Commit | Line | Data |
---|---|---|
a2916c06 MW |
1 | ### -*-python-*- |
2 | ### | |
3 | ### CGI machinery | |
4 | ### | |
5 | ### (c) 2013 Mark Wooding | |
6 | ### | |
7 | ||
8 | ###----- Licensing notice --------------------------------------------------- | |
9 | ### | |
10 | ### This file is part of Chopwood: a password-changing service. | |
11 | ### | |
12 | ### Chopwood is free software; you can redistribute it and/or modify | |
13 | ### it under the terms of the GNU Affero General Public License as | |
14 | ### published by the Free Software Foundation; either version 3 of the | |
15 | ### License, or (at your option) any later version. | |
16 | ### | |
17 | ### Chopwood is distributed in the hope that it will be useful, | |
18 | ### but WITHOUT ANY WARRANTY; without even the implied warranty of | |
19 | ### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
20 | ### GNU Affero General Public License for more details. | |
21 | ### | |
22 | ### You should have received a copy of the GNU Affero General Public | |
23 | ### License along with Chopwood; if not, see | |
24 | ### <http://www.gnu.org/licenses/>. | |
25 | ||
26 | from __future__ import with_statement | |
27 | ||
28 | import contextlib as CTX | |
29 | import os as OS; ENV = OS.environ | |
30 | import re as RX | |
31 | import sys as SYS | |
32 | import time as T | |
33 | import traceback as TB | |
34 | ||
35 | from auto import HOME, PACKAGE, VERSION | |
36 | import config as CONF; CFG = CONF.CFG | |
37 | import format as F | |
38 | import output as O; OUT = O.OUT; PRINT = O.PRINT | |
39 | import subcommand as SC | |
40 | import util as U | |
41 | ||
42 | ###-------------------------------------------------------------------------- | |
43 | ### Configuration tweaks. | |
44 | ||
45 | _script_name = ENV.get('SCRIPT_NAME', '/cgi-bin/chpwd') | |
46 | ||
47 | CONF.DEFAULTS.update( | |
48 | ||
49 | ## The URL of this program, when it's run through CGI. | |
50 | SCRIPT_NAME = _script_name, | |
51 | ||
52 | ## A (maybe relative) URL for static content. By default this comes from | |
53 | ## the main script, but we hope that user agents cache it. | |
54 | STATIC = _script_name + '/static') | |
55 | ||
56 | ###-------------------------------------------------------------------------- | |
57 | ### Escaping and encoding. | |
58 | ||
59 | ## Some handy regular expressions. | |
60 | R_URLESC = RX.compile('%([0-9a-fA-F]{2})') | |
61 | R_URLBAD = RX.compile('[^-\\w,.!]') | |
62 | R_HTMLBAD = RX.compile('[&<>]') | |
63 | ||
64 | def urldecode(s): | |
65 | """Decode a single form-url-encoded string S.""" | |
66 | return R_URLESC.sub(lambda m: chr(int(m.group(1), 16)), | |
67 | s.replace('+', ' ')) | |
68 | return s | |
69 | ||
70 | def urlencode(s): | |
71 | """Encode a single string S using form-url-encoding.""" | |
72 | return R_URLBAD.sub(lambda m: '%%%02x' % ord(m.group(0)), s) | |
73 | ||
74 | def htmlescape(s): | |
75 | """Escape a literal string S so that HTML doesn't misinterpret it.""" | |
76 | return R_HTMLBAD.sub(lambda m: '&#x%02x;' % ord(m.group(0)), s) | |
77 | ||
78 | ## Some standard character sequences, and HTML entity names for prettier | |
79 | ## versions. | |
80 | _quotify = U.StringSubst({ | |
81 | "`": '‘', | |
82 | "'": '’', | |
83 | "``": '“', | |
84 | "''": '”', | |
85 | "--": '–', | |
86 | "---": '—' | |
87 | }) | |
88 | def html_quotify(s): | |
89 | """Return a pretty HTML version of S.""" | |
90 | return _quotify(htmlescape(s)) | |
91 | ||
92 | ###-------------------------------------------------------------------------- | |
93 | ### Output machinery. | |
94 | ||
95 | class HTTPOutput (O.FileOutput): | |
96 | """ | |
97 | Output driver providing an automatic HTTP header. | |
98 | ||
99 | The `headerp' attribute is true if we've written a header. The `header' | |
100 | method will print a custom header if this is wanted. | |
101 | """ | |
102 | ||
103 | def __init__(me, *args, **kw): | |
104 | """Constructor: initialize `headerp' flag.""" | |
105 | super(HTTPOutput, me).__init__(*args, **kw) | |
106 | me.headerp = False | |
107 | ||
108 | def write(me, msg): | |
109 | """Output protocol: print a header if we've not written one already.""" | |
110 | if not me.headerp: me.header('text/plain') | |
111 | super(HTTPOutput, me).write(msg) | |
112 | ||
113 | def header(me, content_type = 'text/plain', **kw): | |
114 | """ | |
115 | Print a header, if none has yet been printed. | |
116 | ||
117 | Keyword arguments can be passed to emit HTTP headers: see `http_header' | |
118 | for the formatting rules. | |
119 | """ | |
120 | if me.headerp: return | |
121 | me.headerp = True | |
122 | for h in O.http_headers(content_type = content_type, **kw): | |
123 | me.writeln(h) | |
124 | me.writeln('') | |
125 | ||
126 | def cookie(name, value, **kw): | |
127 | """ | |
128 | Return a HTTP `Set-Cookie' header. | |
129 | ||
130 | The NAME and VALUE give the name and value of the cookie; both are | |
131 | form-url-encoded to prevent misinterpretation (fortunately, `cgiparse' | |
132 | knows to undo this transformation). The KW are other attributes to | |
133 | declare: the names are forced to lower-case and underscores `_' are | |
134 | replaced by hyphens `-'; a `True' value is assumed to indicate that the | |
135 | attribute is boolean, and omitted. | |
136 | """ | |
137 | attr = {} | |
138 | for k, v in kw.iteritems(): | |
139 | k = '-'.join(i.lower() for i in k.split('_')) | |
140 | attr[k] = v | |
141 | try: maxage = int(attr['max-age']) | |
142 | except KeyError: pass | |
143 | else: | |
144 | attr['expires'] = T.strftime('%a, %d %b %Y %H:%M:%S GMT', | |
145 | T.gmtime(U.NOW + maxage)) | |
146 | return '; '.join(['%s=%s' % (urlencode(name), urlencode(value))] + | |
147 | [v is not True and '%s=%s' % (k, v) or k | |
148 | for k, v in attr.iteritems()]) | |
149 | ||
150 | def action(*v, **kw): | |
151 | """ | |
152 | Build a URL invoking this script. | |
153 | ||
154 | The positional arguments V are used to construct a path which is appended | |
155 | to the (deduced or configured) script name (and presumably will be read | |
156 | back as `PATH_INFO'). The keyword arguments are (form-url-encoded and) | |
157 | appended as a query string, if present. | |
158 | """ | |
159 | url = '/'.join([CFG.SCRIPT_NAME] + list(v)) | |
160 | if kw: | |
161 | url += '?' + ';'.join('%s=%s' % (urlencode(k), urlencode(kw[k])) | |
162 | for k in sorted(kw)) | |
163 | return htmlescape(url) | |
164 | ||
165 | def static(name): | |
166 | """Build a URL for the static file NAME.""" | |
167 | return htmlescape(CFG.STATIC + '/' + name) | |
168 | ||
a2916c06 MW |
169 | def redirect(where, **kw): |
170 | """ | |
171 | Write a complete redirection to some other URL. | |
172 | """ | |
173 | OUT.header(content_type = 'text/html', | |
174 | status = 302, location = where, | |
175 | **kw) | |
176 | PRINT("""\ | |
177 | <html> | |
178 | <head><title>No, sorry, it's moved again.</title></head> | |
179 | <body><p>I'm <a href="%s">over here</a> now.<body> | |
180 | </html>""" % htmlescape(where)) | |
181 | ||
182 | ###-------------------------------------------------------------------------- | |
183 | ### Templates. | |
184 | ||
185 | ## Where we find our templates. | |
186 | TMPLDIR = HOME | |
187 | ||
188 | ## Keyword arguments for templates. | |
189 | STATE = U.Fluid() | |
190 | STATE.kw = {} | |
191 | ||
192 | ## Set some basic keyword arguments. | |
193 | @CONF.hook | |
194 | def set_template_keywords(): | |
195 | STATE.kw.update( | |
196 | package = PACKAGE, | |
197 | version = VERSION, | |
198 | script = CFG.SCRIPT_NAME, | |
199 | static = CFG.STATIC) | |
200 | ||
201 | class TemplateFinder (object): | |
202 | """ | |
203 | A magical fake dictionary whose keys are templates. | |
204 | """ | |
205 | def __init__(me, dir): | |
206 | me._cache = {} | |
207 | me._dir = dir | |
208 | def __getitem__(me, key): | |
209 | try: return me._cache[key] | |
210 | except KeyError: pass | |
211 | with open(OS.path.join(me._dir, key)) as f: tmpl = f.read() | |
212 | me._cache[key] = tmpl | |
213 | return tmpl | |
214 | TMPL = TemplateFinder(TMPLDIR) | |
215 | ||
216 | @CTX.contextmanager | |
217 | def tmplkw(**kw): | |
218 | """ | |
219 | Context manager: execute the body with additional keyword arguments | |
220 | """ | |
221 | d = dict() | |
222 | d.update(STATE.kw) | |
223 | d.update(kw) | |
224 | with STATE.bind(kw = d): yield | |
225 | ||
226 | FORMATOPS = {} | |
227 | ||
228 | class FormatHTML (F.SimpleFormatOperation): | |
229 | """ | |
230 | ~H: escape output suitable for inclusion in HTML. | |
231 | ||
232 | With `:', instead apply form-urlencoding. | |
233 | """ | |
234 | def _convert(me, arg): | |
235 | if me.colonp: return html_quotify(arg) | |
236 | else: return htmlescape(arg) | |
237 | FORMATOPS['H'] = FormatHTML | |
238 | ||
239 | def format_tmpl(control, **kw): | |
240 | with F.COMPILE.bind(opmaps = [FORMATOPS, F.BASEOPS]): | |
241 | with tmplkw(**kw): | |
242 | F.format(OUT, control, **STATE.kw) | |
243 | ||
244 | def page(template, header = {}, title = 'Chopwood', **kw): | |
245 | header = dict(header, content_type = 'text/html') | |
246 | OUT.header(**header) | |
247 | format_tmpl(TMPL['wrapper.fhtml'], | |
248 | title = title, payload = TMPL[template], **kw) | |
249 | ||
250 | ###-------------------------------------------------------------------------- | |
251 | ### Error reporting. | |
252 | ||
a2916c06 MW |
253 | @CTX.contextmanager |
254 | def cgi_errors(hook = None): | |
255 | """ | |
256 | Context manager: report errors in the body as useful HTML. | |
257 | ||
258 | If HOOK is given, then call it before reporting errors. It may have set up | |
259 | useful stuff. | |
260 | """ | |
261 | try: | |
262 | yield None | |
263 | except Exception, e: | |
264 | if hook: hook() | |
265 | if isinstance(e, U.ExpectedError) and not OUT.headerp: | |
266 | page('error.fhtml', | |
267 | headers = dict(status = e.code), | |
268 | title = 'Chopwood: error', error = e) | |
269 | else: | |
270 | exty, exval, extb = SYS.exc_info() | |
271 | with tmplkw(exception = TB.format_exception_only(exty, exval), | |
272 | traceback = TB.extract_tb(extb), | |
273 | PARAM = sorted(PARAM), | |
274 | COOKIE = sorted(COOKIE.items()), | |
275 | PATH = PATH, | |
276 | ENV = sorted(ENV.items())): | |
277 | if OUT.headerp: | |
278 | format_tmpl(TMPL['exception.fhtml'], toplevel = False) | |
279 | else: | |
280 | page('exception.fhtml', | |
281 | headers = dict(status = 500), | |
282 | title = 'Chopwood: internal error', | |
283 | toplevel = True) | |
284 | ||
285 | ###-------------------------------------------------------------------------- | |
286 | ### CGI input. | |
287 | ||
288 | ## Lots of global variables to be filled in by `cgiparse'. | |
289 | COOKIE = {} | |
290 | SPECIAL = {} | |
291 | PARAM = [] | |
292 | PARAMDICT = {} | |
293 | PATH = [] | |
294 | ||
295 | ## Regular expressions for splitting apart query and cookie strings. | |
296 | R_QSPLIT = RX.compile('[;&]') | |
297 | R_CSPLIT = RX.compile(';') | |
298 | ||
299 | def split_keyvalue(string, delim, default): | |
300 | """ | |
301 | Split a STRING, and generate the resulting KEY=VALUE pairs. | |
302 | ||
303 | The string is split at DELIM; the components are parsed into KEY[=VALUE] | |
304 | pairs. The KEYs and VALUEs are stripped of leading and trailing | |
305 | whitespace, and form-url-decoded. If the VALUE is omitted, then the | |
306 | DEFAULT is used unless the DEFAULT is `None' in which case the component is | |
307 | simply ignored. | |
308 | """ | |
309 | for kv in delim.split(string): | |
310 | try: | |
311 | k, v = kv.split('=', 1) | |
312 | except ValueError: | |
313 | if default is None: continue | |
314 | else: k, v = kv, default | |
315 | k, v = k.strip(), v.strip() | |
316 | if not k: continue | |
317 | k, v = urldecode(k), urldecode(v) | |
318 | yield k, v | |
319 | ||
320 | def cgiparse(): | |
321 | """ | |
322 | Process all of the various exciting CGI environment variables. | |
323 | ||
324 | We read environment variables and populate some tables left in global | |
325 | variables: it's all rather old-school. Variables set are as follows. | |
326 | ||
327 | `COOKIE' | |
328 | A dictionary mapping cookie names to the values provided by the user | |
329 | agent. | |
330 | ||
331 | `SPECIAL' | |
332 | A dictionary holding some special query parameters which are of | |
333 | interest at a global level, and should not be passed to a subcommand | |
334 | handler. No new entries will be added to this dictionary, though | |
335 | values will be modified to reflect the query parameters discovered. | |
336 | Conventionally, such parameters have names beginning with `%'. | |
337 | ||
338 | `PARAM' | |
339 | The query parameters as a list of (KEY, VALUE) pairs. Special | |
340 | parameters are omitted. | |
341 | ||
342 | `PARAMDICT' | |
343 | The query parameters as a dictionary. Special parameters, and | |
344 | parameters which appear more than once, are omitted. | |
345 | ||
346 | `PATH' | |
347 | The trailing `PATH_INFO' path, split at `/' markers, with any | |
348 | trailing empty component removed. | |
349 | """ | |
350 | ||
351 | def getenv(var): | |
352 | try: return ENV[var] | |
353 | except KeyError: raise U.ExpectedError, (500, "No `%s' supplied" % var) | |
354 | ||
355 | ## Yes, we want the request method. | |
356 | method = getenv('REQUEST_METHOD') | |
357 | ||
358 | ## Acquire the query string. | |
359 | if method == 'GET': | |
360 | q = getenv('QUERY_STRING') | |
361 | ||
362 | elif method == 'POST': | |
363 | ||
364 | ## We must read the query string from stdin. | |
365 | n = getenv('CONTENT_LENGTH') | |
366 | if not n.isdigit(): | |
367 | raise U.ExpectedError, (500, "Invalid CONTENT_LENGTH") | |
368 | n = int(n, 10) | |
369 | if getenv('CONTENT_TYPE') != 'application/x-www-form-urlencoded': | |
370 | raise U.ExpectedError, (500, "Unexpected content type `%s'" % ct) | |
371 | q = SYS.stdin.read(n) | |
372 | if len(q) != n: | |
373 | raise U.ExpectedError, (500, "Failed to read correct length") | |
374 | ||
375 | else: | |
376 | raise U.ExpectedError, (500, "Unexpected request method `%s'" % method) | |
377 | ||
378 | ## Populate the `SPECIAL', `PARAM' and `PARAMDICT' tables. | |
379 | seen = set() | |
380 | for k, v in split_keyvalue(q, R_QSPLIT, 't'): | |
381 | if k in SPECIAL: | |
382 | SPECIAL[k] = v | |
383 | else: | |
384 | PARAM.append((k, v)) | |
385 | if k in seen: | |
386 | del PARAMDICT[k] | |
387 | else: | |
388 | PARAMDICT[k] = v | |
389 | seen.add(k) | |
390 | ||
391 | ## Parse out the cookies, if any. | |
392 | try: c = ENV['HTTP_COOKIE'] | |
393 | except KeyError: pass | |
394 | else: | |
395 | for k, v in split_keyvalue(c, R_CSPLIT, None): COOKIE[k] = v | |
396 | ||
397 | ## Set up the `PATH'. | |
398 | try: p = ENV['PATH_INFO'] | |
399 | except KeyError: pass | |
400 | else: | |
401 | pp = p.lstrip('/').split('/') | |
402 | if pp and not pp[-1]: pp.pop() | |
403 | PATH[:] = pp | |
404 | ||
405 | ###-------------------------------------------------------------------------- | |
406 | ### CGI subcommands. | |
407 | ||
408 | class Subcommand (SC.Subcommand): | |
409 | """ | |
410 | A CGI subcommand object. | |
411 | ||
412 | As for `subcommand.Subcommand', but with additional protocol for processing | |
413 | CGI parameters. | |
414 | """ | |
415 | ||
416 | def cgi(me, param, path): | |
417 | """ | |
418 | Invoke the subcommand given a collection of CGI parameters. | |
419 | ||
420 | PARAM is a list of (KEY, VALUE) pairs from the CGI query. The CGI query | |
421 | parameters are checked against the subcommand's parameters (making sure | |
422 | that mandatory parameters are supplied, that any switches are given | |
423 | boolean values, and that only the `rest' parameter, if any, is | |
424 | duplicated). | |
425 | ||
426 | PATH is a list of trailing path components. They are used to satisfy the | |
427 | `rest' parameter if there is one and there are no query parameters which | |
428 | satisfy the `rest' parameter; otherwise, an `ExpectedError' is raised if | |
429 | the list of path elements is non-empty. | |
430 | """ | |
431 | ||
432 | ## We're going to make a pass over the supplied parameters, and we'll | |
433 | ## check them off against the formal parameters as we go; so we'll need | |
434 | ## to be able to look them up. We'll also keep track of the ones we've | |
435 | ## seen so that we can make sure that all of the mandatory parameters | |
436 | ## were actually supplied. | |
437 | ## | |
438 | ## To that end: `want' is a dictionary mapping parameter names to | |
439 | ## functions which will do something useful with the value; `seen' is a | |
440 | ## set of the parameters which have been assigned; and `kw' is going to | |
441 | ## be the keyword-argument dictionary we pass to the handler function. | |
442 | want = {} | |
443 | kw = {} | |
444 | ||
445 | def set_value(k, v): | |
446 | """Set a simple value: we shouldn't see multiple values.""" | |
447 | if k in kw: | |
448 | raise U.ExpectedError, (400, "Repeated parameter `%s'" % k) | |
449 | kw[k] = v | |
450 | def set_bool(k, v): | |
451 | """Set a simple boolean value: for switches.""" | |
452 | set_value(k, v.lower() in ['true', 't', 'yes', 'y']) | |
453 | def set_list(k, v): | |
454 | """Append the value to a list: for the `rest' parameter.""" | |
455 | kw.setdefault(k, []).append(v) | |
456 | ||
457 | ## Set up the `want' map. | |
458 | for o in me.opts: | |
459 | if o.argname: want[o.name] = set_value | |
460 | else: want[o.name] = set_bool | |
461 | for p in me.params: want[p.name] = set_value | |
462 | for p in me.oparams: want[p.name] = set_value | |
463 | if me.rparam: want[me.rparam.name] = set_list | |
464 | ||
465 | ## Work through the list of supplied parameters. | |
466 | for k, v in param: | |
467 | try: | |
468 | f = want[k] | |
469 | except KeyError: | |
470 | if v: | |
471 | raise U.ExpectedError, (400, "Unexpected parameter `%s'" % k) | |
472 | else: | |
473 | f(k, v) | |
474 | ||
475 | ## Deal with a path, if there is one. | |
476 | if path: | |
477 | if me.rparam and me.rparam.name not in kw: | |
478 | kw[me.rparam.name] = path | |
479 | else: | |
480 | raise U.ExpectedError, (404, "Superfluous path elements") | |
481 | ||
482 | ## Make sure we saw all of the mandatory parameters. | |
483 | for p in me.params: | |
484 | if p.name not in kw: | |
485 | raise U.ExpectedError, (400, "Missing parameter `%s'" % p.name) | |
486 | ||
487 | ## Invoke the subcommand. | |
488 | me.func(**kw) | |
489 | ||
490 | def subcommand(name, contexts, desc, cls = Subcommand, *args, **kw): | |
491 | """Decorator for defining CGI subcommands.""" | |
492 | return SC.subcommand(name, contexts, desc, cls = cls, *args, **kw) | |
493 | ||
494 | ###----- That's all, folks -------------------------------------------------- |