entrouvert/wcs
entrouvert
/
wcs
14
1
Fork 0
Code Issues Pull Requests 45 Releases Activity
wcs/wcs/qommon/http_request.py

186 lines
6.6 KiB
Python
Raw Blame History

# w.c.s. - web application for online forms
# Copyright (C) 2005-2010 Entr'ouvert
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, see <http://www.gnu.org/licenses/>.
import base64
import copy
import re
import time
from django.utils import six
from django.utils.encoding import force_bytes, force_text
from quixote import get_session, get_publisher
import quixote.http_request
from quixote.errors import RequestError
from .http_response import HTTPResponse
class HTTPRequest(quixote.http_request.HTTPRequest):
signed = False
parsed = False
django_request = None
def __init__(self, *args, **kwargs):
quixote.http_request.HTTPRequest.__init__(self, *args, **kwargs)
self.response = HTTPResponse()
self.charset = get_publisher().site_charset
self.is_json_marker = None
self.ignore_session = False
self.wscalls_cache = {}
self.datasources_cache = {}
# keep a copy of environment to make sure it's not reused along
# uwsgi/gunicorn processes.
self.environ = copy.copy(self.environ)
_user = () # use empty tuple instead of None as None is a "valid" user value
def get_user(self):
if self._user != ():
return self._user
auth_header = self.get_header('Authorization', '')
if auth_header.startswith('Basic '):
auth_header = auth_header.split(' ', 1)[1]
username, password = force_text(base64.decodestring(force_bytes(auth_header))).split(':', 1)
from .ident.password_accounts import PasswordAccount
try:
self._user = PasswordAccount.get_with_credentials(username, password)
except KeyError:
self._user = None
return
try:
self._user = get_session().get_user()
except AttributeError:
self._user = None
return self._user
user = property(get_user)
def get_server(self, clean = True):
server_name = quixote.http_request.HTTPRequest.get_server(self)
if clean and server_name.lower()[:7] in ('iframe.', 'iframe-'):
server_name = server_name[7:]
return server_name
def get_local_url(self, n=0):
'''Return the local part of the URL, query string included'''
query = self.get_query()
if query:
return self.get_path(n) + '?' + query
else:
return self.get_path(n)
def get_frontoffice_url(self, n=0):
return get_publisher().get_frontoffice_url(without_script_name=True) + \
self.get_local_url(n)
def get_substitution_variables(self):
# environment variables APPNAME_* are exported to env_*
from wcs.variables import LazyRequest
prefix = get_publisher().APP_NAME.lower() + '_'
variables = {'request': LazyRequest(self)}
for k, v in self.environ.items():
if k.lower().startswith(prefix):
variables['env_' + k.lower()[len(prefix):]] = v
return variables
def dump(self):
# straight copy of HTTPRequest.dump(), sole modification is that the
# values are printed as %r, not %s
result = []
row = '%-15s %r'
if self.form:
result.append("Form:")
for k, v in sorted(self.form.items()):
result.append(row % (k, v))
result.append("")
result.append("Cookies:")
for k, v in sorted(self.cookies.items()):
result.append(row % (k, v))
result.append("")
result.append("Environment:")
for k, v in sorted(self.environ.items()):
result.append(row % (k, v))
return "\n".join(result)
def process_inputs(self):
if self.parsed:
return
length = self.environ.get('CONTENT_LENGTH') or '0'
try:
length = int(length)
except ValueError:
raise RequestError('invalid content-length header')
ctype = self.environ.get("CONTENT_TYPE")
if ctype:
ctype, ctype_params = quixote.http_request.parse_header(ctype)
if length and ctype not in ('application/x-www-form-urlencoded', 'multipart/form-data'):
self.stdin = self.django_request
quixote.http_request.HTTPRequest.process_inputs(self)
if ctype == 'application/json' and self.stdin:
from .misc import json_loads
length = int(self.environ.get('CONTENT_LENGTH') or '0')
self.stdin.seek(0) # quixote will have consumed the body
payload = self.stdin.read(length)
try:
self._json = json_loads(payload)
except ValueError as e:
raise RequestError('invalid json payload (%s)' % str(e))
# remove characters that are not valid XML so it doesn't have to happen
# down the chain.
illegal_xml_chars = re.compile(u'[\x00-\x08\x0b\x0c\x0e-\x1f\ud800-\udfff\ufffe\uffff]')
self.form = dict(
(k, illegal_xml_chars.sub('', v) if isinstance(v, str) else v)
for k, v in self.form.items())
self.parsed = True
@property
def json(self):
if not hasattr(self, '_json'):
raise RequestError('expected JSON but missing appropriate content-type')
return self._json
def is_json(self):
if self.is_json_marker:
return True
if self.get_header('Content-Type', '').strip() == 'application/json':
return True
if self.get_header('Accept', '').strip() == 'application/json':
return True
if self.get_query() == 'json':
return True
if self.form and self.form.get('format') == 'json':
return True
return False
def is_in_backoffice(self):
return self.get_path().startswith('/backoffice/')
def is_api_url(self):
return self.get_path().startswith('/api/')
def is_in_frontoffice(self):
return not (self.is_in_backoffice() or self.is_api_url())
@property
def META(self):
return self.environ
def trace(self, msg):
print('%.4f' % (time.time() - self.t0), msg)
View Git Blame Copy Permalink