def __init__(self, request, content, repo, logged_in = False):
self.request = request
self.logged_in = logged_in
self.repo = repo
path, params, query, fragment = request.split_uri()
self.request_path = path
self.content = content
self.callers_idea_of_service = get_header(HOST_HEADER, request.header)
self.user_agent = get_header (USER_AGENT, request.header)
accepts = get_header(ACCEPTS_HEADER, request.header)
self.xml_request = accepts and (accepts.lower().strip() == "application/xml")
self.fp = None
self.request['Cache-Control'] = "no-store"
def is_logged_in (repo, request):
if not repo.has_password: return true
header_password = get_header(PASSWORD, request.header)
if header_password and repo.check_password(header_password):
return true
if check_cookie(request, repo):
return true
return false
def handle_request(self, request):
if request.command == 'post':
cl = default_handler.get_header(CONTENT_LENGTH, request.header)
ic = sample_input_collector(request, cl)
request.collector = ic
print request.header
return script_handler.script_handler.handle_request(self, request)
def add_last_modified_headers(request, repo):
request['X-UpLib-Repository-Last-Modified'] = http_date.build_http_date(repo.mod_time())
wants_doc_changes = get_header(DOC_CHANGES_SINCE_HEADER, request.header)
if wants_doc_changes:
try:
wants_doc_changes = float(wants_doc_changes.strip())
except:
pass
else:
docs = repo.get_touched_since(wants_doc_changes)
request['X-UpLib-Docs-Modified'] = str(wants_doc_changes) + ";" + ";".join(["%s,%s" % (doc.id, doc.touch_time()) for doc in docs])
def check_cookie(request, repo):
global MORSEL_KEY
try:
if not MORSEL_KEY:
MORSEL_KEY = "uplibnonce%d" % repo.secure_port()
cookiedata = get_header(COOKIE, request.header)
cookie = Cookie.BaseCookie(cookiedata)
morsel = cookie.get(MORSEL_KEY)
return morsel and repo.check_cookie(morsel.value)
except:
t, v, s = sys.exc_info()
note("error in check_cookie:\n%s\n", ''.join(traceback.format_exception(t, v, s)))
return false
def handle_data (self, request, dp):
# note(0, "handle_data: %s, dp is %s, command is %s", request, dp, request.command)
if type(dp) == type(types.FileType):
data = dp
elif isinstance(dp, SelfDeletingFileObject):
data = dp.open()
elif isinstance(dp, StringIO):
data = dp
if request.command == 'HEAD' and not (request.uri.endswith(".jnlp") or request.uri.endswith(".jar")):
# we don't do HEAD requests on /action methods, so send back 405
data.close()
request['Allow'] = "GET, POST"
request.reply_code = 405
request.done()
return
stat = true
try:
ct = get_header (CONTENT_TYPE, request.header)
if (ct and (ct.strip().startswith("multipart/form-data") or
ct.strip().startswith("application/x-www-form-urlencoded"))):
#note(5, "processing %s; headers are:\n%s\ndata is\n<%s>\n", ct, request.header, _read_and_reset(data))
form = request_to_field_dict(request, data, request.angel_action[2])
data.close()
data = None
else:
form = request_to_field_dict(request, None, request.angel_action[2])
# for key in form.keys():
# value = form[key]
# note(3, "field %s: <%s>", key, value[:min(50, len(value))])
stat = self.do_action(request, form, data)
if data:
data.close()
except:
info = sys.exc_info()
signal_python_exception(request, info)
if stat:
request.done()
def handle_request (self, request):
request['Server'] = "UpLib/%s" % self.version
request.version = '1.0' # stick with 1.0 for Medusa
if request.command not in self.valid_commands:
request.error (400) # bad request
return
self.hit_counter.increment()
# note(0, "request is %s (%s):\n%s", request.command, request.uri, request.header);
request.handler = "action"
try:
if not authorized(self.__repo__, request):
handler = authentication_handler()
# note(0, "not authorized")
else:
handler = self
except:
fakefile = StringIO()
traceback.print_exc(None, fakefile)
s = fakefile.getvalue()
fakefile.close()
request['Content-Type'] = "text/plain"
request['Content-Length'] = len(s)
request.reply_code = 500
request.push(s)
request.done()
return
# check for payload
query = request.angel_action[2]
cl = get_header (CONTENT_LENGTH, request.header)
if cl:
note(4, "content-length is %s", cl)
request.collector = data_collector (int(cl), request, handler)
# no terminator while receiving POST data
request.channel.set_terminator (None)
# don't respond yet, wait until we've received the data...
elif (handler != self):
output_login_page(request)
request.done()
elif request.command == 'HEAD' and not (request.uri.endswith(".jnlp") or request.uri.endswith(".jar")):
# we don't do HEAD requests on /action methods, so send back 405
# but allow head on .jnlp files
request['Allow'] = "GET, POST"
request.reply_code = 405
request.done()
return
else:
try:
if query:
# there's a query, so process it
dict = request_to_field_dict (request, None, request.angel_action[2])
if self.do_action(request, dict, None):
request.done()
else:
if self.do_action(request, None, None):
request.done()
except:
note("signalling exception in data-free request handler:\n%s", "".join(traceback.format_exception(*sys.exc_info())))
def handle_request (self, request):
request['Server'] = "UpLib/%s" % self.version
request.version = '1.0' # stick with 1.0 for Medusa
if request.uri == "/ping":
# too many things pinging us, turn off logging of ping
request.log = _ignore_request_logging
add_last_modified_headers(request, self.__repo__)
request.error(200)
return
elif request.uri == "/login":
handler = self
elif request.uri == "/favicon.ico":
handler = self
elif request.uri == "/html/signedreadup.jar":
handler = self
elif request.uri == "/html/images/ReadUpJWS.gif":
handler = self
else:
handler = error_handler(400)
self.hit_counter.increment()
cl = get_header (CONTENT_LENGTH, request.header)
if cl:
request.collector = data_collector (int(cl), request, handler)
request.channel.set_terminator (None)
# don't respond yet, wait until we've received the data...
elif request.uri == "/favicon.ico":
global FAVICON
if not FAVICON:
FAVICON = self.__repo__.get_favicon()
if FAVICON:
request.reply_code = 200
request["Content-Type"] = "image/vnd.microsoft.icon"
request["Content-Length"] = len(FAVICON)
request.push(FAVICON)
request.done()
else:
request.error(404)
elif request.uri == "/html/signedreadup.jar":
jarpath = os.path.join(self.__repo__.html_folder(), "signedreadup.jar")
# simplest way to do this is to create a response object
r = response(request, None, self.__repo__)
if not os.path.exists(jarpath):
request.error(404)
return
else:
r.return_file("application/x-java-archive", jarpath)
request.done()
elif request.uri == "/html/images/ReadUpJWS.gif":
imgpath = os.path.join(self.__repo__.html_folder(), "images", "ReadUpJWS.gif")
# simplest way to do this is to create a response object
r = response(request, None, self.__repo__)
if not os.path.exists(imgpath):
request.error(404)
return
else:
r.return_file("image/gif", imgpath)
request.done()
else:
request.error(400)
