def new_app():
form = request.json
target_dir = safe_join(FOLDER, form['name'])
if os.path.exists(target_dir):
if form['mode'] == 'new':
abort(500) # already validated client side
elif form['mode'] == 'replace':
shutil.rmtree(target_dir)
elif form['type'] != 'web' and not form['source'].endswith('.git'):
os.mkdir(target_dir)
assets_dir = os.path.join(os.path.dirname(web3py.__file__), 'assets')
source = None
if form['type'] == 'minimal':
source = os.path.join(assets_dir,'web3py.app._minimal.zip')
elif form['type'] == 'scaffold':
source = os.path.join(assets_dir,'web3py.app._scaffold.zip')
elif form['type'] == 'web':
source = form['source']
elif form['type'] == 'upload':
source_stream = io.BytesIO(base64.b64decode(form['file']))
else:
abort(500)
# TODO catch and report better errors below
if form['type'] == 'upload':
zip = zipfile.ZipFile(source_stream, 'r')
zip.extractall(target_dir)
zip.close()
elif not '://' in source: # install from a local asset (zip) file
zip = zipfile.ZipFile(source, 'r')
zip.extractall(target_dir)
zip.close()
elif source.endswith('.zip'): # install from the web (zip file)
res = requests.get(source)
mem_zip = io.BytesIO(res.content)
zipfile.ZipFile(mem_zip, 'r')
zip.extractall(target_dir)
zip.close()
elif source.endswith('.git'): # clone from a git repo
if subprocess.call(['git', 'clone', source, form['name']]):
abort(500)
else:
abort(400)
return {'status':'success'}
def on_request(self):
user = self.session.get('user')
if not user or not user.get('id'):
abort(403)
def delete(path):
"""deletes a file"""
fullpath = safe_join(FOLDER, path) or abort()
recursive_unlink(fullpath)
return {'status':'success'}
def save(path):
"""saves a file"""
path = safe_join(FOLDER, path) or abort()
with open(path, 'wb') as myfile:
myfile.write(request.body.read())
return {'status':'success'}
def load_bytes(path):
"""loads a binary file"""
path = safe_join(FOLDER, path) or abort()
return open(path,'rb').read()
def load(path):
"""loads a text file"""
path = safe_join(FOLDER, path) or abort()
content = open(path,'rb').read().decode('utf8')
return {'payload':content, 'status':'success'}
def abort_or_rediect(self, page):
if request.content_type == 'application/json':
abort(403)
redirect(URL(self.auth.route + page))
def action(self, path, method, get_vars, post_vars):
if path.startswith('plugin/'):
parts = path.split('/', 2)
plugin = self.plugins.get(parts[1])
if plugin:
return plugin.handle_request(self, parts[2], request.query,
request.json)
else:
abort(404)
if path.startswith('api/'):
data = {}
if method == 'GET':
user = self.get_user(safe=True)
if not user:
data = self._error('not authoried', 401)
if path == 'api/profile':
return {'user': user}
elif method == 'POST' and self.db:
vars = dict(post_vars)
user = self.get_user(safe=False)
if path == 'api/register':
data = self.register(vars, send=True).as_dict()
elif path == 'api/login':
# use PAM or LDAP
if 'pam' in self.plugins or 'ldap' in self.plugins:
# XXXX
username, password = vars.get('email'), vars.get(
'password')
if self.plugins['pam'].check_credentials(
username, password):
data = {
'username': username,
'email': username + '@localhost',
'sso_id': 'pam:' + username,
}
# and register the user if we have one, just in case
if self.db:
data = self.get_or_register_user(data)
else:
data = self._error('Invalid Credentials')
# else use normal login
else:
user, error = self.login(**vars)
if user:
self.session['user'] = {'id': user.id}
user = {
f.name: user[f.name]
for f in self.db.auth_user if f.readable
}
data = {'user': user}
else:
data = self._error(error)
elif path == 'api/request_reset_password':
if not self.request_reset_password(**vars):
data = self._error('invalid user')
elif path == 'api/reset_password':
if not self.reset_password(vars.get('token'),
vars.get('new_password')):
data = self._error('invalid token, request expired')
elif user and path == 'api/logout':
self.session['user'] = None
elif user and path == 'api/unsubscribe':
self.session['user'] = None
self.gdpr_unsubscribe(user, send=True)
elif user and path == 'api/change_password':
data = self.change_password(user, vars.get('new_password'),
vars.get('password'))
elif user and path == 'api/change_email':
data = self.change_email(user, vars.get('new_email'),
vars.get('password'))
elif user and path == 'api/update_profile':
data = self.update_profile(user, **vars)
else:
data = {'status': 'error', 'message': 'undefined'}
if not 'status' in data and data.get('errors'):
data.update(status='error',
message='validation errors',
code=401)
elif 'errors' in data and not data['errors']:
del data['errors']
data['status'] = data.get('status', 'success')
data['code'] = data.get('code', 200)
return data
elif path == 'logout':
self.session['user'] = None
# somehow call revoke for active plugin
elif path == 'verify_email' and self.db:
if self.verify_email(get_vars.get('token')):
redirect(URL('auth/email_verified'))
else:
redirect(URL('auth/token_expired'))
return Template('auth.html').transform({'path': path})