X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-web.git/blobdiff_plain/b199b35d4ebd48b3cc000af1a56ec21c89676b88..70b6a0214b7554af3465adedcde599362f5bdd4c:/code/view.py diff --git a/code/view.py b/code/view.py index a3f2278..1765ddf 100644 --- a/code/view.py +++ b/code/view.py @@ -9,8 +9,9 @@ from StringIO import StringIO from invirt.config import structs as config from webcommon import State + class MakoHandler(cherrypy.dispatch.LateParamPageHandler): - """Callable which sets response.body.""" + """Callable which processes a dictionary, returning the rendered body.""" def __init__(self, template, next_handler, content_type='text/html; charset=utf-8'): self.template = template @@ -57,6 +58,7 @@ class MakoLoader(object): cherrypy.tools.mako = cherrypy.Tool('on_start_resource', MakoLoader()) + def revertStandardError(): """Move stderr to stdout, and return the contents of the old stderr.""" errio = sys.stderr @@ -66,6 +68,7 @@ def revertStandardError(): errio.seek(0) return errio.read() + def catchStderr(): old_handler = cherrypy.request.handler def wrapper(*args, **kwargs): @@ -81,6 +84,7 @@ def catchStderr(): cherrypy.tools.catch_stderr = cherrypy.Tool('before_handler', catchStderr) + class JSONEncoder(simplejson.JSONEncoder): def default(self, obj): if isinstance(obj, datetime.datetime): @@ -90,6 +94,7 @@ class JSONEncoder(simplejson.JSONEncoder): else: return simplejson.JSONEncoder.default(self, obj) + def jsonify_tool_callback(*args, **kwargs): if not cherrypy.request.cached: response = cherrypy.response @@ -98,14 +103,16 @@ def jsonify_tool_callback(*args, **kwargs): cherrypy.tools.jsonify = cherrypy.Tool('before_finalize', jsonify_tool_callback, priority=30) + def require_login(): """If the user isn't logged in, raise 403 with an error.""" - if not cherrypy.request.login: + if cherrypy.request.login is False: raise cherrypy.HTTPError(403, "You are not authorized to access that resource") cherrypy.tools.require_login = cherrypy.Tool('on_start_resource', require_login, priority=150) + def require_POST(): """If the request isn't a POST request, raise 405 Method Not Allowed""" if cherrypy.request.method != "POST": @@ -114,18 +121,25 @@ def require_POST(): cherrypy.tools.require_POST = cherrypy.Tool('on_start_resource', require_POST, priority=150) + def remote_user_login(): - """Get the current user based on the SSL or GSSAPI environment variables""" + """Get remote user from SSL or GSSAPI, and store in request object. + +Get the current user based on environment variables set by SSL or +GSSAPI, and store it in the attribute cherrpy.request.login. + +Per the CherryPy API (http://www.cherrypy.org/wiki/RequestObject#login), +the attribute is set to the username on successful login, to False on +failed login, and is left at None if the user attempted no authentication. +""" environ = cherrypy.request.wsgi_environ user = environ.get('REMOTE_USER') if user is None: - cherrypy.request.login = None return - if environ.get('AUTH_TYPE') == 'Negotiate': # Convert the krb5 principal into a krb4 username if not user.endswith('@%s' % config.kerberos.realm): - cherrypy.request.login = None + cherrypy.request.login = False # failed to log in else: cherrypy.request.login = user.split('@')[0].replace('/', '.') else: @@ -133,6 +147,7 @@ def remote_user_login(): cherrypy.tools.remote_user_login = cherrypy.Tool('on_start_resource', remote_user_login, priority=50) + def invirtwebstate_init(): """Initialize the cherrypy.request.state object from Invirt""" if not hasattr(cherrypy.request, "state"): @@ -140,5 +155,6 @@ def invirtwebstate_init(): cherrypy.tools.invirtwebstate = cherrypy.Tool('on_start_resource', invirtwebstate_init, priority=100) + class View(object): _cp_config = {'tools.mako.directories': [os.path.join(os.path.dirname(__file__),'templates')]}