42
42
from ivle import util
45
44
from ivle.dispatch.request import Request
46
from ivle.dispatch import login
45
import ivle.webapp.security
47
46
from ivle.webapp.base.plugins import ViewPlugin, PublicViewPlugin
48
from ivle.webapp.errors import HTTPError, Unauthorized
52
def generate_route_mapper(view_plugins, attr):
47
from ivle.webapp.base.xhtml import XHTMLView, XHTMLErrorView
48
from ivle.webapp.errors import BadRequest, HTTPError, NotFound, Unauthorized
49
from ivle.webapp.publisher import Publisher, PublishingError
50
from ivle.webapp import ApplicationRoot
52
config = ivle.config.Config()
54
class ObjectPermissionCheckingPublisher(Publisher):
55
"""A specialised publisher that checks object permissions.
57
This publisher verifies that the user holds any permission at all
58
on the model objects through which the resolution path passes. If
59
no permission is held, resolution is aborted with an Unauthorized
62
IMPORTANT: This does NOT check view permissions. It only checks
63
the objects in between the root and the view, exclusive!
66
def traversed_to_object(self, obj):
67
"""Check that the user has any permission at all over the object."""
68
if (hasattr(obj, 'get_permissions') and
69
len(obj.get_permissions(self.root.user, config)) == 0):
70
# Indicate the forbidden object if this is an admin.
71
if self.root.user and self.root.user.admin:
72
raise Unauthorized('Unauthorized: %s' % obj)
77
def generate_publisher(view_plugins, root, publicmode=False):
54
79
Build a Mapper object for doing URL matching using 'routes', based on the
55
80
given plugin registry.
57
m = routes.Mapper(explicit=True)
82
r = ObjectPermissionCheckingPublisher(root=root)
84
r.add_set_switch('api', 'api')
87
view_attr = 'public_views'
88
forward_route_attr = 'public_forward_routes'
89
reverse_route_attr = 'public_reverse_routes'
92
forward_route_attr = 'forward_routes'
93
reverse_route_attr = 'reverse_routes'
58
96
for plugin in view_plugins:
59
# Establish a URL pattern for each element of plugin.urls
60
assert hasattr(plugin, 'urls'), "%r does not have any urls" % plugin
61
for url in getattr(plugin, attr):
64
kwargs_dict = url[2] if len(url) >= 3 else {}
65
m.connect(routex, view=view_class, **kwargs_dict)
69
"""Handles a request which may be to anywhere in the site except media.
97
if hasattr(plugin, forward_route_attr):
98
for fr in getattr(plugin, forward_route_attr):
99
# An annotated function can also be passed in directly.
100
if hasattr(fr, '_forward_route_meta'):
101
r.add_forward_func(fr)
105
if hasattr(plugin, reverse_route_attr):
106
for rr in getattr(plugin, reverse_route_attr):
107
# An annotated function can also be passed in directly.
108
if hasattr(rr, '_reverse_route_src'):
109
r.add_reverse_func(rr)
113
if hasattr(plugin, view_attr):
114
for v in getattr(plugin, view_attr):
119
def handler(apachereq):
120
"""Handles an HTTP request.
70
122
Intended to be called by mod_python, as a handler.
72
req: An Apache request object.
74
# Make the request object into an IVLE request which can be passed to apps
77
req = Request(req, html.write_html_head)
79
# Pass the apachereq to error reporter, since ivle req isn't created
81
handle_unknown_exception(apachereq, *sys.exc_info())
82
# Tell Apache not to generate its own errors as well
83
return mod_python.apache.OK
85
# Run the main handler, and catch all exceptions
87
return handler_(req, apachereq)
88
except mod_python.apache.SERVER_RETURN:
89
# An apache error. We discourage these, but they might still happen.
93
handle_unknown_exception(req, *sys.exc_info())
94
# Tell Apache not to generate its own errors as well
95
return mod_python.apache.OK
97
def handler_(req, apachereq):
99
Nested handler function. May raise exceptions. The top-level handler is
100
just used to catch exceptions.
101
Takes both an IVLE request and an Apache req.
124
@param apachereq: An Apache request object.
126
# Make the request object into an IVLE request which can be given to views
127
req = Request(apachereq, config)
103
129
# Hack? Try and get the user login early just in case we throw an error
104
130
# (most likely 404) to stop us seeing not logged in even when we are.
105
131
if not req.publicmode:
106
user = login.get_user_details(req)
132
user = ivle.webapp.security.get_user_details(req)
108
134
# Don't set the user if it is disabled or hasn't accepted the ToS.
109
135
if user and user.valid:
112
conf = ivle.config.Config()
115
### BEGIN New plugins framework ###
117
req.mapper = generate_route_mapper(conf.plugin_index[PublicViewPlugin],
120
req.mapper = generate_route_mapper(conf.plugin_index[ViewPlugin],
123
matchdict = req.mapper.match(req.uri)
124
if matchdict is not None:
125
viewcls = matchdict['view']
126
# Get the remaining arguments, less 'view', 'action' and 'controller'
127
# (The latter two seem to be built-in, and we don't want them).
128
kwargs = matchdict.copy()
138
req.publisher = generate_publisher(
139
config.plugin_index[ViewPlugin],
140
ApplicationRoot(req.config, req.store, req.user),
141
publicmode=req.publicmode)
144
obj, viewcls, subpath = req.publisher.resolve(req.uri.decode('utf-8'))
146
# We 404 if we have a subpath but the view forbids it.
147
if not viewcls.subpath_allowed and subpath:
131
150
# Instantiate the view, which should be a BaseView class
132
view = viewcls(req, **kwargs)
151
view = viewcls(req, obj, subpath)
134
153
# Check that the request (mainly the user) is permitted to access
136
155
if not view.authorize(req):
156
# Indicate the forbidden object if this is an admin.
157
if req.user and req.user.admin:
158
raise Unauthorized('Unauthorized: %s' % view)
162
# Non-GET requests from other sites leave us vulnerable to
164
referer = req.headers_in.get('Referer')
165
if (referer is None or
166
urlparse.urlparse(req.headers_in.get('Referer')).netloc !=
168
if req.method != 'GET' and not view.offsite_posts_allowed:
170
"Non-GET requests from external sites are forbidden "
171
"for security reasons.")
138
173
# Render the output
140
175
except HTTPError, e:
164
204
req.store.commit()
167
# We had no matching URL! Check if it matches an old-style app. If
169
if req.app not in ivle.conf.apps.app_url:
170
return req.HTTP_NOT_FOUND # TODO: Prettify.
171
### END New plugins framework ###
174
### BEGIN legacy application framework ###
175
# We have no public apps back here.
176
assert not req.publicmode
178
# app is the App object for the chosen app
180
app = ivle.conf.apps.app_url[ivle.conf.apps.default_app]
182
app = ivle.conf.apps.app_url[req.app]
184
# Check if app requires auth. If so, perform authentication and login.
185
# This will either return a User object, None, or perform a redirect
186
# which we will not catch here.
188
logged_in = req.user is not None
192
assert logged_in # XXX
195
# Keep the user's session alive by writing to the session object.
196
# req.get_session().save()
197
# Well, it's a fine idea, but it creates considerable grief in the
198
# concurrent update department, so instead, we'll just make the
199
# sessions not time out.
200
req.get_session().unlock()
202
# Call the specified app with the request object
203
apps.call_app(app.dir, req)
205
# MAKE SURE we write the HTTP (and possibly HTML) header. This
206
# wouldn't happen if nothing else ever got written, so we have to make
208
req.ensure_headers_written()
210
# When done, write out the HTML footer if the app has requested it
211
if req.write_html_head_foot:
212
html.write_html_foot(req)
214
# Note: Apache will not write custom HTML error messages here.
215
# Use req.throw_error to do that.
206
except Unauthorized, e:
207
# Resolution failed due to a permission check. Display a pretty
208
# error, or maybe a login page.
209
XHTMLView.get_error_view(e)(req, e, req.publisher.root).render(req)
211
except PublishingError, e:
214
if req.user and req.user.admin:
215
XHTMLErrorView(req, NotFound('Not found: ' +
216
str(e.args)), e[0]).render(req)
218
XHTMLErrorView(req, NotFound(), e[0]).render(req)
218
224
def handle_unknown_exception(req, exc_type, exc_value, exc_traceback):
274
logging.debug('Logging Unhandled Exception')
276
# We handle 3 types of error.
277
# IVLEErrors with 4xx response codes (client error).
278
# IVLEErrors with 5xx response codes (handled server error).
279
# Other exceptions (unhandled server error).
280
# IVLEErrors should not have other response codes than 4xx or 5xx
281
# (eg. throw_redirect should have been used for 3xx codes).
282
# Therefore, that is treated as an unhandled error.
284
if (exc_type == util.IVLEError and httpcode >= 400
285
and httpcode <= 499):
286
# IVLEErrors with 4xx response codes are client errors.
287
# Therefore, these have a "nice" response (we even coat it in the IVLE
290
req.write_html_head_foot = True
291
req.write_javascript_settings = False
292
req.write('<div id="ivle_padding">\n')
294
codename, msg = req.get_http_codename(httpcode)
295
except AttributeError:
296
codename, msg = None, None
297
# Override the default message with the supplied one,
299
if exc_value.message is not None:
300
msg = exc_value.message
301
if codename is not None:
302
req.write("<h1>Error: %s</h1>\n" % cgi.escape(codename))
304
req.write("<h1>Error</h1>\n")
306
req.write("<p>%s</p>\n" % cgi.escape(msg))
308
req.write("<p>An unknown error occured.</p>\n")
311
logging.info(str(msg))
313
req.write("<p>(HTTP error code %d)</p>\n" % httpcode)
315
req.write("<p>Warning: Could not open Error Log: '%s'</p>\n"
316
%cgi.escape(logfile))
317
req.write('</div>\n')
318
html.write_html_foot(req)
271
# A "bad" error message. We shouldn't get here unless IVLE
272
# misbehaves (which is currently very easy, if things aren't set up
274
# Write the traceback.
276
# We need to special-case IVLEJailError, as we can get another
277
# almost-exception out of it.
278
if exc_type is util.IVLEJailError:
279
tb = 'Exception information extracted from IVLEJailError:\n'
280
tb += urllib.unquote(exc_value.info)
320
# A "bad" error message. We shouldn't get here unless IVLE
321
# misbehaves (which is currently very easy, if things aren't set up
323
# Write the traceback.
324
# If this is a non-4xx IVLEError, get the message and httpcode and
325
# make the error message a bit nicer (but still include the
327
# We also need to special-case IVLEJailError, as we can get another
328
# almost-exception out of it.
330
codename, msg = None, None
332
if exc_type is util.IVLEJailError:
333
msg = exc_value.type_str + ": " + exc_value.message
334
tb = 'Exception information extracted from IVLEJailError:\n'
335
tb += urllib.unquote(exc_value.info)
338
codename, msg = req.get_http_codename(httpcode)
339
except AttributeError:
341
# Override the default message with the supplied one,
343
if hasattr(exc_value, 'message') and exc_value.message is not None:
344
msg = exc_value.message
345
# Prepend the exception type
346
if exc_type != util.IVLEError:
347
msg = exc_type.__name__ + ": " + repr(msg)
349
tb = ''.join(traceback.format_exception(exc_type, exc_value,
353
logging.error('%s\n%s'%(str(msg), tb))
354
# Error messages are only displayed is the user is NOT a student,
355
# or if there has been a problem logging the error message
356
show_errors = (not publicmode) and ((login and \
357
str(role) != "student") or logfail)
358
req.write("""<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
282
tb = ''.join(traceback.format_exception(exc_type, exc_value,
285
logging.error('\n' + tb)
287
# Error messages are only displayed is the user is NOT a student,
288
# or if there has been a problem logging the error message
289
show_errors = (not publicmode) and ((login and req.user.admin) or logfail)
290
req.write("""<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
359
291
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
360
292
<html xmlns="http://www.w3.org/1999/xhtml">
361
293
<head><title>IVLE Internal Server Error</title></head>
363
<h1>IVLE Internal Server Error""")
365
if (codename is not None
366
and httpcode != mod_python.apache.HTTP_INTERNAL_SERVER_ERROR):
367
req.write(": %s" % cgi.escape(codename))
295
<h1>IVLE Internal Server Error</h1>
370
296
<p>An error has occured which is the fault of the IVLE developers or
371
administration. The developers have been notified.</p>
375
req.write("<p>%s</p>\n" % cgi.escape(msg))
376
if httpcode is not None:
377
req.write("<p>(HTTP error code %d)</p>\n" % httpcode)
379
<p>Please report this to <a href="mailto:%s">%s</a> (the system
380
administrator). Include the following information:</p>
381
""" % (cgi.escape(admin_email), cgi.escape(admin_email)))
383
req.write("<pre>\n%s\n</pre>\n"%cgi.escape(tb))
385
req.write("<p>Warning: Could not open Error Log: '%s'</p>\n"
386
%cgi.escape(logfile))
387
req.write("</body></html>")
300
req.write("Please report this issue to the server administrators, "
301
"along with the following information.")
303
req.write("Details have been logged for further examination.")
307
req.write("<h2>Debugging information</h2>")
308
req.write("<pre>\n%s\n</pre>\n"%cgi.escape(tb))
309
req.write("</body></html>")
added
removed
ivle/dispatch/__init__.py
