def sendmailUser_mask(req, id, err=0): v = getAdminStdVars(req) v["path"] = req.path[1:] if id in["execute", "execu"]: userid = req.params.get("userid") user = getUser(userid) if not user: path = req.path[1:].split("/") user = getExternalUser(userid, path[-1]) password = makeRandomPassword() user.resetPassword(password) text = req.params.get("text") text = text.replace("[wird eingesetzt]", password) try: mail.sendmail(req.params.get("from"), req.params.get("email"), req.params.get("subject"), text) except mail.SocketError: print "Socket error while sending mail" req.setStatus(httpstatus.HTTP_INTERNAL_SERVER_ERROR) return req.getTAL("web/admin/modules/user.html", v, macro="sendmailerror") return req.getTAL("web/admin/modules/user.html", v, macro="sendmaildone") user = getUser(id) if not user: path = req.path[1:].split("/") user = getExternalUser(id, path[-1]) collections = [] seen = {} access = acl.AccessData(user=user) for node in getAllCollections(): if access.hasReadAccess(node): if access.hasWriteAccess(node): collections.append(node.name + " (lesen/schreiben)") seen[node.id] = None for node in tree.getRoot("collections").getChildren(): if access.hasReadAccess(node) and node.id not in seen: collections.append(node.name + " (nur lesen)") x = {} x["name"] = "%s %s" % (user.getFirstName(), user.getLastName()) if(x["name"] == ""): x["name"] = user.getName() x["host"] = config.get("host.name") x["login"] = user.getName() x["isEditor"] = user.isEditor() x["collections"] = list() x["groups"] = user.getGroups() x["groups"].sort() x["language"] = lang(req) x["collections"] = collections x["collections"].sort() v["mailtext"] = req.getTAL("web/admin/modules/user.html", x, macro="emailtext").strip() v["email"] = user.getEmail() v["userid"] = user.getName() return req.getTAL("web/admin/modules/user.html", v, macro="sendmail")
def update_node(req, path, params, data, id): # get the user and verify the signature if params.get('user'): user = users.getUser(params.get('user')) userAccess = AccessData(user=user) if userAccess.user: valid = userAccess.verify_request_signature(req.fullpath, params) if not valid: userAccess = None else: userAccess = None else: user = users.getUser('Gast') userAccess = AccessData(user=user) node = tree.getNode(id) # check user access if userAccess and userAccess.hasAccess(node, "write"): pass else: s = "No Access" req.write(s) d = { 'status': 'fail', 'html_response_code': '403', 'errormessage': 'no access' } return d['html_response_code'], len(s), d node.name = params.get('name') metadata = json.loads(params.get('metadata')) # set provided metadata for key, value in metadata.iteritems(): node.set(u(key), u(value)) # service flags node.set("updateuser", user.getName()) node.set("updatetime", format_date()) node.setDirty() d = { 'status': 'OK', 'html_response_code': '200', 'build_response_end': time.time() } s = "OK" # we need to write in case of POST request, send as buffer wil not work req.write(s) req.reply_headers['updatetime'] = node.get('updatetime') return d['html_response_code'], len(s), d
def update_node(req, path, params, data, id): # get the user and verify the signature if params.get('user'): user = users.getUser(params.get('user')) userAccess = AccessData(user=user) if userAccess.user: valid = userAccess.verify_request_signature(req.fullpath, params) if not valid: userAccess = None else: userAccess = None else: user = users.getUser('Gast') userAccess = AccessData(user=user) node = tree.getNode(id) # check user access if userAccess and userAccess.hasAccess(node, "write"): pass else: s = "No Access" req.write(s) d = { 'status': 'fail', 'html_response_code': '403', 'errormessage': 'no access'} return d['html_response_code'], len(s), d node.name = params.get('name') metadata = json.loads(params.get('metadata')) # set provided metadata for key, value in metadata.iteritems(): node.set(u(key), u(value)) # service flags node.set("updateuser", user.getName()) node.set("updatetime", format_date()) node.setDirty() d = { 'status': 'OK', 'html_response_code': '200', 'build_response_end': time.time()} s = "OK" # we need to write in case of POST request, send as buffer wil not work req.write(s) req.reply_headers['updatetime'] = node.get('updatetime') return d['html_response_code'], len(s), d
def _get_node_owner(self, node): try: node_owner = getUser(node["creator"]) if node_owner: return node_owner except KeyError: pass try: node_owner = getUser(node["updateuser"]) if node_owner: return node_owner except KeyError: pass return None
def search_nodes(query, mapping_prefix='Z3950_search_'): """ Search nodes that match the query. 'query' is a tree of QueryBoolNode and QueryMatchNode objects. Query root nodes are configured by a naming convention. The names of mappings that starting with the given 'mapping_prefix' must end with a node ID, which is then used as root node for the search based on that field mapping. """ # find root nodes and their mappings roots_and_mappings = [] for mapping_node in mapping.getMappings(): name = mapping_node.getName() if not name.startswith(mapping_prefix): continue try: node_id = name[len(mapping_prefix):] roots_and_mappings.append((tree.getNode(node_id), mapping_node)) except tree.NoSuchNodeError: logg.error( "Configuration problem detected: Z39.50 search mapping '%s' found, " "but no matching root node with ID '%s'", name, node_id) if not roots_and_mappings: logg.info('no mappings configured, skipping search') return [] logg.debug('using mapping roots: %s', [(n1.id, n2.id) for (n1, n2) in roots_and_mappings]) # run one search per root node node_ids = [] guestaccess = acl.AccessData( user=users.getUser(config.get('user.guestuser'))) for root_node, mapping_node in roots_and_mappings: # map query fields to node attributes field_mapping = {} for field in mapping_node.getChildren(): field_mapping[field.getName()] = field.getDescription().split(';') # FIXME: this is redundant - why build an infix query string # just to parse it afterwards? query_string = query.build_query_string(field_mapping) if query_string is None: logg.info('unable to map query: [%r] using mapping %s', query, field_mapping) continue logg.info('executing query: %s', query_string) for n in root_node.search(query_string): if guestaccess.hasReadAccess(n): node_ids.append(n.id) #node_ids.append( root_node.search(query_string).getIDs() ) # use a round-robin algorithm to merge the separate query results # in order to produce maximally diverse results in the first hits # return merge_ids_as_round_robin(node_ids) return node_ids
def search_nodes(query, mapping_prefix='Z3950_search_'): """ Search nodes that match the query. 'query' is a tree of QueryBoolNode and QueryMatchNode objects. Query root nodes are configured by a naming convention. The names of mappings that starting with the given 'mapping_prefix' must end with a node ID, which is then used as root node for the search based on that field mapping. """ # find root nodes and their mappings roots_and_mappings = [] for mapping_node in mapping.getMappings(): name = mapping_node.getName() if not name.startswith(mapping_prefix): continue try: node_id = name[len(mapping_prefix):] roots_and_mappings.append((tree.getNode(node_id), mapping_node)) except tree.NoSuchNodeError: logg.error("Configuration problem detected: Z39.50 search mapping '%s' found, " "but no matching root node with ID '%s'", name, node_id) if not roots_and_mappings: logg.info('no mappings configured, skipping search') return [] logg.debug('using mapping roots: %s', [(n1.id, n2.id) for (n1, n2) in roots_and_mappings]) # run one search per root node node_ids = [] guestaccess = acl.AccessData(user=users.getUser(config.get('user.guestuser'))) for root_node, mapping_node in roots_and_mappings: # map query fields to node attributes field_mapping = {} for field in mapping_node.getChildren(): field_mapping[field.getName()] = field.getDescription().split(';') # FIXME: this is redundant - why build an infix query string # just to parse it afterwards? query_string = query.build_query_string(field_mapping) if query_string is None: logg.info('unable to map query: [%r] using mapping %s', query, field_mapping) continue logg.info('executing query: %s', query_string) for n in root_node.search(query_string): if guestaccess.hasReadAccess(n): node_ids.append(n.id) #node_ids.append( root_node.search(query_string).getIDs() ) # use a round-robin algorithm to merge the separate query results # in order to produce maximally diverse results in the first hits # return merge_ids_as_round_robin(node_ids) return node_ids
def getNodeListXMLForUser(node, readuser=None, exclude_filetypes=[], attribute_name_filter=None): if readuser: # only write child data if children_access_user has read access children_access = AccessData(user=users.getUser(readuser)) else: children_access = None wr = _StringWriter() wr.write('<nodelist exportversion="%s">\n' % getInformation()["version"]) node.writexml(wr, children_access=children_access, exclude_filetypes=exclude_filetypes, attribute_name_filter=attribute_name_filter) wr.write("</nodelist>\n") return wr.get()
def initSetList(req=None): global SET_LIST if req: access = acl.AccessData(req) else: import core.users as users access = acl.AccessData(user=users.getUser('Gast')) oaisets.loadGroups() SET_LIST = oaisets.GROUPS OUT('OAI: initSetList: found %s set groups: %s' % (len(SET_LIST), str(SET_LIST))) if DEBUG: timetable_update(req, "leaving initSetList")
def editUser_mask(req, id, err=0): ugroups = [] usertype = req.params.get("usertype", "intern") newuser = 0 if err == 0 and id == "": # new user user = tree.Node("", type="user") user.setOption("c") newuser = 1 elif err == 0 and id != "": # edit user if usertype == "intern": user = getUser(id) else: user = getExternalUser(id) else: # error while filling values option = "" for key in req.params.keys(): if key.startswith("option_"): option += key[7] for usergroup in req.params.get("usergroups", "").split(";"): ugroups += [usergroup] user = tree.Node("", type="user") user.setName(req.params.get("username", "")) user.setEmail(req.params.get("email", "")) user.setOption(option) user.setLastName(req.params.get("lastname", "")) user.setFirstName(req.params.get("firstname", "")) user.setTelephone(req.params.get("telephone", "")) user.setComment(req.params.get("comment", "")) user.setOrganisation(req.params.get("organisation", "")) v = getAdminStdVars(req) v["error"] = err v["user"] = user v["groups"] = loadGroupsFromDB() v["ugroups"] = ugroups v["useroption"] = useroption v["id"] = id v["usertype"] = usertype v["filtertype"] = req.params.get("filtertype", "") v["actpage"] = req.params.get("actpage") v["newuser"] = newuser v["usertypes"] = getExternalAuthentificators() return req.getTAL("web/admin/modules/user.html", v, macro="modify")
def getAccessRights(node): """ Get acccess rights for the public. The values returned descend from http://wiki.surffoundation.nl/display/standards/info-eu-repo/#info-eu-repo-AccessRights. This values are used by OpenAIRE portal. """ try: # if node.get('updatetime') is empty, the method parse_date would raise an exception l_date = parse_date(node.get('updatetime')) except: l_date = date.now() guestAccess = AccessData(user=users.getUser('Gast')) if date.now() < l_date: return "embargoedAccess" elif guestAccess.hasAccess(node, 'read'): if guestAccess.hasAccess(node, 'data'): return "openAccess" else: return "restrictedAccess" else: return "closedAccess"
def get_sheme(req, path, params, data, name): atime = starttime = time.time() r_timetable = [] userAccess = None # get the user and verify the signature if params.get('user'): # user=users.getUser(params.get('user')) #userAccess = AccessData(user=user) _user = users.getUser(params.get('user')) if not _user: # user of dynamic class dummyuser: # dummy user class def getGroups(self): # return all groups with given dynamic user return [g.name for g in tree.getRoot('usergroups').getChildren() if g.get( 'allow_dynamic') == '1' and params.get('user') in g.get('dynamic_users')] def getName(self): return params.get('user') def getDirID(self): # unique identifier return params.get('user') def isAdmin(self): return 0 _user = dummyuser() userAccess = AccessData(user=_user) if userAccess.user is not None: valid = userAccess.verify_request_signature(req.fullpath, params) if not valid: userAccess = None else: userAccess = None if userAccess is None: d = {} d['status'] = 'fail' d['html_response_code'] = '403' # denied return d['html_response_code'], 0, d d = {} d['timetable'] = [] d['status'] = 'ok' d['html_response_code'] = '200' # ok d['build_response_end'] = time.time() if r_timetable: d['timetable'] = r_timetable[:] if name.endswith('/'): name = name[:-1] s = exportMetaScheme(name) def compressForDeflate(s): import gzip return gzip.zlib.compress(s, 9) def compressForGzip(s): import cStringIO import gzip buffer = cStringIO.StringIO() gzfile = gzip.GzipFile(mode='wb', fileobj=buffer, compresslevel=9) gzfile.write(s) gzfile.close() return buffer.getvalue() if 'deflate' in req.params: size_uncompressed = len(s) compressed_s = compressForDeflate(s) s = compressed_s size_compressed = len(s) try: percentage = 100.0 * size_compressed / size_uncompressed except: percentage = 100.0 req.reply_headers['Content-Encoding'] = "deflate" d['timetable'].append(["'deflate' in request: executed compressForDeflate(s), %d bytes -> %d bytes (compressed to: %.1f %%)" % (size_uncompressed, size_compressed, percentage), time.time() - atime]) atime = time.time() elif 'gzip' in req.params: size_uncompressed = len(s) compressed_s = compressForGzip(s) s = compressed_s size_compressed = len(s) try: percentage = 100.0 * size_compressed / size_uncompressed except: percentage = 100.0 req.reply_headers['Content-Encoding'] = "gzip" d['timetable'].append(["'gzip' in request: executed compressForGzip(s), %d bytes -> %d bytes (compressed to: %.1f %%)" % (size_uncompressed, size_compressed, percentage), time.time() - atime]) atime = time.time() mimetype = 'text/html' req.reply_headers['Content-Type'] = "text/xml; charset=utf-8" req.reply_headers['Content-Length'] = len(s) req.sendAsBuffer(s, mimetype, force=1) d['timetable'].append(["executed req.sendAsBuffer, %d bytes, mimetype='%s'" % (len(s), mimetype), time.time() - atime]) atime = time.time() return d['html_response_code'], len(s), d
import time import logging import core.tree as tree import core.users as users from core import config from core.acl import AccessData from schema.schema import exportMetaScheme from utils.utils import getMimeType from web.services.cache import Cache logger = logging.getLogger('services') host = "http://" + config.get("host.name") guestAccess = AccessData(user=users.getUser('Gast')) collections = tree.getRoot('collections') FILTERCACHE_NODECOUNT_THRESHOLD = 2000000 filtercache = Cache(maxcount=10, verbose=True) searchcache = Cache(maxcount=10, verbose=True) resultcache = Cache(maxcount=25, verbose=True) SEND_TIMETABLE = False def get_sheme(req, path, params, data, name): atime = starttime = time.time()
def sendmailUser_mask(req, id, err=0): v = getAdminStdVars(req) v["path"] = req.path[1:] if id in ["execute", "execu"]: userid = req.params.get("userid") user = getUser(userid) if not user: path = req.path[1:].split("/") user = getExternalUser(userid, path[-1]) password = makeRandomPassword() user.resetPassword(password) text = req.params.get("text") text = text.replace("[wird eingesetzt]", password) try: mail.sendmail(req.params.get("from"), req.params.get("email"), req.params.get("subject"), text) except mail.SocketError: print "Socket error while sending mail" req.setStatus(httpstatus.HTTP_INTERNAL_SERVER_ERROR) return req.getTAL("web/admin/modules/user.html", v, macro="sendmailerror") return req.getTAL("web/admin/modules/user.html", v, macro="sendmaildone") user = getUser(id) if not user: path = req.path[1:].split("/") user = getExternalUser(id, path[-1]) collections = [] seen = {} access = acl.AccessData(user=user) for node in getAllCollections(): if access.hasReadAccess(node): if access.hasWriteAccess(node): collections.append(node.name + " (lesen/schreiben)") seen[node.id] = None for node in tree.getRoot("collections").getChildren(): if access.hasReadAccess(node) and node.id not in seen: collections.append(node.name + " (nur lesen)") x = {} x["name"] = "%s %s" % (user.getFirstName(), user.getLastName()) if (x["name"] == ""): x["name"] = user.getName() x["host"] = config.get("host.name") x["login"] = user.getName() x["isEditor"] = user.isEditor() x["collections"] = list() x["groups"] = user.getGroups() x["groups"].sort() x["language"] = lang(req) x["collections"] = collections x["collections"].sort() v["mailtext"] = req.getTAL("web/admin/modules/user.html", x, macro="emailtext").strip() v["email"] = user.getEmail() v["userid"] = user.getName() return req.getTAL("web/admin/modules/user.html", v, macro="sendmail")
import os import time import logging import core.tree as tree import core.users as users from core import config from core.acl import AccessData from schema.schema import exportMetaScheme from utils.utils import getMimeType from web.services.cache import Cache logger = logging.getLogger('services') host = "http://" + config.get("host.name") guestAccess = AccessData(user=users.getUser('Gast')) collections = tree.getRoot('collections') FILTERCACHE_NODECOUNT_THRESHOLD = 2000000 filtercache = Cache(maxcount=10, verbose=True) searchcache = Cache(maxcount=10, verbose=True) resultcache = Cache(maxcount=25, verbose=True) SEND_TIMETABLE = False def get_sheme(req, path, params, data, name): atime = starttime = time.time() r_timetable = []
def getRootAccess(): return AccessData(user=users.getUser(config.get('user.adminuser', 'Administrator')))
def validate(req, op): """standard validator""" try: if "style" in req.params: req.write(view(req)) return "" for key in req.params.keys(): if key.startswith("new"): # create new user return editUser_mask(req, "") elif key.startswith("edit_"): # edit user return editUser_mask(req, str(key[key.index("_") + 1:-2])) elif key.startswith("sendmail_") and req.params.get("form_op", "") != "cancel": # send email return sendmailUser_mask(req, str(key[key.index("_") + 1:-2])) elif key.startswith("delete_"): # delete user user_from_request = users.getUserFromRequest(req) username_from_form = key[7:-2] dyn_auths = getDynamicUserAuthenticators() isDynamic = False for dyn_auth in dyn_auths: if username_from_form.startswith(dyn_auth + "|"): isDynamic = (username_from_form, dyn_auth) break if isDynamic: log.info("%r is requesting logout of dynamic user %r (%r)" % (user_from_request.getName(), isDynamic[0], isDynamic[1])) deleteUser(isDynamic[0], isDynamic[1]) else: usertype = req.params.get("usertype", "intern") usernode = getUser(key[7:-2]) if not usertype.strip(): usertype = usernode.getUserType() if usertype == 'users': # function deleteUser expects usertype='intern' # for children if root->users, but getUserType() # returns 'users' for those usertype = 'intern' log.info("%r is requesting deletion of user %r (%r, %r)" % (user_from_request.getName(), usernode.name, usernode.id, usertype)) deleteUser(usernode, usertype=usertype) del_index = users_cache.index(usernode) del users_cache[del_index] searchterm_was = req.params.get("searchterm_was", "") if searchterm_was: req.params['action'] = 'search' req.params['searchterm'] = searchterm_was req.params['use_macro'] = 'view' req.params['execute_search'] = searchterm_was break elif key.startswith("tointern_"): moveUserToIntern(key[9:-2]) break elif key.startswith("reset_"): # reset password if req.params["change_passwd"] != "": getUser(key[6:-2]).resetPassword(req.params["change_passwd"]) else: getUser(key[6:-2]).resetPassword(config.settings["user.passwd"]) break if "form_op" in req.params.keys(): _option = "" for key in req.params.keys(): if key.startswith("option_"): _option += key[7] if req.params.get("form_op") == "save_new": # save user values if req.params.get("username", "") == "" or req.params.get("usergroups", "") == "" or req.params.get("email", "") == "": return editUser_mask(req, "", 1) # no username or group selected elif existUser(req.params.get("username")): return editUser_mask(req, "", 2) # user still existing else: create_user( req.params.get("username"), req.params.get("email"), req.params.get("usergroups").replace( ";", ","), pwd=req.params.get( "password", ""), lastname=req.params.get( "lastname", ""), firstname=req.params.get("firstname"), telephone=req.params.get("telephone"), comment=req.params.get("comment"), option=_option, organisation=req.params.get( "organisation", ""), identificator=req.params.get( "identificator", ""), type=req.params.get( "usertype", "intern")) elif req.params["form_op"] == "save_edit": # update user if req.params.get("email", "") == "" or req.params.get("username", "") == "" or req.params.get("usergroups", "") == "": return editUser_mask(req, req.params.get("id"), 1) # no username, email or group selected else: update_user( req.params.get( "id", 0), req.params.get( "username", ""), req.params.get( "email", ""), req.params.get( "usergroups", "").replace( ";", ","), lastname=req.params.get("lastname"), firstname=req.params.get("firstname"), telephone=req.params.get("telephone"), comment=req.params.get("comment"), option=_option, organisation=req.params.get( "organisation", ""), identificator=req.params.get( "identificator", ""), type=req.params.get( "usertype", "intern")) flush_users_cache() return view(req) except: print "Warning: couldn't load module for type", type print sys.exc_info()[0], sys.exc_info()[1] traceback.print_tb(sys.exc_info()[2])
def create(): """ Creates the sitemap files and the sitemap index files which are located at /web/root/ """ logging.getLogger('everything').info( 'Creating Sitemaps and Sitemap Index...') base_dir = os.path.abspath( os.path.join(os.path.dirname(__file__), os.pardir)) hostname = config.get('host.name') root = tree.getRoot('collections') all_nodes = root.getAllChildren() user = users.getUser('Gast') access = acl.AccessData(user=user) sitemaps = [] node_dict = { 'collection': [], 'directory': [], 'document': [], 'dissertation': [], 'image': [], 'video': [], 'audio': [], } for node in all_nodes: # Arkitekt had a guest field that is actually not visible if access.hasAccess(node, 'read'): for node_type in node_dict.keys(): if node_type in tree.getNode(node.id).type: node_dict[node_type].append( (node.id, tree.getNode(node.id).get('updatetime'))) # Reassign node_dict to a dict where empty values were removed node_dict = dict((k, v) for k, v in node_dict.iteritems() if v) # Sitemap can have at most 50k entries for key in node_dict.keys(): if key in ('dissertation', 'document', 'image'): priority_level = '1.0' elif key == 'videos': priority_level = '0.8' else: priority_level = '0.5' # Create multiple sitemaps for node lists > 50k if len(node_dict[key]) > 50000: partitions = int(ceil((len(node_dict[key]) / 50000.))) for partition_number in range(partitions): sitemap = Sitemap( base_dir, ''.join( ['sitemap-', str(key), str(partition_number), '.xml']), hostname) sitemaps.append(sitemap.name) sitemap.create_sitemap( node_dict[key][partition_number * 50000:(partition_number + 1) * 50000], priority_level) else: sitemap = Sitemap(base_dir, ''.join(['sitemap-', key, '.xml']), hostname) sitemaps.append(sitemap.name) sitemap.create_sitemap(node_dict[key], priority_level) siteindex = SitemapIndex(base_dir, 'sitemap-index.xml', hostname) now = '+'.join( [datetime.datetime.now().strftime('%Y-%m-%dT%H:%M:%S'), '02:00']) siteindex.create_sitemap_index(sitemaps, now) logging.getLogger('everything').info( 'Generation of Sitemaps and SitemapIndex Complete')
def upload_new_node(req, path, params, data): try: uploadfile = params['data'] del params['data'] except KeyError: uploadfile = None # get the user and verify the signature if params.get('user'): # user=users.getUser(params.get('user')) #userAccess = AccessData(user=user) _user = users.getUser(params.get('user')) if not _user: # user of dynamic class dummyuser: # dummy user class # return all groups with given dynamic user def getGroups(self): return [ g.name for g in tree.getRoot('usergroups').getChildren() if g.get('allow_dynamic') == '1' and params.get('user') in g.get('dynamic_users') ] def getName(self): return params.get('user') def getDirID(self): # unique identifier return params.get('user') def isAdmin(self): return 0 _user = dummyuser() userAccess = AccessData(user=_user) if userAccess.user: user = userAccess.user if not userAccess.verify_request_signature(req.fullpath + '?', params): userAccess = None else: userAccess = None else: user = users.getUser(config.get('user.guestuser')) userAccess = AccessData(user=user) parent = tree.getNode(params.get('parent')) # check user access if userAccess and userAccess.hasAccess(parent, "write"): pass else: s = "No Access" req.write(s) d = { 'status': 'fail', 'html_response_code': '403', 'errormessage': 'no access' } logger.error("user has no edit permission for node %s" % parent) return d['html_response_code'], len(s), d datatype = params.get('type') uploaddir = users.getUploadDir(user) n = tree.Node(name=params.get('name'), type=datatype) if isinstance(uploadfile, types.InstanceType): # file object used nfile = importFile(uploadfile.filename, uploadfile.tempname) else: # string used nfile = importFileFromData('uploadTest.jpg', base64.b64decode(uploadfile)) if nfile: n.addFile(nfile) else: logger.error("error in file uploadservice") try: # test metadata metadata = json.loads(params.get('metadata')) except ValueError: metadata = dict() # set provided metadata for key, value in metadata.iteritems(): n.set(u(key), u(value)) # service flags n.set("creator", user.getName()) n.set("creationtime", format_date()) parent.addChild(n) # process the file, we've added to the new node if hasattr(n, "event_files_changed"): try: n.event_files_changed() except OperationException as e: for file in n.getFiles(): if os.path.exists(file.retrieveFile()): os.remove(file.retrieveFile()) raise OperationException(e.value) # make sure the new node is visible immediately from the web service and # the search index gets updated n.setDirty() tree.remove_from_nodecaches(parent) d = { 'status': 'Created', 'html_response_code': '201', 'build_response_end': time.time() } s = "Created" # provide the uploader with the new node ID req.reply_headers['NodeID'] = n.id # we need to write in case of POST request, send as buffer will not work req.write(s) return d['html_response_code'], len(s), d
def get_sheme(req, path, params, data, name): atime = starttime = time.time() r_timetable = [] userAccess = None # get the user and verify the signature if params.get('user'): # user=users.getUser(params.get('user')) #userAccess = AccessData(user=user) _user = users.getUser(params.get('user')) if not _user: # user of dynamic class dummyuser: # dummy user class def getGroups( self): # return all groups with given dynamic user return [ g.name for g in tree.getRoot('usergroups').getChildren() if g.get('allow_dynamic') == '1' and params.get('user') in g.get('dynamic_users') ] def getName(self): return params.get('user') def getDirID(self): # unique identifier return params.get('user') def isAdmin(self): return 0 _user = dummyuser() userAccess = AccessData(user=_user) if userAccess.user is not None: valid = userAccess.verify_request_signature(req.fullpath, params) if not valid: userAccess = None else: userAccess = None if userAccess is None: d = {} d['status'] = 'fail' d['html_response_code'] = '403' # denied return d['html_response_code'], 0, d d = {} d['timetable'] = [] d['status'] = 'ok' d['html_response_code'] = '200' # ok d['build_response_end'] = time.time() if r_timetable: d['timetable'] = r_timetable[:] if name.endswith('/'): name = name[:-1] s = exportMetaScheme(name) def compressForDeflate(s): import gzip return gzip.zlib.compress(s, 9) def compressForGzip(s): import cStringIO import gzip buffer = cStringIO.StringIO() gzfile = gzip.GzipFile(mode='wb', fileobj=buffer, compresslevel=9) gzfile.write(s) gzfile.close() return buffer.getvalue() if 'deflate' in req.params: size_uncompressed = len(s) compressed_s = compressForDeflate(s) s = compressed_s size_compressed = len(s) try: percentage = 100.0 * size_compressed / size_uncompressed except: percentage = 100.0 req.reply_headers['Content-Encoding'] = "deflate" d['timetable'].append([ "'deflate' in request: executed compressForDeflate(s), %d bytes -> %d bytes (compressed to: %.1f %%)" % (size_uncompressed, size_compressed, percentage), time.time() - atime ]) atime = time.time() elif 'gzip' in req.params: size_uncompressed = len(s) compressed_s = compressForGzip(s) s = compressed_s size_compressed = len(s) try: percentage = 100.0 * size_compressed / size_uncompressed except: percentage = 100.0 req.reply_headers['Content-Encoding'] = "gzip" d['timetable'].append([ "'gzip' in request: executed compressForGzip(s), %d bytes -> %d bytes (compressed to: %.1f %%)" % (size_uncompressed, size_compressed, percentage), time.time() - atime ]) atime = time.time() mimetype = 'text/html' req.reply_headers['Content-Type'] = "text/xml; charset=utf-8" req.reply_headers['Content-Length'] = len(s) req.sendAsBuffer(s, mimetype, force=1) d['timetable'].append([ "executed req.sendAsBuffer, %d bytes, mimetype='%s'" % (len(s), mimetype), time.time() - atime ]) atime = time.time() return d['html_response_code'], len(s), d
def show_node_big(self, req, template="workflow/workflow.html", macro="object_step"): # the workflow operations (node forwarding, key assignment, # parent node handling) are highly non-reentrant, so protect # everything with a global lock global workflow_lock workflow_lock.acquire() try: access = acl.AccessData(req) key = req.params.get("key", req.session.get("key", "")) req.session["key"] = key if "obj" in req.params: nodes = [tree.getNode(id) for id in req.params['obj'].split(',')] for node in nodes: if not access.hasWriteAccess(self) and \ (key != node.get("key")): # no permission link = '(' + self.name + ')' try: return req.getTAL(template, {"node": node, "link": link, "email": config.get("email.workflow")}, macro=macro) except: return "" if 'action' in req.params: if access.hasWriteAccess(self): if req.params.get('action') == 'delete': for node in nodes: for parent in node.getParents(): parent.removeChild(node) elif req.params.get('action').startswith('move_'): step = tree.getNode(req.params.get('action').replace('move_', '')) for node in nodes: for parent in node.getParents(): parent.removeChild(node) step.addChild(node) return self.show_workflow_step(req) else: node = nodes[0] if self in node.getParents(): # set correct language for workflow for guest user only if node.get('key') == node.get('system.key') and getUserFromRequest(req) == getUser(config.get('user.guestuser')): switch_language(req, node.get('system.wflanguage')) link = req.makeLink("/mask", {"id": self.id}) if "forcetrue" in req.params: return self.forwardAndShow(node, True, req, link=link) if "forcefalse" in req.params: return self.forwardAndShow(node, False, req, link=link) return self.show_workflow_node(node, req) else: return self.show_workflow_notexist(node, req) else: return self.show_workflow_step(req) finally: workflow_lock.release()
def upload_new_node(req, path, params, data): try: uploadfile = params['data'] del params['data'] except KeyError: uploadfile = None # get the user and verify the signature if params.get('user'): # user=users.getUser(params.get('user')) #userAccess = AccessData(user=user) _user = users.getUser(params.get('user')) if not _user: # user of dynamic class dummyuser: # dummy user class # return all groups with given dynamic user def getGroups(self): return [g.name for g in tree.getRoot('usergroups').getChildren() if g.get( 'allow_dynamic') == '1' and params.get('user') in g.get('dynamic_users')] def getName(self): return params.get('user') def getDirID(self): # unique identifier return params.get('user') def isAdmin(self): return 0 _user = dummyuser() userAccess = AccessData(user=_user) if userAccess.user: user = userAccess.user if not userAccess.verify_request_signature( req.fullpath + '?', params): userAccess = None else: userAccess = None else: user = users.getUser(config.get('user.guestuser')) userAccess = AccessData(user=user) parent = tree.getNode(params.get('parent')) # check user access if userAccess and userAccess.hasAccess(parent, "write"): pass else: s = "No Access" req.write(s) d = { 'status': 'fail', 'html_response_code': '403', 'errormessage': 'no access'} logger.error("user has no edit permission for node %s" % parent) return d['html_response_code'], len(s), d datatype = params.get('type') uploaddir = users.getUploadDir(user) n = tree.Node(name=params.get('name'), type=datatype) if isinstance(uploadfile, types.InstanceType): # file object used nfile = importFile(uploadfile.filename, uploadfile.tempname) else: # string used nfile = importFileFromData( 'uploadTest.jpg', base64.b64decode(uploadfile)) if nfile: n.addFile(nfile) else: logger.error("error in file uploadservice") try: # test metadata metadata = json.loads(params.get('metadata')) except ValueError: metadata = dict() # set provided metadata for key, value in metadata.iteritems(): n.set(u(key), u(value)) # service flags n.set("creator", user.getName()) n.set("creationtime", format_date()) parent.addChild(n) # process the file, we've added to the new node if hasattr(n, "event_files_changed"): try: n.event_files_changed() except OperationException as e: for file in n.getFiles(): if os.path.exists(file.retrieveFile()): os.remove(file.retrieveFile()) raise OperationException(e.value) # make sure the new node is visible immediately from the web service and # the search index gets updated n.setDirty() tree.remove_from_nodecaches(parent) d = { 'status': 'Created', 'html_response_code': '201', 'build_response_end': time.time()} s = "Created" # provide the uploader with the new node ID req.reply_headers['NodeID'] = n.id # we need to write in case of POST request, send as buffer will not work req.write(s) return d['html_response_code'], len(s), d
def pwdforgotten(req): if len(req.params) > 3: # user changed to browsing return buildURL(req) navframe = frame.getNavigationFrame(req) navframe.feedback(req) if req.params.get("action", "") == "activate": # do activation of new password id, key = req.params.get("key").replace("/", "").split('-') targetuser = users.getUser(id) if targetuser.get("newpassword.activation_key") == key: newpassword = targetuser.get("newpassword.password") if newpassword: targetuser.set("password", newpassword) print "password reset for user '%s' (id=%s) reset" % ( targetuser.getName(), targetuser.id) targetuser.removeAttribute("newpassword.password") targetuser.set("newpassword.time_activated", date.format_date()) logging.getLogger('usertracing').info( "new password activated for user: %s - was requested: %s by %s" % (targetuser.getName(), targetuser.get("newpassword.time_requested"), targetuser.get("newpassword.request_ip"))) navframe.write( req, req.getTAL(theme.getTemplate("login.html"), {"username": targetuser.getName()}, macro="pwdforgotten_password_activated")) return httpstatus.HTTP_OK else: print "invalid key: wrong key or already used key" navframe.write( req, req.getTAL( theme.getTemplate("login.html"), {"message": "pwdforgotten_password_invalid_key"}, macro="pwdforgotten_message")) return httpstatus.HTTP_OK elif "user" in req.params: # create email with activation information username = req.params.get("user", "") if username == '': req.params['error'] = "pwdforgotten_noentry" else: targetuser = users.getUser(username) if not targetuser or not targetuser.canChangePWD(): logging.getLogger('usertracing').info( "new password requested for non-existing user: "******"pwdforgotten_nosuchuser" else: password = users.makeRandomPassword() randomkey = mkKey() targetuser.set("newpassword.password", hashlib.md5(password).hexdigest()) targetuser.set("newpassword.time_requested", date.format_date()) targetuser.set("newpassword.activation_key", randomkey) targetuser.set("newpassword.request_ip", req.ip) v = {} v["name"] = targetuser.getName() v["host"] = config.get("host.name") v["login"] = targetuser.getName() v["language"] = lang(req) v["activationlink"] = v[ "host"] + "/pwdforgotten?action=activate&key=%s-%s" % ( targetuser.id, randomkey) v["email"] = targetuser.getEmail() v["userid"] = targetuser.getName() # going to send the mail try: mailtext = req.getTAL(theme.getTemplate("login.html"), v, macro="emailtext") mailtext = mailtext.strip().replace( "[$newpassword]", password).replace("[wird eingesetzt]", password) mail.sendmail(config.get("email.admin"), targetuser.getEmail(), t(lang(req), "pwdforgotten_email_subject"), mailtext) logging.getLogger('usertracing').info( "new password requested for user: %s - activation email sent" % username) navframe.write( req, req.getTAL(theme.getTemplate("login.html"), {"message": "pwdforgotten_butmailnowsent"}, macro="pwdforgotten_message")) return httpstatus.HTTP_OK except mail.SocketError: print "Socket error while sending mail" logging.getLogger('usertracing').info( "new password requested for user: %s - failed to send activation email" % username) return req.getTAL( theme.getTemplate("login.html"), {"message": "pwdforgotten_emailsenderror"}, macro="pwdforgotten_message") # standard operation navframe.write( req, req.getTAL(theme.getTemplate("login.html"), { "error": req.params.get("error"), "user": users.getUserFromRequest(req) }, macro="pwdforgotten")) return httpstatus.HTTP_OK
def pwdforgotten(req): if len(req.params) > 3: # user changed to browsing return buildURL(req) navframe = frame.getNavigationFrame(req) navframe.feedback(req) if req.params.get("action", "") == "activate": # do activation of new password id, key = req.params.get("key").replace("/", "").split('-') targetuser = users.getUser(id) if targetuser.get("newpassword.activation_key") == key: newpassword = targetuser.get("newpassword.password") if newpassword: targetuser.set("password", newpassword) print "password reset for user '%s' (id=%s) reset" % (targetuser.getName(), targetuser.id) targetuser.removeAttribute("newpassword.password") targetuser.set("newpassword.time_activated", date.format_date()) logging.getLogger('usertracing').info( "new password activated for user: %s - was requested: %s by %s" % (targetuser.getName(), targetuser.get("newpassword.time_requested"), targetuser.get("newpassword.request_ip"))) navframe.write( req, req.getTAL( theme.getTemplate("login.html"), { "username": targetuser.getName()}, macro="pwdforgotten_password_activated")) return httpstatus.HTTP_OK else: print "invalid key: wrong key or already used key" navframe.write( req, req.getTAL( theme.getTemplate("login.html"), { "message": "pwdforgotten_password_invalid_key"}, macro="pwdforgotten_message")) return httpstatus.HTTP_OK elif "user" in req.params: # create email with activation information username = req.params.get("user", "") if username == '': req.params['error'] = "pwdforgotten_noentry" else: targetuser = users.getUser(username) if not targetuser or not targetuser.canChangePWD(): logging.getLogger('usertracing').info("new password requested for non-existing user: "******"pwdforgotten_nosuchuser" else: password = users.makeRandomPassword() randomkey = mkKey() targetuser.set("newpassword.password", hashlib.md5(password).hexdigest()) targetuser.set("newpassword.time_requested", date.format_date()) targetuser.set("newpassword.activation_key", randomkey) targetuser.set("newpassword.request_ip", req.ip) v = {} v["name"] = targetuser.getName() v["host"] = config.get("host.name") v["login"] = targetuser.getName() v["language"] = lang(req) v["activationlink"] = v["host"] + "/pwdforgotten?action=activate&key=%s-%s" % (targetuser.id, randomkey) v["email"] = targetuser.getEmail() v["userid"] = targetuser.getName() # going to send the mail try: mailtext = req.getTAL(theme.getTemplate("login.html"), v, macro="emailtext") mailtext = mailtext.strip().replace("[$newpassword]", password).replace("[wird eingesetzt]", password) mail.sendmail(config.get("email.admin"), targetuser.getEmail(), t(lang(req), "pwdforgotten_email_subject"), mailtext) logging.getLogger('usertracing').info("new password requested for user: %s - activation email sent" % username) navframe.write( req, req.getTAL( theme.getTemplate("login.html"), { "message": "pwdforgotten_butmailnowsent"}, macro="pwdforgotten_message")) return httpstatus.HTTP_OK except mail.SocketError: print "Socket error while sending mail" logging.getLogger('usertracing').info( "new password requested for user: %s - failed to send activation email" % username) return req.getTAL( theme.getTemplate("login.html"), {"message": "pwdforgotten_emailsenderror"}, macro="pwdforgotten_message") # standard operation navframe.write(req, req.getTAL(theme.getTemplate("login.html"), { "error": req.params.get("error"), "user": users.getUserFromRequest(req)}, macro="pwdforgotten")) return httpstatus.HTTP_OK
def __init__(self): self.folded = 0 self.name = "common" self.user = users.getUser(config.get("user.guestuser", ""))
def validate(req, op): """standard validator""" try: if "style" in req.params: req.write(view(req)) return "" for key in req.params.keys(): if key.startswith("new"): # create new user return editUser_mask(req, "") elif key.startswith("edit_"): # edit user return editUser_mask(req, str(key[key.index("_") + 1:-2])) elif key.startswith("sendmail_") and req.params.get( "form_op", "") != "cancel": # send email return sendmailUser_mask(req, str(key[key.index("_") + 1:-2])) elif key.startswith("delete_"): # delete user user_from_request = users.getUserFromRequest(req) username_from_form = key[7:-2] dyn_auths = getDynamicUserAuthenticators() isDynamic = False for dyn_auth in dyn_auths: if username_from_form.startswith(dyn_auth + "|"): isDynamic = (username_from_form, dyn_auth) break if isDynamic: log.info( "%r is requesting logout of dynamic user %r (%r)" % (user_from_request.getName(), isDynamic[0], isDynamic[1])) deleteUser(isDynamic[0], isDynamic[1]) else: usertype = req.params.get("usertype", "intern") usernode = getUser(key[7:-2]) if not usertype.strip(): usertype = usernode.getUserType() if usertype == 'users': # function deleteUser expects usertype='intern' # for children if root->users, but getUserType() # returns 'users' for those usertype = 'intern' log.info("%r is requesting deletion of user %r (%r, %r)" % (user_from_request.getName(), usernode.name, usernode.id, usertype)) deleteUser(usernode, usertype=usertype) del_index = users_cache.index(usernode) del users_cache[del_index] searchterm_was = req.params.get("searchterm_was", "") if searchterm_was: req.params['action'] = 'search' req.params['searchterm'] = searchterm_was req.params['use_macro'] = 'view' req.params['execute_search'] = searchterm_was break elif key.startswith("tointern_"): moveUserToIntern(key[9:-2]) break elif key.startswith("reset_"): # reset password if req.params["change_passwd"] != "": getUser(key[6:-2]).resetPassword( req.params["change_passwd"]) else: getUser(key[6:-2]).resetPassword( config.settings["user.passwd"]) break if "form_op" in req.params.keys(): _option = "" for key in req.params.keys(): if key.startswith("option_"): _option += key[7] if req.params.get("form_op") == "save_new": # save user values if req.params.get("username", "") == "" or req.params.get( "usergroups", "") == "" or req.params.get("email", "") == "": return editUser_mask(req, "", 1) # no username or group selected elif existUser(req.params.get("username")): return editUser_mask(req, "", 2) # user still existing else: create_user( req.params.get("username"), req.params.get("email"), req.params.get("usergroups").replace(";", ","), pwd=req.params.get("password", ""), lastname=req.params.get("lastname", ""), firstname=req.params.get("firstname"), telephone=req.params.get("telephone"), comment=req.params.get("comment"), option=_option, organisation=req.params.get("organisation", ""), identificator=req.params.get("identificator", ""), type=req.params.get("usertype", "intern")) elif req.params["form_op"] == "save_edit": # update user if req.params.get("email", "") == "" or req.params.get( "username", "") == "" or req.params.get( "usergroups", "") == "": return editUser_mask( req, req.params.get("id"), 1) # no username, email or group selected else: update_user( req.params.get("id", 0), req.params.get("username", ""), req.params.get("email", ""), req.params.get("usergroups", "").replace(";", ","), lastname=req.params.get("lastname"), firstname=req.params.get("firstname"), telephone=req.params.get("telephone"), comment=req.params.get("comment"), option=_option, organisation=req.params.get("organisation", ""), identificator=req.params.get("identificator", ""), type=req.params.get("usertype", "intern")) flush_users_cache() return view(req) except: print "Warning: couldn't load module for type", type print sys.exc_info()[0], sys.exc_info()[1] traceback.print_tb(sys.exc_info()[2])
def getContent(req, ids): """ The standard method, which has to be implemented by every module. It's called in edit.py, where all the modules will be identified. """ user = users.getUserFromRequest(req) access = acl.AccessData(req) node = tree.getNode(ids[0]) access_nobody = 'nicht Jeder' # first prove if the user has the required rights to call this module if 'sortfiles' in users.getHideMenusForUser( user) or not access.hasWriteAccess(node): req.setStatus(httpstatus.HTTP_FORBIDDEN) return req.getTAL('web/edit/edit.html', {}, macro='access_error') if node.isContainer(): nodes = ', '.join(node.getChildren().getIDs()) else: nodes = node.get('node.id') v = { 'msg': '', 'urn_institutionid': config.get('urn.institutionid'), 'urn_pubtypes': config.get('urn.pubtypes').split(';'), 'namespaces': config.get('urn.namespace').split(';'), 'user': user, 'nodes': nodes, 'type': req.params.get('id_type'), 'show_form': True, 'namespace': req.params.get('namespace'), 'urn_type': req.params.get('urn_type'), 'host': config.get('host.name'), 'creator': users.getUser(node.get('creator')) } if user.isAdmin(): if 'id_type' in req.params: if req.params.get('id_type') == 'hash': createHash(node) if req.params.get('id_type') == 'urn': createUrn(node, req.params.get('namespace'), req.params.get('urn_type')) if req.params.get('id_type') == 'doi': try: createDOI(node) except: return req.error(500, "doi was not successfully registered") if any(identifier in node.attributes for identifier in ('hash', 'urn', 'doi')): if not node.get('system.identifierdate'): node.set('system.identifierdate', date.now()) if node.get('system.identifierstate') != '2': node.set('system.identifierstate', '2') # add nobody rule if not set if node.getAccess('write') is None: node.setAccess('write', access_nobody) else: if access_nobody not in node.getAccess('write'): node.setAccess( 'write', ','.join( [node.getAccess('write'), access_nobody])) try: mailtext = req.getTAL( 'web/edit/modules/identifier.html', v, macro='generate_identifier_usr_mail_2') mail.sendmail( config.get('email.admin'), users.getUser(node.get('creator')).get('email'), 'Vergabe eines Idektifikators / Generation of an Identifier', mailtext) except mail.SocketError: logging.getLogger('backend').error( 'failed to send Autorenvertrag mail to user %s' % node.get('creator')) v['msg'] = t(lang(req), 'edit_identifier_mail_fail') if node.get('system.identifierstate') != '2': v['msg'] = t(lang(req), 'edit_identifier_state_0_1_admin') else: v['msg'] = t(lang(req), 'edit_identifier_state_2_admin') else: if pathutils.isDescendantOf(node, tree.getRoot('collections')): if not node.get('system.identifierstate'): if 'id_type' in req.params: try: # fetch autorenvertrag attachment = [] autorenvertrag_name = 'formular_autorenvertrag.pdf' autorenvertrag_path = os.path.join( config.get('paths.tempdir'), autorenvertrag_name) if not os.path.isfile(autorenvertrag_path): logging.getLogger('backend').error( "Unable to attach Autorenvergrag. Attachment file not found: '%s'" % autorenvertrag_path) raise IOError( 'Autorenvertrag was not located on disk at %s. Please send this error message to %s' % (autorenvertrag_path, config.get('email.admin'))) else: attachment.append( (autorenvertrag_path, 'Autorenvertrag.pdf')) # notify user mailtext_user = req.getTAL( 'web/edit/modules/identifier.html', v, macro='generate_identifier_usr_mail_1_' + lang(req)) mail.sendmail( config.get('email.admin'), user.get('email'), t(lang(req), 'edit_identifier_mail_title_usr_1'), mailtext_user, attachments_paths_and_filenames=attachment) # notify admin mailtext_admin = req.getTAL( 'web/edit/modules/identifier.html', v, macro='generate_identifier_admin_mail') mail.sendmail( config.get('email.admin'), config.get('email.admin'), 'Antrag auf Vergabe eines Identifikators', mailtext_admin) node.set('system.identifierstate', '1') # add nobody rule print node.getAccess('write') if node.getAccess('write') is None: node.setAccess('write', access_nobody) else: if access_nobody not in node.getAccess('write'): node.setAccess( 'write', ','.join([ node.getAccess('write'), access_nobody ])) except mail.SocketError: logging.getLogger('backend').error( 'failed to send identifier request mail') v['msg'] = t(lang(req), 'edit_identifier_mail_fail') else: v['msg'] = t(lang(req), 'edit_identifier_state_0_usr') if node.get('system.identifierstate') == '1': v['show_form'] = False v['msg'] = t(lang(req), 'edit_identifier_state_1_usr') else: v['show_form'] = False v['msg'] = t(lang(req), 'edit_identifier_state_published') v['hash_val'] = node.get('hash') v['urn_val'] = node.get('urn') v['doi_val'] = node.get('doi') # hides form if all identifier types are already set if all(idents != '' for idents in (v['hash_val'], v['urn_val'], v['doi_val'])): v['show_form'] = False v['msg'] = t(lang(req), 'edit_identifier_all_types_set') return req.getTAL('web/edit/modules/identifier.html', v, macro='set_identifier')
def getContent(req, ids): """ The standard method, which has to be implemented by every module. It's called in edit.py, where all the modules will be identified. """ user = users.getUserFromRequest(req) access = acl.AccessData(req) node = tree.getNode(ids[0]) access_nobody = 'nicht Jeder' # first prove if the user has the required rights to call this module if 'sortfiles' in users.getHideMenusForUser(user) or not access.hasWriteAccess(node): req.setStatus(httpstatus.HTTP_FORBIDDEN) return req.getTAL('web/edit/edit.html', {}, macro='access_error') if node.isContainer(): nodes = ', '.join(node.getChildren().getIDs()) else: nodes = node.get('node.id') v = {'msg': '', 'urn_institutionid': config.get('urn.institutionid'), 'urn_pubtypes': config.get('urn.pubtypes').split(';'), 'namespaces': config.get('urn.namespace').split(';'), 'user': user, 'nodes': nodes, 'type': req.params.get('id_type'), 'show_form': True, 'namespace': req.params.get('namespace'), 'urn_type': req.params.get('urn_type'), 'host': config.get('host.name'), 'creator': users.getUser(node.get('creator')) } if user.isAdmin(): if 'id_type' in req.params: if req.params.get('id_type') == 'hash': createHash(node) if req.params.get('id_type') == 'urn': createUrn(node, req.params.get('namespace'), req.params.get('urn_type')) if req.params.get('id_type') == 'doi': try: createDOI(node) except: return req.error(500, "doi was not successfully registered") if any(identifier in node.attributes for identifier in ('hash', 'urn', 'doi')): if not node.get('system.identifierdate'): node.set('system.identifierdate', date.now()) if node.get('system.identifierstate') != '2': node.set('system.identifierstate', '2') # add nobody rule if not set if node.getAccess('write') is None: node.setAccess('write', access_nobody) else: if access_nobody not in node.getAccess('write'): node.setAccess('write', ','.join([node.getAccess('write'), access_nobody])) try: mailtext = req.getTAL('web/edit/modules/identifier.html', v, macro='generate_identifier_usr_mail_2') mail.sendmail(config.get('email.admin'), users.getUser(node.get('creator')).get('email'), 'Vergabe eines Idektifikators / Generation of an Identifier', mailtext) except mail.SocketError: logging.getLogger('backend').error('failed to send Autorenvertrag mail to user %s' % node.get('creator')) v['msg'] = t(lang(req), 'edit_identifier_mail_fail') if node.get('system.identifierstate') != '2': v['msg'] = t(lang(req), 'edit_identifier_state_0_1_admin') else: v['msg'] = t(lang(req), 'edit_identifier_state_2_admin') else: if pathutils.isDescendantOf(node, tree.getRoot('collections')): if not node.get('system.identifierstate'): if 'id_type' in req.params: try: # fetch autorenvertrag attachment = [] autorenvertrag_name = 'formular_autorenvertrag.pdf' autorenvertrag_path = os.path.join(config.get('paths.tempdir'), autorenvertrag_name) if not os.path.isfile(autorenvertrag_path): logging.getLogger('backend').error( "Unable to attach Autorenvergrag. Attachment file not found: '%s'" % autorenvertrag_path) raise IOError('Autorenvertrag was not located on disk at %s. Please send this error message to %s' % (autorenvertrag_path, config.get('email.admin'))) else: attachment.append((autorenvertrag_path, 'Autorenvertrag.pdf')) # notify user mailtext_user = req.getTAL( 'web/edit/modules/identifier.html', v, macro='generate_identifier_usr_mail_1_' + lang(req)) mail.sendmail(config.get('email.admin'), user.get('email'), t(lang(req), 'edit_identifier_mail_title_usr_1'), mailtext_user, attachments_paths_and_filenames=attachment) # notify admin mailtext_admin = req.getTAL('web/edit/modules/identifier.html', v, macro='generate_identifier_admin_mail') mail.sendmail(config.get('email.admin'), config.get('email.admin'), 'Antrag auf Vergabe eines Identifikators', mailtext_admin) node.set('system.identifierstate', '1') # add nobody rule print node.getAccess('write') if node.getAccess('write') is None: node.setAccess('write', access_nobody) else: if access_nobody not in node.getAccess('write'): node.setAccess('write', ','.join([node.getAccess('write'), access_nobody])) except mail.SocketError: logging.getLogger('backend').error('failed to send identifier request mail') v['msg'] = t(lang(req), 'edit_identifier_mail_fail') else: v['msg'] = t(lang(req), 'edit_identifier_state_0_usr') if node.get('system.identifierstate') == '1': v['show_form'] = False v['msg'] = t(lang(req), 'edit_identifier_state_1_usr') else: v['show_form'] = False v['msg'] = t(lang(req), 'edit_identifier_state_published') v['hash_val'] = node.get('hash') v['urn_val'] = node.get('urn') v['doi_val'] = node.get('doi') # hides form if all identifier types are already set if all(idents != '' for idents in (v['hash_val'], v['urn_val'], v['doi_val'])): v['show_form'] = False v['msg'] = t(lang(req), 'edit_identifier_all_types_set') return req.getTAL('web/edit/modules/identifier.html', v, macro='set_identifier')
def create(): """ Creates the sitemap files and the sitemap index files which are located at /web/root/ """ logging.getLogger("everything").info("Creating Sitemaps and Sitemap Index...") base_dir = os.path.abspath(os.path.join(os.path.dirname(__file__), os.pardir)) hostname = config.get("host.name") root = tree.getRoot("collections") all_nodes = root.getAllChildren() user = users.getUser("Gast") access = acl.AccessData(user=user) sitemaps = [] node_dict = { "collection": [], "directory": [], "document": [], "dissertation": [], "image": [], "video": [], "audio": [], } for node in all_nodes: # Arkitekt had a guest field that is actually not visible if access.hasAccess(node, "read"): for node_type in node_dict.keys(): if node_type in tree.getNode(node.id).type: node_dict[node_type].append((node.id, tree.getNode(node.id).get("updatetime"))) # Reassign node_dict to a dict where empty values were removed node_dict = dict((k, v) for k, v in node_dict.iteritems() if v) # Sitemap can have at most 50k entries for key in node_dict.keys(): if key in ("dissertation", "document", "image"): priority_level = "1.0" elif key == "videos": priority_level = "0.8" else: priority_level = "0.5" # Create multiple sitemaps for node lists > 50k if len(node_dict[key]) > 50000: partitions = int(ceil((len(node_dict[key]) / 50000.0))) for partition_number in range(partitions): sitemap = Sitemap(base_dir, "".join(["sitemap-", str(key), str(partition_number), ".xml"]), hostname) sitemaps.append(sitemap.name) sitemap.create_sitemap( node_dict[key][partition_number * 50000 : (partition_number + 1) * 50000], priority_level ) else: sitemap = Sitemap(base_dir, "".join(["sitemap-", key, ".xml"]), hostname) sitemaps.append(sitemap.name) sitemap.create_sitemap(node_dict[key], priority_level) siteindex = SitemapIndex(base_dir, "sitemap-index.xml", hostname) now = "+".join([datetime.datetime.now().strftime("%Y-%m-%dT%H:%M:%S"), "02:00"]) siteindex.create_sitemap_index(sitemaps, now) logging.getLogger("everything").info("Generation of Sitemaps and SitemapIndex Complete")
def show_node_big(self, req, template="workflow/workflow.html", macro="object_step"): # the workflow operations (node forwarding, key assignment, # parent node handling) are highly non-reentrant, so protect # everything with a global lock global workflow_lock workflow_lock.acquire() try: access = acl.AccessData(req) key = req.params.get("key", req.session.get("key", "")) req.session["key"] = key if "obj" in req.params: nodes = [tree.getNode(id) for id in req.params["obj"].split(",")] for node in nodes: if not access.hasWriteAccess(self) and (key != node.get("key")): # no permission link = "(" + self.name + ")" try: return req.getTAL( template, {"node": node, "link": link, "email": config.get("email.workflow")}, macro=macro, ) except: return "" if "action" in req.params: if access.hasWriteAccess(self): if req.params.get("action") == "delete": for node in nodes: for parent in node.getParents(): parent.removeChild(node) elif req.params.get("action").startswith("move_"): step = tree.getNode(req.params.get("action").replace("move_", "")) for node in nodes: for parent in node.getParents(): parent.removeChild(node) step.addChild(node) return self.show_workflow_step(req) else: node = nodes[0] if self in node.getParents(): # set correct language for workflow for guest user only if node.get("key") == node.get("system.key") and getUserFromRequest(req) == getUser( config.get("user.guestuser") ): switch_language(req, node.get("system.wflanguage")) link = req.makeLink("/mask", {"id": self.id}) if "forcetrue" in req.params: return self.forwardAndShow(node, True, req, link=link) if "forcefalse" in req.params: return self.forwardAndShow(node, False, req, link=link) return self.show_workflow_node(node, req) else: return self.show_workflow_notexist(node, req) else: return self.show_workflow_step(req) finally: workflow_lock.release()