← Back to branch summary

~azzar1/unity/add-show-desktop-key

93 by mattgiuca
New directory hierarchy. 
1
 
# IVLE

2
 
# Copyright (C) 2007-2008 The University of Melbourne

3
 
#

4
 
# This program is free software; you can redistribute it and/or modify

5
 
# it under the terms of the GNU General Public License as published by

6
 
# the Free Software Foundation; either version 2 of the License, or

7
 
# (at your option) any later version.

8
 
#

9
 
# This program is distributed in the hope that it will be useful,

10
 
# but WITHOUT ANY WARRANTY; without even the implied warranty of

11
 
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

12
 
# GNU General Public License for more details.

13
 
#

14
 
# You should have received a copy of the GNU General Public License

15
 
# along with this program; if not, write to the Free Software

16
 
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA

17
 









18



# App: server










19



# Author: Tom Conway, Matt Giuca










20



# Date: 13/12/2007










21












22



# Serves content to the user (acting as a web server for students files).










23



# For most file types we just serve the static file, but










24



# for python files, we evaluate the python script inside










25



# our safe execution environment.










26












27



from common import (util, studpath, interpret)










28



import conf










29



import conf.app.server










30










130
by mattgiuca


server: Imports os module correctly (needed by serve_file_directly).



31



import os








93
by mattgiuca


New directory hierarchy.



32



import mimetypes










33












34



def handle(req):










35



    """Handler for the Server application which serves pages."""










36



    req.write_html_head_foot = False










37












38



    # Get the username of the student whose work we are browsing, and the path










39



    # on the local machine where the file is stored.










40



    (user, path) = studpath.url_to_local(req.path)










41












42



    if user is None:










43



        # TODO: Nicer 404 message?










44



        req.throw_error(req.HTTP_NOT_FOUND)










45












46



    serve_file(req, user, path)










47










262
by mattgiuca


studpath: Added "authorize" function which checks the logged in user against



48



def authorize(req):










49



    """Given a request, checks whether req.username is allowed to










50



    access req.path. Returns None on authorization success. Raises










51



    HTTP_FORBIDDEN on failure.










52



    """










53



    if req.publicmode:










54



        # Public mode authorization: any user can access any other user's








266
by mattgiuca


Added Publishing feature. This feature is complete except it currently isn't



55



        # files, BUT the accessed file needs to have its "ivle:published" flag








262
by mattgiuca


studpath: Added "authorize" function which checks the logged in user against



56



        # turned on in the SVN status.








266
by mattgiuca


Added Publishing feature. This feature is complete except it currently isn't



57



        studpath.authorize_public(req)








262
by mattgiuca


studpath: Added "authorize" function which checks the logged in user against



58



    else:










59



        # Private mode authorization: standard (only logged in user can access










60



        # their own files, and can access all of them).










61



        studpath.authorize(req)










62










93
by mattgiuca


New directory hierarchy.



63



def serve_file(req, owner, filename):










64



    """Serves a file, using one of three possibilities: interpreting the file,










65



    serving it directly, or denying it and returning a 403 Forbidden error.










66



    No return value. Writes to req (possibly throwing a server error exception










67



    using req.throw_error).










68



    










69



    req: An IVLE request object.










70



    owner: Username of the user who owns the file being served.










71



    filename: Filename in the local file system.










72



    """








262
by mattgiuca


studpath: Added "authorize" function which checks the logged in user against



73



    # Authorize access. If failure, this throws a HTTP_FORBIDDEN error.










74



    authorize(req)








93
by mattgiuca


New directory hierarchy.



75












76



    # First get the mime type of this file










77



    # (Note that importing common.util has already initialised mime types)










78



    (type, _) = mimetypes.guess_type(filename)










79



    if type is None:








147
by mattgiuca


conf: Moved "default_mimetype" configuration constant from conf/app/server.py



80



        type = conf.mimetypes.default_mimetype








93
by mattgiuca


New directory hierarchy.



81












82



    # If this type is to be interpreted








147
by mattgiuca


conf: Moved "default_mimetype" configuration constant from conf/app/server.py



83



    if os.path.isdir(filename):










84



        # 403 Forbidden error for visiting a directory










85



        # (Not giving a directory listing, since this can be seen by










86



        # the world at large. Directory contents are private).










87



        req.throw_error(req.HTTP_FORBIDDEN)










88



    elif type in conf.app.server.interpreters:








93
by mattgiuca


New directory hierarchy.



89



        interp_name = conf.app.server.interpreters[type]










90



        try:










91



            # Get the interpreter function object










92



            interp_object = interpret.interpreter_objects[interp_name]










93



        except KeyError:










94



            # TODO: Nicer 500 message (this is due to bad configuration in










95



            # conf/app/server.py)










96



            req.throw_error(req.HTTP_INTERNAL_SERVER_ERROR)










97



        interpret.interpret_file(req, owner, filename, interp_object)










98












99



    else:










100



        # Otherwise, use the blacklist/whitelist to see if this file should be










101



        # served or disallowed










102



        if conf.app.server.blacklist_served_filetypes:










103



            toserve = type not in conf.app.server.served_filetypes_blacklist










104



        else:










105



            toserve = type in conf.app.server.served_filetypes_whitelist










106












107



        # toserve or not toserve










108



        if not toserve:










109



            # TODO: Nicer 403 message










110



            req.throw_error(req.HTTP_FORBIDDEN)










111



        else:










112



            serve_file_direct(req, filename, type)










113












114



def serve_file_direct(req, filename, type):










115



    """Serves a file by directly writing it out to the response.










116












117



    req: An IVLE request object.










118



    filename: Filename in the local file system.










119



    type: String. Mime type to serve the file with.










120



    """










121



    if not os.access(filename, os.R_OK):










122



        req.throw_error(req.HTTP_NOT_FOUND)










123



    req.content_type = type










124



    req.sendfile(filename)