def doMethod(self, req, ob, method, url=''): "call the requested method, if permitted" # allow for .csv and other methods which have a dot extension # so the browser knows what to do method = method.replace(".", "_") # prevent browser from using cache # (note: could use Cache-control must-revalidate if this proves to # be not strong enough) # expired a year ago! req.request.setHeader('expires', httpDate(time.time() - (3600 * 24 * 365))) # check that function exists fn = getattr(ob, method, None) if fn is None: req.error = "unknown method %s" % method return self.doUnknown(req) # check user rights if req.user.is_guest() and \ (req.user.login_failure(req) or not self.guest_allowed(req, fn, ob)): # print ('USER X', req.user.is_guest(), req.user.login_failure(req), self.guest_allowed(req, fn, ob)) req.return_to = req.get_uri( ) # makes login return to the desired page return req.user.login(req) # check permits for this method, and do it! # give a hook for apps to add attributes to req at this point req.user.hook(req, ob, method, url) if req.user.can(fn): # print req.user.id, repr(req.request) try: # return the result of the function return fn(req) # except RecordNotFoundError, e: # #return req.user.error(req,str(e)) # return req.user.error(req, "record not found") except Exception as e: # describe an application error message print('============= TRACEBACK ================') sys.stderr.write(DATE().time() + '\n') print("ERRB", url, type(url)) try: sys.stderr.write(url + '\n') except: sys.stderr.write(url + b'\n') traceback.print_exc(file=sys.stderr) sys.stderr.write('%s\n' % e) print('============= END ================') send_error(ob, e, sys.exc_info()) # return req.user.error(req, # """application error # - please contact the system administrator""") raise return req.user.error(req, "error: %s" % e) else: req.error = "you do not have permission to access the requested page" req.return_to = req.get_uri( ) # makes login return to the desired page return req.user.login(req)
def set_cookie(self, id, data="", expires=None, domain=None, path="/", max_age=None, comment=None, secure=None): """set defaults, translate expires from seconds to http date, and call the twisted method""" when = expires and (httpDate(time.time() + expires, rfc='850')) or None self.request.addCookie(id, data, when, domain, path, expires or max_age, comment, secure)
def doFlatfile(self, req, name): ''' return flat file BEWARE: assumes that the file won't change for a week ''' # print ("flat file name >>>>>:", name) try: kind = name.rsplit('.', 1)[1].lower() mime = (kind == 'ico') and 'image/x-icon' or types_map.get('.'+kind) \ or 'text/plain' # don't know why '.ico' is missing from types-map... data = open(name, 'rb').read() req.request.setHeader('content-type', mime) # prevent browser from asking for image every page request # assumes won't change for a week! req.request.setHeader('expires', httpDate(time.time() + (3600 * 24 * 7))) return data except: raise req.request.setResponseCode(404, b"file not found") # we generally don't want a fancy rendered error page here return "file not found"