def confirm_permission():
"""Raises an exception if the user does not have permission to execute a statement"""
user = users.get_current_user()
nologin = NotLoggedInError('Hello! Please $login_link to use this console')
noadmin = NotAdminError(
'Please $logout_link, then log in as an administrator')
if util.is_production():
if not user:
raise nologin
else:
if config.allow_any_user or util.is_my_website():
pass # Do what the man says.
else:
if users.is_current_user_admin():
pass # Grant access to the admin.
else:
raise noadmin # Administrator access required in production mode
else:
if not config.require_login_during_development:
pass # Unrestricted access during development mode
else:
if user:
pass # Logged-in user allowed, even in development mode.
else:
raise nologin # Unlogged-in user not allowed in development mode
def confirm_permission():
"""Raises an exception if the user does not have permission to execute a statement"""
user = users.get_current_user()
nologin = NotLoggedInError('Hello! Please $login_link to use this console')
noadmin = NotAdminError('Please $logout_link, then log in as an administrator')
if util.is_production():
if not user:
raise nologin
else:
if config.allow_any_user or util.is_my_website():
pass # Do what the man says.
else:
if users.is_current_user_admin():
pass # Grant access to the admin.
else:
raise noadmin # Administrator access required in production mode
else:
if not config.require_login_during_development:
pass # Unrestricted access during development mode
else:
if user:
pass # Logged-in user allowed, even in development mode.
else:
raise nologin # Unlogged-in user not allowed in development mode
def confirmPostRate(self):
"""Make sure anybody using the site doesn't post too quickly and use up resources."""
if not util.is_my_website():
return
# Ideally, the REMOTE_ADDR combined with HTTP_X_FORWARDED_FOR reasonably identifies a unique user. But
# someone could just change their FORWARDED_FOR header all the time and get around this limit, so we
# just make everybody behind the same proxy suffer.
requester = os.environ.get("REMOTE_ADDR", "unknown")
# requester += ',' + os.environ.get('HTTP_X_FORWARDED_FOR', '')
# XXX: There is a small risk here since no distinction is made between "key does not exist"
# and "failed to increment key for some other reason.
numStatements = memcache.incr(requester)
if numStatements is None:
# Start a fresh timer to limit the statements.
result = memcache.add(requester, 1, 60) # 60-second timeout
if result == False:
logging.error("Failed to set memcache for: %s" % requester)
self.error(403)
raise HandlerError("Memcache error")
elif numStatements > self.PUBLIC_STATEMENT_LIMIT:
logging.info("Denying statement %d: %s" % (numStatements, username()))
raise TooFastError(
"Sorry, your statements are too frequent. Please wait one minute or consider ${download}."
)
def confirmPostRate(self):
"""Make sure anybody using the site doesn't post too quickly and use up resources."""
if not util.is_my_website():
return
# Ideally, the REMOTE_ADDR combined with HTTP_X_FORWARDED_FOR reasonably identifies a unique user. But
# someone could just change their FORWARDED_FOR header all the time and get around this limit, so we
# just make everybody behind the same proxy suffer.
requester = os.environ.get('REMOTE_ADDR', 'unknown')
#requester += ',' + os.environ.get('HTTP_X_FORWARDED_FOR', '')
# XXX: There is a small risk here since no distinction is made between "key does not exist"
# and "failed to increment key for some other reason.
numStatements = memcache.incr(requester)
if numStatements is None:
# Start a fresh timer to limit the statements.
result = memcache.add(requester, 1, 60) # 60-second timeout
if result == False:
logging.error('Failed to set memcache for: %s' % requester)
self.error(403)
raise HandlerError('Memcache error')
elif numStatements > self.PUBLIC_STATEMENT_LIMIT:
logging.info('Denying statement %d: %s' %
(numStatements, username()))
raise TooFastError(
'Sorry, your statements are too frequent. Please wait one minute or consider ${download}.'
)
def get(self):
# Set up the session. TODO: garbage collect old shell sessions
try:
confirm_permission()
except ConsoleError:
# No reason to use up space if the statements won't execute anyway
session_key = ''
else:
# Access granted.
session_key = self.request.get('session')
if session_key:
engine = model.AppEngineConsole.get(session_key)
else:
# Create a new session.
engine = model.AppEngineConsole()
engine.unpicklables = [db.Text(line) for line in INITIAL_UNPICKLABLES]
session_key = engine.put()
if util.is_my_website():
self.values['ratelimit'] = self.PUBLIC_STATEMENT_LIMIT
room = '%s-appengine-console' % self.appID
self.values['session'] = str(session_key)
self.values['settings'] = [
{'id':'session' , 'value':session_key , 'type':'hidden'},
{'id':'room' , 'value':room , 'type':'hidden'},
]
def get(self):
# Set up the session. TODO: garbage collect old shell sessions
try:
confirm_permission()
except ConsoleError:
# No reason to use up space if the statements won't execute anyway
session_key = ''
else:
# Access granted.
session_key = self.request.get('session')
if session_key:
engine = models.AppEngineConsole.get(session_key)
else:
# Create a new session.
engine = models.AppEngineConsole()
engine.unpicklables = [
db.Text(line) for line in INITIAL_UNPICKLABLES
]
session_key = engine.put()
if util.is_my_website():
self.values['ratelimit'] = self.PUBLIC_STATEMENT_LIMIT
"""
if config.pastebin_subdomain:
pastebin = 'http://%s.pastebin.com/' % config.pastebin_subdomain
else:
pastebin = 'http://pastebin.com'
"""
pastebin = 'http://jamtodaycdn.appspot.com/paste'
room = '%s-appengine-console' % self.appID
self.values['session'] = str(session_key)
self.values['settings'] = [
{
'id': 'session',
'value': session_key,
'type': 'hidden'
},
{
'id': 'room',
'value': room,
'type': 'hidden'
},
{
'id': 'pastebin',
'value': pastebin,
'type': 'hidden'
},
{
'id': 'highlight',
'options': ['Highlighting', 'No highlighting']
},
{
'id': 'teamwork',
'options': ['Flying Solo', 'Pastebin', 'Chatting']
},
]
def __init__(self, *args, **kw):
ConsoleHandler.__init__(self, *args, **kw)
self.do_get = self.get
self.get = self.wrap_get
myClass = re.search(r"<class '.*\.(.*)'",
str(self.__class__)).groups()[0]
self.page = myClass.lower()
path = os.environ['PATH_INFO']
self.values = {}
self.values['app'] = self.appID
self.values['path'] = path
self.values['admin'] = users.is_current_user_admin()
self.values['is_dev'] = util.is_dev()
self.values['log_in'] = users.create_login_url(path)
self.values['log_out'] = users.create_logout_url(path)
self.values['version'] = self.appVersion
self.values['subpages'] = self.subpages
self.values['controller'] = self.page.capitalize()
self.values['pages'] = [
{
'name': 'Console',
'href': '/console/'
},
{
'name': 'Dashboard',
'href': '/console/dashboard/'
},
{
'name': 'Help',
'href': '/console/help/'
},
]
if util.is_my_website():
self.values['my_website'] = True
self.values['app'] = 'App Engine Console'
self.values['version'] = re.sub(r'\.\d$', '',
self.values['version'])
match = re.search(r'^/console/%s/(.+)$' % self.page, path)
if match:
# Handle a sub-path which is within the main controller path (e.g. /help/something instead of just /help).
self.values['subpage'] = match.groups()[0]
else:
self.values['subpage'] = ''
if self.subpages:
# The default sub-page is the first one in the list.
self.values['subpage'] = self.subpages[0]
templateFile = '%s_%s.html' % (self.page, self.values['subpage'])
self.template = os.path.join(self.templates, templateFile)
def __init__(self, *args, **kw):
ConsoleHandler.__init__(self, *args, **kw)
self.do_get = self.get
self.get = self.wrap_get
myClass = re.search(r"<class '.*\.(.*)'", str(self.__class__)).groups()[0]
self.page = myClass.lower()
path = os.environ["PATH_INFO"]
self.values = {}
self.values["app"] = self.appID
self.values["path"] = path
self.values["admin"] = users.is_current_user_admin()
self.values["is_dev"] = util.is_dev()
self.values["log_in"] = users.create_login_url(path)
self.values["log_out"] = users.create_logout_url(path)
self.values["version"] = self.appVersion
self.values["subpages"] = self.subpages
self.values["controller"] = self.page.capitalize()
self.values["pages"] = [
{"name": "Console", "href": "/console/"},
{"name": "Dashboard", "href": "/console/dashboard/"},
{"name": "Help", "href": "/console/help/"},
]
if util.is_my_website():
self.values["my_website"] = True
self.values["app"] = "App Engine Console"
self.values["version"] = re.sub(r"\.\d$", "", self.values["version"])
match = re.search(r"^/console/%s/(.+)$" % self.page, path)
if match:
# Handle a sub-path which is within the main controller path (e.g. /help/something instead of just /help).
self.values["subpage"] = match.groups()[0]
else:
self.values["subpage"] = ""
if self.subpages:
# The default sub-page is the first one in the list.
self.values["subpage"] = self.subpages[0]
templateFile = "%s_%s.html" % (self.page, self.values["subpage"])
self.template = os.path.join(self.templates, templateFile)
def __init__(self, *args, **kw):
ConsoleHandler.__init__(self, *args, **kw)
self.do_get = self.get
self.get = self.wrap_get
myClass = re.search(r"<class '.*\.(.*)'", str(self.__class__)).groups()[0]
self.page = myClass.lower()
path = os.environ['PATH_INFO']
self.values = {}
self.values['app'] = self.appID
self.values['path'] = path
self.values['admin'] = users.is_current_user_admin()
self.values['is_dev'] = util.is_dev()
self.values['log_in'] = users.create_login_url(path)
self.values['log_out'] = users.create_logout_url(path)
self.values['version'] = self.appVersion
self.values['subpages'] = self.subpages
self.values['controller'] = self.page.capitalize()
self.values['pages'] = [ {'name':'Console' , 'href':'/console/'},
{'name':'Dashboard' , 'href':'/console/dashboard/'},
{'name':'Help' , 'href':'/console/help/'},
]
if util.is_my_website():
self.values['my_website'] = True
self.values['app'] = 'App Engine Console'
self.values['version'] = re.sub(r'\.\d$', '', self.values['version'])
match = re.search(r'^/console/%s/(.+)$' % self.page, path)
if match:
# Handle a sub-path which is within the main controller path (e.g. /help/something instead of just /help).
self.values['subpage'] = match.groups()[0]
else:
self.values['subpage'] = ''
if self.subpages:
# The default sub-page is the first one in the list.
self.values['subpage'] = self.subpages[0]
templateFile = '%s_%s.html' % (self.page, self.values['subpage'])
self.template = os.path.join(self.templates, templateFile)
def get(self):
# Set up the session. TODO: garbage collect old shell sessions
try:
confirm_permission()
except ConsoleError:
# No reason to use up space if the statements won't execute anyway
session_key = ''
else:
# Access granted.
session_key = self.request.get('session')
if session_key:
engine = models.AppEngineConsole.get(session_key)
else:
# Create a new session.
engine = models.AppEngineConsole()
engine.unpicklables = [db.Text(line) for line in INITIAL_UNPICKLABLES]
session_key = engine.put()
if util.is_my_website():
self.values['ratelimit'] = self.PUBLIC_STATEMENT_LIMIT
"""
if config.pastebin_subdomain:
pastebin = 'http://%s.pastebin.com/' % config.pastebin_subdomain
else:
pastebin = 'http://pastebin.com'
"""
pastebin = 'http://jamtodaycdn.appspot.com/paste'
room = '%s-appengine-console' % self.appID
self.values['session'] = str(session_key)
self.values['settings'] = [
{'id':'session' , 'value':session_key , 'type':'hidden'},
{'id':'room' , 'value':room , 'type':'hidden'},
{'id':'pastebin' , 'value':pastebin , 'type':'hidden'},
{'id':'highlight', 'options': ['Highlighting', 'No highlighting']},
{'id':'teamwork' , 'options': ['Flying Solo' , 'Pastebin', 'Chatting']},
]
def get(self):
# Set up the session. TODO: garbage collect old shell sessions
try:
confirm_permission()
except ConsoleError:
# No reason to use up space if the statements won't execute anyway
session_key = ""
else:
# Access granted.
session_key = self.request.get("session")
if session_key:
engine = model.AppEngineConsole.get(session_key)
else:
# Create a new session.
engine = model.AppEngineConsole()
engine.unpicklables = [db.Text(line) for line in INITIAL_UNPICKLABLES]
session_key = engine.put()
if util.is_my_website():
self.values["ratelimit"] = self.PUBLIC_STATEMENT_LIMIT
if config.pastebin_subdomain:
pastebin = "http://%s.pastebin.com/" % config.pastebin_subdomain
else:
pastebin = "http://pastebin.com"
room = "%s-appengine-console" % self.appID
self.values["session"] = str(session_key)
self.values["settings"] = [
{"id": "session", "value": session_key, "type": "hidden"},
{"id": "room", "value": room, "type": "hidden"},
{"id": "pastebin", "value": pastebin, "type": "hidden"},
{"id": "highlight", "options": ["Highlighting", "No highlighting"]},
{"id": "teamwork", "options": ["Flying Solo", "Pastebin", "Chatting"]},
]
def get(self):
if util.is_my_website():
self.redirect('/console/help/about')
else:
self.redirect('/console/')
self.done = True
def get(self):
if util.is_my_website():
self.redirect('/console/help/about')
else:
self.redirect('/console/')
self.done = True