def myproxy_info(self, certificate):
myproxy_srv = get_settings()['myproxy']
myproxy_dn = get_settings()['myproxy-dn']
c = client.MyProxyClient(hostname=myproxy_srv, serverDN=myproxy_dn)
passphrase = ''
dn = certificate.get_dn()
username = dn.split(',')[-1:][0].strip().split('=',1)[1].replace(' ','_')
respCode, errorTxt, field = c.info(username, certificate, certificate.get_key()._key, lambda *a: passphrase)
if field:
# XXX dirty hack to support nameless creds
if not field.has_key('CRED_NAME'): field['CRED_NAME'] = ''
creds = [{'CRED_START_TIME':field['CRED_START_TIME'],
'CRED_END_TIME': field['CRED_END_TIME'],
'CRED_OWNER': field['CRED_OWNER'],
'CRED_NAME': field['CRED_NAME'],
'CRED_RETRIEVER': field['CRED_RETRIEVER'],}]
if field.has_key('ADDL_CREDS'):
for cred in field['ADDL_CREDS'].split(','):
creds.append({'CRED_START_TIME':field['CRED_%s_START_TIME' % cred],
'CRED_END_TIME': field['CRED_%s_END_TIME' % cred],
'CRED_NAME': cred,
'CRED_OWNER': field['CRED_%s_OWNER' % cred],
'CRED_RETRIEVER': field['CRED_%s_RETRIEVER' % cred],})
return creds
def myproxy_destroy(self, certificate, credname):
myproxy_srv = get_settings()['myproxy']
myproxy_dn = get_settings()['myproxy-dn']
c = client.MyProxyClient(hostname=myproxy_srv, serverDN=myproxy_dn)
passphrase = ''
dn = certificate.get_dn()
username = dn.split(',')[-1:][0].strip().split('=',1)[1].replace(' ','_')
c.destroy(username, certificate, certificate.get_key()._key, lambda *a: passphrase, credname)
def myproxy_put(self, session, certificate, credname=None, password=None):
myproxy_srv = get_settings()['myproxy']
myproxy_dn = get_settings()['myproxy-dn']
c = client.MyProxyClient(hostname=myproxy_srv, serverDN=myproxy_dn)
size = 12
passphrase = password or ''.join([choice(string.letters + string.digits) for i in range(size)])
dn = certificate.get_dn()
username = dn.split(',')[-1:][0].strip().split('=',1)[1].replace(' ','_')
c.put(username, passphrase, certificate, certificate.get_key()._key, lambda *a: passphrase, retrievers='*', credname=credname)
def response(context, request):
req = request
slcsResp = req.POST["CertificateRequestData"]
session_key = req.POST["SessionKey"]
# Decrpyt session Key with host private key (RSA)
encrypted = unhexlify(session_key)
priv_key = RSA.load_key(get_settings()["host_privkey"])
session_key = priv_key.private_decrypt(encrypted, RSA.pkcs1_padding)
# Decrypt message with session key (AES)
a = AES.new(session_key)
plaintext = a.decrypt(unhexlify(slcsResp))
# remove AES padding
n = ord(plaintext[-1]) # last byte contains number of padding bytes
if n > AES.block_size or n > len(plaintext):
raise Exception("invalid padding")
try:
certificate = slcs_handler(StringIO(plaintext[:-n]))
except SLCSException, e:
# TODO add error handling
pass
def send(self, recipient, subject, body, attachments=[], sender=None):
if not sender:
settings = get_settings()
sender = settings.get('from_mail_address')
if attachments:
msg = email.MIMEMultipart.MIMEMultipart()
msg.attach(email.MIMEText.MIMEText(body.encode('UTF-8'), 'plain', 'UTF-8'))
for name, fd in attachments:
part = email.MIMEBase.MIMEBase('application', "octet-stream")
part.set_payload(fd.read())
Encoders.encode_base64(part)
part.add_header('Content-Disposition',
'attachment; filename="%s"' % name)
msg.attach(part)
else:
msg = email.MIMEText.MIMEText(body.encode('UTF-8'), 'plain', 'UTF-8')
msg["From"] = sender
msg["To"] = recipient.encode('utf-8')
msg["Subject"] = email.Header.Header(subject.encode('UTF-8'), 'UTF-8')
mailer = get_current_registry().getUtility(IMailDelivery)
mailer.send(sender, [recipient.encode('UTF-8')], msg)
def response(context, request):
req = request
slcsResp = req.POST['CertificateRequestData']
session_key = req.POST['SessionKey']
print req.GET
originURL=request.GET['url']
# Decrpyt session Key with host private key (RSA)
encrypted = unhexlify(session_key)
priv_key = RSA.load_key(get_settings()['host_privkey'])
session_key = priv_key.private_decrypt(encrypted, RSA.pkcs1_padding)
# Decrypt message with session key (AES)
a = AES.new(session_key)
plaintext = a.decrypt(unhexlify(slcsResp))
# remove AES padding
n = ord(plaintext[-1]) # last byte contains number of padding bytes
if n > AES.block_size or n > len(plaintext):
raise Exception('invalid padding')
print plaintext
try:
certificate = slcs_handler(StringIO(plaintext[:-n]))
print "cert = " + str(certificate)
except SLCSException, e:
# TODO add error handling
print "Exception: " + str(e)
pass
def __setitem__(self, name, value):
path = get_settings()['mailin_trace_file']
if not os.path.exists(path):
folder, fname = os.path.split(path)
if not os.path.exists(folder):
os.makedirs(folder)
open(path, 'w').close()
os.utime(path, None)
def repo(self):
if get_settings().get('repozitory_db_string') is None:
return None
# Create self._repo on demand.
repo = self._repo
if repo is Uninitialized:
self._repo = repo = Archive(RepozitoryEngineParams())
return repo
def generate_stats(args, instance):
root, closer = args.get_root(instance)
settings = get_settings()
folder = settings.get("statistics_folder")
if folder is None:
return
log.info("Generating stats for %s" % instance)
if not os.path.exists(folder):
os.makedirs(folder)
generate_reports(root, folder)
def locale_negotiator(request):
settings = get_settings()
available_languages = settings.get('available_languages', '').split()
preferred_languages = get_preferred_languages(request)
available_languages = normalize_langs(available_languages)
for lang in preferred_languages:
if lang in available_languages:
return available_languages.get(lang)
# If the user asked for a specific variation, but we don't
# have it available we may serve the most generic one,
# according to the spec (eg: user asks for ('en-us',
# 'de'), but we don't have 'en-us', then 'en' is preferred
# to 'de').
parts = lang.split('-')
if len(parts) > 1 and parts[0] in available_languages:
return available_languages.get(parts[0])
return settings.get('default_locale_name', 'en')
def locale_negotiator(request):
settings = get_settings()
available_languages = settings.get('available_languages', '').split()
preferred_languages = get_preferred_languages(request)
available_languages = normalize_langs(available_languages)
for lang in preferred_languages:
if lang in available_languages:
return available_languages.get(lang)
# If the user asked for a specific variation, but we don't
# have it available we may serve the most generic one,
# according to the spec (eg: user asks for ('en-us',
# 'de'), but we don't have 'en-us', then 'en' is preferred
# to 'de').
parts = lang.split('-')
if len(parts) > 1 and parts[0] in available_languages:
return available_languages.get(parts[0])
return settings.get('default_locale_name', 'en')
def _secure_tile(tile, permission, authn_policy, authz_policy, strict):
"""wraps tile and does security checks.
"""
wrapped_tile = tile
if not authn_policy and not authz_policy:
return tile
def _secured_tile(context, request):
principals = authn_policy.effective_principals(request)
if authz_policy.permits(context, principals, permission):
try:
return tile(context, request)
except Exception, e:
raise
msg = getattr(request, "authdebug_message", "Unauthorized: tile %s failed permission check" % tile)
if strict:
raise Forbidden(msg)
settings = get_settings()
if settings.get("debug_authorization", False):
logger = IDebugLogger()
logger.debug(msg)
return u""
def request(context, request):
originURL = request.GET['url']
request.environ['wsgi.url_scheme'] = 'https'
return HTTPFound(location=get_settings()["slcs_url"] + "/token?service=" + model_url(context, request) + 'response.html?url='+originURL)
def request(context, request):
request.environ["wsgi.url_scheme"] = "https"
return HTTPFound(
location=get_settings()["slcs_url"] + "/token?service=" + model_url(context, request) + "response.html"
)
def password_reset_key(self):
settings = get_settings()
salt = settings.get('pw_reset_salt', '')
k = self.first_name + self.password + self.email + str(self.portrait_id) + salt
return sha.sha(k.encode('utf-8')).hexdigest()
def db_string(self):
return get_settings()['repozitory_db_string']
def password_reset_key(self):
settings = get_settings()
salt = settings.get('pw_reset_salt', '')
k = self.first_name + self.password + self.email + str(
self.portrait_id) + salt
return sha.sha(k.encode('utf-8')).hexdigest()
def __init__(self):
self.settings = get_settings()
self.min_url_len = int(self.settings["min_url_len"])
def home_view(request):
settings = get_settings()
return { 'title' : settings['title'],
'description': settings['description'],
'app_url' : request.application_url,
}
# TODO: change __name__ if Title changes in Page or DublinCore (or not?)
import datetime
from util import canonize
from webob.exc import HTTPFound
from models import Page
from repoze.bfg.url import model_url
from repoze.bfg.settings import get_settings
from deform import Form
from deform import widget
from deform import ValidationFailure
from schemas import DublinCoreSchema, PageSchema
from schemas import LANGUAGES, FORMATS
PROJECT = get_settings()['project']
def pages_view(context, request):
page_urls = [(context[p].dublincore['title'],
model_url(context, request, p))
for p in request.context.keys()]
return {'project': PROJECT,
'page_urls': page_urls,
'page_add_url': model_url(context, request, "@@page_add")
}
def page_view(context, request):
dc_schema = DublinCoreSchema()
dc_form = Form(dc_schema)
dc_form['subject'].widget.category = None # HACK: display sequence label
return {'project': PROJECT,
'page': context,
def path(self):
settings = get_settings()
path = settings.get('upload_directory')
return os.path.join(
path, '%s.%s' % (self.id, self.content_type.split('/')[-1]))
def path(self):
settings = get_settings()
path = settings.get('upload_directory')
return os.path.join(path, '%s.%s' % (self.id, self.content_type.split('/')[-1]))
def request(context, request):
request.environ['wsgi.url_scheme'] = 'https'
return HTTPFound(location=get_settings()["slcs_url"] + '/token?service=' + model_url(context, request) + 'response.html')
import logging
from repoze.bfg.settings import get_settings
from repoze.sendmail.delivery import QueuedMailDelivery
from repoze.sendmail.mailer import SMTPMailer
from repoze.sendmail.queue import QueueProcessor
settings = get_settings()
hostname = settings.get('mail_hostname', 'localhost')
port = settings.get('mail_port', 25)
username = settings.get('mail_username', None)
password = settings.get('mail_password', None)
no_tls = settings.get('mail_no_tls', None)
force_tls = settings.get('mail_force_tls', None)
mailer = SMTPMailer(hostname, port, username, password, no_tls, force_tls)
queue_path = settings.get('mail_queue_path', 'maildir')
queued_mail_delivery = QueuedMailDelivery(queue_path)
log = logging.getLogger('eportfolio')
qp = QueueProcessor(mailer, queue_path)
qp.log = log
def trigger_queued_delivery():
try:
qp.send_messages()
except Exception, e:
log.error(e)
