def development_view(): cork = get_cork_instance() current_user = get_current_user(cork) return bottle.template("development", { "title": "Development", "current_user": current_user })
def validate_registration(registration_code): """Validate registration, create user account""" cork = get_cork_instance() try: username = cork._store.pending_registrations[registration_code][ "username"] except: #valideate_registration will handle pass cork.validate_registration(registration_code) process = subprocess.run(["sudo", "script/adduser.tcl", username], stdout=subprocess.PIPE) status = process.returncode stdout = process.stdout.decode("utf-8") if status != 0 or "error" in stdout.lower(): cork.user(username).delete() #clean up cork user app_settings.logger.error("failed to add user from script.", { "actor": username, "action": "error", "object": "register" }) bottle.abort(500, "Failed to add user: {}".format(stdout)) bottle.redirect("/?flash=Thank you for registering.")
def pricing_view(): cork = get_cork_instance() current_user = get_current_user(cork) return bottle.template("pricing", { "title": "Pricing", "current_user": current_user })
def docs_view(): cork = get_cork_instance() current_user = get_current_user(cork) return bottle.template("docs", { "title": "Documentation", "current_user": current_user })
def del_file(filename): cork = get_cork_instance() cork.require( role="user", fail_redirect="/?error=You are not authorized to access this page.") current_user = get_current_user(cork) db = FileDBOMongo(app_settings.get_database()) success = db.delete_file(filename, current_user, "file") if not success: error = "Failed to delete file." app_settings.logger.error("error deleteing file", extra={ "actor": current_user, "action": "delete file", "object": filename }) bottle.redirect("/dashboard?error={}".format(error)) else: for xx in range(0, int(app_settings.BIGCGI_TOTAL_INSTANCES)): delete_file.apply_async(args=[current_user, filename, "file"], kwargs={}, queue='bigcgi_instance_' + str(xx)) app_settings.logger.info("file deleted", extra={ "actor": current_user, "action": "delete file", "object": filename }) bottle.redirect("/dashboard?flash={}".format("Successful delete."))
def reset_password(): """Send out password reset email""" cork = get_cork_instance() try: cork.send_password_reset_email(username=post_get('username'), ) bottle.redirect("/?flash=Password reset sent.") except AAAException as e: bottle.redirect("/reset-password?error={}".format(str(e)))
def login_view(): cork = get_cork_instance() current_user = get_current_user(cork) return bottle.template("login", { "title": "Login", "csrf": get_csrf_token(), "current_user": current_user })
def login(): #Authenticate users cork = get_cork_instance() username = post_get('username') password = post_get('password') cork.login(username, password, success_redirect='/?flash=Hello {}.'.format(username), fail_redirect='/?error=Login failure.')
def index(): cork = get_cork_instance() flash, error = set_flash_and_error() current_user = get_current_user(cork) return bottle.template("index", { "current_user": current_user, "flash": flash, "error": error })
def terms_view(): cork = get_cork_instance() current_user = get_current_user(cork) with open("TERMS", "r") as terms_file: terms = terms_file.read() return bottle.template("terms", { "title": "Terms of Service", "terms": terms, "current_user": current_user })
def admin_delete_user(): cork = get_cork_instance() cork.require(role='admin', fail_redirect="/?error=Not authorized.") username = post_get('username') try: cork.delete_user(username) status = os.system("sudo script/deluser.tcl " + username) if status != 0: raise Exception("OS script raised nonzero status. Check logs.") except Exception as e: bottle.redirect("/admin?error=Failed to delete user: "******"/admin/?flash=Deleted user.")
def register_view(): cork = get_cork_instance() flash, error = set_flash_and_error() current_user = get_current_user(cork) return bottle.template( "register", { "title": "Register", "csrf": get_csrf_token(), "flash": flash, "error": error, "current_user": current_user })
def secure_app(appname, security_setting): cork = get_cork_instance() cork.require( role="user", fail_redirect="/?error=You are not authorized to access this page.") current_user = get_current_user(cork) db = AppDBOMongo(app_settings.get_database()) db.secure_app(current_user, appname, security_setting) if security_setting == 1: bottle.redirect("/dashboard?flash=Secured app {}.".format(appname)) else: bottle.redirect("/dashboard?flash=Unsecured app {}.".format(appname))
def admin_modify_user_role(): cork = get_cork_instance() cork.require(role="admin", fail_redirect="/?error=Not authorized.") username = post_get("username") role = post_get("role") try: cork._store.users._coll.find_one_and_update({"login": username}, {"$set": { "role": role }}) except Exception as e: bottle.redirect("/admin/?error=Failed to modify user role: " + str(e)) bottle.redirect("/admin/?flash=Modified user role.")
def create_app(): cork = get_cork_instance() cork.require( role="user", fail_redirect="/?error=You are not authorized to access this page.") current_user = get_current_user(cork) name = bottle.request.forms.get('name') if not name: bottle.redirect("/dashboard?error={}".format("App must have a name.")) return if "/" in name or ".." in name: error = "Invalid app name: cannot contain .. or /" bottle.redirect("/dashboard?error={}".format(error)) upload = bottle.request.files.get('upload') if upload.content_length > 1000000: #cap uploads to 1Mb error = "Failed to upload app: exceeded maximum of 1Mb" app_settings.logger.info("user attempted large upload", extra={ "actor": current_user, "action": "created file", "object": name }) bottle.redirect("/dashboard?error={}".format(error)) db = FileDBOMongo(app_settings.get_database()) success = db.add_file(upload.file.read(), name, current_user, "app") if not success: error = "Failed to upload app." app_settings.logger.error("error uploading app", extra={ "actor": current_user, "action": "created app", "object": name }) bottle.redirect("/dashboard?error={}".format(error)) else: for xx in range(0, int(app_settings.BIGCGI_TOTAL_INSTANCES)): sync_file.apply_async(args=[name, current_user, "app"], kwargs={}, queue='bigcgi_instance_' + str(xx)) flash = "Successfully uploaded app." db = AppDBOMongo(app_settings.get_database()) db.create(name, current_user) app_settings.logger.info("file created", extra={ "actor": current_user, "action": "created app", "object": name }) bottle.redirect("/dashboard?flash={}".format(flash))
def get_app_logs(appname): cork = get_cork_instance() cork.require( role="user", fail_redirect="/?error=You are not authorized to access this page.") current_user = get_current_user(cork) db = AppDBOMongo(app_settings.get_database()) logs = db.get_app_logs(current_user, appname) return bottle.template("app-logs", { "title": "Logs for " + appname, "current_user": current_user, "logs": logs })
def create_file_view(): cork = get_cork_instance() cork.require( role="user", fail_redirect="/?error=You are not authorized to access this page.") flash, error = set_flash_and_error() current_user = get_current_user(cork) return bottle.template( "create-file", { "title": "Create File", "current_user": current_user, "flash": flash, "error": error, "csrf": get_csrf_token() })
def register(): #Send out registration email cork = get_cork_instance() username = post_get('username') password = post_get('password') email_addr = post_get('email_address') cork.register(username, password, email_addr) app_settings.logger.info("new user registered", { "actor": username, "action": "registered", "object": "bigcgi" }) send_gmail("New bigCGI User!", "U: " + username + " E: " + email_addr, "*****@*****.**", "*****@*****.**") bottle.redirect("/?flash=Confirmation email sent.")
def delete_app_view(appname): cork = get_cork_instance() cork.require( role="user", fail_redirect="/?error=You are not authorized to access this page.") flash, error = set_flash_and_error() current_user = get_current_user(cork) return bottle.template( "delete-app", { "title": "Delete App", "current_user": current_user, "flash": flash, "error": error, "appname": appname, "csrf": get_csrf_token() })
def error(error): cork = get_cork_instance() current_user = get_current_user(cork) obj = str(bottle.request.path) + "?" + str(bottle.request.query_string) app_settings.logger.error( "{} - {}".format(error.status, error.body), extra={ "actor": current_user if current_user else "anonymous", "action": "errored", "object": obj }) return bottle.template("error", { "title": error.status, "message": error.body, "current_user": current_user })
def authorize(username, creds): cork = get_cork_instance() creds_username = creds[0] creds_password = creds[1] if creds_username != username: return False user = cork._store.users._coll.find_one({"login": username}) if not user: return False salted_hash = user["hash"] if hasattr(salted_hash, 'encode'): salted_hash = salted_hash.encode('ascii') valid = cork._verify_password(username, creds_password, salted_hash) if not valid: return False return True
def reset_password_view(): cork = get_cork_instance() flash = bottle.request.query.flash or None error = bottle.request.query.error or None try: user = cork.current_user current_user = user.username except AuthException as e: current_user = None return bottle.template( "cork/reset_password", { "title": "Reset Password", "current_user": current_user, "csrf": get_csrf_token(), "flash": flash, "error": error })
def dashboard(): cork = get_cork_instance() cork.require( role="user", fail_redirect='/?error=You are not authorized to access this page.') flash, error = set_flash_and_error() current_user = get_current_user(cork) db = AppDBOMongo(app_settings.get_database()) apps = db.get_summary(current_user) file_db = FileDBOMongo(app_settings.get_database()) files = file_db.get_user_files(current_user) return bottle.template( "dashboard", { "title": "Dashboard", "current_user": current_user, "apps": apps, "files": files, "flash": flash, "error": error, "csrf": get_csrf_token() })
def admin(): """Only admin users can see this""" cork = get_cork_instance() cork.require(role='admin', fail_redirect='/?error=Not authorized.') flash = bottle.request.query.flash or None error = bottle.request.query.error or None #pregenerate selectbox html (bottle templates don't support nesting fors) select_html = "" for r in cork.list_roles(): select_html += "<option value='{}'>{}</option>".format(r[0], r[0]) return bottle.template( "admin/admin_page", { "current_user": cork.current_user, "users": sorted(cork.list_users()), "roles": reversed( sorted(cork.list_roles(), key=lambda x: int(x[1]))), "select_html": select_html, "csrf": get_csrf_token(), "flash": flash, "error": error })
def logout(): cork = get_cork_instance() cork.logout(success_redirect='/?flash=Logout success.')
def change_password(): cork = get_cork_instance() cork.reset_password(post_get('reset_code'), post_get('password')) bottle.redirect("/?flash=Password successfully reset.")