~azzar1/unity/add-show-desktop-key

« back to all changes in this revision

Viewing changes to www/common/studpath.py

Committer: mattgiuca
Date: 2008-01-11 00:49:06 UTC
Revision ID: svn-v3-trunk0:2b9c9e99-6f39-0410-b283-7f802c844ae2:trunk:172

util: Added buildurl function.

files added:
www/dispatch_handler.py

www/media/images

www/media/images/mime

www/media/images/mime/dir.png

files removed:
test

test/misc

test/misc/make_date_test.py

test/test_framework

test/test_framework/README-examples

test/test_framework/all_input.py

test/test_framework/all_input_text.xml

test/test_framework/fib.py

test/test_framework/fib_text.xml

test/test_framework/file_test.py

test/test_framework/filespace_test.py

test/test_framework/hack_1.py

test/test_framework/hello.py

test/test_framework/hello_text.xml

test/test_framework/test_framework_tests.py

test/test_framework/tests.py

test/test_framework/tute_doc.tex

www/apps/console

www/apps/console/__init__.py

www/apps/console/help.html

www/apps/consoleservice

www/apps/consoleservice/__init__.py

www/apps/editor

www/apps/editor/__init__.py

www/apps/editor/help.html

www/apps/tutorial

www/apps/tutorial/__init__.py

www/apps/tutorial/help.html

www/apps/tutorial/test

www/apps/tutorial/test/README-framework

www/apps/tutorial/test/TestFramework.py

www/apps/tutorial/test/parse_tute.py

www/common/zip.py

www/media/browser/editor.js

www/media/browser/listing.js

www/media/common/edit_area

www/media/common/edit_area/edit_area.css

www/media/common/edit_area/edit_area.js

www/media/common/edit_area/edit_area_compressor.php

www/media/common/edit_area/edit_area_full.gz

www/media/common/edit_area/edit_area_full.js

www/media/common/edit_area/edit_area_full_with_plugins.gz

www/media/common/edit_area/edit_area_full_with_plugins.js

www/media/common/edit_area/edit_area_functions.js

www/media/common/edit_area/edit_area_loader.js

www/media/common/edit_area/elements_functions.js

www/media/common/edit_area/highlight.js

www/media/common/edit_area/images

www/media/common/edit_area/images/Thumbs.db

www/media/common/edit_area/images/close.gif

www/media/common/edit_area/images/fullscreen.gif

www/media/common/edit_area/images/go_to_line.gif

www/media/common/edit_area/images/help.gif

www/media/common/edit_area/images/highlight.gif

www/media/common/edit_area/images/load.gif

www/media/common/edit_area/images/move.gif

www/media/common/edit_area/images/newdocument.gif

www/media/common/edit_area/images/opacity.png

www/media/common/edit_area/images/processing.gif

www/media/common/edit_area/images/redo.gif

www/media/common/edit_area/images/reset_highlight.gif

www/media/common/edit_area/images/save.gif

www/media/common/edit_area/images/search.gif

www/media/common/edit_area/images/smooth_selection.gif

www/media/common/edit_area/images/spacer.gif

www/media/common/edit_area/images/statusbar_resize.gif

www/media/common/edit_area/images/undo.gif

www/media/common/edit_area/keyboard.js

www/media/common/edit_area/langs

www/media/common/edit_area/langs/de.js

www/media/common/edit_area/langs/dk.js

www/media/common/edit_area/langs/en.js

www/media/common/edit_area/langs/es.js

www/media/common/edit_area/langs/fr.js

www/media/common/edit_area/langs/hr.js

www/media/common/edit_area/langs/it.js

www/media/common/edit_area/langs/ja.js

www/media/common/edit_area/langs/nl.js

www/media/common/edit_area/langs/pl.js

www/media/common/edit_area/langs/pt.js

www/media/common/edit_area/langs/sk.js

www/media/common/edit_area/license.txt

www/media/common/edit_area/manage_area.js

www/media/common/edit_area/plugins

www/media/common/edit_area/plugins/charmap

www/media/common/edit_area/plugins/charmap/charmap.js

www/media/common/edit_area/plugins/charmap/css

www/media/common/edit_area/plugins/charmap/css/charmap.css

www/media/common/edit_area/plugins/charmap/images

www/media/common/edit_area/plugins/charmap/images/Thumbs.db

www/media/common/edit_area/plugins/charmap/images/charmap.gif

www/media/common/edit_area/plugins/charmap/jscripts

www/media/common/edit_area/plugins/charmap/jscripts/map.js

www/media/common/edit_area/plugins/charmap/langs

www/media/common/edit_area/plugins/charmap/langs/de.js

www/media/common/edit_area/plugins/charmap/langs/dk.js

www/media/common/edit_area/plugins/charmap/langs/en.js

www/media/common/edit_area/plugins/charmap/langs/es.js

www/media/common/edit_area/plugins/charmap/langs/fr.js

www/media/common/edit_area/plugins/charmap/langs/hr.js

www/media/common/edit_area/plugins/charmap/langs/it.js

www/media/common/edit_area/plugins/charmap/langs/ja.js

www/media/common/edit_area/plugins/charmap/langs/nl.js

www/media/common/edit_area/plugins/charmap/langs/pl.js

www/media/common/edit_area/plugins/charmap/langs/pt.js

www/media/common/edit_area/plugins/charmap/langs/sk.js

www/media/common/edit_area/plugins/charmap/popup.html

www/media/common/edit_area/plugins/test

www/media/common/edit_area/plugins/test/css

www/media/common/edit_area/plugins/test/css/test.css

www/media/common/edit_area/plugins/test/images

www/media/common/edit_area/plugins/test/images/test.gif

www/media/common/edit_area/plugins/test/langs

www/media/common/edit_area/plugins/test/langs/de.js

www/media/common/edit_area/plugins/test/langs/dk.js

www/media/common/edit_area/plugins/test/langs/en.js

www/media/common/edit_area/plugins/test/langs/es.js

www/media/common/edit_area/plugins/test/langs/fr.js

www/media/common/edit_area/plugins/test/langs/hr.js

www/media/common/edit_area/plugins/test/langs/it.js

www/media/common/edit_area/plugins/test/langs/ja.js

www/media/common/edit_area/plugins/test/langs/nl.js

www/media/common/edit_area/plugins/test/langs/pl.js

www/media/common/edit_area/plugins/test/langs/pt.js

www/media/common/edit_area/plugins/test/langs/sk.js

www/media/common/edit_area/plugins/test/test.js

www/media/common/edit_area/plugins/test/test2.js

www/media/common/edit_area/reg_syntax

www/media/common/edit_area/reg_syntax.js

www/media/common/edit_area/reg_syntax/basic.js

www/media/common/edit_area/reg_syntax/brainfuck.js

www/media/common/edit_area/reg_syntax/c.js

www/media/common/edit_area/reg_syntax/cpp.js

www/media/common/edit_area/reg_syntax/css.js

www/media/common/edit_area/reg_syntax/html.js

www/media/common/edit_area/reg_syntax/js.js

www/media/common/edit_area/reg_syntax/pas.js

www/media/common/edit_area/reg_syntax/php.js

www/media/common/edit_area/reg_syntax/python.js

www/media/common/edit_area/reg_syntax/sql.js

www/media/common/edit_area/reg_syntax/vb.js

www/media/common/edit_area/reg_syntax/xml.js

www/media/common/edit_area/regexp.js

www/media/common/edit_area/resize_area.js

www/media/common/edit_area/search_replace.js

www/media/common/edit_area/template.html

www/media/common/md5.js

www/media/console

www/media/console/console.css

www/media/console/console.js

www/media/images

www/media/images/README

www/media/images/apps

www/media/images/apps/browser.png

www/media/images/apps/console.png

www/media/images/apps/editor.png

www/media/images/apps/help.png

www/media/images/apps/small

www/media/images/apps/small/browser.png

www/media/images/apps/small/console.png

www/media/images/apps/small/editor.png

www/media/images/apps/small/help.png

www/media/images/apps/small/tutorial.png

www/media/images/apps/tutorial.png

www/media/images/interface

www/media/images/interface/published.png

www/media/images/interface/sortdown.png

www/media/images/interface/sortup.png

www/media/images/mime

www/media/images/mime/dir.png

www/media/images/mime/large

www/media/images/mime/large/dir.png

www/media/images/mime/large/multi.png

www/media/images/mime/large/py.png

www/media/images/mime/large/txt.png

www/media/images/mime/py.png

www/media/images/mime/txt.png

www/media/images/svn

www/media/images/svn/added.png

www/media/images/svn/deleted.png

www/media/images/svn/missing.png

www/media/images/svn/modified.png

www/media/images/svn/normal.png

files modified:
console/console.js

console/python-console

setup.py

trampoline/trampoline.c

userdb/users.sql

www/README

www/apps/browser/__init__.py

www/apps/debuginfo/__init__.py

www/apps/download/__init__.py

www/apps/fileservice/__init__.py

www/apps/fileservice/action.py

www/apps/fileservice/listing.py

www/apps/server/__init__.py

www/auth/authenticate.py

www/common/interpret.py

www/common/studpath.py

www/common/util.py

www/conf/__init__.py

www/conf/app/server.py

www/conf/apps.py

www/conf/mimetypes.py

www/dispatch/__init__.py

www/dispatch/html.py

www/dispatch/login.py

www/dispatch/request.py

www/media/browser/browser.css

www/media/browser/browser.js

www/media/common/ivle.css

www/media/common/util.js

Show diffs side-by-side

added added

removed removed

www/common/studpath.py

# Provides functions for translating URLs into physical locations in the

# student directories in the local file system.

# Also performs common authorization, disallowing students from visiting paths

# they dont own.

import os

import pysvn

import conf

from common import util

# Make a Subversion client object (for published)

svnclient = pysvn.Client()

def url_to_local(urlpath):

"""Given a URL path (part of a URL query string, see below), returns a

tuple of

100

path = os.path.join('home', urlpath)

101

102

return (user, jail, path)

103

104

def published(path):

105

"""Given a path on the LOCAL file system, determines whether the path has

106

its "ivle:published" property active (in subversion). Returns True

107

or False."""

108

# Read SVN properties for this path

109

try:

110

props = svnclient.propget("ivle:published", path, recurse=False)

111

except pysvn.ClientError:

112

# Not under version control? Then it isn't published.

113

return False

114

return len(props) > 0

115

116

def authorize(req):

117

"""Given a request, checks whether req.username is allowed to

118

access req.path. Returns None on authorization success. Raises

119

HTTP_FORBIDDEN on failure.

120

121

This is for general authorization (assuming not in public mode; this is

122

the standard auth code for fileservice, download and serve).

123

"""

124

# TODO: Groups

125

# First normalise the path

126

urlpath = os.path.normpath(req.path)

127

# Now if it begins with ".." or separator, then it's illegal

128

if urlpath.startswith("..") or urlpath.startswith(os.sep):

129

req.throw_error(req.HTTP_FORBIDDEN)

130

131

(owner, _) = util.split_path(urlpath)

132

if req.username != owner:

133

req.throw_error(req.HTTP_FORBIDDEN)

134

135

def authorize_public(req):

136

"""A different kind of authorization. Rather than making sure the

137

logged-in user owns the file, this checks if the file is in a published

138

directory.

139

140

This is for the "public mode" of the serve app.

141

142

Same interface as "authorize" - None on success, HTTP_FORBIDDEN exception

143

raised on failure.

144

"""

145

_, path = url_to_local(req.path)

146

dirpath, _ = os.path.split(path)

147

if not published(dirpath):

148

req.throw_error(req.HTTP_FORBIDDEN)

Older »