def list_clear_checked(name):
validate_list(name)
new_list = [x for x in get_list(name) if not x['is_checked']]
update_list(name, new_list)
redirect("/l/" + name)
def list_clear_checked(name):
validate_list(name)
new_list = [x for x in get_list(name) if not x['is_checked']]
update_list(name, new_list)
redirect("/l/" + name)
def list_bitcasa_files(base64="/"):
bitcasa_utils = BitcasaUtils()
client = bitcasa_utils.create_client()
if not client:
redirect("../auth")
else:
if not base64:
base64 = "/"
try:
folder = client.get_folder(base64)
except BitcasaException as e:
if bitcasa_utils.test_auth():
auth_name="View Files"
auth_url="/bitcasafilelister/files/"
msg = "You access token is stored locally. To retrieve base64 paths click view files below"
else:
auth_name="Login"
auth_url="/bitcasafilelister/auth/"
msg = "Your authentication token is either invalid or not set. Please set one by logging in. After authentication, you will also be able to view your files"
return template("bitcasafilelister", is_error=True, error_msg=e,
auth_url=auth_url, authorization_code="",
auth_name=auth_name, msg=msg)
parent_path = folder.path[:folder.path.rfind('/')]
if not parent_path:
parent_path = "/"
download_url = "https://developer.api.bitcasa.com/v1/files/"
return template("fileslist", folder=folder, access_token=client.access_token,
parent_path=parent_path, download_url=download_url, BitcasaFile=BitcasaFile)
def https_redirect(self):
'''Redirect incoming HTTPS requests to HTTPS'''
if not request.get_header('X-Forwarded-Proto', 'http') == 'https':
if request.url.startswith('http://'):
url = request.url.replace('http://', 'https://', 1)
code = 301 if self.permanent else 302
redirect(url, code=code)
def list_item_delete(name, index):
validate_list(name)
list_contents = get_list(name)
del list_contents[index]
update_list(name, list_contents)
redirect("/l/" + name)
def list_item_delete(name, index):
validate_list(name)
list_contents = get_list(name)
del list_contents[index]
update_list(name, list_contents)
redirect("/l/" + name)
def formhandler():
action = bottle.request.forms.get('action')
if action == 'START':
self.running = True
self.start_check()
else:
self.running = False
self.stop_check()
bottle.redirect('/')
def do_change_password(self):
old_pwd = request.forms.get('old_password')
new_pwd = request.forms.get('new_password_1')
new_pwd_2 = request.forms.get('new_password_2')
print("DEBUG: ", self.user, new_pwd)
if self.user and new_pwd == new_pwd_2:
self.db_engine.change_password(self.user, old_pwd, new_pwd)
redirect('/settings/change_password?success=1')
else:
redirect('/settings')
def addproject():
projectname = request.forms.get('projectname')
conn = db.getmysqlconn()
c=conn.cursor()
sql = "insert into project (projectname) values(%s)"
c.execute(sql,(projectname))
conn.commit()
c.close()
conn.close()
redirect('projectmanage')
def addproject():
projectname = request.forms.get('projectname')
conn = db.getmysqlconn()
c=conn.cursor()
sql = "insert into HNSJ_TDCMS_MENU (menuname,parent) values(%s,%s)"
c.execute(sql,(projectname,'-1'))
conn.commit()
c.close()
conn.close()
redirect('projectmanage')
def adduser():
username = request.forms.get('username')
password = request.forms.get('password')
conn= db.getmysqlconn()
c=conn.cursor()
sql="insert into HNSJ_TDCMS_USER (username,password) values(%s,%s) "
c.execute(sql,(username,dest(password.strip())))
conn.commit()
c.close()
conn.close()
redirect ('usermanage')
def adduser():
username = request.forms.get('username')
password = request.forms.get('password')
conn= db.getmysqlconn()
c=conn.cursor()
sql="insert into users (username,password) values('"+username+"','"+password+"') "
c.execute(sql)
conn.commit()
c.close()
conn.close()
redirect ('usermanage')
def do_userdel(self):
self._check_cookie()
user = request.forms.get('username')
passwd = request.forms.get('password')
userdel = request.forms.get('userdel')
if user == userdel:
redirect('/settings/userdel?result=self')
else:
if self.db_engine.delete_user(user, passwd, userdel):
print('redirecting')
redirect('/settings/userdel?result=del')
def delete_build_ui(project=None, branch=None, system=None, fsdate=None):
'''delete build using get interface'''
admin = True if request.environ.get('REMOTE_ADDR') == '127.0.0.1' else False
if not admin:
abort(403, 'You are not allowed to do this')
delete_build(project, branch, system, fsdate)
if is_json_request():
return 'OK!'
if build_exists(project, branch, system):
return redirect('/build/{}/{}/{}'.format(project, branch, system))
return redirect('/')
def list_delete():
name = request.forms.get('list_name', None).lower()
if name is None:
abort(400, "List name not specified")
all_lists = get_all_list_names()
if name not in all_lists:
abort(400, "List does not exists")
delete_list(name)
redirect("/")
def list_delete():
name = request.forms.get('list_name', None).lower()
if name is None:
abort(400, "List name not specified")
all_lists = get_all_list_names()
if name not in all_lists:
abort(400, "List does not exists")
delete_list(name)
redirect("/")
def search_recipes(query=None):
'''search recipes'''
if is_json_request():
return dump_json(RECIPEMANAGER.query_recipes('WHERE pkgname MATCH ? ORDER BY pkgname', (query,)))
results, matches, pages, options = search(RECIPEMANAGER.query_recipes, RECIPEMANAGER.query_recipes_count, 'WHERE pkgname MATCH ?', (query,))
if len(results) == 1:
return redirect('/recipe/{}'.format(results[0]['pkgname']))
elif not results:
users = USERMANAGER.query_users('WHERE name MATCH ? LIMIT 1', (query,))
if users:
return redirect('/user/{}/recipes'.format(users[0]['name']))
return template('results', title=_('Search'), user=None, results=results, pages=pages, matches=matches, options=options)
def adduser():
menuname = request.forms.get('menuname')
url = request.forms.get('url')
projectid = request.forms.get('projectid')
conn= db.getmysqlconn()
c=conn.cursor()
sql="insert into HNSJ_TDCMS_MENU (menuname,path,parent) values(%s,%s,%s) "
c.execute(sql,(menuname,url,projectid))
conn.commit()
c.close()
conn.close()
redirect ('menumanage')
def do_change_settings(self):
self._check_cookie()
conf = configparser.ConfigParser(allow_no_value=True)
conf.read('settings.ini')
conf['web_server']['session_expire_days'] = request.forms.get(
'session_expire_days')
conf['web_server']['page_size'] = request.forms.get('page_size')
conf['db_settings']['store_days'] = request.forms.get('store_days')
if self.user:
with open('settings.ini', 'w') as file:
conf.write(file)
self._read_settings()
redirect('/settings')
def reject_recipe_revision(pkgname=None, revision=None):
'''reject recipe revision'''
recipe = RECIPEMANAGER.get_revision(pkgname, revision)
if not recipe or not recipe.get('parent'):
abort(400, _('recipe and revision must exist'))
if not USER or USER['name'] != recipe['maintainer']:
abort(403)
RECIPEMANAGER.remove_revision(pkgname, recipe['revision'], remove_comments=True)
if is_json_request():
return status_json_ok()
if revision:
return redirect('/recipe/{}'.format(pkgname))
return redirect('/user/{}/recipes'.format(USER['name']))
def list_add():
name = request.forms.get('list_name', None).lower()
if name is None:
abort(400, "List name not specified")
all_lists = get_all_list_names()
if name in all_lists:
abort(400, "List already exists")
update_list(name, [])
redirect("/l/" + name)
def list_add():
name = request.forms.get('list_name', None).lower()
if name is None:
abort(400, "List name not specified")
all_lists = get_all_list_names()
if name in all_lists:
abort(400, "List already exists")
update_list(name, [])
redirect("/l/" + name)
def delete_comment_from_revision(pkgname=None, revision=None, cid=None):
'''delete comment from recipe revision'''
if revision:
recipe = RECIPEMANAGER.get_revision(pkgname, revision)
else:
recipe = RECIPEMANAGER.get_recipe(pkgname)
if not recipe:
abort(400, _('recipe and revision must exist'))
comment = RECIPEMANAGER.get_comment(pkgname, recipe['revision'], cid)
if not comment:
abort(400, _('comment must exist'))
if not USER or (USER['level'] < LEVELS['moderator'] and USER['name'] != comment['user']):
abort(403)
RECIPEMANAGER.remove_comment(pkgname, recipe['revision'], cid)
if revision:
return redirect('/recipe/{}/{}'.format(pkgname, revision))
return redirect('/recipe/{}'.format(pkgname))
def create_comment_for_revision(pkgname=None, revision=None):
'''create comment for recipe revision'''
comment = request.forms.get('comment')
if not comment:
abort(400, _('comment field must be provided'))
if revision:
recipe = RECIPEMANAGER.get_revision(pkgname, revision)
else:
recipe = RECIPEMANAGER.get_recipe(pkgname)
if not recipe:
abort(400, _('recipe and revision must exist'))
RECIPEMANAGER.create_comment(pkgname, recipe['revision'], USER['name'], comment)
if is_json_request():
return status_json_ok()
if revision:
return redirect('/recipe/{}/{}'.format(pkgname, revision))
return redirect('/recipe/{}'.format(pkgname))
def accept_recipe_revision(pkgname=None, revision=None):
'''reject recipe revision'''
recipe = RECIPEMANAGER.get_revision(pkgname, revision)
if not recipe or not recipe.get('parent'):
abort(400, _('recipe and revision must exist'))
if not USER or USER['name'] != recipe['maintainer']:
abort(403)
RECIPEMANAGER.accept_revision(pkgname, revision)
user = USERMANAGER.get_user(recipe['user'])
if user and user['level'] < LEVELS['contributor']:
user['level'] = LEVELS['contributor']
USERMANAGER.set_user(user['name'], user)
if is_json_request():
return status_json_ok()
if revision:
return redirect('/recipe/{}'.format(pkgname))
return redirect('/user/{}/recipes'.format(USER['name']))
def search_recipes_query():
'''redirect query syntaxed search to pretty syntax search'''
if is_json_request():
abort(400, _('use /search/<query> instead'))
query = request.query.get('q')
if not query:
return template('recipes', user=None, results=[])
return redirect('/search/{}'.format(query))
def delete_view():
entry_id = request.forms.entry_id
password = request.forms.password
entry = load_entry( entry_id)
if entry[0].password == password or master_password == password:
delete_entry( entry[0])
return redirect( "/")
def change_style(style=None):
'''change style'''
if style not in STYLES:
abort(404)
SESSION['style'] = style
SESSIONMANAGER.save(SESSION)
if is_json_request():
return status_json_ok()
return redirect(lastpage())
def change_language(lang=None):
'''change language'''
if lang not in TRANSLATIONS:
abort(404, _('Unfortunately we do not have translation for {} locale').format(lang))
SESSION['lang'] = lang
SESSIONMANAGER.save(SESSION)
if is_json_request():
return status_json_ok()
return redirect(lastpage())
def logout():
'''logout'''
USER['sessions'].remove(SESSION['sessionid'])
SESSION['name'] = ''
SESSION['valid'] = False
SESSIONMANAGER.save(SESSION)
if is_json_request():
return status_json_ok()
return redirect('/login')
def new_view():
title = request.forms.title
body = request.forms.body
name = request.forms.name
password = request.forms.password
save_entry( title, body, name, password)
return redirect( "/")
def user_account(user=None):
'''user account page'''
# pylint: disable=too-many-branches
if USER['name'] != user:
abort(403)
def gather_errors():
'''validate edit'''
errors = []
jsstr = js_translations('register')
email = request.forms.get('email')
password1 = request.forms.get('password')
password2 = request.forms.get('password_confirm')
if password1 != password2:
errors.append(jsstr['password_confirm'])
if not email or not re.match(r'[^@]+@[^@]+\.[^@]+', email):
errors.append(jsstr['email'])
if not errors:
if password1:
ret = USERMANAGER.get_user(user, SESSION['sessionid'], (password1, SESSION['CSRF']), email)
else:
ret = USERMANAGER.get_user(user, SESSION['sessionid'], email=email)
if not ret:
errors.append(_('Database error: Failed to create user into database'))
if password1:
logout()
return errors
if request.method == 'POST':
errors = gather_errors()
if not errors:
if is_json_request():
return status_json_ok()
return redirect('/user/{}/edit'.format(user))
else:
if is_json_request():
return dump_json({'status': 'fail', 'errors': errors})
return template('useredit', errors=errors)
if is_json_request():
sessions = []
key_filter = ['CSRF', 'valid']
for sid in USER.get('sessions'):
data = SESSIONMANAGER.get_session(sid)
if not data:
continue
for key in key_filter:
if key in data:
del data[key]
sessions.append(data)
return dump_json({'sessions': sessions})
return template('useredit', errors=[])
def wrapper(*args, **kwargs):
if verify(request.cookies.auth):
return method(*args, **kwargs)
elif verify(request.forms.auth):
return method(*args, **kwargs)
elif verify(request.query.auth):
return method(*args, **kwargs)
else:
# do login
return redirect("/login")
def wrapper(*args, **kwargs):
if verify(request.cookies.auth):
return method(*args, **kwargs)
elif verify(request.forms.auth):
return method(*args, **kwargs)
elif verify(request.query.auth):
return method(*args, **kwargs)
else:
# do login
return redirect("/login")
def delete_recipe_revision(pkgname=None, revision=None):
'''delete recipe revision'''
if revision:
recipe = RECIPEMANAGER.get_revision(pkgname, revision)
else:
recipe = RECIPEMANAGER.get_recipe(pkgname)
if not recipe:
abort(400, _('recipe and revision must exist'))
if not USER or (USER['level'] < LEVELS['moderator'] and USER['name'] != recipe['user']):
abort(403)
if revision:
RECIPEMANAGER.remove_revision(pkgname, recipe['revision'], remove_comments=True)
else:
RECIPEMANAGER.remove_recipe(pkgname, remove_revisions=True, remove_comments=True)
if is_json_request():
return status_json_ok()
if recipe.get('parent'):
return redirect('/recipe/{}'.format(pkgname))
return redirect('/user/{}/recipes'.format(USER['name']))
def index():
login_page = "login.html"
search_page = "search.html"
manage_page = "manage.html"
session = request.environ.get('beaker.session')
# セッション情報が残っていた場合
if session.get("user_id"):
# 最後にどこかのページに訪問していた場合、そのページに移る
if not session.get("last_stay_page"):
session["last_stay_page"] = search_page
session.save()
redirect(util.redirect_url(session["last_stay_page"]))
# 初回入場時
if request.method == "GET":
return jinja2_template(login_page)
user_id = request.forms.get('user_id', "")
user_password = request.forms.get('user_password', "")
# ログイン認証
if not user_id or not user_password:
return jinja2_template(
login_page,
user_id=user_id,
user_password=user_password,
attention=u'ユーザーIDまたはパスワードの入力漏れがあります',
)
if not user.User().confirm_user(user_id, user_password):
return jinja2_template(
login_page,
user_id=user_id,
user_password=user_password,
attention=u'ユーザーIDまたはパスワードに誤りがあります',
)
session["user_id"] = user_id
# 管理ユーザーのid, passwordが入力されたとき
if user_id == config.ADMIN_USER_INFO[
"id"] and user_password == config.ADMIN_USER_INFO["password"]:
session["last_stay_page"] = manage_page
# セッション切れのとき
elif not session.get("last_stay_page"):
session["last_stay_page"] = search_page
session.save()
return redirect(util.redirect_url(session["last_stay_page"]))
def list_update(name):
list_item_text = request.forms.get('list_item_text', None)
if list_item_text is None:
abort(400, "List item not specified")
validate_list(name)
new_item = {
"text": list_item_text,
"creation_date": datetime.datetime.now().isoformat(),
"is_checked": False
}
list_contents = get_list(name)
list_contents.append(new_item)
update_list(name, list_contents)
redirect("/l/" + name)
def abandon_recipe(pkgname=None):
'''abandon recipe'''
recipe = RECIPEMANAGER.get_recipe(pkgname)
if not recipe:
abort(400, _('recipe must exist'))
if not USER or USER['name'] != recipe['user']:
abort(403)
RECIPEMANAGER.set_maintainer(pkgname, '')
if is_json_request():
return status_json_ok()
return redirect('/recipe/{}'.format(pkgname))
def adopt_recipe(pkgname=None):
'''adopt recipe'''
recipe = RECIPEMANAGER.get_recipe(pkgname)
if not recipe:
abort(400, _('recipe must exist'))
if recipe['maintainer']:
abort(403, _('this recipe is not abadoned'))
RECIPEMANAGER.set_maintainer(pkgname, USER['name'])
if is_json_request():
return status_json_ok()
return redirect('/recipe/{}'.format(pkgname))
def list_update(name):
list_item_text = request.forms.get('list_item_text', None)
if list_item_text is None:
abort(400, "List item not specified")
validate_list(name)
new_item = {
"text": list_item_text,
"creation_date": datetime.datetime.now().isoformat(),
"is_checked": False
}
list_contents = get_list(name)
list_contents.append(new_item)
update_list(name, list_contents)
redirect("/l/" + name)
def do_useradd(self):
username = request.forms.get('username')
if self.user:
try:
if self.db_engine.add_user(username):
redirect('/settings/useradd?result=created')
else:
redirect('/settings/useradd?result=error')
except sqlite3.IntegrityError:
redirect('/settings/useradd?result=duplicate')
except sqlite3.OperationalError:
redirect('/settings/useradd?result=error')
else:
abort(401, 'You are not authorised')
def do_bitcasa_auth():
authorization_code = request.query.authorization_code
bitcasa_utils = BitcasaUtils()
client = bitcasa_utils.create_client(force=True, redirect_uri=utils.REDIRECT_URI)
auth_name="View Files"
auth_url="/bitcasafilelister/files/"
error_msg = ""
msg = "You access token is stored locally. To retrieve base64 paths click view files below"
if authorization_code:
try:
client.authenticate(authorization_code)
except BitcasaException:
auth_name="Login"
auth_url="/bitcasafilelister/auth"
is_error=True
error_msg = "Failed to authenticate access token %s" % authorization_code
msg = "Your authentication token is either invalid or not set. Please set one by logging in. After authentication, you will also be able to view your files"
log.exception(error_msg)
else:
is_error=False
error_msg = "Storing permanent token %s" % client.access_token
log.info(error_msg)
try:
with open(utils.BITCASA_TOKEN, "r") as tokenfile:
json_token = json.loads(tokenfile.read())
with open(utils.BITCASA_TOKEN, "w") as tokenfile:
json_token["bitcasa"]["TOKEN"] = client.access_token
tokenfile.write(json.dumps(json_token, indent=4))
except Exception as e:
auth_name="Login"
auth_url="/bitcasafilelister/auth"
is_error = True
error_msg = "Failed to save permanent token"
msg = "Your authentication token is either invalid or not set. Please set one by logging in. After authentication, you will also be able to view your files"
log.exception(error_msg)
return template("bitcasafilelister", is_error=is_error, error_msg=error_msg,
authorization_code=authorization_code, auth_url=auth_url,
auth_name=auth_name, msg=msg)
else:
redirect(client.login_url)
def login():
'''login page'''
# pylint: disable=too-many-return-statements
if USER:
if is_json_request():
return status_json_ok()
return redirect('/')
# regenerate CSRF token
if request.method == 'GET':
# pylint: disable=global-statement
global SESSION
SESSION = session.regenerate_csrf(SESSIONMANAGER)
def gather_errors():
'''validate login'''
username = request.forms.get('username')
password = request.forms.get('password')
if not USERMANAGER.test_password(username, password):
return [_('Invalid username or password')]
return []
if request.method == 'POST':
errors = gather_errors()
if not errors:
SESSION['valid'] = True
SESSION['name'] = request.forms.get('username')
SESSIONMANAGER.regenerate_session(SESSION)
if is_json_request():
return status_json_ok()
return redirect('/')
else:
if is_json_request():
return dump_json({'status': 'fail', 'errors': errors})
return template('login', errors=errors)
if is_json_request():
return abort(400, _('username and password fields missing as POST request'))
return template('login', errors=[])
def index():
login_page = "login.html"
util.reset_session()
return redirect(util.redirect_url(login_page))
def home():
""" Return Hello World at application root URL"""
prj = request.query.proj
print("home project /", prj)
redirect('/main?proj=%s' % prj)
def logout():
response.delete_cookie("auth", path="/")
return redirect("/login")
def login():
if verify(request.cookies.auth):
return redirect('/')
return template('login.html')