def user(self, username): pages.require("/admin/users.edit") return pages.get_template("auth/user.html").render( usergroups=auth.Users[username]['groups'], groups=sorted(auth.Groups.keys()), password=auth.Users[username]['password'], username=username)
def page(self,module,dummy2,page,*args,**kwargs): #Permission handling for pages if 'require-permissions' in modules.ActiveModules[module][page]: for i in modules.ActiveModules[module][page]['require-permissions']: pages.require(i) with modules.modulesLock: #need to find an alternaive to this lock if modules.ActiveModules[module][page]['resource-type'] == 'page': #Allow a page to specify that it can only be accessed via POST or such if "require-method" in modules.ActiveModules[module][page]: if cherrypy.request.method not in modules.ActiveModules[module][page]['require-method']: #Raise a redirect the the wrongmethod error page raise cherrypy.HTTPRedirect('/errors/wrongmethod') #This is pretty much the worst perfoming piece of code in the system. #Every single request it compiles a new template and renders that, but not before loading two files from #Disk. But I don't feel like writing another ten pages of bookkeeping code today. []TODO if 'no-navheader' in modules.ActiveModules[module][page]: if modules.ActiveModules[module][page]['no-navheader']: header = util.readfile('pages/pageheader_nonav.html') else: header = util.readfile('pages/pageheader.html') else: header = util.readfile('pages/pageheader.html') return mako.template.Template( header+ modules.ActiveModules[module][page]['body']+ util.readfile('pages/pagefooter.html') ).render( kaithem = kaithem.kaithem, request = cherrypy.request, )
def servelog(self,filename): pages.require('/users/logs.view') #Make sure the user can't acess any file on the server like this print(filename) if not filename.startswith(os.path.join(directories.logdir,'dumps')): raise RuntimeError("Security Violation") return serve_file(filename, "application/x-download",os.path.split(filename)[1])
def newmoduletarget(self, **kwargs): global scopes pages.require("/admin/modules.edit") global moduleschanged moduleschanged = True #If there is no module by that name, create a blank template and the scope obj with modulesLock: if kwargs['name'] not in ActiveModules: ActiveModules[kwargs['name']] = { "__description": { "resource-type": "module-description", "text": "Module info here" } } #Create the scope that code in the module will run in scopes[kwargs['name']] = obj() #Go directly to the newly created module messagebus.postMessage( "/system/notifications", "User " + pages.getAcessingUser() + " Created Module " + kwargs['name']) raise cherrypy.HTTPRedirect("/modules/module/" + util.url(kwargs['name'])) else: return pages.get_template("error.html").render( info=" A module already exists by that name,")
def resourceEditPage(module, resource): pages.require("/admin/modules.view") with modulesLock: resourceinquestion = ActiveModules[module][resource] if resourceinquestion['resource-type'] == 'permission': return permissionEditPage(module, resource) if resourceinquestion['resource-type'] == 'event': return pages.get_template("modules/events/event.html").render( module=module, name=resource, event=ActiveModules[module][resource]) if resourceinquestion['resource-type'] == 'page': if 'require-permissions' in resourceinquestion: requiredpermissions = resourceinquestion['require-permissions'] else: requiredpermissions = [] return pages.get_template("modules/pages/page.html").render( module=module, name=resource, page=ActiveModules[module][resource], requiredpermissions=requiredpermissions)
def addResourceTarget(module,type,name,kwargs): pages.require("/admin/modules.edit") #Create a permission if type == 'permission': with modulesLock: if kwargs['name'] in ActiveModules[module]: raise cherrypy.HTTPRedirect("/errors/alreadyexists") else: ActiveModules[module] [kwargs['name']]= {"resource-type":"permission","description":kwargs['description']} #has its own lock auth.importPermissionsFromModules() #sync auth's list of permissions raise cherrypy.HTTPRedirect("/modules/module/" +util.url(module)+ '/resource/' + util.url(name) ) if type == 'event': with modulesLock: if kwargs['name'] not in ActiveModules[module]: ActiveModules[module] [kwargs['name']]= {"resource-type":"event","trigger":"False","action":"pass", "once":True} #newevt maintains a cache of precompiled events that must be kept in sync with #the modules newevt.updateOneEvent(kwargs['name'],module) raise cherrypy.HTTPRedirect("/modules/module/"+util.url(module)+'/resource/'+util.url(name)) else: raise cherrypy.HTTPRedirect("/errors/alreadyexists") if type == 'page': with modulesLock: if kwargs['name'] not in ActiveModules[module]: ActiveModules[module][kwargs['name']]= {"resource-type":"page","body":"Content here",'no-navheader':True} #newevt maintains a cache of precompiled events that must be kept in sync with #the modules raise cherrypy.HTTPRedirect("/modules/module/"+util.url(module)+'/resource/'+util.url(name)) else: raise cherrypy.HTTPRedirect("/errors/alreadyexists")
def page(self, module, dummy2, page, *args, **kwargs): #Permission handling for pages if 'require-permissions' in modules.ActiveModules[module][page]: for i in modules.ActiveModules[module][page][ 'require-permissions']: pages.require(i) with modules.modulesLock: #need to find an alternaive to this lock if modules.ActiveModules[module][page]['resource-type'] == 'page': #Allow a page to specify that it can only be accessed via POST or such if "require-method" in modules.ActiveModules[module][page]: if cherrypy.request.method not in modules.ActiveModules[ module][page]['require-method']: #Raise a redirect the the wrongmethod error page raise cherrypy.HTTPRedirect('/errors/wrongmethod') #This is pretty much the worst perfoming piece of code in the system. #Every single request it compiles a new template and renders that, but not before loading two files from #Disk. But I don't feel like writing another ten pages of bookkeeping code today. []TODO if 'no-navheader' in modules.ActiveModules[module][page]: if modules.ActiveModules[module][page]['no-navheader']: header = util.readfile('pages/pageheader_nonav.html') else: header = util.readfile('pages/pageheader.html') else: header = util.readfile('pages/pageheader.html') return mako.template.Template( header + modules.ActiveModules[module][page]['body'] + util.readfile('pages/pagefooter.html')).render( kaithem=kaithem.kaithem, request=cherrypy.request, )
def user(self,username): pages.require("/admin/users.edit") return pages.get_template("auth/user.html").render( usergroups=auth.Users[username]['groups'], groups= sorted(auth.Groups.keys()), password = auth.Users[username]['password'], username = username)
def newgrouptarget(self,**kwargs): #THIS IS A HACK TO PREVENT UNICODE STRINGS IN PY2.XX FROM GETTING THROUGH #BECAUSE QUOTE() IS USUALLY WHERE THEY CRASH. #AWFULHACK quote(kwargs['groupname']) pages.require("/admin/users.edit") #create the new user auth.addGroup(kwargs['groupname']) #Take the user back to the users page raise cherrypy.HTTPRedirect("/auth/")
def newgrouptarget(self, **kwargs): #THIS IS A HACK TO PREVENT UNICODE STRINGS IN PY2.XX FROM GETTING THROUGH #BECAUSE QUOTE() IS USUALLY WHERE THEY CRASH. #AWFULHACK quote(kwargs['groupname']) pages.require("/admin/users.edit") #create the new user auth.addGroup(kwargs['groupname']) #Take the user back to the users page raise cherrypy.HTTPRedirect("/auth/")
def deletemoduletarget(self,**kwargs): pages.require("/admin/modules.edit") with modulesLock: ActiveModules.pop(kwargs['name']) #Get rid of any lingering cached events newevt.removeModuleEvents(kwargs['name']) #Get rid of any permissions defined in the modules. auth.importPermissionsFromModules() raise cherrypy.HTTPRedirect("/modules")
def deletetarget(self,**kwargs): pages.require("/admin/persistancefiles.edit") with persistance_dict_connection_lock: #If there are only two references(the one passed to getrefcount and the dit entry) #That means that no user code is keeping a reference and it is not in use. if sys.getrefcount(persistancedicts[kwargs['name']]) == 2: del persistancedicts[kwargs['name']] else: raise cherrypy.HTTPRedirect("/errors/inuse")
def newusertarget(self,**kwargs): #THIS IS A HACK TO PREVENT UNICODE STRINGS IN PY2.XX FROM GETTING THROUGH #BECAUSE QUOTE() IS USUALLY WHERE THEY CRASH. #AWFULHACK quote(kwargs['username']) pages.require("/admin/users.edit") #create the new user auth.addUser(kwargs['username'],kwargs['password']) #Take the user back to the users page messagebus.postMessage('/system/notifications','New user "'+kwargs['username']+'" added') raise cherrypy.HTTPRedirect("/auth/")
def resourceUpdateTarget(module, resource, kwargs): pages.require("/admin/modules.edit") global moduleschanged moduleschanged = True with modulesLock: t = ActiveModules[module][resource]['resource-type'] resourceobj = ActiveModules[module][resource] if t == 'permission': resourceobj['description'] = kwargs['description'] #has its own lock auth.importPermissionsFromModules( ) #sync auth's list of permissions if t == 'event': e = newevt.Event(kwargs['trigger'], kwargs['action'], {}) #Test compile, throw error on fail. resourceobj['trigger'] = kwargs['trigger'] resourceobj['action'] = kwargs['action'] resourceobj['setup'] = kwargs['setup'] resourceobj['priority'] = max([int(kwargs['priority']), 0]) resourceobj['continual'] = 'continual' in kwargs resourceobj['rate-limit'] = float(kwargs['ratelimit']) #I really need to do something about this possibly brittle bookkeeping system #But anyway, when the active modules thing changes we must update the newevt cache thing. newevt.updateOneEvent(resource, module) if t == 'page': resourceobj['body'] = kwargs['body'] resourceobj['no-navheader'] = 'no-navheader' in kwargs resourceobj['no-header'] = 'no-header' in kwargs resourceobj['dont-show-in-index'] = 'dont-show-in-index' in kwargs #Method checkboxes resourceobj['require-method'] = [] if 'allow-GET' in kwargs: resourceobj['require-method'].append('GET') if 'allow-POST' in kwargs: resourceobj['require-method'].append('POST') #permission checkboxes resourceobj['require-permissions'] = [] for i in kwargs: #Since HTTP args don't have namespaces we prefix all the permission checkboxes with permission if i[:10] == 'Permission': if kwargs[i] == 'true': resourceobj['require-permissions'].append(i[10:]) usrpages.updateOnePage(resource, module) messagebus.postMessage( "/system/notifications", "User " + pages.getAcessingUser() + " modified resource " + resource + " of module " + module) #Return user to the module page raise cherrypy.HTTPRedirect( "/modules/module/" + util.url(module)) #+'/resource/'+util.url(resource))
def newusertarget(self, **kwargs): #THIS IS A HACK TO PREVENT UNICODE STRINGS IN PY2.XX FROM GETTING THROUGH #BECAUSE QUOTE() IS USUALLY WHERE THEY CRASH. #AWFULHACK quote(kwargs['username']) pages.require("/admin/users.edit") #create the new user auth.addUser(kwargs['username'], kwargs['password']) #Take the user back to the users page messagebus.postMessage('/system/notifications', 'New user "' + kwargs['username'] + '" added') raise cherrypy.HTTPRedirect("/auth/")
def setlogging(self, txt): pages.require('/admin/logging.edit') global loglistchanged loglistchanged = True global toSave toSave = set() for line in txt.split("\n"): line = line.strip() if line.startswith("/"): line = line[1:] toSave.add(line) return pages.get_template('logging/index.html').render()
def deletemoduletarget(self,**kwargs): pages.require("/admin/modules.edit") global moduleschanged moduleschanged = True with modulesLock: ActiveModules.pop(kwargs['name']) #Get rid of any lingering cached events newevt.removeModuleEvents(kwargs['name']) #Get rid of any permissions defined in the modules. auth.importPermissionsFromModules() usrpages.removeModulePages(kwargs['name']) messagebus.postMessage("/system/notifications","User "+ pages.getAcessingUser() + " Deleted module " + kwargs['name']) raise cherrypy.HTTPRedirect("/modules")
def updategroup(self,group,**kwargs): pages.require("/admin/users.edit") auth.Groups[group]['permissions'] = [] #Handle all the group permission checkboxes for i in kwargs: #Since HTTP args don't have namespaces we prefix all the permission checkboxes with permission if i[:10] == 'Permission': if kwargs[i] == 'true': auth.addGroupPermission(group,i[10:]) #Take the user back to the users page auth.generateUserPermissions() #update all users to have the new permissions lists raise cherrypy.HTTPRedirect("/auth")
def addResourceTarget(module, type, name, kwargs): pages.require("/admin/modules.edit") global moduleschanged moduleschanged = True def insertResource(r): ActiveModules[module][kwargs['name']] = r with modulesLock: #Check if a resource by that name is already there if kwargs['name'] in ActiveModules[module]: raise cherrypy.HTTPRedirect("/errors/alreadyexists") #Create a permission if type == 'permission': insertResource({ "resource-type": "permission", "description": kwargs['description'] }) #has its own lock auth.importPermissionsFromModules( ) #sync auth's list of permissions if type == 'event': insertResource({ "resource-type": "event", "trigger": "False", "action": "pass", "once": True }) #newevt maintains a cache of precompiled events that must be kept in sync with #the modules newevt.updateOneEvent(kwargs['name'], module) if type == 'page': insertResource({ "resource-type": "page", "body": "Content here", 'no-navheader': True }) usrpages.updateOnePage(kwargs['name'], module) messagebus.postMessage( "/system/notifications", "User " + pages.getAcessingUser() + " added resource " + kwargs['name'] + " of type " + type + " to module " + module) #Take the user straight to the resource page raise cherrypy.HTTPRedirect("/modules/module/" + util.url(module) + '/resource/' + util.url(name))
def addResourceDispatcher(module,type): pages.require("/admin/modules.edit") #Return a crud to add a new permission if type == 'permission': return pages.get_template("modules/permissions/new.html").render(module=module) #return a crud to add a new event if type == 'event': return pages.get_template("modules/events/new.html").render(module=module) #return a crud to add a new event if type == 'page': return pages.get_template("modules/pages/new.html").render(module=module)
def updategroup(self, group, **kwargs): pages.require("/admin/users.edit") auth.Groups[group]['permissions'] = [] #Handle all the group permission checkboxes for i in kwargs: #Since HTTP args don't have namespaces we prefix all the permission checkboxes with permission if i[:10] == 'Permission': if kwargs[i] == 'true': auth.addGroupPermission(group, i[10:]) #Take the user back to the users page auth.generateUserPermissions( ) #update all users to have the new permissions lists raise cherrypy.HTTPRedirect("/auth")
def resourceUpdateTarget(module,resource,kwargs): pages.require("/admin/modules.edit") global moduleschanged moduleschanged = True with modulesLock: t = ActiveModules[module][resource]['resource-type'] resourceobj = ActiveModules[module][resource] if t == 'permission': resourceobj['description'] = kwargs['description'] #has its own lock auth.importPermissionsFromModules() #sync auth's list of permissions if t == 'event': e = newevt.Event(kwargs['trigger'],kwargs['action'],{})#Test compile, throw error on fail. resourceobj['trigger'] = kwargs['trigger'] resourceobj['action'] = kwargs['action'] resourceobj['setup'] = kwargs['setup'] resourceobj['priority'] = max([int(kwargs['priority']),0]) resourceobj['continual'] = 'continual' in kwargs resourceobj['rate-limit'] = float(kwargs['ratelimit']) #I really need to do something about this possibly brittle bookkeeping system #But anyway, when the active modules thing changes we must update the newevt cache thing. newevt.updateOneEvent(resource,module) if t == 'page': resourceobj['body'] = kwargs['body'] resourceobj['no-navheader'] = 'no-navheader' in kwargs resourceobj['no-header'] = 'no-header' in kwargs resourceobj['dont-show-in-index'] = 'dont-show-in-index' in kwargs #Method checkboxes resourceobj['require-method'] = [] if 'allow-GET' in kwargs: resourceobj['require-method'].append('GET') if 'allow-POST' in kwargs: resourceobj['require-method'].append('POST') #permission checkboxes resourceobj['require-permissions'] = [] for i in kwargs: #Since HTTP args don't have namespaces we prefix all the permission checkboxes with permission if i[:10] == 'Permission': if kwargs[i] == 'true': resourceobj['require-permissions'].append(i[10:]) usrpages.updateOnePage(resource,module) messagebus.postMessage("/system/notifications", "User "+ pages.getAcessingUser() + " modified resource " + resource + " of module " + module) #Return user to the module page raise cherrypy.HTTPRedirect("/modules/module/"+util.url(module))#+'/resource/'+util.url(resource))
def deletemoduletarget(self, **kwargs): pages.require("/admin/modules.edit") global moduleschanged moduleschanged = True with modulesLock: ActiveModules.pop(kwargs['name']) #Get rid of any lingering cached events newevt.removeModuleEvents(kwargs['name']) #Get rid of any permissions defined in the modules. auth.importPermissionsFromModules() usrpages.removeModulePages(kwargs['name']) messagebus.postMessage( "/system/notifications", "User " + pages.getAcessingUser() + " Deleted module " + kwargs['name']) raise cherrypy.HTTPRedirect("/modules")
def newmoduletarget(self,**kwargs): global scopes pages.require("/admin/modules.edit") #If there is no module by that name, create a blank template and the scope obj with modulesLock: if kwargs['name'] not in ActiveModules: ActiveModules[kwargs['name']] = {"__description": {"resource-type":"module-description", "text":"Module info here"}} #Create the scope that code in the module will run in scopes[kwargs['name']] = {} #Go directly to the newly created module raise cherrypy.HTTPRedirect("/modules/module/"+util.url(kwargs['name'])) else: return pages.get_template("error.html").render(info = " A module already exists by that name,")
def addResourceDispatcher(module, type): pages.require("/admin/modules.edit") #Return a crud to add a new permission if type == 'permission': return pages.get_template("modules/permissions/new.html").render( module=module) #return a crud to add a new event if type == 'event': return pages.get_template("modules/events/new.html").render( module=module) #return a crud to add a new event if type == 'page': return pages.get_template("modules/pages/new.html").render( module=module)
def newmoduletarget(self,**kwargs): global scopes pages.require("/admin/modules.edit") global moduleschanged moduleschanged = True #If there is no module by that name, create a blank template and the scope obj with modulesLock: if kwargs['name'] not in ActiveModules: ActiveModules[kwargs['name']] = {"__description": {"resource-type":"module-description", "text":"Module info here"}} #Create the scope that code in the module will run in scopes[kwargs['name']] = obj() #Go directly to the newly created module messagebus.postMessage("/system/notifications","User "+ pages.getAcessingUser() + " Created Module " + kwargs['name']) raise cherrypy.HTTPRedirect("/modules/module/"+util.url(kwargs['name'])) else: return pages.get_template("error.html").render(info = " A module already exists by that name,")
def default(self,module,pagename,*args,**kwargs): global _page_list_lock with _page_list_lock: page = _Pages[module][pagename] page.lastaccessed = time.time() #Check user permissions for i in page.permissions: pages.require(i) #Check HTTP Method if cherrypy.request.method not in page.methods: #Raise a redirect the the wrongmethod error page raise cherrypy.HTTPRedirect('/errors/wrongmethod') try: return page.template.render( kaithem = kaithemobj.kaithem, request = cherrypy.request, module = modules.scopes[module], path = args, kwargs = kwargs ) except Exception as e: #The HTTPRedirect is NOT an error, and should not be handled like one. #So we just reraise it unchanged if isinstance(e,cherrypy.HTTPRedirect): raise e #The way we let users securely serve static files is to simply #Give them a function that raises this special exception if isinstance(e,kaithemobj.ServeFileInsteadOfRenderingPageException): return cherrypy.lib.static.serve_file(e.f_filepath,e.f_MIME,e.f_name) #When an error happens, log it and save the time #Note that we are logging to the compiled event object page.errors.append([time.strftime(config['time-format']),e]) #Keep oly the most recent 25 errors #If this is the first error(high level: transition from ok to not ok) #send a global system messsage that will go to the front page. if len(page.errors)==1: messagebus.postMessage('/system/notifications', "Page "+pagename+" of module "+module+ " may need attention") raise (e)
def addResourceTarget(module,type,name,kwargs): pages.require("/admin/modules.edit") global moduleschanged moduleschanged = True def insertResource(r): ActiveModules[module][kwargs['name']] = r with modulesLock: #Check if a resource by that name is already there if kwargs['name'] in ActiveModules[module]: raise cherrypy.HTTPRedirect("/errors/alreadyexists") #Create a permission if type == 'permission': insertResource({ "resource-type":"permission", "description":kwargs['description']}) #has its own lock auth.importPermissionsFromModules() #sync auth's list of permissions if type == 'event': insertResource({ "resource-type":"event", "trigger":"False", "action":"pass", "once":True}) #newevt maintains a cache of precompiled events that must be kept in sync with #the modules newevt.updateOneEvent(kwargs['name'],module) if type == 'page': insertResource({ "resource-type":"page", "body":"Content here", 'no-navheader':True}) usrpages.updateOnePage(kwargs['name'],module) messagebus.postMessage("/system/notifications", "User "+ pages.getAcessingUser() + " added resource " + kwargs['name'] + " of type " + type+" to module " + module) #Take the user straight to the resource page raise cherrypy.HTTPRedirect("/modules/module/"+util.url(module)+'/resource/'+util.url(name))
def resourceEditPage(module,resource): pages.require("/admin/modules.view") with modulesLock: resourceinquestion = ActiveModules[module][resource] if resourceinquestion['resource-type'] == 'permission': return permissionEditPage(module, resource) if resourceinquestion['resource-type'] == 'event': return pages.get_template("/modules/events/event.html").render(module =module,name =resource,event =ActiveModules[module][resource]) if resourceinquestion['resource-type'] == 'page': if 'require-permissions' in resourceinquestion: requiredpermissions = resourceinquestion['require-permissions'] else: requiredpermissions = [] return pages.get_template("/modules/pages/page.html").render(module=module,name=resource, page=ActiveModules[module][resource],requiredpermissions = requiredpermissions)
def module(self,module,*path,**kwargs): #If we are not performing an action on a module just going to its page if not path: pages.require("/admin/modules.view") return pages.get_template("modules/module.html").render(module = ActiveModules[module],name = module) else: #This gets the interface to add a page if path[0] == 'addresource': #path[1] tells what type of resource is being created and addResourceDispatcher returns the appropriate crud screen return addResourceDispatcher(module,path[1]) #This case handles the POST request from the new resource target if path[0] == 'addresourcetarget': return addResourceTarget(module,path[1],kwargs['name'],kwargs) #This case shows the information and editing page for one resource if path[0] == 'resource': return resourceEditPage(module,path[1]) #This goes to a dispatcher that takes into account the type of resource and updates everything about the resource. if path[0] == 'updateresource': return resourceUpdateTarget(module,path[1],kwargs) #This returns a page to delete any resource by name if path[0] == 'deleteresource': pages.require("/admin/modules.edit") return pages.get_template("modules/deleteresource.html").render(module=module) #This handles the POST request to actually do the deletion if path[0] == 'deleteresourcetarget': pages.require("/admin/modules.edit") with modulesLock: r = ActiveModules[module].pop(kwargs['name']) #Annoying bookkeeping crap to get rid of the cached crap if r['resource-type'] == 'event': newevt.removeOneEvent(kwargs['name']) if r['resource-type'] == 'permission': auth.importPermissionsFromModules() #sync auth's list of permissions raise cherrypy.HTTPRedirect('/modules') #This is the target used to change the name and description(basic info) of a module if path[0] == 'update': pages.require("/admin/modules.edit") with modulesLock: ActiveModules[kwargs['name']] = ActiveModules.pop(module) ActiveModules[module]['__description']['text'] = kwargs['description'] raise cherrypy.HTTPRedirect('/modules/module/'+util.url(kwargs['name']))
def resourceUpdateTarget(module,resource,kwargs): pages.require("/admin/modules.edit") t = ActiveModules[module][resource]['resource-type'] if t == 'permission': with modulesLock: ActiveModules[module][resource]['description'] = kwargs['description'] #has its own lock auth.importPermissionsFromModules() #sync auth's list of permissions if t == 'event': with modulesLock: e = newevt.Event(kwargs['trigger'],kwargs['action'],{})#Test compile, throw error on fail. ActiveModules[module][resource]['trigger'] = kwargs['trigger'] ActiveModules[module][resource]['action'] = kwargs['action'] #I really need to do something about this possibly brittle bookkeeping system #But anyway, when the active modules thing changes we must update the newevt cache thing. newevt.updateOneEvent(resource,module) if t == 'page': with modulesLock: pageinquestion = ActiveModules[module][resource] pageinquestion['body'] = kwargs['body'] pageinquestion['no-navheader'] = 'no-navheader' in kwargs #Method checkboxes pageinquestion['require-method'] = [] if 'allow-GET' in kwargs: pageinquestion['require-method'].append('GET') if 'allow-POST' in kwargs: pageinquestion['require-method'].append('POST') #permission checkboxes pageinquestion['require-permissions'] = [] for i in kwargs: #Since HTTP args don't have namespaces we prefix all the permission checkboxes with permission if i[:10] == 'Permission': if kwargs[i] == 'true': pageinquestion['require-permissions'].append(i[10:]) #Return user to the module page raise cherrypy.HTTPRedirect("/modules/module/"+util.url(module))#+'/resource/'+util.url(resource))
def index(self): #Require permissions and render page. A lotta that in this file. pages.require("/admin/modules.view") return pages.get_template("modules/index.html").render(ActiveModules = ActiveModules)
def savetarget(self): pages.require("/admin/settings.edit") util.SaveAllState() messagebus.postMessage("/system/notifications","Global server state was saved to disk") raise cherrypy.HTTPRedirect('/')
def archive(self): pages.require('/users/logs.view') return pages.get_template('logging/archive.html').render(files = listlogdumps())
def newgroup(self): pages.require("/admin/users.edit") return pages.get_template("auth/newgroup.html").render()
def deletegroup(self, **kwargs): pages.require("/admin/users.edit") return pages.get_template("auth/deletegroup.html").render()
def deletegroup(self,**kwargs): pages.require("/admin/users.edit") return pages.get_template("auth/deletegroup.html").render()
def viewall(self, topic): pages.require('/users/logs.view') return pages.get_template('logging/topic.html').render(topicname=topic)
def clearall(self,topic): pages.require('/admin/logging.edit') log.pop(topic) return pages.get_template('logging/index.html').render()
def save(self): pages.require("/admin/settings.edit") return pages.get_template("settings/save.html").render()
def index(self): pages.require("/admin/settings.view") return pages.get_template("settings/index.html").render()
def index(self): pages.require("/admin/users.edit") return pages.get_template("auth/index.html").render(auth = auth)
def deluser(self,**kwargs): pages.require("/admin/users.edit") auth.removeUser(kwargs['user']) raise cherrypy.HTTPRedirect("/auth")
def deletemodule(self): pages.require("/admin/modules.edit") return pages.get_template("modules/delete.html").render()
def deluser(self, **kwargs): pages.require("/admin/users.edit") auth.removeUser(kwargs['user']) raise cherrypy.HTTPRedirect("/auth")
def delgroup(self, **kwargs): pages.require("/admin/users.edit") auth.removeGroup(kwargs['group']) raise cherrypy.HTTPRedirect("/auth")
def group(self, group): pages.require("/admin/users.edit") return pages.get_template("auth/group.html").render(auth=auth, name=group)
def delgroup(self,**kwargs): pages.require("/admin/users.edit") auth.removeGroup(kwargs['group']) raise cherrypy.HTTPRedirect("/auth")
def index(self): pages.require("/admin/users.edit") return pages.get_template("auth/index.html").render(auth=auth)
def index(self): pages.require("/admin/persistancefiles.view") return pages.get_template("persistfiles/delete.html").render()
def permissionEditPage(module,resource): pages.require("/admin/modules.view") return pages.get_template("modules/permissions/permission.html").render(module = module, permission = resource, description = ActiveModules[module][resource]['description'])
def savetarget(self): pages.require("/admin/settings.edit") util.SaveAllState() raise cherrypy.HTTPRedirect('/')
def save(self, *path, **data): pages.require('/admin/settings.edit') return pages.get_template('save.html').render()
def group(self,group): pages.require("/admin/users.edit") return pages.get_template("auth/group.html").render( auth = auth, name = group)