def email(http_request): """ Ask user for email address, then send verification message. """ ip = http_request.META['REMOTE_ADDR'] nonces_per_day = Nonce.objects.filter(ip=ip, email__isnull=False, created__gt=datetime.now() - timedelta(hours=24)).count() if nonces_per_day >= 3: return error_page(http_request, _("too many verification emails"), _("There were too many email requests from your IP in the last 24 hours."), _("Please try again later.")) form = EmailForm(http_request.POST or None) if not form.is_valid(): form_title = _("email verification") form_action = '/accounts/email/' form_submit = _("send email") form_javascript = "document.getElementById('id_email').focus()" return render_to_response('form.html', locals(), context_instance=RequestContext(http_request)) address = form.cleaned_data['email'] user = None users = User.objects.filter(email=address) if len(users): user = users[0] hashkey = crypto.random_md5() Nonce.objects.create(email=address, hashkey=hashkey, ip=ip) domain = Site.objects.get_current().domain message = email_message(domain, hashkey, user) try: send_mail("Browsershots email verification", message, settings.DEFAULT_FROM_EMAIL, [address], fail_silently=False) except smtplib.SMTPException, e: return error_page(http_request, _("email error"), _("Could not send email."), str(e))
def extend(http_request): """ Extend (or cancel) the expiration timeout of a screenshot request group. """ if not http_request.POST: return error_page(http_request, _("invalid request"), _("You must send a POST request to this page.")) try: request_group_id = int(http_request.POST['request_group_id']) except (KeyError, ValueError): return error_page(http_request, _("invalid request"), _("You must specify a numeric request group ID.")) request_group = get_object_or_404(RequestGroup, pk=request_group_id) if 'cancel' in http_request.POST and http_request.POST['cancel']: if request_group.expire > datetime.now(): request_group.update_fields(expire=datetime.now()) return HttpResponseRedirect(request_group.website.get_absolute_url()) if request_group.expire < datetime.now(): delta = datetime.now() - request_group.expire minutes = min(1, delta.seconds / 60 + delta.days * 24 * 60) return error_page(http_request, _("request group expired"), _("This request group already expired %d minutes ago.") % minutes, '<a href="/?url=%s">%s</a>' % ( urllib.quote(request_group.website.url.encode('utf-8')), _("Request new screenshots?"))) request_group.update_fields(expire=datetime.now() + timedelta(minutes=30)) return HttpResponseRedirect(request_group.website.get_absolute_url())
def details(http_request, id): id = int(id) priority = get_object_or_404(UserPriority, id=id) if http_request.user != priority.user: return error_page(http_request, _("Access Denied"), _("This invoice is for a different user.")) return render_to_response('invoices/details.html', locals(), context_instance=RequestContext(http_request))
def wrapper(http_request, *args, **kwargs): """ Display an error page if the user is already signed in. """ if http_request.user.is_authenticated(): return error_page(http_request, _("You're already signed in"), _("Please log out and then try again.")) return func(http_request, *args, **kwargs)
def user_report(http_request, username): user = get_object_or_404(User, username=username) if user != http_request.user and not http_request.user.is_staff: return error_page(http_request, _("Access denied"), _("Only staff members can see this page.")) request_groups_list = user.requestgroup_set.order_by('-submitted')[:50] preload_foreign_keys(request_groups_list, website=True) return render_to_response('status/user_report.html', locals(), context_instance=RequestContext(http_request))
def activate_browser(http_request, id): """ Activate the specified browser. """ try: browser = get_browser(http_request, id) if browser.active: raise InvalidRequest("This browser is already active.") except InvalidRequest, error: return error_page(http_request, error.title, error.args[0])
def verify(http_request, hashkey): """ Register a new user or set a new password, after successful email verification. """ nonce = get_object_or_404(Nonce, hashkey=hashkey) ip = http_request.META['REMOTE_ADDR'] if nonce.ip != ip: return error_page(http_request, _("Wrong IP address"), _("The verification email was requested from a different IP address.")) if not nonce.email: return error_page(http_request, _("Bad verification code"), _("The verification code has no email address.")) if nonce.created < datetime.now() - timedelta(hours=24): return error_page(http_request, _("Verification code expired"), _("The verification email was requested more than 24 hours ago.")) users = User.objects.filter(email=nonce.email) if len(users): return change_password(http_request, nonce, users[0]) else: return register(http_request, nonce)
def overview(http_request): """ List all screenshot factories. """ factory_table_header = Factory.table_header() factory_list = Factory.objects.select_related().filter( last_poll__gt=last_poll_timeout()).order_by('-uploads_per_day') if not len(factory_list): return error_page(http_request, _("out of service"), _("No active screenshot factories."), _("Please try again later.")) return render_to_response('factories/overview.html', locals(), context_instance=RequestContext(http_request))
def redirect(http_request, factory_name, encrypted_password, request_id): """ Redirect the browser to the requested URL for the screenshot, and save the browser in the database. """ try: factory = get_object_or_404(Factory, name=factory_name) nonces.verify(http_request, factory, encrypted_password) request = get_object_or_404(Request, id=request_id) request.check_factory_lock(factory) user_agent = http_request.META['HTTP_USER_AGENT'] try: browser = Browser.objects.get( factory=factory, user_agent=user_agent, active=True) except Browser.DoesNotExist: raise Fault(404, u"Unknown user agent: %s." % user_agent) # Check that the browser matches the request if (request.browser_group_id is not None and request.browser_group_id != browser.browser_group_id): raise Fault(409, u"Requested browser %s but got %s." % (request.browser_group.name, browser.browser_group.name)) if ((request.major is not None and request.major != browser.major) or (request.minor is not None and request.minor != browser.minor)): raise Fault(409, u"Requested browser version %s.%s but got %s.%s." % (request.major, request.minor, browser.major, browser.minor)) # Update request with browser and redirect timestamp request.update_fields(browser=browser, redirected=datetime.now()) return HttpResponseRedirect(request.request_group.website.url) except Fault, fault: FactoryError.objects.create(factory=factory, code=fault.faultCode, message=fault.faultString) return error_page(http_request, "redirect error", fault.faultString)
def pdf(http_request, id): id = int(id) priority = get_object_or_404(UserPriority, id=id) if (http_request.user != priority.user and not http_request.user.is_superuser): return error_page(http_request, _("Access Denied"), _("This invoice is for a different user.")) response = HttpResponse(mimetype='application/pdf') response['Content-Disposition'] = 'attachment; filename=%d.pdf' % id country = None if priority.country: country = priority.country.upper() assert len(country) == 2 if country == 'US': pagesize = letter else: pagesize = A4 if country == 'DE': payment = Decimal('%.2f' % (float(priority.payment) / 1.19)) tax = Decimal('%.2f' % (float(priority.payment) - float(payment))) subject = u"Rechnung Nummer %d" % priority.id date = u"Datum: %s" % human_date(priority.activated) amounts = [-12, u"Menge", '', 12, u"1", '', '', u"19%", '', ''] prices = [ -12, u"Preis", '', 12, u"%s %.2f" % (priority.currency, payment), '', '', u"%s %.2f" % (priority.currency, tax), '', u"%s %.2f" % (priority.currency, priority.payment)] descriptions = [ -12, u"Beschreibung", '', 12, u"Priority processing für %s" % priority.user.username, u"von %s bis %s" % (human_date(priority.activated), human_date(priority.expire)), '', u"Mehrwertsteuer", '', u"Rechnungsbetrag (Brutto)"] amounts.extend(['', '', u"Vielen Dank für Ihren Auftrag.", '', u"Mit freundlichen Grüßen,", u"Johann C. Rocholl"]) else: subject = u"Invoice Number %d" % id date = u"Date: %s" % human_date(priority.activated) amounts = [-12, u"Qty", '', 12, u"1", ''] prices = [ -12, u"Price", '', 12, u"%s %.2f" % (priority.currency, priority.payment)] descriptions = [ -12, u"Description", '', 12, u"Priority processing for %s" % priority.user.username, u"from %s to %s" % (human_date(priority.activated), human_date(priority.expire))] amounts.extend(['', '', u"For customers outside Germany, this invoice does not include", u"sales tax, value added tax (VAT) or goods and services tax (GST).", u"You may have to pay use tax or reverse charge VAT, according", u"to the tax laws in your country or state.", '', u"Thank you for your business.", '', u"Kind regards,", u"Johann C. Rocholl"]) canvas = reportlab.pdfgen.canvas.Canvas(response, pagesize=pagesize) width, height = pagesize pdf_draw_header(canvas, country) # canvas.drawString(LEFT_COLUMN, 25*cm, u"Customer:") address = get_address(priority.user, [priority]) drawStrings(canvas, LEFT_COLUMN, 23*cm, *address) drawStrings(canvas, LEFT_COLUMN, 17.5*cm, -12, subject) drawStrings(canvas, LEFT_COLUMN, 17*cm, 12, date) drawStrings(canvas, LEFT_COLUMN, TABLE_TOP, *amounts) drawStrings(canvas, MIDDLE_COLUMN, TABLE_TOP, *descriptions) drawStrings(canvas, RIGHT_COLUMN, TABLE_TOP, *prices) pdf_draw_footer(canvas, country) canvas.showPage() canvas.save() return response
def start(http_request): """ Front page with URL input, browser chooser, and options. """ if (http_request.user.is_anonymous() and hasattr(settings, 'ALLOW_ANONYMOUS_REQUESTS') and not settings.ALLOW_ANONYMOUS_REQUESTS): url = '/' if http_request.META['QUERY_STRING']: url += '?' + http_request.META['QUERY_STRING'] return error_page(http_request, _("login required"), _("Anonymous screenshot requests are not allowed."), u'<a href="/accounts/login/?next=%s">%s</a>' % ( urllib.quote(url.encode('utf-8')), _("Please log in with your username and password."))) # Initialize forms. post = http_request.POST or None url_form = UrlForm(post) features_form = FeaturesForm(post) options_form = OptionsForm(post) special_form = SpecialForm(post) # Get available choices from database, with correct translations. active_factories = Factory.objects.filter( last_poll__gte=last_poll_timeout()) active_browsers = Browser.objects.filter( factory__in=active_factories, active=True) if not active_browsers: return error_page(http_request, _("out of service"), _("No active screenshot factories."), _("Please try again later.")) features_form.load_choices(active_browsers) options_form.load_choices(active_factories) # Validate posted data. valid_post = (url_form.is_valid() and options_form.is_valid() and features_form.is_valid() and special_form.is_valid()) # Preload some database entries for browser forms preload_foreign_keys(active_browsers, factory=active_factories, factory__operating_system=True, browser_group=True, engine=True) # Select browsers according to GET request selected_browsers = None if 'browsers' in http_request.GET: selected_browsers = http_request.GET['browsers'].split() # Browser forms for each platform. browser_forms = [] for platform in Platform.objects.all(): browser_form = BrowsersForm(active_browsers, platform, post, selected_browsers) browser_form.platform_name = \ unicode(platform).lower().replace(' ', '-') if browser_form.is_bound: browser_form.full_clean() if browser_form.fields: browser_forms.append(browser_form) valid_post = valid_post and browser_form.is_valid() browser_forms[0].is_first = True browser_forms[-1].is_last = True priority = 0 if valid_post: if (url_form.cleaned_data['shocksite_keywords'] > settings.SHOCKSITE_KEYWORDS_ALLOWED): # Ignore screenshot requests for shock sites. priority = -url_form.cleaned_data['shocksite_keywords'] elif 'shotserver04.priority' in settings.INSTALLED_APPS: # Get priority processing for domain or user. from shotserver04.priority import domain_priority, user_priority priority = max(domain_priority(url_form.cleaned_data['domain']), user_priority(http_request.user)) usage_limited = check_usage_limits( http_request, priority, url_form.cleaned_data['website'], url_form.cleaned_data['domain']) if usage_limited: valid_post = False if not valid_post: # Show HTML form. if 'url' in http_request.GET: url_form.fields['url'].initial = http_request.GET['url'] multi_column(browser_forms) selectors = mark_safe(',\n'.join([ SELECTOR_TEMPLATE % (plus_minus, capfirst(text)) for text, plus_minus in selector_pairs(browser_forms)])) news_list = NewsItem.objects.all()[:10] sponsors_list = Sponsor.objects.filter(front_page=True) show_special_form = http_request.user.is_authenticated() return render_to_response('start/start.html', locals(), context_instance=RequestContext(http_request)) # Create screenshot requests and redirect to website overview. expire = datetime.now() + timedelta(minutes=30) values = { 'website': url_form.cleaned_data['website'], 'ip': http_request.META['REMOTE_ADDR'], 'user': None, } if http_request.user.is_authenticated(): values['user'] = http_request.user values.update(options_form.cleaned_data) values.update(features_form.cleaned_data) values.update(special_form.cleaned_data) match_values = {} for key in values: if values[key] is None: match_values[key + '__isnull'] = True else: match_values[key] = values[key] existing = RequestGroup.objects.filter( expire__gte=datetime.now(), **match_values).order_by('-submitted') if (len(existing) and existing[0].request_set.filter(screenshot__isnull=True).count()): # Previous request group is still pending, reuse it. request_group = existing[0] request_group.update_fields(expire=expire) if priority > request_group.priority: request_group.update_fields(priority=priority) else: request_group = RequestGroup.objects.create( expire=expire, priority=priority, **values) for browser_form in browser_forms: create_platform_requests( request_group, browser_form.platform, browser_form, priority) # Make sure that the redirect will show the new request group transaction.commit() # return render_to_response('debug.html', locals(), # context_instance=RequestContext(http_request)) return HttpResponseRedirect(values['website'].get_absolute_url())