, returnvalues.CLIENT_ERROR) # NOTE: we support exactly one resource but multiple users here unique_resource_name = visible_res_names[-1].strip() target_name = unique_resource_name res_map = get_resource_map(configuration) if not res_map.has_key(unique_resource_name): output_objects.append({ 'object_type': 'error_text', 'text': 'No such resource: %s' % unique_resource_name }) return (output_objects, returnvalues.CLIENT_ERROR) owners_list = res_map[unique_resource_name][OWNERS] if not client_id in owners_list: output_objects.append({ 'object_type': 'error_text', 'text': 'You are not an owner of %s!' % unique_resource_name }) output_objects.append({ 'object_type': 'error_text', 'text': 'Invalid resource %s message!' % request_type }) return (output_objects, returnvalues.CLIENT_ERROR) target_id = '%s resource owners' % unique_resource_name target_name = unique_resource_name target_list = [user_id.strip() for user_id in visible_user_names] elif request_type == "resourceowner": if not visible_res_names: output_objects.append({ 'object_type': 'error_text', 'text': 'No resource ID specified!' }) return (output_objects, returnvalues.CLIENT_ERROR) # NOTE: we support exactly one resource but multiple users here unique_resource_name = visible_res_names[-1].strip() anon_map = anon_to_real_res_map(configuration.resource_home) if anon_map.has_key(unique_resource_name): unique_resource_name = anon_map[unique_resource_name] target_name = unique_resource_name res_map = get_resource_map(configuration) if not res_map.has_key(unique_resource_name): output_objects.append({ 'object_type': 'error_text', 'text': 'No such resource: %s' % unique_resource_name }) return (output_objects, returnvalues.CLIENT_ERROR) target_list = res_map[unique_resource_name][OWNERS] if client_id in target_list: output_objects.append({ 'object_type': 'error_text', 'text': 'You are already an owner of %s!' % unique_resource_name }) return (output_objects, returnvalues.CLIENT_ERROR) request_dir = os.path.join(configuration.resource_home, unique_resource_name) access_request = { 'request_type': request_type, 'entity': client_id, 'target': unique_resource_name, 'request_text': request_text } if not save_access_request(configuration, request_dir, access_request): output_objects.append({ 'object_type': 'error_text', 'text': 'Could not save request - owners may still manually add you' }) return (output_objects, returnvalues.SYSTEM_ERROR) elif request_type in ["vgridmember", "vgridowner", "vgridresource"]: if not vgrid_name: output_objects.append({ 'object_type': 'error_text', 'text': 'No vgrid_name specified!' }) return (output_objects, returnvalues.CLIENT_ERROR) # default vgrid is read-only if vgrid_name.upper() == default_vgrid.upper(): output_objects.append({ 'object_type': 'error_text', 'text': 'No requests for %s are not allowed!' % default_vgrid }) return (output_objects, returnvalues.CLIENT_ERROR) # stop owner or member request if already an owner # and prevent repeated resource access requests if request_type == 'vgridresource': # NOTE: we support exactly one resource here unique_resource_name = visible_res_names[-1].strip() target_id = entity = unique_resource_name if vgrid_is_resource(vgrid_name, unique_resource_name, configuration): output_objects.append({ 'object_type': 'error_text', 'text': 'You already have access to %s or a parent %s.' % (vgrid_name, label) }) return (output_objects, returnvalues.CLIENT_ERROR) else: target_id = entity = client_id if vgrid_is_owner(vgrid_name, client_id, configuration): output_objects.append({ 'object_type': 'error_text', 'text': 'You are already an owner of %s or a parent %s!' % (vgrid_name, label) }) return (output_objects, returnvalues.CLIENT_ERROR) # only ownership requests are allowed for existing members if request_type == 'vgridmember': if vgrid_is_member(vgrid_name, client_id, configuration): output_objects.append({ 'object_type': 'error_text', 'text': 'You are already a member of %s or a parent %s.' % (vgrid_name, label) }) return (output_objects, returnvalues.CLIENT_ERROR) # Find all VGrid owners configured to receive notifications target_name = vgrid_name (settings_status, settings_dict) = vgrid_settings(vgrid_name, configuration, recursive=True, as_dict=True) if not settings_status: settings_dict = {} request_recipients = settings_dict.get('request_recipients', default_vgrid_settings_limit) # We load and use direct owners first if any - otherwise inherited owners_list = [] for inherited in (False, True): (owners_status, owners_list) = vgrid_owners(vgrid_name, configuration, recursive=inherited) if not owners_status: output_objects.append({ 'object_type': 'error_text', 'text': 'Failed to lookup owners for %s %s - sure it exists?' % (vgrid_name, label) }) return (output_objects, returnvalues.CLIENT_ERROR) elif owners_list: break if not owners_list: output_objects.append({ 'object_type': 'error_text', 'text': 'Failed to lookup owners for %s %s - sure it exists?' % (vgrid_name, label) }) return (output_objects, returnvalues.CLIENT_ERROR) # Now we have direct or inherited owners to notify target_list = owners_list[:request_recipients] request_dir = os.path.join(configuration.vgrid_home, vgrid_name) access_request = { 'request_type': request_type, 'entity': entity, 'target': vgrid_name, 'request_text': request_text } if not save_access_request(configuration, request_dir, access_request): output_objects.append({ 'object_type': 'error_text', 'text': 'Could not save request - owners may still manually add you' }) return (output_objects, returnvalues.SYSTEM_ERROR) else: output_objects.append({ 'object_type': 'error_text', 'text': 'Invalid request type: %s' % request_type }) return (output_objects, returnvalues.CLIENT_ERROR) # Now send request to all targets in turn # TODO: inform requestor if no owners have mail/IM set in their settings logger.debug("sending notification to recipients: %s" % target_list) for target in target_list: if not target: logger.warning("skipping empty notify target: %s" % target_list) continue # USER_CERT entry is destination notify = [] for proto in protocols: notify.append('%s: SETTINGS' % proto) job_dict = { 'NOTIFY': notify, 'JOB_ID': 'NOJOBID', 'USER_CERT': target, 'EMAIL_SENDER': client_email } notifier = notify_user_thread( job_dict, [target_id, target_name, request_type, request_text, reply_to], 'SENDREQUEST', logger, '', configuration, ) # Try finishing delivery but do not block forever on one message notifier.join(30) output_objects.append({ 'object_type': 'text', 'text': 'Sent %s message to %d people' % (request_type, len(target_list)) }) output_objects.append({ 'object_type': 'text', 'text': """Please make sure you have notifications configured on your Setings page if you expect a reply to this message""" }) return (output_objects, returnvalues.OK)
def main(client_id, user_arguments_dict): """Main function used by front end""" (configuration, logger, output_objects, op_name) = \ initialize_main_variables(client_id, op_header=False) client_dir = client_id_dir(client_id) defaults = signature()[1] (validate_status, accepted) = validate_input_and_cert( user_arguments_dict, defaults, output_objects, client_id, configuration, allow_rejects=False, ) if not validate_status: return (accepted, returnvalues.CLIENT_ERROR) action = accepted['action'][-1] share_id = accepted['share_id'][-1] path = accepted['path'][-1] read_access = accepted['read_access'][-1].lower() in enabled_strings write_access = accepted['write_access'][-1].lower() in enabled_strings expire = accepted['expire'][-1] # Merge and split invite to make sure 'a@b, c@d' entries are handled invite_list = ','.join(accepted['invite']).split(',') invite_list = [i for i in invite_list if i] invite_msg = accepted['msg'] title_entry = find_entry(output_objects, 'title') title_entry['text'] = 'Share Link' # jquery support for tablesorter and confirmation on delete/redo: # table initially sorted by 5, 4 reversed (active first and in growing age) table_spec = {'table_id': 'sharelinkstable', 'sort_order': '[[5,1],[4,1]]'} (add_import, add_init, add_ready) = man_base_js(configuration, [table_spec], {'width': 600}) title_entry['script']['advanced'] += add_import title_entry['script']['init'] += add_init title_entry['script']['ready'] += add_ready output_objects.append({ 'object_type': 'html_form', 'text': man_base_html(configuration) }) header_entry = {'object_type': 'header', 'text': 'Manage share links'} output_objects.append(header_entry) if not configuration.site_enable_sharelinks: output_objects.append({ 'object_type': 'text', 'text': ''' Share links are disabled on this site. Please contact the site admins %s if you think they should be enabled. ''' % configuration.admin_email }) return (output_objects, returnvalues.OK) logger.info('sharelink %s from %s' % (action, client_id)) logger.debug('sharelink from %s: %s' % (client_id, accepted)) if not action in valid_actions: output_objects.append({ 'object_type': 'error_text', 'text': 'Invalid action "%s" (supported: %s)' % (action, ', '.join(valid_actions)) }) return (output_objects, returnvalues.CLIENT_ERROR) if action in post_actions: if not safe_handler(configuration, 'post', op_name, client_id, get_csrf_limit(configuration), accepted): output_objects.append({ 'object_type': 'error_text', 'text': '''Only accepting CSRF-filtered POST requests to prevent unintended updates''' }) return (output_objects, returnvalues.CLIENT_ERROR) (load_status, share_map) = load_share_links(configuration, client_id) if not load_status: share_map = {} form_method = 'post' csrf_limit = get_csrf_limit(configuration) target_op = 'sharelink' csrf_token = make_csrf_token(configuration, form_method, target_op, client_id, csrf_limit) if action in get_actions: if action == "show": # Table columns to skip skip_list = ['owner', 'single_file', 'expire'] sharelinks = [] for (saved_id, share_dict) in share_map.items(): share_item = build_sharelinkitem_object( configuration, share_dict) js_name = 'delete%s' % hexlify(saved_id) helper = html_post_helper( js_name, '%s.py' % target_op, { 'share_id': saved_id, 'action': 'delete', csrf_field: csrf_token }) output_objects.append({ 'object_type': 'html_form', 'text': helper }) share_item['delsharelink'] = { 'object_type': 'link', 'destination': "javascript: confirmDialog(%s, '%s');" % (js_name, 'Really remove %s?' % saved_id), 'class': 'removelink iconspace', 'title': 'Remove share link %s' % saved_id, 'text': '' } sharelinks.append(share_item) # Display share links and form to add new ones output_objects.append({ 'object_type': 'sectionheader', 'text': 'Share Links' }) output_objects.append({ 'object_type': 'table_pager', 'entry_name': 'share links', 'default_entries': default_pager_entries }) output_objects.append({ 'object_type': 'sharelinks', 'sharelinks': sharelinks, 'skip_list': skip_list }) output_objects.append({ 'object_type': 'html_form', 'text': '<br/>' }) output_objects.append({ 'object_type': 'sectionheader', 'text': 'Create Share Link' }) submit_button = '''<span> <input type=submit value="Create share link" /> </span>''' sharelink_html = create_share_link_form(configuration, client_id, 'html', submit_button, csrf_token) output_objects.append({ 'object_type': 'html_form', 'text': sharelink_html }) elif action == "edit": header_entry['text'] = 'Edit Share Link' share_dict = share_map.get(share_id, {}) if not share_dict: output_objects.append({ 'object_type': 'error_text', 'text': 'existing share link is required for edit' }) return (output_objects, returnvalues.CLIENT_ERROR) output_objects.append({ 'object_type': 'html_form', 'text': ''' <p> Here you can send invitations for your share link %(share_id)s to one or more comma-separated recipients. </p> ''' % share_dict }) sharelinks = [] share_item = build_sharelinkitem_object(configuration, share_dict) saved_id = share_item['share_id'] js_name = 'delete%s' % hexlify(saved_id) helper = html_post_helper(js_name, '%s.py' % target_op, { 'share_id': saved_id, 'action': 'delete', csrf_field: csrf_token }) output_objects.append({'object_type': 'html_form', 'text': helper}) # Hide link to self del share_item['editsharelink'] share_item['delsharelink'] = { 'object_type': 'link', 'destination': "javascript: confirmDialog(%s, '%s');" % (js_name, 'Really remove %s?' % saved_id), 'class': 'removelink iconspace', 'title': 'Remove share link %s' % saved_id, 'text': '' } sharelinks.append(share_item) output_objects.append({ 'object_type': 'sharelinks', 'sharelinks': sharelinks }) submit_button = '''<span> <input type=submit value="Send invitation(s)" /> </span>''' sharelink_html = invite_share_link_form(configuration, client_id, share_dict, 'html', submit_button, csrf_token) output_objects.append({ 'object_type': 'html_form', 'text': sharelink_html }) output_objects.append({ 'object_type': 'link', 'destination': 'sharelink.py', 'text': 'Return to share link overview' }) return (output_objects, returnvalues.OK) elif action in post_actions: share_dict = share_map.get(share_id, {}) if not share_dict and action != 'create': logger.warning('%s tried to %s missing or not owned link %s!' % (client_id, action, share_id)) output_objects.append({ 'object_type': 'error_text', 'text': '%s requires existing share link' % action }) return (output_objects, returnvalues.CLIENT_ERROR) share_path = share_dict.get('path', path) # Please note that base_dir must end in slash to avoid access to other # user dirs when own name is a prefix of another user name base_dir = os.path.abspath( os.path.join(configuration.user_home, client_dir)) + os.sep rel_share_path = share_path.lstrip(os.sep) # IMPORTANT: path must be expanded to abs for proper chrooting abs_path = os.path.abspath(os.path.join(base_dir, rel_share_path)) relative_path = abs_path.replace(base_dir, '') real_path = os.path.realpath(abs_path) single_file = os.path.isfile(real_path) vgrid_name = in_vgrid_share(configuration, abs_path) if action == 'delete': header_entry['text'] = 'Delete Share Link' (save_status, _) = delete_share_link(share_id, client_id, configuration, share_map) if save_status and vgrid_name: logger.debug("del vgrid sharelink pointer %s" % share_id) (del_status, del_msg) = vgrid_remove_sharelinks(configuration, vgrid_name, [share_id], 'share_id') if not del_status: logger.error("del vgrid sharelink pointer %s failed: %s" % (share_id, del_msg)) return (False, share_map) desc = "delete" elif action == "update": header_entry['text'] = 'Update Share Link' # Try to point replies to client_id email client_email = extract_field(client_id, 'email') if invite_list: invites = share_dict.get('invites', []) + invite_list invites_uniq = list(set([i for i in invites if i])) invites_uniq.sort() share_dict['invites'] = invites_uniq auto_msg = invite_share_link_message(configuration, client_id, share_dict, 'html') msg = '\n'.join(invite_msg) # Now send request to all targets in turn threads = [] for target in invite_list: job_dict = { 'NOTIFY': [target.strip()], 'JOB_ID': 'NOJOBID', 'USER_CERT': client_id, 'EMAIL_SENDER': client_email } logger.debug('invite %s to %s' % (target, share_id)) threads.append( notify_user_thread( job_dict, [auto_msg, msg], 'INVITESHARE', logger, '', configuration, )) # Try finishing delivery but do not block forever on one message notify_done = [False for _ in threads] for _ in range(3): for i in range(len(invite_list)): if not notify_done[i]: logger.debug('check done %s' % invite_list[i]) notify = threads[i] notify.join(3) notify_done[i] = not notify.isAlive() notify_sent, notify_failed = [], [] for i in range(len(invite_list)): if notify_done[i]: notify_sent.append(invite_list[i]) else: notify_failed.append(invite_list[i]) logger.debug('notify sent %s, failed %s' % (notify_sent, notify_failed)) if notify_failed: output_objects.append({ 'object_type': 'html_form', 'text': ''' <p>Failed to send invitation to %s</p>''' % ', '.join(notify_failed) }) if notify_sent: output_objects.append({ 'object_type': 'html_form', 'text': '''<p>Invitation sent to %s</p> <textarea class="fillwidth padspace" rows="%d" readonly="readonly"> %s %s </textarea> ''' % (', '.join(notify_sent), (auto_msg + msg).count('\n') + 3, auto_msg, msg) }) if expire: share_dict['expire'] = expire (save_status, _) = update_share_link(share_dict, client_id, configuration, share_map) desc = "update" elif action == "create": header_entry['text'] = 'Create Share Link' if not read_access and not write_access: output_objects.append({ 'object_type': 'error_text', 'text': 'No access set - please select read, write or both' }) return (output_objects, returnvalues.CLIENT_ERROR) # NOTE: check path here as relative_path is empty for path='/' if not path: output_objects.append({ 'object_type': 'error_text', 'text': 'No path provided!' }) return (output_objects, returnvalues.CLIENT_ERROR) # We refuse sharing of entire home for security reasons elif not valid_user_path( configuration, abs_path, base_dir, allow_equal=False): logger.warning('%s tried to %s restricted path %s ! (%s)' % (client_id, action, abs_path, path)) output_objects.append({ 'object_type': 'error_text', 'text': '''Illegal path "%s": you can only share your own data, and not your entire home direcory.''' % path }) return (output_objects, returnvalues.CLIENT_ERROR) elif not os.path.exists(abs_path): output_objects.append({ 'object_type': 'error_text', 'text': 'Provided path "%s" does not exist!' % path }) return (output_objects, returnvalues.CLIENT_ERROR) # Refuse sharing of (mainly auth) dot dirs in root of user home elif real_path.startswith(os.path.join(base_dir, '.')): output_objects.append({ 'object_type': 'error_text', 'text': 'Provided path "%s" cannot be shared for security reasons' % path }) return (output_objects, returnvalues.CLIENT_ERROR) elif single_file and write_access: output_objects.append({ 'object_type': 'error_text', 'text': '''Individual files cannot be shared with write access - please share a directory with the file in it or only share with read access. ''' }) return (output_objects, returnvalues.CLIENT_ERROR) # We check if abs_path is in vgrid share, but do not worry about # private_base or public_base since they are only available to # owners, who can always share anyway. if vgrid_name is not None and \ not vgrid_is_owner(vgrid_name, client_id, configuration): # share is inside vgrid share so we must check that user is # permitted to create sharelinks there. (load_status, settings_dict) = vgrid_settings(vgrid_name, configuration, recursive=True, as_dict=True) if not load_status: # Probably owners just never saved settings, use defaults settings_dict = {'vgrid_name': vgrid_name} allowed = settings_dict.get('create_sharelink', keyword_owners) if allowed != keyword_members: output_objects.append({ 'object_type': 'error_text', 'text': '''The settings for the %(vgrid_name)s %(vgrid_label)s do not permit you to re-share %(vgrid_label)s shared folders. Please contact the %(vgrid_name)s owners if you think you should be allowed to do that. ''' % { 'vgrid_name': vgrid_name, 'vgrid_label': configuration.site_vgrid_label } }) return (output_objects, returnvalues.CLIENT_ERROR) access_list = [] if read_access: access_list.append('read') if write_access: access_list.append('write') share_mode = '-'.join((access_list + ['only'])[:2]) # TODO: more validity checks here if share_dict: desc = "update" else: desc = "create" # IMPORTANT: always use expanded path share_dict.update({ 'path': relative_path, 'access': access_list, 'expire': expire, 'invites': invite_list, 'single_file': single_file }) attempts = 1 generate_share_id = False if not share_id: attempts = 3 generate_share_id = True for i in range(attempts): if generate_share_id: share_id = generate_sharelink_id(configuration, share_mode) share_dict['share_id'] = share_id (save_status, save_msg) = create_share_link(share_dict, client_id, configuration, share_map) if save_status: logger.info('created sharelink: %s' % share_dict) break else: # ID Collision? logger.warning('could not create sharelink: %s' % save_msg) if save_status and vgrid_name: logger.debug("add vgrid sharelink pointer %s" % share_id) (add_status, add_msg) = vgrid_add_sharelinks(configuration, vgrid_name, [share_dict]) if not add_status: logger.error( "save vgrid sharelink pointer %s failed: %s " % (share_id, add_msg)) return (False, share_map) else: output_objects.append({ 'object_type': 'error_text', 'text': 'No such action %s' % action }) return (output_objects, returnvalues.CLIENT_ERROR) if not save_status: output_objects.append({ 'object_type': 'error_text', 'text': 'Error in %s share link %s: ' % (desc, share_id) + 'save updated share links failed!' }) return (output_objects, returnvalues.CLIENT_ERROR) output_objects.append({ 'object_type': 'text', 'text': '%sd share link %s on %s .' % (desc.title(), share_id, relative_path) }) if action in ['create', 'update']: sharelinks = [] share_item = build_sharelinkitem_object(configuration, share_dict) saved_id = share_item['share_id'] js_name = 'delete%s' % hexlify(saved_id) helper = html_post_helper(js_name, '%s.py' % target_op, { 'share_id': saved_id, 'action': 'delete', csrf_field: csrf_token }) output_objects.append({'object_type': 'html_form', 'text': helper}) share_item['delsharelink'] = { 'object_type': 'link', 'destination': "javascript: confirmDialog(%s, '%s');" % (js_name, 'Really remove %s?' % saved_id), 'class': 'removelink iconspace', 'title': 'Remove share link %s' % saved_id, 'text': '' } sharelinks.append(share_item) output_objects.append({ 'object_type': 'sharelinks', 'sharelinks': sharelinks }) if action == 'create': # NOTE: Leave editsharelink here for use in fileman overlay #del share_item['editsharelink'] output_objects.append({ 'object_type': 'html_form', 'text': '<br />' }) submit_button = '''<span> <input type=submit value="Send invitation(s)" /> </span>''' invite_html = invite_share_link_form(configuration, client_id, share_dict, 'html', submit_button, csrf_token) output_objects.append({ 'object_type': 'html_form', 'text': invite_html }) else: output_objects.append({ 'object_type': 'error_text', 'text': 'Invalid share link action: %s' % action }) return (output_objects, returnvalues.CLIENT_ERROR) output_objects.append({'object_type': 'html_form', 'text': '<br />'}) output_objects.append({ 'object_type': 'link', 'destination': 'sharelink.py', 'text': 'Return to share link overview' }) return (output_objects, returnvalues.OK)
transfer_dict['exit_code']) if transfer_dict['status'] == 'FAILED': transfer_error(configuration, client_id, status_msg) else: transfer_info(configuration, client_id, status_msg) notify = transfer_dict.get('notify', False) if notify: job_dict = { 'NOTIFY': [notify], 'JOB_ID': 'NOJOBID', 'USER_CERT': client_id } job_dict.update(transfer_dict) logger.info("notify for %(transfer_id)s: %(notify)s" % transfer_dict) notifier = notify_user_thread( job_dict, [transfer_id, job_dict['status'], status_msg], 'TRANSFERCOMPLETE', logger, '', configuration) # Try finishing delivery but do not block forever on one message notifier.join(30) logger.info("finished wrap run transfer %(transfer_id)s" % transfer_dict) def background_transfer(configuration, client_id, transfer_dict): """Run a transfer in the background so that it can block without stopping further transfer handling. """ transfer_id = transfer_dict['transfer_id'] worker = multiprocessing.Process(target=wrap_run_transfer, args=(configuration, client_id, transfer_dict)) worker.start()
def main(client_id, user_arguments_dict): """Main function used by front end""" (configuration, logger, output_objects, op_name) = \ initialize_main_variables(client_id, op_header=False) defaults = signature()[1] (validate_status, accepted) = validate_input_and_cert( user_arguments_dict, defaults, output_objects, client_id, configuration, allow_rejects=False, ) if not validate_status: return (accepted, returnvalues.CLIENT_ERROR) if not correct_handler('POST'): output_objects.append( {'object_type': 'error_text', 'text' : 'Only accepting POST requests to prevent unintended updates'}) return (output_objects, returnvalues.CLIENT_ERROR) title_entry = find_entry(output_objects, 'title') title_entry['text'] = '%s send request' % \ configuration.short_title output_objects.append({'object_type': 'header', 'text' : '%s send request' % \ configuration.short_title}) target_id = client_id vgrid_name = accepted['vgrid_name'][-1].strip() visible_user_name = accepted['cert_id'][-1].strip() visible_res_name = accepted['unique_resource_name'][-1].strip() request_type = accepted['request_type'][-1].strip().lower() request_text = accepted['request_text'][-1].strip() protocols = [proto.strip() for proto in accepted['protocol']] use_any = False if any_protocol in protocols: use_any = True protocols = configuration.notify_protocols protocols = [proto.lower() for proto in protocols] valid_request_types = ['resourceowner', 'resourceaccept', 'vgridowner', 'vgridmember','vgridresource', 'vgridaccept', 'plain'] if not request_type in valid_request_types: output_objects.append({ 'object_type': 'error_text', 'text' : '%s is not a valid request_type (valid types: %s)!' % (request_type.lower(), valid_request_types)}) return (output_objects, returnvalues.CLIENT_ERROR) if not protocols: output_objects.append({ 'object_type': 'error_text', 'text': 'No protocol specified!'}) return (output_objects, returnvalues.CLIENT_ERROR) user_map = get_user_map(configuration) reply_to = user_map[client_id][USERID] if request_type == "plain": if not visible_user_name: output_objects.append({ 'object_type': 'error_text', 'text': 'No user ID specified!'}) return (output_objects, returnvalues.CLIENT_ERROR) user_id = visible_user_name anon_map = anon_to_real_user_map(configuration.user_home) if anon_map.has_key(visible_user_name): user_id = anon_map[visible_user_name] if not user_map.has_key(user_id): output_objects.append({'object_type': 'error_text', 'text': 'No such user: %s' % \ visible_user_name }) return (output_objects, returnvalues.CLIENT_ERROR) target_name = user_id user_dict = user_map[user_id] allow_vgrids = user_allowed_vgrids(configuration, client_id) vgrids_allow_email = user_dict[CONF].get('VGRIDS_ALLOW_EMAIL', []) vgrids_allow_im = user_dict[CONF].get('VGRIDS_ALLOW_IM', []) if any_vgrid in vgrids_allow_email: email_vgrids = allow_vgrids else: email_vgrids = set(vgrids_allow_email).intersection(allow_vgrids) if any_vgrid in vgrids_allow_im: im_vgrids = allow_vgrids else: im_vgrids = set(vgrids_allow_im).intersection(allow_vgrids) if use_any: # Do not try disabled protocols if ANY was requested if not email_vgrids: protocols = [proto for proto in protocols \ if proto not in email_keyword_list] if not im_vgrids: protocols = [proto for proto in protocols \ if proto in email_keyword_list] if not email_vgrids and [proto for proto in protocols \ if proto in email_keyword_list]: output_objects.append({ 'object_type': 'error_text', 'text' : 'You are not allowed to send emails to %s!' % \ visible_user_name }) return (output_objects, returnvalues.CLIENT_ERROR) if not im_vgrids and [proto for proto in protocols \ if proto not in email_keyword_list]: output_objects.append({ 'object_type': 'error_text', 'text' : 'You are not allowed to send instant messages to %s!' % \ visible_user_name }) return (output_objects, returnvalues.CLIENT_ERROR) for proto in protocols: if not user_dict[CONF].get(proto.upper(), False): if use_any: # Remove missing protocols if ANY protocol was requested protocols = [i for i in protocols if i != proto] else: output_objects.append({ 'object_type': 'error_text', 'text' : 'User %s does not accept %s messages!' % \ (visible_user_name, proto) }) return (output_objects, returnvalues.CLIENT_ERROR) if not protocols: output_objects.append({ 'object_type': 'error_text', 'text': 'User %s does not accept requested protocol(s) messages!' % \ visible_user_name}) return (output_objects, returnvalues.CLIENT_ERROR) target_list = [user_id] elif request_type == "vgridaccept": # Always allow accept messages but only between vgrid members/owners user_id = visible_user_name if not vgrid_name: output_objects.append({ 'object_type': 'error_text', 'text': 'No vgrid_name specified!'}) return (output_objects, returnvalues.CLIENT_ERROR) if vgrid_name.upper() == default_vgrid.upper(): output_objects.append({ 'object_type': 'error_text', 'text' : 'No requests for %s are not allowed!' % \ default_vgrid }) return (output_objects, returnvalues.CLIENT_ERROR) if not vgrid_is_owner(vgrid_name, client_id, configuration): output_objects.append({ 'object_type': 'error_text', 'text' : 'You are not an owner of %s or a parent %s!' % \ (vgrid_name, configuration.site_vgrid_label)}) return (output_objects, returnvalues.CLIENT_ERROR) allow_vgrids = user_allowed_vgrids(configuration, client_id) if not vgrid_name in allow_vgrids: output_objects.append({ 'object_type': 'error_text', 'text': 'Invalid %s message! (%s sv %s)' % (request_type, user_id, allow_vgrids)}) return (output_objects, returnvalues.CLIENT_ERROR) target_id = '%s %s owners' % (vgrid_name, configuration.site_vgrid_label) target_name = vgrid_name target_list = [user_id] elif request_type == "resourceaccept": # Always allow accept messages between actual resource owners user_id = visible_user_name if not visible_res_name: output_objects.append({ 'object_type': 'error_text', 'text': 'No resource ID specified!'}) return (output_objects, returnvalues.CLIENT_ERROR) unique_resource_name = visible_res_name target_name = unique_resource_name res_map = get_resource_map(configuration) if not res_map.has_key(unique_resource_name): output_objects.append({'object_type': 'error_text', 'text': 'No such resource: %s' % \ unique_resource_name }) return (output_objects, returnvalues.CLIENT_ERROR) owners_list = res_map[unique_resource_name][OWNERS] if not client_id in owners_list or not user_id in owners_list: output_objects.append({ 'object_type': 'error_text', 'text' : 'Invalid resource owner accept message!'}) return (output_objects, returnvalues.CLIENT_ERROR) target_id = '%s resource owners' % unique_resource_name target_name = unique_resource_name target_list = [user_id] elif request_type == "resourceowner": if not visible_res_name: output_objects.append({ 'object_type': 'error_text', 'text': 'No resource ID specified!'}) return (output_objects, returnvalues.CLIENT_ERROR) unique_resource_name = visible_res_name anon_map = anon_to_real_res_map(configuration.resource_home) if anon_map.has_key(visible_res_name): unique_resource_name = anon_map[visible_res_name] target_name = unique_resource_name res_map = get_resource_map(configuration) if not res_map.has_key(unique_resource_name): output_objects.append({'object_type': 'error_text', 'text': 'No such resource: %s' % \ visible_res_name }) return (output_objects, returnvalues.CLIENT_ERROR) target_list = res_map[unique_resource_name][OWNERS] if client_id in target_list: output_objects.append({ 'object_type': 'error_text', 'text' : 'You are already an owner of %s!' % unique_resource_name }) return (output_objects, returnvalues.CLIENT_ERROR) elif request_type in ["vgridmember", "vgridowner", "vgridresource"]: unique_resource_name = visible_res_name if not vgrid_name: output_objects.append({ 'object_type': 'error_text', 'text': 'No vgrid_name specified!'}) return (output_objects, returnvalues.CLIENT_ERROR) # default vgrid is read-only if vgrid_name.upper() == default_vgrid.upper(): output_objects.append({ 'object_type': 'error_text', 'text' : 'No requests for %s are not allowed!' % \ default_vgrid }) return (output_objects, returnvalues.CLIENT_ERROR) # stop owner or member request if already an owner if request_type != 'vgridresource': if vgrid_is_owner(vgrid_name, client_id, configuration): output_objects.append({ 'object_type': 'error_text', 'text' : 'You are already an owner of %s or a parent %s!' % \ (vgrid_name, configuration.site_vgrid_label)}) return (output_objects, returnvalues.CLIENT_ERROR) # only ownership requests are allowed for existing members if request_type == 'vgridmember': if vgrid_is_member(vgrid_name, client_id, configuration): output_objects.append({ 'object_type': 'error_text', 'text' : 'You are already a member of %s or a parent %s.' % \ (vgrid_name, configuration.site_vgrid_label)}) return (output_objects, returnvalues.CLIENT_ERROR) # set target to resource and prevent repeated resource access requests if request_type == 'vgridresource': target_id = unique_resource_name if vgrid_is_resource(vgrid_name, unique_resource_name, configuration): output_objects.append({ 'object_type': 'error_text', 'text' : 'You already have access to %s or a parent %s.' % \ (vgrid_name, configuration.site_vgrid_label)}) return (output_objects, returnvalues.CLIENT_ERROR) # Find all VGrid owners target_name = vgrid_name (status, target_list) = vgrid_list(vgrid_name, 'owners', configuration) if not status: output_objects.append({ 'object_type': 'error_text', 'text' : 'Could not load list of current owners for %s %s!' % (vgrid_name, configuration.site_vgrid_label)}) return (output_objects, returnvalues.CLIENT_ERROR) else: output_objects.append({ 'object_type': 'error_text', 'text': 'Invalid request type: %s' % \ request_type}) return (output_objects, returnvalues.CLIENT_ERROR) # Now send request to all targets in turn # TODO: inform requestor if no owners have mail/IM set in their settings for target in target_list: # USER_CERT entry is destination notify = [] for proto in protocols: notify.append('%s: SETTINGS' % proto) job_dict = {'NOTIFY': notify, 'JOB_ID': 'NOJOBID', 'USER_CERT': target} notifier = notify_user_thread( job_dict, [target_id, target_name, request_type, request_text, reply_to], 'SENDREQUEST', logger, '', configuration, ) # Try finishing delivery but do not block forever on one message notifier.join(30) output_objects.append({'object_type': 'text', 'text': 'Sent %s message to %d people' % \ (request_type, len(target_list))}) output_objects.append({'object_type': 'text', 'text': """Please make sure you have notifications configured on your Setings page if you expect a reply to this message"""}) return (output_objects, returnvalues.OK)