29
29
import mod_python.Session
30
30
import mod_python.Cookie
31
31
import mod_python.util
32
import mod_python.apache
34
class PotentiallySecureFileSession(mod_python.Session.FileSession):
35
"""A mod_python FileSession that sets secure cookie when appropriate.
37
A secure cookie will be set if the request itself is over HTTPS, or if
38
a proxy in front has set X-Forwarded-Proto: https. Otherwise the cookie
41
def make_cookie(self):
42
cookie = super(PotentiallySecureFileSession, self).make_cookie()
43
if (self._req.is_https() or
44
self._req.headers_in.get('X-Forwarded-Proto') == 'https'):
32
47
except ImportError:
33
48
# This needs to be importable from outside Apache.
38
54
import ivle.database
39
import plugins.console # XXX: Relies on www/ being in the Python path.
55
from ivle.webapp.base.plugins import CookiePlugin
56
import ivle.webapp.security
42
60
"""An IVLE request object. This is presented to the IVLE apps as a way of
79
99
String. Response "Location" header value. Used with HTTP redirect
82
String. HTML page title. Used if write_html_head_foot is True, in
83
the HTML title element text.
85
List of strings. Write a list of URLs to CSS files here, and they
86
will be incorporated as <link rel="stylesheet" type="text/css">
87
elements in the head, if write_html_head_foot is True.
88
URLs should be relative to the IVLE root; they will be fixed up
91
List of strings. Write a list of URLs to JS files here, and they
92
will be incorporated as <script type="text/javascript"> elements
93
in the head, if write_html_head_foot is True.
94
URLs should be relative to the IVLE root; they will be fixed up
97
List of strings. Write a list of JS function names, and they
98
will be added as window.addListener('load', ..., false); calls
99
in the head, if write_html_head_foot is True.
100
This is the propper way to specify functions that need to run at
102
write_html_head_foot (write)
103
Boolean. If True, dispatch assumes that this is an XHTML page, and
104
will immediately write a full HTML head, open the body element,
105
and write heading contents to the page, before any bytes are
106
written. It will then write footer contents and close the body and
107
html elements at the end of execution.
109
This value should be set to true by all applications for all HTML
110
output (unless there is a good reason, eg. exec). The
111
applications should therefore output HTML content assuming that
112
it will be written inside the body tag. Do not write opening or
113
closing <html> or <body> tags.
116
103
# Special code for an OK response.
121
108
# HTTP status codes
124
HTTP_SWITCHING_PROTOCOLS = 101
125
HTTP_PROCESSING = 102
129
HTTP_NON_AUTHORITATIVE = 203
130
HTTP_NO_CONTENT = 204
131
HTTP_RESET_CONTENT = 205
132
HTTP_PARTIAL_CONTENT = 206
133
HTTP_MULTI_STATUS = 207
134
HTTP_MULTIPLE_CHOICES = 300
135
HTTP_MOVED_PERMANENTLY = 301
136
111
HTTP_MOVED_TEMPORARILY = 302
138
HTTP_NOT_MODIFIED = 304
140
HTTP_TEMPORARY_REDIRECT = 307
141
HTTP_BAD_REQUEST = 400
142
HTTP_UNAUTHORIZED = 401
143
HTTP_PAYMENT_REQUIRED = 402
144
112
HTTP_FORBIDDEN = 403
145
113
HTTP_NOT_FOUND = 404
146
HTTP_METHOD_NOT_ALLOWED = 405
147
HTTP_NOT_ACCEPTABLE = 406
148
HTTP_PROXY_AUTHENTICATION_REQUIRED= 407
149
HTTP_REQUEST_TIME_OUT = 408
152
HTTP_LENGTH_REQUIRED = 411
153
HTTP_PRECONDITION_FAILED = 412
154
HTTP_REQUEST_ENTITY_TOO_LARGE = 413
155
HTTP_REQUEST_URI_TOO_LARGE = 414
156
HTTP_UNSUPPORTED_MEDIA_TYPE = 415
157
HTTP_RANGE_NOT_SATISFIABLE = 416
158
HTTP_EXPECTATION_FAILED = 417
159
HTTP_UNPROCESSABLE_ENTITY = 422
161
HTTP_FAILED_DEPENDENCY = 424
162
114
HTTP_INTERNAL_SERVER_ERROR = 500
163
HTTP_NOT_IMPLEMENTED = 501
164
HTTP_BAD_GATEWAY = 502
165
HTTP_SERVICE_UNAVAILABLE = 503
166
HTTP_GATEWAY_TIME_OUT = 504
167
HTTP_VERSION_NOT_SUPPORTED = 505
168
HTTP_VARIANT_ALSO_VARIES = 506
169
HTTP_INSUFFICIENT_STORAGE = 507
170
HTTP_NOT_EXTENDED = 510
172
def __init__(self, req, write_html_head):
173
"""Builds an IVLE request object from a mod_python request object.
174
This results in an object with all of the necessary methods and
177
req: A mod_python request object.
178
write_html_head: Function which is called when writing the automatic
179
HTML header. Accepts a single argument, the IVLE request object.
118
def __init__(self, req, config):
119
"""Create an IVLE request from a mod_python one.
121
@param req: A mod_python request.
122
@param config: An IVLE configuration.
182
125
# Methods are mostly wrappers around the Apache request object
183
126
self.apache_req = req
184
self.func_write_html_head = write_html_head
185
128
self.headers_written = False
187
130
# Determine if the browser used the public host name to make the
188
131
# request (in which case we are in "public mode")
189
if req.hostname == ivle.conf.public_host:
132
if req.hostname == config['urls']['public_host']:
190
133
self.publicmode = True
192
135
self.publicmode = False
194
137
# Inherit values for the input members
195
138
self.method = req.method
196
139
self.uri = req.uri
140
self.unparsed_uri = req.unparsed_uri
197
141
# Split the given path into the app (top-level dir) and sub-path
198
142
# (after first stripping away the root directory)
199
path = ivle.util.unmake_path(req.uri)
200
(self.app, self.path) = (ivle.util.split_path(path))
143
(self.app, self.path) = (ivle.util.split_path(req.uri))
202
144
self.hostname = req.hostname
203
145
self.headers_in = req.headers_in
204
146
self.headers_out = req.headers_out
206
# Open a database connection and transaction, keep it around for users
207
# of the Request object to use
208
self.store = ivle.database.get_store()
210
148
# Default values for the output members
211
149
self.status = Request.HTTP_OK
212
150
self.content_type = None # Use Apache's default
213
151
self.location = None
214
self.title = None # Will be set by dispatch before passing to app
217
self.scripts_init = []
218
self.write_html_head_foot = False
219
152
# In some cases we don't want the template JS (such as the username
220
153
# and public FQDN) in the output HTML. In that case, set this to 0.
221
154
self.write_javascript_settings = True
222
155
self.got_common_vars = False
224
157
def __del__(self):
162
if self._store is not None:
168
if self._store is not None:
228
171
def __writeheaders(self):
229
172
"""Writes out the HTTP and HTML headers before any real data is
231
174
self.headers_written = True
233
# app is the App object for the chosen app
235
app = ivle.conf.apps.app_url[self.app]
239
# Write any final modifications to header content
240
if app and app.useconsole and self.user:
241
plugins.console.insert_scripts_styles(self.scripts, self.styles, \
244
176
# Prepare the HTTP and HTML headers before the first write is made
245
177
if self.content_type != None:
247
179
self.apache_req.status = self.status
248
180
if self.location != None:
249
181
self.apache_req.headers_out['Location'] = self.location
250
if self.write_html_head_foot:
251
# Write the HTML header, pass "self" (request object)
252
self.func_write_html_head(self)
254
183
def ensure_headers_written(self):
255
184
"""Writes out the HTTP and HTML headers if they haven't already been
275
204
def logout(self):
276
205
"""Log out the current user by destroying the session state.
277
206
Then redirect to the top-level IVLE page."""
278
# List of cookies that IVLE uses (to be removed at logout)
279
ivle_cookies = ["ivleforumcookie", "clipboard"]
281
207
if hasattr(self, 'session'):
282
208
self.session.invalidate()
283
209
self.session.delete()
284
210
# Invalidates all IVLE cookies
285
211
all_cookies = mod_python.Cookie.get_cookies(self)
286
for cookie in all_cookies:
287
if cookie in ivle_cookies:
288
self.add_cookie(mod_python.Cookie.Cookie(cookie,'',expires=1,path='/'))
289
self.throw_redirect(ivle.util.make_path(''))
213
# Create cookies for plugins that might request them.
214
for plugin in self.config.plugin_index[CookiePlugin]:
215
for cookie in plugin.cookies:
216
self.add_cookie(mod_python.Cookie.Cookie(cookie, '',
217
expires=1, path='/'))
218
self.throw_redirect(self.make_path(''))
308
237
return self.apache_req.read(len)
310
def throw_error(self, httpcode, message=None):
311
"""Writes out an HTTP error of the specified code. Raises an exception
312
which is caught by the dispatch or web server, so any code following
313
this call will not be executed.
315
httpcode: An HTTP response status code. Pass a constant from the
318
raise ivle.util.IVLEError(httpcode, message)
320
239
def throw_redirect(self, location):
321
240
"""Writes out an HTTP redirect to the specified URL. Raises an
322
241
exception which is caught by the dispatch or web server, so any
337
256
mod_python.Cookie.add_cookie(self.apache_req, cookie, value, **attributes)
258
def make_path(self, path):
259
"""Prepend the IVLE URL prefix to the given path.
261
This is used when generating URLs to send to the client.
263
This method is DEPRECATED. We no longer support use of a prefix.
265
return os.path.join(self.config['urls']['root'], path)
339
267
def get_session(self):
340
268
"""Returns a mod_python Session object for this request.
341
269
Note that this is dependent on mod_python and may need to change
342
interface if porting away from mod_python."""
270
interface if porting away from mod_python.
272
IMPORTANT: Call unlock() on the session as soon as you are done with
273
it! If you don't, all other requests will block!
343
275
# Cache the session object and set the timeout to 24 hours.
344
276
if not hasattr(self, 'session'):
345
self.session = mod_python.Session.FileSession(self.apache_req,
346
timeout = 60 * 60 * 24)
277
self.session = PotentiallySecureFileSession(
278
self.apache_req, timeout = 60 * 60 * 24)
347
279
return self.session
349
281
def get_fieldstorage(self):
364
296
self.got_common_vars = True
365
297
return self.apache_req.subprocess_env
368
def get_http_codename(code):
369
"""Given a HTTP error code int, returns a (name, description)
370
pair, suitable for displaying to the user.
371
May return (None,None) if code is unknown.
372
Only lists common 4xx and 5xx codes (since this is just used
373
to display throw_error error messages).
301
# Open a database connection and transaction, keep it around for users
302
# of the Request object to use.
303
if self._store is None:
304
self._store = ivle.database.get_store(self.config)
309
# Get and cache the request user, or None if it's not valid.
310
# This is a property so that we don't create a store unless
311
# some code actually requests the user.
376
return http_codenames[code]
314
except AttributeError:
318
temp_user = ivle.webapp.security.get_user_details(self)
319
if temp_user and temp_user.valid:
320
self._user = temp_user
380
# Human strings for HTTP response codes
382
Request.HTTP_BAD_REQUEST:
384
"Your browser sent a request IVLE did not understand."),
385
Request.HTTP_UNAUTHORIZED:
387
"You are not allowed to view this part of IVLE."),
388
Request.HTTP_FORBIDDEN:
390
"You are not allowed to view this part of IVLE."),
391
Request.HTTP_NOT_FOUND:
393
"The application or file you requested does not exist."),
394
Request.HTTP_METHOD_NOT_ALLOWED:
395
("Method Not Allowed",
396
"Your browser is interacting with IVLE in the wrong way."
397
"This is probably a bug in IVLE. "
398
"Please report it to the administrators."),
399
Request.HTTP_INTERNAL_SERVER_ERROR:
400
("Internal Server Error",
401
"An unknown error occured in IVLE."),
402
Request.HTTP_NOT_IMPLEMENTED:
404
"The application or file you requested has not been implemented "
406
Request.HTTP_SERVICE_UNAVAILABLE:
407
("Service Unavailable",
408
"IVLE is currently experiencing technical difficulties. "
409
"Please try again later."),