def WebSection_setObject(self, id, ob, **kw): """ Make any change related to the file uploaded. """ portal = self.getPortalObject() data = self.REQUEST.get("BODY") schema = self.WebSite_getJSONSchema() structure = json.loads(data) # 0 elementh in structure is json in json # 1 elementh is just signature structure = [json.loads(structure[0]), structure[1]] validictory.validate(structure, schema) file_name = structure[0].get("file", None) expiration_date = structure[0].get("expiration_date", None) data_set = portal.portal_catalog.getResultValue(portal_type="Data Set", reference=id) if data_set is None: data_set = portal.data_set_module.newContent(portal_type="Data Set", reference=id) with super_user(): # security check should be done already. data_set.publish() reference = hashlib.sha512(data).hexdigest() ob.setFilename(file_name) ob.setFollowUp(data_set.getRelativeUrl()) ob.setContentType("application/json") ob.setReference(reference) if expiration_date is not None: ob.setExpirationDate(expiration_date) with super_user(): # security check should be done already. ob.publish() return ob
def WebSection_setObject(self, id, ob, **kw): """ Make any change related to the file uploaded. """ portal = self.getPortalObject() data = self.REQUEST.get('BODY') schema = self.WebSite_getJSONSchema() structure = json.loads(data) # 0 elementh in structure is json in json # 1 elementh is just signature structure = [json.loads(structure[0]), structure[1]] validictory.validate(structure, schema) file_name = structure[0].get('file', None) expiration_date = structure[0].get('expiration_date', None) data_set = portal.portal_catalog.getResultValue(portal_type='Data Set', reference=id) if data_set is None: data_set = portal.data_set_module.newContent(portal_type='Data Set', reference=id) with super_user(): # security check should be done already. data_set.publish() reference = hashlib.sha512(data).hexdigest() ob.setFilename(file_name) ob.setFollowUp(data_set.getRelativeUrl()) ob.setContentType('application/json') ob.setReference(reference) if expiration_date is not None: ob.setExpirationDate(expiration_date) with super_user(): # security check should be done already. ob.publish() return ob
def WebSite_viewAsWebPost(self, *args, **kwargs): portal = self.getPortalObject() sha512sum = hashlib.sha512() file = self.REQUEST._file while True: d = file.read(1<<20) if not d: break sha512sum.update(d) sha512sum = sha512sum.hexdigest() document = portal.portal_contributions.newContent(file=file, filename='shacache', discover_metadata=False, reference=sha512sum, content_type='application/octet-stream') with super_user(): # security check should be done already. document.publish() self.REQUEST.RESPONSE.setStatus(httplib.CREATED) return sha512sum
def WebSite_viewAsWebPost(self, *args, **kwargs): portal = self.getPortalObject() sha512sum = hashlib.sha512() file = self.REQUEST._file while True: d = file.read(1 << 20) if not d: break sha512sum.update(d) sha512sum = sha512sum.hexdigest() document = portal.portal_contributions.newContent( file=file, filename="shacache", discover_metadata=False, reference=sha512sum, content_type="application/octet-stream", ) with super_user(): # security check should be done already. document.publish() self.REQUEST.RESPONSE.setStatus(httplib.CREATED) return sha512sum
def extractCredentials(self, request): """ Extract credentials from the request header. """ creds = {} token = None if request._auth is not None: # 1st - try to fetch from Authorization header if 'bearer' in request._auth.lower(): l = request._auth.split() if len(l) == 2: token = l[1] if token is None: # 2nd - try to fetch from Form-Encoded Body Parameter # Not implemented as not required and enforced with high # security considerations pass if token is None: # 3rd - try to fetch from URI Query Parameter # Not implemented as considered as unsecure. pass if token is not None: with super_user(): reference = self.Base_extractBearerTokenInformation(token) if reference is not None: creds['external_login'] = reference if 'external_login' in creds: creds['remote_host'] = request.get('REMOTE_HOST', '') try: creds['remote_address'] = request.getClientAddr() except AttributeError: creds['remote_address'] = request.get('REMOTE_ADDR', '') return creds # fallback to default way return DumbHTTPExtractor().extractCredentials(request)
def SoftwareInstance_bangAsSelf(self, relative_url=None, reference=None, comment=None): """Call bang on self.""" # Caller check if relative_url is None: raise TypeError('relative_url has to be defined') if reference is None: raise TypeError('reference has to be defined') software_instance = self.restrictedTraverse(relative_url) if (software_instance.getPortalType() == "Slave Instance") and \ (software_instance.getReference() == reference): # XXX There is no account for Slave Instance with super_user(): software_instance.bang(bang_tree=True, comment=comment) return sm = getSecurityManager() user_id = software_instance.getUserId() newSecurityManager(None, self.getPortalObject().acl_users.getUserById(user_id)) try: software_instance.bang(bang_tree=True, comment=comment) finally: # Restore the original user. setSecurityManager(sm)
def solve(self, activate_kw=None): with super_user(): self._solve(activate_kw=activate_kw)