|
93
by mattgiuca
New directory hierarchy. |
1 |
# IVLE
|
2 |
# Copyright (C) 2007-2008 The University of Melbourne
|
|
3 |
#
|
|
4 |
# This program is free software; you can redistribute it and/or modify
|
|
5 |
# it under the terms of the GNU General Public License as published by
|
|
6 |
# the Free Software Foundation; either version 2 of the License, or
|
|
7 |
# (at your option) any later version.
|
|
8 |
#
|
|
9 |
# This program is distributed in the hope that it will be useful,
|
|
10 |
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
11 |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
12 |
# GNU General Public License for more details.
|
|
13 |
#
|
|
14 |
# You should have received a copy of the GNU General Public License
|
|
15 |
# along with this program; if not, write to the Free Software
|
|
16 |
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
17 |
||
18 |
# App: server
|
|
19 |
# Author: Tom Conway, Matt Giuca
|
|
20 |
# Date: 13/12/2007
|
|
21 |
||
22 |
# Serves content to the user (acting as a web server for students files).
|
|
23 |
# For most file types we just serve the static file, but
|
|
24 |
# for python files, we evaluate the python script inside
|
|
25 |
# our safe execution environment.
|
|
26 |
||
27 |
from common import (util, studpath, interpret) |
|
28 |
import conf |
|
29 |
import conf.app.server |
|
30 |
||
|
130
by mattgiuca
server: Imports os module correctly (needed by serve_file_directly). |
31 |
import os |
|
93
by mattgiuca
New directory hierarchy. |
32 |
import mimetypes |
33 |
||
34 |
def handle(req): |
|
35 |
"""Handler for the Server application which serves pages."""
|
|
36 |
req.write_html_head_foot = False |
|
37 |
||
38 |
# Get the username of the student whose work we are browsing, and the path
|
|
39 |
# on the local machine where the file is stored.
|
|
40 |
(user, path) = studpath.url_to_local(req.path) |
|
41 |
||
42 |
if user is None: |
|
43 |
# TODO: Nicer 404 message?
|
|
44 |
req.throw_error(req.HTTP_NOT_FOUND) |
|
45 |
||
46 |
serve_file(req, user, path) |
|
47 |
||
48 |
def serve_file(req, owner, filename): |
|
49 |
"""Serves a file, using one of three possibilities: interpreting the file,
|
|
50 |
serving it directly, or denying it and returning a 403 Forbidden error.
|
|
51 |
No return value. Writes to req (possibly throwing a server error exception
|
|
52 |
using req.throw_error).
|
|
53 |
|
|
54 |
req: An IVLE request object.
|
|
55 |
owner: Username of the user who owns the file being served.
|
|
56 |
filename: Filename in the local file system.
|
|
57 |
"""
|
|
58 |
||
59 |
# First get the mime type of this file
|
|
60 |
# (Note that importing common.util has already initialised mime types)
|
|
61 |
(type, _) = mimetypes.guess_type(filename) |
|
62 |
if type is None: |
|
|
147
by mattgiuca
conf: Moved "default_mimetype" configuration constant from conf/app/server.py |
63 |
type = conf.mimetypes.default_mimetype |
|
93
by mattgiuca
New directory hierarchy. |
64 |
|
65 |
# If this type is to be interpreted
|
|
|
147
by mattgiuca
conf: Moved "default_mimetype" configuration constant from conf/app/server.py |
66 |
if os.path.isdir(filename): |
67 |
# 403 Forbidden error for visiting a directory
|
|
68 |
# (Not giving a directory listing, since this can be seen by
|
|
69 |
# the world at large. Directory contents are private).
|
|
70 |
req.throw_error(req.HTTP_FORBIDDEN) |
|
71 |
elif type in conf.app.server.interpreters: |
|
|
93
by mattgiuca
New directory hierarchy. |
72 |
interp_name = conf.app.server.interpreters[type] |
73 |
try: |
|
74 |
# Get the interpreter function object
|
|
75 |
interp_object = interpret.interpreter_objects[interp_name] |
|
76 |
except KeyError: |
|
77 |
# TODO: Nicer 500 message (this is due to bad configuration in
|
|
78 |
# conf/app/server.py)
|
|
79 |
req.throw_error(req.HTTP_INTERNAL_SERVER_ERROR) |
|
80 |
interpret.interpret_file(req, owner, filename, interp_object) |
|
81 |
||
82 |
else: |
|
83 |
# Otherwise, use the blacklist/whitelist to see if this file should be
|
|
84 |
# served or disallowed
|
|
85 |
if conf.app.server.blacklist_served_filetypes: |
|
86 |
toserve = type not in conf.app.server.served_filetypes_blacklist |
|
87 |
else: |
|
88 |
toserve = type in conf.app.server.served_filetypes_whitelist |
|
89 |
||
90 |
# toserve or not toserve
|
|
91 |
if not toserve: |
|
92 |
# TODO: Nicer 403 message
|
|
93 |
req.throw_error(req.HTTP_FORBIDDEN) |
|
94 |
else: |
|
95 |
serve_file_direct(req, filename, type) |
|
96 |
||
97 |
def serve_file_direct(req, filename, type): |
|
98 |
"""Serves a file by directly writing it out to the response.
|
|
99 |
||
100 |
req: An IVLE request object.
|
|
101 |
filename: Filename in the local file system.
|
|
102 |
type: String. Mime type to serve the file with.
|
|
103 |
"""
|
|
104 |
if not os.access(filename, os.R_OK): |
|
105 |
req.throw_error(req.HTTP_NOT_FOUND) |
|
106 |
req.content_type = type |
|
107 |
req.sendfile(filename) |