diff --git a/libs/binaryornot/__init__.py b/libs/binaryornot/__init__.py deleted file mode 100644 index 518255b16..000000000 --- a/libs/binaryornot/__init__.py +++ /dev/null @@ -1,3 +0,0 @@ -__author__ = 'Audrey Roy' -__email__ = 'audreyr@gmail.com' -__version__ = '0.4.4' diff --git a/libs/binaryornot/check.py b/libs/binaryornot/check.py deleted file mode 100644 index 924a65638..000000000 --- a/libs/binaryornot/check.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- - -""" -binaryornot.check ------------------ - -Main code for checking if a file is binary or text. -""" - -import logging -import argparse - -from binaryornot.helpers import get_starting_chunk, is_binary_string - - -logger = logging.getLogger(__name__) - - -def is_binary(filename): - """ - :param filename: File to check. - :returns: True if it's a binary file, otherwise False. - """ - logger.debug('is_binary: %(filename)r', locals()) - - # Check if the file extension is in a list of known binary types -# binary_extensions = ['.pyc', ] -# for ext in binary_extensions: -# if filename.endswith(ext): -# return True - - # Check if the starting chunk is a binary string - chunk = get_starting_chunk(filename) - return is_binary_string(chunk) - - -def main(): - parser = argparse.ArgumentParser(description="Check if a " - "file passed as argument is " - "binary or not") - - parser.add_argument("filename", help="File name to check for. If " - "the file is not in the same folder, " - "include full path") - - args = parser.parse_args() - - print(is_binary(**vars(args))) - - -if __name__ == "__main__": - main() diff --git a/libs/binaryornot/helpers.py b/libs/binaryornot/helpers.py deleted file mode 100644 index 978b4c374..000000000 --- a/libs/binaryornot/helpers.py +++ /dev/null @@ -1,135 +0,0 @@ -# -*- coding: utf-8 -*- - - -""" -binaryornot.helpers -------------------- - -Helper utilities used by BinaryOrNot. -""" - -import chardet -import logging - - -logger = logging.getLogger(__name__) - - -def print_as_hex(s): - """ - Print a string as hex bytes. - """ - print(":".join("{0:x}".format(ord(c)) for c in s)) - - -def get_starting_chunk(filename, length=1024): - """ - :param filename: File to open and get the first little chunk of. - :param length: Number of bytes to read, default 1024. - :returns: Starting chunk of bytes. - """ - # Ensure we open the file in binary mode - try: - with open(filename, 'rb') as f: - chunk = f.read(length) - return chunk - except IOError as e: - print(e) - - -_control_chars = b'\n\r\t\f\b' -if bytes is str: - # Python 2 means we need to invoke chr() explicitly - _printable_ascii = _control_chars + b''.join(map(chr, range(32, 127))) - _printable_high_ascii = b''.join(map(chr, range(127, 256))) -else: - # Python 3 means bytes accepts integer input directly - _printable_ascii = _control_chars + bytes(range(32, 127)) - _printable_high_ascii = bytes(range(127, 256)) - - -def is_binary_string(bytes_to_check): - """ - Uses a simplified version of the Perl detection algorithm, - based roughly on Eli Bendersky's translation to Python: - http://eli.thegreenplace.net/2011/10/19/perls-guess-if-file-is-text-or-binary-implemented-in-python/ - - This is biased slightly more in favour of deeming files as text - files than the Perl algorithm, since all ASCII compatible character - sets are accepted as text, not just utf-8. - - :param bytes: A chunk of bytes to check. - :returns: True if appears to be a binary, otherwise False. - """ - - # Empty files are considered text files - if not bytes_to_check: - return False - - # Now check for a high percentage of ASCII control characters - # Binary if control chars are > 30% of the string - low_chars = bytes_to_check.translate(None, _printable_ascii) - nontext_ratio1 = float(len(low_chars)) / float(len(bytes_to_check)) - logger.debug('nontext_ratio1: %(nontext_ratio1)r', locals()) - - # and check for a low percentage of high ASCII characters: - # Binary if high ASCII chars are < 5% of the string - # From: https://en.wikipedia.org/wiki/UTF-8 - # If the bytes are random, the chances of a byte with the high bit set - # starting a valid UTF-8 character is only 6.64%. The chances of finding 7 - # of these without finding an invalid sequence is actually lower than the - # chance of the first three bytes randomly being the UTF-8 BOM. - - high_chars = bytes_to_check.translate(None, _printable_high_ascii) - nontext_ratio2 = float(len(high_chars)) / float(len(bytes_to_check)) - logger.debug('nontext_ratio2: %(nontext_ratio2)r', locals()) - - if nontext_ratio1 > 0.90 and nontext_ratio2 > 0.90: - return True - - is_likely_binary = ( - (nontext_ratio1 > 0.3 and nontext_ratio2 < 0.05) or - (nontext_ratio1 > 0.8 and nontext_ratio2 > 0.8) - ) - logger.debug('is_likely_binary: %(is_likely_binary)r', locals()) - - # then check for binary for possible encoding detection with chardet - detected_encoding = chardet.detect(bytes_to_check) - logger.debug('detected_encoding: %(detected_encoding)r', locals()) - - # finally use all the check to decide binary or text - decodable_as_unicode = False - if (detected_encoding['confidence'] > 0.9 and - detected_encoding['encoding'] != 'ascii'): - try: - try: - bytes_to_check.decode(encoding=detected_encoding['encoding']) - except TypeError: - # happens only on Python 2.6 - unicode(bytes_to_check, encoding=detected_encoding['encoding']) # noqa - decodable_as_unicode = True - logger.debug('success: decodable_as_unicode: ' - '%(decodable_as_unicode)r', locals()) - except LookupError: - logger.debug('failure: could not look up encoding %(encoding)s', - detected_encoding) - except UnicodeDecodeError: - logger.debug('failure: decodable_as_unicode: ' - '%(decodable_as_unicode)r', locals()) - - logger.debug('failure: decodable_as_unicode: ' - '%(decodable_as_unicode)r', locals()) - if is_likely_binary: - if decodable_as_unicode: - return False - else: - return True - else: - if decodable_as_unicode: - return False - else: - if b'\x00' in bytes_to_check or b'\xff' in bytes_to_check: - # Check for NULL bytes last - logger.debug('has nulls:' + repr(b'\x00' in bytes_to_check)) - return True - return False diff --git a/libs/bottle.py b/libs/bottle.py deleted file mode 100644 index 81a39d4ad..000000000 --- a/libs/bottle.py +++ /dev/null @@ -1,3764 +0,0 @@ -#!/usr/bin/env python -# -*- coding: utf-8 -*- -""" -Bottle is a fast and simple micro-framework for small web applications. It -offers request dispatching (Routes) with url parameter support, templates, -a built-in HTTP Server and adapters for many third party WSGI/HTTP-server and -template engines - all in a single file and with no dependencies other than the -Python Standard Library. - -Homepage and documentation: http://bottlepy.org/ - -Copyright (c) 2016, Marcel Hellkamp. -License: MIT (see LICENSE for details) -""" - -from __future__ import with_statement - -__author__ = 'Marcel Hellkamp' -__version__ = '0.12.13' -__license__ = 'MIT' - -# The gevent server adapter needs to patch some modules before they are imported -# This is why we parse the commandline parameters here but handle them later -if __name__ == '__main__': - from optparse import OptionParser - _cmd_parser = OptionParser(usage="usage: %prog [options] package.module:app") - _opt = _cmd_parser.add_option - _opt("--version", action="store_true", help="show version number.") - _opt("-b", "--bind", metavar="ADDRESS", help="bind socket to ADDRESS.") - _opt("-s", "--server", default='wsgiref', help="use SERVER as backend.") - _opt("-p", "--plugin", action="append", help="install additional plugin/s.") - _opt("--debug", action="store_true", help="start server in debug mode.") - _opt("--reload", action="store_true", help="auto-reload on file changes.") - _cmd_options, _cmd_args = _cmd_parser.parse_args() - if _cmd_options.server and _cmd_options.server.startswith('gevent'): - import gevent.monkey; gevent.monkey.patch_all() - -import base64, cgi, email.utils, functools, hmac, imp, itertools, mimetypes,\ - os, re, subprocess, sys, tempfile, threading, time, warnings - -from datetime import date as datedate, datetime, timedelta -from tempfile import TemporaryFile -from traceback import format_exc, print_exc -from six import PY2 -if PY2: - from inspect import getargspec -else: - from inspect import getfullargspec as getargspec -from unicodedata import normalize - - -try: from simplejson import dumps as json_dumps, loads as json_lds -except ImportError: # pragma: no cover - try: from json import dumps as json_dumps, loads as json_lds - except ImportError: - try: from django.utils.simplejson import dumps as json_dumps, loads as json_lds - except ImportError: - def json_dumps(data): - raise ImportError("JSON support requires Python 2.6 or simplejson.") - json_lds = json_dumps - - - -# We now try to fix 2.5/2.6/3.1/3.2 incompatibilities. -# It ain't pretty but it works... Sorry for the mess. - -py = sys.version_info -py3k = py >= (3, 0, 0) -py25 = py < (2, 6, 0) -py31 = (3, 1, 0) <= py < (3, 2, 0) - -# Workaround for the missing "as" keyword in py3k. -def _e(): return sys.exc_info()[1] - -# Workaround for the "print is a keyword/function" Python 2/3 dilemma -# and a fallback for mod_wsgi (resticts stdout/err attribute access) -try: - _stdout, _stderr = sys.stdout.write, sys.stderr.write -except IOError: - _stdout = lambda x: sys.stdout.write(x) - _stderr = lambda x: sys.stderr.write(x) - -# Lots of stdlib and builtin differences. -if py3k: - import http.client as httplib - import _thread as thread - from urllib.parse import urljoin, SplitResult as UrlSplitResult - from urllib.parse import urlencode, quote as urlquote, unquote as urlunquote - urlunquote = functools.partial(urlunquote, encoding='latin1') - from http.cookies import SimpleCookie - from collections import MutableMapping as DictMixin - import pickle - from io import BytesIO - from configparser import ConfigParser - basestring = str - unicode = str - json_loads = lambda s: json_lds(touni(s)) - callable = lambda x: hasattr(x, '__call__') - imap = map - def _raise(*a): raise a[0](a[1]).with_traceback(a[2]) -else: # 2.x - import httplib - import thread - from urlparse import urljoin, SplitResult as UrlSplitResult - from urllib import urlencode, quote as urlquote, unquote as urlunquote - from Cookie import SimpleCookie - from itertools import imap - import cPickle as pickle - from StringIO import StringIO as BytesIO - from ConfigParser import SafeConfigParser as ConfigParser - if py25: - msg = "Python 2.5 support may be dropped in future versions of Bottle." - warnings.warn(msg, DeprecationWarning) - from UserDict import DictMixin - def next(it): return it.next() - bytes = str - else: # 2.6, 2.7 - from collections import MutableMapping as DictMixin - unicode = unicode - json_loads = json_lds - eval(compile('def _raise(*a): raise a[0], a[1], a[2]', '', 'exec')) - -# Some helpers for string/byte handling -def tob(s, enc='utf8'): - return s.encode(enc) if isinstance(s, unicode) else bytes(s) -def touni(s, enc='utf8', err='strict'): - return s.decode(enc, err) if isinstance(s, bytes) else unicode(s) -tonat = touni if py3k else tob - -# 3.2 fixes cgi.FieldStorage to accept bytes (which makes a lot of sense). -# 3.1 needs a workaround. -if py31: - from io import TextIOWrapper - class NCTextIOWrapper(TextIOWrapper): - def close(self): pass # Keep wrapped buffer open. - - -# A bug in functools causes it to break if the wrapper is an instance method -def update_wrapper(wrapper, wrapped, *a, **ka): - try: functools.update_wrapper(wrapper, wrapped, *a, **ka) - except AttributeError: pass - - - -# These helpers are used at module level and need to be defined first. -# And yes, I know PEP-8, but sometimes a lower-case classname makes more sense. - -def depr(message, hard=False): - warnings.warn(message, DeprecationWarning, stacklevel=3) - -def makelist(data): # This is just to handy - if isinstance(data, (tuple, list, set, dict)): return list(data) - elif data: return [data] - else: return [] - - -class DictProperty(object): - ''' Property that maps to a key in a local dict-like attribute. ''' - def __init__(self, attr, key=None, read_only=False): - self.attr, self.key, self.read_only = attr, key, read_only - - def __call__(self, func): - functools.update_wrapper(self, func, updated=[]) - self.getter, self.key = func, self.key or func.__name__ - return self - - def __get__(self, obj, cls): - if obj is None: return self - key, storage = self.key, getattr(obj, self.attr) - if key not in storage: storage[key] = self.getter(obj) - return storage[key] - - def __set__(self, obj, value): - if self.read_only: raise AttributeError("Read-Only property.") - getattr(obj, self.attr)[self.key] = value - - def __delete__(self, obj): - if self.read_only: raise AttributeError("Read-Only property.") - del getattr(obj, self.attr)[self.key] - - -class cached_property(object): - ''' A property that is only computed once per instance and then replaces - itself with an ordinary attribute. Deleting the attribute resets the - property. ''' - - def __init__(self, func): - self.__doc__ = getattr(func, '__doc__') - self.func = func - - def __get__(self, obj, cls): - if obj is None: return self - value = obj.__dict__[self.func.__name__] = self.func(obj) - return value - - -class lazy_attribute(object): - ''' A property that caches itself to the class object. ''' - def __init__(self, func): - functools.update_wrapper(self, func, updated=[]) - self.getter = func - - def __get__(self, obj, cls): - value = self.getter(cls) - setattr(cls, self.__name__, value) - return value - - - - - - -############################################################################### -# Exceptions and Events ######################################################## -############################################################################### - - -class BottleException(Exception): - """ A base class for exceptions used by bottle. """ - pass - - - - - - -############################################################################### -# Routing ###################################################################### -############################################################################### - - -class RouteError(BottleException): - """ This is a base class for all routing related exceptions """ - - -class RouteReset(BottleException): - """ If raised by a plugin or request handler, the route is reset and all - plugins are re-applied. """ - -class RouterUnknownModeError(RouteError): pass - - -class RouteSyntaxError(RouteError): - """ The route parser found something not supported by this router. """ - - -class RouteBuildError(RouteError): - """ The route could not be built. """ - - -def _re_flatten(p): - ''' Turn all capturing groups in a regular expression pattern into - non-capturing groups. ''' - if '(' not in p: return p - return re.sub(r'(\\*)(\(\?P<[^>]+>|\((?!\?))', - lambda m: m.group(0) if len(m.group(1)) % 2 else m.group(1) + '(?:', p) - - -class Router(object): - ''' A Router is an ordered collection of route->target pairs. It is used to - efficiently match WSGI requests against a number of routes and return - the first target that satisfies the request. The target may be anything, - usually a string, ID or callable object. A route consists of a path-rule - and a HTTP method. - - The path-rule is either a static path (e.g. `/contact`) or a dynamic - path that contains wildcards (e.g. `/wiki/`). The wildcard syntax - and details on the matching order are described in docs:`routing`. - ''' - - default_pattern = '[^/]+' - default_filter = 're' - - #: The current CPython regexp implementation does not allow more - #: than 99 matching groups per regular expression. - _MAX_GROUPS_PER_PATTERN = 99 - - def __init__(self, strict=False): - self.rules = [] # All rules in order - self._groups = {} # index of regexes to find them in dyna_routes - self.builder = {} # Data structure for the url builder - self.static = {} # Search structure for static routes - self.dyna_routes = {} - self.dyna_regexes = {} # Search structure for dynamic routes - #: If true, static routes are no longer checked first. - self.strict_order = strict - self.filters = { - 're': lambda conf: - (_re_flatten(conf or self.default_pattern), None, None), - 'int': lambda conf: (r'-?\d+', int, lambda x: str(int(x))), - 'float': lambda conf: (r'-?[\d.]+', float, lambda x: str(float(x))), - 'path': lambda conf: (r'.+?', None, None)} - - def add_filter(self, name, func): - ''' Add a filter. The provided function is called with the configuration - string as parameter and must return a (regexp, to_python, to_url) tuple. - The first element is a string, the last two are callables or None. ''' - self.filters[name] = func - - rule_syntax = re.compile('(\\\\*)'\ - '(?:(?::([a-zA-Z_][a-zA-Z_0-9]*)?()(?:#(.*?)#)?)'\ - '|(?:<([a-zA-Z_][a-zA-Z_0-9]*)?(?::([a-zA-Z_]*)'\ - '(?::((?:\\\\.|[^\\\\>]+)+)?)?)?>))') - - def _itertokens(self, rule): - offset, prefix = 0, '' - for match in self.rule_syntax.finditer(rule): - prefix += rule[offset:match.start()] - g = match.groups() - if len(g[0])%2: # Escaped wildcard - prefix += match.group(0)[len(g[0]):] - offset = match.end() - continue - if prefix: - yield prefix, None, None - name, filtr, conf = g[4:7] if g[2] is None else g[1:4] - yield name, filtr or 'default', conf or None - offset, prefix = match.end(), '' - if offset <= len(rule) or prefix: - yield prefix+rule[offset:], None, None - - def add(self, rule, method, target, name=None): - ''' Add a new rule or replace the target for an existing rule. ''' - anons = 0 # Number of anonymous wildcards found - keys = [] # Names of keys - pattern = '' # Regular expression pattern with named groups - filters = [] # Lists of wildcard input filters - builder = [] # Data structure for the URL builder - is_static = True - - for key, mode, conf in self._itertokens(rule): - if mode: - is_static = False - if mode == 'default': mode = self.default_filter - mask, in_filter, out_filter = self.filters[mode](conf) - if not key: - pattern += '(?:%s)' % mask - key = 'anon%d' % anons - anons += 1 - else: - pattern += '(?P<%s>%s)' % (key, mask) - keys.append(key) - if in_filter: filters.append((key, in_filter)) - builder.append((key, out_filter or str)) - elif key: - pattern += re.escape(key) - builder.append((None, key)) - - self.builder[rule] = builder - if name: self.builder[name] = builder - - if is_static and not self.strict_order: - self.static.setdefault(method, {}) - self.static[method][self.build(rule)] = (target, None) - return - - try: - re_pattern = re.compile('^(%s)$' % pattern) - re_match = re_pattern.match - except re.error: - raise RouteSyntaxError("Could not add Route: %s (%s)" % (rule, _e())) - - if filters: - def getargs(path): - url_args = re_match(path).groupdict() - for name, wildcard_filter in filters: - try: - url_args[name] = wildcard_filter(url_args[name]) - except ValueError: - raise HTTPError(400, 'Path has wrong format.') - return url_args - elif re_pattern.groupindex: - def getargs(path): - return re_match(path).groupdict() - else: - getargs = None - - flatpat = _re_flatten(pattern) - whole_rule = (rule, flatpat, target, getargs) - - if (flatpat, method) in self._groups: - if DEBUG: - msg = 'Route <%s %s> overwrites a previously defined route' - warnings.warn(msg % (method, rule), RuntimeWarning) - self.dyna_routes[method][self._groups[flatpat, method]] = whole_rule - else: - self.dyna_routes.setdefault(method, []).append(whole_rule) - self._groups[flatpat, method] = len(self.dyna_routes[method]) - 1 - - self._compile(method) - - def _compile(self, method): - all_rules = self.dyna_routes[method] - comborules = self.dyna_regexes[method] = [] - maxgroups = self._MAX_GROUPS_PER_PATTERN - for x in range(0, len(all_rules), maxgroups): - some = all_rules[x:x+maxgroups] - combined = (flatpat for (_, flatpat, _, _) in some) - combined = '|'.join('(^%s$)' % flatpat for flatpat in combined) - combined = re.compile(combined).match - rules = [(target, getargs) for (_, _, target, getargs) in some] - comborules.append((combined, rules)) - - def build(self, _name, *anons, **query): - ''' Build an URL by filling the wildcards in a rule. ''' - builder = self.builder.get(_name) - if not builder: raise RouteBuildError("No route with that name.", _name) - try: - for i, value in enumerate(anons): query['anon%d'%i] = value - url = ''.join([f(query.pop(n)) if n else f for (n,f) in builder]) - return url if not query else url+'?'+urlencode(query) - except KeyError: - raise RouteBuildError('Missing URL argument: %r' % _e().args[0]) - - def match(self, environ): - ''' Return a (target, url_agrs) tuple or raise HTTPError(400/404/405). ''' - verb = environ['REQUEST_METHOD'].upper() - path = environ['PATH_INFO'] or '/' - target = None - if verb == 'HEAD': - methods = ['PROXY', verb, 'GET', 'ANY'] - else: - methods = ['PROXY', verb, 'ANY'] - - for method in methods: - if method in self.static and path in self.static[method]: - target, getargs = self.static[method][path] - return target, getargs(path) if getargs else {} - elif method in self.dyna_regexes: - for combined, rules in self.dyna_regexes[method]: - match = combined(path) - if match: - target, getargs = rules[match.lastindex - 1] - return target, getargs(path) if getargs else {} - - # No matching route found. Collect alternative methods for 405 response - allowed = set([]) - nocheck = set(methods) - for method in set(self.static) - nocheck: - if path in self.static[method]: - allowed.add(verb) - for method in set(self.dyna_regexes) - allowed - nocheck: - for combined, rules in self.dyna_regexes[method]: - match = combined(path) - if match: - allowed.add(method) - if allowed: - allow_header = ",".join(sorted(allowed)) - raise HTTPError(405, "Method not allowed.", Allow=allow_header) - - # No matching route and no alternative method found. We give up - raise HTTPError(404, "Not found: " + repr(path)) - - - - - - -class Route(object): - ''' This class wraps a route callback along with route specific metadata and - configuration and applies Plugins on demand. It is also responsible for - turing an URL path rule into a regular expression usable by the Router. - ''' - - def __init__(self, app, rule, method, callback, name=None, - plugins=None, skiplist=None, **config): - #: The application this route is installed to. - self.app = app - #: The path-rule string (e.g. ``/wiki/:page``). - self.rule = rule - #: The HTTP method as a string (e.g. ``GET``). - self.method = method - #: The original callback with no plugins applied. Useful for introspection. - self.callback = callback - #: The name of the route (if specified) or ``None``. - self.name = name or None - #: A list of route-specific plugins (see :meth:`Bottle.route`). - self.plugins = plugins or [] - #: A list of plugins to not apply to this route (see :meth:`Bottle.route`). - self.skiplist = skiplist or [] - #: Additional keyword arguments passed to the :meth:`Bottle.route` - #: decorator are stored in this dictionary. Used for route-specific - #: plugin configuration and meta-data. - self.config = ConfigDict().load_dict(config, make_namespaces=True) - - def __call__(self, *a, **ka): - depr("Some APIs changed to return Route() instances instead of"\ - " callables. Make sure to use the Route.call method and not to"\ - " call Route instances directly.") #0.12 - return self.call(*a, **ka) - - @cached_property - def call(self): - ''' The route callback with all plugins applied. This property is - created on demand and then cached to speed up subsequent requests.''' - return self._make_callback() - - def reset(self): - ''' Forget any cached values. The next time :attr:`call` is accessed, - all plugins are re-applied. ''' - self.__dict__.pop('call', None) - - def prepare(self): - ''' Do all on-demand work immediately (useful for debugging).''' - self.call - - @property - def _context(self): - depr('Switch to Plugin API v2 and access the Route object directly.') #0.12 - return dict(rule=self.rule, method=self.method, callback=self.callback, - name=self.name, app=self.app, config=self.config, - apply=self.plugins, skip=self.skiplist) - - def all_plugins(self): - ''' Yield all Plugins affecting this route. ''' - unique = set() - for p in reversed(self.app.plugins + self.plugins): - if True in self.skiplist: break - name = getattr(p, 'name', False) - if name and (name in self.skiplist or name in unique): continue - if p in self.skiplist or type(p) in self.skiplist: continue - if name: unique.add(name) - yield p - - def _make_callback(self): - callback = self.callback - for plugin in self.all_plugins(): - try: - if hasattr(plugin, 'apply'): - api = getattr(plugin, 'api', 1) - context = self if api > 1 else self._context - callback = plugin.apply(callback, context) - else: - callback = plugin(callback) - except RouteReset: # Try again with changed configuration. - return self._make_callback() - if not callback is self.callback: - update_wrapper(callback, self.callback) - return callback - - def get_undecorated_callback(self): - ''' Return the callback. If the callback is a decorated function, try to - recover the original function. ''' - func = self.callback - func = getattr(func, '__func__' if py3k else 'im_func', func) - closure_attr = '__closure__' if py3k else 'func_closure' - while hasattr(func, closure_attr) and getattr(func, closure_attr): - func = getattr(func, closure_attr)[0].cell_contents - return func - - def get_callback_args(self): - ''' Return a list of argument names the callback (most likely) accepts - as keyword arguments. If the callback is a decorated function, try - to recover the original function before inspection. ''' - return getargspec(self.get_undecorated_callback())[0] - - def get_config(self, key, default=None): - ''' Lookup a config field and return its value, first checking the - route.config, then route.app.config.''' - for conf in (self.config, self.app.conifg): - if key in conf: return conf[key] - return default - - def __repr__(self): - cb = self.get_undecorated_callback() - return '<%s %r %r>' % (self.method, self.rule, cb) - - - - - - -############################################################################### -# Application Object ########################################################### -############################################################################### - - -class Bottle(object): - """ Each Bottle object represents a single, distinct web application and - consists of routes, callbacks, plugins, resources and configuration. - Instances are callable WSGI applications. - - :param catchall: If true (default), handle all exceptions. Turn off to - let debugging middleware handle exceptions. - """ - - def __init__(self, catchall=True, autojson=True): - - #: A :class:`ConfigDict` for app specific configuration. - self.config = ConfigDict() - self.config._on_change = functools.partial(self.trigger_hook, 'config') - self.config.meta_set('autojson', 'validate', bool) - self.config.meta_set('catchall', 'validate', bool) - self.config['catchall'] = catchall - self.config['autojson'] = autojson - - #: A :class:`ResourceManager` for application files - self.resources = ResourceManager() - - self.routes = [] # List of installed :class:`Route` instances. - self.router = Router() # Maps requests to :class:`Route` instances. - self.error_handler = {} - - # Core plugins - self.plugins = [] # List of installed plugins. - if self.config['autojson']: - self.install(JSONPlugin()) - self.install(TemplatePlugin()) - - #: If true, most exceptions are caught and returned as :exc:`HTTPError` - catchall = DictProperty('config', 'catchall') - - __hook_names = 'before_request', 'after_request', 'app_reset', 'config' - __hook_reversed = 'after_request' - - @cached_property - def _hooks(self): - return dict((name, []) for name in self.__hook_names) - - def add_hook(self, name, func): - ''' Attach a callback to a hook. Three hooks are currently implemented: - - before_request - Executed once before each request. The request context is - available, but no routing has happened yet. - after_request - Executed once after each request regardless of its outcome. - app_reset - Called whenever :meth:`Bottle.reset` is called. - ''' - if name in self.__hook_reversed: - self._hooks[name].insert(0, func) - else: - self._hooks[name].append(func) - - def remove_hook(self, name, func): - ''' Remove a callback from a hook. ''' - if name in self._hooks and func in self._hooks[name]: - self._hooks[name].remove(func) - return True - - def trigger_hook(self, __name, *args, **kwargs): - ''' Trigger a hook and return a list of results. ''' - return [hook(*args, **kwargs) for hook in self._hooks[__name][:]] - - def hook(self, name): - """ Return a decorator that attaches a callback to a hook. See - :meth:`add_hook` for details.""" - def decorator(func): - self.add_hook(name, func) - return func - return decorator - - def mount(self, prefix, app, **options): - ''' Mount an application (:class:`Bottle` or plain WSGI) to a specific - URL prefix. Example:: - - root_app.mount('/admin/', admin_app) - - :param prefix: path prefix or `mount-point`. If it ends in a slash, - that slash is mandatory. - :param app: an instance of :class:`Bottle` or a WSGI application. - - All other parameters are passed to the underlying :meth:`route` call. - ''' - if isinstance(app, basestring): - depr('Parameter order of Bottle.mount() changed.', True) # 0.10 - - segments = [p for p in prefix.split('/') if p] - if not segments: raise ValueError('Empty path prefix.') - path_depth = len(segments) - - def mountpoint_wrapper(): - try: - request.path_shift(path_depth) - rs = HTTPResponse([]) - def start_response(status, headerlist, exc_info=None): - if exc_info: - try: - _raise(*exc_info) - finally: - exc_info = None - rs.status = status - for name, value in headerlist: rs.add_header(name, value) - return rs.body.append - body = app(request.environ, start_response) - if body and rs.body: body = itertools.chain(rs.body, body) - rs.body = body or rs.body - return rs - finally: - request.path_shift(-path_depth) - - options.setdefault('skip', True) - options.setdefault('method', 'PROXY') - options.setdefault('mountpoint', {'prefix': prefix, 'target': app}) - options['callback'] = mountpoint_wrapper - - self.route('/%s/<:re:.*>' % '/'.join(segments), **options) - if not prefix.endswith('/'): - self.route('/' + '/'.join(segments), **options) - - def merge(self, routes): - ''' Merge the routes of another :class:`Bottle` application or a list of - :class:`Route` objects into this application. The routes keep their - 'owner', meaning that the :data:`Route.app` attribute is not - changed. ''' - if isinstance(routes, Bottle): - routes = routes.routes - for route in routes: - self.add_route(route) - - def install(self, plugin): - ''' Add a plugin to the list of plugins and prepare it for being - applied to all routes of this application. A plugin may be a simple - decorator or an object that implements the :class:`Plugin` API. - ''' - if hasattr(plugin, 'setup'): plugin.setup(self) - if not callable(plugin) and not hasattr(plugin, 'apply'): - raise TypeError("Plugins must be callable or implement .apply()") - self.plugins.append(plugin) - self.reset() - return plugin - - def uninstall(self, plugin): - ''' Uninstall plugins. Pass an instance to remove a specific plugin, a type - object to remove all plugins that match that type, a string to remove - all plugins with a matching ``name`` attribute or ``True`` to remove all - plugins. Return the list of removed plugins. ''' - removed, remove = [], plugin - for i, plugin in list(enumerate(self.plugins))[::-1]: - if remove is True or remove is plugin or remove is type(plugin) \ - or getattr(plugin, 'name', True) == remove: - removed.append(plugin) - del self.plugins[i] - if hasattr(plugin, 'close'): plugin.close() - if removed: self.reset() - return removed - - def reset(self, route=None): - ''' Reset all routes (force plugins to be re-applied) and clear all - caches. If an ID or route object is given, only that specific route - is affected. ''' - if route is None: routes = self.routes - elif isinstance(route, Route): routes = [route] - else: routes = [self.routes[route]] - for route in routes: route.reset() - if DEBUG: - for route in routes: route.prepare() - self.trigger_hook('app_reset') - - def close(self): - ''' Close the application and all installed plugins. ''' - for plugin in self.plugins: - if hasattr(plugin, 'close'): plugin.close() - self.stopped = True - - def run(self, **kwargs): - ''' Calls :func:`run` with the same parameters. ''' - run(self, **kwargs) - - def match(self, environ): - """ Search for a matching route and return a (:class:`Route` , urlargs) - tuple. The second value is a dictionary with parameters extracted - from the URL. Raise :exc:`HTTPError` (404/405) on a non-match.""" - return self.router.match(environ) - - def get_url(self, routename, **kargs): - """ Return a string that matches a named route """ - scriptname = request.environ.get('SCRIPT_NAME', '').strip('/') + '/' - location = self.router.build(routename, **kargs).lstrip('/') - return urljoin(urljoin('/', scriptname), location) - - def add_route(self, route): - ''' Add a route object, but do not change the :data:`Route.app` - attribute.''' - self.routes.append(route) - self.router.add(route.rule, route.method, route, name=route.name) - if DEBUG: route.prepare() - - def route(self, path=None, method='GET', callback=None, name=None, - apply=None, skip=None, **config): - """ A decorator to bind a function to a request URL. Example:: - - @app.route('/hello/:name') - def hello(name): - return 'Hello %s' % name - - The ``:name`` part is a wildcard. See :class:`Router` for syntax - details. - - :param path: Request path or a list of paths to listen to. If no - path is specified, it is automatically generated from the - signature of the function. - :param method: HTTP method (`GET`, `POST`, `PUT`, ...) or a list of - methods to listen to. (default: `GET`) - :param callback: An optional shortcut to avoid the decorator - syntax. ``route(..., callback=func)`` equals ``route(...)(func)`` - :param name: The name for this route. (default: None) - :param apply: A decorator or plugin or a list of plugins. These are - applied to the route callback in addition to installed plugins. - :param skip: A list of plugins, plugin classes or names. Matching - plugins are not installed to this route. ``True`` skips all. - - Any additional keyword arguments are stored as route-specific - configuration and passed to plugins (see :meth:`Plugin.apply`). - """ - if callable(path): path, callback = None, path - plugins = makelist(apply) - skiplist = makelist(skip) - def decorator(callback): - # TODO: Documentation and tests - if isinstance(callback, basestring): callback = load(callback) - for rule in makelist(path) or yieldroutes(callback): - for verb in makelist(method): - verb = verb.upper() - route = Route(self, rule, verb, callback, name=name, - plugins=plugins, skiplist=skiplist, **config) - self.add_route(route) - return callback - return decorator(callback) if callback else decorator - - def get(self, path=None, method='GET', **options): - """ Equals :meth:`route`. """ - return self.route(path, method, **options) - - def post(self, path=None, method='POST', **options): - """ Equals :meth:`route` with a ``POST`` method parameter. """ - return self.route(path, method, **options) - - def put(self, path=None, method='PUT', **options): - """ Equals :meth:`route` with a ``PUT`` method parameter. """ - return self.route(path, method, **options) - - def delete(self, path=None, method='DELETE', **options): - """ Equals :meth:`route` with a ``DELETE`` method parameter. """ - return self.route(path, method, **options) - - def error(self, code=500): - """ Decorator: Register an output handler for a HTTP error code""" - def wrapper(handler): - self.error_handler[int(code)] = handler - return handler - return wrapper - - def default_error_handler(self, res): - return tob(template(ERROR_PAGE_TEMPLATE, e=res)) - - def _handle(self, environ): - path = environ['bottle.raw_path'] = environ['PATH_INFO'] - if py3k: - try: - environ['PATH_INFO'] = path.encode('latin1').decode('utf8') - except UnicodeError: - return HTTPError(400, 'Invalid path string. Expected UTF-8') - - try: - environ['bottle.app'] = self - request.bind(environ) - response.bind() - try: - self.trigger_hook('before_request') - route, args = self.router.match(environ) - environ['route.handle'] = route - environ['bottle.route'] = route - environ['route.url_args'] = args - return route.call(**args) - finally: - self.trigger_hook('after_request') - - except HTTPResponse: - return _e() - except RouteReset: - route.reset() - return self._handle(environ) - except (KeyboardInterrupt, SystemExit, MemoryError): - raise - except Exception: - if not self.catchall: raise - stacktrace = format_exc() - environ['wsgi.errors'].write(stacktrace) - return HTTPError(500, "Internal Server Error", _e(), stacktrace) - - def _cast(self, out, peek=None): - """ Try to convert the parameter into something WSGI compatible and set - correct HTTP headers when possible. - Support: False, str, unicode, dict, HTTPResponse, HTTPError, file-like, - iterable of strings and iterable of unicodes - """ - - # Empty output is done here - if not out: - if 'Content-Length' not in response: - response['Content-Length'] = 0 - return [] - # Join lists of byte or unicode strings. Mixed lists are NOT supported - if isinstance(out, (tuple, list))\ - and isinstance(out[0], (bytes, unicode)): - out = out[0][0:0].join(out) # b'abc'[0:0] -> b'' - # Encode unicode strings - if isinstance(out, unicode): - out = out.encode(response.charset) - # Byte Strings are just returned - if isinstance(out, bytes): - if 'Content-Length' not in response: - response['Content-Length'] = len(out) - return [out] - # HTTPError or HTTPException (recursive, because they may wrap anything) - # TODO: Handle these explicitly in handle() or make them iterable. - if isinstance(out, HTTPError): - out.apply(response) - out = self.error_handler.get(out.status_code, self.default_error_handler)(out) - return self._cast(out) - if isinstance(out, HTTPResponse): - out.apply(response) - return self._cast(out.body) - - # File-like objects. - if hasattr(out, 'read'): - if 'wsgi.file_wrapper' in request.environ: - return request.environ['wsgi.file_wrapper'](out) - elif hasattr(out, 'close') or not hasattr(out, '__iter__'): - return WSGIFileWrapper(out) - - # Handle Iterables. We peek into them to detect their inner type. - try: - iout = iter(out) - first = next(iout) - while not first: - first = next(iout) - except StopIteration: - return self._cast('') - except HTTPResponse: - first = _e() - except (KeyboardInterrupt, SystemExit, MemoryError): - raise - except Exception: - if not self.catchall: raise - first = HTTPError(500, 'Unhandled exception', _e(), format_exc()) - - # These are the inner types allowed in iterator or generator objects. - if isinstance(first, HTTPResponse): - return self._cast(first) - elif isinstance(first, bytes): - new_iter = itertools.chain([first], iout) - elif isinstance(first, unicode): - encoder = lambda x: x.encode(response.charset) - new_iter = imap(encoder, itertools.chain([first], iout)) - else: - msg = 'Unsupported response type: %s' % type(first) - return self._cast(HTTPError(500, msg)) - if hasattr(out, 'close'): - new_iter = _closeiter(new_iter, out.close) - return new_iter - - def wsgi(self, environ, start_response): - """ The bottle WSGI-interface. """ - try: - out = self._cast(self._handle(environ)) - # rfc2616 section 4.3 - if response._status_code in (100, 101, 204, 304)\ - or environ['REQUEST_METHOD'] == 'HEAD': - if hasattr(out, 'close'): out.close() - out = [] - start_response(response._status_line, response.headerlist) - return out - except (KeyboardInterrupt, SystemExit, MemoryError): - raise - except Exception: - if not self.catchall: raise - err = '

Critical error while processing request: %s

' \ - % html_escape(environ.get('PATH_INFO', '/')) - if DEBUG: - err += '

Error:

\n
\n%s\n
\n' \ - '

Traceback:

\n
\n%s\n
\n' \ - % (html_escape(repr(_e())), html_escape(format_exc())) - environ['wsgi.errors'].write(err) - headers = [('Content-Type', 'text/html; charset=UTF-8')] - start_response('500 INTERNAL SERVER ERROR', headers, sys.exc_info()) - return [tob(err)] - - def __call__(self, environ, start_response): - ''' Each instance of :class:'Bottle' is a WSGI application. ''' - return self.wsgi(environ, start_response) - - - - - - -############################################################################### -# HTTP and WSGI Tools ########################################################## -############################################################################### - -class BaseRequest(object): - """ A wrapper for WSGI environment dictionaries that adds a lot of - convenient access methods and properties. Most of them are read-only. - - Adding new attributes to a request actually adds them to the environ - dictionary (as 'bottle.request.ext.'). This is the recommended - way to store and access request-specific data. - """ - - __slots__ = ('environ') - - #: Maximum size of memory buffer for :attr:`body` in bytes. - MEMFILE_MAX = 102400 - - def __init__(self, environ=None): - """ Wrap a WSGI environ dictionary. """ - #: The wrapped WSGI environ dictionary. This is the only real attribute. - #: All other attributes actually are read-only properties. - self.environ = {} if environ is None else environ - self.environ['bottle.request'] = self - - @DictProperty('environ', 'bottle.app', read_only=True) - def app(self): - ''' Bottle application handling this request. ''' - raise RuntimeError('This request is not connected to an application.') - - @DictProperty('environ', 'bottle.route', read_only=True) - def route(self): - """ The bottle :class:`Route` object that matches this request. """ - raise RuntimeError('This request is not connected to a route.') - - @DictProperty('environ', 'route.url_args', read_only=True) - def url_args(self): - """ The arguments extracted from the URL. """ - raise RuntimeError('This request is not connected to a route.') - - @property - def path(self): - ''' The value of ``PATH_INFO`` with exactly one prefixed slash (to fix - broken clients and avoid the "empty path" edge case). ''' - return '/' + self.environ.get('PATH_INFO','').lstrip('/') - - @property - def method(self): - ''' The ``REQUEST_METHOD`` value as an uppercase string. ''' - return self.environ.get('REQUEST_METHOD', 'GET').upper() - - @DictProperty('environ', 'bottle.request.headers', read_only=True) - def headers(self): - ''' A :class:`WSGIHeaderDict` that provides case-insensitive access to - HTTP request headers. ''' - return WSGIHeaderDict(self.environ) - - def get_header(self, name, default=None): - ''' Return the value of a request header, or a given default value. ''' - return self.headers.get(name, default) - - @DictProperty('environ', 'bottle.request.cookies', read_only=True) - def cookies(self): - """ Cookies parsed into a :class:`FormsDict`. Signed cookies are NOT - decoded. Use :meth:`get_cookie` if you expect signed cookies. """ - cookies = SimpleCookie(self.environ.get('HTTP_COOKIE','')).values() - return FormsDict((c.key, c.value) for c in cookies) - - def get_cookie(self, key, default=None, secret=None): - """ Return the content of a cookie. To read a `Signed Cookie`, the - `secret` must match the one used to create the cookie (see - :meth:`BaseResponse.set_cookie`). If anything goes wrong (missing - cookie or wrong signature), return a default value. """ - value = self.cookies.get(key) - if secret and value: - dec = cookie_decode(value, secret) # (key, value) tuple or None - return dec[1] if dec and dec[0] == key else default - return value or default - - @DictProperty('environ', 'bottle.request.query', read_only=True) - def query(self): - ''' The :attr:`query_string` parsed into a :class:`FormsDict`. These - values are sometimes called "URL arguments" or "GET parameters", but - not to be confused with "URL wildcards" as they are provided by the - :class:`Router`. ''' - get = self.environ['bottle.get'] = FormsDict() - pairs = _parse_qsl(self.environ.get('QUERY_STRING', '')) - for key, value in pairs: - get[key] = value - return get - - @DictProperty('environ', 'bottle.request.forms', read_only=True) - def forms(self): - """ Form values parsed from an `url-encoded` or `multipart/form-data` - encoded POST or PUT request body. The result is returned as a - :class:`FormsDict`. All keys and values are strings. File uploads - are stored separately in :attr:`files`. """ - forms = FormsDict() - for name, item in self.POST.allitems(): - if not isinstance(item, FileUpload): - forms[name] = item - return forms - - @DictProperty('environ', 'bottle.request.params', read_only=True) - def params(self): - """ A :class:`FormsDict` with the combined values of :attr:`query` and - :attr:`forms`. File uploads are stored in :attr:`files`. """ - params = FormsDict() - for key, value in self.query.allitems(): - params[key] = value - for key, value in self.forms.allitems(): - params[key] = value - return params - - @DictProperty('environ', 'bottle.request.files', read_only=True) - def files(self): - """ File uploads parsed from `multipart/form-data` encoded POST or PUT - request body. The values are instances of :class:`FileUpload`. - - """ - files = FormsDict() - for name, item in self.POST.allitems(): - if isinstance(item, FileUpload): - files[name] = item - return files - - @DictProperty('environ', 'bottle.request.json', read_only=True) - def json(self): - ''' If the ``Content-Type`` header is ``application/json``, this - property holds the parsed content of the request body. Only requests - smaller than :attr:`MEMFILE_MAX` are processed to avoid memory - exhaustion. ''' - ctype = self.environ.get('CONTENT_TYPE', '').lower().split(';')[0] - if ctype == 'application/json': - b = self._get_body_string() - if not b: - return None - return json_loads(b) - return None - - def _iter_body(self, read, bufsize): - maxread = max(0, self.content_length) - while maxread: - part = read(min(maxread, bufsize)) - if not part: break - yield part - maxread -= len(part) - - def _iter_chunked(self, read, bufsize): - err = HTTPError(400, 'Error while parsing chunked transfer body.') - rn, sem, bs = tob('\r\n'), tob(';'), tob('') - while True: - header = read(1) - while header[-2:] != rn: - c = read(1) - header += c - if not c: raise err - if len(header) > bufsize: raise err - size, _, _ = header.partition(sem) - try: - maxread = int(tonat(size.strip()), 16) - except ValueError: - raise err - if maxread == 0: break - buff = bs - while maxread > 0: - if not buff: - buff = read(min(maxread, bufsize)) - part, buff = buff[:maxread], buff[maxread:] - if not part: raise err - yield part - maxread -= len(part) - if read(2) != rn: - raise err - - @DictProperty('environ', 'bottle.request.body', read_only=True) - def _body(self): - body_iter = self._iter_chunked if self.chunked else self._iter_body - read_func = self.environ['wsgi.input'].read - body, body_size, is_temp_file = BytesIO(), 0, False - for part in body_iter(read_func, self.MEMFILE_MAX): - body.write(part) - body_size += len(part) - if not is_temp_file and body_size > self.MEMFILE_MAX: - body, tmp = TemporaryFile(mode='w+b'), body - body.write(tmp.getvalue()) - del tmp - is_temp_file = True - self.environ['wsgi.input'] = body - body.seek(0) - return body - - def _get_body_string(self): - ''' read body until content-length or MEMFILE_MAX into a string. Raise - HTTPError(413) on requests that are to large. ''' - clen = self.content_length - if clen > self.MEMFILE_MAX: - raise HTTPError(413, 'Request to large') - if clen < 0: clen = self.MEMFILE_MAX + 1 - data = self.body.read(clen) - if len(data) > self.MEMFILE_MAX: # Fail fast - raise HTTPError(413, 'Request to large') - return data - - @property - def body(self): - """ The HTTP request body as a seek-able file-like object. Depending on - :attr:`MEMFILE_MAX`, this is either a temporary file or a - :class:`io.BytesIO` instance. Accessing this property for the first - time reads and replaces the ``wsgi.input`` environ variable. - Subsequent accesses just do a `seek(0)` on the file object. """ - self._body.seek(0) - return self._body - - @property - def chunked(self): - ''' True if Chunked transfer encoding was. ''' - return 'chunked' in self.environ.get('HTTP_TRANSFER_ENCODING', '').lower() - - #: An alias for :attr:`query`. - GET = query - - @DictProperty('environ', 'bottle.request.post', read_only=True) - def POST(self): - """ The values of :attr:`forms` and :attr:`files` combined into a single - :class:`FormsDict`. Values are either strings (form values) or - instances of :class:`cgi.FieldStorage` (file uploads). - """ - post = FormsDict() - # We default to application/x-www-form-urlencoded for everything that - # is not multipart and take the fast path (also: 3.1 workaround) - if not self.content_type.startswith('multipart/'): - pairs = _parse_qsl(tonat(self._get_body_string(), 'latin1')) - for key, value in pairs: - post[key] = value - return post - - safe_env = {'QUERY_STRING':''} # Build a safe environment for cgi - for key in ('REQUEST_METHOD', 'CONTENT_TYPE', 'CONTENT_LENGTH'): - if key in self.environ: safe_env[key] = self.environ[key] - args = dict(fp=self.body, environ=safe_env, keep_blank_values=True) - if py31: - args['fp'] = NCTextIOWrapper(args['fp'], encoding='utf8', - newline='\n') - elif py3k: - args['encoding'] = 'utf8' - data = cgi.FieldStorage(**args) - self['_cgi.FieldStorage'] = data #http://bugs.python.org/issue18394#msg207958 - data = data.list or [] - for item in data: - if item.filename: - post[item.name] = FileUpload(item.file, item.name, - item.filename, item.headers) - else: - post[item.name] = item.value - return post - - @property - def url(self): - """ The full request URI including hostname and scheme. If your app - lives behind a reverse proxy or load balancer and you get confusing - results, make sure that the ``X-Forwarded-Host`` header is set - correctly. """ - return self.urlparts.geturl() - - @DictProperty('environ', 'bottle.request.urlparts', read_only=True) - def urlparts(self): - ''' The :attr:`url` string as an :class:`urlparse.SplitResult` tuple. - The tuple contains (scheme, host, path, query_string and fragment), - but the fragment is always empty because it is not visible to the - server. ''' - env = self.environ - http = env.get('HTTP_X_FORWARDED_PROTO') or env.get('wsgi.url_scheme', 'http') - host = env.get('HTTP_X_FORWARDED_HOST') or env.get('HTTP_HOST') - if not host: - # HTTP 1.1 requires a Host-header. This is for HTTP/1.0 clients. - host = env.get('SERVER_NAME', '127.0.0.1') - port = env.get('SERVER_PORT') - if port and port != ('80' if http == 'http' else '443'): - host += ':' + port - path = urlquote(self.fullpath) - return UrlSplitResult(http, host, path, env.get('QUERY_STRING'), '') - - @property - def fullpath(self): - """ Request path including :attr:`script_name` (if present). """ - return urljoin(self.script_name, self.path.lstrip('/')) - - @property - def query_string(self): - """ The raw :attr:`query` part of the URL (everything in between ``?`` - and ``#``) as a string. """ - return self.environ.get('QUERY_STRING', '') - - @property - def script_name(self): - ''' The initial portion of the URL's `path` that was removed by a higher - level (server or routing middleware) before the application was - called. This script path is returned with leading and tailing - slashes. ''' - script_name = self.environ.get('SCRIPT_NAME', '').strip('/') - return '/' + script_name + '/' if script_name else '/' - - def path_shift(self, shift=1): - ''' Shift path segments from :attr:`path` to :attr:`script_name` and - vice versa. - - :param shift: The number of path segments to shift. May be negative - to change the shift direction. (default: 1) - ''' - script = self.environ.get('SCRIPT_NAME','/') - self['SCRIPT_NAME'], self['PATH_INFO'] = path_shift(script, self.path, shift) - - @property - def content_length(self): - ''' The request body length as an integer. The client is responsible to - set this header. Otherwise, the real length of the body is unknown - and -1 is returned. In this case, :attr:`body` will be empty. ''' - return int(self.environ.get('CONTENT_LENGTH') or -1) - - @property - def content_type(self): - ''' The Content-Type header as a lowercase-string (default: empty). ''' - return self.environ.get('CONTENT_TYPE', '').lower() - - @property - def is_xhr(self): - ''' True if the request was triggered by a XMLHttpRequest. This only - works with JavaScript libraries that support the `X-Requested-With` - header (most of the popular libraries do). ''' - requested_with = self.environ.get('HTTP_X_REQUESTED_WITH','') - return requested_with.lower() == 'xmlhttprequest' - - @property - def is_ajax(self): - ''' Alias for :attr:`is_xhr`. "Ajax" is not the right term. ''' - return self.is_xhr - - @property - def auth(self): - """ HTTP authentication data as a (user, password) tuple. This - implementation currently supports basic (not digest) authentication - only. If the authentication happened at a higher level (e.g. in the - front web-server or a middleware), the password field is None, but - the user field is looked up from the ``REMOTE_USER`` environ - variable. On any errors, None is returned. """ - basic = parse_auth(self.environ.get('HTTP_AUTHORIZATION','')) - if basic: return basic - ruser = self.environ.get('REMOTE_USER') - if ruser: return (ruser, None) - return None - - @property - def remote_route(self): - """ A list of all IPs that were involved in this request, starting with - the client IP and followed by zero or more proxies. This does only - work if all proxies support the ```X-Forwarded-For`` header. Note - that this information can be forged by malicious clients. """ - proxy = self.environ.get('HTTP_X_FORWARDED_FOR') - if proxy: return [ip.strip() for ip in proxy.split(',')] - remote = self.environ.get('REMOTE_ADDR') - return [remote] if remote else [] - - @property - def remote_addr(self): - """ The client IP as a string. Note that this information can be forged - by malicious clients. """ - route = self.remote_route - return route[0] if route else None - - def copy(self): - """ Return a new :class:`Request` with a shallow :attr:`environ` copy. """ - return Request(self.environ.copy()) - - def get(self, value, default=None): return self.environ.get(value, default) - def __getitem__(self, key): return self.environ[key] - def __delitem__(self, key): self[key] = ""; del(self.environ[key]) - def __iter__(self): return iter(self.environ) - def __len__(self): return len(self.environ) - def keys(self): return self.environ.keys() - def __setitem__(self, key, value): - """ Change an environ value and clear all caches that depend on it. """ - - if self.environ.get('bottle.request.readonly'): - raise KeyError('The environ dictionary is read-only.') - - self.environ[key] = value - todelete = () - - if key == 'wsgi.input': - todelete = ('body', 'forms', 'files', 'params', 'post', 'json') - elif key == 'QUERY_STRING': - todelete = ('query', 'params') - elif key.startswith('HTTP_'): - todelete = ('headers', 'cookies') - - for key in todelete: - self.environ.pop('bottle.request.'+key, None) - - def __repr__(self): - return '<%s: %s %s>' % (self.__class__.__name__, self.method, self.url) - - def __getattr__(self, name): - ''' Search in self.environ for additional user defined attributes. ''' - try: - var = self.environ['bottle.request.ext.%s'%name] - return var.__get__(self) if hasattr(var, '__get__') else var - except KeyError: - raise AttributeError('Attribute %r not defined.' % name) - - def __setattr__(self, name, value): - if name == 'environ': return object.__setattr__(self, name, value) - self.environ['bottle.request.ext.%s'%name] = value - - -def _hkey(key): - if '\n' in key or '\r' in key or '\0' in key: - raise ValueError("Header names must not contain control characters: %r" % key) - return key.title().replace('_', '-') - - -def _hval(value): - value = tonat(value) - if '\n' in value or '\r' in value or '\0' in value: - raise ValueError("Header value must not contain control characters: %r" % value) - return value - - - -class HeaderProperty(object): - def __init__(self, name, reader=None, writer=None, default=''): - self.name, self.default = name, default - self.reader, self.writer = reader, writer - self.__doc__ = 'Current value of the %r header.' % name.title() - - def __get__(self, obj, cls): - if obj is None: return self - value = obj.get_header(self.name, self.default) - return self.reader(value) if self.reader else value - - def __set__(self, obj, value): - obj[self.name] = self.writer(value) if self.writer else value - - def __delete__(self, obj): - del obj[self.name] - - -class BaseResponse(object): - """ Storage class for a response body as well as headers and cookies. - - This class does support dict-like case-insensitive item-access to - headers, but is NOT a dict. Most notably, iterating over a response - yields parts of the body and not the headers. - - :param body: The response body as one of the supported types. - :param status: Either an HTTP status code (e.g. 200) or a status line - including the reason phrase (e.g. '200 OK'). - :param headers: A dictionary or a list of name-value pairs. - - Additional keyword arguments are added to the list of headers. - Underscores in the header name are replaced with dashes. - """ - - default_status = 200 - default_content_type = 'text/html; charset=UTF-8' - - # Header blacklist for specific response codes - # (rfc2616 section 10.2.3 and 10.3.5) - bad_headers = { - 204: set(('Content-Type',)), - 304: set(('Allow', 'Content-Encoding', 'Content-Language', - 'Content-Length', 'Content-Range', 'Content-Type', - 'Content-Md5', 'Last-Modified'))} - - def __init__(self, body='', status=None, headers=None, **more_headers): - self._cookies = None - self._headers = {} - self.body = body - self.status = status or self.default_status - if headers: - if isinstance(headers, dict): - headers = headers.items() - for name, value in headers: - self.add_header(name, value) - if more_headers: - for name, value in more_headers.items(): - self.add_header(name, value) - - def copy(self, cls=None): - ''' Returns a copy of self. ''' - cls = cls or BaseResponse - assert issubclass(cls, BaseResponse) - copy = cls() - copy.status = self.status - copy._headers = dict((k, v[:]) for (k, v) in self._headers.items()) - if self._cookies: - copy._cookies = SimpleCookie() - copy._cookies.load(self._cookies.output(header='')) - return copy - - def __iter__(self): - return iter(self.body) - - def close(self): - if hasattr(self.body, 'close'): - self.body.close() - - @property - def status_line(self): - ''' The HTTP status line as a string (e.g. ``404 Not Found``).''' - return self._status_line - - @property - def status_code(self): - ''' The HTTP status code as an integer (e.g. 404).''' - return self._status_code - - def _set_status(self, status): - if isinstance(status, int): - code, status = status, _HTTP_STATUS_LINES.get(status) - elif ' ' in status: - status = status.strip() - code = int(status.split()[0]) - else: - raise ValueError('String status line without a reason phrase.') - if not 100 <= code <= 999: raise ValueError('Status code out of range.') - self._status_code = code - self._status_line = str(status or ('%d Unknown' % code)) - - def _get_status(self): - return self._status_line - - status = property(_get_status, _set_status, None, - ''' A writeable property to change the HTTP response status. It accepts - either a numeric code (100-999) or a string with a custom reason - phrase (e.g. "404 Brain not found"). Both :data:`status_line` and - :data:`status_code` are updated accordingly. The return value is - always a status string. ''') - del _get_status, _set_status - - @property - def headers(self): - ''' An instance of :class:`HeaderDict`, a case-insensitive dict-like - view on the response headers. ''' - hdict = HeaderDict() - hdict.dict = self._headers - return hdict - - def __contains__(self, name): return _hkey(name) in self._headers - def __delitem__(self, name): del self._headers[_hkey(name)] - def __getitem__(self, name): return self._headers[_hkey(name)][-1] - def __setitem__(self, name, value): self._headers[_hkey(name)] = [_hval(value)] - - def get_header(self, name, default=None): - ''' Return the value of a previously defined header. If there is no - header with that name, return a default value. ''' - return self._headers.get(_hkey(name), [default])[-1] - - def set_header(self, name, value): - ''' Create a new response header, replacing any previously defined - headers with the same name. ''' - self._headers[_hkey(name)] = [_hval(value)] - - def add_header(self, name, value): - ''' Add an additional response header, not removing duplicates. ''' - self._headers.setdefault(_hkey(name), []).append(_hval(value)) - - def iter_headers(self): - ''' Yield (header, value) tuples, skipping headers that are not - allowed with the current response status code. ''' - return self.headerlist - - @property - def headerlist(self): - ''' WSGI conform list of (header, value) tuples. ''' - out = [] - headers = list(self._headers.items()) - if 'Content-Type' not in self._headers: - headers.append(('Content-Type', [self.default_content_type])) - if self._status_code in self.bad_headers: - bad_headers = self.bad_headers[self._status_code] - headers = [h for h in headers if h[0] not in bad_headers] - out += [(name, val) for name, vals in headers for val in vals] - if self._cookies: - for c in self._cookies.values(): - out.append(('Set-Cookie', c.OutputString())) - return out - - content_type = HeaderProperty('Content-Type') - content_length = HeaderProperty('Content-Length', reader=int) - expires = HeaderProperty('Expires', - reader=lambda x: datetime.utcfromtimestamp(parse_date(x)), - writer=lambda x: http_date(x)) - - @property - def charset(self, default='UTF-8'): - """ Return the charset specified in the content-type header (default: utf8). """ - if 'charset=' in self.content_type: - return self.content_type.split('charset=')[-1].split(';')[0].strip() - return default - - def set_cookie(self, name, value, secret=None, **options): - ''' Create a new cookie or replace an old one. If the `secret` parameter is - set, create a `Signed Cookie` (described below). - - :param name: the name of the cookie. - :param value: the value of the cookie. - :param secret: a signature key required for signed cookies. - - Additionally, this method accepts all RFC 2109 attributes that are - supported by :class:`cookie.Morsel`, including: - - :param max_age: maximum age in seconds. (default: None) - :param expires: a datetime object or UNIX timestamp. (default: None) - :param domain: the domain that is allowed to read the cookie. - (default: current domain) - :param path: limits the cookie to a given path (default: current path) - :param secure: limit the cookie to HTTPS connections (default: off). - :param httponly: prevents client-side javascript to read this cookie - (default: off, requires Python 2.6 or newer). - - If neither `expires` nor `max_age` is set (default), the cookie will - expire at the end of the browser session (as soon as the browser - window is closed). - - Signed cookies may store any pickle-able object and are - cryptographically signed to prevent manipulation. Keep in mind that - cookies are limited to 4kb in most browsers. - - Warning: Signed cookies are not encrypted (the client can still see - the content) and not copy-protected (the client can restore an old - cookie). The main intention is to make pickling and unpickling - save, not to store secret information at client side. - ''' - if not self._cookies: - self._cookies = SimpleCookie() - - if secret: - value = touni(cookie_encode((name, value), secret)) - elif not isinstance(value, basestring): - raise TypeError('Secret key missing for non-string Cookie.') - - if len(value) > 4096: raise ValueError('Cookie value to long.') - self._cookies[name] = value - - for key, value in options.items(): - if key == 'max_age': - if isinstance(value, timedelta): - value = value.seconds + value.days * 24 * 3600 - if key == 'expires': - if isinstance(value, (datedate, datetime)): - value = value.timetuple() - elif isinstance(value, (int, float)): - value = time.gmtime(value) - value = time.strftime("%a, %d %b %Y %H:%M:%S GMT", value) - self._cookies[name][key.replace('_', '-')] = value - - def delete_cookie(self, key, **kwargs): - ''' Delete a cookie. Be sure to use the same `domain` and `path` - settings as used to create the cookie. ''' - kwargs['max_age'] = -1 - kwargs['expires'] = 0 - self.set_cookie(key, '', **kwargs) - - def __repr__(self): - out = '' - for name, value in self.headerlist: - out += '%s: %s\n' % (name.title(), value.strip()) - return out - - -def local_property(name=None): - if name: depr('local_property() is deprecated and will be removed.') #0.12 - ls = threading.local() - def fget(self): - try: return ls.var - except AttributeError: - raise RuntimeError("Request context not initialized.") - def fset(self, value): ls.var = value - def fdel(self): del ls.var - return property(fget, fset, fdel, 'Thread-local property') - - -class LocalRequest(BaseRequest): - ''' A thread-local subclass of :class:`BaseRequest` with a different - set of attributes for each thread. There is usually only one global - instance of this class (:data:`request`). If accessed during a - request/response cycle, this instance always refers to the *current* - request (even on a multithreaded server). ''' - bind = BaseRequest.__init__ - environ = local_property() - - -class LocalResponse(BaseResponse): - ''' A thread-local subclass of :class:`BaseResponse` with a different - set of attributes for each thread. There is usually only one global - instance of this class (:data:`response`). Its attributes are used - to build the HTTP response at the end of the request/response cycle. - ''' - bind = BaseResponse.__init__ - _status_line = local_property() - _status_code = local_property() - _cookies = local_property() - _headers = local_property() - body = local_property() - - -Request = BaseRequest -Response = BaseResponse - - -class HTTPResponse(Response, BottleException): - def __init__(self, body='', status=None, headers=None, **more_headers): - super(HTTPResponse, self).__init__(body, status, headers, **more_headers) - - def apply(self, response): - response._status_code = self._status_code - response._status_line = self._status_line - response._headers = self._headers - response._cookies = self._cookies - response.body = self.body - - -class HTTPError(HTTPResponse): - default_status = 500 - def __init__(self, status=None, body=None, exception=None, traceback=None, - **options): - self.exception = exception - self.traceback = traceback - super(HTTPError, self).__init__(body, status, **options) - - - - - -############################################################################### -# Plugins ###################################################################### -############################################################################### - -class PluginError(BottleException): pass - - -class JSONPlugin(object): - name = 'json' - api = 2 - - def __init__(self, json_dumps=json_dumps): - self.json_dumps = json_dumps - - def apply(self, callback, route): - dumps = self.json_dumps - if not dumps: return callback - def wrapper(*a, **ka): - try: - rv = callback(*a, **ka) - except HTTPError: - rv = _e() - - if isinstance(rv, dict): - #Attempt to serialize, raises exception on failure - json_response = dumps(rv) - #Set content type only if serialization succesful - response.content_type = 'application/json' - return json_response - elif isinstance(rv, HTTPResponse) and isinstance(rv.body, dict): - rv.body = dumps(rv.body) - rv.content_type = 'application/json' - return rv - - return wrapper - - -class TemplatePlugin(object): - ''' This plugin applies the :func:`view` decorator to all routes with a - `template` config parameter. If the parameter is a tuple, the second - element must be a dict with additional options (e.g. `template_engine`) - or default variables for the template. ''' - name = 'template' - api = 2 - - def apply(self, callback, route): - conf = route.config.get('template') - if isinstance(conf, (tuple, list)) and len(conf) == 2: - return view(conf[0], **conf[1])(callback) - elif isinstance(conf, str): - return view(conf)(callback) - else: - return callback - - -#: Not a plugin, but part of the plugin API. TODO: Find a better place. -class _ImportRedirect(object): - def __init__(self, name, impmask): - ''' Create a virtual package that redirects imports (see PEP 302). ''' - self.name = name - self.impmask = impmask - self.module = sys.modules.setdefault(name, imp.new_module(name)) - self.module.__dict__.update({'__file__': __file__, '__path__': [], - '__all__': [], '__loader__': self}) - sys.meta_path.append(self) - - def find_module(self, fullname, path=None): - if '.' not in fullname: return - packname = fullname.rsplit('.', 1)[0] - if packname != self.name: return - return self - - def load_module(self, fullname): - if fullname in sys.modules: return sys.modules[fullname] - modname = fullname.rsplit('.', 1)[1] - realname = self.impmask % modname - __import__(realname) - module = sys.modules[fullname] = sys.modules[realname] - setattr(self.module, modname, module) - module.__loader__ = self - return module - - - - - - -############################################################################### -# Common Utilities ############################################################# -############################################################################### - - -class MultiDict(DictMixin): - """ This dict stores multiple values per key, but behaves exactly like a - normal dict in that it returns only the newest value for any given key. - There are special methods available to access the full list of values. - """ - - def __init__(self, *a, **k): - self.dict = dict((k, [v]) for (k, v) in dict(*a, **k).items()) - - def __len__(self): return len(self.dict) - def __iter__(self): return iter(self.dict) - def __contains__(self, key): return key in self.dict - def __delitem__(self, key): del self.dict[key] - def __getitem__(self, key): return self.dict[key][-1] - def __setitem__(self, key, value): self.append(key, value) - def keys(self): return self.dict.keys() - - if py3k: - def values(self): return (v[-1] for v in self.dict.values()) - def items(self): return ((k, v[-1]) for k, v in self.dict.items()) - def allitems(self): - return ((k, v) for k, vl in self.dict.items() for v in vl) - iterkeys = keys - itervalues = values - iteritems = items - iterallitems = allitems - - else: - def values(self): return [v[-1] for v in self.dict.values()] - def items(self): return [(k, v[-1]) for k, v in self.dict.items()] - def iterkeys(self): return self.dict.iterkeys() - def itervalues(self): return (v[-1] for v in self.dict.itervalues()) - def iteritems(self): - return ((k, v[-1]) for k, v in self.dict.iteritems()) - def iterallitems(self): - return ((k, v) for k, vl in self.dict.iteritems() for v in vl) - def allitems(self): - return [(k, v) for k, vl in self.dict.iteritems() for v in vl] - - def get(self, key, default=None, index=-1, type=None): - ''' Return the most recent value for a key. - - :param default: The default value to be returned if the key is not - present or the type conversion fails. - :param index: An index for the list of available values. - :param type: If defined, this callable is used to cast the value - into a specific type. Exception are suppressed and result in - the default value to be returned. - ''' - try: - val = self.dict[key][index] - return type(val) if type else val - except Exception: - pass - return default - - def append(self, key, value): - ''' Add a new value to the list of values for this key. ''' - self.dict.setdefault(key, []).append(value) - - def replace(self, key, value): - ''' Replace the list of values with a single value. ''' - self.dict[key] = [value] - - def getall(self, key): - ''' Return a (possibly empty) list of values for a key. ''' - return self.dict.get(key) or [] - - #: Aliases for WTForms to mimic other multi-dict APIs (Django) - getone = get - getlist = getall - - -class FormsDict(MultiDict): - ''' This :class:`MultiDict` subclass is used to store request form data. - Additionally to the normal dict-like item access methods (which return - unmodified data as native strings), this container also supports - attribute-like access to its values. Attributes are automatically de- - or recoded to match :attr:`input_encoding` (default: 'utf8'). Missing - attributes default to an empty string. ''' - - #: Encoding used for attribute values. - input_encoding = 'utf8' - #: If true (default), unicode strings are first encoded with `latin1` - #: and then decoded to match :attr:`input_encoding`. - recode_unicode = True - - def _fix(self, s, encoding=None): - if isinstance(s, unicode) and self.recode_unicode: # Python 3 WSGI - return s.encode('latin1').decode(encoding or self.input_encoding) - elif isinstance(s, bytes): # Python 2 WSGI - return s.decode(encoding or self.input_encoding) - else: - return s - - def decode(self, encoding=None): - ''' Returns a copy with all keys and values de- or recoded to match - :attr:`input_encoding`. Some libraries (e.g. WTForms) want a - unicode dictionary. ''' - copy = FormsDict() - enc = copy.input_encoding = encoding or self.input_encoding - copy.recode_unicode = False - for key, value in self.allitems(): - copy.append(self._fix(key, enc), self._fix(value, enc)) - return copy - - def getunicode(self, name, default=None, encoding=None): - ''' Return the value as a unicode string, or the default. ''' - try: - return self._fix(self[name], encoding) - except (UnicodeError, KeyError): - return default - - def __getattr__(self, name, default=unicode()): - # Without this guard, pickle generates a cryptic TypeError: - if name.startswith('__') and name.endswith('__'): - return super(FormsDict, self).__getattr__(name) - return self.getunicode(name, default=default) - -class HeaderDict(MultiDict): - """ A case-insensitive version of :class:`MultiDict` that defaults to - replace the old value instead of appending it. """ - - def __init__(self, *a, **ka): - self.dict = {} - if a or ka: self.update(*a, **ka) - - def __contains__(self, key): return _hkey(key) in self.dict - def __delitem__(self, key): del self.dict[_hkey(key)] - def __getitem__(self, key): return self.dict[_hkey(key)][-1] - def __setitem__(self, key, value): self.dict[_hkey(key)] = [_hval(value)] - def append(self, key, value): self.dict.setdefault(_hkey(key), []).append(_hval(value)) - def replace(self, key, value): self.dict[_hkey(key)] = [_hval(value)] - def getall(self, key): return self.dict.get(_hkey(key)) or [] - def get(self, key, default=None, index=-1): - return MultiDict.get(self, _hkey(key), default, index) - def filter(self, names): - for name in (_hkey(n) for n in names): - if name in self.dict: - del self.dict[name] - - -class WSGIHeaderDict(DictMixin): - ''' This dict-like class wraps a WSGI environ dict and provides convenient - access to HTTP_* fields. Keys and values are native strings - (2.x bytes or 3.x unicode) and keys are case-insensitive. If the WSGI - environment contains non-native string values, these are de- or encoded - using a lossless 'latin1' character set. - - The API will remain stable even on changes to the relevant PEPs. - Currently PEP 333, 444 and 3333 are supported. (PEP 444 is the only one - that uses non-native strings.) - ''' - #: List of keys that do not have a ``HTTP_`` prefix. - cgikeys = ('CONTENT_TYPE', 'CONTENT_LENGTH') - - def __init__(self, environ): - self.environ = environ - - def _ekey(self, key): - ''' Translate header field name to CGI/WSGI environ key. ''' - key = key.replace('-','_').upper() - if key in self.cgikeys: - return key - return 'HTTP_' + key - - def raw(self, key, default=None): - ''' Return the header value as is (may be bytes or unicode). ''' - return self.environ.get(self._ekey(key), default) - - def __getitem__(self, key): - return tonat(self.environ[self._ekey(key)], 'latin1') - - def __setitem__(self, key, value): - raise TypeError("%s is read-only." % self.__class__) - - def __delitem__(self, key): - raise TypeError("%s is read-only." % self.__class__) - - def __iter__(self): - for key in self.environ: - if key[:5] == 'HTTP_': - yield key[5:].replace('_', '-').title() - elif key in self.cgikeys: - yield key.replace('_', '-').title() - - def keys(self): return [x for x in self] - def __len__(self): return len(self.keys()) - def __contains__(self, key): return self._ekey(key) in self.environ - - - -class ConfigDict(dict): - ''' A dict-like configuration storage with additional support for - namespaces, validators, meta-data, on_change listeners and more. - - This storage is optimized for fast read access. Retrieving a key - or using non-altering dict methods (e.g. `dict.get()`) has no overhead - compared to a native dict. - ''' - __slots__ = ('_meta', '_on_change') - - class Namespace(DictMixin): - - def __init__(self, config, namespace): - self._config = config - self._prefix = namespace - - def __getitem__(self, key): - depr('Accessing namespaces as dicts is discouraged. ' - 'Only use flat item access: ' - 'cfg["names"]["pace"]["key"] -> cfg["name.space.key"]') #0.12 - return self._config[self._prefix + '.' + key] - - def __setitem__(self, key, value): - self._config[self._prefix + '.' + key] = value - - def __delitem__(self, key): - del self._config[self._prefix + '.' + key] - - def __iter__(self): - ns_prefix = self._prefix + '.' - for key in self._config: - ns, dot, name = key.rpartition('.') - if ns == self._prefix and name: - yield name - - def keys(self): return [x for x in self] - def __len__(self): return len(self.keys()) - def __contains__(self, key): return self._prefix + '.' + key in self._config - def __repr__(self): return '' % self._prefix - def __str__(self): return '' % self._prefix - - # Deprecated ConfigDict features - def __getattr__(self, key): - depr('Attribute access is deprecated.') #0.12 - if key not in self and key[0].isupper(): - self[key] = ConfigDict.Namespace(self._config, self._prefix + '.' + key) - if key not in self and key.startswith('__'): - raise AttributeError(key) - return self.get(key) - - def __setattr__(self, key, value): - if key in ('_config', '_prefix'): - self.__dict__[key] = value - return - depr('Attribute assignment is deprecated.') #0.12 - if hasattr(DictMixin, key): - raise AttributeError('Read-only attribute.') - if key in self and self[key] and isinstance(self[key], self.__class__): - raise AttributeError('Non-empty namespace attribute.') - self[key] = value - - def __delattr__(self, key): - if key in self: - val = self.pop(key) - if isinstance(val, self.__class__): - prefix = key + '.' - for key in self: - if key.startswith(prefix): - del self[prefix+key] - - def __call__(self, *a, **ka): - depr('Calling ConfDict is deprecated. Use the update() method.') #0.12 - self.update(*a, **ka) - return self - - def __init__(self, *a, **ka): - self._meta = {} - self._on_change = lambda name, value: None - if a or ka: - depr('Constructor does no longer accept parameters.') #0.12 - self.update(*a, **ka) - - def load_config(self, filename): - ''' Load values from an *.ini style config file. - - If the config file contains sections, their names are used as - namespaces for the values within. The two special sections - ``DEFAULT`` and ``bottle`` refer to the root namespace (no prefix). - ''' - conf = ConfigParser() - conf.read(filename) - for section in conf.sections(): - for key, value in conf.items(section): - if section not in ('DEFAULT', 'bottle'): - key = section + '.' + key - self[key] = value - return self - - def load_dict(self, source, namespace='', make_namespaces=False): - ''' Import values from a dictionary structure. Nesting can be used to - represent namespaces. - - >>> ConfigDict().load_dict({'name': {'space': {'key': 'value'}}}) - {'name.space.key': 'value'} - ''' - stack = [(namespace, source)] - while stack: - prefix, source = stack.pop() - if not isinstance(source, dict): - raise TypeError('Source is not a dict (r)' % type(key)) - for key, value in source.items(): - if not isinstance(key, basestring): - raise TypeError('Key is not a string (%r)' % type(key)) - full_key = prefix + '.' + key if prefix else key - if isinstance(value, dict): - stack.append((full_key, value)) - if make_namespaces: - self[full_key] = self.Namespace(self, full_key) - else: - self[full_key] = value - return self - - def update(self, *a, **ka): - ''' If the first parameter is a string, all keys are prefixed with this - namespace. Apart from that it works just as the usual dict.update(). - Example: ``update('some.namespace', key='value')`` ''' - prefix = '' - if a and isinstance(a[0], basestring): - prefix = a[0].strip('.') + '.' - a = a[1:] - for key, value in dict(*a, **ka).items(): - self[prefix+key] = value - - def setdefault(self, key, value): - if key not in self: - self[key] = value - return self[key] - - def __setitem__(self, key, value): - if not isinstance(key, basestring): - raise TypeError('Key has type %r (not a string)' % type(key)) - - value = self.meta_get(key, 'filter', lambda x: x)(value) - if key in self and self[key] is value: - return - self._on_change(key, value) - dict.__setitem__(self, key, value) - - def __delitem__(self, key): - dict.__delitem__(self, key) - - def clear(self): - for key in self: - del self[key] - - def meta_get(self, key, metafield, default=None): - ''' Return the value of a meta field for a key. ''' - return self._meta.get(key, {}).get(metafield, default) - - def meta_set(self, key, metafield, value): - ''' Set the meta field for a key to a new value. This triggers the - on-change handler for existing keys. ''' - self._meta.setdefault(key, {})[metafield] = value - if key in self: - self[key] = self[key] - - def meta_list(self, key): - ''' Return an iterable of meta field names defined for a key. ''' - return self._meta.get(key, {}).keys() - - # Deprecated ConfigDict features - def __getattr__(self, key): - depr('Attribute access is deprecated.') #0.12 - if key not in self and key[0].isupper(): - self[key] = self.Namespace(self, key) - if key not in self and key.startswith('__'): - raise AttributeError(key) - return self.get(key) - - def __setattr__(self, key, value): - if key in self.__slots__: - return dict.__setattr__(self, key, value) - depr('Attribute assignment is deprecated.') #0.12 - if hasattr(dict, key): - raise AttributeError('Read-only attribute.') - if key in self and self[key] and isinstance(self[key], self.Namespace): - raise AttributeError('Non-empty namespace attribute.') - self[key] = value - - def __delattr__(self, key): - if key in self: - val = self.pop(key) - if isinstance(val, self.Namespace): - prefix = key + '.' - for key in self: - if key.startswith(prefix): - del self[prefix+key] - - def __call__(self, *a, **ka): - depr('Calling ConfDict is deprecated. Use the update() method.') #0.12 - self.update(*a, **ka) - return self - - - -class AppStack(list): - """ A stack-like list. Calling it returns the head of the stack. """ - - def __call__(self): - """ Return the current default application. """ - return self[-1] - - def push(self, value=None): - """ Add a new :class:`Bottle` instance to the stack """ - if not isinstance(value, Bottle): - value = Bottle() - self.append(value) - return value - - -class WSGIFileWrapper(object): - - def __init__(self, fp, buffer_size=1024*64): - self.fp, self.buffer_size = fp, buffer_size - for attr in ('fileno', 'close', 'read', 'readlines', 'tell', 'seek'): - if hasattr(fp, attr): setattr(self, attr, getattr(fp, attr)) - - def __iter__(self): - buff, read = self.buffer_size, self.read - while True: - part = read(buff) - if not part: return - yield part - - -class _closeiter(object): - ''' This only exists to be able to attach a .close method to iterators that - do not support attribute assignment (most of itertools). ''' - - def __init__(self, iterator, close=None): - self.iterator = iterator - self.close_callbacks = makelist(close) - - def __iter__(self): - return iter(self.iterator) - - def close(self): - for func in self.close_callbacks: - func() - - -class ResourceManager(object): - ''' This class manages a list of search paths and helps to find and open - application-bound resources (files). - - :param base: default value for :meth:`add_path` calls. - :param opener: callable used to open resources. - :param cachemode: controls which lookups are cached. One of 'all', - 'found' or 'none'. - ''' - - def __init__(self, base='./', opener=open, cachemode='all'): - self.opener = open - self.base = base - self.cachemode = cachemode - - #: A list of search paths. See :meth:`add_path` for details. - self.path = [] - #: A cache for resolved paths. ``res.cache.clear()`` clears the cache. - self.cache = {} - - def add_path(self, path, base=None, index=None, create=False): - ''' Add a new path to the list of search paths. Return False if the - path does not exist. - - :param path: The new search path. Relative paths are turned into - an absolute and normalized form. If the path looks like a file - (not ending in `/`), the filename is stripped off. - :param base: Path used to absolutize relative search paths. - Defaults to :attr:`base` which defaults to ``os.getcwd()``. - :param index: Position within the list of search paths. Defaults - to last index (appends to the list). - - The `base` parameter makes it easy to reference files installed - along with a python module or package:: - - res.add_path('./resources/', __file__) - ''' - base = os.path.abspath(os.path.dirname(base or self.base)) - path = os.path.abspath(os.path.join(base, os.path.dirname(path))) - path += os.sep - if path in self.path: - self.path.remove(path) - if create and not os.path.isdir(path): - os.makedirs(path) - if index is None: - self.path.append(path) - else: - self.path.insert(index, path) - self.cache.clear() - return os.path.exists(path) - - def __iter__(self): - ''' Iterate over all existing files in all registered paths. ''' - search = self.path[:] - while search: - path = search.pop() - if not os.path.isdir(path): continue - for name in os.listdir(path): - full = os.path.join(path, name) - if os.path.isdir(full): search.append(full) - else: yield full - - def lookup(self, name): - ''' Search for a resource and return an absolute file path, or `None`. - - The :attr:`path` list is searched in order. The first match is - returend. Symlinks are followed. The result is cached to speed up - future lookups. ''' - if name not in self.cache or DEBUG: - for path in self.path: - fpath = os.path.join(path, name) - if os.path.isfile(fpath): - if self.cachemode in ('all', 'found'): - self.cache[name] = fpath - return fpath - if self.cachemode == 'all': - self.cache[name] = None - return self.cache[name] - - def open(self, name, mode='r', *args, **kwargs): - ''' Find a resource and return a file object, or raise IOError. ''' - fname = self.lookup(name) - if not fname: raise IOError("Resource %r not found." % name) - return self.opener(fname, mode=mode, *args, **kwargs) - - -class FileUpload(object): - - def __init__(self, fileobj, name, filename, headers=None): - ''' Wrapper for file uploads. ''' - #: Open file(-like) object (BytesIO buffer or temporary file) - self.file = fileobj - #: Name of the upload form field - self.name = name - #: Raw filename as sent by the client (may contain unsafe characters) - self.raw_filename = filename - #: A :class:`HeaderDict` with additional headers (e.g. content-type) - self.headers = HeaderDict(headers) if headers else HeaderDict() - - content_type = HeaderProperty('Content-Type') - content_length = HeaderProperty('Content-Length', reader=int, default=-1) - - def get_header(self, name, default=None): - """ Return the value of a header within the mulripart part. """ - return self.headers.get(name, default) - - @cached_property - def filename(self): - ''' Name of the file on the client file system, but normalized to ensure - file system compatibility. An empty filename is returned as 'empty'. - - Only ASCII letters, digits, dashes, underscores and dots are - allowed in the final filename. Accents are removed, if possible. - Whitespace is replaced by a single dash. Leading or tailing dots - or dashes are removed. The filename is limited to 255 characters. - ''' - fname = self.raw_filename - if not isinstance(fname, unicode): - fname = fname.decode('utf8', 'ignore') - fname = normalize('NFKD', fname).encode('ASCII', 'ignore').decode('ASCII') - fname = os.path.basename(fname.replace('\\', os.path.sep)) - fname = re.sub(r'[^a-zA-Z0-9-_.\s]', '', fname).strip() - fname = re.sub(r'[-\s]+', '-', fname).strip('.-') - return fname[:255] or 'empty' - - def _copy_file(self, fp, chunk_size=2**16): - read, write, offset = self.file.read, fp.write, self.file.tell() - while 1: - buf = read(chunk_size) - if not buf: break - write(buf) - self.file.seek(offset) - - def save(self, destination, overwrite=False, chunk_size=2**16): - ''' Save file to disk or copy its content to an open file(-like) object. - If *destination* is a directory, :attr:`filename` is added to the - path. Existing files are not overwritten by default (IOError). - - :param destination: File path, directory or file(-like) object. - :param overwrite: If True, replace existing files. (default: False) - :param chunk_size: Bytes to read at a time. (default: 64kb) - ''' - if isinstance(destination, basestring): # Except file-likes here - if os.path.isdir(destination): - destination = os.path.join(destination, self.filename) - if not overwrite and os.path.exists(destination): - raise IOError('File exists.') - with open(destination, 'wb') as fp: - self._copy_file(fp, chunk_size) - else: - self._copy_file(destination, chunk_size) - - - - - - -############################################################################### -# Application Helper ########################################################### -############################################################################### - - -def abort(code=500, text='Unknown Error.'): - """ Aborts execution and causes a HTTP error. """ - raise HTTPError(code, text) - - -def redirect(url, code=None): - """ Aborts execution and causes a 303 or 302 redirect, depending on - the HTTP protocol version. """ - if not code: - code = 303 if request.get('SERVER_PROTOCOL') == "HTTP/1.1" else 302 - res = response.copy(cls=HTTPResponse) - res.status = code - res.body = "" - res.set_header('Location', urljoin(request.url, url)) - raise res - - -def _file_iter_range(fp, offset, bytes, maxread=1024*1024): - ''' Yield chunks from a range in a file. No chunk is bigger than maxread.''' - fp.seek(offset) - while bytes > 0: - part = fp.read(min(bytes, maxread)) - if not part: break - bytes -= len(part) - yield part - - -def static_file(filename, root, mimetype='auto', download=False, charset='UTF-8'): - """ Open a file in a safe way and return :exc:`HTTPResponse` with status - code 200, 305, 403 or 404. The ``Content-Type``, ``Content-Encoding``, - ``Content-Length`` and ``Last-Modified`` headers are set if possible. - Special support for ``If-Modified-Since``, ``Range`` and ``HEAD`` - requests. - - :param filename: Name or path of the file to send. - :param root: Root path for file lookups. Should be an absolute directory - path. - :param mimetype: Defines the content-type header (default: guess from - file extension) - :param download: If True, ask the browser to open a `Save as...` dialog - instead of opening the file with the associated program. You can - specify a custom filename as a string. If not specified, the - original filename is used (default: False). - :param charset: The charset to use for files with a ``text/*`` - mime-type. (default: UTF-8) - """ - - root = os.path.abspath(root) + os.sep - filename = os.path.abspath(os.path.join(root, filename.strip('/\\'))) - headers = dict() - - if not filename.startswith(root): - return HTTPError(403, "Access denied.") - if not os.path.exists(filename) or not os.path.isfile(filename): - return HTTPError(404, "File does not exist.") - if not os.access(filename, os.R_OK): - return HTTPError(403, "You do not have permission to access this file.") - - if mimetype == 'auto': - mimetype, encoding = mimetypes.guess_type(filename) - if encoding: headers['Content-Encoding'] = encoding - - if mimetype: - if mimetype[:5] == 'text/' and charset and 'charset' not in mimetype: - mimetype += '; charset=%s' % charset - headers['Content-Type'] = mimetype - - if download: - download = os.path.basename(filename if download == True else download) - headers['Content-Disposition'] = 'attachment; filename="%s"' % download - - stats = os.stat(filename) - headers['Content-Length'] = clen = stats.st_size - lm = time.strftime("%a, %d %b %Y %H:%M:%S GMT", time.gmtime(stats.st_mtime)) - headers['Last-Modified'] = lm - - ims = request.environ.get('HTTP_IF_MODIFIED_SINCE') - if ims: - ims = parse_date(ims.split(";")[0].strip()) - if ims is not None and ims >= int(stats.st_mtime): - headers['Date'] = time.strftime("%a, %d %b %Y %H:%M:%S GMT", time.gmtime()) - return HTTPResponse(status=304, **headers) - - body = '' if request.method == 'HEAD' else open(filename, 'rb') - - headers["Accept-Ranges"] = "bytes" - ranges = request.environ.get('HTTP_RANGE') - if 'HTTP_RANGE' in request.environ: - ranges = list(parse_range_header(request.environ['HTTP_RANGE'], clen)) - if not ranges: - return HTTPError(416, "Requested Range Not Satisfiable") - offset, end = ranges[0] - headers["Content-Range"] = "bytes %d-%d/%d" % (offset, end-1, clen) - headers["Content-Length"] = str(end-offset) - if body: body = _file_iter_range(body, offset, end-offset) - return HTTPResponse(body, status=206, **headers) - return HTTPResponse(body, **headers) - - - - - - -############################################################################### -# HTTP Utilities and MISC (TODO) ############################################### -############################################################################### - - -def debug(mode=True): - """ Change the debug level. - There is only one debug level supported at the moment.""" - global DEBUG - if mode: warnings.simplefilter('default') - DEBUG = bool(mode) - -def http_date(value): - if isinstance(value, (datedate, datetime)): - value = value.utctimetuple() - elif isinstance(value, (int, float)): - value = time.gmtime(value) - if not isinstance(value, basestring): - value = time.strftime("%a, %d %b %Y %H:%M:%S GMT", value) - return value - -def parse_date(ims): - """ Parse rfc1123, rfc850 and asctime timestamps and return UTC epoch. """ - try: - ts = email.utils.parsedate_tz(ims) - return time.mktime(ts[:8] + (0,)) - (ts[9] or 0) - time.timezone - except (TypeError, ValueError, IndexError, OverflowError): - return None - -def parse_auth(header): - """ Parse rfc2617 HTTP authentication header string (basic) and return (user,pass) tuple or None""" - try: - method, data = header.split(None, 1) - if method.lower() == 'basic': - user, pwd = touni(base64.b64decode(tob(data))).split(':',1) - return user, pwd - except (KeyError, ValueError): - return None - -def parse_range_header(header, maxlen=0): - ''' Yield (start, end) ranges parsed from a HTTP Range header. Skip - unsatisfiable ranges. The end index is non-inclusive.''' - if not header or header[:6] != 'bytes=': return - ranges = [r.split('-', 1) for r in header[6:].split(',') if '-' in r] - for start, end in ranges: - try: - if not start: # bytes=-100 -> last 100 bytes - start, end = max(0, maxlen-int(end)), maxlen - elif not end: # bytes=100- -> all but the first 99 bytes - start, end = int(start), maxlen - else: # bytes=100-200 -> bytes 100-200 (inclusive) - start, end = int(start), min(int(end)+1, maxlen) - if 0 <= start < end <= maxlen: - yield start, end - except ValueError: - pass - -def _parse_qsl(qs): - r = [] - for pair in qs.replace(';','&').split('&'): - if not pair: continue - nv = pair.split('=', 1) - if len(nv) != 2: nv.append('') - key = urlunquote(nv[0].replace('+', ' ')) - value = urlunquote(nv[1].replace('+', ' ')) - r.append((key, value)) - return r - -def _lscmp(a, b): - ''' Compares two strings in a cryptographically safe way: - Runtime is not affected by length of common prefix. ''' - return not sum(0 if x==y else 1 for x, y in zip(a, b)) and len(a) == len(b) - - -def cookie_encode(data, key): - ''' Encode and sign a pickle-able object. Return a (byte) string ''' - msg = base64.b64encode(pickle.dumps(data, -1)) - sig = base64.b64encode(hmac.new(tob(key), msg).digest()) - return tob('!') + sig + tob('?') + msg - - -def cookie_decode(data, key): - ''' Verify and decode an encoded string. Return an object or None.''' - data = tob(data) - if cookie_is_encoded(data): - sig, msg = data.split(tob('?'), 1) - if _lscmp(sig[1:], base64.b64encode(hmac.new(tob(key), msg).digest())): - return pickle.loads(base64.b64decode(msg)) - return None - - -def cookie_is_encoded(data): - ''' Return True if the argument looks like a encoded cookie.''' - return bool(data.startswith(tob('!')) and tob('?') in data) - - -def html_escape(string): - ''' Escape HTML special characters ``&<>`` and quotes ``'"``. ''' - return string.replace('&','&').replace('<','<').replace('>','>')\ - .replace('"','"').replace("'",''') - - -def html_quote(string): - ''' Escape and quote a string to be used as an HTTP attribute.''' - return '"%s"' % html_escape(string).replace('\n',' ')\ - .replace('\r',' ').replace('\t',' ') - - -def yieldroutes(func): - """ Return a generator for routes that match the signature (name, args) - of the func parameter. This may yield more than one route if the function - takes optional keyword arguments. The output is best described by example:: - - a() -> '/a' - b(x, y) -> '/b//' - c(x, y=5) -> '/c/' and '/c//' - d(x=5, y=6) -> '/d' and '/d/' and '/d//' - """ - path = '/' + func.__name__.replace('__','/').lstrip('/') - spec = getargspec(func) - argc = len(spec[0]) - len(spec[3] or []) - path += ('/<%s>' * argc) % tuple(spec[0][:argc]) - yield path - for arg in spec[0][argc:]: - path += '/<%s>' % arg - yield path - - -def path_shift(script_name, path_info, shift=1): - ''' Shift path fragments from PATH_INFO to SCRIPT_NAME and vice versa. - - :return: The modified paths. - :param script_name: The SCRIPT_NAME path. - :param script_name: The PATH_INFO path. - :param shift: The number of path fragments to shift. May be negative to - change the shift direction. (default: 1) - ''' - if shift == 0: return script_name, path_info - pathlist = path_info.strip('/').split('/') - scriptlist = script_name.strip('/').split('/') - if pathlist and pathlist[0] == '': pathlist = [] - if scriptlist and scriptlist[0] == '': scriptlist = [] - if shift > 0 and shift <= len(pathlist): - moved = pathlist[:shift] - scriptlist = scriptlist + moved - pathlist = pathlist[shift:] - elif shift < 0 and shift >= -len(scriptlist): - moved = scriptlist[shift:] - pathlist = moved + pathlist - scriptlist = scriptlist[:shift] - else: - empty = 'SCRIPT_NAME' if shift < 0 else 'PATH_INFO' - raise AssertionError("Cannot shift. Nothing left from %s" % empty) - new_script_name = '/' + '/'.join(scriptlist) - new_path_info = '/' + '/'.join(pathlist) - if path_info.endswith('/') and pathlist: new_path_info += '/' - return new_script_name, new_path_info - - -def auth_basic(check, realm="private", text="Access denied"): - ''' Callback decorator to require HTTP auth (basic). - TODO: Add route(check_auth=...) parameter. ''' - def decorator(func): - def wrapper(*a, **ka): - user, password = request.auth or (None, None) - if user is None or not check(user, password): - err = HTTPError(401, text) - err.add_header('WWW-Authenticate', 'Basic realm="%s"' % realm) - return err - return func(*a, **ka) - return wrapper - return decorator - - -# Shortcuts for common Bottle methods. -# They all refer to the current default application. - -def make_default_app_wrapper(name): - ''' Return a callable that relays calls to the current default app. ''' - @functools.wraps(getattr(Bottle, name)) - def wrapper(*a, **ka): - return getattr(app(), name)(*a, **ka) - return wrapper - -route = make_default_app_wrapper('route') -get = make_default_app_wrapper('get') -post = make_default_app_wrapper('post') -put = make_default_app_wrapper('put') -delete = make_default_app_wrapper('delete') -error = make_default_app_wrapper('error') -mount = make_default_app_wrapper('mount') -hook = make_default_app_wrapper('hook') -install = make_default_app_wrapper('install') -uninstall = make_default_app_wrapper('uninstall') -url = make_default_app_wrapper('get_url') - - - - - - - -############################################################################### -# Server Adapter ############################################################### -############################################################################### - - -class ServerAdapter(object): - quiet = False - def __init__(self, host='127.0.0.1', port=8080, **options): - self.options = options - self.host = host - self.port = int(port) - - def run(self, handler): # pragma: no cover - pass - - def __repr__(self): - args = ', '.join(['%s=%s'%(k,repr(v)) for k, v in self.options.items()]) - return "%s(%s)" % (self.__class__.__name__, args) - - -class CGIServer(ServerAdapter): - quiet = True - def run(self, handler): # pragma: no cover - from wsgiref.handlers import CGIHandler - def fixed_environ(environ, start_response): - environ.setdefault('PATH_INFO', '') - return handler(environ, start_response) - CGIHandler().run(fixed_environ) - - -class FlupFCGIServer(ServerAdapter): - def run(self, handler): # pragma: no cover - import flup.server.fcgi - self.options.setdefault('bindAddress', (self.host, self.port)) - flup.server.fcgi.WSGIServer(handler, **self.options).run() - - -class WSGIRefServer(ServerAdapter): - def run(self, app): # pragma: no cover - from wsgiref.simple_server import WSGIRequestHandler, WSGIServer - from wsgiref.simple_server import make_server - import socket - - class FixedHandler(WSGIRequestHandler): - def address_string(self): # Prevent reverse DNS lookups please. - return self.client_address[0] - def log_request(*args, **kw): - if not self.quiet: - return WSGIRequestHandler.log_request(*args, **kw) - - handler_cls = self.options.get('handler_class', FixedHandler) - server_cls = self.options.get('server_class', WSGIServer) - - if ':' in self.host: # Fix wsgiref for IPv6 addresses. - if getattr(server_cls, 'address_family') == socket.AF_INET: - class server_cls(server_cls): - address_family = socket.AF_INET6 - - srv = make_server(self.host, self.port, app, server_cls, handler_cls) - srv.serve_forever() - - -class CherryPyServer(ServerAdapter): - def run(self, handler): # pragma: no cover - from cherrypy import wsgiserver - self.options['bind_addr'] = (self.host, self.port) - self.options['wsgi_app'] = handler - - certfile = self.options.get('certfile') - if certfile: - del self.options['certfile'] - keyfile = self.options.get('keyfile') - if keyfile: - del self.options['keyfile'] - - server = wsgiserver.CherryPyWSGIServer(**self.options) - if certfile: - server.ssl_certificate = certfile - if keyfile: - server.ssl_private_key = keyfile - - try: - server.start() - finally: - server.stop() - - -class WaitressServer(ServerAdapter): - def run(self, handler): - from waitress import serve - serve(handler, host=self.host, port=self.port) - - -class PasteServer(ServerAdapter): - def run(self, handler): # pragma: no cover - from paste import httpserver - from paste.translogger import TransLogger - handler = TransLogger(handler, setup_console_handler=(not self.quiet)) - httpserver.serve(handler, host=self.host, port=str(self.port), - **self.options) - - -class MeinheldServer(ServerAdapter): - def run(self, handler): - from meinheld import server - server.listen((self.host, self.port)) - server.run(handler) - - -class FapwsServer(ServerAdapter): - """ Extremely fast webserver using libev. See http://www.fapws.org/ """ - def run(self, handler): # pragma: no cover - import fapws._evwsgi as evwsgi - from fapws import base, config - port = self.port - if float(config.SERVER_IDENT[-2:]) > 0.4: - # fapws3 silently changed its API in 0.5 - port = str(port) - evwsgi.start(self.host, port) - # fapws3 never releases the GIL. Complain upstream. I tried. No luck. - if 'BOTTLE_CHILD' in os.environ and not self.quiet: - _stderr("WARNING: Auto-reloading does not work with Fapws3.\n") - _stderr(" (Fapws3 breaks python thread support)\n") - evwsgi.set_base_module(base) - def app(environ, start_response): - environ['wsgi.multiprocess'] = False - return handler(environ, start_response) - evwsgi.wsgi_cb(('', app)) - evwsgi.run() - - -class TornadoServer(ServerAdapter): - """ The super hyped asynchronous server by facebook. Untested. """ - def run(self, handler): # pragma: no cover - import tornado.wsgi, tornado.httpserver, tornado.ioloop - container = tornado.wsgi.WSGIContainer(handler) - server = tornado.httpserver.HTTPServer(container) - server.listen(port=self.port,address=self.host) - tornado.ioloop.IOLoop.instance().start() - - -class AppEngineServer(ServerAdapter): - """ Adapter for Google App Engine. """ - quiet = True - def run(self, handler): - from google.appengine.ext.webapp import util - # A main() function in the handler script enables 'App Caching'. - # Lets makes sure it is there. This _really_ improves performance. - module = sys.modules.get('__main__') - if module and not hasattr(module, 'main'): - module.main = lambda: util.run_wsgi_app(handler) - util.run_wsgi_app(handler) - - -class TwistedServer(ServerAdapter): - """ Untested. """ - def run(self, handler): - from twisted.web import server, wsgi - from twisted.python.threadpool import ThreadPool - from twisted.internet import reactor - thread_pool = ThreadPool() - thread_pool.start() - reactor.addSystemEventTrigger('after', 'shutdown', thread_pool.stop) - factory = server.Site(wsgi.WSGIResource(reactor, thread_pool, handler)) - reactor.listenTCP(self.port, factory, interface=self.host) - reactor.run() - - -class DieselServer(ServerAdapter): - """ Untested. """ - def run(self, handler): - from diesel.protocols.wsgi import WSGIApplication - app = WSGIApplication(handler, port=self.port) - app.run() - - -class GeventServer(ServerAdapter): - """ Untested. Options: - - * `fast` (default: False) uses libevent's http server, but has some - issues: No streaming, no pipelining, no SSL. - * See gevent.wsgi.WSGIServer() documentation for more options. - """ - def run(self, handler): - from gevent import wsgi, pywsgi, local - if not isinstance(threading.local(), local.local): - msg = "Bottle requires gevent.monkey.patch_all() (before import)" - raise RuntimeError(msg) - if not self.options.pop('fast', None): wsgi = pywsgi - self.options['log'] = None if self.quiet else 'default' - address = (self.host, self.port) - server = wsgi.WSGIServer(address, handler, **self.options) - if 'BOTTLE_CHILD' in os.environ: - import signal - signal.signal(signal.SIGINT, lambda s, f: server.stop()) - server.serve_forever() - - -class GeventSocketIOServer(ServerAdapter): - def run(self,handler): - from socketio import server - address = (self.host, self.port) - server.SocketIOServer(address, handler, **self.options).serve_forever() - - -class GunicornServer(ServerAdapter): - """ Untested. See http://gunicorn.org/configure.html for options. """ - def run(self, handler): - from gunicorn.app.base import Application - - config = {'bind': "%s:%d" % (self.host, int(self.port))} - config.update(self.options) - - class GunicornApplication(Application): - def init(self, parser, opts, args): - return config - - def load(self): - return handler - - GunicornApplication().run() - - -class EventletServer(ServerAdapter): - """ Untested """ - def run(self, handler): - from eventlet import wsgi, listen - try: - wsgi.server(listen((self.host, self.port)), handler, - log_output=(not self.quiet)) - except TypeError: - # Fallback, if we have old version of eventlet - wsgi.server(listen((self.host, self.port)), handler) - - -class RocketServer(ServerAdapter): - """ Untested. """ - def run(self, handler): - from rocket import Rocket - server = Rocket((self.host, self.port), 'wsgi', { 'wsgi_app' : handler }) - server.start() - - -class BjoernServer(ServerAdapter): - """ Fast server written in C: https://github.com/jonashaag/bjoern """ - def run(self, handler): - from bjoern import run - run(handler, self.host, self.port) - - -class AutoServer(ServerAdapter): - """ Untested. """ - adapters = [WaitressServer, PasteServer, TwistedServer, CherryPyServer, WSGIRefServer] - def run(self, handler): - for sa in self.adapters: - try: - return sa(self.host, self.port, **self.options).run(handler) - except ImportError: - pass - -server_names = { - 'cgi': CGIServer, - 'flup': FlupFCGIServer, - 'wsgiref': WSGIRefServer, - 'waitress': WaitressServer, - 'cherrypy': CherryPyServer, - 'paste': PasteServer, - 'fapws3': FapwsServer, - 'tornado': TornadoServer, - 'gae': AppEngineServer, - 'twisted': TwistedServer, - 'diesel': DieselServer, - 'meinheld': MeinheldServer, - 'gunicorn': GunicornServer, - 'eventlet': EventletServer, - 'gevent': GeventServer, - 'geventSocketIO':GeventSocketIOServer, - 'rocket': RocketServer, - 'bjoern' : BjoernServer, - 'auto': AutoServer, -} - - - - - - -############################################################################### -# Application Control ########################################################## -############################################################################### - - -def load(target, **namespace): - """ Import a module or fetch an object from a module. - - * ``package.module`` returns `module` as a module object. - * ``pack.mod:name`` returns the module variable `name` from `pack.mod`. - * ``pack.mod:func()`` calls `pack.mod.func()` and returns the result. - - The last form accepts not only function calls, but any type of - expression. Keyword arguments passed to this function are available as - local variables. Example: ``import_string('re:compile(x)', x='[a-z]')`` - """ - module, target = target.split(":", 1) if ':' in target else (target, None) - if module not in sys.modules: __import__(module) - if not target: return sys.modules[module] - if target.isalnum(): return getattr(sys.modules[module], target) - package_name = module.split('.')[0] - namespace[package_name] = sys.modules[package_name] - return eval('%s.%s' % (module, target), namespace) - - -def load_app(target): - """ Load a bottle application from a module and make sure that the import - does not affect the current default application, but returns a separate - application object. See :func:`load` for the target parameter. """ - global NORUN; NORUN, nr_old = True, NORUN - try: - tmp = default_app.push() # Create a new "default application" - rv = load(target) # Import the target module - return rv if callable(rv) else tmp - finally: - default_app.remove(tmp) # Remove the temporary added default application - NORUN = nr_old - -_debug = debug -def run(app=None, server='wsgiref', host='127.0.0.1', port=8080, - interval=1, reloader=False, quiet=False, plugins=None, - debug=None, **kargs): - """ Start a server instance. This method blocks until the server terminates. - - :param app: WSGI application or target string supported by - :func:`load_app`. (default: :func:`default_app`) - :param server: Server adapter to use. See :data:`server_names` keys - for valid names or pass a :class:`ServerAdapter` subclass. - (default: `wsgiref`) - :param host: Server address to bind to. Pass ``0.0.0.0`` to listens on - all interfaces including the external one. (default: 127.0.0.1) - :param port: Server port to bind to. Values below 1024 require root - privileges. (default: 8080) - :param reloader: Start auto-reloading server? (default: False) - :param interval: Auto-reloader interval in seconds (default: 1) - :param quiet: Suppress output to stdout and stderr? (default: False) - :param options: Options passed to the server adapter. - """ - if NORUN: return - if reloader and not os.environ.get('BOTTLE_CHILD'): - try: - lockfile = None - fd, lockfile = tempfile.mkstemp(prefix='bottle.', suffix='.lock') - os.close(fd) # We only need this file to exist. We never write to it - while os.path.exists(lockfile): - args = [sys.executable] + sys.argv - environ = os.environ.copy() - environ['BOTTLE_CHILD'] = 'true' - environ['BOTTLE_LOCKFILE'] = lockfile - p = subprocess.Popen(args, env=environ) - while p.poll() is None: # Busy wait... - os.utime(lockfile, None) # I am alive! - time.sleep(interval) - if p.poll() != 3: - if os.path.exists(lockfile): os.unlink(lockfile) - sys.exit(p.poll()) - except KeyboardInterrupt: - pass - finally: - if os.path.exists(lockfile): - os.unlink(lockfile) - return - - try: - if debug is not None: _debug(debug) - app = app or default_app() - if isinstance(app, basestring): - app = load_app(app) - if not callable(app): - raise ValueError("Application is not callable: %r" % app) - - for plugin in plugins or []: - app.install(plugin) - - if server in server_names: - server = server_names.get(server) - if isinstance(server, basestring): - server = load(server) - if isinstance(server, type): - server = server(host=host, port=port, **kargs) - if not isinstance(server, ServerAdapter): - raise ValueError("Unknown or unsupported server: %r" % server) - - server.quiet = server.quiet or quiet - if not server.quiet: - _stderr("Bottle v%s server starting up (using %s)...\n" % (__version__, repr(server))) - _stderr("Listening on http://%s:%d/\n" % (server.host, server.port)) - _stderr("Hit Ctrl-C to quit.\n\n") - - if reloader: - lockfile = os.environ.get('BOTTLE_LOCKFILE') - bgcheck = FileCheckerThread(lockfile, interval) - with bgcheck: - server.run(app) - if bgcheck.status == 'reload': - sys.exit(3) - else: - server.run(app) - except KeyboardInterrupt: - pass - except (SystemExit, MemoryError): - raise - except: - if not reloader: raise - if not getattr(server, 'quiet', quiet): - print_exc() - time.sleep(interval) - sys.exit(3) - - - -class FileCheckerThread(threading.Thread): - ''' Interrupt main-thread as soon as a changed module file is detected, - the lockfile gets deleted or gets to old. ''' - - def __init__(self, lockfile, interval): - threading.Thread.__init__(self) - self.lockfile, self.interval = lockfile, interval - #: Is one of 'reload', 'error' or 'exit' - self.status = None - - def run(self): - exists = os.path.exists - mtime = lambda path: os.stat(path).st_mtime - files = dict() - - for module in list(sys.modules.values()): - path = getattr(module, '__file__', '') - if path[-4:] in ('.pyo', '.pyc'): path = path[:-1] - if path and exists(path): files[path] = mtime(path) - - while not self.status: - if not exists(self.lockfile)\ - or mtime(self.lockfile) < time.time() - self.interval - 5: - self.status = 'error' - thread.interrupt_main() - for path, lmtime in list(files.items()): - if not exists(path) or mtime(path) > lmtime: - self.status = 'reload' - thread.interrupt_main() - break - time.sleep(self.interval) - - def __enter__(self): - self.start() - - def __exit__(self, exc_type, exc_val, exc_tb): - if not self.status: self.status = 'exit' # silent exit - self.join() - return exc_type is not None and issubclass(exc_type, KeyboardInterrupt) - - - - - -############################################################################### -# Template Adapters ############################################################ -############################################################################### - - -class TemplateError(HTTPError): - def __init__(self, message): - HTTPError.__init__(self, 500, message) - - -class BaseTemplate(object): - """ Base class and minimal API for template adapters """ - extensions = ['tpl','html','thtml','stpl'] - settings = {} #used in prepare() - defaults = {} #used in render() - - def __init__(self, source=None, name=None, lookup=[], encoding='utf8', **settings): - """ Create a new template. - If the source parameter (str or buffer) is missing, the name argument - is used to guess a template filename. Subclasses can assume that - self.source and/or self.filename are set. Both are strings. - The lookup, encoding and settings parameters are stored as instance - variables. - The lookup parameter stores a list containing directory paths. - The encoding parameter should be used to decode byte strings or files. - The settings parameter contains a dict for engine-specific settings. - """ - self.name = name - self.source = source.read() if hasattr(source, 'read') else source - self.filename = source.filename if hasattr(source, 'filename') else None - self.lookup = [os.path.abspath(x) for x in lookup] - self.encoding = encoding - self.settings = self.settings.copy() # Copy from class variable - self.settings.update(settings) # Apply - if not self.source and self.name: - self.filename = self.search(self.name, self.lookup) - if not self.filename: - raise TemplateError('Template %s not found.' % repr(name)) - if not self.source and not self.filename: - raise TemplateError('No template specified.') - self.prepare(**self.settings) - - @classmethod - def search(cls, name, lookup=[]): - """ Search name in all directories specified in lookup. - First without, then with common extensions. Return first hit. """ - if not lookup: - depr('The template lookup path list should not be empty.') #0.12 - lookup = ['.'] - - if os.path.isabs(name) and os.path.isfile(name): - depr('Absolute template path names are deprecated.') #0.12 - return os.path.abspath(name) - - for spath in lookup: - spath = os.path.abspath(spath) + os.sep - fname = os.path.abspath(os.path.join(spath, name)) - if not fname.startswith(spath): continue - if os.path.isfile(fname): return fname - for ext in cls.extensions: - if os.path.isfile('%s.%s' % (fname, ext)): - return '%s.%s' % (fname, ext) - - @classmethod - def global_config(cls, key, *args): - ''' This reads or sets the global settings stored in class.settings. ''' - if args: - cls.settings = cls.settings.copy() # Make settings local to class - cls.settings[key] = args[0] - else: - return cls.settings[key] - - def prepare(self, **options): - """ Run preparations (parsing, caching, ...). - It should be possible to call this again to refresh a template or to - update settings. - """ - raise NotImplementedError - - def render(self, *args, **kwargs): - """ Render the template with the specified local variables and return - a single byte or unicode string. If it is a byte string, the encoding - must match self.encoding. This method must be thread-safe! - Local variables may be provided in dictionaries (args) - or directly, as keywords (kwargs). - """ - raise NotImplementedError - - -class MakoTemplate(BaseTemplate): - def prepare(self, **options): - from mako.template import Template - from mako.lookup import TemplateLookup - options.update({'input_encoding':self.encoding}) - options.setdefault('format_exceptions', bool(DEBUG)) - lookup = TemplateLookup(directories=self.lookup, **options) - if self.source: - self.tpl = Template(self.source, lookup=lookup, **options) - else: - self.tpl = Template(uri=self.name, filename=self.filename, lookup=lookup, **options) - - def render(self, *args, **kwargs): - for dictarg in args: kwargs.update(dictarg) - _defaults = self.defaults.copy() - _defaults.update(kwargs) - return self.tpl.render(**_defaults) - - -class CheetahTemplate(BaseTemplate): - def prepare(self, **options): - from Cheetah.Template import Template - self.context = threading.local() - self.context.vars = {} - options['searchList'] = [self.context.vars] - if self.source: - self.tpl = Template(source=self.source, **options) - else: - self.tpl = Template(file=self.filename, **options) - - def render(self, *args, **kwargs): - for dictarg in args: kwargs.update(dictarg) - self.context.vars.update(self.defaults) - self.context.vars.update(kwargs) - out = str(self.tpl) - self.context.vars.clear() - return out - - -class Jinja2Template(BaseTemplate): - def prepare(self, filters=None, tests=None, globals={}, **kwargs): - from jinja2 import Environment, FunctionLoader - if 'prefix' in kwargs: # TODO: to be removed after a while - raise RuntimeError('The keyword argument `prefix` has been removed. ' - 'Use the full jinja2 environment name line_statement_prefix instead.') - self.env = Environment(loader=FunctionLoader(self.loader), **kwargs) - if filters: self.env.filters.update(filters) - if tests: self.env.tests.update(tests) - if globals: self.env.globals.update(globals) - if self.source: - self.tpl = self.env.from_string(self.source) - else: - self.tpl = self.env.get_template(self.filename) - - def render(self, *args, **kwargs): - for dictarg in args: kwargs.update(dictarg) - _defaults = self.defaults.copy() - _defaults.update(kwargs) - return self.tpl.render(**_defaults) - - def loader(self, name): - fname = self.search(name, self.lookup) - if not fname: return - with open(fname, "rb") as f: - return f.read().decode(self.encoding) - - -class SimpleTemplate(BaseTemplate): - - def prepare(self, escape_func=html_escape, noescape=False, syntax=None, **ka): - self.cache = {} - enc = self.encoding - self._str = lambda x: touni(x, enc) - self._escape = lambda x: escape_func(touni(x, enc)) - self.syntax = syntax - if noescape: - self._str, self._escape = self._escape, self._str - - @cached_property - def co(self): - return compile(self.code, self.filename or '', 'exec') - - @cached_property - def code(self): - source = self.source - if not source: - with open(self.filename, 'rb') as f: - source = f.read() - try: - source, encoding = touni(source), 'utf8' - except UnicodeError: - depr('Template encodings other than utf8 are no longer supported.') #0.11 - source, encoding = touni(source, 'latin1'), 'latin1' - parser = StplParser(source, encoding=encoding, syntax=self.syntax) - code = parser.translate() - self.encoding = parser.encoding - return code - - def _rebase(self, _env, _name=None, **kwargs): - if _name is None: - depr('Rebase function called without arguments.' - ' You were probably looking for {{base}}?', True) #0.12 - _env['_rebase'] = (_name, kwargs) - - def _include(self, _env, _name=None, **kwargs): - if _name is None: - depr('Rebase function called without arguments.' - ' You were probably looking for {{base}}?', True) #0.12 - env = _env.copy() - env.update(kwargs) - if _name not in self.cache: - self.cache[_name] = self.__class__(name=_name, lookup=self.lookup) - return self.cache[_name].execute(env['_stdout'], env) - - def execute(self, _stdout, kwargs): - env = self.defaults.copy() - env.update(kwargs) - env.update({'_stdout': _stdout, '_printlist': _stdout.extend, - 'include': functools.partial(self._include, env), - 'rebase': functools.partial(self._rebase, env), '_rebase': None, - '_str': self._str, '_escape': self._escape, 'get': env.get, - 'setdefault': env.setdefault, 'defined': env.__contains__ }) - eval(self.co, env) - if env.get('_rebase'): - subtpl, rargs = env.pop('_rebase') - rargs['base'] = ''.join(_stdout) #copy stdout - del _stdout[:] # clear stdout - return self._include(env, subtpl, **rargs) - return env - - def render(self, *args, **kwargs): - """ Render the template using keyword arguments as local variables. """ - env = {}; stdout = [] - for dictarg in args: env.update(dictarg) - env.update(kwargs) - self.execute(stdout, env) - return ''.join(stdout) - - -class StplSyntaxError(TemplateError): pass - - -class StplParser(object): - ''' Parser for stpl templates. ''' - _re_cache = {} #: Cache for compiled re patterns - # This huge pile of voodoo magic splits python code into 8 different tokens. - # 1: All kinds of python strings (trust me, it works) - _re_tok = '((?m)[urbURB]?(?:\'\'(?!\')|""(?!")|\'{6}|"{6}' \ - '|\'(?:[^\\\\\']|\\\\.)+?\'|"(?:[^\\\\"]|\\\\.)+?"' \ - '|\'{3}(?:[^\\\\]|\\\\.|\\n)+?\'{3}' \ - '|"{3}(?:[^\\\\]|\\\\.|\\n)+?"{3}))' - _re_inl = _re_tok.replace('|\\n','') # We re-use this string pattern later - # 2: Comments (until end of line, but not the newline itself) - _re_tok += '|(#.*)' - # 3,4: Open and close grouping tokens - _re_tok += '|([\[\{\(])' - _re_tok += '|([\]\}\)])' - # 5,6: Keywords that start or continue a python block (only start of line) - _re_tok += '|^([ \\t]*(?:if|for|while|with|try|def|class)\\b)' \ - '|^([ \\t]*(?:elif|else|except|finally)\\b)' - # 7: Our special 'end' keyword (but only if it stands alone) - _re_tok += '|((?:^|;)[ \\t]*end[ \\t]*(?=(?:%(block_close)s[ \\t]*)?\\r?$|;|#))' - # 8: A customizable end-of-code-block template token (only end of line) - _re_tok += '|(%(block_close)s[ \\t]*(?=\\r?$))' - # 9: And finally, a single newline. The 10th token is 'everything else' - _re_tok += '|(\\r?\\n)' - - # Match the start tokens of code areas in a template - _re_split = '(?m)^[ \t]*(\\\\?)((%(line_start)s)|(%(block_start)s))(%%?)' - # Match inline statements (may contain python strings) - _re_inl = '%%(inline_start)s((?:%s|[^\'"\n]*?)+)%%(inline_end)s' % _re_inl - - default_syntax = '<% %> % {{ }}' - - def __init__(self, source, syntax=None, encoding='utf8'): - self.source, self.encoding = touni(source, encoding), encoding - self.set_syntax(syntax or self.default_syntax) - self.code_buffer, self.text_buffer = [], [] - self.lineno, self.offset = 1, 0 - self.indent, self.indent_mod = 0, 0 - self.paren_depth = 0 - - def get_syntax(self): - ''' Tokens as a space separated string (default: <% %> % {{ }}) ''' - return self._syntax - - def set_syntax(self, syntax): - self._syntax = syntax - self._tokens = syntax.split() - if not syntax in self._re_cache: - names = 'block_start block_close line_start inline_start inline_end' - etokens = map(re.escape, self._tokens) - pattern_vars = dict(zip(names.split(), etokens)) - patterns = (self._re_split, self._re_tok, self._re_inl) - patterns = [re.compile(p%pattern_vars) for p in patterns] - self._re_cache[syntax] = patterns - self.re_split, self.re_tok, self.re_inl = self._re_cache[syntax] - - syntax = property(get_syntax, set_syntax) - - def translate(self): - if self.offset: raise RuntimeError('Parser is a one time instance.') - while True: - m = self.re_split.search(self.source[self.offset:]) - if m: - text = self.source[self.offset:self.offset+m.start()] - self.text_buffer.append(text) - self.offset += m.end() - if m.group(1): # New escape syntax - line, sep, _ = self.source[self.offset:].partition('\n') - self.text_buffer.append(m.group(2)+m.group(5)+line+sep) - self.offset += len(line+sep)+1 - continue - elif m.group(5): # Old escape syntax - depr('Escape code lines with a backslash.') #0.12 - line, sep, _ = self.source[self.offset:].partition('\n') - self.text_buffer.append(m.group(2)+line+sep) - self.offset += len(line+sep)+1 - continue - self.flush_text() - self.read_code(multiline=bool(m.group(4))) - else: break - self.text_buffer.append(self.source[self.offset:]) - self.flush_text() - return ''.join(self.code_buffer) - - def read_code(self, multiline): - code_line, comment = '', '' - while True: - m = self.re_tok.search(self.source[self.offset:]) - if not m: - code_line += self.source[self.offset:] - self.offset = len(self.source) - self.write_code(code_line.strip(), comment) - return - code_line += self.source[self.offset:self.offset+m.start()] - self.offset += m.end() - _str, _com, _po, _pc, _blk1, _blk2, _end, _cend, _nl = m.groups() - if (code_line or self.paren_depth > 0) and (_blk1 or _blk2): # a if b else c - code_line += _blk1 or _blk2 - continue - if _str: # Python string - code_line += _str - elif _com: # Python comment (up to EOL) - comment = _com - if multiline and _com.strip().endswith(self._tokens[1]): - multiline = False # Allow end-of-block in comments - elif _po: # open parenthesis - self.paren_depth += 1 - code_line += _po - elif _pc: # close parenthesis - if self.paren_depth > 0: - # we could check for matching parentheses here, but it's - # easier to leave that to python - just check counts - self.paren_depth -= 1 - code_line += _pc - elif _blk1: # Start-block keyword (if/for/while/def/try/...) - code_line, self.indent_mod = _blk1, -1 - self.indent += 1 - elif _blk2: # Continue-block keyword (else/elif/except/...) - code_line, self.indent_mod = _blk2, -1 - elif _end: # The non-standard 'end'-keyword (ends a block) - self.indent -= 1 - elif _cend: # The end-code-block template token (usually '%>') - if multiline: multiline = False - else: code_line += _cend - else: # \n - self.write_code(code_line.strip(), comment) - self.lineno += 1 - code_line, comment, self.indent_mod = '', '', 0 - if not multiline: - break - - def flush_text(self): - text = ''.join(self.text_buffer) - del self.text_buffer[:] - if not text: return - parts, pos, nl = [], 0, '\\\n'+' '*self.indent - for m in self.re_inl.finditer(text): - prefix, pos = text[pos:m.start()], m.end() - if prefix: - parts.append(nl.join(map(repr, prefix.splitlines(True)))) - if prefix.endswith('\n'): parts[-1] += nl - parts.append(self.process_inline(m.group(1).strip())) - if pos < len(text): - prefix = text[pos:] - lines = prefix.splitlines(True) - if lines[-1].endswith('\\\\\n'): lines[-1] = lines[-1][:-3] - elif lines[-1].endswith('\\\\\r\n'): lines[-1] = lines[-1][:-4] - parts.append(nl.join(map(repr, lines))) - code = '_printlist((%s,))' % ', '.join(parts) - self.lineno += code.count('\n')+1 - self.write_code(code) - - def process_inline(self, chunk): - if chunk[0] == '!': return '_str(%s)' % chunk[1:] - return '_escape(%s)' % chunk - - def write_code(self, line, comment=''): - line, comment = self.fix_backward_compatibility(line, comment) - code = ' ' * (self.indent+self.indent_mod) - code += line.lstrip() + comment + '\n' - self.code_buffer.append(code) - - def fix_backward_compatibility(self, line, comment): - parts = line.strip().split(None, 2) - if parts and parts[0] in ('include', 'rebase'): - depr('The include and rebase keywords are functions now.') #0.12 - if len(parts) == 1: return "_printlist([base])", comment - elif len(parts) == 2: return "_=%s(%r)" % tuple(parts), comment - else: return "_=%s(%r, %s)" % tuple(parts), comment - if self.lineno <= 2 and not line.strip() and 'coding' in comment: - m = re.match(r"#.*coding[:=]\s*([-\w.]+)", comment) - if m: - depr('PEP263 encoding strings in templates are deprecated.') #0.12 - enc = m.group(1) - self.source = self.source.encode(self.encoding).decode(enc) - self.encoding = enc - return line, comment.replace('coding','coding*') - return line, comment - - -def template(*args, **kwargs): - ''' - Get a rendered template as a string iterator. - You can use a name, a filename or a template string as first parameter. - Template rendering arguments can be passed as dictionaries - or directly (as keyword arguments). - ''' - tpl = args[0] if args else None - adapter = kwargs.pop('template_adapter', SimpleTemplate) - lookup = kwargs.pop('template_lookup', TEMPLATE_PATH) - tplid = (id(lookup), tpl) - if tplid not in TEMPLATES or DEBUG: - settings = kwargs.pop('template_settings', {}) - if isinstance(tpl, adapter): - TEMPLATES[tplid] = tpl - if settings: TEMPLATES[tplid].prepare(**settings) - elif "\n" in tpl or "{" in tpl or "%" in tpl or '$' in tpl: - TEMPLATES[tplid] = adapter(source=tpl, lookup=lookup, **settings) - else: - TEMPLATES[tplid] = adapter(name=tpl, lookup=lookup, **settings) - if not TEMPLATES[tplid]: - abort(500, 'Template (%s) not found' % tpl) - for dictarg in args[1:]: kwargs.update(dictarg) - return TEMPLATES[tplid].render(kwargs) - -mako_template = functools.partial(template, template_adapter=MakoTemplate) -cheetah_template = functools.partial(template, template_adapter=CheetahTemplate) -jinja2_template = functools.partial(template, template_adapter=Jinja2Template) - - -def view(tpl_name, **defaults): - ''' Decorator: renders a template for a handler. - The handler can control its behavior like that: - - - return a dict of template vars to fill out the template - - return something other than a dict and the view decorator will not - process the template, but return the handler result as is. - This includes returning a HTTPResponse(dict) to get, - for instance, JSON with autojson or other castfilters. - ''' - def decorator(func): - @functools.wraps(func) - def wrapper(*args, **kwargs): - result = func(*args, **kwargs) - if isinstance(result, (dict, DictMixin)): - tplvars = defaults.copy() - tplvars.update(result) - return template(tpl_name, **tplvars) - elif result is None: - return template(tpl_name, defaults) - return result - return wrapper - return decorator - -mako_view = functools.partial(view, template_adapter=MakoTemplate) -cheetah_view = functools.partial(view, template_adapter=CheetahTemplate) -jinja2_view = functools.partial(view, template_adapter=Jinja2Template) - - - - - - -############################################################################### -# Constants and Globals ######################################################## -############################################################################### - - -TEMPLATE_PATH = ['./', './views/'] -TEMPLATES = {} -DEBUG = False -NORUN = False # If set, run() does nothing. Used by load_app() - -#: A dict to map HTTP status codes (e.g. 404) to phrases (e.g. 'Not Found') -HTTP_CODES = httplib.responses -HTTP_CODES[418] = "I'm a teapot" # RFC 2324 -HTTP_CODES[422] = "Unprocessable Entity" # RFC 4918 -HTTP_CODES[428] = "Precondition Required" -HTTP_CODES[429] = "Too Many Requests" -HTTP_CODES[431] = "Request Header Fields Too Large" -HTTP_CODES[511] = "Network Authentication Required" -_HTTP_STATUS_LINES = dict((k, '%d %s'%(k,v)) for (k,v) in HTTP_CODES.items()) - -#: The default template used for error pages. Override with @error() -ERROR_PAGE_TEMPLATE = """ -%%try: - %%from %s import DEBUG, HTTP_CODES, request, touni - - - - Error: {{e.status}} - - - -

Error: {{e.status}}

-

Sorry, the requested URL {{repr(request.url)}} - caused an error:

- 
{{e.body}}
- %%if DEBUG and e.exception: -

Exception:

- 
{{repr(e.exception)}}
- %%end - %%if DEBUG and e.traceback: -

Traceback:

- 
{{e.traceback}}
- %%end - - -%%except ImportError: - ImportError: Could not generate the error page. Please add bottle to - the import path. -%%end -""" % __name__ - -#: A thread-safe instance of :class:`LocalRequest`. If accessed from within a -#: request callback, this instance always refers to the *current* request -#: (even on a multithreaded server). -request = LocalRequest() - -#: A thread-safe instance of :class:`LocalResponse`. It is used to change the -#: HTTP response for the *current* request. -response = LocalResponse() - -#: A thread-safe namespace. Not used by Bottle. -local = threading.local() - -# Initialize app stack (create first empty Bottle app) -# BC: 0.6.4 and needed for run() -app = default_app = AppStack() -app.push() - -#: A virtual package that redirects import statements. -#: Example: ``import bottle.ext.sqlite`` actually imports `bottle_sqlite`. -ext = _ImportRedirect('bottle.ext' if __name__ == '__main__' else __name__+".ext", 'bottle_%s').module - -if __name__ == '__main__': - opt, args, parser = _cmd_options, _cmd_args, _cmd_parser - if opt.version: - _stdout('Bottle %s\n'%__version__) - sys.exit(0) - if not args: - parser.print_help() - _stderr('\nError: No application specified.\n') - sys.exit(1) - - sys.path.insert(0, '.') - sys.modules.setdefault('bottle', sys.modules['__main__']) - - host, port = (opt.bind or 'localhost'), 8080 - if ':' in host and host.rfind(']') < host.rfind(':'): - host, port = host.rsplit(':', 1) - host = host.strip('[]') - - run(args[0], host=host, port=int(port), server=opt.server, - reloader=opt.reload, plugins=opt.plugin, debug=opt.debug) - - - - -# THE END diff --git a/libs/bottle_beaker.py b/libs/bottle_beaker.py deleted file mode 100644 index b21783c1a..000000000 --- a/libs/bottle_beaker.py +++ /dev/null @@ -1,40 +0,0 @@ -#!/usr/bin/env python -# -*- coding: utf-8 -*- -import bottle -import inspect -import beaker -from beaker import middleware - - -class BeakerPlugin(object): - name = 'beaker' - - def __init__(self, keyword='beaker'): - """ - :param keyword: Keyword used to inject beaker in a route - """ - self.keyword = keyword - - def setup(self, app): - """ Make sure that other installed plugins don't affect the same - keyword argument and check if metadata is available.""" - for other in app.plugins: - if not isinstance(other, BeakerPlugin): - continue - if other.keyword == self.keyword: - raise bottle.PluginError("Found another beaker plugin " - "with conflicting settings (" - "non-unique keyword).") - - def apply(self, callback, context): - args = inspect.getargspec(context['callback'])[0] - - if self.keyword not in args: - return callback - - def wrapper(*args, **kwargs): - kwargs[self.keyword] = beaker - kwargs["{0}_middleware".format(self.keyword)] = middleware - return callback(*args, **kwargs) - - return wrapper diff --git a/libs/cork/__init__.py b/libs/cork/__init__.py deleted file mode 100644 index b77bd8967..000000000 --- a/libs/cork/__init__.py +++ /dev/null @@ -1,7 +0,0 @@ -# Cork - Authentication module for the Bottle web framework -# Copyright (C) 2013 Federico Ceratto and others, see AUTHORS file. -# Released under LGPLv3+ license, see LICENSE.txt -# -# Backends API - used to make backends available for importing -# -from .cork import Cork, JsonBackend, AAAException, AuthException, Mailer, FlaskCork, Redirect diff --git a/libs/cork/backends.py b/libs/cork/backends.py deleted file mode 100644 index d0d533a58..000000000 --- a/libs/cork/backends.py +++ /dev/null @@ -1,13 +0,0 @@ -# Cork - Authentication module for the Bottle web framework -# Copyright (C) 2013 Federico Ceratto and others, see AUTHORS file. -# Released under LGPLv3+ license, see LICENSE.txt - -""" -.. module:: backends - :synopsis: Backends API - used to make backends available for importing -""" - -from .json_backend import JsonBackend -from .mongodb_backend import MongoDBBackend -from .sqlalchemy_backend import SqlAlchemyBackend -from .sqlite_backend import SQLiteBackend diff --git a/libs/cork/base_backend.py b/libs/cork/base_backend.py deleted file mode 100644 index 7f8690899..000000000 --- a/libs/cork/base_backend.py +++ /dev/null @@ -1,31 +0,0 @@ -# Cork - Authentication module for the Bottle web framework -# Copyright (C) 2013 Federico Ceratto and others, see AUTHORS file. -# Released under LGPLv3+ license, see LICENSE.txt - -""" -.. module:: backend.py - :synopsis: Base Backend. -""" - -class BackendIOException(Exception): - """Generic Backend I/O Exception""" - pass - -def ni(*args, **kwargs): - raise NotImplementedError - -class Backend(object): - """Base Backend class - to be subclassed by real backends.""" - save_users = ni - save_roles = ni - save_pending_registrations = ni - -class Table(object): - """Base Table class - to be subclassed by real backends.""" - __len__ = ni - __contains__ = ni - __setitem__ = ni - __getitem__ = ni - __iter__ = ni - iteritems = ni - diff --git a/libs/cork/cork.py b/libs/cork/cork.py deleted file mode 100644 index c6f665188..000000000 --- a/libs/cork/cork.py +++ /dev/null @@ -1,975 +0,0 @@ -#!/usr/bin/env python -# -# Cork - Authentication module for the Bottle web framework -# Copyright (C) 2013 Federico Ceratto and others, see AUTHORS file. -# -# This package is free software; you can redistribute it and/or -# modify it under the terms of the GNU Lesser General Public -# License as published by the Free Software Foundation; either -# version 3 of the License, or (at your option) any later version. -# -# This package is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see . -# - -from base64 import b64encode, b64decode -from datetime import datetime, timedelta -from email.mime.multipart import MIMEMultipart -from email.mime.text import MIMEText -from logging import getLogger -from smtplib import SMTP, SMTP_SSL -from threading import Thread -from time import time -import bottle -import hashlib -import os -import re -import sys -import uuid - -try: - import scrypt - scrypt_available = True -except ImportError: # pragma: no cover - scrypt_available = False - -try: - basestring -except NameError: - basestring = str - -from .backends import JsonBackend - -is_py3 = (sys.version_info.major == 3) - -log = getLogger(__name__) - - -class AAAException(Exception): - """Generic Authentication/Authorization Exception""" - pass - - -class AuthException(AAAException): - """Authentication Exception: incorrect username/password pair""" - pass - - -class BaseCork(object): - """Abstract class""" - - def __init__(self, directory=None, backend=None, email_sender=None, - initialize=False, session_domain=None, smtp_server=None, - smtp_url='localhost', session_key_name=None): - """Auth/Authorization/Accounting class - - :param directory: configuration directory - :type directory: str. - :param users_fname: users filename (without .json), defaults to 'users' - :type users_fname: str. - :param roles_fname: roles filename (without .json), defaults to 'roles' - :type roles_fname: str. - """ - if smtp_server: - smtp_url = smtp_server - self.mailer = Mailer(email_sender, smtp_url) - self.password_reset_timeout = 3600 * 24 - self.session_domain = session_domain - self.session_key_name = session_key_name or 'beaker.session' - self.preferred_hashing_algorithm = 'PBKDF2' - - # Setup JsonBackend by default for backward compatibility. - if backend is None: - self._store = JsonBackend(directory, users_fname='users', - roles_fname='roles', pending_reg_fname='register', - initialize=initialize) - - else: - self._store = backend - - def login(self, username, password, success_redirect=None, - fail_redirect=None): - """Check login credentials for an existing user. - Optionally redirect the user to another page (typically /login) - - :param username: username - :type username: str or unicode. - :param password: cleartext password - :type password: str.or unicode - :param success_redirect: redirect authorized users (optional) - :type success_redirect: str. - :param fail_redirect: redirect unauthorized users (optional) - :type fail_redirect: str. - :returns: True for successful logins, else False - """ - #assert isinstance(username, type(u'')), "the username must be a string" - #assert isinstance(password, type(u'')), "the password must be a string" - - if username in self._store.users: - salted_hash = self._store.users[username]['hash'] - if hasattr(salted_hash, 'encode'): - salted_hash = salted_hash.encode('ascii') - authenticated = self._verify_password( - username, - password, - salted_hash, - ) - if authenticated: - # Setup session data - self._setup_cookie(username) - self._store.users[username]['last_login'] = str(datetime.utcnow()) - self._store.save_users() - if success_redirect: - self._redirect(success_redirect) - return True - - if fail_redirect: - self._redirect(fail_redirect) - - return False - - def logout(self, success_redirect='/login', fail_redirect='/login'): - """Log the user out, remove cookie - - :param success_redirect: redirect the user after logging out - :type success_redirect: str. - :param fail_redirect: redirect the user if it is not logged in - :type fail_redirect: str. - """ - try: - session = self._beaker_session - session.delete() - except Exception as e: - log.debug("Exception %s while logging out." % repr(e)) - self._redirect(fail_redirect) - - self._redirect(success_redirect) - - def require(self, username=None, role=None, fixed_role=False, - fail_redirect=None): - """Ensure the user is logged in has the required role (or higher). - Optionally redirect the user to another page (typically /login) - If both `username` and `role` are specified, both conditions need to be - satisfied. - If none is specified, any authenticated user will be authorized. - By default, any role with higher level than `role` will be authorized; - set fixed_role=True to prevent this. - - :param username: username (optional) - :type username: str. - :param role: role - :type role: str. - :param fixed_role: require user role to match `role` strictly - :type fixed_role: bool. - :param redirect: redirect unauthorized users (optional) - :type redirect: str. - """ - # Parameter validation - if username is not None: - if username not in self._store.users: - raise AAAException("Nonexistent user") - - if fixed_role and role is None: - raise AAAException( - """A role must be specified if fixed_role has been set""") - - if role is not None and role not in self._store.roles: - raise AAAException("Role not found") - - # Authentication - try: - cu = self.current_user - except AAAException: - if fail_redirect is None: - raise AuthException("Unauthenticated user") - else: - self._redirect(fail_redirect) - - # Authorization - if cu.role not in self._store.roles: - raise AAAException("Role not found for the current user") - - if username is not None: - # A specific user is required - if username == self.current_user.username: - return - - if fail_redirect is None: - raise AuthException("Unauthorized access: incorrect" - " username") - - self._redirect(fail_redirect) - - if fixed_role: - # A specific role is required - if role == self.current_user.role: - return - - if fail_redirect is None: - raise AuthException("Unauthorized access: incorrect role") - - self._redirect(fail_redirect) - - if role is not None: - # Any role with higher level is allowed - current_lvl = self._store.roles[self.current_user.role] - threshold_lvl = self._store.roles[role] - if current_lvl >= threshold_lvl: - return - - if fail_redirect is None: - raise AuthException("Unauthorized access: ") - - self._redirect(fail_redirect) - - return # success - - def create_role(self, role, level): - """Create a new role. - - :param role: role name - :type role: str. - :param level: role level (0=lowest, 100=admin) - :type level: int. - :raises: AuthException on errors - """ - if self.current_user.level < 100: - raise AuthException("The current user is not authorized to ") - if role in self._store.roles: - raise AAAException("The role is already existing") - try: - int(level) - except ValueError: - raise AAAException("The level must be numeric.") - self._store.roles[role] = level - self._store.save_roles() - - def delete_role(self, role): - """Deleta a role. - - :param role: role name - :type role: str. - :raises: AuthException on errors - """ - if self.current_user.level < 100: - raise AuthException("The current user is not authorized to ") - if role not in self._store.roles: - raise AAAException("Nonexistent role.") - self._store.roles.pop(role) - self._store.save_roles() - - def list_roles(self): - """List roles. - - :returns: (role, role_level) generator (sorted by role) - """ - for role in sorted(self._store.roles): - yield (role, self._store.roles[role]) - - def create_user(self, username, role, password, email_addr=None, - description=None): - """Create a new user account. - This method is available to users with level>=100 - - :param username: username - :type username: str. - :param role: role - :type role: str. - :param password: cleartext password - :type password: str. - :param email_addr: email address (optional) - :type email_addr: str. - :param description: description (free form) - :type description: str. - :raises: AuthException on errors - """ - assert username, "Username must be provided." - if self.current_user.level < 100: - raise AuthException("The current user is not authorized" - " to create users.") - - if username in self._store.users: - raise AAAException("User is already existing.") - if role not in self._store.roles: - raise AAAException("Nonexistent user role.") - tstamp = str(datetime.utcnow()) - h = self._hash(username, password) - h = h.decode('ascii') - self._store.users[username] = { - 'role': role, - 'hash': h, - 'email_addr': email_addr, - 'desc': description, - 'creation_date': tstamp, - 'last_login': tstamp - } - self._store.save_users() - - def delete_user(self, username): - """Delete a user account. - This method is available to users with level>=100 - - :param username: username - :type username: str. - :raises: Exceptions on errors - """ - if self.current_user.level < 100: - raise AuthException("The current user is not authorized to ") - if username not in self._store.users: - raise AAAException("Nonexistent user.") - self.user(username).delete() - - def list_users(self): - """List users. - - :return: (username, role, email_addr, description) generator (sorted by - username) - """ - for un in sorted(self._store.users): - d = self._store.users[un] - yield (un, d['role'], d['email_addr'], d['desc']) - - @property - def current_user(self): - """Current autenticated user - - :returns: User() instance, if authenticated - :raises: AuthException otherwise - """ - session = self._beaker_session - username = session.get('username', None) - if username is None: - raise AuthException("Unauthenticated user") - if username is not None and username in self._store.users: - return User(username, self, session=session) - raise AuthException("Unknown user: %s" % username) - - @property - def user_is_anonymous(self): - """Check if the current user is anonymous. - - :returns: True if the user is anonymous, False otherwise - :raises: AuthException if the session username is unknown - """ - try: - username = self._beaker_session['username'] - except KeyError: - return True - - if username not in self._store.users: - raise AuthException("Unknown user: %s" % username) - - return False - - def user(self, username): - """Existing user - - :returns: User() instance if the user exist, None otherwise - """ - if username is not None and username in self._store.users: - return User(username, self) - return None - - def register(self, username, password, email_addr, role='user', - max_level=50, subject="Signup confirmation", - email_template='views/registration_email.tpl', - description=None, **kwargs): - """Register a new user account. An email with a registration validation - is sent to the user. - WARNING: this method is available to unauthenticated users - - :param username: username - :type username: str. - :param password: cleartext password - :type password: str. - :param role: role (optional), defaults to 'user' - :type role: str. - :param max_level: maximum role level (optional), defaults to 50 - :type max_level: int. - :param email_addr: email address - :type email_addr: str. - :param subject: email subject - :type subject: str. - :param email_template: email template filename - :type email_template: str. - :param description: description (free form) - :type description: str. - :raises: AssertError or AAAException on errors - """ - assert username, "Username must be provided." - assert password, "A password must be provided." - assert email_addr, "An email address must be provided." - if username in self._store.users: - raise AAAException("User is already existing.") - if role not in self._store.roles: - raise AAAException("Nonexistent role") - if self._store.roles[role] > max_level: - raise AAAException("Unauthorized role") - - registration_code = uuid.uuid4().hex - creation_date = str(datetime.utcnow()) - - # send registration email - email_text = bottle.template( - email_template, - username=username, - email_addr=email_addr, - role=role, - creation_date=creation_date, - registration_code=registration_code, - **kwargs - ) - self.mailer.send_email(email_addr, subject, email_text) - - # store pending registration - h = self._hash(username, password) - h = h.decode('ascii') - self._store.pending_registrations[registration_code] = { - 'username': username, - 'role': role, - 'hash': h, - 'email_addr': email_addr, - 'desc': description, - 'creation_date': creation_date, - } - self._store.save_pending_registrations() - - def validate_registration(self, registration_code): - """Validate pending account registration, create a new account if - successful. - - :param registration_code: registration code - :type registration_code: str. - """ - try: - data = self._store.pending_registrations.pop(registration_code) - except KeyError: - raise AuthException("Invalid registration code.") - - username = data['username'] - if username in self._store.users: - raise AAAException("User is already existing.") - - # the user data is moved from pending_registrations to _users - self._store.users[username] = { - 'role': data['role'], - 'hash': data['hash'], - 'email_addr': data['email_addr'], - 'desc': data['desc'], - 'creation_date': data['creation_date'], - 'last_login': str(datetime.utcnow()) - } - self._store.save_users() - - def send_password_reset_email(self, username=None, email_addr=None, - subject="Password reset confirmation", - email_template='views/password_reset_email', - **kwargs): - """Email the user with a link to reset his/her password - If only one parameter is passed, fetch the other from the users - database. If both are passed they will be matched against the users - database as a security check. - - :param username: username - :type username: str. - :param email_addr: email address - :type email_addr: str. - :param subject: email subject - :type subject: str. - :param email_template: email template filename - :type email_template: str. - :raises: AAAException on missing username or email_addr, - AuthException on incorrect username/email_addr pair - """ - if username is None: - if email_addr is None: - raise AAAException("At least `username` or `email_addr` must" - " be specified.") - - # only email_addr is specified: fetch the username - for k, v in self._store.users.iteritems(): - if v['email_addr'] == email_addr: - username = k - break - else: - raise AAAException("Email address not found.") - - else: # username is provided - if username not in self._store.users: - raise AAAException("Nonexistent user.") - if email_addr is None: - email_addr = self._store.users[username].get('email_addr', None) - if not email_addr: - raise AAAException("Email address not available.") - else: - # both username and email_addr are provided: check them - stored_email_addr = self._store.users[username]['email_addr'] - if email_addr != stored_email_addr: - raise AuthException("Username/email address pair not found.") - - # generate a reset_code token - reset_code = self._reset_code(username, email_addr) - - # send reset email - email_text = bottle.template( - email_template, - username=username, - email_addr=email_addr, - reset_code=reset_code, - **kwargs - ) - self.mailer.send_email(email_addr, subject, email_text) - - def reset_password(self, reset_code, password): - """Validate reset_code and update the account password - The username is extracted from the reset_code token - - :param reset_code: reset token - :type reset_code: str. - :param password: new password - :type password: str. - :raises: AuthException for invalid reset tokens, AAAException - """ - try: - reset_code = b64decode(reset_code).decode() - username, email_addr, tstamp, h = reset_code.split(':', 3) - tstamp = int(tstamp) - assert isinstance(username, type(u'')) - assert isinstance(email_addr, type(u'')) - if not isinstance(h, type(b'')): - h = h.encode('utf-8') - except (TypeError, ValueError): - raise AuthException("Invalid reset code.") - - if time() - tstamp > self.password_reset_timeout: - raise AuthException("Expired reset code.") - - assert isinstance(h, type(b'')) - if not self._verify_password(username, email_addr, h): - raise AuthException("Invalid reset code.") - user = self.user(username) - if user is None: - raise AAAException("Nonexistent user.") - user.update(pwd=password) - - def make_auth_decorator(self, username=None, role=None, fixed_role=False, fail_redirect='/login'): - ''' - Create a decorator to be used for authentication and authorization - - :param username: A resource can be protected for a specific user - :param role: Minimum role level required for authorization - :param fixed_role: Only this role gets authorized - :param fail_redirect: The URL to redirect to if a login is required. - ''' - session_manager = self - def auth_require(username=username, role=role, fixed_role=fixed_role, - fail_redirect=fail_redirect): - def decorator(func): - import functools - @functools.wraps(func) - def wrapper(*a, **ka): - session_manager.require(username=username, role=role, fixed_role=fixed_role, - fail_redirect=fail_redirect) - return func(*a, **ka) - return wrapper - return decorator - return(auth_require) - - - ## Private methods - - def _setup_cookie(self, username): - """Setup cookie for a user that just logged in""" - session = self._beaker_session - session['username'] = username - if self.session_domain is not None: - session.domain = self.session_domain - - self._save_session() - - def _hash(self, username, pwd, salt=None, algo=None): - """Hash username and password, generating salt value if required - """ - if algo is None: - algo = self.preferred_hashing_algorithm - - if algo == 'PBKDF2': - return self._hash_pbkdf2(username, pwd, salt=salt) - - if algo == 'scrypt': - return self._hash_scrypt(username, pwd, salt=salt) - - raise RuntimeError("Unknown hashing algorithm requested: %s" % algo) - - @staticmethod - def _hash_scrypt(username, pwd, salt=None): - """Hash username and password, generating salt value if required - Use scrypt. - - :returns: base-64 encoded str. - """ - if not scrypt_available: - raise Exception("scrypt.hash required." - " Please install the scrypt library.") - - if salt is None: - salt = os.urandom(32) - - assert len(salt) == 32, "Incorrect salt length" - - cleartext = "%s\0%s" % (username, pwd) - h = scrypt.hash(cleartext, salt) - - # 's' for scrypt - hashed = b's' + salt + h - return b64encode(hashed) - - @staticmethod - def _hash_pbkdf2(username, pwd, salt=None): - """Hash username and password, generating salt value if required - Use PBKDF2 from Beaker - - :returns: base-64 encoded str. - """ - if salt is None: - salt = os.urandom(32) - - assert isinstance(salt, bytes) - assert len(salt) == 32, "Incorrect salt length" - - username = username.encode('utf-8') - assert isinstance(username, bytes) - - pwd = pwd.encode('utf-8') - assert isinstance(pwd, bytes) - - cleartext = username + b'\0' + pwd - h = hashlib.pbkdf2_hmac('sha1', cleartext, salt, 10, dklen=32) - - # 'p' for PBKDF2 - hashed = b'p' + salt + h - return b64encode(hashed) - - def _verify_password(self, username, pwd, salted_hash): - """Verity username/password pair against a salted hash - - :returns: bool - """ - assert isinstance(salted_hash, type(b'')) - decoded = b64decode(salted_hash) - hash_type = decoded[0] - if isinstance(hash_type, int): - hash_type = chr(hash_type) - - salt = decoded[1:33] - - if hash_type == 'p': # PBKDF2 - h = self._hash_pbkdf2(username, pwd, salt) - return salted_hash == h - - if hash_type == 's': # scrypt - h = self._hash_scrypt(username, pwd, salt) - return salted_hash == h - - raise RuntimeError("Unknown hashing algorithm in hash: %r" % decoded) - - def _purge_expired_registrations(self, exp_time=96): - """Purge expired registration requests. - - :param exp_time: expiration time (hours) - :type exp_time: float. - """ - pending = self._store.pending_registrations.items() - if is_py3: - pending = list(pending) - - for uuid_code, data in pending: - creation = datetime.strptime(data['creation_date'], - "%Y-%m-%d %H:%M:%S.%f") - now = datetime.utcnow() - maxdelta = timedelta(hours=exp_time) - if now - creation > maxdelta: - self._store.pending_registrations.pop(uuid_code) - - def _reset_code(self, username, email_addr): - """generate a reset_code token - - :param username: username - :type username: str. - :param email_addr: email address - :type email_addr: str. - :returns: Base-64 encoded token - """ - h = self._hash(username, email_addr) - t = "%d" % time() - t = t.encode('utf-8') - reset_code = b':'.join((username.encode('utf-8'), email_addr.encode('utf-8'), t, h)) - return b64encode(reset_code) - - -class User(object): - - def __init__(self, username, cork_obj, session=None): - """Represent an authenticated user, exposing useful attributes: - username, role, level, description, email_addr, session_creation_time, - session_accessed_time, session_id. The session-related attributes are - available for the current user only. - - :param username: username - :type username: str. - :param cork_obj: instance of :class:`Cork` - """ - self._cork = cork_obj - assert username in self._cork._store.users, "Unknown user" - self.username = username - user_data = self._cork._store.users[username] - self.role = user_data['role'] - self.description = user_data['desc'] - self.email_addr = user_data['email_addr'] - self.level = self._cork._store.roles[self.role] - - if session is not None: - try: - self.session_creation_time = session['_creation_time'] - self.session_accessed_time = session['_accessed_time'] - self.session_id = session['_id'] - except: - pass - - def update(self, role=None, pwd=None, email_addr=None): - """Update an user account data - - :param role: change user role, if specified - :type role: str. - :param pwd: change user password, if specified - :type pwd: str. - :param email_addr: change user email address, if specified - :type email_addr: str. - :raises: AAAException on nonexistent user or role. - """ - username = self.username - if username not in self._cork._store.users: - raise AAAException("User does not exist.") - - if role is not None: - if role not in self._cork._store.roles: - raise AAAException("Nonexistent role.") - - self._cork._store.users[username]['role'] = role - - if pwd is not None: - self._cork._store.users[username]['hash'] = self._cork._hash( - username, pwd) - - if email_addr is not None: - self._cork._store.users[username]['email_addr'] = email_addr - - self._cork._store.save_users() - - def delete(self): - """Delete user account - - :raises: AAAException on nonexistent user. - """ - try: - self._cork._store.users.pop(self.username) - except KeyError: - raise AAAException("Nonexistent user.") - self._cork._store.save_users() - - -class Redirect(Exception): - pass - - -def raise_redirect(path): - raise Redirect(path) - - -class Cork(BaseCork): - @staticmethod - def _redirect(location): - bottle.redirect(location) - - @property - def _beaker_session(self): - """Get session""" - return bottle.request.environ.get(self.session_key_name) - - def _save_session(self): - self._beaker_session.save() - - -class FlaskCork(BaseCork): - @staticmethod - def _redirect(location): - raise_redirect(location) - - @property - def _beaker_session(self): - """Get session""" - import flask - return flask.session - - def _save_session(self): - pass - - -class Mailer(object): - - def __init__(self, sender, smtp_url, join_timeout=5, use_threads=True): - """Send emails asyncronously - - :param sender: Sender email address - :type sender: str. - :param smtp_server: SMTP server - :type smtp_server: str. - """ - self.sender = sender - self.join_timeout = join_timeout - self.use_threads = use_threads - self._threads = [] - self._conf = self._parse_smtp_url(smtp_url) - - def _parse_smtp_url(self, url): - """Parse SMTP URL""" - match = re.match(r""" - ( # Optional protocol - (?Psmtp|starttls|ssl) # Protocol name - :// - )? - ( # Optional user:pass@ - (?P[^:]*) # Match every char except ':' - (: (?P.*) )? @ # Optional :pass - )? - (?P # Required FQDN on IP address - ()| # Empty string - ( # FQDN - [a-zA-Z_\-] # First character cannot be a number - [a-zA-Z0-9_\-\.]{,254} - ) - |( # IPv4 - ([0-9]{1,3}\.){3} - [0-9]{1,3} - ) - |( # IPv6 - \[ # Square brackets - ([0-9a-f]{,4}:){1,8} - [0-9a-f]{,4} - \] - ) - ) - ( # Optional :port - : - (?P[0-9]{,5}) # Up to 5-digits port - )? - [/]? - $ - """, url, re.VERBOSE) - - if not match: - raise RuntimeError("SMTP URL seems incorrect") - - d = match.groupdict() - if d['proto'] is None: - d['proto'] = 'smtp' - - if d['port'] is None: - d['port'] = 25 - else: - d['port'] = int(d['port']) - - if not 0 < d['port'] < 65536: - raise RuntimeError("Incorrect SMTP port") - - return d - - def send_email(self, email_addr, subject, email_text): - """Send an email - - :param email_addr: email address - :type email_addr: str. - :param subject: subject - :type subject: str. - :param email_text: email text - :type email_text: str. - :raises: AAAException if smtp_server and/or sender are not set - """ - if not (self._conf['fqdn'] and self.sender): - raise AAAException("SMTP server or sender not set") - msg = MIMEMultipart('alternative') - msg['Subject'] = subject - msg['From'] = self.sender - msg['To'] = email_addr - if isinstance(email_text, bytes): - email_text = email_text.encode('utf-8') - - part = MIMEText(email_text, 'html') - msg.attach(part) - msg = msg.as_string() - - log.debug("Sending email using %s" % self._conf['fqdn']) - - if self.use_threads: - thread = Thread(target=self._send, args=(email_addr, msg)) - thread.start() - self._threads.append(thread) - - else: - self._send(email_addr, msg) - - def _send(self, email_addr, msg): - """Deliver an email using SMTP - - :param email_addr: recipient - :type email_addr: str. - :param msg: email text - :type msg: str. - """ - proto = self._conf['proto'] - assert proto in ('smtp', 'starttls', 'ssl'), \ - "Incorrect protocol: %s" % proto - - try: - if proto == 'ssl': - log.debug("Setting up SSL") - session = SMTP_SSL(self._conf['fqdn'], self._conf['port']) - else: - session = SMTP(self._conf['fqdn'], self._conf['port']) - - if proto == 'starttls': - log.debug('Sending EHLO and STARTTLS') - session.ehlo() - session.starttls() - session.ehlo() - - if self._conf['user'] is not None: - log.debug('Performing login') - session.login(self._conf['user'], self._conf['pass']) - - log.debug('Sending') - session.sendmail(self.sender, email_addr, msg) - session.quit() - log.info('Email sent') - - except Exception as e: # pragma: no cover - log.error("Error sending email: %s" % e, exc_info=True) - - def join(self): - """Flush email queue by waiting the completion of the existing threads - - :returns: None - """ - return [t.join(self.join_timeout) for t in self._threads] - - def __del__(self): - """Class destructor: wait for threads to terminate within a timeout""" - try: - self.join() - except TypeError: - pass diff --git a/libs/cork/json_backend.py b/libs/cork/json_backend.py deleted file mode 100644 index cfd38e737..000000000 --- a/libs/cork/json_backend.py +++ /dev/null @@ -1,134 +0,0 @@ -# Cork - Authentication module for the Bottle web framework -# Copyright (C) 2013 Federico Ceratto and others, see AUTHORS file. -# Released under LGPLv3+ license, see LICENSE.txt - -""" -.. module:: json_backend - :synopsis: JSON file-based storage backend. -""" - -from logging import getLogger -import os -import shutil -import sys - -try: - import json -except ImportError: # pragma: no cover - import simplejson as json - -from .base_backend import BackendIOException - -is_py3 = (sys.version_info.major == 3) - -log = getLogger(__name__) - -try: - dict.iteritems - py23dict = dict -except AttributeError: - class py23dict(dict): - iteritems = dict.items - -class BytesEncoder(json.JSONEncoder): - def default(self, obj): - if is_py3 and isinstance(obj, bytes): - return obj.decode() - - return json.JSONEncoder.default(self, obj) - - -class JsonBackend(object): - """JSON file-based storage backend.""" - - def __init__(self, directory, users_fname='users', - roles_fname='roles', pending_reg_fname='register', initialize=False): - """Data storage class. Handles JSON files - - :param users_fname: users file name (without .json) - :type users_fname: str. - :param roles_fname: roles file name (without .json) - :type roles_fname: str. - :param pending_reg_fname: pending registrations file name (without .json) - :type pending_reg_fname: str. - :param initialize: create empty JSON files (defaults to False) - :type initialize: bool. - """ - assert directory, "Directory name must be valid" - self._directory = directory - self.users = py23dict() - self._users_fname = users_fname - self.roles = py23dict() - self._roles_fname = roles_fname - self._mtimes = py23dict() - self._pending_reg_fname = pending_reg_fname - self.pending_registrations = py23dict() - if initialize: - self._initialize_storage() - self._refresh() # load users and roles - - def _initialize_storage(self): - """Create empty JSON files""" - self._savejson(self._users_fname, {}) - self._savejson(self._roles_fname, {}) - self._savejson(self._pending_reg_fname, {}) - - def _refresh(self): - """Load users and roles from JSON files, if needed""" - self._loadjson(self._users_fname, self.users) - self._loadjson(self._roles_fname, self.roles) - self._loadjson(self._pending_reg_fname, self.pending_registrations) - - def _loadjson(self, fname, dest): - """Load JSON file located under self._directory, if needed - - :param fname: short file name (without path and .json) - :type fname: str. - :param dest: destination - :type dest: dict - """ - try: - fname = "%s/%s.json" % (self._directory, fname) - mtime = os.stat(fname).st_mtime - - if self._mtimes.get(fname, 0) == mtime: - # no need to reload the file: the mtime has not been changed - return - - with open(fname) as f: - json_data = f.read() - except Exception as e: - raise BackendIOException("Unable to read json file %s: %s" % (fname, e)) - - try: - json_obj = json.loads(json_data) - dest.clear() - dest.update(json_obj) - self._mtimes[fname] = os.stat(fname).st_mtime - except Exception as e: - raise BackendIOException("Unable to parse JSON data from %s: %s" \ - % (fname, e)) - - def _savejson(self, fname, obj): - """Save obj in JSON format in a file in self._directory""" - fname = "%s/%s.json" % (self._directory, fname) - try: - with open("%s.tmp" % fname, 'w') as f: - json.dump(obj, f, cls=BytesEncoder) - f.flush() - shutil.move("%s.tmp" % fname, fname) - except Exception as e: - raise BackendIOException("Unable to save JSON file %s: %s" \ - % (fname, e)) - - def save_users(self): - """Save users in a JSON file""" - self._savejson(self._users_fname, self.users) - - def save_roles(self): - """Save roles in a JSON file""" - self._savejson(self._roles_fname, self.roles) - - def save_pending_registrations(self): - """Save pending registrations in a JSON file""" - self._savejson(self._pending_reg_fname, self.pending_registrations) diff --git a/libs/cork/mongodb_backend.py b/libs/cork/mongodb_backend.py deleted file mode 100644 index 564ed1ff4..000000000 --- a/libs/cork/mongodb_backend.py +++ /dev/null @@ -1,180 +0,0 @@ -# Cork - Authentication module for the Bottle web framework -# Copyright (C) 2013 Federico Ceratto and others, see AUTHORS file. -# Released under LGPLv3+ license, see LICENSE.txt - -""" -.. module:: mongodb_backend - :synopsis: MongoDB storage backend. -""" -from logging import getLogger -log = getLogger(__name__) - -from .base_backend import Backend, Table - -try: - import pymongo - is_pymongo_2 = (pymongo.version_tuple[0] == 2) -except ImportError: # pragma: no cover - pass - - -class MongoTable(Table): - """Abstract MongoDB Table. - Allow dictionary-like access. - """ - def __init__(self, name, key_name, collection): - self._name = name - self._key_name = key_name - self._coll = collection - - def create_index(self): - """Create collection index.""" - self._coll.create_index( - self._key_name, - drop_dups=True, - unique=True, - ) - - def __len__(self): - return self._coll.count() - - def __contains__(self, value): - r = self._coll.find_one({self._key_name: value}) - return r is not None - - def __iter__(self): - """Iter on dictionary keys""" - if is_pymongo_2: - r = self._coll.find(fields=[self._key_name,]) - else: - r = self._coll.find(projection=[self._key_name,]) - - return (i[self._key_name] for i in r) - - def iteritems(self): - """Iter on dictionary items. - - :returns: generator of (key, value) tuples - """ - r = self._coll.find() - for i in r: - d = i.copy() - d.pop(self._key_name) - d.pop('_id') - yield (i[self._key_name], d) - - def pop(self, key_val): - """Remove a dictionary item""" - r = self[key_val] - self._coll.remove({self._key_name: key_val}, w=1) - return r - - -class MongoSingleValueTable(MongoTable): - """MongoDB table accessible as a simple key -> value dictionary. - Used to store roles. - """ - # Values are stored in a MongoDB "column" named "val" - def __init__(self, *args, **kw): - super(MongoSingleValueTable, self).__init__(*args, **kw) - - def __setitem__(self, key_val, data): - assert not isinstance(data, dict) - spec = {self._key_name: key_val} - data = {self._key_name: key_val, 'val': data} - if is_pymongo_2: - self._coll.update(spec, {'$set': data}, upsert=True, w=1) - else: - self._coll.update_one(spec, {'$set': data}, upsert=True) - - def __getitem__(self, key_val): - r = self._coll.find_one({self._key_name: key_val}) - if r is None: - raise KeyError(key_val) - - return r['val'] - -class MongoMutableDict(dict): - """Represent an item from a Table. Acts as a dictionary. - """ - def __init__(self, parent, root_key, d): - """Create a MongoMutableDict instance. - :param parent: Table instance - :type parent: :class:`MongoTable` - """ - super(MongoMutableDict, self).__init__(d) - self._parent = parent - self._root_key = root_key - - def __setitem__(self, k, v): - super(MongoMutableDict, self).__setitem__(k, v) - spec = {self._parent._key_name: self._root_key} - if is_pymongo_2: - r = self._parent._coll.update(spec, {'$set': {k: v}}, upsert=True) - else: - r = self._parent._coll.update_one(spec, {'$set': {k: v}}, upsert=True) - - - -class MongoMultiValueTable(MongoTable): - """MongoDB table accessible as a dictionary. - """ - def __init__(self, *args, **kw): - super(MongoMultiValueTable, self).__init__(*args, **kw) - - def __setitem__(self, key_val, data): - assert isinstance(data, dict) - key_name = self._key_name - if key_name in data: - assert data[key_name] == key_val - else: - data[key_name] = key_val - - spec = {key_name: key_val} - if u'_id' in data: - del(data[u'_id']) - - if is_pymongo_2: - self._coll.update(spec, {'$set': data}, upsert=True, w=1) - else: - self._coll.update_one(spec, {'$set': data}, upsert=True) - - def __getitem__(self, key_val): - r = self._coll.find_one({self._key_name: key_val}) - if r is None: - raise KeyError(key_val) - - return MongoMutableDict(self, key_val, r) - - -class MongoDBBackend(Backend): - def __init__(self, db_name='cork', hostname='localhost', port=27017, initialize=False, username=None, password=None): - """Initialize MongoDB Backend""" - connection = pymongo.MongoClient(host=hostname, port=port) - db = connection[db_name] - if username and password: - db.authenticate(username, password) - self.users = MongoMultiValueTable('users', 'login', db.users) - self.pending_registrations = MongoMultiValueTable( - 'pending_registrations', - 'pending_registration', - db.pending_registrations - ) - self.roles = MongoSingleValueTable('roles', 'role', db.roles) - - if initialize: - self._initialize_storage() - - def _initialize_storage(self): - """Create MongoDB indexes.""" - for c in (self.users, self.roles, self.pending_registrations): - c.create_index() - - def save_users(self): - pass - - def save_roles(self): - pass - - def save_pending_registrations(self): - pass diff --git a/libs/cork/sqlalchemy_backend.py b/libs/cork/sqlalchemy_backend.py deleted file mode 100644 index 60d49448a..000000000 --- a/libs/cork/sqlalchemy_backend.py +++ /dev/null @@ -1,204 +0,0 @@ -# Cork - Authentication module for the Bottle web framework -# Copyright (C) 2013 Federico Ceratto and others, see AUTHORS file. -# Released under LGPLv3+ license, see LICENSE.txt - -""" -.. module:: sqlalchemy_backend - :synopsis: SQLAlchemy storage backend. -""" - -import sys -from logging import getLogger - -from . import base_backend - -log = getLogger(__name__) -is_py3 = (sys.version_info.major == 3) - -try: - from sqlalchemy import create_engine, delete, select, \ - Column, ForeignKey, Integer, MetaData, String, Table, Unicode - sqlalchemy_available = True -except ImportError: # pragma: no cover - sqlalchemy_available = False - - -class SqlRowProxy(dict): - def __init__(self, sql_dict, key, *args, **kwargs): - dict.__init__(self, *args, **kwargs) - self.sql_dict = sql_dict - self.key = key - - def __setitem__(self, key, value): - dict.__setitem__(self, key, value) - if self.sql_dict is not None: - self.sql_dict[self.key] = {key: value} - - -class SqlTable(base_backend.Table): - """Provides dictionary-like access to an SQL table.""" - - def __init__(self, engine, table, key_col_name): - self._engine = engine - self._table = table - self._key_col = table.c[key_col_name] - - def _row_to_value(self, row): - row_key = row[self._key_col] - row_value = SqlRowProxy(self, row_key, - ((k, row[k]) for k in row.keys() if k != self._key_col.name)) - return row_key, row_value - - def __len__(self): - query = self._table.count() - c = self._engine.execute(query).scalar() - return int(c) - - def __contains__(self, key): - query = select([self._key_col], self._key_col == key) - row = self._engine.execute(query).fetchone() - return row is not None - - def __setitem__(self, key, value): - if key in self: - values = value - query = self._table.update().where(self._key_col == key) - - else: - values = {self._key_col.name: key} - values.update(value) - query = self._table.insert() - - self._engine.execute(query.values(**values)) - - def __getitem__(self, key): - query = select([self._table], self._key_col == key) - row = self._engine.execute(query).fetchone() - if row is None: - raise KeyError(key) - return self._row_to_value(row)[1] - - def __iter__(self): - """Iterate over table index key values""" - query = select([self._key_col]) - result = self._engine.execute(query) - for row in result: - key = row[0] - yield key - - def iteritems(self): - """Iterate over table rows""" - query = select([self._table]) - result = self._engine.execute(query) - for row in result: - key = row[0] - d = self._row_to_value(row)[1] - yield (key, d) - - def pop(self, key): - query = select([self._table], self._key_col == key) - row = self._engine.execute(query).fetchone() - if row is None: - raise KeyError - - query = delete(self._table, self._key_col == key) - self._engine.execute(query) - return row - - def insert(self, d): - query = self._table.insert(d) - self._engine.execute(query) - log.debug("%s inserted" % repr(d)) - - def empty_table(self): - query = self._table.delete() - self._engine.execute(query) - log.info("Table purged") - - -class SqlSingleValueTable(SqlTable): - def __init__(self, engine, table, key_col_name, col_name): - SqlTable.__init__(self, engine, table, key_col_name) - self._col_name = col_name - - def _row_to_value(self, row): - return row[self._key_col], row[self._col_name] - - def __setitem__(self, key, value): - SqlTable.__setitem__(self, key, {self._col_name: value}) - - - -class SqlAlchemyBackend(base_backend.Backend): - - def __init__(self, db_full_url, users_tname='users', roles_tname='roles', - pending_reg_tname='register', initialize=False): - - if not sqlalchemy_available: - raise RuntimeError("The SQLAlchemy library is not available.") - - self._metadata = MetaData() - if initialize: - # Create new database if needed. - db_url, db_name = db_full_url.rsplit('/', 1) - if is_py3 and db_url.startswith('mysql'): - print("WARNING: MySQL is not supported under Python3") - - self._engine = create_engine(db_url, encoding='utf-8') - try: - self._engine.execute("CREATE DATABASE %s" % db_name) - except Exception as e: - log.info("Failed DB creation: %s" % e) - - # SQLite in-memory database URL: "sqlite://:memory:" - if db_name != ':memory:' and not db_url.startswith('postgresql'): - self._engine.execute("USE %s" % db_name) - - else: - self._engine = create_engine(db_full_url, encoding='utf-8') - - - self._users = Table(users_tname, self._metadata, - Column('username', Unicode(128), primary_key=True), - Column('role', ForeignKey(roles_tname + '.role')), - Column('hash', String(256), nullable=False), - Column('email_addr', String(128)), - Column('desc', String(128)), - Column('creation_date', String(128), nullable=False), - Column('last_login', String(128), nullable=False) - - ) - self._roles = Table(roles_tname, self._metadata, - Column('role', String(128), primary_key=True), - Column('level', Integer, nullable=False) - ) - self._pending_reg = Table(pending_reg_tname, self._metadata, - Column('code', String(128), primary_key=True), - Column('username', Unicode(128), nullable=False), - Column('role', ForeignKey(roles_tname + '.role')), - Column('hash', String(256), nullable=False), - Column('email_addr', String(128)), - Column('desc', String(128)), - Column('creation_date', String(128), nullable=False) - ) - - self.users = SqlTable(self._engine, self._users, 'username') - self.roles = SqlSingleValueTable(self._engine, self._roles, 'role', 'level') - self.pending_registrations = SqlTable(self._engine, self._pending_reg, 'code') - - if initialize: - self._initialize_storage(db_name) - log.debug("Tables created") - - - def _initialize_storage(self, db_name): - self._metadata.create_all(self._engine) - - def _drop_all_tables(self): - for table in reversed(self._metadata.sorted_tables): - log.info("Dropping table %s" % repr(table.name)) - self._engine.execute(table.delete()) - - def save_users(self): pass - def save_roles(self): pass - def save_pending_registrations(self): pass diff --git a/libs/cork/sqlite_backend.py b/libs/cork/sqlite_backend.py deleted file mode 100644 index a15b33283..000000000 --- a/libs/cork/sqlite_backend.py +++ /dev/null @@ -1,242 +0,0 @@ -# Cork - Authentication module for the Bottle web framework -# Copyright (C) 2013 Federico Ceratto and others, see AUTHORS file. -# Released under LGPLv3+ license, see LICENSE.txt - -""" -.. module:: sqlite_backend - :synopsis: SQLite storage backend. -""" - -from . import base_backend -from logging import getLogger -log = getLogger(__name__) - - -class SqlRowProxy(dict): - def __init__(self, table, key, row): - li = ((k, v) for (k, ktype), v in zip(table._columns[1:], row[1:])) - dict.__init__(self, li) - self._table = table - self._key = key - - def __setitem__(self, key, value): - dict.__setitem__(self, key, value) - self._table[self._key] = self - - -class Table(base_backend.Table): - """Provides dictionary-like access to an SQL table.""" - - def __init__(self, backend, table_name): - self._backend = backend - self._engine = backend.connection - self._table_name = table_name - self._column_names = [n for n, t in self._columns] - self._key_col_num = 0 - self._key_col_name = self._column_names[self._key_col_num] - self._key_col = self._column_names[self._key_col_num] - - def _row_to_value(self, key, row): - assert isinstance(row, tuple) - row_key = row[self._key_col_num] - row_value = SqlRowProxy(self, key, row) - return row_key, row_value - - def __len__(self): - query = "SELECT count() FROM %s" % self._table_name - ret = self._backend.run_query(query) - return ret.fetchone()[0] - - def __contains__(self, key): - #FIXME: count() - query = "SELECT * FROM %s WHERE %s='%s'" % \ - (self._table_name, self._key_col, key) - row = self._backend.fetch_one(query) - return row is not None - - def __setitem__(self, key, value): - """Create or update a row""" - assert isinstance(value, dict) - v, cn = set(value), set(self._column_names[1:]) - assert not v - cn, repr(v - cn) - assert not cn - v, repr(cn - v) - - assert set(value) == set(self._column_names[1:]), "%s %s" % \ - (repr(set(value)), repr(set(self._column_names[1:]))) - - col_values = [key] + [value[k] for k in self._column_names[1:]] - - col_names = ', '.join(self._column_names) - question_marks = ', '.join('?' for x in col_values) - query = "INSERT OR REPLACE INTO %s (%s) VALUES (%s)" % \ - (self._table_name, col_names, question_marks) - - ret = self._backend.run_query_using_conversion(query, col_values) - - - def __getitem__(self, key): - query = "SELECT * FROM %s WHERE %s='%s'" % \ - (self._table_name, self._key_col, key) - row = self._backend.fetch_one(query) - if row is None: - raise KeyError(key) - - return self._row_to_value(key, row)[1] - #return dict(zip(self._column_names, row)) - - def __iter__(self): - """Iterate over table index key values""" - query = "SELECT %s FROM %s" % (self._key_col, self._table_name) - result = self._backend.run_query(query) - for row in result: - yield row[0] - - def iteritems(self): - """Iterate over table rows""" - query = "SELECT * FROM %s" % self._table_name - result = self._backend.run_query(query) - for row in result: - d = dict(zip(self._column_names, row)) - d.pop(self._key_col) - - yield (self._key_col, d) - - def pop(self, key): - d = self.__getitem__(key) - query = "DELETE FROM %s WHERE %s='%s'" % \ - (self._table_name, self._key_col, key) - self._backend.fetch_one(query) - #FIXME: check deletion - return d - - def insert(self, d): - raise NotImplementedError - - def empty_table(self): - raise NotImplementedError - - def create_table(self): - """Issue table creation""" - cc = [] - for col_name, col_type in self._columns: - if col_type == int: - col_type = 'INTEGER' - elif col_type == str: - col_type = 'TEXT' - - if col_name == self._key_col: - extras = 'PRIMARY KEY ASC' - else: - extras = '' - - cc.append("%s %s %s" % (col_name, col_type, extras)) - - cc = ','.join(cc) - query = "CREATE TABLE %s (%s)" % (self._table_name, cc) - self._backend.run_query(query) - - -class SingleValueTable(Table): - def __init__(self, *args): - super(SingleValueTable, self).__init__(*args) - self._value_col = self._column_names[1] - - def __setitem__(self, key, value): - """Create or update a row""" - assert not isinstance(value, dict) - query = "INSERT OR REPLACE INTO %s (%s, %s) VALUES (?, ?)" % \ - (self._table_name, self._key_col, self._value_col) - - col_values = (key, value) - ret = self._backend.run_query_using_conversion(query, col_values) - - def __getitem__(self, key): - query = "SELECT %s FROM %s WHERE %s='%s'" % \ - (self._value_col, self._table_name, self._key_col, key) - row = self._backend.fetch_one(query) - if row is None: - raise KeyError(key) - - return row[0] - -class UsersTable(Table): - def __init__(self, *args, **kwargs): - self._columns = ( - ('username', str), - ('role', str), - ('hash', str), - ('email_addr', str), - ('desc', str), - ('creation_date', str), - ('last_login', str) - ) - super(UsersTable, self).__init__(*args, **kwargs) - -class RolesTable(SingleValueTable): - def __init__(self, *args, **kwargs): - self._columns = ( - ('role', str), - ('level', int) - ) - super(RolesTable, self).__init__(*args, **kwargs) - -class PendingRegistrationsTable(Table): - def __init__(self, *args, **kwargs): - self._columns = ( - ('code', str), - ('username', str), - ('role', str), - ('hash', str), - ('email_addr', str), - ('desc', str), - ('creation_date', str) - ) - super(PendingRegistrationsTable, self).__init__(*args, **kwargs) - - - - -class SQLiteBackend(base_backend.Backend): - - def __init__(self, filename, users_tname='users', roles_tname='roles', - pending_reg_tname='register', initialize=False): - - self._filename = filename - - self.users = UsersTable(self, users_tname) - self.roles = RolesTable(self, roles_tname) - self.pending_registrations = PendingRegistrationsTable(self, pending_reg_tname) - - if initialize: - self.users.create_table() - self.roles.create_table() - self.pending_registrations.create_table() - log.debug("Tables created") - - @property - def connection(self): - try: - return self._connection - except AttributeError: - import sqlite3 - self._connection = sqlite3.connect(self._filename) - return self._connection - - def run_query(self, query): - return self._connection.execute(query) - - def run_query_using_conversion(self, query, args): - return self._connection.execute(query, args) - - def fetch_one(self, query): - return self._connection.execute(query).fetchone() - - def _initialize_storage(self, db_name): - raise NotImplementedError - - def _drop_all_tables(self): - raise NotImplementedError - - def save_users(self): pass - def save_roles(self): pass - def save_pending_registrations(self): pass diff --git a/libs/pwiz.py b/libs/pwiz.py deleted file mode 100644 index dd50279fc..000000000 --- a/libs/pwiz.py +++ /dev/null @@ -1,221 +0,0 @@ -#!/usr/bin/env python - -import datetime -import sys -from getpass import getpass -from optparse import OptionParser - -from peewee import * -from peewee import print_ -from peewee import __version__ as peewee_version -from playhouse.reflection import * - - -HEADER = """from peewee import *%s - -database = %s('%s'%s) -""" - -BASE_MODEL = """\ -class BaseModel(Model): - class Meta: - database = database -""" - -UNKNOWN_FIELD = """\ -class UnknownField(object): - def __init__(self, *_, **__): pass -""" - -DATABASE_ALIASES = { - MySQLDatabase: ['mysql', 'mysqldb'], - PostgresqlDatabase: ['postgres', 'postgresql'], - SqliteDatabase: ['sqlite', 'sqlite3'], -} - -DATABASE_MAP = dict((value, key) - for key in DATABASE_ALIASES - for value in DATABASE_ALIASES[key]) - -def make_introspector(database_type, database_name, **kwargs): - if database_type not in DATABASE_MAP: - err('Unrecognized database, must be one of: %s' % - ', '.join(DATABASE_MAP.keys())) - sys.exit(1) - - schema = kwargs.pop('schema', None) - DatabaseClass = DATABASE_MAP[database_type] - db = DatabaseClass(database_name, **kwargs) - return Introspector.from_database(db, schema=schema) - -def print_models(introspector, tables=None, preserve_order=False, - include_views=False, ignore_unknown=False, snake_case=True): - database = introspector.introspect(table_names=tables, - include_views=include_views, - snake_case=snake_case) - - db_kwargs = introspector.get_database_kwargs() - header = HEADER % ( - introspector.get_additional_imports(), - introspector.get_database_class().__name__, - introspector.get_database_name(), - ', **%s' % repr(db_kwargs) if db_kwargs else '') - print_(header) - - if not ignore_unknown: - print_(UNKNOWN_FIELD) - - print_(BASE_MODEL) - - def _print_table(table, seen, accum=None): - accum = accum or [] - foreign_keys = database.foreign_keys[table] - for foreign_key in foreign_keys: - dest = foreign_key.dest_table - - # In the event the destination table has already been pushed - # for printing, then we have a reference cycle. - if dest in accum and table not in accum: - print_('# Possible reference cycle: %s' % dest) - - # If this is not a self-referential foreign key, and we have - # not already processed the destination table, do so now. - if dest not in seen and dest not in accum: - seen.add(dest) - if dest != table: - _print_table(dest, seen, accum + [table]) - - print_('class %s(BaseModel):' % database.model_names[table]) - columns = database.columns[table].items() - if not preserve_order: - columns = sorted(columns) - primary_keys = database.primary_keys[table] - for name, column in columns: - skip = all([ - name in primary_keys, - name == 'id', - len(primary_keys) == 1, - column.field_class in introspector.pk_classes]) - if skip: - continue - if column.primary_key and len(primary_keys) > 1: - # If we have a CompositeKey, then we do not want to explicitly - # mark the columns as being primary keys. - column.primary_key = False - - is_unknown = column.field_class is UnknownField - if is_unknown and ignore_unknown: - disp = '%s - %s' % (column.name, column.raw_column_type or '?') - print_(' # %s' % disp) - else: - print_(' %s' % column.get_field()) - - print_('') - print_(' class Meta:') - print_(' table_name = \'%s\'' % table) - multi_column_indexes = database.multi_column_indexes(table) - if multi_column_indexes: - print_(' indexes = (') - for fields, unique in sorted(multi_column_indexes): - print_(' ((%s), %s),' % ( - ', '.join("'%s'" % field for field in fields), - unique, - )) - print_(' )') - - if introspector.schema: - print_(' schema = \'%s\'' % introspector.schema) - if len(primary_keys) > 1: - pk_field_names = sorted([ - field.name for col, field in columns - if col in primary_keys]) - pk_list = ', '.join("'%s'" % pk for pk in pk_field_names) - print_(' primary_key = CompositeKey(%s)' % pk_list) - elif not primary_keys: - print_(' primary_key = False') - print_('') - - seen.add(table) - - seen = set() - for table in sorted(database.model_names.keys()): - if table not in seen: - if not tables or table in tables: - _print_table(table, seen) - -def print_header(cmd_line, introspector): - timestamp = datetime.datetime.now() - print_('# Code generated by:') - print_('# python -m pwiz %s' % cmd_line) - print_('# Date: %s' % timestamp.strftime('%B %d, %Y %I:%M%p')) - print_('# Database: %s' % introspector.get_database_name()) - print_('# Peewee version: %s' % peewee_version) - print_('') - - -def err(msg): - sys.stderr.write('\033[91m%s\033[0m\n' % msg) - sys.stderr.flush() - -def get_option_parser(): - parser = OptionParser(usage='usage: %prog [options] database_name') - ao = parser.add_option - ao('-H', '--host', dest='host') - ao('-p', '--port', dest='port', type='int') - ao('-u', '--user', dest='user') - ao('-P', '--password', dest='password', action='store_true') - engines = sorted(DATABASE_MAP) - ao('-e', '--engine', dest='engine', default='postgresql', choices=engines, - help=('Database type, e.g. sqlite, mysql or postgresql. Default ' - 'is "postgresql".')) - ao('-s', '--schema', dest='schema') - ao('-t', '--tables', dest='tables', - help=('Only generate the specified tables. Multiple table names should ' - 'be separated by commas.')) - ao('-v', '--views', dest='views', action='store_true', - help='Generate model classes for VIEWs in addition to tables.') - ao('-i', '--info', dest='info', action='store_true', - help=('Add database information and other metadata to top of the ' - 'generated file.')) - ao('-o', '--preserve-order', action='store_true', dest='preserve_order', - help='Model definition column ordering matches source table.') - ao('-I', '--ignore-unknown', action='store_true', dest='ignore_unknown', - help='Ignore fields whose type cannot be determined.') - ao('-L', '--legacy-naming', action='store_true', dest='legacy_naming', - help='Use legacy table- and column-name generation.') - return parser - -def get_connect_kwargs(options): - ops = ('host', 'port', 'user', 'schema') - kwargs = dict((o, getattr(options, o)) for o in ops if getattr(options, o)) - if options.password: - kwargs['password'] = getpass() - return kwargs - - -if __name__ == '__main__': - raw_argv = sys.argv - - parser = get_option_parser() - options, args = parser.parse_args() - - if len(args) < 1: - err('Missing required parameter "database"') - parser.print_help() - sys.exit(1) - - connect = get_connect_kwargs(options) - database = args[-1] - - tables = None - if options.tables: - tables = [table.strip() for table in options.tables.split(',') - if table.strip()] - - introspector = make_introspector(options.engine, database, **connect) - if options.info: - cmd_line = ' '.join(raw_argv[1:]) - print_header(cmd_line, introspector) - - print_models(introspector, tables, options.preserve_order, options.views, - options.ignore_unknown, not options.legacy_naming)