-
Notifications
You must be signed in to change notification settings - Fork 15
Expand file tree
/
Copy pathroundup-server
More file actions
executable file
·313 lines (280 loc) · 9.86 KB
/
roundup-server
File metadata and controls
executable file
·313 lines (280 loc) · 9.86 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
#!/usr/bin/python
#
# Copyright (c) 2001 Bizar Software Pty Ltd (http://www.bizarsoftware.com.au/)
# This module is free software, and you may redistribute it and/or modify
# under the same terms as Python, so long as this copyright message and
# disclaimer are retained in their original form.
#
# IN NO EVENT SHALL BIZAR SOFTWARE PTY LTD BE LIABLE TO ANY PARTY FOR
# DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING
# OUT OF THE USE OF THIS CODE, EVEN IF THE AUTHOR HAS BEEN ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
#
# BIZAR SOFTWARE PTY LTD SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING,
# BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
# FOR A PARTICULAR PURPOSE. THE CODE PROVIDED HEREUNDER IS ON AN "AS IS"
# BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE,
# SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
#
""" HTTP Server that serves roundup.
Based on CGIHTTPServer in the Python library.
$Id: roundup-server,v 1.11 2001-08-07 00:24:42 richard Exp $
"""
import sys
if int(sys.version[0]) < 2:
print "Content-Type: text/plain\n"
print "Roundup requires Python 2.0 or newer."
sys.exit(0)
import os, urllib, StringIO, traceback, cgi, binascii, string, getopt, imp
import BaseHTTPServer
import SimpleHTTPServer
# Roundup modules of use here
from roundup import cgitb, cgi_client
import roundup.instance
#
## Configuration
#
# This indicates where the Roundup instance lives
ROUNDUP_INSTANCE_HOMES = {
'bar': '/tmp/bar',
}
# Where to log debugging information to. Use an instance of DevNull if you
# don't want to log anywhere.
# TODO: actually use this stuff
#class DevNull:
# def write(self, info):
# pass
#LOG = open('/var/log/roundup.cgi.log', 'a')
#LOG = DevNull()
#
## end configuration
#
class RoundupRequestHandler(SimpleHTTPServer.SimpleHTTPRequestHandler):
ROUNDUP_INSTANCE_HOMES = ROUNDUP_INSTANCE_HOMES
def send_head(self):
"""Version of send_head that support CGI scripts"""
# TODO: actually do the HEAD ...
return self.run_cgi()
def run_cgi(self):
""" Execute the CGI command. Wrap an innner call in an error
handler so all errors can be caught.
"""
save_stdin = sys.stdin
sys.stdin = self.rfile
try:
self.inner_run_cgi()
except cgi_client.Unauthorised:
self.wfile.write('Content-Type: text/html\n')
self.wfile.write('Status: 403\n')
self.wfile.write('Unauthorised')
except:
try:
reload(cgitb)
self.wfile.write("Content-Type: text/html\n\n")
self.wfile.write(cgitb.breaker())
self.wfile.write(cgitb.html())
except:
self.wfile.write("Content-Type: text/html\n\n")
self.wfile.write("<pre>")
s = StringIO.StringIO()
traceback.print_exc(None, s)
self.wfile.write(cgi.escape(s.getvalue()))
self.wfile.write("</pre>\n")
sys.stdin = save_stdin
def inner_run_cgi(self):
''' This is the inner part of the CGI handling
'''
rest = self.path
i = rest.rfind('?')
if i >= 0:
rest, query = rest[:i], rest[i+1:]
else:
query = ''
# figure the instance
if rest == '/':
raise ValueError, 'No instance specified'
l_path = string.split(rest, '/')
instance = urllib.unquote(l_path[1])
if self.ROUNDUP_INSTANCE_HOMES.has_key(instance):
instance_home = self.ROUNDUP_INSTANCE_HOMES[instance]
instance = roundup.instance.open(instance_home)
else:
raise ValueError, 'No such instance "%s"'%instance
# figure out what the rest of the path is
if len(l_path) > 2:
rest = '/'.join(l_path[2:])
else:
rest = '/'
# Set up the CGI environment
env = {}
env['REQUEST_METHOD'] = self.command
env['PATH_INFO'] = urllib.unquote(rest)
if query:
env['QUERY_STRING'] = query
host = self.address_string()
if self.headers.typeheader is None:
env['CONTENT_TYPE'] = self.headers.type
else:
env['CONTENT_TYPE'] = self.headers.typeheader
length = self.headers.getheader('content-length')
if length:
env['CONTENT_LENGTH'] = length
co = filter(None, self.headers.getheaders('cookie'))
if co:
env['HTTP_COOKIE'] = ', '.join(co)
env['SCRIPT_NAME'] = ''
env['SERVER_NAME'] = self.server.server_name
env['SERVER_PORT'] = str(self.server.server_port)
decoded_query = query.replace('+', ' ')
# if root, setuid to nobody
# TODO why isn't this done much earlier? - say, in main()?
if not os.getuid():
nobody = nobody_uid()
os.setuid(nobody)
# reload all modules
# TODO check for file timestamp changes and dependencies
#reload(date)
#reload(hyperdb)
#reload(roundupdb)
#reload(htmltemplate)
#reload(cgi_client)
#sys.path.insert(0, module_path)
#try:
# reload(instance)
#finally:
# del sys.path[0]
# initialise the roundupdb, check for auth
db = instance.open('admin')
message = 'Unauthorised'
auth = self.headers.getheader('authorization')
if auth:
l = binascii.a2b_base64(auth.split(' ')[1]).split(':')
user = l[0]
password = None
if len(l) > 1:
password = l[1]
try:
uid = db.user.lookup(user)
except KeyError:
auth = None
message = 'Username not recognised'
else:
if password != db.user.get(uid, 'password'):
message = 'Incorrect password'
auth = None
db.close()
del db
if not auth:
self.send_response(401)
self.send_header('Content-Type', 'text/html')
self.send_header('WWW-Authenticate', 'basic realm="Roundup"')
self.end_headers()
self.wfile.write(message)
return
self.send_response(200, "Script output follows")
# do the roundup thang
db = instance.open(user)
client = instance.Client(self.wfile, db, env, user)
client.main()
do_POST = run_cgi
nobody = None
def nobody_uid():
"""Internal routine to get nobody's uid"""
global nobody
if nobody:
return nobody
try:
import pwd
except ImportError:
return -1
try:
nobody = pwd.getpwnam('nobody')[2]
except KeyError:
nobody = 1 + max(map(lambda x: x[2], pwd.getpwall()))
return nobody
def usage(message=''):
if message: message = 'Error: %s\n'%message
print '''%sUsage:
roundup-server [-n hostname] [-p port] [name=instance home]*
-n: sets the host name
-p: sets the port to listen on
name=instance home
Sets the instance home(s) to use. The name is how the instance is
identified in the URL (it's the first part of the URL path). The
instance home is the directory that was identified when you did
"roundup-admin init". You may specify any number of these name=home
pairs on the command-line. For convenience, you may edit the
ROUNDUP_INSTANCE_HOMES variable in the roundup-server file instead.
'''%message
sys.exit(0)
def main():
hostname = ''
port = 8080
try:
# handle the command-line args
optlist, args = getopt.getopt(sys.argv[1:], 'n:p:')
for (opt, arg) in optlist:
if opt == '-n': hostname = arg
elif opt == '-p': port = int(arg)
elif opt == '-h': usage()
# handle instance specs
if args:
d = {}
for arg in args:
name, home = string.split(arg, '=')
d[name] = home
RoundupRequestHandler.ROUNDUP_INSTANCE_HOMES = d
except:
type, value = sys.exc_info()[:2]
usage('%s: %s'%(type, value))
# we don't want the cgi module interpreting the command-line args ;)
sys.argv = sys.argv[:1]
address = (hostname, port)
httpd = BaseHTTPServer.HTTPServer(address, RoundupRequestHandler)
print 'Roundup server started on', address
httpd.serve_forever()
if __name__ == '__main__':
main()
#
# $Log: not supported by cvs2svn $
# Revision 1.10 2001/08/07 00:15:51 richard
# Added the copyright/license notice to (nearly) all files at request of
# Bizar Software.
#
# Revision 1.9 2001/08/05 07:44:36 richard
# Instances are now opened by a special function that generates a unique
# module name for the instances on import time.
#
# Revision 1.8 2001/08/03 01:28:33 richard
# Used the much nicer load_package, pointed out by Steve Majewski.
#
# Revision 1.7 2001/08/03 00:59:34 richard
# Instance import now imports the instance using imp.load_module so that
# we can have instance homes of "roundup" or other existing python package
# names.
#
# Revision 1.6 2001/07/29 07:01:39 richard
# Added vim command to all source so that we don't get no steenkin' tabs :)
#
# Revision 1.5 2001/07/24 01:07:59 richard
# Added command-line arg handling to roundup-server so it's more useful
# out-of-the-box.
#
# Revision 1.4 2001/07/23 10:31:45 richard
# disabled the reloading until it can be done properly
#
# Revision 1.3 2001/07/23 08:53:44 richard
# Fixed the ROUNDUPS decl in roundup-server
# Move the installation notes to INSTALL
#
# Revision 1.2 2001/07/23 04:05:05 anthonybaxter
# actually quit if python version wrong
#
# Revision 1.1 2001/07/23 03:46:48 richard
# moving the bin files to facilitate out-of-the-boxness
#
# Revision 1.1 2001/07/22 11:15:45 richard
# More Grande Splite stuff
#
#
# vim: set filetype=python ts=4 sw=4 et si