def lookup(route, role_id):
'''
Tries to look up the entry in the Rules table whose route matches route.
If no rule is found a ValueError is raised. Otherwise the function finds
the rule that applies to the given role most directly and returns it.
If there is a rule for the given role that is returned.
If not the function tries to find a rule for the parent, grandparent, ...
If there is not found a matching still the function returns None.
'''
Log.debug(__name__, route)
items = Rule.all()
# Try to match the route directly. This will collect the correct results for
# all actions that are explicitly defined (f.i. /mailbox/[^/]+/reply) and for
# the create, delete, update and find actions of an object folder.
rules = [item for item in items if \
re.match(re.sub("/$", "/?", item.route) + "$", route)]
# If there was no rule found assume this is an object view action.
# Try to remove the object identifier (f.i. /mailbox/mail123 becomes
# /mailbox/) and to match again.
if not rules:
route = re.sub("(?<=.)/[^/]+$", "/", route)
rules = [item for item in items if re.match(item.route + "$", route)]
# If there still was no matching rule found raise a ValueError.
if not rules: raise ValueError()
role = Role.get(role_id)
while (role):
for item in rules:
if Role.get(item.role_id) == role: return item
role = Role.get(role.parent_id)
return None
def __init__(self, files, distdir):
super(Package, self).__init__()
self.files = files
self.distdir = distdir
Common.create_dir(distdir)
Log.debug('packages: %s' % files)
Log.debug('distdir: %s' % distdir)
def decode_data(cls, data, encoding='utf-8'):
s = None
if data:
try:
s = data.decode(encoding)
except Exception as e:
Log.debug(e)
return s
def rex_find_all(cls, pattern, string, flags=0):
result = None
if string and pattern:
try:
result = re.findall(pattern, string, flags=flags)
except Exception as e:
Log.debug('something error: %s' % e)
return result
def remove(cls, path):
try:
if os.path.isdir(path):
shutil.rmtree(path)
elif os.path.isfile(path):
os.remove(path)
except IOError as e:
if cls.debug():
Log.debug(e)
def json2str(cls, jsonStr):
result = None
if jsonStr:
try:
result = json.dumps(jsonStr, ensure_ascii=False, indent=2)
except Exception as e:
if cls.debug():
Log.debug('json2str:%s' % e)
return result
def str2json(cls, string):
result = None
if string:
try:
result = json.loads(string)
except Exception as e:
if cls.debug():
Log.debug('str2json: %s' % e)
return result
def installUsers():
if User.get(1): return
Log.debug(Installer.__name__, "Installing users...")
items = [
# role email name
# password key
User(Role.get(2), None, "Gast", None, ""),
User(Role.get(5), "*****@*****.**", "Administrator", "pwd", ""),
User(Role.get(3), "*****@*****.**", "Benutzer", "pwd", ""),
User(Role.get(3), "*****@*****.**", "Test Benutzer", "pwd", ""),
]
for item in items:
item.create()
def html_elements(cls, content, xpath, tree=None):
if not content or not xpath:
return None
elements = []
try:
if tree is None:
tree = etree.HTML(content)
if tree is not None:
elements = tree.xpath(xpath)
except Exception as e:
Log.debug('xpath except: %s', e)
return elements
def request_data(self,
url,
headers=None,
data=None,
method=None,
cache=False):
if not headers:
headers = {}
cachePath = None
if cache:
md5Str = url
md5Str = md5Str + urllib.parse.urlencode(headers)
cachePath = os.path.join(
tempfile.gettempdir(),
hashlib.md5(md5Str.encode('utf-8')).hexdigest())
if os.path.isfile(cachePath):
Log.debug('load cache: ' + cachePath + ' url:' + url)
with open(cachePath, 'rb') as f:
return f.read()
req = urllib.request.Request(url,
data=data,
headers=headers,
origin_req_host=None,
unverifiable=False,
method=method)
# 停止使用 Proxy
# self.rebuildOpener(proxy={'http': proxy})
self.rebuildOpener(proxy=None)
response = None
try:
with self.opener.open(req, timeout=30) as f:
response = f.read()
headers = f.info()
encoding = headers.get('Content-Encoding')
if encoding is not None and encoding == 'gzip' and isinstance(
response, bytes):
response = GZip.uncompress(response)
except Exception as e:
Log.debug('request error: %s, %s' % (e, url))
if response and cachePath:
with open(cachePath, 'wb') as f:
f.write(response)
return response
def installRoles():
if Role.get(1): return
Log.debug(Installer.__name__, "Installing roles...")
items = [
# parent name
# description
Role(None, "Root", "Applies to everyone."),
Role(1, "Guest", "Applies to clients who aren't logged in."),
Role(1, "User", "Applies to all logged in users."),
Role(
3, "Locked",
"Applies to clients who haven't activated their account yet."),
Role(3, "Administrator", "Has the most extensive permissions."),
]
for item in items:
item.create()
def beforerequest():
Log.debug(__name__, "Incoming request")
Log.debug(__name__, request.path)
# The next line is to prevent the acquisition of globals when a static file
# (style sheet, image, etc.) is requested. Since all files have an extension
# but urls don't it simply checks whether the path contains a full stop.
if "." in request.path: return
# Fill the global scope ...
g.session = Session.acquire(session)
g.user = Client.get(g.session.user_id)
g.role = g.user.role
g.main_menu = menubar("main", g.role.id)
g.personal_menu = menubar("personal", g.role.id)
g.extended_menu = menubar("extended", g.role.id)
permitted = access(request.path, g.role.id, True)
if permitted == -1: return invalid()
elif permitted == 0: return forbidden()
def backup(src,
dst_dir,
retemtion_days,
hours_last_day=None,
ignore_hours=None):
if hours_last_day is None:
hours_last_day = 8
if should_ignore_hours(ignore_hours):
return
name = Common.filename(src) + '_' + datetime.datetime.now().strftime(
'%Y%m%d%H' + Common.file_extension(src))
dst = Common.join_paths(dst_dir, name)
Log.debug('backup %s to %s' % (src, dst))
Common.create_dir(dst_dir)
cmd = 'rsync -aE --progress %s %s' % (src, dst)
Common.system_cmd(cmd)
# delete older backups
arr = [x for x in Common.list_dir(dst_dir) if x != '.DS_Store']
for x in arr:
name = Common.filename(x)
t = name.split('_')
if t and len(t) > 1:
dt = datetime.datetime.strptime(t[-1], '%Y%m%d%H')
days = (datetime.datetime.now() - dt).days
should_delete = False
if days >= 1:
if days in retemtion_days:
if dt.hour < 23:
should_delete = True
else:
should_delete = True
elif days == 0 and dt.hour < 23 and (
datetime.datetime.now() -
dt).seconds > hours_last_day * 60 * 60:
should_delete = True
if should_delete:
file = Common.join_paths(dst_dir, x)
Common.remove(file)
def installMenus():
if Menu.get(1): return
Log.debug(Installer.__name__, "Installing menus...")
items = [
# address, name, menubar, weight, flags, image
Menu("/signin", "Sign in", "personal", 2, 1, None),
Menu("/signout", "Sign out", "personal", 2, 1, None),
Menu("/personal", "Mein Account", "personal", 0, 1, None),
Menu("/pages/about", "Über uns", "main", 0, 0, None),
Menu("/blog", "Blog", "main", 1, 0, None),
Menu("/administration", "Administration", "main", 2, 0, None),
Menu("/pages/contact", "Kontakt", "extended", 0, 0, None),
Menu("/pages/legal", "Impressum", "extended", 0, 0, None),
Menu("/rules", "Rules", "administration", 0, 0, None),
Menu("/roles", "Roles", "administration", 0, 0, None),
Menu("/menus", "Menus", "administration", 0, 0, None),
Menu("/rules/create", "Neue Regel", "rule", 0, 0,
"img/administration/create-24.png"),
Menu("/rules/<id>/delete", "", "rule", 1, 0,
"img/administration/delete-24.png"),
Menu("/rules/<id>/update", "", "rule", 2, 0,
"img/administration/update-24.png"),
Menu("/roles/create", "Neue Rolle", "role", 0, 0,
"img/administration/create-24.png"),
Menu("/roles/<id>/delete", "", "role", 1, 0,
"img/administration/delete-24.png"),
Menu("/roles/<id>/update", "", "role", 2, 0,
"img/administration/update-24.png"),
Menu("/menus/create", "Neuer Menüeintrag", "menu", 0, 0,
"img/administration/create-24.png"),
Menu("/menus/<id>/delete", "", "menu", 1, 0,
"img/administration/delete-24.png"),
Menu("/menus/<id>/update", "", "menu", 2, 0,
"img/administration/update-24.png"),
Menu("/blog/create", "Neuer Blogeintrag", "blog", 0, 0,
"img/administration/create-24.png"),
Menu("/blog/<id>/delete", "", "blog", 1, 0,
"img/administration/delete-24.png"),
Menu("/blog/<id>/update", "", "blog", 2, 0,
"img/administration/update-24.png")
]
for item in items:
item.create()
def system_cmd(cls, cmd, directory=None, log=False):
lock = Common().cmdlock
lock.acquire()
if directory is not None:
os.chdir(directory)
if cls.debug():
Log.debug(cmd)
result = None
if log:
r = os.popen(cmd)
result = r.read()
r.close()
else:
result = os.system(cmd)
lock.release()
return result
def acquire(cls, cookie):
'''
Acquires the current session over the remote client's cookie. The acquired
session always holds the user the client is signed on with or guest if he
is not signed on.
'''
session = None
if "sKey" in cookie:
session = cls.unique((cls.key == cookie["sKey"]) & \
(cls.ip == request.remote_addr))
if not session:
Log.debug(__name__, "Creating new session ...")
session = cls()
session.key = randomkey(24)
session.user_id = 1
session.ip = request.remote_addr
Session.create(session)
Log.debug(__name__, "Session acquired (%s) ..." % (session.key))
cookie["sKey"] = session.key
return session
def rebuildOpener(self, proxy=None):
path = self.cookiePath()
if self.cookiejar is None and path is not None:
Log.debug('initialCookie: ' + path)
cj = http.cookiejar.MozillaCookieJar()
self.cookiejar = cj
if os.path.isfile(path):
cj.load(path)
hcj = urllib.request.HTTPCookieProcessor(self.cookiejar)
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
context = urllib.request.HTTPSHandler(context=ctx)
args = [hcj, context]
if proxy:
args.append(urllib.request.ProxyHandler(proxy))
opener = urllib.request.build_opener(*args)
self.opener = opener
def installRules():
if Rule.get(1): return
Log.debug(Installer.__name__, "Installing rules...")
items = [
# role_id pattern
# insert, delete, update, view, search
Rule(1, "/", "None", "None", "None", "All", "None"),
Rule(1, "/pages/", "None", "None", "None", "All", "None"),
Rule(2, "/register/", "None", "None", "None", "All", "None"),
Rule(2, "/reset/", "None", "None", "None", "All", "None"),
Rule(2, "/signin", "None", "None", "None", "All", "None"),
Rule(3, "/signout", "None", "None", "None", "All", "None"),
Rule(5, "/", "All", "All", "All", "All", "All"),
Rule(5, "/pages/", "All", "All", "All", "All", "All"),
Rule(5, "/administration", "All", "All", "All", "All", "All"),
Rule(5, "/roles/", "All", "All", "All", "All", "All"),
Rule(5, "/rules/", "All", "All", "All", "All", "All"),
Rule(5, "/menus/", "All", "All", "All", "All", "All"),
Rule(3, "/personal/", "None", "None", "None", "All", "None"),
Rule(3, "/blog/", "Own", "Own", "Own", "All", "None")
]
for item in items:
item.create()
