Exemplo n.º 1
0
 def read(self, id):
     allowed = shift.isPublic(id)
     if not allowed:
         loggedInUser = helper.getLoggedInUser()
         if loggedInUser and shift.canRead(id, loggedInUser.get("_id")):
             return data(shift.read(id))
         else:
             return error("Operation not permitted. You don't have permission to view this shift.", PermissionError)
     else:
         return data(shift.read(id))
Exemplo n.º 2
0
 def comment(self, id):
     loggedInUser = helper.getLoggedInUser()
     jsonData = helper.getRequestBody()
     if jsonData != "":
         theData = json.loads(jsonData)
         if shift.canComment(id, loggedInUser["_id"]):
             theUser = user.readById(loggedInUser["_id"])
             theShift = shift.read(id)
             event.create({
                     "meta": "comment",
                     "objectRef": "shift:%s" % id,
                     "streamId": shift.commentStream(id),
                     "displayString": "%s just commented on your %s on %s" % (theUser["userName"], theShift["space"]["name"], theShift["href"]),
                     "createdBy": loggedInUser["_id"],
                     "content": {
                         "href": theShift["href"],
                         "domain": theShift["domain"],
                         "text": theData["text"]
                         }
                     })
             return ack
         else:
             return error("Operation not permitted. You don't have permission to comment on this shift.", PermissionError)
     else:
         return error("No data for comment.", NoDataError)
Exemplo n.º 3
0
 def unpublish(self, id):
     loggedInUser = helper.getLoggedInUser()
     theShift = shift.read(id)
     if loggedInUser and shift.canUnpublish(id, loggedInUser['_id']):
         shift.unpublish(id)
         return ack
     else:
         return error("Operation not permitted. You don't have permission to publish this shift.", PermissionError)
Exemplo n.º 4
0
 def publish(self, id):
     # NOTE: should mabye take publishData url parameter - David 9/5/2009
     loggedInUser = helper.getLoggedInUser()
     publishData = json.loads(helper.getRequestBody())
     theShift = shift.read(id)
     if loggedInUser and shift.canPublish(id, loggedInUser['_id']):
         shift.publish(id, publishData)
         return ack
     else:
         return error("Operation not permitted. You don't have permission to publish this shift.", PermissionError)
Exemplo n.º 5
0
    def proxy(self, id):
        """
        Serves the proxy. Takes a shift id and returns the original page
        where the shift was created, injects the required Javascript and CSS
        and recreates the shift. All scripts and onload handlers are removed
        from the original page to prevent interference with shift loading.
        """
        try:
            import models.shift as shift
            from urllib import FancyURLopener, urlcleanup
            from lxml.html import fromstring, tostring
            from linkprocessor import LinkProcessor
        except:
            return self.statusPage(status="err", details="proxy")
        
        class FancyOpener(FancyURLopener):
            version = "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.0.1) Gecko/2008070206 Firefox/3.0.1"
        pageopener = FancyOpener()
        
        theShift = shift.read(id)
        
        if theShift['type'] != 'shift':
            return self.statusPage(status="err", details="proxyperm")
        
        shiftId = theShift["_id"]
        space = theShift["space"]["name"]
        url = theShift["href"]
        created = theShift["created"]
        userName = theShift["userName"]
        
        # clear the urllib cache
        urlcleanup()
        page = pageopener.open(url)
        source = page.read()
        
        linkprocessor = LinkProcessor();
        
        linkprocessor.parse(source);
        linkprocessor.set_url(url)
        
        dom = linkprocessor.get_dom()
        [node.drop_tree() for node in dom.cssselect("script")]
        for node in dom.cssselect("*[onload]"):
            del node.attrib['onload']

        # load the space attributes
        fh = open(os.path.join("spaces", space, "attrs.json"))
        attrs = fh.read()
        fh.close()
        attrs = self.absolutify(json.loads(attrs))
        
        # load the scripts 
        source = tostring(dom)
        server = "http://localhost:%s" % serverport
        ctxt = {
            "server": server,
            "spacesDir": "/".join([server, "spaces"]),
            "shiftId": shiftId,
            "space": space,
            "shift": json.dumps(theShift),
            "attrs": json.dumps(attrs),
            }
        t = Template(filename="server/bootstrap.mako", lookup=lookup)
        source = source.replace("</head>", "%s</head>" % t.render(**ctxt))

        # load proxy message
        t = Template(filename="server/proxymessage.mako", lookup=lookup)
        ctxt = {
            "space": space,
            "href": url,
            "created": created,
            "userName": userName,
            }
        source = source.replace("</body>", "%s</body>" % t.render(**ctxt))
        return source