22
22
Apache send all requests to be handled by the module 'dispatch'.
24
24
Top-level handler. Handles all requests to all pages in IVLE.
25
Handles authentication and delegates to views for authorization,
26
then passes the request along to the appropriate view.
25
Handles authentication (not authorization).
26
Then passes the request along to the appropriate ivle app.
42
43
from ivle import util
44
46
from ivle.dispatch.request import Request
45
import ivle.webapp.security
46
from ivle.webapp.base.plugins import ViewPlugin, PublicViewPlugin
47
from ivle.webapp.base.xhtml import XHTMLView, XHTMLErrorView
48
from ivle.webapp.errors import BadRequest, HTTPError, NotFound, Unauthorized
49
from ivle.webapp.publisher import Publisher, PublishingError
50
from ivle.webapp import ApplicationRoot
52
config = ivle.config.Config()
54
class ObjectPermissionCheckingPublisher(Publisher):
55
"""A specialised publisher that checks object permissions.
57
This publisher verifies that the user holds any permission at all
58
on the model objects through which the resolution path passes. If
59
no permission is held, resolution is aborted with an Unauthorized
62
IMPORTANT: This does NOT check view permissions. It only checks
63
the objects in between the root and the view, exclusive!
66
def traversed_to_object(self, obj):
67
"""Check that the user has any permission at all over the object."""
68
if (hasattr(obj, 'get_permissions') and
69
len(obj.get_permissions(self.root.user, config)) == 0):
70
# Indicate the forbidden object if this is an admin.
71
if self.root.user and self.root.user.admin:
72
raise Unauthorized('Unauthorized: %s' % obj)
77
def generate_publisher(view_plugins, root, publicmode=False):
47
from ivle.dispatch import login
48
from ivle.webapp.base.plugins import ViewPlugin
49
from ivle.webapp.errors import HTTPError, Unauthorized
53
# XXX List of plugins, which will eventually be read in from conf
55
'ivle.webapp.core#Plugin',
56
'ivle.webapp.admin.user#Plugin',
57
'ivle.webapp.tutorial#Plugin',
58
'ivle.webapp.admin.subject#Plugin',
59
'ivle.webapp.filesystem.browser#Plugin',
60
'ivle.webapp.filesystem.diff#Plugin',
61
'ivle.webapp.filesystem.svnlog#Plugin',
62
'ivle.webapp.groups#Plugin',
63
'ivle.webapp.console#Plugin',
64
'ivle.webapp.security#Plugin',
65
'ivle.webapp.media#Plugin',
66
'ivle.webapp.forum#Plugin',
67
'ivle.webapp.help#Plugin',
68
'ivle.webapp.tos#Plugin',
69
'ivle.webapp.userservice#Plugin',
72
def generate_route_mapper(view_plugins):
79
74
Build a Mapper object for doing URL matching using 'routes', based on the
80
75
given plugin registry.
82
r = ObjectPermissionCheckingPublisher(root=root)
84
r.add_set_switch('api', 'api')
87
view_attr = 'public_views'
88
forward_route_attr = 'public_forward_routes'
89
reverse_route_attr = 'public_reverse_routes'
92
forward_route_attr = 'forward_routes'
93
reverse_route_attr = 'reverse_routes'
77
m = routes.Mapper(explicit=True)
96
78
for plugin in view_plugins:
97
if hasattr(plugin, forward_route_attr):
98
for fr in getattr(plugin, forward_route_attr):
99
# An annotated function can also be passed in directly.
100
if hasattr(fr, '_forward_route_meta'):
101
r.add_forward_func(fr)
105
if hasattr(plugin, reverse_route_attr):
106
for rr in getattr(plugin, reverse_route_attr):
107
# An annotated function can also be passed in directly.
108
if hasattr(rr, '_reverse_route_src'):
109
r.add_reverse_func(rr)
113
if hasattr(plugin, view_attr):
114
for v in getattr(plugin, view_attr):
119
def handler(apachereq):
120
"""Handles an HTTP request.
79
# Establish a URL pattern for each element of plugin.urls
80
assert hasattr(plugin, 'urls'), "%r does not have any urls" % plugin
81
for url in plugin.urls:
84
kwargs_dict = url[2] if len(url) >= 3 else {}
85
m.connect(routex, view=view_class, **kwargs_dict)
88
def get_plugin(pluginstr):
89
plugin_path, classname = pluginstr.split('#')
90
# Load the plugin module from somewhere in the Python path
91
# (Note that plugin_path is a fully-qualified Python module name).
93
getattr(__import__(plugin_path, fromlist=[classname]), classname))
96
"""Handles a request which may be to anywhere in the site except media.
122
97
Intended to be called by mod_python, as a handler.
124
@param apachereq: An Apache request object.
126
# Make the request object into an IVLE request which can be given to views
127
req = Request(apachereq, config)
129
req.publisher = generate_publisher(
130
config.plugin_index[ViewPlugin], ApplicationRoot(req),
131
publicmode=req.publicmode)
134
obj, viewcls, subpath = req.publisher.resolve(req.uri.decode('utf-8'))
99
req: An Apache request object.
101
# Make the request object into an IVLE request which can be passed to apps
104
req = Request(req, html.write_html_head)
106
# Pass the apachereq to error reporter, since ivle req isn't created
108
handle_unknown_exception(apachereq, *sys.exc_info())
109
# Tell Apache not to generate its own errors as well
110
return mod_python.apache.OK
112
# Run the main handler, and catch all exceptions
114
return handler_(req, apachereq)
115
except mod_python.apache.SERVER_RETURN:
116
# An apache error. We discourage these, but they might still happen.
120
handle_unknown_exception(req, *sys.exc_info())
121
# Tell Apache not to generate its own errors as well
122
return mod_python.apache.OK
124
def handler_(req, apachereq):
126
Nested handler function. May raise exceptions. The top-level handler is
127
just used to catch exceptions.
128
Takes both an IVLE request and an Apache req.
130
# Hack? Try and get the user login early just in case we throw an error
131
# (most likely 404) to stop us seeing not logged in even when we are.
132
if not req.publicmode:
133
user = login.get_user_details(req)
135
# Don't set the user if it is disabled or hasn't accepted the ToS.
136
if user and user.valid:
139
### BEGIN New plugins framework ###
140
# XXX This should be done ONCE per Python process, not per request.
142
req.plugins = dict([get_plugin(pluginstr) for pluginstr in plugins_HACK])
143
# Index the plugins by base class
144
req.plugin_index = {}
145
for plugin in req.plugins.values():
146
# Getmro returns a tuple of all the super-classes of the plugin
147
for base in inspect.getmro(plugin):
148
if base not in req.plugin_index:
149
req.plugin_index[base] = []
150
req.plugin_index[base].append(plugin)
151
req.reverse_plugins = dict([(v, k) for (k, v) in req.plugins.items()])
152
req.mapper = generate_route_mapper(req.plugin_index[ViewPlugin])
154
matchdict = req.mapper.match(req.uri)
155
if matchdict is not None:
156
viewcls = matchdict['view']
157
# Get the remaining arguments, less 'view', 'action' and 'controller'
158
# (The latter two seem to be built-in, and we don't want them).
159
kwargs = matchdict.copy()
136
# We 404 if we have a subpath but the view forbids it.
137
if not viewcls.subpath_allowed and subpath:
140
162
# Instantiate the view, which should be a BaseView class
141
view = viewcls(req, obj, subpath)
163
view = viewcls(req, **kwargs)
143
165
# Check that the request (mainly the user) is permitted to access
145
167
if not view.authorize(req):
146
# Indicate the forbidden object if this is an admin.
147
if req.user and req.user.admin:
148
raise Unauthorized('Unauthorized: %s' % view)
152
# Non-GET requests from other sites leave us vulnerable to
154
referer = req.headers_in.get('Referer')
155
if (referer is None or
156
urlparse.urlparse(req.headers_in.get('Referer')).netloc !=
158
if req.method != 'GET' and not view.offsite_posts_allowed:
160
"Non-GET requests from external sites are forbidden "
161
"for security reasons.")
163
169
# Render the output
165
171
except HTTPError, e:
184
except mod_python.apache.SERVER_RETURN:
185
# A mod_python-specific Apache error.
186
# XXX: We need to raise these because req.throw_error() uses them.
187
# Remove this after Google Code issue 117 is fixed.
189
190
except Exception, e:
190
191
# A non-HTTPError appeared. We have an unknown exception. Panic.
191
192
handle_unknown_exception(req, *sys.exc_info())
194
# Commit the transaction if we have a store open.
197
except Unauthorized, e:
198
# Resolution failed due to a permission check. Display a pretty
199
# error, or maybe a login page.
200
XHTMLView.get_error_view(e)(req, e, req.publisher.root).render(req)
197
### END New plugins framework ###
199
# Check req.app to see if it is valid. 404 if not.
200
if req.app is not None and req.app not in ivle.conf.apps.app_url:
201
req.throw_error(Request.HTTP_NOT_FOUND,
202
"There is no application called %s." % repr(req.app))
204
# Special handling for public mode - only allow the public app, call it
206
# NOTE: This will not behave correctly if the public app uses
207
# write_html_head_foot, but "serve" does not.
209
if req.app != ivle.conf.apps.public_app:
210
req.throw_error(Request.HTTP_FORBIDDEN,
211
"This application is not available on the public site.")
212
app = ivle.conf.apps.app_url[ivle.conf.apps.public_app]
213
apps.call_app(app.dir, req)
202
except PublishingError, e:
205
if req.user and req.user.admin:
206
XHTMLErrorView(req, NotFound('Not found: ' +
207
str(e.args)), e[0]).render(req)
216
# app is the App object for the chosen app
218
app = ivle.conf.apps.app_url[ivle.conf.apps.default_app]
220
app = ivle.conf.apps.app_url[req.app]
222
# Check if app requires auth. If so, perform authentication and login.
223
# This will either return a User object, None, or perform a redirect
224
# which we will not catch here.
226
logged_in = req.user is not None
230
assert logged_in # XXX
233
# Keep the user's session alive by writing to the session object.
234
# req.get_session().save()
235
# Well, it's a fine idea, but it creates considerable grief in the
236
# concurrent update department, so instead, we'll just make the
237
# sessions not time out.
238
req.get_session().unlock()
240
# If user did not specify an app, HTTP redirect to default app and
243
req.throw_redirect(util.make_path(ivle.conf.apps.default_app))
245
# Set the default title to the app's tab name, if any. Otherwise URL
247
if app.name is not None:
209
XHTMLErrorView(req, NotFound(), e[0]).render(req)
213
# Make sure we close the store.
252
# Call the specified app with the request object
253
apps.call_app(app.dir, req)
255
# if not logged in, login.login will have written the login box.
256
# Just clean up and exit.
258
# MAKE SURE we write the HTTP (and possibly HTML) header. This
259
# wouldn't happen if nothing else ever got written, so we have to make
261
req.ensure_headers_written()
263
# When done, write out the HTML footer if the app has requested it
264
if req.write_html_head_foot:
265
html.write_html_foot(req)
267
# Note: Apache will not write custom HTML error messages here.
268
# Use req.throw_error to do that.
216
271
def handle_unknown_exception(req, exc_type, exc_value, exc_traceback):
263
# A "bad" error message. We shouldn't get here unless IVLE
264
# misbehaves (which is currently very easy, if things aren't set up
266
# Write the traceback.
268
# We need to special-case IVLEJailError, as we can get another
269
# almost-exception out of it.
270
if exc_type is util.IVLEJailError:
271
tb = 'Exception information extracted from IVLEJailError:\n'
272
tb += urllib.unquote(exc_value.info)
327
logging.debug('Logging Unhandled Exception')
329
# We handle 3 types of error.
330
# IVLEErrors with 4xx response codes (client error).
331
# IVLEErrors with 5xx response codes (handled server error).
332
# Other exceptions (unhandled server error).
333
# IVLEErrors should not have other response codes than 4xx or 5xx
334
# (eg. throw_redirect should have been used for 3xx codes).
335
# Therefore, that is treated as an unhandled error.
337
if (exc_type == util.IVLEError and httpcode >= 400
338
and httpcode <= 499):
339
# IVLEErrors with 4xx response codes are client errors.
340
# Therefore, these have a "nice" response (we even coat it in the IVLE
343
req.write_html_head_foot = True
344
req.write_javascript_settings = False
345
req.write('<div id="ivle_padding">\n')
347
codename, msg = req.get_http_codename(httpcode)
348
except AttributeError:
349
codename, msg = None, None
350
# Override the default message with the supplied one,
352
if exc_value.message is not None:
353
msg = exc_value.message
354
if codename is not None:
355
req.write("<h1>Error: %s</h1>\n" % cgi.escape(codename))
357
req.write("<h1>Error</h1>\n")
359
req.write("<p>%s</p>\n" % cgi.escape(msg))
361
req.write("<p>An unknown error occured.</p>\n")
364
logging.info(str(msg))
366
req.write("<p>(HTTP error code %d)</p>\n" % httpcode)
368
req.write("<p>Warning: Could not open Error Log: '%s'</p>\n"
369
%cgi.escape(logfile))
370
req.write('</div>\n')
371
html.write_html_foot(req)
274
tb = ''.join(traceback.format_exception(exc_type, exc_value,
277
logging.error('\n' + tb)
279
# Error messages are only displayed is the user is NOT a student,
280
# or if there has been a problem logging the error message
281
show_errors = (not publicmode) and ((login and req.user.admin) or logfail)
282
req.write("""<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
373
# A "bad" error message. We shouldn't get here unless IVLE
374
# misbehaves (which is currently very easy, if things aren't set up
376
# Write the traceback.
377
# If this is a non-4xx IVLEError, get the message and httpcode and
378
# make the error message a bit nicer (but still include the
380
# We also need to special-case IVLEJailError, as we can get another
381
# almost-exception out of it.
383
codename, msg = None, None
385
if exc_type is util.IVLEJailError:
386
msg = exc_value.type_str + ": " + exc_value.message
387
tb = 'Exception information extracted from IVLEJailError:\n'
388
tb += urllib.unquote(exc_value.info)
391
codename, msg = req.get_http_codename(httpcode)
392
except AttributeError:
394
# Override the default message with the supplied one,
396
if hasattr(exc_value, 'message') and exc_value.message is not None:
397
msg = exc_value.message
398
# Prepend the exception type
399
if exc_type != util.IVLEError:
400
msg = exc_type.__name__ + ": " + msg
402
tb = ''.join(traceback.format_exception(exc_type, exc_value,
406
logging.error('%s\n%s'%(str(msg), tb))
407
# Error messages are only displayed is the user is NOT a student,
408
# or if there has been a problem logging the error message
409
show_errors = (not publicmode) and ((login and \
410
str(role) != "student") or logfail)
411
req.write("""<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
283
412
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
284
413
<html xmlns="http://www.w3.org/1999/xhtml">
285
414
<head><title>IVLE Internal Server Error</title></head>
287
<h1>IVLE Internal Server Error</h1>
416
<h1>IVLE Internal Server Error""")
418
if (codename is not None
419
and httpcode != mod_python.apache.HTTP_INTERNAL_SERVER_ERROR):
420
req.write(": %s" % cgi.escape(codename))
288
423
<p>An error has occured which is the fault of the IVLE developers or
292
req.write("Please report this issue to the server administrators, "
293
"along with the following information.")
295
req.write("Details have been logged for further examination.")
299
req.write("<h2>Debugging information</h2>")
300
req.write("<pre>\n%s\n</pre>\n"%cgi.escape(tb))
301
req.write("</body></html>")
424
administration. The developers have been notified.</p>
428
req.write("<p>%s</p>\n" % cgi.escape(msg))
429
if httpcode is not None:
430
req.write("<p>(HTTP error code %d)</p>\n" % httpcode)
432
<p>Please report this to <a href="mailto:%s">%s</a> (the system
433
administrator). Include the following information:</p>
434
""" % (cgi.escape(admin_email), cgi.escape(admin_email)))
436
req.write("<pre>\n%s\n</pre>\n"%cgi.escape(tb))
438
req.write("<p>Warning: Could not open Error Log: '%s'</p>\n"
439
%cgi.escape(logfile))
440
req.write("</body></html>")
added
removed
ivle/dispatch/__init__.py
