22
22
# Provides functions for translating URLs into physical locations in the
23
23
# student directories in the local file system.
24
# Also performs common authorization, disallowing students from visiting paths
32
28
from common import util
34
# Make a Subversion client object (for published)
35
svnclient = pysvn.Client()
37
30
def url_to_local(urlpath):
38
31
"""Given a URL path (part of a URL query string, see below), returns a
56
49
# First normalise the path
57
50
urlpath = os.path.normpath(urlpath)
58
# Now if it begins with ".." or separator, then it's illegal
59
if urlpath.startswith("..") or urlpath.startswith(os.sep):
51
# Now if it begins with ".." then it's illegal
52
if urlpath.startswith(".."):
60
53
return (None, None)
61
54
# Note: User can be a group name. There is absolutely no difference in our
62
55
# current directory scheme.
100
93
path = os.path.join('home', urlpath)
102
95
return (user, jail, path)
105
"""Given a path on the LOCAL file system, determines whether the path has
106
its "ivle:published" property active (in subversion). Returns True
108
# Read SVN properties for this path
110
props = svnclient.propget("ivle:published", path, recurse=False)
111
except pysvn.ClientError:
112
# Not under version control? Then it isn't published.
114
return len(props) > 0
117
"""Given a request, checks whether req.username is allowed to
118
access req.path. Returns None on authorization success. Raises
119
HTTP_FORBIDDEN on failure.
121
This is for general authorization (assuming not in public mode; this is
122
the standard auth code for fileservice, download and serve).
125
# First normalise the path
126
urlpath = os.path.normpath(req.path)
127
# Now if it begins with ".." or separator, then it's illegal
128
if urlpath.startswith("..") or urlpath.startswith(os.sep):
129
req.throw_error(req.HTTP_FORBIDDEN)
131
(owner, _) = util.split_path(urlpath)
132
if req.username != owner:
133
req.throw_error(req.HTTP_FORBIDDEN)
135
def authorize_public(req):
136
"""A different kind of authorization. Rather than making sure the
137
logged-in user owns the file, this checks if the file is in a published
140
This is for the "public mode" of the serve app.
142
Same interface as "authorize" - None on success, HTTP_FORBIDDEN exception
145
_, path = url_to_local(req.path)
146
dirpath, _ = os.path.split(path)
147
if not published(dirpath):
148
req.throw_error(req.HTTP_FORBIDDEN)