def call_api(func, args=""):
add_json_header(response)
s = request.environ.get('beaker.session')
# Accepts standard http auth
auth = parse_auth(request.get_header('Authorization', ''))
if 'session' in request.POST or 'session' in request.GET:
# removes "' so it works on json strings
s = s.get_by_id(remove_chars(request.params.get('session'), "'\""))
elif auth:
user = PYLOAD.checkAuth(auth[0], auth[1],
request.environ.get('REMOTE_ADDR', None))
# if auth is correct create a pseudo session
if user: s = {'uid': user.uid}
api = get_user_api(s)
if not api:
return error(401, "Unauthorized")
if not PYLOAD.isAuthorized(func, api.user):
return error(403, "Forbidden")
if not hasattr(PYLOAD.EXTERNAL, func) or func.startswith("_"):
print "Invalid API call", func
return error(404, "Not Found")
# TODO: possible encoding
# TODO Better error codes on invalid input
args = [loads(unquote(arg)) for arg in args.split("/")[1:]]
kwargs = {}
# accepts body as json dict
if request.json:
kwargs = request.json
# file upload, reads whole file into memory
for name, f in request.files.iteritems():
kwargs["filename"] = f.filename
content = StringIO()
f.save(content)
kwargs[name] = content.getvalue()
content.close()
# convert arguments from json to obj separately
for x, y in request.params.iteritems():
try:
if not x or not y or x == "session": continue
kwargs[x] = loads(unquote(y))
except Exception, e:
# Unsupported input
msg = "Invalid Input %s, %s : %s" % (x, y, e.message)
print_exc()
print msg
return error(415, msg)
def call_api(func, args=""):
add_json_header(response)
s = request.environ.get('beaker.session')
# Accepts standard http auth
auth = parse_auth(request.get_header('Authorization', ''))
if 'session' in request.POST or 'session' in request.GET:
# removes "' so it works on json strings
s = s.get_by_id(remove_chars(request.params.get('session'), "'\""))
elif auth:
user = PYLOAD.checkAuth(auth[0], auth[1], request.environ.get('REMOTE_ADDR', None))
# if auth is correct create a pseudo session
if user: s = {'uid': user.uid}
api = get_user_api(s)
if not api:
return error(401, "Unauthorized")
if not PYLOAD.isAuthorized(func, api.user):
return error(403, "Forbidden")
if not hasattr(PYLOAD.EXTERNAL, func) or func.startswith("_"):
print "Invalid API call", func
return error(404, "Not Found")
# TODO: possible encoding
# TODO Better error codes on invalid input
args = [loads(unquote(arg)) for arg in args.split("/")[1:]]
kwargs = {}
# accepts body as json dict
if request.json:
kwargs = request.json
# file upload, reads whole file into memory
for name, f in request.files.iteritems():
kwargs["filename"] = f.filename
content = StringIO()
f.save(content)
kwargs[name] = content.getvalue()
content.close()
# convert arguments from json to obj separately
for x, y in request.params.iteritems():
try:
if not x or not y or x == "session": continue
kwargs[x] = loads(unquote(y))
except Exception, e:
# Unsupported input
msg = "Invalid Input %s, %s : %s" % (x, y, e.message)
print_exc()
print msg
return error(415, msg)
def overridePlugins(self):
excludedList = []
if self.plugintype == "hoster":
pluginMap = dict((name.lower(), name) for name in self.core.pluginManager.hosterPlugins.iterkeys())
accountList = [account.type.lower() for account in self.core.api.getAccounts(False) if account.valid and account.premium]
else:
pluginMap = {}
accountList = [name[::-1].replace("Folder"[::-1], "", 1).lower()[::-1] for name in self.core.pluginManager.crypterPlugins.iterkeys()]
for plugin in self.pluginsCached():
name = remove_chars(plugin, "-.")
if name in accountList:
excludedList.append(plugin)
else:
if name in pluginMap:
self.supported.append(pluginMap[name])
else:
self.new_supported.append(plugin)
if not self.supported and not self.new_supported:
self.logError(_("No %s loaded") % self.plugintype)
return
# inject plugin plugin
self.logDebug("Overwritten %ss: %s" % (self.plugintype, ", ".join(sorted(self.supported))))
for plugin in self.supported:
hdict = self.core.pluginManager.plugins[self.plugintype][plugin]
hdict['new_module'] = self.pluginmodule
hdict['new_name'] = self.pluginname
if excludedList:
self.logInfo(_("%ss not overwritten: %s") % (self.plugintype.capitalize(), ", ".join(sorted(excludedList))))
if self.new_supported:
plugins = sorted(self.new_supported)
self.logDebug("New %ss: %s" % (self.plugintype, ", ".join(plugins)))
# create new regexp
regexp = r'.*(?P<DOMAIN>%s).*' % "|".join(x.replace('.', '\.') for x in plugins)
if hasattr(self.pluginclass, "__pattern") and isinstance(self.pluginclass.__pattern, basestring) and '://' in self.pluginclass.__pattern:
regexp = r'%s|%s' % (self.pluginclass.__pattern, regexp)
self.logDebug("Regexp: %s" % regexp)
hdict = self.core.pluginManager.plugins[self.plugintype][self.pluginname]
hdict['pattern'] = regexp
hdict['re'] = re.compile(regexp)
def overridePlugins(self):
excludedList = []
if self.plugintype == "hoster":
pluginMap = dict((name.lower(), name) for name in self.core.pluginManager.hosterPlugins.iterkeys())
accountList = [account.type.lower() for account in self.core.api.getAccounts(False) if account.valid and account.premium]
else:
pluginMap = {}
accountList = [name[::-1].replace("Folder"[::-1], "", 1).lower()[::-1] for name in self.core.pluginManager.crypterPlugins.iterkeys()]
for plugin in self.pluginsCached():
name = remove_chars(plugin, "-.")
if name in accountList:
excludedList.append(plugin)
else:
if name in pluginMap:
self.supported.append(pluginMap[name])
else:
self.new_supported.append(plugin)
if not self.supported and not self.new_supported:
self.logError(_("No %s loaded") % self.plugintype)
return
# inject plugin plugin
self.logDebug("Overwritten %ss: %s" % (self.plugintype, ", ".join(sorted(self.supported))))
for plugin in self.supported:
hdict = self.core.pluginManager.plugins[self.plugintype][plugin]
hdict['new_module'] = self.pluginmodule
hdict['new_name'] = self.pluginname
if excludedList:
self.logInfo(_("%ss not overwritten: %s") % (self.plugintype.capitalize(), ", ".join(sorted(excludedList))))
if self.new_supported:
plugins = sorted(self.new_supported)
self.logDebug("New %ss: %s" % (self.plugintype, ", ".join(plugins)))
# create new regexp
regexp = r'.*(?P<DOMAIN>%s).*' % "|".join(x.replace('.', '\.') for x in plugins)
if hasattr(self.pluginclass, "__pattern") and isinstance(self.pluginclass.__pattern, basestring) and '://' in self.pluginclass.__pattern:
regexp = r'%s|%s' % (self.pluginclass.__pattern, regexp)
self.logDebug("Regexp: %s" % regexp)
hdict = self.core.pluginManager.plugins[self.plugintype][self.pluginname]
hdict['pattern'] = regexp
hdict['re'] = re.compile(regexp)
def call_api(func, args=""):
add_header(response)
s = request.environ.get("beaker.session")
# Accepts standard http auth
auth = parse_auth(request.get_header("Authorization", ""))
if "session" in request.POST or "session" in request.GET:
# removes "' so it works on json strings
s = s.get_by_id(remove_chars(request.params.get("session"), "'\""))
elif auth:
user = PYLOAD.checkAuth(auth[0], auth[1], request.environ.get("REMOTE_ADDR", None))
# if auth is correct create a pseudo session
if user:
s = {"uid": user.uid}
api = get_user_api(s)
if not api:
return HTTPError(401, dumps("Unauthorized"), **response.headers)
if not PYLOAD.isAuthorized(func, api.user):
return HTTPError(403, dumps("Forbidden"), **response.headers)
if not hasattr(PYLOAD.EXTERNAL, func) or func.startswith("_"):
print "Invalid API call", func
return HTTPError(404, dumps("Not Found"), **response.headers)
# TODO: possible encoding
# TODO Better error codes on invalid input
args = [loads(unquote(arg)) for arg in args.split("/")[1:]]
kwargs = {}
# accepts body as json dict
if request.json:
kwargs = request.json
# convert arguments from json to obj separately
for x, y in chain(request.GET.iteritems(), request.POST.iteritems()):
if not x or not y or x == "session":
continue
kwargs[x] = loads(unquote(y))
try:
result = getattr(api, func)(*args, **kwargs)
# null is invalid json response
if result is None:
result = True
return dumps(result)
except ExceptionObject, e:
return HTTPError(400, dumps(e), **response.headers)
def call_api(func, args=""):
add_header(response)
s = request.environ.get('beaker.session')
# Accepts standard http auth
auth = parse_auth(request.get_header('Authorization', ''))
if 'session' in request.POST or 'session' in request.GET:
# removes "' so it works on json strings
s = s.get_by_id(remove_chars(request.params.get('session'), "'\""))
elif auth:
user = PYLOAD.checkAuth(auth[0], auth[1],
request.environ.get('REMOTE_ADDR', None))
# if auth is correct create a pseudo session
if user: s = {'uid': user.uid}
api = get_user_api(s)
if not api:
return HTTPError(401, dumps("Unauthorized"), **response.headers)
if not PYLOAD.isAuthorized(func, api.user):
return HTTPError(403, dumps("Forbidden"), **response.headers)
if not hasattr(PYLOAD.EXTERNAL, func) or func.startswith("_"):
print "Invalid API call", func
return HTTPError(404, dumps("Not Found"), **response.headers)
# TODO: possible encoding
# TODO Better error codes on invalid input
args = [loads(unquote(arg)) for arg in args.split("/")[1:]]
kwargs = {}
# accepts body as json dict
if request.json:
kwargs = request.json
# convert arguments from json to obj separately
for x, y in chain(request.GET.iteritems(), request.POST.iteritems()):
if not x or not y or x == "session": continue
kwargs[x] = loads(unquote(y))
try:
result = getattr(api, func)(*args, **kwargs)
# null is invalid json response
if result is None: result = True
return dumps(result)
except ExceptionObject, e:
return HTTPError(400, dumps(e), **response.headers)
def parseHeader(self):
"""parse data from received header"""
for orgline in self.decodeResponse(self.header).splitlines():
line = orgline.strip().lower()
if line.startswith("accept-ranges") and "bytes" in line:
self.p.chunkSupport = True
if "content-disposition" in line:
m = search("filename(?P<type>=|\*=(?P<enc>.+)'')(?P<name>.*)", line)
if m:
name = remove_chars(m.groupdict()['name'], "\"';/").strip()
self.p._name = name
self.log.debug("Content-Disposition: %s" % name)
if not self.resume and line.startswith("content-length"):
self.p._size = int(line.split(":")[1])
self.headerParsed = True
def parseHeader(self):
"""parse data from received header"""
for orgline in self.decodeResponse(self.header).splitlines():
line = orgline.strip().lower()
if line.startswith("accept-ranges") and "bytes" in line:
self.p.chunkSupport = True
if "content-disposition" in line:
m = search("filename(?P<type>=|\*=(?P<enc>.+)'')(?P<name>.*)", line)
if m:
name = remove_chars(m.groupdict()['name'], "\"';/").strip()
self.p._name = name
self.log.debug("Content-Disposition: %s" % name)
if not self.resume and line.startswith("content-length"):
self.p.size = int(line.split(":")[1])
self.headerParsed = True
def downloadFile(self, pyfile):
url = pyfile.url
for i in range(5):
header = self.load(url, just_header=True)
# self.load does not raise a BadHeader on 404 responses, do it here
if 'code' in header and header['code'] == 404:
raise ResponseException(404)
if 'location' in header:
self.logDebug("Location: " + header['location'])
base = search(r'https?://[^/]+', url).group(0)
if header['location'].startswith("http"):
url = unquote(header['location'])
elif header['location'].startswith("/"):
url = base + unquote(header['location'])
else:
url = '%s/%s' % (base, unquote(header['location']))
else:
break
name = html_unescape(unquote(urlparse(url).path.split("/")[-1]))
if 'content-disposition' in header:
self.logDebug("Content-Disposition: " +
header['content-disposition'])
m = search("filename(?P<type>=|\*=(?P<enc>.+)'')(?P<name>.*)",
header['content-disposition'])
if m:
disp = m.groupdict()
self.logDebug(disp)
if not disp['enc']:
disp['enc'] = 'utf-8'
name = remove_chars(disp['name'], "\"';").strip()
name = unicode(unquote(name), disp['enc'])
if not name:
name = url
pyfile.name = name
self.logDebug("Filename: %s" % pyfile.name)
self.download(url, disposition=True)
def downloadFile(self, pyfile):
url = pyfile.url
for _ in xrange(5):
header = self.load(url, just_header=True)
# self.load does not raise a BadHeader on 404 responses, do it here
if "code" in header and header["code"] == 404:
raise ResponseException(404)
if "location" in header:
self.logDebug("Location: " + header["location"])
base = match(r"https?://[^/]+", url).group(0)
if header["location"].startswith("http"):
url = unquote(header["location"])
elif header["location"].startswith("/"):
url = base + unquote(header["location"])
else:
url = "%s/%s" % (base, unquote(header["location"]))
else:
break
name = html_unescape(unquote(urlparse(url).path.split("/")[-1]))
if "content-disposition" in header:
self.logDebug("Content-Disposition: " + header["content-disposition"])
m = search("filename(?P<type>=|\*=(?P<enc>.+)'')(?P<name>.*)", header["content-disposition"])
if m:
disp = m.groupdict()
self.logDebug(disp)
if not disp["enc"]:
disp["enc"] = "utf-8"
name = remove_chars(disp["name"], "\"';").strip()
name = unicode(unquote(name), disp["enc"])
if not name:
name = url
pyfile.name = name
self.logDebug("Filename: %s" % pyfile.name)
self.download(url, disposition=True)
def normalize(domain):
""" Normalize domain/plugin name, so they are comparable """
return remove_chars(domain.strip().lower(), "-.")
def normalize(domain):
""" Normalize domain/plugin name, so they are comparable """
return remove_chars(domain.strip().lower(), "-.")
