def get_skin(my): # DEPRECATED: replaced by palettes # TODO: prod setting shouldn't be in prod!!! from pyasm.prod.biz import ProdSetting web = WebContainer.get_web() skin = web.get_form_value("skin") # look at users preferences if not skin: skin = PrefSetting.get_value_by_key("skin") # if skin isn't found in user preference settings then look for it # in the projects/config XML file ... if not skin: skin = Config.get_value("look", "skin") if not skin: skin = "dark" # MMS-TACTIC ... allow for 'MMS' skin to be returned for use in overriding some colors (MMS is a copy of # 'dark' skin) if skin == 'MMS': return 'MMS' return "dark"
def gradient(my, palette_key, modifier=0, range=-20, reverse=False, default=None): if modifier == None: modifier = 0 if range == None: range = -20 from web_container import WebContainer web = WebContainer.get_web() palette = Palette.get() if web.is_IE(): color = my.color(palette_key, (modifier+range)/2, default=default) return color else: if not reverse: color1 = my.color(palette_key, modifier, default=default) color2 = my.color(palette_key, modifier+range, default=default) else: color2 = my.color(palette_key, modifier, default=default) color1 = my.color(palette_key, modifier+range, default=default) if web.get_browser() == 'Mozilla': return "-moz-linear-gradient(top, %s, %s)" % (color1, color2) else: return "-webkit-gradient(linear, 0%% 0%%, 0%% 100%%, from(%s), to(%s))" % (color1, color2)
def get_display(my): web = WebContainer.get_web() # get the request uri request_uri = web.get_env("REQUEST_URI") security = WebContainer.get_security() groups = security.get_groups() # go through each group and find a redirect. Take the first one for group in groups: # find out if the person user has a redirect which confines them # to a particular address redirect = group.get_value("redirect_url") # prevent mistaken infinte loops redirect = redirect.strip() if not redirect: continue if request_uri.find(redirect) == -1: # draw the actual page html = Html() html.writeln('<HEAD>') html.writeln('<META HTTP-EQUIV="Refresh" CONTENT="0; URL=%s"' % redirect) html.writeln('</HEAD>') return html return None
def get_gradient(my, palette_key, modifier=0, range=-20, reverse=False, default=None,angle=180): from palette import Palette from web_container import WebContainer web = WebContainer.get_web() palette = Palette.get() if web.is_IE(): color = palette.color(palette_key, (modifier+range)/2, default=default) return color else: if not reverse: color1 = palette.color(palette_key, modifier, default=default) color2 = palette.color(palette_key, modifier+range, default=default) else: color2 = palette.color(palette_key, modifier, default=default) color1 = palette.color(palette_key, modifier+range, default=default) """ if web.get_browser() == 'Mozilla': gradient = "-moz-linear-gradient(top, %s, %s)" % (color1, color2) else: gradient = "-webkit-gradient(linear, 0%% 0%%, 0%% 100%%, from(%s), to(%s))" % (color1, color2) """ gradient = "linear-gradient(%sdeg, %s, %s)" % (angle, color1, color2) return gradient
def _get_display(my): # set up the security object from pyasm.security import Security, Sudo from pyasm.biz import Project from pyasm.web import WebContainer web = WebContainer.get_web() # guest mode # allow_guest = Config.get_value("security", "allow_guest") if allow_guest == 'true': allow_guest = True else: allow_guest = False site_obj = Site.get() site_allow_guest = site_obj.allow_guest() if site_allow_guest != None: allow_guest = site_allow_guest security = Security() try: security = my.handle_security(security) is_logged_in = security.is_logged_in() except Exception, e: print "AppServer Exception: ", e return my.handle_not_logged_in()
def get_content(my, request_type): web = WebContainer.get_web() # NOTE: is this needed anymore? if request_type in ["upload", "dynamic_file"]: print "DEPRECATED: dynamic file in app_server.py" widget = Widget() page = my.get_page_widget() widget.add(page) return widget # find hash of url my.custom_url = None if my.hash: hash = "/".join(my.hash) hash = "/%s" % hash from tactic.ui.panel import HashPanelWdg my.custom_url = HashPanelWdg.get_url_from_hash(hash) if my.custom_url: content_type = my.custom_url.get_value("content_type", no_exception=True) # TODO: we may want to handle this differently for content types # other that text/html return my.get_application_wdg()
def get_display(self): web = WebContainer.get_web() # get the request uri request_uri = web.get_env("REQUEST_URI") security = WebContainer.get_security() groups = security.get_groups() # go through each group and find a redirect. Take the first one for group in groups: # find out if the person user has a redirect which confines them # to a particular address redirect = group.get_value("redirect_url") # prevent mistaken infinte loops redirect = redirect.strip() if not redirect: continue if request_uri.find(redirect) == -1: # draw the actual page html = Html() html.writeln('<HEAD>') html.writeln('<META HTTP-EQUIV="Refresh" CONTENT="0; URL=%s"' % redirect) html.writeln('</HEAD>') return html return None
def handle_guest_security(self, security): # skip storing current security since it failed Site.set_site("default", store_security=False) try: WebContainer.set_security(security) security.login_as_guest() ticket_key = security.get_ticket_key() web = WebContainer.get_web() web.set_cookie("login_ticket", ticket_key) access_manager = security.get_access_manager() xml = Xml() xml.read_string(''' <rules> <rule column="login" value="{$LOGIN}" search_type="sthpw/login" access="deny" op="!=" group="search_filter"/> </rules> ''') access_manager.add_xml_rules(xml) finally: Site.pop_site(pop_security=False)
def _get_display(my): WebContainer.set_security(FakeSecurity()) page = my.get_page_widget() # create some singletons and store in container cmd_delegator = WebContainer.get_cmd_delegator() # add the event container event_container = WebContainer.get_event_container() from pyasm.widget import TopWdg, BottomWdg top = TopWdg() bottom = BottomWdg() page = my.get_page_widget() web = WebContainer.get_web() from widget import Widget widget = Widget() widget.add(top) widget.add(page) #widget.add( my.get_form_wdg() ) widget.add(bottom) #widget.add(warning_report) widget.add(cmd_delegator) # create a web app and run it through the pipeline from web_app import WebApp web_app = WebApp() return web_app.get_display(widget)
def _get_display(my): WebContainer.set_security(FakeSecurity()) page = my.get_page_widget() # create some singletons and store in container cmd_delegator = WebContainer.get_cmd_delegator() # add the event container event_container = WebContainer.get_event_container() from pyasm.widget import TopWdg, BottomWdg top = TopWdg() bottom = BottomWdg() page = my.get_page_widget() web = WebContainer.get_web() from widget import Widget widget = Widget() widget.add(top) widget.add(page) # widget.add( my.get_form_wdg() ) widget.add(bottom) # widget.add(warning_report) widget.add(cmd_delegator) # create a web app and run it through the pipeline from web_app import WebApp web_app = WebApp() return web_app.get_display(widget)
def set_max_width(my, use_css=False): if use_css: if WebContainer.get_web().is_IE(): my.add_style("width", "95%") else: my.add_style("width", "100%") else: # dynamic resizing doesn't work with css setting with %. my.set_attr("width", "100%")
def handle_security(my, security): # set the seucrity object WebContainer.set_security(security) # see if there is an override web = WebContainer.get_web() ticket_key = web.get_form_value("login_ticket") # attempt to login in with a ticket if not ticket_key: ticket_key = web.get_cookie("login_ticket") # We can define another place to look at ticket values and use # that. ie: Drupal session key session_key = Config.get_value("security", "session_key") login = web.get_form_value("login") password = web.get_form_value("password") if session_key: ticket_key = web.get_cookie(session_key) if ticket_key: security.login_with_session(ticket_key, add_access_rules=False) elif login and password: if login == "guest": pass else: from pyasm.widget import WebLoginCmd login_cmd = WebLoginCmd() login_cmd.execute() ticket_key = security.get_ticket_key() # clear the password web.set_form_value('password','') elif ticket_key: security.login_with_ticket(ticket_key, add_access_rules=False) if not security.is_logged_in(): reset_password = web.get_form_value("reset_password") == 'true' if reset_password: from tactic.ui.widget import ResetPasswordCmd reset_cmd = ResetPasswordCmd(reset=True) try: reset_cmd.execute() except TacticException, e: print "Reset failed. %s" %e.__str__() else: from pyasm.widget import WebLoginCmd login_cmd = WebLoginCmd() login_cmd.execute() ticket_key = security.get_ticket_key()
def handle_not_logged_in(my, allow_change_admin=True): site_obj = Site.get() site_obj.set_site("default") DbResource.clear_cache() from pyasm.widget import WebLoginWdg, BottomWdg from tactic.ui.app import TitleTopWdg from pyasm.biz import Project from tactic.ui.panel import HashPanelWdg web = WebContainer.get_web() widget = Widget() top = TitleTopWdg() widget.add(top) body = top.get_body() body.add_gradient("background", "background", 5, -20) body.add_color("color", "color") reset_request = web.get_form_value('reset_request') =='true' if reset_request: from tactic.ui.widget import ResetPasswordWdg top.add(ResetPasswordWdg()) else: reset_msg = web.get_form_value('reset_msg') if reset_msg: web.set_form_value(WebLoginWdg.LOGIN_MSG, reset_msg) sudo = Sudo() try: # get the project from the url because we are still # in the admin project at this stage current_project = web.get_context_name() try: if current_project != "default": project = Project.get_by_code(current_project) assert project except Exception, e: web_wdg = None else:
def _get_display(my): # set up the security object from pyasm.security import Security, Sudo from pyasm.biz import Project from pyasm.web import WebContainer web = WebContainer.get_web() security = Security() try: security = my.handle_security(security) is_logged_in = security.is_logged_in() except Exception, e: site_obj = Site.get() return my.handle_not_logged_in()
def get_display(my): html = None url = WebContainer.get_web().get_request_url().to_string() # check the url security security = WebContainer.get_security() if not security.check_access("url", url, "view"): html = Html() # should probably just use this widget instead of redirecting redirect = "/tactic/Error403" html.writeln("<script>document.location = '%s'</script>" % redirect) return html
def set_round_corners(my, size=5, corners=[]): browser = WebContainer.get_web().get_browser() if browser == "Mozilla": for corner in corners: if corner in ["TL"]: my.add_style("-moz-border-radius-topleft: %spx" % size) my.add_style("border-top-left-radius: %spx" % size) elif corner in ["TR"]: my.add_style("-moz-border-radius-topright: %spx" % size) my.add_style("border-top-right-radius: %spx" % size) elif corner in ["BL"]: my.add_style("-moz-border-radius-bottomleft: %spx" % size) my.add_style("border-bottom-left-radius: %spx" % size) elif corner in ["BR"]: my.add_style("-moz-border-radius-bottomright: %spx" % size) my.add_style("border-bottom-right-radius: %spx" % size) if not corners: my.add_style("-moz-border-radius: %spx" % size) my.add_style("border-radius: %spx" % size) elif browser in ["Webkit", "Qt"]: for corner in corners: if corner in ["TL"]: my.add_style("border-top-left-radius: %spx" % size) elif corner in ["TR"]: my.add_style("border-top-right-radius: %spx" % size) elif corner in ["BL"]: my.add_style("border-bottom-left-radius: %spx" % size) elif corner in ["BR"]: my.add_style("border-bottom-right-radius: %spx" % size) if not corners: my.add_style("border-radius: %spx" % size) elif browser == "IE": if not corners: corners = ["TL", "TR", "BL", "BR"] for corner in corners: if corner in ["TL"]: my.add_style("border-top-left-radius: %spx" % size) elif corner in ["TR"]: my.add_style("border-top-right-radius: %spx" % size) elif corner in ["BL"]: my.add_style("border-bottom-left-radius: %spx" % size) elif corner in ["BR"]: my.add_style("border-bottom-right-radius: %spx" % size)
def handle_not_logged_in(my, allow_change_admin=True): site_obj = Site.get() site_obj.set_site("default") DbResource.clear_cache() from pyasm.widget import WebLoginWdg, BottomWdg from tactic.ui.app import TitleTopWdg from pyasm.biz import Project from tactic.ui.panel import HashPanelWdg web = WebContainer.get_web() widget = Widget() top = TitleTopWdg() widget.add(top) body = top.get_body() body.add_gradient("background", "background", 5, -20) body.add_color("color", "color") reset_request = web.get_form_value('reset_request') == 'true' if reset_request: from tactic.ui.widget import ResetPasswordWdg top.add(ResetPasswordWdg()) else: reset_msg = web.get_form_value('reset_msg') if reset_msg: web.set_form_value(WebLoginWdg.LOGIN_MSG, reset_msg) web_wdg = None #sudo = Sudo() try: # get the project from the url because we are still # in the admin project at this stage current_project = web.get_context_name() try: if current_project != "default": project = Project.get_by_code(current_project) assert project except Exception, e: pass else:
def set_round_corners(my, size=5, corners=[]): browser = WebContainer.get_web().get_browser() if browser == 'Mozilla': for corner in corners: if corner in ['TL']: my.add_style("-moz-border-radius-topleft: %spx" % size) my.add_style("border-top-left-radius: %spx" % size) elif corner in ['TR']: my.add_style("-moz-border-radius-topright: %spx" % size) my.add_style("border-top-right-radius: %spx" % size) elif corner in ['BL']: my.add_style("-moz-border-radius-bottomleft: %spx" % size) my.add_style("border-bottom-left-radius: %spx" % size) elif corner in ['BR']: my.add_style("-moz-border-radius-bottomright: %spx" % size) my.add_style("border-bottom-right-radius: %spx" % size) if not corners: my.add_style("-moz-border-radius: %spx" % size) my.add_style("border-radius: %spx" % size) elif browser in ['Webkit','Qt']: for corner in corners: if corner in ['TL']: my.add_style("border-top-left-radius: %spx" % size) elif corner in ['TR']: my.add_style("border-top-right-radius: %spx" % size) elif corner in ['BL']: my.add_style("border-bottom-left-radius: %spx" % size) elif corner in ['BR']: my.add_style("border-bottom-right-radius: %spx" % size) if not corners: my.add_style("border-radius: %spx" % size) elif browser == 'IE': if not corners: corners = ['TL','TR','BL','BR'] for corner in corners: if corner in ['TL']: my.add_style("border-top-left-radius: %spx" % size) elif corner in ['TR']: my.add_style("border-top-right-radius: %spx" % size) elif corner in ['BL']: my.add_style("border-bottom-left-radius: %spx" % size) elif corner in ['BR']: my.add_style("border-bottom-right-radius: %spx" % size)
def handle_guest_security(my, security): WebContainer.set_security(security) security.login_as_guest() ticket_key = security.get_ticket_key() web = WebContainer.get_web() web.set_cookie("login_ticket", ticket_key) access_manager = security.get_access_manager() xml = Xml() xml.read_string(''' <rules> <rule column="login" value="{$LOGIN}" search_type="sthpw/login" access="deny" op="!=" group="search_filter"/> </rules> ''') access_manager.add_xml_rules(xml)
def get_form_wdg(self): web = WebContainer.get_web() from pyasm.web import Table table = Table() keys = web.get_form_keys() keys.sort() for key in keys: # skipping the upload data if not key: continue pat = re.compile(r'(\|files|\|images|\|snapshot|\|submission|\|publish_icon|\|publish_main)$') if pat.search(key): continue table.add_row() field = web.get_form_values(key) table.add_cell(key) table.add_cell(str(field)) return table
def set_box_shadow(my, value="0px 0px 15px", color=None): if not color: color = my.get_color("shadow") if not color: theme = my.get_theme() if theme == "dark": color = "#000000" else: color = "rgba(0,0,0,0.4)" browser = WebContainer.get_web().get_browser() if browser == 'Mozilla': my.add_style("-moz-box-shadow: %s %s" % (value, color)) # This is needed for Mozilla 13 my.add_style("box-shadow: %s %s" % (value, color)) elif browser in ['Webkit', 'Qt']: my.add_style("-webkit-box-shadow: %s %s" % (value, color)) else: my.add_style("box-shadow: %s %s" % (value, color))
def get_form_wdg(my): web = WebContainer.get_web() from pyasm.web import Table table = Table() keys = web.get_form_keys() keys.sort() for key in keys: # skipping the upload data if not key: continue pat = re.compile( r'(\|files|\|images|\|snapshot|\|submission|\|publish_icon|\|publish_main)$' ) if pat.search(key): continue table.add_row() field = web.get_form_values(key) table.add_cell(key) table.add_cell(str(field)) return table
def handle_not_logged_in(self, allow_change_admin=True): site_obj = Site.get() site_obj.set_site("default") DbResource.clear_cache() from pyasm.widget import WebLoginWdg, BottomWdg from tactic.ui.app import TitleTopWdg from pyasm.biz import Project from tactic.ui.panel import HashPanelWdg web = WebContainer.get_web() widget = Widget() top = TitleTopWdg() widget.add(top) body = top.get_body() #body.add_gradient("background", "background", 5, -20) body.add_color("background", "background") body.add_color("color", "color") reset_request = web.get_form_value('reset_request') == 'true' if reset_request: from tactic.ui.widget import ResetPasswordWdg top.add(ResetPasswordWdg()) else: reset_msg = web.get_form_value('reset_msg') if reset_msg: web.set_form_value(WebLoginWdg.LOGIN_MSG, reset_msg) web_wdg = None sudo = Sudo() try: # get the project from the url because we are still # in the admin project at this stage current_project = web.get_context_name() try: if current_project != "default": project = Project.get_by_code(current_project) assert project except Exception as e: pass else: # custom global site login widget if not current_project or current_project == "default": current_project = Project.get_default_project() if current_project and current_project != "default": try: Project.set_project(current_project) except SecurityException as e: print(e) if 'is not permitted to view project' not in e.__str__( ): raise if not web_wdg: web_wdg = site_obj.get_login_wdg() if web_wdg: if not isinstance(web_wdg, basestring): web_wdg = web_wdg.get_buffer_display() top.add(web_wdg) else: web_wdg = None # display default web login if not web_wdg: # get login screen from Site link = "/%s" % "/".join(self.hash) web_wdg = site_obj.get_login_wdg(link) if not web_wdg: # else get the default one web_wdg = WebLoginWdg( allow_change_admin=allow_change_admin) top.add(web_wdg) finally: # sudo out of scope here sudo.exit() pass # create a web app and run it through the pipeline web_app = WebApp() web_app.get_display(widget) return
def _get_display(self): # set up the security object from pyasm.security import Security, Sudo from pyasm.biz import Project from pyasm.web import WebContainer web = WebContainer.get_web() # guest mode # allow_guest = Config.get_value("security", "allow_guest") if allow_guest == 'true': allow_guest = True else: allow_guest = False site_obj = Site.get() site_allow_guest = site_obj.allow_guest() if site_allow_guest != None: allow_guest = site_allow_guest security = Security() try: security = self.handle_security(security) is_logged_in = security.is_logged_in() except Exception as e: print("AppServer Exception: ", e) return self.handle_not_logged_in() guest_mode = Config.get_value("security", "guest_mode") if not guest_mode: guest_mode = 'restricted' # Test #allow_guest = True #guest_mode = "full" # if not logged in, then log in as guest if not is_logged_in: if not allow_guest: return self.handle_not_logged_in() else: # login as guest security = Security() self.handle_guest_security(security) # for here on, the user is logged in login_name = Environment.get_user_name() is_upload = '/UploadServer' in web.get_request_url().to_string() # check if the user has permission to see this project project = web.get_context_name() if project == 'default': override_default = Project.get_default_project() if override_default: project = override_default if is_upload: print("IS UPLOAD") access = True elif project != 'default': # make sure the security check is done on the appropriate site path_info = site_obj.get_request_path_info() if path_info: site = path_info.get("site") Site.set_site(site) s = Environment.get_security() has_site = True else: s = security has_site = False try: security_version = get_security_version() if security_version == 1: default = "view" access = s.check_access("project", project, "view", default="view") else: default = "deny" key = {"code": project} key2 = {"code": "*"} keys = [key, key2] access = s.check_access("project", keys, "allow", default=default) finally: if has_site: Site.pop_site() else: # you always have access to the default project access = True if not access: if login_name == "guest": from pyasm.widget import WebLoginWdg msg = web.get_form_value(WebLoginWdg.LOGIN_MSG) if not msg: msg = "User [%s] is not allowed to see this project [%s]" % ( login_name, project) web.set_form_value(WebLoginWdg.LOGIN_MSG, msg) return self.handle_not_logged_in(allow_change_admin=False) else: from pyasm.widget import BottomWdg, Error403Wdg widget = Widget() top = self.get_top_wdg() widget.add(top) widget.add(Error403Wdg()) widget.add(BottomWdg()) widget.get_display() if is_upload: print( "WARNING: User [%s] is not allowed to upload to project [%s]." % (login_name, project)) return if login_name == 'guest': # let the site handle the guest completely guest_wdg = site_obj.get_guest_wdg(self.hash) if guest_wdg: web_app = WebApp() web_app.get_display(guest_wdg) return # some extra precautions in guest mode if login_name == 'guest' and guest_mode != "full": # show a restricted guest mode from pyasm.widget import WebLoginWdg, BottomWdg from tactic.ui.app import TitleTopWdg from pyasm.biz import Project from tactic.ui.panel import HashPanelWdg web = WebContainer.get_web() widget = Widget() top = TitleTopWdg() widget.add(top) body = top.get_body() body.add_color("background", "background") body.add_color("color", "color") has_site = False # use the path to set the project and/or site path_info = site_obj.get_request_path_info() if path_info: path_site = path_info.get("site") try: Site.set_site(path_site) has_site = True except Exception as e: print("WARNING: ", e) current_project = web.get_context_name() else: current_project = path_info.get("project_code") if not current_project: current_project = web.get_context_name() else: # get the project from the url because we are still # in the admin project at this stage current_project = web.get_context_name() sudo = Sudo() try: if current_project != "default": project = Project.get_by_code(current_project, use_cache=False) if not project: raise Exception("Project [%s] does not exist" % current_project) except Exception as e: print("WARNING: ", e) web_wdg = None else: if not current_project or current_project == "default": current_project = Project.get_default_project() if current_project and current_project != "default": try: Project.set_project(current_project) except SecurityException as e: print(e) if 'is not permitted to view project' in e.__str__(): pass else: raise # find the guest views #search = Search("config/url") #urls = search.get_sobjects() #open_hashes = [x.get("url").lstrip("/").split("/")[0] for x in urls] link = "/%s" % "/".join(self.hash) # guest views open_hashes = site_obj.get_guest_hashes() if len(self.hash) >= 1 and self.hash[0] in open_hashes: web_wdg = HashPanelWdg.get_widget_from_hash( link, return_none=True) else: web_wdg = None if not web_wdg: web_wdg = HashPanelWdg.get_widget_from_hash( "/guest", return_none=True, kwargs={"hash": link}) if web_wdg: if not isinstance(web_wdg, basestring): web_wdg = web_wdg.get_buffer_display() top.add(web_wdg) else: web_wdg = None finally: sudo.exit() if has_site: Site.pop_site() if not web_wdg: msg = "No default page defined for guest user. Please set up /guest in Custom URL." web.set_form_value(WebLoginWdg.LOGIN_MSG, msg) return self.handle_not_logged_in(allow_change_admin=False) # create a web app and run it through the pipeline web_app = WebApp() web_app.get_display(widget) return # Full access # if a guest has full access, then handle it here if login_name == 'guest' and guest_mode == "full": # some extra security for guest users guest_url_allow = Config.get_value("security", "guest_url_allow") if guest_url_allow: items = guest_url_allow.split("|") allowed = False if self.hash: url = self.hash[0] else: url = "index" for item in items: item = item.strip("/") if item == url: allowed = True break if not allowed: return self.handle_not_logged_in() # Welcome message for first time run is_first_run = Environment.is_first_run() if is_first_run: from pyasm.widget import WebLoginWdg, BottomWdg top = self.get_top_wdg() from tactic.ui.app import PageHeaderWdg from tactic.ui.startup import DbConfigPanelWdg widget = DivWdg() widget.add(top) widget.add(DbConfigPanelWdg()) widget.add(BottomWdg()) web_app = WebApp() web_app.get_display(widget) return # handle licensing license = security.get_license() user_name = security.get_user_name() is_licensed = license.is_licensed() # handle url security url_security = UrlSecurity() html = url_security.get_display() if html: widget = Widget() widget.add(html.getvalue()) widget.get_display() return web = WebContainer.get_web() # FIXME: although this works, it should be cleaned up # determine the type of request if '/UploadServer' in web.get_request_url().to_string(): page_type = "upload" elif web.get_form_value("ajax") != "": page_type = "ajax" elif web.get_form_value("dynamic_file") != "": # this mode creates a file dynamically page_type = "dynamic_file" else: page_type = "normal" # TODO: the following could be combined into a page_init function # provide the opportunity to set some templates self.set_templates() self.add_triggers() self.init_web_container() # install the language Translation.install() path_info = site_obj.get_request_path_info() if path_info and path_info.get("site") != "default": Site.set_site(path_info.get("site")) project_code = path_info.get("project_code") # handle the case where the project does not exist project = Project.get(no_exception=True) if not project: from pyasm.widget import BottomWdg, Error404Wdg Project.set_project("admin") widget = Widget() top = self.get_top_wdg() widget.add(top) widget.add(Error404Wdg()) widget.add(BottomWdg()) widget.get_display() return widget # get the content of the page try: widget = self.get_content(page_type) except Exception as e: print("ERROR: ", e) from pyasm.widget import BottomWdg, Error403Wdg widget = Widget() top = self.get_top_wdg() widget.add(top) widget.add(Error403Wdg()) widget.add(BottomWdg()) widget.get_display() # put an annoying alert if there is a problem with the license if not is_licensed: # to be sure, reread license. This gets around the problem # of the extra error message when uploading a new license license = security.reread_license() is_licensed = license.is_licensed() if not is_licensed: widget.add("<script>alert('%s')</script>" % license.get_message()) # create a web app and run it through the pipeline web_app = WebApp() web_app.get_display(widget)
def handle_security(self, security, allow_guest=False): # set the seucrity object WebContainer.set_security(security) # see if there is an override web = WebContainer.get_web() is_from_login = web.get_form_value("is_from_login") ticket_key = web.get_form_value("login_ticket") # attempt to login in with a ticket if not ticket_key and is_from_login != 'yes': ticket_key = web.get_cookie("login_ticket") # We can define another place to look at ticket values and use # that. ie: Drupal session key session_key = Config.get_value("security", "session_key") login = web.get_form_value("login") password = web.get_form_value("password") site_obj = Site.get() path_info = site_obj.get_request_path_info() if path_info: site = path_info['site'] if site == "default": site = web.get_form_value("site") if not site: site = "default" else: site = web.get_form_value("site") if session_key: ticket_key = web.get_cookie(session_key) if ticket_key: security.login_with_session(ticket_key, add_access_rules=False) elif login and password: # get the site for this user login_site = site_obj.get_by_login(login) if login_site: site = login_site if site: site_obj.set_site(site) if login == "guest": pass else: login_cmd = WebLoginCmd() login_cmd.execute() ticket_key = security.get_ticket_key() if not ticket_key: if site: site_obj.pop_site() return security elif ticket_key: if site: site_obj.set_site(site) login = security.login_with_ticket(ticket_key, add_access_rules=False, allow_guest=allow_guest) # In the midst of logging out, login is None if not login: if site: site_obj.pop_site() return security if not security.is_logged_in(): reset_password = web.get_form_value("reset_password") == 'true' if reset_password: from tactic.ui.widget import ResetPasswordCmd reset_cmd = ResetPasswordCmd(reset=True) try: reset_cmd.execute() except TacticException as e: print("Reset failed. %s" % e.__str__()) # let empty username or password thru to get feedback from WebLoginCmd else: login_cmd = WebLoginCmd() login_cmd.execute() ticket_key = security.get_ticket_key() # clear the password web.set_form_value('password', '') if session_key: web.set_cookie("login_ticket", ticket_key) elif ticket_key: web.set_cookie("login_ticket", ticket_key) # TEST TEST TEST """ try: ticket = security.get_ticket() if ticket: site_obj.handle_ticket(ticket) except Exception as e: print("ERROR in handle_ticket: ", e) """ # set up default securities #self.set_default_security(security) # for now apply the access rules after security.add_access_rules() return security
def handle_security(my, security, allow_guest=False): # set the seucrity object WebContainer.set_security(security) # see if there is an override web = WebContainer.get_web() ticket_key = web.get_form_value("login_ticket") # attempt to login in with a ticket if not ticket_key: ticket_key = web.get_cookie("login_ticket") # We can define another place to look at ticket values and use # that. ie: Drupal session key session_key = Config.get_value("security", "session_key") login = web.get_form_value("login") password = web.get_form_value("password") site_obj = Site.get() path_info = site_obj.get_request_path_info() if path_info: site = path_info['site'] if site == "default": site = web.get_form_value("site") if not site: site = "default" else: site = web.get_form_value("site") if session_key: ticket_key = web.get_cookie(session_key) if ticket_key: security.login_with_session(ticket_key, add_access_rules=False) elif login and password: # get the site for this user login_site = site_obj.get_by_login(login) if login_site: site = login_site if site: site_obj.set_site(site) if login == "guest": pass else: login_cmd = WebLoginCmd() login_cmd.execute() ticket_key = security.get_ticket_key() elif ticket_key: if site: site_obj.set_site(site) login = security.login_with_ticket(ticket_key, add_access_rules=False, allow_guest=allow_guest) if not security.is_logged_in(): reset_password = web.get_form_value("reset_password") == 'true' if reset_password: from tactic.ui.widget import ResetPasswordCmd reset_cmd = ResetPasswordCmd(reset=True) try: reset_cmd.execute() except TacticException, e: print "Reset failed. %s" % e.__str__() # FIXME: not sure why this is here??? """
allowed = True break if not allowed: return my.handle_not_logged_in() # some extra precautions in guest mode if login_name == 'guest' and guest_mode != "full": # show a restricted guest mode from pyasm.widget import WebLoginWdg, BottomWdg from tactic.ui.app import TitleTopWdg from pyasm.biz import Project from tactic.ui.panel import HashPanelWdg web = WebContainer.get_web() widget = Widget() top = TitleTopWdg() widget.add(top) body = top.get_body() body.add_gradient("background", "background", 5, -20) body.add_color("color", "color") # get the project from the url because we are still # in the admin project at this stage current_project = web.get_context_name() try: if current_project != "default": project = Project.get_by_code(current_project) assert project
def handle_security(my, security, allow_guest=False): # set the seucrity object WebContainer.set_security(security) # see if there is an override web = WebContainer.get_web() ticket_key = web.get_form_value("login_ticket") # attempt to login in with a ticket if not ticket_key: ticket_key = web.get_cookie("login_ticket") # We can define another place to look at ticket values and use # that. ie: Drupal session key session_key = Config.get_value("security", "session_key") login = web.get_form_value("login") password = web.get_form_value("password") site_obj = Site.get() path_info = site_obj.get_request_path_info() if path_info: site = path_info['site'] if site == "default": site = web.get_form_value("site") if not site: site = "default" else: site = web.get_form_value("site") if session_key: ticket_key = web.get_cookie(session_key) if ticket_key: security.login_with_session(ticket_key, add_access_rules=False) elif login and password: # get the site for this user login_site = site_obj.get_by_login(login) if login_site: site = login_site if site: site_obj.set_site(site) if login == "guest": pass else: from web_login_cmd import WebLoginCmd login_cmd = WebLoginCmd() login_cmd.execute() ticket_key = security.get_ticket_key() elif ticket_key: if site: site_obj.set_site(site) login = security.login_with_ticket(ticket_key, add_access_rules=False, allow_guest=allow_guest) if not security.is_logged_in(): reset_password = web.get_form_value("reset_password") == 'true' if reset_password: from tactic.ui.widget import ResetPasswordCmd reset_cmd = ResetPasswordCmd(reset=True) try: reset_cmd.execute() except TacticException, e: print "Reset failed. %s" %e.__str__() else: from web_login_cmd import WebLoginCmd login_cmd = WebLoginCmd() login_cmd.execute() ticket_key = security.get_ticket_key()
def _get_display(my): # set up the security object from pyasm.security import Security, Sudo from pyasm.biz import Project from pyasm.web import WebContainer web = WebContainer.get_web() security = Security() security = my.handle_security(security) is_logged_in = security.is_logged_in() # guest mode # allow_guest = Config.get_value("security", "allow_guest") if allow_guest == 'true': allow_guest = True else: allow_guest = False guest_mode = Config.get_value("security", "guest_mode") if not guest_mode: guest_mode = 'restricted' #allow_guest = True #guest_mode = "full" # if not logged in, then log in as guest if not is_logged_in: if not allow_guest: return my.handle_not_logged_in() else: # login as guest security = Security() my.handle_guest_security(security) # for here on, the user is logged in login_name = Environment.get_user_name() # check if the user has permission to see this project project = web.get_context_name() if project == 'default': override_default = Config.get_value("install", "default_project") if override_default: project = override_default if project != 'default': security_version = get_security_version() if security_version == 1: default = "view" access = security.check_access("project", project, "view", default="view") else: default = "deny" key = { "code": project } key2 = { "code": "*" } #keys = [key] keys = [key, key2] access = security.check_access("project", keys, "allow", default=default) else: # you always have access to the default project access = True access = True if not access: if login_name == "guest": from pyasm.widget import WebLoginWdg msg = web.get_form_value(WebLoginWdg.LOGIN_MSG) if not msg: msg = "User [%s] is not allowed to see this project [%s]" % (login_name, project) web.set_form_value(WebLoginWdg.LOGIN_MSG, msg) return my.handle_not_logged_in(allow_change_admin=False) else: from pyasm.widget import WebLicenseWdg, BottomWdg, Error403Wdg widget = Widget() top = my.get_top_wdg() widget.add( top ) widget.add( Error403Wdg() ) widget.add( BottomWdg() ) widget.get_display() return if login_name == 'guest' and guest_mode == "full": # some extra security for guest users guest_url_allow = Config.get_value("security", "guest_url_allow") if guest_url_allow: items = guest_url_allow.split("|") allowed = False if my.hash: url = my.hash[0] else: url = "index" for item in items: item = item.strip("/") if item == url: allowed = True break if not allowed: return my.handle_not_logged_in() # some extra precautions in guest mode if login_name == 'guest' and guest_mode != "full": # show a restricted guest mode from pyasm.widget import WebLoginWdg, BottomWdg from tactic.ui.app import TitleTopWdg from pyasm.biz import Project from tactic.ui.panel import HashPanelWdg web = WebContainer.get_web() widget = Widget() top = TitleTopWdg() widget.add(top) body = top.get_body() body.add_gradient("background", "background", 5, -20) body.add_color("color", "color") # get the project from the url because we are still # in the admin project at this stage current_project = web.get_context_name() try: if current_project != "default": project = Project.get_by_code(current_project) assert project except Exception, e: web_wdg = None else: if not current_project or current_project == "default": current_project = Config.get_value("install", "default_project") if current_project and current_project != "default": Project.set_project(current_project) web_wdg = HashPanelWdg.get_widget_from_hash("/guest", return_none=True) if web_wdg: web_wdg = web_wdg.get_buffer_display() top.add(web_wdg) else: web_wdg = None if not web_wdg: msg = "No widget for Guest defined" web.set_form_value(WebLoginWdg.LOGIN_MSG, msg) top.add(WebLoginWdg() ) # create a web app and run it through the pipeline web_app = WebApp() web_app.get_display(widget) return
# handle licensing license = security.get_license() user_name = security.get_user_name() is_licensed = license.is_licensed() # handle url security url_security = UrlSecurity() html = url_security.get_display() if html: widget = Widget() widget.add(html.getvalue()) widget.get_display() return web = WebContainer.get_web() # FIXME: although this works, it should be cleaned up # determine the type of request if '/UploadServer' in web.get_request_url().to_string(): page_type = "upload" elif web.get_form_value("ajax") != "": page_type = "ajax" elif web.get_form_value("dynamic_file") != "": # this mode creates a file dynamically page_type = "dynamic_file" else: page_type = "normal"
def set_scale(my, scale): browser = WebContainer.get_web().get_browser() if browser == 'Mozilla': my.add_style("-moz-transform", "scale(%s)" % scale) elif browser == 'Webkit': my.add_style("-webkit-transform", "scale(%s)" % scale)
def _get_display(self): # set up the security object from pyasm.security import Security, Sudo from pyasm.biz import Project from pyasm.web import WebContainer web = WebContainer.get_web() # guest mode # allow_guest = Config.get_value("security", "allow_guest") if allow_guest == 'true': allow_guest = True else: allow_guest = False site_obj = Site.get() site_allow_guest = site_obj.allow_guest() if site_allow_guest != None: allow_guest = site_allow_guest security = Security() try: security = self.handle_security(security) is_logged_in = security.is_logged_in() except Exception as e: print("AppServer Exception: ", e) return self.handle_not_logged_in() guest_mode = Config.get_value("security", "guest_mode") if not guest_mode: guest_mode = 'restricted' # Test #allow_guest = True #guest_mode = "full" # if not logged in, then log in as guest if not is_logged_in: if not allow_guest: return self.handle_not_logged_in() else: # login as guest security = Security() self.handle_guest_security(security) # for here on, the user is logged in login_name = Environment.get_user_name() is_upload = '/UploadServer' in web.get_request_url().to_string() # check if the user has permission to see this project project = web.get_context_name() if project == 'default': override_default = Project.get_default_project() if override_default: project = override_default if is_upload: print("IS UPLOAD") access = True elif project != 'default': # make sure the security check is done on the appropriate site path_info = site_obj.get_request_path_info() if path_info: site = path_info.get("site") Site.set_site(site) s = Environment.get_security() has_site = True else: s = security has_site = False try: security_version = get_security_version() if security_version == 1: default = "view" access = s.check_access("project", project, "view", default="view") else: default = "deny" key = { "code": project } key2 = { "code": "*" } keys = [key, key2] access = s.check_access("project", keys, "allow", default=default) finally: if has_site: Site.pop_site() else: # you always have access to the default project access = True if not access: if login_name == "guest": from pyasm.widget import WebLoginWdg msg = web.get_form_value(WebLoginWdg.LOGIN_MSG) if not msg: msg = "User [%s] is not allowed to see this project [%s]" % (login_name, project) web.set_form_value(WebLoginWdg.LOGIN_MSG, msg) return self.handle_not_logged_in(allow_change_admin=False) else: from pyasm.widget import BottomWdg, Error403Wdg widget = Widget() top = self.get_top_wdg() widget.add( top ) widget.add( Error403Wdg() ) widget.add( BottomWdg() ) widget.get_display() if is_upload: print("WARNING: User [%s] is not allowed to upload to project [%s]."%(login_name, project)) return if login_name == 'guest': # let the site handle the guest completely guest_wdg = site_obj.get_guest_wdg(self.hash) if guest_wdg: web_app = WebApp() web_app.get_display(guest_wdg) return # some extra precautions in guest mode if login_name == 'guest' and guest_mode != "full": # show a restricted guest mode from pyasm.widget import WebLoginWdg, BottomWdg from tactic.ui.app import TitleTopWdg from pyasm.biz import Project from tactic.ui.panel import HashPanelWdg web = WebContainer.get_web() widget = Widget() top = TitleTopWdg() widget.add(top) body = top.get_body() body.add_color("background", "background") body.add_color("color", "color") has_site = False # use the path to set the project and/or site path_info = site_obj.get_request_path_info() if path_info: path_site = path_info.get("site") try: Site.set_site(path_site) has_site = True except Exception as e: print("WARNING: ", e) current_project = web.get_context_name() else: current_project = path_info.get("project_code") if not current_project: current_project = web.get_context_name() else: # get the project from the url because we are still # in the admin project at this stage current_project = web.get_context_name() sudo = Sudo() try: if current_project != "default": project = Project.get_by_code(current_project, use_cache=False) if not project: raise Exception("Project [%s] does not exist" % current_project) except Exception as e: print("WARNING: ", e) web_wdg = None else: if not current_project or current_project == "default": current_project = Project.get_default_project() if current_project and current_project != "default": try: Project.set_project(current_project) except SecurityException as e: print(e) if 'is not permitted to view project' in e.__str__(): pass else: raise # find the guest views #search = Search("config/url") #urls = search.get_sobjects() #open_hashes = [x.get("url").lstrip("/").split("/")[0] for x in urls] link = "/%s" % "/".join(self.hash) # guest views open_hashes = site_obj.get_guest_hashes() if len(self.hash) >= 1 and self.hash[0] in open_hashes: web_wdg = HashPanelWdg.get_widget_from_hash(link, return_none=True) else: web_wdg = None if not web_wdg: web_wdg = HashPanelWdg.get_widget_from_hash("/guest", return_none=True, kwargs={"hash": link}) if web_wdg: if not isinstance(web_wdg, basestring): web_wdg = web_wdg.get_buffer_display() top.add(web_wdg) else: web_wdg = None finally: sudo.exit() if has_site: Site.pop_site() if not web_wdg: msg = "No default page defined for guest user. Please set up /guest in Custom URL." web.set_form_value(WebLoginWdg.LOGIN_MSG, msg) return self.handle_not_logged_in(allow_change_admin=False) # create a web app and run it through the pipeline web_app = WebApp() web_app.get_display(widget) return # Full access # if a guest has full access, then handle it here if login_name == 'guest' and guest_mode == "full": # some extra security for guest users guest_url_allow = Config.get_value("security", "guest_url_allow") if guest_url_allow: items = guest_url_allow.split("|") allowed = False if self.hash: url = self.hash[0] else: url = "index" for item in items: item = item.strip("/") if item == url: allowed = True break if not allowed: return self.handle_not_logged_in() # Welcome message for first time run is_first_run = Environment.is_first_run() if is_first_run: from pyasm.widget import WebLoginWdg, BottomWdg top = self.get_top_wdg() from tactic.ui.app import PageHeaderWdg from tactic.ui.startup import DbConfigPanelWdg widget = DivWdg() widget.add( top ) widget.add( DbConfigPanelWdg() ) widget.add( BottomWdg() ) web_app = WebApp() web_app.get_display(widget) return # handle licensing license = security.get_license() user_name = security.get_user_name() is_licensed = license.is_licensed() # handle url security url_security = UrlSecurity() html = url_security.get_display() if html: widget = Widget() widget.add(html.getvalue()) widget.get_display() return web = WebContainer.get_web() # FIXME: although this works, it should be cleaned up # determine the type of request if '/UploadServer' in web.get_request_url().to_string(): page_type = "upload" elif web.get_form_value("ajax") != "": page_type = "ajax" elif web.get_form_value("dynamic_file") != "": # this mode creates a file dynamically page_type = "dynamic_file" else: page_type = "normal" # TODO: the following could be combined into a page_init function # provide the opportunity to set some templates self.set_templates() self.add_triggers() self.init_web_container() # install the language Translation.install() path_info = site_obj.get_request_path_info() if path_info and path_info.get("site") != "default": Site.set_site(path_info.get("site")) project_code = path_info.get("project_code") # handle the case where the project does not exist project = Project.get(no_exception=True) if not project: from pyasm.widget import BottomWdg, Error404Wdg Project.set_project("admin") widget = Widget() top = self.get_top_wdg() widget.add( top ) widget.add( Error404Wdg() ) widget.add( BottomWdg() ) widget.get_display() return widget # get the content of the page try: widget = self.get_content(page_type) except Exception as e: print("ERROR: ", e) from pyasm.widget import BottomWdg, Error403Wdg widget = Widget() top = self.get_top_wdg() widget.add( top ) widget.add( Error403Wdg() ) widget.add( BottomWdg() ) widget.get_display() # put an annoying alert if there is a problem with the license if not is_licensed: # to be sure, reread license. This gets around the problem # of the extra error message when uploading a new license license = security.reread_license() is_licensed = license.is_licensed() if not is_licensed: widget.add("<script>alert('%s')</script>" % license.get_message()) # create a web app and run it through the pipeline web_app = WebApp() web_app.get_display(widget)
def _get_display(self): web = WebContainer.get_web() web.set_form_value("ajax", "true") return super(WidgetAppServer, self)._get_display()
def handle_not_logged_in(self, allow_change_admin=True): site_obj = Site.get() site_obj.set_site("default") DbResource.clear_cache() from pyasm.widget import WebLoginWdg, BottomWdg from tactic.ui.app import TitleTopWdg from pyasm.biz import Project from tactic.ui.panel import HashPanelWdg web = WebContainer.get_web() widget = Widget() top = TitleTopWdg() widget.add(top) body = top.get_body() #body.add_gradient("background", "background", 5, -20) body.add_color("background", "background") body.add_color("color", "color") reset_request = web.get_form_value('reset_request') =='true' if reset_request: from tactic.ui.widget import ResetPasswordWdg top.add(ResetPasswordWdg()) else: reset_msg = web.get_form_value('reset_msg') if reset_msg: web.set_form_value(WebLoginWdg.LOGIN_MSG, reset_msg) web_wdg = None sudo = Sudo() try: # get the project from the url because we are still # in the admin project at this stage current_project = web.get_context_name() try: if current_project != "default": project = Project.get_by_code(current_project) assert project except Exception as e: pass else: # custom global site login widget if not current_project or current_project == "default": current_project = Project.get_default_project() if current_project and current_project != "default": try: Project.set_project(current_project) except SecurityException as e: print(e) if 'is not permitted to view project' not in e.__str__(): raise if not web_wdg: web_wdg = site_obj.get_login_wdg() if web_wdg: if not isinstance(web_wdg, basestring): web_wdg = web_wdg.get_buffer_display() top.add(web_wdg) else: web_wdg = None # display default web login if not web_wdg: # get login screen from Site link = "/%s" % "/".join(self.hash) web_wdg = site_obj.get_login_wdg(link) if not web_wdg: # else get the default one web_wdg = WebLoginWdg(allow_change_admin=allow_change_admin) top.add(web_wdg) finally: # sudo out of scope here sudo.exit() pass # create a web app and run it through the pipeline web_app = WebApp() web_app.get_display(widget) return
def handle_security(self, security, allow_guest=False): # set the seucrity object WebContainer.set_security(security) # see if there is an override web = WebContainer.get_web() is_from_login = web.get_form_value("is_from_login") ticket_key = web.get_form_value("login_ticket") # attempt to login in with a ticket if not ticket_key and is_from_login !='yes': ticket_key = web.get_cookie("login_ticket") # We can define another place to look at ticket values and use # that. ie: Drupal session key session_key = Config.get_value("security", "session_key") login = web.get_form_value("login") password = web.get_form_value("password") site_obj = Site.get() path_info = site_obj.get_request_path_info() if path_info: site = path_info['site'] if site == "default": site = web.get_form_value("site") if not site: site = "default" else: site = web.get_form_value("site") if session_key: ticket_key = web.get_cookie(session_key) if ticket_key: security.login_with_session(ticket_key, add_access_rules=False) elif login and password: # get the site for this user login_site = site_obj.get_by_login(login) if login_site: site = login_site if site: site_obj.set_site(site) if login == "guest": pass else: login_cmd = WebLoginCmd() login_cmd.execute() ticket_key = security.get_ticket_key() if not ticket_key: if site: site_obj.pop_site() return security elif ticket_key: if site: site_obj.set_site(site) login = security.login_with_ticket(ticket_key, add_access_rules=False, allow_guest=allow_guest) # In the midst of logging out, login is None if not login: if site: site_obj.pop_site() return security if not security.is_logged_in(): reset_password = web.get_form_value("reset_password") == 'true' if reset_password: from tactic.ui.widget import ResetPasswordCmd reset_cmd = ResetPasswordCmd(reset=True) try: reset_cmd.execute() except TacticException as e: print("Reset failed. %s" %e.__str__()) # let empty username or password thru to get feedback from WebLoginCmd else: login_cmd = WebLoginCmd() login_cmd.execute() ticket_key = security.get_ticket_key() # clear the password web.set_form_value('password','') if session_key: web.set_cookie("login_ticket", ticket_key) elif ticket_key: web.set_cookie("login_ticket", ticket_key) # TEST TEST TEST """ try: ticket = security.get_ticket() if ticket: site_obj.handle_ticket(ticket) except Exception as e: print("ERROR in handle_ticket: ", e) """ # set up default securities #self.set_default_security(security) # for now apply the access rules after security.add_access_rules() return security