Пример #1
0
def url_to_jailpaths(config, urlpath):
    """Given a URL path (part of a URL query string), returns a tuple of
        * the username of the student whose directory is being browsed
        * the absolute path where the jail will be located.
        * the path of the file relative to the jail.

    urlpath: See urlpath in url_to_local.

    >>> stubconfig = {'paths': {'jails': {'mounts': '/jails'}}}

    >>> url_to_jailpaths(stubconfig, "joe/mydir//myfile/.././myfile")
    ('joe', '/jails/joe', '/home/joe/mydir/myfile')
    >>> url_to_jailpaths(stubconfig, "")
    (None, None, None)
    >>> url_to_jailpaths(stubconfig, "../foo")
    (None, None, None)
    >>> url_to_jailpaths(stubconfig, "/foo")
    (None, None, None)
    """
    # First normalise the path
    urlpath = os.path.normpath(urlpath)
    # Now if it begins with "..", or is absolute, then it's illegal
    if urlpath.startswith("..") or os.path.isabs(urlpath):
        return (None, None, None)
    # Note: User can be a group name. There is absolutely no difference in our
    # current directory scheme.
    (user, subpath) = util.split_path(urlpath)
    if user is None: return (None, None, None)

    jail = os.path.join(config['paths']['jails']['mounts'], user)
    path = to_home_path(urlpath)

    return (user, jail, path)
Пример #2
0
def url_to_local(config, urlpath):
    """Given a URL path (part of a URL query string, see below), returns a
    tuple of
        * the username of the student whose directory is being browsed
        * the absolute path in the file system where that file will be
            found within the student directories.

    urlpath: Part of the URL, but only the part *after* the application. For
    instance, given the URL "/ivle/browse/joe/mydir/myfile", urlpath will
    be just "joe/mydir/myfile". The expected result is something like
    ("joe", "/home/informatics/jails/joe/home/joe/mydir/myfile").
    Note that the actual location is not guaranteed by this interface (this
    function serves as a single point of control as to how URLs map onto
    student directories).

    Returns (None, None) if the path is empty.

    >>> stubconfig = {'paths': {'jails': {'mounts': '/jails'}}}

    >>> url_to_local(stubconfig, 'joe/foo/bar/baz')
    ('joe', '/jails/joe/home/joe/foo/bar/baz')
    >>> url_to_local(stubconfig, 'joe')
    ('joe', '/jails/joe/home/joe')
    >>> url_to_local(stubconfig, 'joe/')
    ('joe', '/jails/joe/home/joe')

    We have some protection from various potential attacks. An empty,
    absolute, or ..-prefixed path yields a special result.

    >>> url_to_local(stubconfig, '')
    (None, None)
    >>> url_to_local(stubconfig, '/foo')
    (None, None)
    >>> url_to_local(stubconfig, '../bar')
    (None, None)
    """

    # First normalise the path
    urlpath = os.path.normpath(urlpath)
    # Now if it begins with ".." or separator, then it's illegal
    if urlpath.startswith("..") or urlpath.startswith(os.sep):
        return (None, None)
    # Note: User can be a group name. There is absolutely no difference in our
    # current directory scheme.
    (user, subpath) = util.split_path(urlpath)
    if user is None: return (None, None)

    # Join the user onto 'home' then the full path specified.
    # This results in the user's name being repeated twice, which is in
    # accordance with our directory scheme.
    # (The first time is the name of the jail, the second is the user's home
    # directory within the jail).
    path = os.path.join(config['paths']['jails']['mounts'],
                        user, 'home', urlpath)

    return (user, path)
Пример #3
0
def authorize(req, user):
    """Given a request, checks whether req.user is allowed to
    access req.path. Returns None on authorization success. Raises
    HTTP_FORBIDDEN on failure.

    This is for general authorization (assuming not in public mode; this is
    the standard auth code for fileservice, download and serve).
    """
    # TODO: Groups
    # First normalise the path
    urlpath = os.path.normpath(req.path)
    # Now if it begins with ".." or separator, then it's illegal
    if urlpath.startswith("..") or urlpath.startswith(os.sep):
        return False

    (owner, _) = util.split_path(urlpath)
    if user.login != owner:
        return False
    return True