Пример #1
0
 def __call__(self, i, default=DEFAULT, cast=None, otherwise=None):
     """Allows to use a special syntax for fast-check of `request.args()`
     validity
     Args:
         i: index
         default: use this value if arg not found
         cast: type cast
         otherwise: can be:
          - None: results in a 404
          - str: redirect to this address
          - callable: calls the function (nothing is passed)
     Example:
         You can use::
             request.args(0,default=0,cast=int,otherwise='http://error_url')
             request.args(0,default=0,cast=int,otherwise=lambda:...)
     """
     value = self[i]
     if not value and default is not DEFAULT:
         value, cast, otherwise = default, False, False
     try:
         if cast:
             value = cast(value)
         if not value and otherwise:
             raise ValueError('Otherwise will raised.')
     except (ValueError, TypeError):
         from http import HTTP, redirect
         if otherwise is None:
             raise HTTP(404)
         elif isinstance(otherwise, str):
             redirect(otherwise)
         elif callable(otherwise):
             return otherwise()
         else:
             raise RuntimeError("invalid otherwise")
     return value
Пример #2
0
 def __call__(self, i, default=DEFAULT, cast=None, otherwise=None):
     """
     request.args(0,default=0,cast=int,otherwise='http://error_url')
     request.args(0,default=0,cast=int,otherwise=lambda:...)
     """
     n = len(self)
     if 0 <= i < n or -n <= i < 0:
         value = self[i]
     elif default is DEFAULT:
         value = None
     else:
         value, cast = default, False
     if cast:
         try:
             value = cast(value)
         except (ValueError, TypeError):
             from http import HTTP, redirect
             if otherwise is None:
                 raise HTTP(404)
             elif isinstance(otherwise, str):
                 redirect(otherwise)
             elif callable(otherwise):
                 return otherwise()
             else:
                 raise RuntimeError("invalid otherwise")
     return value
Пример #3
0
 def __call__(self, i, default=DEFAULT, cast=None, otherwise=None):
     """Allows to use a special syntax for fast-check of `request.args()`
     validity
     Args:
         i: index
         default: use this value if arg not found
         cast: type cast
         otherwise: can be:
          - None: results in a 404
          - str: redirect to this address
          - callable: calls the function (nothing is passed)
     Example:
         You can use::
             request.args(0,default=0,cast=int,otherwise='http://error_url')
             request.args(0,default=0,cast=int,otherwise=lambda:...)
     """
     value = self[i]
     if not value and default is not DEFAULT:
         value, cast, otherwise = default, False, False
     try:
         if cast:
             value = cast(value)
         if not value and otherwise:
             raise ValueError('Otherwise will raised.')
     except (ValueError, TypeError):
         from http import HTTP, redirect
         if otherwise is None:
             raise HTTP(404)
         elif isinstance(otherwise, str):
             redirect(otherwise)
         elif callable(otherwise):
             return otherwise()
         else:
             raise RuntimeError("invalid otherwise")
     return value
Пример #4
0
 def __call__(self, i, default=DEFAULT, cast=None, otherwise=None):
     """
     request.args(0,default=0,cast=int,otherwise='http://error_url')
     request.args(0,default=0,cast=int,otherwise=lambda:...)
     """
     n = len(self)
     if 0 <= i < n or -n <= i < 0:
         value = self[i]
     elif default is DEFAULT:
         value = None
     else:
         value, cast = default, False
     if cast:
         try:
             value = cast(value)
         except (ValueError, TypeError):
             from http import HTTP, redirect
             if otherwise is None:
                 raise HTTP(404)
             elif isinstance(otherwise, str):
                 redirect(otherwise)
             elif callable(otherwise):
                 return otherwise()
             else:
                 raise RuntimeError("invalid otherwise")
     return value
Пример #5
0
def logout_page(request):
    auth = protection.CookieAuthenticator()
    headers = auth.logout(request['headers'])
    if headers is None:
        return http.redirect('%slogin/' % core.MANAGER_URL)

    return http.redirect('/', [headers])
Пример #6
0
    def requires_https(self):
        """
        If request comes in over HTTP, redirect it to HTTPS
        and secure the session.
        """
        if not global_settings.cronjob and not self.is_https:
            redirect(URL(scheme='https', args=self.args, vars=self.vars))

        current.session.secure()
Пример #7
0
 def requires_https(self):
     """
     If request comes in over HTTP, redirect it to HTTPS
     and secure the session.
     """
     if not global_settings.cronjob and not self.is_https:
         redirect(URL(scheme='https', args=self.args, vars=self.vars))
     
     current.session.secure()
Пример #8
0
    def requires_https(self):
        """
        If request comes in over HTTP, redirect it to HTTPS
        and secure the session.
        """
        cmd_opts = global_settings.cmd_options
        #checking if this is called within the scheduler or within the shell
        #in addition to checking if it's not a cronjob
        if not cmd_opts.shell and not cmd_opts.scheduler and not global_settings.cronjob and not self.is_https:
            current.session.forget()
            redirect(URL(scheme='https', args=self.args, vars=self.vars))

        current.session.secure()
Пример #9
0
 def requires_https(self):
     """
     If request comes in over HTTP, redirect it to HTTPS
     and secure the session.
     """
     cmd_opts = global_settings.cmd_options
     #checking if this is called within the scheduler or within the shell
     #in addition to checking if it's not a cronjob
     if ((cmd_opts and (cmd_opts.shell or cmd_opts.scheduler))
             or global_settings.cronjob or self.is_https):
         current.session.secure()
     else:
         current.session.forget()
         redirect(URL(scheme='https', args=self.args, vars=self.vars))
Пример #10
0
 def __call__(self, i, default=None, cast=None, url_onerror=None):        
     if 0<=i<len(self):
         value = self[i]
     else:
         value = default
     if cast:
         try:
             value = cast(value)
         except (ValueError, TypeError):
             from http import HTTP, redirect
             if url_onerror:
                 redirect(url_onerror)
             else:
                 raise HTTP(404)
     return value
Пример #11
0
 def __call__(self, i, default=None, cast=None, url_onerror=None):        
     if 0<=i<len(self):
         value = self[i]
     else:
         value = default
     if cast:
         try:
             value = cast(value)
         except (ValueError, TypeError):
             from http import HTTP, redirect
             if url_onerror:
                 redirect(url_onerror)
             else:
                 raise HTTP(404)
     return value
Пример #12
0
def manager_catalog_import(request):
    template = 'manager/templates/catalog_import.tpl'

    catalog = core.CatalogManager()
    if not catalog.exist():
        catalog.done()
        return http.redirect('%scatalog/' % core.MANAGER_URL)

    return http.html_page(template, {}, request)
Пример #13
0
def manager_catalog_edit_data(request):
    variables = request['variables']
    pk = variables.get('id', None)
    try:
        pk = int(pk)
    except:
        pk = None

    if not pk:
        return http.redirect('%scatalog/add/' % core.MANAGER_URL)

    catalog = core.CatalogManager()
    item = catalog.get_item(pk)
    catalog.done()

    if not item:
        return http.redirect('%scatalog/add/' % core.MANAGER_URL)

    return manager_catalog_add_data(request, item=item)
Пример #14
0
def login_page(request):
    template = 'manager/templates/login.tpl'

    error = ''
    variables = request['variables']
    if request['method'] == 'POST':
        username = variables.get('username', '')
        password = variables.get('password', '')
        auth = protection.CookieAuthenticator()
        result = auth.login(username, password)
        if result:
            headers = [result]
            return http.redirect(core.MANAGER_URL, headers)

        return http.redirect('%slogin/' % core.MANAGER_URL)

    context = {
        'error': error
    }

    return http.html_page(template, context, request)
Пример #15
0
def handle(mapping, fvars=None):
    """
    Call the appropriate function based on the url to function mapping in `mapping`.
    If no module for the function is specified, look up the function in `fvars`. If
    `fvars` is empty, using the caller's context.

    `mapping` should be a tuple of paired regular expressions with function name
    substitutions. `handle` will import modules as necessary.
    """
    for url, ofno in utils.group(mapping, 2):
        if isinstance(ofno, tuple):
            ofn, fna = ofno[0], list(ofno[1:])
        else:
            ofn, fna = ofno, []
        fn, result = utils.re_subm('^' + url + '$', ofn, web.ctx.path)
        if result:  # it's a match
            if fn.split(' ', 1)[0] == "redirect":
                url = fn.split(' ', 1)[1]
                if web.ctx.method == "GET":
                    x = web.ctx.env.get('QUERY_STRING', '')
                    if x:
                        url += '?' + x
                return http.redirect(url)
            elif '.' in fn:
                x = fn.split('.')
                mod, cls = '.'.join(x[:-1]), x[-1]
                mod = __import__(mod, globals(), locals(), [""])
                cls = getattr(mod, cls)
            else:
                cls = fn
                mod = fvars
                if isinstance(mod, types.ModuleType):
                    mod = vars(mod)
                try:
                    cls = mod[cls]
                except KeyError:
                    return web.notfound()

            meth = web.ctx.method
            if meth == "HEAD":
                if not hasattr(cls, meth):
                    meth = "GET"
            if not hasattr(cls, meth):
                return nomethod(cls)
            tocall = getattr(cls(), meth)
            args = list(result.groups())
            for d in re.findall(r'\\(\d+)', ofn):
                args.pop(int(d) - 1)
            return tocall(*([urllib.unquote(x) for x in args] + fna))

    return web.notfound()
Пример #16
0
def handle(mapping, fvars=None):
    """
    Call the appropriate function based on the url to function mapping in `mapping`.
    If no module for the function is specified, look up the function in `fvars`. If
    `fvars` is empty, using the caller's context.

    `mapping` should be a tuple of paired regular expressions with function name
    substitutions. `handle` will import modules as necessary.
    """
    for url, ofno in utils.group(mapping, 2):
        if isinstance(ofno, tuple): 
            ofn, fna = ofno[0], list(ofno[1:])
        else: 
            ofn, fna = ofno, []
        fn, result = utils.re_subm('^' + url + '$', ofn, web.ctx.path)
        if result: # it's a match
            if fn.split(' ', 1)[0] == "redirect":
                url = fn.split(' ', 1)[1]
                if web.ctx.method == "GET":
                    x = web.ctx.env.get('QUERY_STRING', '')
                    if x: 
                        url += '?' + x
                return http.redirect(url)
            elif '.' in fn: 
                x = fn.split('.')
                mod, cls = '.'.join(x[:-1]), x[-1]
                mod = __import__(mod, globals(), locals(), [""])
                cls = getattr(mod, cls)
            else:
                cls = fn
                mod = fvars
                if isinstance(mod, types.ModuleType): 
                    mod = vars(mod)
                try: 
                    cls = mod[cls]
                except KeyError: 
                    return web.notfound()
            
            meth = web.ctx.method
            if meth == "HEAD":
                if not hasattr(cls, meth): 
                    meth = "GET"
            if not hasattr(cls, meth): 
                return nomethod(cls)
            tocall = getattr(cls(), meth)
            args = list(result.groups())
            for d in re.findall(r'\\(\d+)', ofn):
                args.pop(int(d) - 1)
            return tocall(*([x and urllib.unquote(x) for x in args] + fna))

    return web.notfound()
Пример #17
0
def static_page_delete(request):
    variables = request['variables']
    pk = variables.get('pk', None)
    try:
        pk = int(pk)
    except:
        pk = None

    if pk is not None:
        pages = core.PageManager()
        pages.remove(pk)
        pages.done()

        CACHE.clear()
	
    return http.redirect('%spages/' % core.MANAGER_URL)
Пример #18
0
def parse_url(request, environ):
    "parse and rewrite the incoming URL"

    # ##################################################
    # validate the path in url
    # ##################################################

    if not request.env.path_info and request.env.request_uri:
        # for fcgi, decode path_info and query_string
        items = request.env.request_uri.split('?')
        request.env.path_info = items[0]
        if len(items) > 1:
            request.env.query_string = items[1]
        else:
            request.env.query_string = ''
    path = request.env.path_info.replace('\\', '/')

    # ##################################################
    # serve if a static file
    # ##################################################

    match = regex_static.match(regex_space.sub('_', path))
    if match and match.group('x'):
        static_file = os.path.join(request.env.web2py_path, 'applications',
                                   match.group('b'), 'static',
                                   match.group('x'))
        return static_file

    # ##################################################
    # parse application, controller and function
    # ##################################################

    path = re.sub('%20', ' ', path)
    match = regex_url.match(path)
    if not match or match.group('c') == 'static':
        raise HTTP(400,
                   rewrite.thread.routes.error_message % 'invalid request',
                   web2py_error='invalid path')

    request.application = \
        regex_space.sub('_', match.group('a') or rewrite.thread.routes.default_application)
    request.controller = \
        regex_space.sub('_', match.group('c') or rewrite.thread.routes.default_controller)
    request.function = \
        regex_space.sub('_', match.group('f') or rewrite.thread.routes.default_function)
    group_e = match.group('e')
    raw_extension = group_e and regex_space.sub('_', group_e) or None
    request.extension = raw_extension or 'html'
    request.raw_args = match.group('r')
    request.args = List([])
    if request.application in rewrite.thread.routes.routes_apps_raw:
        # application is responsible for parsing args
        request.args = None
    elif request.raw_args:
        match = regex_args.match(request.raw_args.replace(' ', '_'))
        if match:
            group_s = match.group('s')
            request.args = \
                List((group_s and group_s.split('/')) or [])
        else:
            raise HTTP(400,
                       rewrite.thread.routes.error_message % 'invalid request',
                       web2py_error='invalid path')
    request.client = get_client(request.env)
    request.folder = os.path.join(request.env.web2py_path, 'applications',
                                  request.application) + '/'
    request.ajax = str(
        request.env.http_x_requested_with).lower() == 'xmlhttprequest'
    request.cid = request.env.http_web2py_component_element

    # ##################################################
    # access the requested application
    # ##################################################

    if not os.path.exists(request.folder):
        if request.application == rewrite.thread.routes.default_application:
            request.application = 'welcome'
            redirect(Url(r=request))
        elif rewrite.thread.routes.error_handler:
            redirect(
                Url(rewrite.thread.routes.error_handler['application'],
                    rewrite.thread.routes.error_handler['controller'],
                    rewrite.thread.routes.error_handler['function'],
                    args=request.application))
        else:
            raise HTTP(400,
                       rewrite.thread.routes.error_message % 'invalid request',
                       web2py_error='invalid application')
    request.url = Url(r=request, args=request.args, extension=raw_extension)
    return None
Пример #19
0
def wsgibase(environ, responder):
    """
    this is the gluon wsgi application. the first function called when a page
    is requested (static or dynamic). it can be called by paste.httpserver
    or by apache mod_wsgi.

      - fills request with info
      - the environment variables, replacing '.' with '_'
      - adds web2py path and version info
      - compensates for fcgi missing path_info and query_string
      - validates the path in url

    The url path must be either:

    1. for static pages:

      - /<application>/static/<file>

    2. for dynamic pages:

      - /<application>[/<controller>[/<function>[/<sub>]]][.<extension>]
      - (sub may go several levels deep, currently 3 levels are supported:
         sub1/sub2/sub3)

    The naming conventions are:

      - application, controller, function and extension may only contain
        [a-zA-Z0-9_]
      - file and sub may also contain '-', '=', '.' and '/'
    """

    current.__dict__.clear()
    request = Request()
    response = Response()
    session = Session()
    request.env.web2py_path = global_settings.applications_parent
    request.env.web2py_version = web2py_version
    request.env.update(global_settings)
    static_file = False
    try:
        try:
            try:
                # ##################################################
                # handle fcgi missing path_info and query_string
                # select rewrite parameters
                # rewrite incoming URL
                # parse rewritten header variables
                # parse rewritten URL
                # serve file if static
                # ##################################################

                if not environ.get('PATH_INFO',None) and \
                        environ.get('REQUEST_URI',None):
                    # for fcgi, get path_info and query_string from request_uri
                    items = environ['REQUEST_URI'].split('?')
                    environ['PATH_INFO'] = items[0]
                    if len(items) > 1:
                        environ['QUERY_STRING'] = items[1]
                    else:
                        environ['QUERY_STRING'] = ''
                if not environ.get('HTTP_HOST',None):
                    environ['HTTP_HOST'] = '%s:%s' % (environ.get('SERVER_NAME'),
                                                      environ.get('SERVER_PORT'))

                (static_file, environ) = rewrite.url_in(request, environ)
                if static_file:
                    if request.env.get('query_string', '')[:10] == 'attachment':
                        response.headers['Content-Disposition'] = 'attachment'
                    response.stream(static_file, request=request)

                # ##################################################
                # fill in request items
                # ##################################################

                http_host = request.env.http_host.split(':',1)[0]

                local_hosts = [http_host,'::1','127.0.0.1','::ffff:127.0.0.1']
                if not global_settings.web2py_runtime_gae:
                    local_hosts += [socket.gethostname(),
                                    socket.gethostbyname(http_host)]
                request.client = get_client(request.env)
                request.folder = abspath('applications',
                                         request.application) + os.sep
                x_req_with = str(request.env.http_x_requested_with).lower()
                request.ajax = x_req_with == 'xmlhttprequest'
                request.cid = request.env.http_web2py_component_element
                request.is_local = request.env.remote_addr in local_hosts
                request.is_https = request.env.wsgi_url_scheme \
                    in ['https', 'HTTPS'] or request.env.https == 'on'

                # ##################################################
                # compute a request.uuid to be used for tickets and toolbar
                # ##################################################

                response.uuid = request.compute_uuid()

                # ##################################################
                # access the requested application
                # ##################################################

                if not os.path.exists(request.folder):
                    if request.application == \
                            rewrite.thread.routes.default_application \
                            and request.application != 'welcome':
                        request.application = 'welcome'
                        redirect(Url(r=request))
                    elif rewrite.thread.routes.error_handler:
                        _handler = rewrite.thread.routes.error_handler
                        redirect(Url(_handler['application'],
                                     _handler['controller'],
                                     _handler['function'],
                                     args=request.application))
                    else:
                        raise HTTP(404, rewrite.thread.routes.error_message \
                                       % 'invalid request',
                                   web2py_error='invalid application')
                elif not request.is_local and \
                        os.path.exists(os.path.join(request.folder,'DISABLED')):
                    raise HTTP(200, "<html><body><h1>Down for maintenance</h1></body></html>")
                request.url = Url(r=request, args=request.args,
                                       extension=request.raw_extension)

                # ##################################################
                # build missing folders
                # ##################################################

                create_missing_app_folders(request)

                # ##################################################
                # get the GET and POST data
                # ##################################################

                parse_get_post_vars(request, environ)

                # ##################################################
                # expose wsgi hooks for convenience
                # ##################################################

                request.wsgi.environ = environ_aux(environ,request)
                request.wsgi.start_response = \
                    lambda status='200', headers=[], \
                    exec_info=None, response=response: \
                    start_response_aux(status, headers, exec_info, response)
                request.wsgi.middleware = \
                    lambda *a: middleware_aux(request,response,*a)

                # ##################################################
                # load cookies
                # ##################################################

                if request.env.http_cookie:
                    try:
                        request.cookies.load(request.env.http_cookie)
                    except Cookie.CookieError, e:
                        pass # invalid cookies

                # ##################################################
                # try load session or create new session file
                # ##################################################

                session.connect(request, response)

                # ##################################################
                # set no-cache headers
                # ##################################################

                response.headers['Content-Type'] = \
                    contenttype('.'+request.extension)
                response.headers['Cache-Control'] = \
                    'no-store, no-cache, must-revalidate, post-check=0, pre-check=0'
                response.headers['Expires'] = \
                    time.strftime('%a, %d %b %Y %H:%M:%S GMT', time.gmtime())
                response.headers['Pragma'] = 'no-cache'

                # ##################################################
                # run controller
                # ##################################################

                serve_controller(request, response, session)

            except HTTP, http_response:
                if static_file:
                    return http_response.to(responder)

                if request.body:
                    request.body.close()

                # ##################################################
                # on success, try store session in database
                # ##################################################
                session._try_store_in_db(request, response)

                # ##################################################
                # on success, commit database
                # ##################################################

                if response.do_not_commit is True:
                    BaseAdapter.close_all_instances(None)
                elif response._custom_commit:
                    response._custom_commit()
                else:
                    BaseAdapter.close_all_instances('commit')

                # ##################################################
                # if session not in db try store session on filesystem
                # this must be done after trying to commit database!
                # ##################################################

                session._try_store_on_disk(request, response)

                # ##################################################
                # store cookies in headers
                # ##################################################

                if request.cid:

                    if response.flash and not 'web2py-component-flash' in http_response.headers:
                        http_response.headers['web2py-component-flash'] = \
                            str(response.flash).replace('\n','')
                    if response.js and not 'web2py-component-command' in http_response.headers:
                        http_response.headers['web2py-component-command'] = \
                            response.js.replace('\n','')
                if session._forget and \
                        response.session_id_name in response.cookies:
                    del response.cookies[response.session_id_name]
                elif session._secure:
                    response.cookies[response.session_id_name]['secure'] = True
                if len(response.cookies)>0:
                    http_response.headers['Set-Cookie'] = \
                        [str(cookie)[11:] for cookie in response.cookies.values()]
                ticket=None

            except RestrictedError, e:

                if request.body:
                    request.body.close()

                # ##################################################
                # on application error, rollback database
                # ##################################################

                ticket = e.log(request) or 'unknown'
                if response._custom_rollback:
                    response._custom_rollback()
                else:
                    BaseAdapter.close_all_instances('rollback')

                http_response = \
                    HTTP(500, rewrite.thread.routes.error_message_ticket % \
                             dict(ticket=ticket),
                         web2py_error='ticket %s' % ticket)
Пример #20
0
 def decorator(request, *args, **kwargs):
     auth = protection.CookieAuthenticator()
     if not auth.valid_auth(request['headers']):
         return http.redirect('%slogin/' % core.MANAGER_URL)
     return func(request, *args, **kwargs)
Пример #21
0
def wsgibase(environ, responder):
    """
    this is the gluon wsgi application. the first function called when a page
    is requested (static or dynamic). it can be called by paste.httpserver
    or by apache mod_wsgi.

      - fills request with info
      - the environment variables, replacing '.' with '_'
      - adds web2py path and version info
      - compensates for fcgi missing path_info and query_string
      - validates the path in url

    The url path must be either:

    1. for static pages:

      - /<application>/static/<file>

    2. for dynamic pages:

      - /<application>[/<controller>[/<function>[/<sub>]]][.<extension>]
      - (sub may go several levels deep, currently 3 levels are supported:
         sub1/sub2/sub3)

    The naming conventions are:

      - application, controller, function and extension may only contain
        [a-zA-Z0-9_]
      - file and sub may also contain '-', '=', '.' and '/'
    """

    current.__dict__.clear()
    request = Request()
    response = Response()
    session = Session()
    env = request.env
    env.web2py_path = global_settings.applications_parent
    env.web2py_version = web2py_version
    env.update(global_settings)
    static_file = False
    try:
        try:
            try:
                # ##################################################
                # handle fcgi missing path_info and query_string
                # select rewrite parameters
                # rewrite incoming URL
                # parse rewritten header variables
                # parse rewritten URL
                # serve file if static
                # ##################################################

                fixup_missing_path_info(environ)
                (static_file, version, environ) = url_in(request, environ)
                response.status = env.web2py_status_code or response.status

                if static_file:
                    if environ.get('QUERY_STRING', '').startswith(
                            'attachment'):
                        response.headers['Content-Disposition'] \
                            = 'attachment'
                    if version:
                        response.headers['Cache-Control'] = 'max-age=315360000'
                        response.headers[
                            'Expires'] = 'Thu, 31 Dec 2037 23:59:59 GMT'
                    response.stream(static_file, request=request)

                # ##################################################
                # fill in request items
                # ##################################################
                app = request.application  # must go after url_in!

                if not global_settings.local_hosts:
                    local_hosts = set(['127.0.0.1', '::ffff:127.0.0.1', '::1'])
                    if not global_settings.web2py_runtime_gae:
                        try:
                            fqdn = socket.getfqdn()
                            local_hosts.add(socket.gethostname())
                            local_hosts.add(fqdn)
                            local_hosts.update([
                                ip[4][0] for ip in socket.getaddrinfo(
                                    fqdn, 0)])
                            if env.server_name:
                                local_hosts.add(env.server_name)
                                local_hosts.update([
                                    ip[4][0] for ip in socket.getaddrinfo(
                                        env.server_name, 0)])
                        except (socket.gaierror, TypeError):
                            pass
                    global_settings.local_hosts = list(local_hosts)
                else:
                    local_hosts = global_settings.local_hosts
                client = get_client(env)
                x_req_with = str(env.http_x_requested_with).lower()

                request.update(
                    client = client,
                    folder = abspath('applications', app) + os.sep,
                    ajax = x_req_with == 'xmlhttprequest',
                    cid = env.http_web2py_component_element,
                    is_local = env.remote_addr in local_hosts,
                    is_https = env.wsgi_url_scheme in HTTPS_SCHEMES or \
                        request.env.http_x_forwarded_proto in HTTPS_SCHEMES \
                        or env.https == 'on')
                request.compute_uuid()  # requires client
                request.url = environ['PATH_INFO']

                # ##################################################
                # access the requested application
                # ##################################################

                if not exists(request.folder):
                    if app == rwthread.routes.default_application \
                            and app != 'welcome':
                        redirect(URL('welcome', 'default', 'index'))
                    elif rwthread.routes.error_handler:
                        _handler = rwthread.routes.error_handler
                        redirect(URL(_handler['application'],
                                     _handler['controller'],
                                     _handler['function'],
                                     args=app))
                    else:
                        raise HTTP(404, rwthread.routes.error_message
                                   % 'invalid request',
                                   web2py_error='invalid application')
                elif not request.is_local and \
                        exists(pjoin(request.folder, 'DISABLED')):
                    raise HTTP(503, "<html><body><h1>Temporarily down for maintenance</h1></body></html>")

                # ##################################################
                # build missing folders
                # ##################################################

                create_missing_app_folders(request)

                # ##################################################
                # get the GET and POST data
                # ##################################################

                parse_get_post_vars(request, environ)

                # ##################################################
                # expose wsgi hooks for convenience
                # ##################################################

                request.wsgi.environ = environ_aux(environ, request)
                request.wsgi.start_response = \
                    lambda status='200', headers=[], \
                    exec_info=None, response=response: \
                    start_response_aux(status, headers, exec_info, response)
                request.wsgi.middleware = \
                    lambda *a: middleware_aux(request, response, *a)

                # ##################################################
                # load cookies
                # ##################################################

                if env.http_cookie:
                    try:
                        request.cookies.load(env.http_cookie)
                    except Cookie.CookieError, e:
                        pass  # invalid cookies

                # ##################################################
                # try load session or create new session file
                # ##################################################

                if not env.web2py_disable_session:
                    session.connect(request, response)

                # ##################################################
                # run controller
                # ##################################################

                if global_settings.debugging and app != "admin":
                    import gluon.debug
                    # activate the debugger
                    gluon.debug.dbg.do_debug(mainpyfile=request.folder)

                serve_controller(request, response, session)

            except HTTP, http_response:

                if static_file:
                    return http_response.to(responder, env=env)

                if request.body:
                    request.body.close()

                # ##################################################
                # on success, try store session in database
                # ##################################################
                session._try_store_in_db(request, response)

                # ##################################################
                # on success, commit database
                # ##################################################

                if response.do_not_commit is True:
                    BaseAdapter.close_all_instances(None)
                # elif response._custom_commit:
                #     response._custom_commit()
                elif response.custom_commit:
                    BaseAdapter.close_all_instances(response.custom_commit)
                else:
                    BaseAdapter.close_all_instances('commit')

                # ##################################################
                # if session not in db try store session on filesystem
                # this must be done after trying to commit database!
                # ##################################################

                session._try_store_in_cookie_or_file(request, response)

                if request.cid:
                    if response.flash:
                        http_response.headers['web2py-component-flash'] = urllib2.quote(xmlescape(response.flash).replace('\n', ''))
                    if response.js:
                        http_response.headers['web2py-component-command'] = response.js.replace('\n', '')

                # ##################################################
                # store cookies in headers
                # ##################################################

                rcookies = response.cookies
                if session._forget and response.session_id_name in rcookies:
                    del rcookies[response.session_id_name]
                elif session._secure:
                    rcookies[response.session_id_name]['secure'] = True
                http_response.cookies2headers(rcookies)
                ticket = None

            except RestrictedError, e:

                if request.body:
                    request.body.close()

                # ##################################################
                # on application error, rollback database
                # ##################################################

                ticket = e.log(request) or 'unknown'
                if response._custom_rollback:
                    response._custom_rollback()
                else:
                    BaseAdapter.close_all_instances('rollback')

                http_response = \
                    HTTP(500, rwthread.routes.error_message_ticket %
                         dict(ticket=ticket),
                         web2py_error='ticket %s' % ticket)
Пример #22
0
def wsgibase(environ, responder):
    """
    this is the gluon wsgi application. the first function called when a page
    is requested (static or dynamic). it can be called by paste.httpserver
    or by apache mod_wsgi.

      - fills request with info
      - the environment variables, replacing '.' with '_'
      - adds web2py path and version info
      - compensates for fcgi missing path_info and query_string
      - validates the path in url

    The url path must be either:

    1. for static pages:

      - /<application>/static/<file>

    2. for dynamic pages:

      - /<application>[/<controller>[/<function>[/<sub>]]][.<extension>]
      - (sub may go several levels deep, currently 3 levels are supported:
         sub1/sub2/sub3)

    The naming conventions are:

      - application, controller, function and extension may only contain
        [a-zA-Z0-9_]
      - file and sub may also contain '-', '=', '.' and '/'
    """

    current.__dict__.clear()
    request = Request()
    response = Response()
    session = Session()
    env = request.env
    env.web2py_path = global_settings.applications_parent
    env.web2py_version = web2py_version
    env.update(global_settings)
    static_file = False
    try:
        try:
            try:
                # ##################################################
                # handle fcgi missing path_info and query_string
                # select rewrite parameters
                # rewrite incoming URL
                # parse rewritten header variables
                # parse rewritten URL
                # serve file if static
                # ##################################################

                fixup_missing_path_info(environ)
                (static_file, version, environ) = url_in(request, environ)
                response.status = env.web2py_status_code or response.status

                if static_file:
                    if environ.get('QUERY_STRING',
                                   '').startswith('attachment'):
                        response.headers['Content-Disposition'] \
                            = 'attachment'
                    if version:
                        response.headers['Cache-Control'] = 'max-age=315360000'
                        response.headers[
                            'Expires'] = 'Thu, 31 Dec 2037 23:59:59 GMT'
                    response.stream(static_file, request=request)

                # ##################################################
                # fill in request items
                # ##################################################
                app = request.application  # must go after url_in!

                if not global_settings.local_hosts:
                    local_hosts = set(['127.0.0.1', '::ffff:127.0.0.1', '::1'])
                    if not global_settings.web2py_runtime_gae:
                        try:
                            fqdn = socket.getfqdn()
                            local_hosts.add(socket.gethostname())
                            local_hosts.add(fqdn)
                            local_hosts.update([
                                addrinfo[4][0]
                                for addrinfo in getipaddrinfo(fqdn)
                            ])
                            if env.server_name:
                                local_hosts.add(env.server_name)
                                local_hosts.update([
                                    addrinfo[4][0] for addrinfo in
                                    getipaddrinfo(env.server_name)
                                ])
                        except (socket.gaierror, TypeError):
                            pass
                    global_settings.local_hosts = list(local_hosts)
                else:
                    local_hosts = global_settings.local_hosts
                client = get_client(env)
                x_req_with = str(env.http_x_requested_with).lower()

                request.update(
                    client = client,
                    folder = abspath('applications', app) + os.sep,
                    ajax = x_req_with == 'xmlhttprequest',
                    cid = env.http_web2py_component_element,
                    is_local = env.remote_addr in local_hosts,
                    is_https = env.wsgi_url_scheme in HTTPS_SCHEMES or \
                        request.env.http_x_forwarded_proto in HTTPS_SCHEMES \
                        or env.https == 'on')
                request.compute_uuid()  # requires client
                request.url = environ['PATH_INFO']

                # ##################################################
                # access the requested application
                # ##################################################

                if not exists(request.folder):
                    if app == rwthread.routes.default_application \
                            and app != 'welcome':
                        redirect(URL('welcome', 'default', 'index'))
                    elif rwthread.routes.error_handler:
                        _handler = rwthread.routes.error_handler
                        redirect(
                            URL(_handler['application'],
                                _handler['controller'],
                                _handler['function'],
                                args=app))
                    else:
                        raise HTTP(404,
                                   rwthread.routes.error_message %
                                   'invalid request',
                                   web2py_error='invalid application')
                elif not request.is_local and \
                        exists(pjoin(request.folder, 'DISABLED')):
                    raise HTTP(
                        503,
                        "<html><body><h1>Temporarily down for maintenance</h1></body></html>"
                    )

                # ##################################################
                # build missing folders
                # ##################################################

                create_missing_app_folders(request)

                # ##################################################
                # get the GET and POST data
                # ##################################################

                parse_get_post_vars(request, environ)

                # ##################################################
                # expose wsgi hooks for convenience
                # ##################################################

                request.wsgi.environ = environ_aux(environ, request)
                request.wsgi.start_response = \
                    lambda status='200', headers=[], \
                    exec_info=None, response=response: \
                    start_response_aux(status, headers, exec_info, response)
                request.wsgi.middleware = \
                    lambda *a: middleware_aux(request, response, *a)

                # ##################################################
                # load cookies
                # ##################################################

                if env.http_cookie:
                    try:
                        request.cookies.load(env.http_cookie)
                    except Cookie.CookieError, e:
                        pass  # invalid cookies

                # ##################################################
                # try load session or create new session file
                # ##################################################

                if not env.web2py_disable_session:
                    session.connect(request, response)

                # ##################################################
                # run controller
                # ##################################################

                if global_settings.debugging and app != "admin":
                    import gluon.debug
                    # activate the debugger
                    gluon.debug.dbg.do_debug(mainpyfile=request.folder)

                serve_controller(request, response, session)

            except HTTP, http_response:

                if static_file:
                    return http_response.to(responder, env=env)

                if request.body:
                    request.body.close()

                # ##################################################
                # on success, try store session in database
                # ##################################################
                session._try_store_in_db(request, response)

                # ##################################################
                # on success, commit database
                # ##################################################

                if response.do_not_commit is True:
                    BaseAdapter.close_all_instances(None)
                # elif response._custom_commit:
                #     response._custom_commit()
                elif response.custom_commit:
                    BaseAdapter.close_all_instances(response.custom_commit)
                else:
                    BaseAdapter.close_all_instances('commit')

                # ##################################################
                # if session not in db try store session on filesystem
                # this must be done after trying to commit database!
                # ##################################################

                session._try_store_in_cookie_or_file(request, response)

                if request.cid:
                    if response.flash:
                        http_response.headers['web2py-component-flash'] = \
                            urllib2.quote(xmlescape(response.flash)\
                                              .replace('\n',''))
                    if response.js:
                        http_response.headers['web2py-component-command'] = \
                            urllib2.quote(response.js.replace('\n',''))

                # ##################################################
                # store cookies in headers
                # ##################################################

                rcookies = response.cookies
                if session._forget and response.session_id_name in rcookies:
                    del rcookies[response.session_id_name]
                elif session._secure:
                    rcookies[response.session_id_name]['secure'] = True
                http_response.cookies2headers(rcookies)
                ticket = None

            except RestrictedError, e:

                if request.body:
                    request.body.close()

                # ##################################################
                # on application error, rollback database
                # ##################################################

                ticket = e.log(request) or 'unknown'
                if response._custom_rollback:
                    response._custom_rollback()
                else:
                    BaseAdapter.close_all_instances('rollback')

                http_response = \
                    HTTP(500, rwthread.routes.error_message_ticket %
                         dict(ticket=ticket),
                         web2py_error='ticket %s' % ticket)
Пример #23
0
def wsgibase(environ, responder):
    """
    this is the gluon wsgi application. the first function called when a page
    is requested (static or dynamic). it can be called by paste.httpserver
    or by apache mod_wsgi.

      - fills request with info
      - the environment variables, replacing '.' with '_'
      - adds web2py path and version info
      - compensates for fcgi missing path_info and query_string
      - validates the path in url

    The url path must be either:

    1. for static pages:

      - /<application>/static/<file>

    2. for dynamic pages:

      - /<application>[/<controller>[/<function>[/<sub>]]][.<extension>]
      - (sub may go several levels deep, currently 3 levels are supported:
         sub1/sub2/sub3)

    The naming conventions are:

      - application, controller, function and extension may only contain
        [a-zA-Z0-9_]
      - file and sub may also contain '-', '=', '.' and '/'
    """

    if rewrite.params.routes_in:
        environ = rewrite.filter_in(environ)

    request = Request()
    response = Response()
    session = Session()
    try:
        try:

            # ##################################################
            # parse the environment variables
            # ##################################################

            for (key, value) in environ.items():
                request.env[key.lower().replace('.', '_')] = value
            request.env.web2py_path = web2py_path
            request.env.web2py_version = web2py_version
            request.env.update(settings)

            # ##################################################
            # validate the path in url
            # ##################################################

            if not request.env.path_info and request.env.request_uri:
                # for fcgi, decode path_info and query_string
                items = request.env.request_uri.split('?')
                request.env.path_info = items[0]
                if len(items) > 1:
                    request.env.query_string = items[1]
                else:
                    request.env.query_string = ''
            path = request.env.path_info.replace('\\', '/')
            path = regex_space.sub('_', path)
            match = regex_url.match(path)
            if not match:
                raise HTTP(400,
                           rewrite.params.error_message,
                           web2py_error='invalid path')

            # ##################################################
            # serve if a static file
            # ##################################################

            if match.group('c') == 'static':
                raise HTTP(400, rewrite.params.error_message)
            if match.group('x'):
                static_file = os.path.join(request.env.web2py_path,
                                           'applications', match.group('b'),
                                           'static', match.group('x'))
                if request.env.get('query_string', '')[:10] == 'attachment':
                    response.headers['Content-Disposition'] = 'attachment'
                response.stream(static_file, request=request)

            # ##################################################
            # parse application, controller and function
            # ##################################################

            request.application = match.group('a') or 'init'
            request.controller = match.group('c') or 'default'
            request.function = match.group('f') or 'index'
            raw_extension = match.group('e')
            request.extension = raw_extension or 'html'
            request.args = \
                List((match.group('s') and match.group('s').split('/')) or [])
            request.client = get_client(request.env)
            request.folder = os.path.join(request.env.web2py_path,
                    'applications', request.application) + '/'

            # ##################################################
            # access the requested application
            # ##################################################

            if not os.path.exists(request.folder):
                if request.application=='init':
                    request.application = 'welcome'
                    redirect(URL(r=request))
                elif rewrite.params.error_handler:
                    redirect(URL(rewrite.params.error_handler['application'],
                                 rewrite.params.error_handler['controller'],
                                 rewrite.params.error_handler['function'],
                                 args=request.application))
                else:
                    raise HTTP(400,
                               rewrite.params.error_message,
                               web2py_error='invalid application')
            request.url = URL(r=request,args=request.args,
                                   extension=raw_extension)

            # ##################################################
            # build missing folder
            # ##################################################
            
            if not request.env.web2py_runtime_gae:
                for subfolder in ['models','views','controllers',
                                  'modules','cron','errors','sessions',
                                  'languages','static','private','uploads']:
                    path =  os.path.join(request.folder,subfolder)
                    if not os.path.exists(path):
                        os.mkdir(path)
                        
            # ##################################################
            # get the GET and POST data
            # ##################################################

            parse_get_post_vars(request, environ)

            # ##################################################
            # expose wsgi hooks for convenience
            # ##################################################

            request.wsgi.environ = environ_aux(environ,request)
            request.wsgi.start_response = lambda status='200', headers=[], \
                exec_info=None, response=response: \
                start_response_aux(status, headers, exec_info, response)
            request.wsgi.middleware = lambda *a: middleware_aux(request,response,*a)

            # ##################################################
            # load cookies
            # ##################################################

            if request.env.http_cookie:
                try:
                    request.cookies.load(request.env.http_cookie)
                except Cookie.CookieError, e:
                    pass # invalid cookies

            # ##################################################
            # try load session or create new session file
            # ##################################################

            session.connect(request, response)

            # ##################################################
            # set no-cache headers
            # ##################################################

            response.headers['Content-Type'] = contenttype('.'+request.extension)
            response.headers['Cache-Control'] = \
                'no-store, no-cache, must-revalidate, post-check=0, pre-check=0'
            response.headers['Expires'] = \
                time.strftime('%a, %d %b %Y %H:%M:%S GMT', time.gmtime())
            response.headers['Pragma'] = 'no-cache'

            # ##################################################
            # run controller
            # ##################################################

            serve_controller(request, response, session)

        except HTTP, http_response:

            if request.body:
                request.body.close()

            # ##################################################
            # on success, try store session in database
            # ##################################################
            session._try_store_in_db(request, response)

            # ##################################################
            # on success, commit database
            # ##################################################

            if response._custom_commit:
                response._custom_commit()
            else:
                BaseAdapter.close_all_instances(BaseAdapter.commit)

            # ##################################################
            # if session not in db try store session on filesystem
            # this must be done after trying to commit database!
            # ##################################################

            session._try_store_on_disk(request, response)

            # ##################################################
            # store cookies in headers
            # ##################################################

            if session._secure:
                response.cookies[response.session_id_name]['secure'] = \
                    True
            http_response.headers['Set-Cookie'] = [str(cookie)[11:]
                    for cookie in response.cookies.values()]
            ticket=None
Пример #24
0
def wsgibase(environ, responder):
    """
    this is the gluon wsgi application. the furst function called when a page
    is requested (static or dynamical). it can be called by paste.httpserver
    or by apache mod_wsgi.
    """

    request = Request()
    response = Response()
    session = Session()
    try:
        try:
            session_file = None
            session_new = False

            # ##################################################
            # parse the environment variables - DONE
            # ##################################################

            for (key, value) in environ.items():
                request.env[key.lower().replace('.', '_')] = value
            request.env.web2py_path = web2py_path
            request.env.web2py_version = web2py_version

            # ##################################################
            # valudate the path in url
            # ##################################################

            if not request.env.path_info and request.env.request_uri:

                # for fcgi, decode path_info and query_string

                items = request.env.request_uri.split('?')
                request.env.path_info = items[0]
                if len(items) > 1:
                    request.env.query_string = items[1]
                else:
                    request.env.query_string = ''
            path = request.env.path_info[1:].replace('\\', '/')
            path = regex_space.sub('_', path)
            if not regex_url.match(path):
                raise HTTP(400, error_message,
                           web2py_error='invalid path')
            items = path.split('/')

            # ##################################################
            # serve if a static file
            # ##################################################

            if len(items) > 1 and items[1] == 'static':
                if len(items) < 3 or not items[2]:
                    raise HTTP(400, error_message)
                static_file = os.path.join(request.env.web2py_path,
                        'applications', items[0], 'static',
                        '/'.join(items[2:]))
                response.stream(static_file, request=request)

            # ##################################################
            # parse application, controller and function
            # ##################################################

            if len(items) and items[-1] == '':
                del items[-1]
            if len(items) == 0:
                items = ['init']
            if len(items) == 1:
                items.append('default')
            if len(items) == 2:
                items.append('index')
            if len(items) > 3:
                (items, request.args) = (items[:3], items[3:])
            if request.args == None:
                request.args = []
            request.application = items[0]
            request.controller = items[1]
            request.function = items[2]
            request.client = get_client(request.env)
            request.folder = os.path.join(request.env.web2py_path,
                    'applications', request.application) + '/'

            # ##################################################
            # access the requested application
            # ##################################################

            if not os.path.exists(request.folder):
                if items == ['init', 'default', 'index']:
                    items[0] = 'welcome'
                    redirect(html.URL(*items))
                raise HTTP(400, error_message,
                           web2py_error='invalid application')

            # ##################################################
            # get the GET and POST data -DONE
            # ##################################################

            request.body = tempfile.TemporaryFile()
            if request.env.content_length:
                copystream(request.env.wsgi_input, request.body,
                           int(request.env.content_length))

            # ## parse GET vars, even if POST

            dget = cgi.parse_qsl(request.env.query_string,
                                 keep_blank_values=1)
            for (key, value) in dget:
                if request.vars.has_key(key):
                    if isinstance(request.vars[key], list):
                        request.vars[key].append(value)
                    else:
                        request.vars[key] = [request.vars[key], value]
                else:
                    request.vars[key] = value
                request.get_vars[key] = request.vars[key]

            # ## parse POST vars if any

            if request.env.request_method in ['POST', 'BOTH']:
                dpost = cgi.FieldStorage(fp=request.body,
                        environ=environ, keep_blank_values=1)
                request.body.seek(0)
                try:
                    keys = dpost.keys()
                except TypeError:
                    keys = []
                for key in keys:
                    dpk = dpost[key]
                    if isinstance(dpk, list):
                        value = [x.value for x in dpk]
                    elif not dpk.filename:
                        value = dpk.value
                    else:
                        value = dpk
                    request.post_vars[key] = request.vars[key] = value

            # ##################################################
            # load cookies
            # ##################################################

            request.cookies = Cookie.SimpleCookie()
            response.cookies = Cookie.SimpleCookie()
            if request.env.http_cookie:
                request.cookies.load(request.env.http_cookie)

            # ##################################################
            # try load session or create new session file
            # ##################################################

            session.connect(request, response)

            # ##################################################
            # set no-cache headers
            # ##################################################

            response.headers['Cache-Control'] = \
                'no-store, no-cache, must-revalidate, post-check=0, pre-check=0'
            response.headers['Expires'] = \
                time.strftime('%a, %d %b %Y %H:%M:%S GMT',
                              time.gmtime())
            response.headers['Pragma'] = 'no-cache'

            # ##################################################
            # run controller
            # ##################################################

            if not items[1] == 'static':
                serve_controller(request, response, session)
        except HTTP, http_response:

            # ##################################################
            # on sucess, try store session in database
            # ##################################################

            session._try_store_in_db(request, response)

            # ##################################################
            # on sucess, committ database
            # ##################################################

            if response._custom_commit:
                response._custom_commit()
            else:
                SQLDB.close_all_instances(SQLDB.commit)

            # ##################################################
            # if session not in db try store session on filesystem
            # ##################################################

            session._try_store_on_disk(request, response)

            # ##################################################
            # store cookies in headers
            # ##################################################

            if session._secure:
                response.cookies[response.session_id_name]['secure'] = \
                    True
            http_response.headers['Set-Cookie'] = [str(cookie)[11:]
                    for cookie in response.cookies.values()]

            # ##################################################
            # whatever happens return the intended HTTP response
            # ##################################################

            session._unlock(response)
            return http_response.to(responder)
        except RestrictedError, e:

            # ##################################################
            # on application error, rollback database
            # ##################################################

            if response._custom_rollback:
                response._custom_rollback()
            else:
                SQLDB.close_all_instances(SQLDB.rollback)
            try:
                ticket = e.log(request)
            except:
                ticket = 'unknown'
                logging.error(e.traceback)
            session._unlock(response)
            http_error_status = check_error_route(500, items[0])
            return HTTP(http_error_status, error_message_ticket
                         % dict(ticket=ticket), web2py_error='ticket %s'
                         % ticket).to(responder)
Пример #25
0
def manager_catalog_add_data(request, item=None):
    variables = request['variables']
    catalog = core.CatalogManager()
    columns = catalog.item_fields()
    if not columns:
        catalog.done()
        return http.redirect('%scatalog/' % core.MANAGER_URL)

    properties = []

    r_names = (
        'id', 'category', 'images', 'active', 'created_on', 'updated_on'
    )

    for column in columns:
        name = column[1]
        column_type = column[2]

        if name in r_names:
            continue

        if column_type.lower() == 'integer':
            try:
                properties.append((name, int(request.POST.get(name, 0))))
            except:
                properties.append((name, 0))
        else:
            value = variables.get(name, '').replace('\n', '<br />')
            properties.append((name, value))

    category = variables.get('category', None)
    if category:
        try:
            category = int(category)
        except:
            category = None

    if category == 0:
        category = None

    images = variables.get('images', None)
    if images:
        images = json.loads(images)
    else:
        images = {}
        images['main'] = ''
        images['extra'] = []

    # security checks
    image_names = {}
    path = files.get_original_path(images['main'])
    if os.path.isfile(path):
        image_names['main'] = os.path.basename(path)
    extra_images = []
    for i in images['extra']:
        path = files.get_original_path(i)
        if os.path.isfile(path):
            extra_images.append(os.path.basename(path))

    image_names['extra'] = extra_images
    properties.append(('images', json.dumps(image_names)))
    properties.append(('category', category))
    properties.append(('active', 1))
    properties.append(('created_on', None))
    properties.append(('updated_on', None))

    if item:
        pk = item[0][1]
        if not catalog.edit_item(pk, properties):
            catalog.done()
            return manager_catalog_add(request, added=False)

        item = catalog.get_item(pk)
        catalog.done()

        CACHE.clear()

        return manager_catalog_add(request, added=False, item=item)

    last_id = catalog.add_item(properties)
    if not last_id:
        catalog.done()
        return manager_catalog_add(request, added=False)

    item = catalog.get_item(last_id)
    catalog.done()

    CACHE.clear()

    return manager_catalog_add(request, added=True, item=item)
Пример #26
0
def parse_url(request, environ):
    "parse and rewrite the incoming URL"

    # ##################################################
    # validate the path in url
    # ##################################################

    if not request.env.path_info and request.env.request_uri:
        # for fcgi, decode path_info and query_string
        items = request.env.request_uri.split('?')
        request.env.path_info = items[0]
        if len(items) > 1:
            request.env.query_string = items[1]
        else:
            request.env.query_string = ''
    path = request.env.path_info.replace('\\', '/')

    # ##################################################
    # serve if a static file
    # ##################################################

    match = regex_static.match(regex_space.sub('_', path))
    if match and match.group('x'):
        static_file = os.path.join(request.env.web2py_path,
                                   'applications', match.group('b'),
                                   'static', match.group('x'))
        return static_file

    # ##################################################
    # parse application, controller and function
    # ##################################################

    path = re.sub('%20', ' ', path)
    match = regex_url.match(path)
    if not match or match.group('c') == 'static':
        raise HTTP(400,
                   rewrite.params.error_message,
                   web2py_error='invalid path')

    request.application = \
        regex_space.sub('_', match.group('a') or rewrite.params.default_application)
    request.controller = \
        regex_space.sub('_', match.group('c') or rewrite.params.default_controller)
    request.function = \
        regex_space.sub('_', match.group('f') or rewrite.params.default_function)
    group_e = match.group('e')
    raw_extension = group_e and regex_space.sub('_',group_e) or None
    request.extension = raw_extension or 'html'
    request.raw_args = match.group('r')
    request.args = List([])
    if request.application in rewrite.params.routes_apps_raw:
        # application is responsible for parsing args
        request.args = None
    elif request.raw_args:
        match = regex_args.match(request.raw_args.replace(' ','_'))
        if match:
            group_s = match.group('s')
            request.args = \
                List((group_s and group_s.split('/')) or [])
        else:
            raise HTTP(400,
                       rewrite.params.error_message,
                       web2py_error='invalid path')
    request.client = get_client(request.env)
    request.folder = os.path.join(request.env.web2py_path,
            'applications', request.application) + '/'
    request.ajax = str(request.env.http_x_requested_with).lower() == 'xmlhttprequest'
    request.cid = request.env.http_web2py_component_element

    # ##################################################
    # access the requested application
    # ##################################################

    if not os.path.exists(request.folder):
        if request.application == rewrite.params.default_application:
            request.application = 'welcome'
            redirect(URL(r=request))
        elif rewrite.params.error_handler:
            redirect(URL(rewrite.params.error_handler['application'],
                         rewrite.params.error_handler['controller'],
                         rewrite.params.error_handler['function'],
                         args=request.application))
        else:
            raise HTTP(400,
                       rewrite.params.error_message,
                       web2py_error='invalid application')
    request.url = URL(r=request,args=request.args,
                           extension=raw_extension)
    return None
Пример #27
0
def wsgibase(environ, responder):
    """
    this is the gluon wsgi application. the first function called when a page
    is requested (static or dynamic). it can be called by paste.httpserver
    or by apache mod_wsgi.

      - fills request with info
      - the environment variables, replacing '.' with '_'
      - adds web2py path and version info
      - compensates for fcgi missing path_info and query_string
      - validates the path in url

    The url path must be either:

    1. for static pages:

      - /<application>/static/<file>

    2. for dynamic pages:

      - /<application>[/<controller>[/<function>[/<sub>]]][.<extension>]
      - (sub may go several levels deep, currently 3 levels are supported:
         sub1/sub2/sub3)

    The naming conventions are:

      - application, controller, function and extension may only contain
        [a-zA-Z0-9_]
      - file and sub may also contain '-', '=', '.' and '/'
    """

    if rewrite.params.routes_in:
        environ = rewrite.filter_in(environ)

    request = Request()
    response = Response()
    session = Session()
    try:
        try:

            # ##################################################
            # parse the environment variables
            # ##################################################

            for (key, value) in environ.items():
                request.env[key.lower().replace('.', '_')] = value
            request.env.web2py_path = web2py_path
            request.env.web2py_version = web2py_version
            request.env.update(settings)

            # ##################################################
            # validate the path in url
            # ##################################################

            if not request.env.path_info and request.env.request_uri:
                # for fcgi, decode path_info and query_string
                items = request.env.request_uri.split('?')
                request.env.path_info = items[0]
                if len(items) > 1:
                    request.env.query_string = items[1]
                else:
                    request.env.query_string = ''
            path = request.env.path_info.replace('\\', '/')

            # ##################################################
            # serve if a static file
            # ##################################################

            match = regex_static.match(regex_space.sub('_', path))
            if match and match.group('x'):
                static_file = os.path.join(request.env.web2py_path,
                                           'applications', match.group('b'),
                                           'static', match.group('x'))
                if request.env.get('query_string', '')[:10] == 'attachment':
                    response.headers['Content-Disposition'] = 'attachment'
                response.stream(static_file, request=request)

            # ##################################################
            # parse application, controller and function
            # ##################################################

            path = re.sub('%20', ' ', path)
            match = regex_url.match(path)
            if not match or match.group('c') == 'static':
                raise HTTP(400,
                           rewrite.params.error_message,
                           web2py_error='invalid path')

            request.application = \
                regex_space.sub('_', match.group('a') or 'init')
            request.controller = \
                regex_space.sub('_', match.group('c') or 'default')
            request.function = \
                regex_space.sub('_', match.group('f') or 'index')
            group_e = match.group('e')
            raw_extension = group_e and regex_space.sub('_', group_e) or None
            request.extension = raw_extension or 'html'
            request.raw_args = match.group('r')
            request.args = List([])
            if request.application in rewrite.params.routes_apps_raw:
                # application is responsible for parsing args
                request.args = None
            elif request.raw_args:
                match = regex_args.match(request.raw_args)
                if match:
                    group_s = match.group('s')
                    request.args = \
                        List((group_s and group_s.split('/')) or [])
                else:
                    raise HTTP(400,
                               rewrite.params.error_message,
                               web2py_error='invalid path')
            request.client = get_client(request.env)
            request.folder = os.path.join(request.env.web2py_path,
                                          'applications',
                                          request.application) + '/'

            # ##################################################
            # access the requested application
            # ##################################################

            if not os.path.exists(request.folder):
                if request.application == 'init':
                    request.application = 'welcome'
                    redirect(URL(r=request))
                elif rewrite.params.error_handler:
                    redirect(
                        URL(rewrite.params.error_handler['application'],
                            rewrite.params.error_handler['controller'],
                            rewrite.params.error_handler['function'],
                            args=request.application))
                else:
                    raise HTTP(400,
                               rewrite.params.error_message,
                               web2py_error='invalid application')
            request.url = URL(r=request,
                              args=request.args,
                              extension=raw_extension)

            # ##################################################
            # build missing folder
            # ##################################################

            if not request.env.web2py_runtime_gae:
                for subfolder in [
                        'models', 'views', 'controllers', 'databases',
                        'modules', 'cron', 'errors', 'sessions', 'languages',
                        'static', 'private', 'uploads'
                ]:
                    path = os.path.join(request.folder, subfolder)
                    if not os.path.exists(path):
                        os.mkdir(path)

            # ##################################################
            # get the GET and POST data
            # ##################################################

            parse_get_post_vars(request, environ)

            # ##################################################
            # expose wsgi hooks for convenience
            # ##################################################

            request.wsgi.environ = environ_aux(environ, request)
            request.wsgi.start_response = lambda status='200', headers=[], \
                exec_info=None, response=response: \
                start_response_aux(status, headers, exec_info, response)
            request.wsgi.middleware = lambda *a: middleware_aux(
                request, response, *a)

            # ##################################################
            # load cookies
            # ##################################################

            if request.env.http_cookie:
                try:
                    request.cookies.load(request.env.http_cookie)
                except Cookie.CookieError, e:
                    pass  # invalid cookies

            # ##################################################
            # try load session or create new session file
            # ##################################################

            session.connect(request, response)

            # ##################################################
            # set no-cache headers
            # ##################################################

            response.headers['Content-Type'] = contenttype('.' +
                                                           request.extension)
            response.headers['Cache-Control'] = \
                'no-store, no-cache, must-revalidate, post-check=0, pre-check=0'
            response.headers['Expires'] = \
                time.strftime('%a, %d %b %Y %H:%M:%S GMT', time.gmtime())
            response.headers['Pragma'] = 'no-cache'

            # ##################################################
            # run controller
            # ##################################################

            serve_controller(request, response, session)

        except HTTP, http_response:

            if request.body:
                request.body.close()

            # ##################################################
            # on success, try store session in database
            # ##################################################
            session._try_store_in_db(request, response)

            # ##################################################
            # on success, commit database
            # ##################################################

            if response._custom_commit:
                response._custom_commit()
            else:
                BaseAdapter.close_all_instances(BaseAdapter.commit)

            # ##################################################
            # if session not in db try store session on filesystem
            # this must be done after trying to commit database!
            # ##################################################

            session._try_store_on_disk(request, response)

            # ##################################################
            # store cookies in headers
            # ##################################################

            if session._forget:
                del response.cookies[response.session_id_name]
            elif session._secure:
                response.cookies[response.session_id_name]['secure'] = True
            if len(response.cookies) > 0:
                http_response.headers['Set-Cookie'] = \
                    [str(cookie)[11:] for cookie in response.cookies.values()]
            ticket = None
Пример #28
0
def wsgibase(environ, responder):
    """
    this is the gluon wsgi application. the first function called when a page
    is requested (static or dynamic). it can be called by paste.httpserver
    or by apache mod_wsgi.

      - fills request with info
      - the environment variables, replacing '.' with '_'
      - adds web2py path and version info
      - compensates for fcgi missing path_info and query_string
      - validates the path in url

    The url path must be either:

    1. for static pages:

      - /<application>/static/<file>

    2. for dynamic pages:

      - /<application>[/<controller>[/<function>[/<sub>]]][.<extension>]
      - (sub may go several levels deep, currently 3 levels are supported:
         sub1/sub2/sub3)

    The naming conventions are:

      - application, controller, function and extension may only contain
        [a-zA-Z0-9_]
      - file and sub may also contain '-', '=', '.' and '/'
    """

    current.__dict__.clear()
    request = Request()
    response = Response()
    session = Session()
    env = request.env
    env.web2py_path = global_settings.applications_parent
    env.web2py_version = web2py_version
    env.update(global_settings)
    static_file = False
    try:
        try:
            try:
                # ##################################################
                # handle fcgi missing path_info and query_string
                # select rewrite parameters
                # rewrite incoming URL
                # parse rewritten header variables
                # parse rewritten URL
                # serve file if static
                # ##################################################

                fixup_missing_path_info(environ)
                (static_file, environ) = url_in(request, environ)
                response.status = env.web2py_status_code or response.status

                if static_file:
                    if environ.get("QUERY_STRING", "").startswith("attachment"):
                        response.headers["Content-Disposition"] = "attachment"
                    response.stream(static_file, request=request)

                # ##################################################
                # fill in request items
                # ##################################################
                app = request.application  ## must go after url_in!

                http_host = env.http_host.split(":", 1)[0]
                local_hosts = [http_host, "::1", "127.0.0.1", "::ffff:127.0.0.1"]
                if not global_settings.web2py_runtime_gae:
                    local_hosts.append(socket.gethostname())
                    try:
                        local_hosts.append(socket.gethostbyname(http_host))
                    except socket.gaierror:
                        pass
                client = get_client(env)
                x_req_with = str(env.http_x_requested_with).lower()

                request.update(
                    client=client,
                    folder=abspath("applications", app) + os.sep,
                    ajax=x_req_with == "xmlhttprequest",
                    cid=env.http_web2py_component_element,
                    is_local=env.remote_addr in local_hosts,
                    is_https=env.wsgi_url_scheme in ["https", "HTTPS"] or env.https == "on",
                )
                request.uuid = request.compute_uuid()  # requires client
                request.url = environ["PATH_INFO"]

                # ##################################################
                # access the requested application
                # ##################################################

                if not exists(request.folder):
                    if app == rwthread.routes.default_application and app != "welcome":
                        redirect(URL("welcome", "default", "index"))
                    elif rwthread.routes.error_handler:
                        _handler = rwthread.routes.error_handler
                        redirect(URL(_handler["application"], _handler["controller"], _handler["function"], args=app))
                    else:
                        raise HTTP(
                            404, rwthread.routes.error_message % "invalid request", web2py_error="invalid application"
                        )
                elif not request.is_local and exists(pjoin(request.folder, "DISABLED")):
                    raise HTTP(503, "<html><body><h1>Temporarily down for maintenance</h1></body></html>")

                # ##################################################
                # build missing folders
                # ##################################################

                create_missing_app_folders(request)

                # ##################################################
                # get the GET and POST data
                # ##################################################

                parse_get_post_vars(request, environ)

                # ##################################################
                # expose wsgi hooks for convenience
                # ##################################################

                request.wsgi.environ = environ_aux(environ, request)
                request.wsgi.start_response = lambda status="200", headers=[], exec_info=None, response=response: start_response_aux(
                    status, headers, exec_info, response
                )
                request.wsgi.middleware = lambda *a: middleware_aux(request, response, *a)

                # ##################################################
                # load cookies
                # ##################################################

                if env.http_cookie:
                    try:
                        request.cookies.load(env.http_cookie)
                    except Cookie.CookieError, e:
                        pass  # invalid cookies

                # ##################################################
                # try load session or create new session file
                # ##################################################

                if not env.web2py_disable_session:
                    session.connect(request, response)

                # ##################################################
                # run controller
                # ##################################################

                if global_settings.debugging and app != "admin":
                    import gluon.debug

                    # activate the debugger
                    gluon.debug.dbg.do_debug(mainpyfile=request.folder)

                serve_controller(request, response, session)

            except HTTP, http_response:

                if static_file:
                    return http_response.to(responder, env=env)

                if request.body:
                    request.body.close()

                # ##################################################
                # on success, try store session in database
                # ##################################################
                session._try_store_in_db(request, response)

                # ##################################################
                # on success, commit database
                # ##################################################

                if response.do_not_commit is True:
                    BaseAdapter.close_all_instances(None)
                # elif response._custom_commit:
                #     response._custom_commit()
                elif response.custom_commit:
                    BaseAdapter.close_all_instances(response.custom_commit)
                else:
                    BaseAdapter.close_all_instances("commit")

                # ##################################################
                # if session not in db try store session on filesystem
                # this must be done after trying to commit database!
                # ##################################################

                session._try_store_on_disk(request, response)

                if request.cid:
                    if response.flash:
                        http_response.headers["web2py-component-flash"] = urllib2.quote(
                            xmlescape(response.flash).replace("\n", "")
                        )
                    if response.js:
                        http_response.headers["web2py-component-command"] = response.js.replace("\n", "")

                # ##################################################
                # store cookies in headers
                # ##################################################

                rcookies = response.cookies
                if session._forget and response.session_id_name in rcookies:
                    del rcookies[response.session_id_name]
                elif session._secure:
                    rcookies[response.session_id_name]["secure"] = True
                http_response.cookies2headers(rcookies)
                ticket = None

            except RestrictedError, e:

                if request.body:
                    request.body.close()

                # ##################################################
                # on application error, rollback database
                # ##################################################

                ticket = e.log(request) or "unknown"
                if response._custom_rollback:
                    response._custom_rollback()
                else:
                    BaseAdapter.close_all_instances("rollback")

                http_response = HTTP(
                    500, rwthread.routes.error_message_ticket % dict(ticket=ticket), web2py_error="ticket %s" % ticket
                )
Пример #29
0
def wsgibase(environ, responder):
    """
    this is the gluon wsgi application. the furst function called when a page
    is requested (static or dynamical). it can be called by paste.httpserver
    or by apache mod_wsgi.
    """

    request = Request()
    response = Response()
    session = Session()
    try:
        try:
            session_file = None
            session_new = False

            # ##################################################
            # parse the environment variables - DONE
            # ##################################################

            for (key, value) in environ.items():
                request.env[key.lower().replace('.', '_')] = value
            request.env.web2py_path = web2py_path
            request.env.web2py_version = web2py_version

            # ##################################################
            # valudate the path in url
            # ##################################################

            if not request.env.path_info and request.env.request_uri:

                # for fcgi, decode path_info and query_string

                items = request.env.request_uri.split('?')
                request.env.path_info = items[0]
                if len(items) > 1:
                    request.env.query_string = items[1]
                else:
                    request.env.query_string = ''
            path = request.env.path_info[1:].replace('\\', '/')
            path = regex_space.sub('_', path)
            if not regex_url.match(path):
                raise HTTP(400, error_message, web2py_error='invalid path')
            items = path.split('/')

            # ##################################################
            # serve if a static file
            # ##################################################

            if len(items) > 1 and items[1] == 'static':
                if len(items) < 3 or not items[2]:
                    raise HTTP(400, error_message)
                static_file = os.path.join(request.env.web2py_path,
                                           'applications', items[0], 'static',
                                           '/'.join(items[2:]))
                response.stream(static_file, request=request)

            # ##################################################
            # parse application, controller and function
            # ##################################################

            if len(items) and items[-1] == '':
                del items[-1]
            if len(items) == 0:
                items = ['init']
            if len(items) == 1:
                items.append('default')
            if len(items) == 2:
                items.append('index')
            if len(items) > 3:
                (items, request.args) = (items[:3], items[3:])
            if request.args == None:
                request.args = []
            request.application = items[0]
            request.controller = items[1]
            request.function = items[2]
            request.client = get_client(request.env)
            request.folder = os.path.join(request.env.web2py_path,
                                          'applications',
                                          request.application) + '/'

            # ##################################################
            # access the requested application
            # ##################################################

            if not os.path.exists(request.folder):
                if items == ['init', 'default', 'index']:
                    items[0] = 'welcome'
                    redirect(html.URL(*items))
                raise HTTP(400,
                           error_message,
                           web2py_error='invalid application')

            # ##################################################
            # get the GET and POST data -DONE
            # ##################################################

            request.body = tempfile.TemporaryFile()
            if request.env.content_length:
                copystream(request.env.wsgi_input, request.body,
                           int(request.env.content_length))

            # ## parse GET vars, even if POST

            dget = cgi.parse_qsl(request.env.query_string, keep_blank_values=1)
            for (key, value) in dget:
                if request.vars.has_key(key):
                    if isinstance(request.vars[key], list):
                        request.vars[key].append(value)
                    else:
                        request.vars[key] = [request.vars[key], value]
                else:
                    request.vars[key] = value
                request.get_vars[key] = request.vars[key]

            # ## parse POST vars if any

            if request.env.request_method in ['POST', 'BOTH']:
                dpost = cgi.FieldStorage(fp=request.body,
                                         environ=environ,
                                         keep_blank_values=1)
                request.body.seek(0)
                try:
                    keys = dpost.keys()
                except TypeError:
                    keys = []
                for key in keys:
                    dpk = dpost[key]
                    if isinstance(dpk, list):
                        value = [x.value for x in dpk]
                    elif not dpk.filename:
                        value = dpk.value
                    else:
                        value = dpk
                    request.post_vars[key] = request.vars[key] = value

            # ##################################################
            # load cookies
            # ##################################################

            request.cookies = Cookie.SimpleCookie()
            response.cookies = Cookie.SimpleCookie()
            if request.env.http_cookie:
                request.cookies.load(request.env.http_cookie)

            # ##################################################
            # try load session or create new session file
            # ##################################################

            session.connect(request, response)

            # ##################################################
            # set no-cache headers
            # ##################################################

            response.headers['Cache-Control'] = \
                'no-store, no-cache, must-revalidate, post-check=0, pre-check=0'
            response.headers['Expires'] = \
                time.strftime('%a, %d %b %Y %H:%M:%S GMT',
                              time.gmtime())
            response.headers['Pragma'] = 'no-cache'

            # ##################################################
            # run controller
            # ##################################################

            if not items[1] == 'static':
                serve_controller(request, response, session)
        except HTTP, http_response:

            # ##################################################
            # on sucess, try store session in database
            # ##################################################

            session._try_store_in_db(request, response)

            # ##################################################
            # on sucess, committ database
            # ##################################################

            if response._custom_commit:
                response._custom_commit()
            else:
                SQLDB.close_all_instances(SQLDB.commit)

            # ##################################################
            # if session not in db try store session on filesystem
            # ##################################################

            session._try_store_on_disk(request, response)

            # ##################################################
            # store cookies in headers
            # ##################################################

            if session._secure:
                response.cookies[response.session_id_name]['secure'] = \
                    True
            http_response.headers['Set-Cookie'] = [
                str(cookie)[11:] for cookie in response.cookies.values()
            ]

            # ##################################################
            # whatever happens return the intended HTTP response
            # ##################################################

            session._unlock(response)
            return http_response.to(responder)
        except RestrictedError, e:

            # ##################################################
            # on application error, rollback database
            # ##################################################

            if response._custom_rollback:
                response._custom_rollback()
            else:
                SQLDB.close_all_instances(SQLDB.rollback)
            try:
                ticket = e.log(request)
            except:
                ticket = 'unknown'
                logging.error(e.traceback)
            session._unlock(response)
            http_error_status = check_error_route(500, items[0])
            return HTTP(http_error_status,
                        error_message_ticket % dict(ticket=ticket),
                        web2py_error='ticket %s' % ticket).to(responder)
Пример #30
0
def parse_url(request, environ):
    "parse and rewrite the incoming URL"

    # ##################################################
    # validate the path in url
    # ##################################################

    if not request.env.path_info and request.env.request_uri:
        # for fcgi, decode path_info and query_string
        items = request.env.request_uri.split("?")
        request.env.path_info = items[0]
        if len(items) > 1:
            request.env.query_string = items[1]
        else:
            request.env.query_string = ""
    path = request.env.path_info.replace("\\", "/")

    # ##################################################
    # serve if a static file
    # ##################################################

    match = regex_static.match(regex_space.sub("_", path))
    if match and match.group("x"):
        static_file = os.path.join(
            request.env.web2py_path, "applications", match.group("b"), "static", match.group("x")
        )
        return static_file

    # ##################################################
    # parse application, controller and function
    # ##################################################

    path = re.sub("%20", " ", path)
    match = regex_url.match(path)
    if not match or match.group("c") == "static":
        raise HTTP(400, rewrite.params.error_message, web2py_error="invalid path")

    request.application = regex_space.sub("_", match.group("a") or "init")
    request.controller = regex_space.sub("_", match.group("c") or "default")
    request.function = regex_space.sub("_", match.group("f") or "index")
    group_e = match.group("e")
    raw_extension = group_e and regex_space.sub("_", group_e) or None
    request.extension = raw_extension or "html"
    request.raw_args = match.group("r")
    request.args = List([])
    if request.application in rewrite.params.routes_apps_raw:
        # application is responsible for parsing args
        request.args = None
    elif request.raw_args:
        match = regex_args.match(request.raw_args.replace(" ", "_"))
        if match:
            group_s = match.group("s")
            request.args = List((group_s and group_s.split("/")) or [])
        else:
            raise HTTP(400, rewrite.params.error_message, web2py_error="invalid path")
    request.client = get_client(request.env)
    request.folder = os.path.join(request.env.web2py_path, "applications", request.application) + "/"

    # ##################################################
    # access the requested application
    # ##################################################

    if not os.path.exists(request.folder):
        if request.application == "init":
            request.application = "welcome"
            redirect(URL(r=request))
        elif rewrite.params.error_handler:
            redirect(
                URL(
                    rewrite.params.error_handler["application"],
                    rewrite.params.error_handler["controller"],
                    rewrite.params.error_handler["function"],
                    args=request.application,
                )
            )
        else:
            raise HTTP(400, rewrite.params.error_message, web2py_error="invalid application")
    request.url = URL(r=request, args=request.args, extension=raw_extension)
    return None
Пример #31
0
def wsgibase(environ, responder):
    """
    this is the gluon wsgi application. the first function called when a page
    is requested (static or dynamic). it can be called by paste.httpserver
    or by apache mod_wsgi.

      - fills request with info
      - the environment variables, replacing '.' with '_'
      - adds web2py path and version info
      - compensates for fcgi missing path_info and query_string
      - validates the path in url

    The url path must be either:

    1. for static pages:

      - /<application>/static/<file>

    2. for dynamic pages:

      - /<application>[/<controller>[/<function>[/<sub>]]][.<extension>]
      - (sub may go several levels deep, currently 3 levels are supported:
         sub1/sub2/sub3)

    The naming conventions are:

      - application, controller, function and extension may only contain
        [a-zA-Z0-9_]
      - file and sub may also contain '-', '=', '.' and '/'
    """

    request = Request()
    response = Response()
    session = Session()
    request.env.web2py_path = global_settings.applications_parent
    request.env.web2py_version = web2py_version
    request.env.update(global_settings)
    static_file = False
    try:
        try:
            try:
                # ##################################################
                # handle fcgi missing path_info and query_string
                # select rewrite parameters
                # rewrite incoming URL
                # parse rewritten header variables
                # parse rewritten URL
                # serve file if static
                # ##################################################

                if not environ.get('PATH_INFO',None) and environ.get('REQUEST_URI',None):
                    # for fcgi, get path_info and query_string from request_uri
                    items = environ['REQUEST_URI'].split('?')
                    environ['PATH_INFO'] = items[0]
                    if len(items) > 1:
                        environ['QUERY_STRING'] = items[1]
                    else:
                        environ['QUERY_STRING'] = ''
                (static_file, environ) = rewrite.url_in(request, environ)
                if static_file:
                    if request.env.get('query_string', '')[:10] == 'attachment':
                        response.headers['Content-Disposition'] = 'attachment'
                    response.stream(static_file, request=request)

                # ##################################################
                # fill in request items
                # ##################################################

                request.client = get_client(request.env)
                request.folder = os.path.join(request.env.applications_parent,
                        'applications', request.application) + '/'
                request.ajax = str(request.env.http_x_requested_with).lower() == 'xmlhttprequest'
                request.cid = request.env.http_web2py_component_element

                # ##################################################
                # access the requested application
                # ##################################################

                if not os.path.exists(request.folder):
                    if request.application == rewrite.thread.routes.default_application and request.application != 'welcome':
                        request.application = 'welcome'
                        redirect(Url(r=request))
                    elif rewrite.thread.routes.error_handler:
                        redirect(Url(rewrite.thread.routes.error_handler['application'],
                                     rewrite.thread.routes.error_handler['controller'],
                                     rewrite.thread.routes.error_handler['function'],
                                     args=request.application))
                    else:
                        raise HTTP(404,
                                   rewrite.thread.routes.error_message % 'invalid request',
                                   web2py_error='invalid application')
                request.url = Url(r=request, args=request.args,
                                       extension=request.raw_extension)

                # ##################################################
                # build missing folders
                # ##################################################

                create_missing_app_folders(request)

                # ##################################################
                # get the GET and POST data
                # ##################################################

                parse_get_post_vars(request, environ)

                # ##################################################
                # expose wsgi hooks for convenience
                # ##################################################

                request.wsgi.environ = environ_aux(environ,request)
                request.wsgi.start_response = lambda status='200', headers=[], \
                    exec_info=None, response=response: \
                    start_response_aux(status, headers, exec_info, response)
                request.wsgi.middleware = lambda *a: middleware_aux(request,response,*a)

                # ##################################################
                # load cookies
                # ##################################################

                if request.env.http_cookie:
                    try:
                        request.cookies.load(request.env.http_cookie)
                    except Cookie.CookieError, e:
                        pass # invalid cookies

                # ##################################################
                # try load session or create new session file
                # ##################################################

                session.connect(request, response)

                # ##################################################
                # set no-cache headers
                # ##################################################

                response.headers['Content-Type'] = contenttype('.'+request.extension)
                response.headers['Cache-Control'] = \
                    'no-store, no-cache, must-revalidate, post-check=0, pre-check=0'
                response.headers['Expires'] = \
                    time.strftime('%a, %d %b %Y %H:%M:%S GMT', time.gmtime())
                response.headers['Pragma'] = 'no-cache'

                # ##################################################
                # run controller
                # ##################################################

                serve_controller(request, response, session)

            except HTTP, http_response:
                if static_file:
                    return http_response.to(responder)

                if request.body:
                    request.body.close()

                # ##################################################
                # on success, try store session in database
                # ##################################################
                session._try_store_in_db(request, response)

                # ##################################################
                # on success, commit database
                # ##################################################

                if response._custom_commit:
                    response._custom_commit()
                else:
                    BaseAdapter.close_all_instances('commit')

                # ##################################################
                # if session not in db try store session on filesystem
                # this must be done after trying to commit database!
                # ##################################################

                session._try_store_on_disk(request, response)

                # ##################################################
                # store cookies in headers
                # ##################################################

                if request.cid:
                    if response.flash and not 'web2py-component-flash' in http_response.headers:
                        http_response.headers['web2py-component-flash'] = \
                            str(response.flash).replace('\n','')
                    if response.js and not 'web2py-component-command' in http_response.headers:
                        http_response.headers['web2py-component-command'] = \
                            str(response.js).replace('\n','')
                if session._forget:
                    del response.cookies[response.session_id_name]
                elif session._secure:
                    response.cookies[response.session_id_name]['secure'] = True
                if len(response.cookies)>0:
                    http_response.headers['Set-Cookie'] = \
                        [str(cookie)[11:] for cookie in response.cookies.values()]
                ticket=None

            except RestrictedError, e:

                if request.body:
                    request.body.close()

                # ##################################################
                # on application error, rollback database
                # ##################################################

                ticket = e.log(request) or 'unknown'
                if response._custom_rollback:
                    response._custom_rollback()
                else:
                    BaseAdapter.close_all_instances('rollback')

                http_response = \
                    HTTP(500,
                         rewrite.thread.routes.error_message_ticket % dict(ticket=ticket),
                         web2py_error='ticket %s' % ticket)
Пример #32
0
def wsgibase(environ, responder):
    """
    this is the gluon wsgi application. the first function called when a page
    is requested (static or dynamic). it can be called by paste.httpserver
    or by apache mod_wsgi.

      - fills request with info
      - the environment variables, replacing '.' with '_'
      - adds web2py path and version info
      - compensates for fcgi missing path_info and query_string
      - validates the path in url

    The url path must be either:

    1. for static pages:

      - /<application>/static/<file>

    2. for dynamic pages:

      - /<application>[/<controller>[/<function>[/<sub>]]][.<extension>]
      - (sub may go several levels deep, currently 3 levels are supported:
         sub1/sub2/sub3)

    The naming conventions are:

      - application, controller, function and extension may only contain
        [a-zA-Z0-9_]
      - file and sub may also contain '-', '=', '.' and '/'
    """

    current.__dict__.clear()
    request = Request()
    response = Response()
    session = Session()
    request.env.web2py_path = global_settings.applications_parent
    request.env.web2py_version = web2py_version
    request.env.update(global_settings)
    static_file = False
    try:
        try:
            try:
                # ##################################################
                # handle fcgi missing path_info and query_string
                # select rewrite parameters
                # rewrite incoming URL
                # parse rewritten header variables
                # parse rewritten URL
                # serve file if static
                # ##################################################

                if not environ.get('PATH_INFO',None) and \
                        environ.get('REQUEST_URI',None):
                    # for fcgi, get path_info and query_string from request_uri
                    items = environ['REQUEST_URI'].split('?')
                    environ['PATH_INFO'] = items[0]
                    if len(items) > 1:
                        environ['QUERY_STRING'] = items[1]
                    else:
                        environ['QUERY_STRING'] = ''
                if not environ.get('HTTP_HOST',None):
                    environ['HTTP_HOST'] = '%s:%s' % (environ.get('SERVER_NAME'),
                                                      environ.get('SERVER_PORT'))

                (static_file, environ) = rewrite.url_in(request, environ)
                if static_file:
                    if environ.get('QUERY_STRING', '')[:10] == 'attachment':
                        response.headers['Content-Disposition'] = 'attachment'
                    response.stream(static_file, request=request)

                # ##################################################
                # fill in request items
                # ##################################################

                http_host = request.env.http_host.split(':',1)[0]

                local_hosts = [http_host,'::1','127.0.0.1','::ffff:127.0.0.1']
                if not global_settings.web2py_runtime_gae:
                    local_hosts.append(socket.gethostname())
                    try: local_hosts.append(socket.gethostbyname(http_host))
                    except socket.gaierror: pass
                request.client = get_client(request.env)
                if not is_valid_ip_address(request.client):
                    raise HTTP(400,"Bad Request (request.client=%s)" % \
                                   request.client)
                request.folder = abspath('applications',
                                         request.application) + os.sep
                x_req_with = str(request.env.http_x_requested_with).lower()
                request.ajax = x_req_with == 'xmlhttprequest'
                request.cid = request.env.http_web2py_component_element
                request.is_local = request.env.remote_addr in local_hosts
                request.is_https = request.env.wsgi_url_scheme \
                    in ['https', 'HTTPS'] or request.env.https == 'on'

                # ##################################################
                # compute a request.uuid to be used for tickets and toolbar
                # ##################################################

                response.uuid = request.compute_uuid()

                # ##################################################
                # access the requested application
                # ##################################################

                if not os.path.exists(request.folder):
                    if request.application == \
                            rewrite.thread.routes.default_application \
                            and request.application != 'welcome':
                        request.application = 'welcome'
                        redirect(Url(r=request))
                    elif rewrite.thread.routes.error_handler:
                        _handler = rewrite.thread.routes.error_handler
                        redirect(Url(_handler['application'],
                                     _handler['controller'],
                                     _handler['function'],
                                     args=request.application))
                    else:
                        raise HTTP(404, rewrite.thread.routes.error_message \
                                       % 'invalid request',
                                   web2py_error='invalid application')
                elif not request.is_local and \
                        os.path.exists(os.path.join(request.folder,'DISABLED')):
                    raise HTTP(503, "<html><body><h1>Temporarily down for maintenance</h1></body></html>")
                request.url = Url(r=request, args=request.args,
                                       extension=request.raw_extension)

                # ##################################################
                # build missing folders
                # ##################################################

                create_missing_app_folders(request)

                # ##################################################
                # get the GET and POST data
                # ##################################################

                parse_get_post_vars(request, environ)

                # ##################################################
                # expose wsgi hooks for convenience
                # ##################################################

                request.wsgi.environ = environ_aux(environ,request)
                request.wsgi.start_response = \
                    lambda status='200', headers=[], \
                    exec_info=None, response=response: \
                    start_response_aux(status, headers, exec_info, response)
                request.wsgi.middleware = \
                    lambda *a: middleware_aux(request,response,*a)

                # ##################################################
                # load cookies
                # ##################################################

                if request.env.http_cookie:
                    try:
                        request.cookies.load(request.env.http_cookie)
                    except Cookie.CookieError, e:
                        pass # invalid cookies

                # ##################################################
                # try load session or create new session file
                # ##################################################

                session.connect(request, response)

                # ##################################################
                # set no-cache headers
                # ##################################################

                response.headers['Content-Type'] = \
                    contenttype('.'+request.extension)
                response.headers['Cache-Control'] = \
                    'no-store, no-cache, must-revalidate, post-check=0, pre-check=0'
                response.headers['Expires'] = \
                    time.strftime('%a, %d %b %Y %H:%M:%S GMT', time.gmtime())
                response.headers['Pragma'] = 'no-cache'

                # ##################################################
                # run controller
                # ##################################################

                if global_settings.debugging and request.application != "admin":
                    import gluon.debug
                    # activate the debugger and wait to reach application code
                    gluon.debug.dbg.do_debug(mainpyfile=request.folder)

                serve_controller(request, response, session)

            except HTTP, http_response:
                if static_file:
                    return http_response.to(responder)

                if request.body:
                    request.body.close()

                # ##################################################
                # on success, try store session in database
                # ##################################################
                session._try_store_in_db(request, response)

                # ##################################################
                # on success, commit database
                # ##################################################

                if response.do_not_commit is True:
                    BaseAdapter.close_all_instances(None)
                # elif response._custom_commit:
                #     response._custom_commit()
                elif response.custom_commit:
                    BaseAdapter.close_all_instances(response.custom_commit)
                else:
                    BaseAdapter.close_all_instances('commit')

                # ##################################################
                # if session not in db try store session on filesystem
                # this must be done after trying to commit database!
                # ##################################################

                session._try_store_on_disk(request, response)

                # ##################################################
                # store cookies in headers
                # ##################################################

                if request.cid:
                    if response.flash and not 'web2py-component-flash' \
                            in http_response.headers:
                        http_response.headers['web2py-component-flash'] = \
                            urllib2.quote(xmlescape(response.flash)\
                                              .replace('\n',''))
                    if response.js and not 'web2py-component-command' \
                            in http_response.headers:
                        http_response.headers['web2py-component-command'] = \
                            response.js.replace('\n','')
                if session._forget and \
                        response.session_id_name in response.cookies:
                    del response.cookies[response.session_id_name]
                elif session._secure:
                    response.cookies[response.session_id_name]['secure'] = True

                http_response.cookies2headers(response.cookies)
                ticket=None

            except RestrictedError, e:

                if request.body:
                    request.body.close()

                # ##################################################
                # on application error, rollback database
                # ##################################################

                ticket = e.log(request) or 'unknown'
                if response._custom_rollback:
                    response._custom_rollback()
                else:
                    BaseAdapter.close_all_instances('rollback')

                http_response = \
                    HTTP(500, rewrite.thread.routes.error_message_ticket % \
                             dict(ticket=ticket),
                         web2py_error='ticket %s' % ticket)
Пример #33
0
def manager_catalog_add(request, added=False, item=None, cat=None, edit=None):
    template = 'manager/templates/catalog_add.tpl'

    catalog = core.CatalogManager()
    columns = catalog.item_fields()
    if not columns:
        catalog.done()
        return http.redirect('%scatalog/' % core.MANAGER_URL)

    properties = []
    categories = []

    try:
        cat = int(cat)
    except:
        cat = 0

    categories = catalog.category_list()
    catalog.done()

    r_names = (
        'id', 'category', 'images', 'active', 'created_on', 'updated_on'
    )

    radio_no = '<input type="radio" id="radio_no" name="%s" value="0" %s>'
    radio_yes = '<input type="radio" id="radio_yes" name="%s" value="1" %s>'
    line = '<input type="text" class="form-text" maxlength="75" name="%s" value="%s" />'
    text = '<textarea name="%s">%s</textarea>'

    for column in columns:
        pk = column[0]
        name = column[1]

        if name in r_names:
            continue

        if column[2] == 'integer':
            container = []
            if item and item[pk][1] == 1:
                container.append(radio_yes % (name, 'checked'))
                container.append(radio_no % (name, ''))
            else:
                container.append(radio_yes % (name, ''))
                container.append(radio_no % (name, 'checked'))

        if column[2] == 'varchar(75)':
            if item:
                container = line % (name, item[pk][1])
            else:
                container = line % (name, '')

        if column[2] == 'text':
            if item:
                container = text % (name, item[pk][1].replace('<br />', '\n'))
            else:
                container = text % (name, '')

        properties.append((name, container))

    context = {
        'properties': properties,
        'category': cat,
        'categories': categories,
        'added': added,
        'edit':edit,
        'item': item
    }

    return http.html_page(template, context, request)
Пример #34
0
def static_pages_redirect(request):
    return http.redirect('%spages/' % core.MANAGER_URL)
Пример #35
0
def wsgibase(environ, responder):
    """
    this is the gluon wsgi application. the first function called when a page
    is requested (static or dynamic). it can be called by paste.httpserver
    or by apache mod_wsgi.

      - fills request with info
      - the environment variables, replacing '.' with '_'
      - adds web2py path and version info
      - compensates for fcgi missing path_info and query_string
      - validates the path in url

    The url path must be either:

    1. for static pages:

      - /<application>/static/<file>

    2. for dynamic pages:

      - /<application>[/<controller>[/<function>[/<sub>]]][.<extension>]
      - (sub may go several levels deep, currently 3 levels are supported:
         sub1/sub2/sub3)

    The naming conventions are:

      - application, controller, function and extension may only contain
        [a-zA-Z0-9_]
      - file and sub may also contain '-', '=', '.' and '/'
    """

    current.__dict__.clear()
    request = Request()
    response = Response()
    session = Session()
    request.env.web2py_path = global_settings.applications_parent
    request.env.web2py_version = web2py_version
    request.env.update(global_settings)
    static_file = False
    try:
        try:
            try:
                # ##################################################
                # handle fcgi missing path_info and query_string
                # select rewrite parameters
                # rewrite incoming URL
                # parse rewritten header variables
                # parse rewritten URL
                # serve file if static
                # ##################################################

                if not environ.get("PATH_INFO", None) and environ.get("REQUEST_URI", None):
                    # for fcgi, get path_info and query_string from request_uri
                    items = environ["REQUEST_URI"].split("?")
                    environ["PATH_INFO"] = items[0]
                    if len(items) > 1:
                        environ["QUERY_STRING"] = items[1]
                    else:
                        environ["QUERY_STRING"] = ""
                if not environ.get("HTTP_HOST", None):
                    environ["HTTP_HOST"] = "%s:%s" % (environ.get("SERVER_NAME"), environ.get("SERVER_PORT"))

                (static_file, environ) = rewrite.url_in(request, environ)
                if static_file:
                    if request.env.get("query_string", "")[:10] == "attachment":
                        response.headers["Content-Disposition"] = "attachment"
                    response.stream(static_file, request=request)

                # ##################################################
                # fill in request items
                # ##################################################

                http_host = request.env.http_host.split(":", 1)[0]

                local_hosts = [http_host, "::1", "127.0.0.1", "::ffff:127.0.0.1"]
                if not global_settings.web2py_runtime_gae:
                    local_hosts += [socket.gethostname(), socket.gethostbyname(http_host)]
                request.client = get_client(request.env)
                request.folder = abspath("applications", request.application) + os.sep
                x_req_with = str(request.env.http_x_requested_with).lower()
                request.ajax = x_req_with == "xmlhttprequest"
                request.cid = request.env.http_web2py_component_element
                request.is_local = request.env.remote_addr in local_hosts
                request.is_https = request.env.wsgi_url_scheme in ["https", "HTTPS"] or request.env.https == "on"

                # ##################################################
                # compute a request.uuid to be used for tickets and toolbar
                # ##################################################

                response.uuid = request.compute_uuid()

                # ##################################################
                # access the requested application
                # ##################################################

                if not os.path.exists(request.folder):
                    if (
                        request.application == rewrite.thread.routes.default_application
                        and request.application != "welcome"
                    ):
                        request.application = "welcome"
                        redirect(Url(r=request))
                    elif rewrite.thread.routes.error_handler:
                        redirect(
                            Url(
                                rewrite.thread.routes.error_handler["application"],
                                rewrite.thread.routes.error_handler["controller"],
                                rewrite.thread.routes.error_handler["function"],
                                args=request.application,
                            )
                        )
                    else:
                        raise HTTP(
                            404,
                            rewrite.thread.routes.error_message % "invalid request",
                            web2py_error="invalid application",
                        )
                request.url = Url(r=request, args=request.args, extension=request.raw_extension)

                # ##################################################
                # build missing folders
                # ##################################################

                create_missing_app_folders(request)

                # ##################################################
                # get the GET and POST data
                # ##################################################

                parse_get_post_vars(request, environ)

                # ##################################################
                # expose wsgi hooks for convenience
                # ##################################################

                request.wsgi.environ = environ_aux(environ, request)
                request.wsgi.start_response = lambda status="200", headers=[], exec_info=None, response=response: start_response_aux(
                    status, headers, exec_info, response
                )
                request.wsgi.middleware = lambda *a: middleware_aux(request, response, *a)

                # ##################################################
                # load cookies
                # ##################################################

                if request.env.http_cookie:
                    try:
                        request.cookies.load(request.env.http_cookie)
                    except Cookie.CookieError, e:
                        pass  # invalid cookies

                # ##################################################
                # try load session or create new session file
                # ##################################################

                session.connect(request, response)

                # ##################################################
                # set no-cache headers
                # ##################################################

                response.headers["Content-Type"] = contenttype("." + request.extension)
                response.headers["Cache-Control"] = "no-store, no-cache, must-revalidate, post-check=0, pre-check=0"
                response.headers["Expires"] = time.strftime("%a, %d %b %Y %H:%M:%S GMT", time.gmtime())
                response.headers["Pragma"] = "no-cache"

                # ##################################################
                # run controller
                # ##################################################

                serve_controller(request, response, session)

            except HTTP, http_response:
                if static_file:
                    return http_response.to(responder)

                if request.body:
                    request.body.close()

                # ##################################################
                # on success, try store session in database
                # ##################################################
                session._try_store_in_db(request, response)

                # ##################################################
                # on success, commit database
                # ##################################################

                if response._custom_commit:
                    response._custom_commit()
                else:
                    BaseAdapter.close_all_instances("commit")

                # ##################################################
                # if session not in db try store session on filesystem
                # this must be done after trying to commit database!
                # ##################################################

                session._try_store_on_disk(request, response)

                # ##################################################
                # store cookies in headers
                # ##################################################

                if request.cid:

                    if response.flash and not "web2py-component-flash" in http_response.headers:
                        http_response.headers["web2py-component-flash"] = dumps(str(response.flash).replace("\n", ""))
                    if response.js and not "web2py-component-command" in http_response.headers:
                        http_response.headers["web2py-component-command"] = response.js.replace("\n", "")
                if session._forget:
                    del response.cookies[response.session_id_name]
                elif session._secure:
                    response.cookies[response.session_id_name]["secure"] = True
                if len(response.cookies) > 0:
                    http_response.headers["Set-Cookie"] = [str(cookie)[11:] for cookie in response.cookies.values()]
                ticket = None

            except RestrictedError, e:

                if request.body:
                    request.body.close()

                # ##################################################
                # on application error, rollback database
                # ##################################################

                ticket = e.log(request) or "unknown"
                if response._custom_rollback:
                    response._custom_rollback()
                else:
                    BaseAdapter.close_all_instances("rollback")

                http_response = HTTP(
                    500,
                    rewrite.thread.routes.error_message_ticket % dict(ticket=ticket),
                    web2py_error="ticket %s" % ticket,
                )