42
42
from ivle import util
44
44
from ivle.dispatch.request import Request
45
45
import ivle.webapp.security
46
46
from ivle.webapp.base.plugins import ViewPlugin, PublicViewPlugin
47
from ivle.webapp.base.xhtml import XHTMLView, XHTMLErrorView
48
from ivle.webapp.errors import BadRequest, HTTPError, NotFound, Unauthorized
49
from ivle.webapp.publisher import Publisher, PublishingError
50
from ivle.webapp import ApplicationRoot
52
config = ivle.config.Config()
54
class ObjectPermissionCheckingPublisher(Publisher):
55
"""A specialised publisher that checks object permissions.
57
This publisher verifies that the user holds any permission at all
58
on the model objects through which the resolution path passes. If
59
no permission is held, resolution is aborted with an Unauthorized
62
IMPORTANT: This does NOT check view permissions. It only checks
63
the objects in between the root and the view, exclusive!
66
def traversed_to_object(self, obj):
67
"""Check that the user has any permission at all over the object."""
68
if (hasattr(obj, 'get_permissions') and
69
len(obj.get_permissions(self.root.user, config)) == 0):
70
# Indicate the forbidden object if this is an admin.
71
if self.root.user and self.root.user.admin:
72
raise Unauthorized('Unauthorized: %s' % obj)
77
def generate_publisher(view_plugins, root, publicmode=False):
47
from ivle.webapp.errors import HTTPError, Unauthorized
49
def generate_route_mapper(view_plugins, attr):
79
51
Build a Mapper object for doing URL matching using 'routes', based on the
80
52
given plugin registry.
82
r = ObjectPermissionCheckingPublisher(root=root)
84
r.add_set_switch('api', 'api')
87
view_attr = 'public_views'
88
forward_route_attr = 'public_forward_routes'
89
reverse_route_attr = 'public_reverse_routes'
92
forward_route_attr = 'forward_routes'
93
reverse_route_attr = 'reverse_routes'
54
m = routes.Mapper(explicit=True)
96
55
for plugin in view_plugins:
97
if hasattr(plugin, forward_route_attr):
98
for fr in getattr(plugin, forward_route_attr):
99
# An annotated function can also be passed in directly.
100
if hasattr(fr, '_forward_route_meta'):
101
r.add_forward_func(fr)
105
if hasattr(plugin, reverse_route_attr):
106
for rr in getattr(plugin, reverse_route_attr):
107
# An annotated function can also be passed in directly.
108
if hasattr(rr, '_reverse_route_src'):
109
r.add_reverse_func(rr)
113
if hasattr(plugin, view_attr):
114
for v in getattr(plugin, view_attr):
119
def handler(apachereq):
120
"""Handles an HTTP request.
56
# Establish a URL pattern for each element of plugin.urls
57
assert hasattr(plugin, 'urls'), "%r does not have any urls" % plugin
58
for url in getattr(plugin, attr):
61
kwargs_dict = url[2] if len(url) >= 3 else {}
62
m.connect(routex, view=view_class, **kwargs_dict)
66
"""Handles a request which may be to anywhere in the site except media.
122
67
Intended to be called by mod_python, as a handler.
124
@param apachereq: An Apache request object.
126
# Make the request object into an IVLE request which can be given to views
127
req = Request(apachereq, config)
129
req.publisher = generate_publisher(
130
config.plugin_index[ViewPlugin], ApplicationRoot(req),
131
publicmode=req.publicmode)
134
obj, viewcls, subpath = req.publisher.resolve(req.uri.decode('utf-8'))
69
req: An Apache request object.
71
# Make the request object into an IVLE request which can be passed to apps
76
# Pass the apachereq to error reporter, since ivle req isn't created
78
handle_unknown_exception(apachereq, *sys.exc_info())
79
# Tell Apache not to generate its own errors as well
80
return mod_python.apache.OK
82
# Run the main handler, and catch all exceptions
84
return handler_(req, apachereq)
85
except mod_python.apache.SERVER_RETURN:
86
# An apache error. We discourage these, but they might still happen.
90
handle_unknown_exception(req, *sys.exc_info())
91
# Tell Apache not to generate its own errors as well
92
return mod_python.apache.OK
94
def handler_(req, apachereq):
96
Nested handler function. May raise exceptions. The top-level handler is
97
just used to catch exceptions.
98
Takes both an IVLE request and an Apache req.
100
# Hack? Try and get the user login early just in case we throw an error
101
# (most likely 404) to stop us seeing not logged in even when we are.
102
if not req.publicmode:
103
user = ivle.webapp.security.get_user_details(req)
105
# Don't set the user if it is disabled or hasn't accepted the ToS.
106
if user and user.valid:
109
conf = ivle.config.Config()
113
req.mapper = generate_route_mapper(conf.plugin_index[PublicViewPlugin],
116
req.mapper = generate_route_mapper(conf.plugin_index[ViewPlugin],
119
matchdict = req.mapper.match(req.uri)
120
if matchdict is not None:
121
viewcls = matchdict['view']
122
# Get the remaining arguments, less 'view', 'action' and 'controller'
123
# (The latter two seem to be built-in, and we don't want them).
124
kwargs = matchdict.copy()
136
# We 404 if we have a subpath but the view forbids it.
137
if not viewcls.subpath_allowed and subpath:
140
127
# Instantiate the view, which should be a BaseView class
141
view = viewcls(req, obj, subpath)
128
view = viewcls(req, **kwargs)
143
130
# Check that the request (mainly the user) is permitted to access
145
132
if not view.authorize(req):
146
# Indicate the forbidden object if this is an admin.
147
if req.user and req.user.admin:
148
raise Unauthorized('Unauthorized: %s' % view)
152
# Non-GET requests from other sites leave us vulnerable to
154
referer = req.headers_in.get('Referer')
155
if (referer is None or
156
urlparse.urlparse(req.headers_in.get('Referer')).netloc !=
158
if req.method != 'GET' and not view.offsite_posts_allowed:
160
"Non-GET requests from external sites are forbidden "
161
"for security reasons.")
163
134
# Render the output
165
136
except HTTPError, e:
184
except mod_python.apache.SERVER_RETURN:
185
# A mod_python-specific Apache error.
186
# XXX: We need to raise these because req.throw_error() uses them.
187
# Remove this after Google Code issue 117 is fixed.
189
155
except Exception, e:
190
156
# A non-HTTPError appeared. We have an unknown exception. Panic.
191
157
handle_unknown_exception(req, *sys.exc_info())
194
# Commit the transaction if we have a store open.
197
except Unauthorized, e:
198
# Resolution failed due to a permission check. Display a pretty
199
# error, or maybe a login page.
200
XHTMLView.get_error_view(e)(req, e, req.publisher.root).render(req)
202
except PublishingError, e:
205
if req.user and req.user.admin:
206
XHTMLErrorView(req, NotFound('Not found: ' +
207
str(e.args)), e[0]).render(req)
209
XHTMLErrorView(req, NotFound(), e[0]).render(req)
213
# Make sure we close the store.
163
return req.HTTP_NOT_FOUND # TODO: Prettify.
216
165
def handle_unknown_exception(req, exc_type, exc_value, exc_traceback):
220
logging.debug('Logging Unhandled Exception')
256
222
# A "bad" error message. We shouldn't get here unless IVLE
257
223
# misbehaves (which is currently very easy, if things aren't set up
259
225
# Write the traceback.
261
# We need to special-case IVLEJailError, as we can get another
226
# If this is a non-4xx IVLEError, get the message and httpcode and
227
# make the error message a bit nicer (but still include the
229
# We also need to special-case IVLEJailError, as we can get another
262
230
# almost-exception out of it.
232
codename, msg = None, None
263
234
if exc_type is util.IVLEJailError:
235
msg = exc_value.type_str + ": " + exc_value.message
264
236
tb = 'Exception information extracted from IVLEJailError:\n'
265
237
tb += urllib.unquote(exc_value.info)
240
codename, msg = req.get_http_codename(httpcode)
241
except AttributeError:
243
# Override the default message with the supplied one,
245
if hasattr(exc_value, 'message') and exc_value.message is not None:
246
msg = exc_value.message
247
# Prepend the exception type
248
if exc_type != util.IVLEError:
249
msg = exc_type.__name__ + ": " + repr(msg)
267
251
tb = ''.join(traceback.format_exception(exc_type, exc_value,
270
logging.error('\n' + tb)
255
logging.error('%s\n%s'%(str(msg), tb))
272
256
# Error messages are only displayed is the user is NOT a student,
273
257
# or if there has been a problem logging the error message
274
show_errors = (not publicmode) and ((login and req.user.admin) or logfail)
258
show_errors = (not publicmode) and ((login and \
259
str(role) != "student") or logfail)
275
260
req.write("""<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
276
261
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
277
262
<html xmlns="http://www.w3.org/1999/xhtml">
278
263
<head><title>IVLE Internal Server Error</title></head>
280
<h1>IVLE Internal Server Error</h1>
265
<h1>IVLE Internal Server Error""")
267
if (codename is not None
268
and httpcode != mod_python.apache.HTTP_INTERNAL_SERVER_ERROR):
269
req.write(": %s" % cgi.escape(codename))
281
272
<p>An error has occured which is the fault of the IVLE developers or
285
req.write("Please report this issue to the server administrators, "
286
"along with the following information.")
288
req.write("Details have been logged for further examination.")
292
req.write("<h2>Debugging information</h2>")
273
administration. The developers have been notified.</p>
277
req.write("<p>%s</p>\n" % cgi.escape(msg))
278
if httpcode is not None:
279
req.write("<p>(HTTP error code %d)</p>\n" % httpcode)
281
<p>Please report this to <a href="mailto:%s">%s</a> (the system
282
administrator). Include the following information:</p>
283
""" % (cgi.escape(admin_email), cgi.escape(admin_email)))
293
285
req.write("<pre>\n%s\n</pre>\n"%cgi.escape(tb))
287
req.write("<p>Warning: Could not open Error Log: '%s'</p>\n"
288
%cgi.escape(logfile))
294
289
req.write("</body></html>")
added
removed
ivle/dispatch/__init__.py
