def doMethod(self, req, ob, method, url=''):
"call the requested method, if permitted"
# allow for .csv and other methods which have a dot extension
# so the browser knows what to do
method = method.replace(".", "_")
# prevent browser from using cache
# (note: could use Cache-control must-revalidate if this proves to
# be not strong enough)
# expired a year ago!
req.request.setHeader('expires',
httpDate(time.time() - (3600 * 24 * 365)))
# check that function exists
fn = getattr(ob, method, None)
if fn is None:
req.error = "unknown method %s" % method
return self.doUnknown(req)
# check user rights
if req.user.is_guest() and \
(req.user.login_failure(req) or not self.guest_allowed(req, fn, ob)):
# print ('USER X', req.user.is_guest(), req.user.login_failure(req), self.guest_allowed(req, fn, ob))
req.return_to = req.get_uri(
) # makes login return to the desired page
return req.user.login(req)
# check permits for this method, and do it!
# give a hook for apps to add attributes to req at this point
req.user.hook(req, ob, method, url)
if req.user.can(fn):
# print req.user.id, repr(req.request)
try: # return the result of the function
return fn(req)
# except RecordNotFoundError, e:
# #return req.user.error(req,str(e))
# return req.user.error(req, "record not found")
except Exception as e: # describe an application error message
print('============= TRACEBACK ================')
sys.stderr.write(DATE().time() + '\n')
print("ERRB", url, type(url))
try:
sys.stderr.write(url + '\n')
except:
sys.stderr.write(url + b'\n')
traceback.print_exc(file=sys.stderr)
sys.stderr.write('%s\n' % e)
print('============= END ================')
send_error(ob, e, sys.exc_info())
# return req.user.error(req,
# """application error
# - please contact the system administrator""")
raise
return req.user.error(req, "error: %s" % e)
else:
req.error = "you do not have permission to access the requested page"
req.return_to = req.get_uri(
) # makes login return to the desired page
return req.user.login(req)
def set_cookie(self,
id,
data="",
expires=None,
domain=None,
path="/",
max_age=None,
comment=None,
secure=None):
"""set defaults, translate expires from seconds to http date,
and call the twisted method"""
when = expires and (httpDate(time.time() + expires, rfc='850')) or None
self.request.addCookie(id, data, when, domain, path, expires
or max_age, comment, secure)
def set_cookie(self,
id,
data="",
expires=None,
domain=None,
path="/",
max_age=None,
comment=None,
secure=None):
"""set defaults, translate expires from seconds to http date,
and call the twisted method"""
when = expires and (httpDate(time.time() + expires, rfc='850')) or None
self.request.addCookie(id, data, when, domain, path, expires
or max_age, comment, secure)
def doFlatfile(self, req, name):
'''
return flat file
BEWARE: assumes that the file won't change for a week
'''
# print ("flat file name >>>>>:", name)
try:
kind = name.rsplit('.', 1)[1].lower()
mime = (kind == 'ico') and 'image/x-icon' or types_map.get('.'+kind) \
or 'text/plain' # don't know why '.ico' is missing from types-map...
data = open(name, 'rb').read()
req.request.setHeader('content-type', mime)
# prevent browser from asking for image every page request
# assumes won't change for a week!
req.request.setHeader('expires',
httpDate(time.time() + (3600 * 24 * 7)))
return data
except:
raise
req.request.setResponseCode(404, b"file not found")
# we generally don't want a fancy rendered error page here
return "file not found"