1 #
2 # Copyright (c) 2001 Bizar Software Pty Ltd (http://www.bizarsoftware.com.au/)
3 # This module is free software, and you may redistribute it and/or modify
4 # under the same terms as Python, so long as this copyright message and
5 # disclaimer are retained in their original form.
6 #
7 # IN NO EVENT SHALL BIZAR SOFTWARE PTY LTD BE LIABLE TO ANY PARTY FOR
8 # DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING
9 # OUT OF THE USE OF THIS CODE, EVEN IF THE AUTHOR HAS BEEN ADVISED OF THE
10 # POSSIBILITY OF SUCH DAMAGE.
11 #
12 # BIZAR SOFTWARE PTY LTD SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING,
13 # BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
14 # FOR A PARTICULAR PURPOSE. THE CODE PROVIDED HEREUNDER IS ON AN "AS IS"
15 # BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE,
16 # SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
17 #
18 # $Id: cgi_client.py,v 1.121 2002-05-21 06:08:10 richard Exp $
20 __doc__ = """
21 WWW request handler (also used in the stand-alone server).
22 """
24 import os, cgi, StringIO, urlparse, re, traceback, mimetypes, urllib
25 import binascii, Cookie, time, random
27 import roundupdb, htmltemplate, date, hyperdb, password
28 from roundup.i18n import _
30 class Unauthorised(ValueError):
31 pass
33 class NotFound(ValueError):
34 pass
36 class Client:
37 '''
38 A note about login
39 ------------------
41 If the user has no login cookie, then they are anonymous. There
42 are two levels of anonymous use. If there is no 'anonymous' user, there
43 is no login at all and the database is opened in read-only mode. If the
44 'anonymous' user exists, the user is logged in using that user (though
45 there is no cookie). This allows them to modify the database, and all
46 modifications are attributed to the 'anonymous' user.
47 '''
49 def __init__(self, instance, request, env, form=None):
50 hyperdb.traceMark()
51 self.instance = instance
52 self.request = request
53 self.env = env
54 self.path = env['PATH_INFO']
55 self.split_path = self.path.split('/')
56 self.instance_path_name = env['INSTANCE_NAME']
57 url = self.env['SCRIPT_NAME'] + '/'
58 machine = self.env['SERVER_NAME']
59 port = self.env['SERVER_PORT']
60 if port != '80': machine = machine + ':' + port
61 self.base = urlparse.urlunparse(('http', env['HTTP_HOST'], url,
62 None, None, None))
64 if form is None:
65 self.form = cgi.FieldStorage(environ=env)
66 else:
67 self.form = form
68 self.headers_done = 0
69 try:
70 self.debug = int(env.get("ROUNDUP_DEBUG", 0))
71 except ValueError:
72 # someone gave us a non-int debug level, turn it off
73 self.debug = 0
75 def getuid(self):
76 return self.db.user.lookup(self.user)
78 def header(self, headers=None):
79 '''Put up the appropriate header.
80 '''
81 if headers is None:
82 headers = {'Content-Type':'text/html'}
83 if not headers.has_key('Content-Type'):
84 headers['Content-Type'] = 'text/html'
85 self.request.send_response(200)
86 for entry in headers.items():
87 self.request.send_header(*entry)
88 self.request.end_headers()
89 self.headers_done = 1
90 if self.debug:
91 self.headers_sent = headers
93 global_javascript = '''
94 <script language="javascript">
95 submitted = false;
96 function submit_once() {
97 if (submitted) {
98 alert("Your request is being processed.\\nPlease be patient.");
99 return 0;
100 }
101 submitted = true;
102 return 1;
103 }
105 function help_window(helpurl, width, height) {
106 HelpWin = window.open('%(base)s%(instance_path_name)s/' + helpurl, 'HelpWindow', 'scrollbars=yes,resizable=yes,toolbar=no,height='+height+',width='+width);
107 }
109 </script>
110 '''
111 def make_index_link(self, name):
112 '''Turn a configuration entry into a hyperlink...
113 '''
114 # get the link label and spec
115 spec = getattr(self.instance, name+'_INDEX')
117 d = {}
118 d[':sort'] = ','.join(map(urllib.quote, spec['SORT']))
119 d[':group'] = ','.join(map(urllib.quote, spec['GROUP']))
120 d[':filter'] = ','.join(map(urllib.quote, spec['FILTER']))
121 d[':columns'] = ','.join(map(urllib.quote, spec['COLUMNS']))
123 # snarf the filterspec
124 filterspec = spec['FILTERSPEC'].copy()
126 # now format the filterspec
127 for k, l in filterspec.items():
128 # fix up the CURRENT USER if needed (handle None too since that's
129 # the old flag value)
130 if l in (None, 'CURRENT USER'):
131 l = [self.db.user.lookup(self.user)]
133 # add
134 d[urllib.quote(k)] = ','.join(map(urllib.quote, l))
136 # finally, format the URL
137 return '<a href="%s?%s">%s</a>'%(spec['CLASS'],
138 '&'.join([k+'='+v for k,v in d.items()]), spec['LABEL'])
141 def pagehead(self, title, message=None):
142 '''Display the page heading, with information about the tracker and
143 links to more information
144 '''
146 # include any important message
147 if message is not None:
148 message = _('<div class="system-msg">%(message)s</div>')%locals()
149 else:
150 message = ''
152 # style sheet (CSS)
153 style = open(os.path.join(self.instance.TEMPLATES, 'style.css')).read()
155 # figure who the user is
156 user_name = self.user or ''
157 if user_name not in ('', 'anonymous'):
158 userid = self.db.user.lookup(self.user)
159 else:
160 userid = None
162 # figure all the header links
163 if hasattr(self.instance, 'HEADER_INDEX_LINKS'):
164 links = []
165 for name in self.instance.HEADER_INDEX_LINKS:
166 spec = getattr(self.instance, name + '_INDEX')
167 # skip if we need to fill in the logged-in user id there's
168 # no user logged in
169 if (spec['FILTERSPEC'].has_key('assignedto') and
170 spec['FILTERSPEC']['assignedto'] is None and
171 userid is None):
172 continue
173 links.append(self.make_index_link(name))
174 else:
175 # no config spec - hard-code
176 links = [
177 _('All <a href="issue?status=-1,unread,deferred,chatting,need-eg,in-progress,testing,done-cbb&:sort=-activity&:filter=status&:columns=id,activity,status,title,assignedto&:group=priority&show_customization=1">Issues</a>'),
178 _('Unassigned <a href="issue?assignedto=-1&status=-1,unread,deferred,chatting,need-eg,in-progress,testing,done-cbb&:sort=-activity&:filter=status,assignedto&:columns=id,activity,status,title,assignedto&:group=priority&show_customization=1">Issues</a>')
179 ]
181 # if they're logged in, include links to their information, and the
182 # ability to add an issue
183 if user_name not in ('', 'anonymous'):
184 user_info = _('''
185 <a href="user%(userid)s">My Details</a> | <a href="logout">Logout</a>
186 ''')%locals()
188 # figure the "add class" links
189 if hasattr(self.instance, 'HEADER_ADD_LINKS'):
190 classes = self.instance.HEADER_ADD_LINKS
191 else:
192 classes = ['issue']
193 l = []
194 for class_name in classes:
195 cap_class = class_name.capitalize()
196 links.append(_('Add <a href="new%(class_name)s">'
197 '%(cap_class)s</a>')%locals())
199 # if there's no config header link spec, force a user link here
200 if not hasattr(self.instance, 'HEADER_INDEX_LINKS'):
201 links.append(_('<a href="issue?assignedto=%(userid)s&status=-1,unread,chatting,open,pending&:filter=status,resolution,assignedto&:sort=-activity&:columns=id,activity,status,resolution,title,creator&:group=type&show_customization=1">My Issues</a>')%locals())
202 else:
203 user_info = _('<a href="login">Login</a>')
204 add_links = ''
206 # if the user is admin, include admin links
207 admin_links = ''
208 if user_name == 'admin':
209 links.append(_('<a href="list_classes">Class List</a>'))
210 links.append(_('<a href="user">User List</a>'))
211 links.append(_('<a href="newuser">Add User</a>'))
213 # now we have all the links, join 'em
214 links = '\n | '.join(links)
216 # include the javascript bit
217 global_javascript = self.global_javascript%self.__dict__
219 # finally, format the header
220 self.write(_('''<html><head>
221 <title>%(title)s</title>
222 <style type="text/css">%(style)s</style>
223 </head>
224 %(global_javascript)s
225 <body bgcolor=#ffffff>
226 %(message)s
227 <table width=100%% border=0 cellspacing=0 cellpadding=2>
228 <tr class="location-bar"><td><big><strong>%(title)s</strong></big></td>
229 <td align=right valign=bottom>%(user_name)s</td></tr>
230 <tr class="location-bar">
231 <td align=left>%(links)s</td>
232 <td align=right>%(user_info)s</td>
233 </table>
234 ''')%locals())
236 def pagefoot(self):
237 if self.debug:
238 self.write(_('<hr><small><dl><dt><b>Path</b></dt>'))
239 self.write('<dd>%s</dd>'%(', '.join(map(repr, self.split_path))))
240 keys = self.form.keys()
241 keys.sort()
242 if keys:
243 self.write(_('<dt><b>Form entries</b></dt>'))
244 for k in self.form.keys():
245 v = self.form.getvalue(k, "<empty>")
246 if type(v) is type([]):
247 # Multiple username fields specified
248 v = "|".join(v)
249 self.write('<dd><em>%s</em>=%s</dd>'%(k, cgi.escape(v)))
250 keys = self.headers_sent.keys()
251 keys.sort()
252 self.write(_('<dt><b>Sent these HTTP headers</b></dt>'))
253 for k in keys:
254 v = self.headers_sent[k]
255 self.write('<dd><em>%s</em>=%s</dd>'%(k, cgi.escape(v)))
256 keys = self.env.keys()
257 keys.sort()
258 self.write(_('<dt><b>CGI environment</b></dt>'))
259 for k in keys:
260 v = self.env[k]
261 self.write('<dd><em>%s</em>=%s</dd>'%(k, cgi.escape(v)))
262 self.write('</dl></small>')
263 self.write('</body></html>')
265 def write(self, content):
266 if not self.headers_done:
267 self.header()
268 self.request.wfile.write(content)
270 def index_arg(self, arg):
271 ''' handle the args to index - they might be a list from the form
272 (ie. submitted from a form) or they might be a command-separated
273 single string (ie. manually constructed GET args)
274 '''
275 if self.form.has_key(arg):
276 arg = self.form[arg]
277 if type(arg) == type([]):
278 return [arg.value for arg in arg]
279 return arg.value.split(',')
280 return []
282 def index_filterspec(self, filter):
283 ''' pull the index filter spec from the form
285 Links and multilinks want to be lists - the rest are straight
286 strings.
287 '''
288 props = self.db.classes[self.classname].getprops()
289 # all the form args not starting with ':' are filters
290 filterspec = {}
291 for key in self.form.keys():
292 if key[0] == ':': continue
293 if not props.has_key(key): continue
294 if key not in filter: continue
295 prop = props[key]
296 value = self.form[key]
297 if (isinstance(prop, hyperdb.Link) or
298 isinstance(prop, hyperdb.Multilink)):
299 if type(value) == type([]):
300 value = [arg.value for arg in value]
301 else:
302 value = value.value.split(',')
303 l = filterspec.get(key, [])
304 l = l + value
305 filterspec[key] = l
306 else:
307 filterspec[key] = value.value
308 return filterspec
310 def customization_widget(self):
311 ''' The customization widget is visible by default. The widget
312 visibility is remembered by show_customization. Visibility
313 is not toggled if the action value is "Redisplay"
314 '''
315 if not self.form.has_key('show_customization'):
316 visible = 1
317 else:
318 visible = int(self.form['show_customization'].value)
319 if self.form.has_key('action'):
320 if self.form['action'].value != 'Redisplay':
321 visible = self.form['action'].value == '+'
323 return visible
325 # TODO: make this go away some day...
326 default_index_sort = ['-activity']
327 default_index_group = ['priority']
328 default_index_filter = ['status']
329 default_index_columns = ['id','activity','title','status','assignedto']
330 default_index_filterspec = {'status': ['1', '2', '3', '4', '5', '6', '7']}
332 def index(self):
333 ''' put up an index - no class specified
334 '''
335 # see if the web has supplied us with any customisation info
336 defaults = 1
337 for key in ':sort', ':group', ':filter', ':columns':
338 if self.form.has_key(key):
339 defaults = 0
340 break
341 if defaults:
342 # try the instance config first
343 if hasattr(self.instance, 'DEFAULT_INDEX'):
344 d = self.instance.DEFAULT_INDEX
345 self.classname = d['CLASS']
346 sort = d['SORT']
347 group = d['GROUP']
348 filter = d['FILTER']
349 columns = d['COLUMNS']
350 filterspec = d['FILTERSPEC']
352 else:
353 # nope - fall back on the old way of doing it
354 self.classname = 'issue'
355 sort = self.default_index_sort
356 group = self.default_index_group
357 filter = self.default_index_filter
358 columns = self.default_index_columns
359 filterspec = self.default_index_filterspec
360 else:
361 # make list() extract the info from the CGI environ
362 self.classname = 'issue'
363 sort = group = filter = columns = filterspec = None
364 return self.list(columns=columns, filter=filter, group=group,
365 sort=sort, filterspec=filterspec)
367 # XXX deviates from spec - loses the '+' (that's a reserved character
368 # in URLS
369 def list(self, sort=None, group=None, filter=None, columns=None,
370 filterspec=None, show_customization=None):
371 ''' call the template index with the args
373 :sort - sort by prop name, optionally preceeded with '-'
374 to give descending or nothing for ascending sorting.
375 :group - group by prop name, optionally preceeded with '-' or
376 to sort in descending or nothing for ascending order.
377 :filter - selects which props should be displayed in the filter
378 section. Default is all.
379 :columns - selects the columns that should be displayed.
380 Default is all.
382 '''
383 cn = self.classname
384 cl = self.db.classes[cn]
385 self.pagehead(_('%(instancename)s: Index of %(classname)s')%{
386 'classname': cn, 'instancename': self.instance.INSTANCE_NAME})
387 if sort is None: sort = self.index_arg(':sort')
388 if group is None: group = self.index_arg(':group')
389 if filter is None: filter = self.index_arg(':filter')
390 if columns is None: columns = self.index_arg(':columns')
391 if filterspec is None: filterspec = self.index_filterspec(filter)
392 if show_customization is None:
393 show_customization = self.customization_widget()
395 index = htmltemplate.IndexTemplate(self, self.instance.TEMPLATES, cn)
396 try:
397 index.render(filterspec, filter, columns, sort, group,
398 show_customization=show_customization)
399 except htmltemplate.MissingTemplateError:
400 self.basicClassEditPage()
401 self.pagefoot()
403 def basicClassEditPage(self):
404 '''Display a basic edit page that allows simple editing of the
405 nodes of the current class
406 '''
407 if self.user != 'admin':
408 raise Unauthorised
409 w = self.write
410 cn = self.classname
411 cl = self.db.classes[cn]
412 idlessprops = cl.getprops(protected=0).keys()
413 props = ['id'] + idlessprops
416 # get the CSV module
417 try:
418 import csv
419 except ImportError:
420 w(_('Sorry, you need the csv module to use this function.<br>\n'
421 'Get it from: <a href="http://www.object-craft.com.au/projects/csv/">http://www.object-craft.com.au/projects/csv/'))
422 return
424 # do the edit
425 if self.form.has_key('rows'):
426 rows = self.form['rows'].value.splitlines()
427 p = csv.parser()
428 found = {}
429 line = 0
430 for row in rows:
431 line += 1
432 values = p.parse(row)
433 # not a complete row, keep going
434 if not values: continue
436 # extract the nodeid
437 nodeid, values = values[0], values[1:]
438 found[nodeid] = 1
440 # confirm correct weight
441 if len(idlessprops) != len(values):
442 w(_('Not enough values on line %(line)s'%{'line':line}))
443 return
445 # extract the new values
446 d = {}
447 for name, value in zip(idlessprops, values):
448 d[name] = value.strip()
450 # perform the edit
451 if cl.hasnode(nodeid):
452 # edit existing
453 cl.set(nodeid, **d)
454 else:
455 # new node
456 found[cl.create(**d)] = 1
458 # retire the removed entries
459 for nodeid in cl.list():
460 if not found.has_key(nodeid):
461 cl.retire(nodeid)
463 w(_('''<p class="form-help">You may edit the contents of the
464 "%(classname)s" class using this form. The lines are full-featured
465 Comma-Separated-Value lines, so you may include commas and even
466 newlines by enclosing the values in double-quotes ("). Double
467 quotes themselves must be quoted by doubling ("").</p>
468 <p class="form-help">Remove entries by deleting their line. Add
469 new entries by appending
470 them to the table - put an X in the id column.</p>''')%{'classname':cn})
472 l = []
473 for name in props:
474 l.append(name)
475 w('<tt>')
476 w(', '.join(l) + '\n')
477 w('</tt>')
479 w('<form onSubmit="return submit_once()" method="POST">')
480 w('<textarea name="rows" cols=80 rows=15>')
481 p = csv.parser()
482 for nodeid in cl.list():
483 l = []
484 for name in props:
485 l.append(cgi.escape(str(cl.get(nodeid, name))))
486 w(p.join(l) + '\n')
488 w(_('</textarea><br><input type="submit" value="Save Changes"></form>'))
490 def classhelp(self):
491 '''Display a table of class info
492 '''
493 w = self.write
494 cn = self.form['classname'].value
495 cl = self.db.classes[cn]
496 props = self.form['properties'].value.split(',')
498 w('<table border=1 cellspacing=0 cellpaddin=2>')
499 w('<tr>')
500 for name in props:
501 w('<th align=left>%s</th>'%name)
502 w('</tr>')
503 for nodeid in cl.list():
504 w('<tr>')
505 for name in props:
506 value = cgi.escape(str(cl.get(nodeid, name)))
507 w('<td align="left" valign="top">%s</td>'%value)
508 w('</tr>')
509 w('</table>')
511 def shownode(self, message=None):
512 ''' display an item
513 '''
514 cn = self.classname
515 cl = self.db.classes[cn]
517 # possibly perform an edit
518 keys = self.form.keys()
519 num_re = re.compile('^\d+$')
520 # don't try to set properties if the user has just logged in
521 if keys and not self.form.has_key('__login_name'):
522 try:
523 props = parsePropsFromForm(self.db, cl, self.form, self.nodeid)
524 # make changes to the node
525 self._changenode(props)
526 # handle linked nodes
527 self._post_editnode(self.nodeid)
528 # and some nice feedback for the user
529 if props:
530 message = _('%(changes)s edited ok')%{'changes':
531 ', '.join(props.keys())}
532 elif self.form.has_key('__note') and self.form['__note'].value:
533 message = _('note added')
534 elif (self.form.has_key('__file') and
535 self.form['__file'].filename):
536 message = _('file added')
537 else:
538 message = _('nothing changed')
539 except:
540 self.db.rollback()
541 s = StringIO.StringIO()
542 traceback.print_exc(None, s)
543 message = '<pre>%s</pre>'%cgi.escape(s.getvalue())
545 # now the display
546 id = self.nodeid
547 if cl.getkey():
548 id = cl.get(id, cl.getkey())
549 self.pagehead('%s: %s'%(self.classname.capitalize(), id), message)
551 nodeid = self.nodeid
553 # use the template to display the item
554 item = htmltemplate.ItemTemplate(self, self.instance.TEMPLATES,
555 self.classname)
556 item.render(nodeid)
558 self.pagefoot()
559 showissue = shownode
560 showmsg = shownode
562 def _add_author_to_nosy(self, props):
563 ''' add the author value from the props to the nosy list
564 '''
565 if not props.has_key('author'):
566 return
567 author_id = props['author']
568 if not props.has_key('nosy'):
569 # load current nosy
570 if self.nodeid:
571 cl = self.db.classes[self.classname]
572 l = cl.get(self.nodeid, 'nosy')
573 if author_id in l:
574 return
575 props['nosy'] = l
576 else:
577 props['nosy'] = []
578 if author_id not in props['nosy']:
579 props['nosy'].append(author_id)
581 def _add_assignedto_to_nosy(self, props):
582 ''' add the assignedto value from the props to the nosy list
583 '''
584 if not props.has_key('assignedto'):
585 return
586 assignedto_id = props['assignedto']
587 if not props.has_key('nosy'):
588 # load current nosy
589 if self.nodeid:
590 cl = self.db.classes[self.classname]
591 l = cl.get(self.nodeid, 'nosy')
592 if assignedto_id in l:
593 return
594 props['nosy'] = l
595 else:
596 props['nosy'] = []
597 if assignedto_id not in props['nosy']:
598 props['nosy'].append(assignedto_id)
600 def _changenode(self, props):
601 ''' change the node based on the contents of the form
602 '''
603 cl = self.db.classes[self.classname]
604 # set status to chatting if 'unread' or 'resolved'
605 try:
606 # determine the id of 'unread','resolved' and 'chatting'
607 unread_id = self.db.status.lookup('unread')
608 resolved_id = self.db.status.lookup('resolved')
609 chatting_id = self.db.status.lookup('chatting')
610 current_status = cl.get(self.nodeid, 'status')
611 if props.has_key('status'):
612 new_status = props['status']
613 else:
614 # apparently there's a chance that some browsers don't
615 # send status...
616 new_status = current_status
617 except KeyError:
618 pass
619 else:
620 if new_status == unread_id or (new_status == resolved_id
621 and current_status == resolved_id):
622 props['status'] = chatting_id
624 self._add_assignedto_to_nosy(props)
626 # possibly add the author of the change to the nosy list
627 if self.db.config.ADD_AUTHOR_TO_NOSY == 'yes':
628 self._add_author_to_nosy(props)
630 # create the message
631 message, files = self._handle_message()
632 if message:
633 props['messages'] = cl.get(self.nodeid, 'messages') + [message]
634 if files:
635 props['files'] = cl.get(self.nodeid, 'files') + files
637 # make the changes
638 cl.set(self.nodeid, **props)
640 def _createnode(self):
641 ''' create a node based on the contents of the form
642 '''
643 cl = self.db.classes[self.classname]
644 props = parsePropsFromForm(self.db, cl, self.form)
646 # set status to 'unread' if not specified - a status of '- no
647 # selection -' doesn't make sense
648 if not props.has_key('status') and cl.getprops().has_key('status'):
649 try:
650 unread_id = self.db.status.lookup('unread')
651 except KeyError:
652 pass
653 else:
654 props['status'] = unread_id
656 self._add_assignedto_to_nosy(props)
658 # possibly add the author of the new node to the nosy list
659 if self.db.config.ADD_AUTHOR_TO_NOSY in ('new', 'yes'):
660 self._add_author_to_nosy(props)
662 # check for messages and files
663 message, files = self._handle_message()
664 if message:
665 props['messages'] = [message]
666 if files:
667 props['files'] = files
668 # create the node and return it's id
669 return cl.create(**props)
671 def _handle_message(self):
672 ''' generate an edit message
673 '''
674 # handle file attachments
675 files = []
676 if self.form.has_key('__file'):
677 file = self.form['__file']
678 if file.filename:
679 filename = file.filename.split('\\')[-1]
680 mime_type = mimetypes.guess_type(filename)[0]
681 if not mime_type:
682 mime_type = "application/octet-stream"
683 # create the new file entry
684 files.append(self.db.file.create(type=mime_type,
685 name=filename, content=file.file.read()))
687 # we don't want to do a message if none of the following is true...
688 cn = self.classname
689 cl = self.db.classes[self.classname]
690 props = cl.getprops()
691 note = None
692 # in a nutshell, don't do anything if there's no note or there's no
693 # NOSY
694 if self.form.has_key('__note'):
695 note = self.form['__note'].value.strip()
696 if not note:
697 return None, files
698 if not props.has_key('messages'):
699 return None, files
700 if not isinstance(props['messages'], hyperdb.Multilink):
701 return None, files
702 if not props['messages'].classname == 'msg':
703 return None, files
704 if not (self.form.has_key('nosy') or note):
705 return None, files
707 # handle the note
708 if '\n' in note:
709 summary = re.split(r'\n\r?', note)[0]
710 else:
711 summary = note
712 m = ['%s\n'%note]
714 # handle the messageid
715 # TODO: handle inreplyto
716 messageid = "<%s.%s.%s@%s>"%(time.time(), random.random(),
717 self.classname, self.instance.MAIL_DOMAIN)
719 # now create the message, attaching the files
720 content = '\n'.join(m)
721 message_id = self.db.msg.create(author=self.getuid(),
722 recipients=[], date=date.Date('.'), summary=summary,
723 content=content, files=files, messageid=messageid)
725 # update the messages property
726 return message_id, files
728 def _post_editnode(self, nid):
729 '''Do the linking part of the node creation.
731 If a form element has :link or :multilink appended to it, its
732 value specifies a node designator and the property on that node
733 to add _this_ node to as a link or multilink.
735 This is typically used on, eg. the file upload page to indicated
736 which issue to link the file to.
738 TODO: I suspect that this and newfile will go away now that
739 there's the ability to upload a file using the issue __file form
740 element!
741 '''
742 cn = self.classname
743 cl = self.db.classes[cn]
744 # link if necessary
745 keys = self.form.keys()
746 for key in keys:
747 if key == ':multilink':
748 value = self.form[key].value
749 if type(value) != type([]): value = [value]
750 for value in value:
751 designator, property = value.split(':')
752 link, nodeid = roundupdb.splitDesignator(designator)
753 link = self.db.classes[link]
754 value = link.get(nodeid, property)
755 value.append(nid)
756 link.set(nodeid, **{property: value})
757 elif key == ':link':
758 value = self.form[key].value
759 if type(value) != type([]): value = [value]
760 for value in value:
761 designator, property = value.split(':')
762 link, nodeid = roundupdb.splitDesignator(designator)
763 link = self.db.classes[link]
764 link.set(nodeid, **{property: nid})
766 def newnode(self, message=None):
767 ''' Add a new node to the database.
769 The form works in two modes: blank form and submission (that is,
770 the submission goes to the same URL). **Eventually this means that
771 the form will have previously entered information in it if
772 submission fails.
774 The new node will be created with the properties specified in the
775 form submission. For multilinks, multiple form entries are handled,
776 as are prop=value,value,value. You can't mix them though.
778 If the new node is to be referenced from somewhere else immediately
779 (ie. the new node is a file that is to be attached to a support
780 issue) then supply one of these arguments in addition to the usual
781 form entries:
782 :link=designator:property
783 :multilink=designator:property
784 ... which means that once the new node is created, the "property"
785 on the node given by "designator" should now reference the new
786 node's id. The node id will be appended to the multilink.
787 '''
788 cn = self.classname
789 cl = self.db.classes[cn]
791 # possibly perform a create
792 keys = self.form.keys()
793 if [i for i in keys if i[0] != ':']:
794 props = {}
795 try:
796 nid = self._createnode()
797 # handle linked nodes
798 self._post_editnode(nid)
799 # and some nice feedback for the user
800 message = _('%(classname)s created ok')%{'classname': cn}
802 # render the newly created issue
803 self.db.commit()
804 self.nodeid = nid
805 self.pagehead('%s: %s'%(self.classname.capitalize(), nid),
806 message)
807 item = htmltemplate.ItemTemplate(self, self.instance.TEMPLATES,
808 self.classname)
809 item.render(nid)
810 self.pagefoot()
811 return
812 except:
813 self.db.rollback()
814 s = StringIO.StringIO()
815 traceback.print_exc(None, s)
816 message = '<pre>%s</pre>'%cgi.escape(s.getvalue())
817 self.pagehead(_('New %(classname)s')%{'classname':
818 self.classname.capitalize()}, message)
820 # call the template
821 newitem = htmltemplate.NewItemTemplate(self, self.instance.TEMPLATES,
822 self.classname)
823 newitem.render(self.form)
825 self.pagefoot()
826 newissue = newnode
828 def newuser(self, message=None):
829 ''' Add a new user to the database.
831 Don't do any of the message or file handling, just create the node.
832 '''
833 cn = self.classname
834 cl = self.db.classes[cn]
836 # possibly perform a create
837 keys = self.form.keys()
838 if [i for i in keys if i[0] != ':']:
839 try:
840 props = parsePropsFromForm(self.db, cl, self.form)
841 nid = cl.create(**props)
842 # handle linked nodes
843 self._post_editnode(nid)
844 # and some nice feedback for the user
845 message = _('%(classname)s created ok')%{'classname': cn}
846 except:
847 self.db.rollback()
848 s = StringIO.StringIO()
849 traceback.print_exc(None, s)
850 message = '<pre>%s</pre>'%cgi.escape(s.getvalue())
851 self.pagehead(_('New %(classname)s')%{'classname':
852 self.classname.capitalize()}, message)
854 # call the template
855 newitem = htmltemplate.NewItemTemplate(self, self.instance.TEMPLATES,
856 self.classname)
857 newitem.render(self.form)
859 self.pagefoot()
861 def newfile(self, message=None):
862 ''' Add a new file to the database.
864 This form works very much the same way as newnode - it just has a
865 file upload.
866 '''
867 cn = self.classname
868 cl = self.db.classes[cn]
870 # possibly perform a create
871 keys = self.form.keys()
872 if [i for i in keys if i[0] != ':']:
873 try:
874 file = self.form['content']
875 mime_type = mimetypes.guess_type(file.filename)[0]
876 if not mime_type:
877 mime_type = "application/octet-stream"
878 # save the file
879 nid = cl.create(content=file.file.read(), type=mime_type,
880 name=file.filename)
881 # handle linked nodes
882 self._post_editnode(nid)
883 # and some nice feedback for the user
884 message = _('%(classname)s created ok')%{'classname': cn}
885 except:
886 self.db.rollback()
887 s = StringIO.StringIO()
888 traceback.print_exc(None, s)
889 message = '<pre>%s</pre>'%cgi.escape(s.getvalue())
891 self.pagehead(_('New %(classname)s')%{'classname':
892 self.classname.capitalize()}, message)
893 newitem = htmltemplate.NewItemTemplate(self, self.instance.TEMPLATES,
894 self.classname)
895 newitem.render(self.form)
896 self.pagefoot()
898 def showuser(self, message=None):
899 '''Display a user page for editing. Make sure the user is allowed
900 to edit this node, and also check for password changes.
901 '''
902 if self.user == 'anonymous':
903 raise Unauthorised
905 user = self.db.user
907 # get the username of the node being edited
908 node_user = user.get(self.nodeid, 'username')
910 if self.user not in ('admin', node_user):
911 raise Unauthorised
913 #
914 # perform any editing
915 #
916 keys = self.form.keys()
917 num_re = re.compile('^\d+$')
918 if keys:
919 try:
920 props = parsePropsFromForm(self.db, user, self.form,
921 self.nodeid)
922 set_cookie = 0
923 if props.has_key('password'):
924 password = self.form['password'].value.strip()
925 if not password:
926 # no password was supplied - don't change it
927 del props['password']
928 elif self.nodeid == self.getuid():
929 # this is the logged-in user's password
930 set_cookie = password
931 user.set(self.nodeid, **props)
932 # and some feedback for the user
933 message = _('%(changes)s edited ok')%{'changes':
934 ', '.join(props.keys())}
935 except:
936 self.db.rollback()
937 s = StringIO.StringIO()
938 traceback.print_exc(None, s)
939 message = '<pre>%s</pre>'%cgi.escape(s.getvalue())
940 else:
941 set_cookie = 0
943 # fix the cookie if the password has changed
944 if set_cookie:
945 self.set_cookie(self.user, set_cookie)
947 #
948 # now the display
949 #
950 self.pagehead(_('User: %(user)s')%{'user': node_user}, message)
952 # use the template to display the item
953 item = htmltemplate.ItemTemplate(self, self.instance.TEMPLATES, 'user')
954 item.render(self.nodeid)
955 self.pagefoot()
957 def showfile(self):
958 ''' display a file
959 '''
960 nodeid = self.nodeid
961 cl = self.db.file
962 mime_type = cl.get(nodeid, 'type')
963 if mime_type == 'message/rfc822':
964 mime_type = 'text/plain'
965 self.header(headers={'Content-Type': mime_type})
966 self.write(cl.get(nodeid, 'content'))
968 def classes(self, message=None):
969 ''' display a list of all the classes in the database
970 '''
971 if self.user == 'admin':
972 self.pagehead(_('Table of classes'), message)
973 classnames = self.db.classes.keys()
974 classnames.sort()
975 self.write('<table border=0 cellspacing=0 cellpadding=2>\n')
976 for cn in classnames:
977 cl = self.db.getclass(cn)
978 self.write('<tr class="list-header"><th colspan=2 align=left>'
979 '<a href="%s">%s</a></th></tr>'%(cn, cn.capitalize()))
980 for key, value in cl.properties.items():
981 if value is None: value = ''
982 else: value = str(value)
983 self.write('<tr><th align=left>%s</th><td>%s</td></tr>'%(
984 key, cgi.escape(value)))
985 self.write('</table>')
986 self.pagefoot()
987 else:
988 raise Unauthorised
990 def login(self, message=None, newuser_form=None, action='index'):
991 '''Display a login page.
992 '''
993 self.pagehead(_('Login to roundup'), message)
994 self.write(_('''
995 <table>
996 <tr><td colspan=2 class="strong-header">Existing User Login</td></tr>
997 <form onSubmit="return submit_once()" action="login_action" method=POST>
998 <input type="hidden" name="__destination_url" value="%(action)s">
999 <tr><td align=right>Login name: </td>
1000 <td><input name="__login_name"></td></tr>
1001 <tr><td align=right>Password: </td>
1002 <td><input type="password" name="__login_password"></td></tr>
1003 <tr><td></td>
1004 <td><input type="submit" value="Log In"></td></tr>
1005 </form>
1006 ''')%locals())
1007 if self.user is None and self.instance.ANONYMOUS_REGISTER == 'deny':
1008 self.write('</table>')
1009 self.pagefoot()
1010 return
1011 values = {'realname': '', 'organisation': '', 'address': '',
1012 'phone': '', 'username': '', 'password': '', 'confirm': '',
1013 'action': action, 'alternate_addresses': ''}
1014 if newuser_form is not None:
1015 for key in newuser_form.keys():
1016 values[key] = newuser_form[key].value
1017 self.write(_('''
1018 <p>
1019 <tr><td colspan=2 class="strong-header">New User Registration</td></tr>
1020 <tr><td colspan=2><em>marked items</em> are optional...</td></tr>
1021 <form onSubmit="return submit_once()" action="newuser_action" method=POST>
1022 <input type="hidden" name="__destination_url" value="%(action)s">
1023 <tr><td align=right><em>Name: </em></td>
1024 <td><input name="realname" value="%(realname)s" size=40></td></tr>
1025 <tr><td align=right><em>Organisation: </em></td>
1026 <td><input name="organisation" value="%(organisation)s" size=40></td></tr>
1027 <tr><td align=right>E-Mail Address: </td>
1028 <td><input name="address" value="%(address)s" size=40></td></tr>
1029 <tr><td align=right><em>Alternate E-mail Addresses: </em></td>
1030 <td><textarea name="alternate_addresses" rows=5 cols=40>%(alternate_addresses)s</textarea></td></tr>
1031 <tr><td align=right><em>Phone: </em></td>
1032 <td><input name="phone" value="%(phone)s"></td></tr>
1033 <tr><td align=right>Preferred Login name: </td>
1034 <td><input name="username" value="%(username)s"></td></tr>
1035 <tr><td align=right>Password: </td>
1036 <td><input type="password" name="password" value="%(password)s"></td></tr>
1037 <tr><td align=right>Password Again: </td>
1038 <td><input type="password" name="confirm" value="%(confirm)s"></td></tr>
1039 <tr><td></td>
1040 <td><input type="submit" value="Register"></td></tr>
1041 </form>
1042 </table>
1043 ''')%values)
1044 self.pagefoot()
1046 def login_action(self, message=None):
1047 '''Attempt to log a user in and set the cookie
1049 returns 0 if a page is generated as a result of this call, and
1050 1 if not (ie. the login is successful
1051 '''
1052 if not self.form.has_key('__login_name'):
1053 self.login(message=_('Username required'))
1054 return 0
1055 self.user = self.form['__login_name'].value
1056 if self.form.has_key('__login_password'):
1057 password = self.form['__login_password'].value
1058 else:
1059 password = ''
1060 # make sure the user exists
1061 try:
1062 uid = self.db.user.lookup(self.user)
1063 except KeyError:
1064 name = self.user
1065 self.make_user_anonymous()
1066 action = self.form['__destination_url'].value
1067 self.login(message=_('No such user "%(name)s"')%locals(),
1068 action=action)
1069 return 0
1071 # and that the password is correct
1072 pw = self.db.user.get(uid, 'password')
1073 if password != pw:
1074 self.make_user_anonymous()
1075 action = self.form['__destination_url'].value
1076 self.login(message=_('Incorrect password'), action=action)
1077 return 0
1079 self.set_cookie(self.user, password)
1080 return 1
1082 def newuser_action(self, message=None):
1083 '''Attempt to create a new user based on the contents of the form
1084 and then set the cookie.
1086 return 1 on successful login
1087 '''
1088 # re-open the database as "admin"
1089 self.db = self.instance.open('admin')
1091 # TODO: pre-check the required fields and username key property
1092 cl = self.db.user
1093 try:
1094 props = parsePropsFromForm(self.db, cl, self.form)
1095 uid = cl.create(**props)
1096 except ValueError, message:
1097 action = self.form['__destination_url'].value
1098 self.login(message, action=action)
1099 return 0
1100 self.user = cl.get(uid, 'username')
1101 password = cl.get(uid, 'password')
1102 self.set_cookie(self.user, self.form['password'].value)
1103 return 1
1105 def set_cookie(self, user, password):
1106 # construct the cookie
1107 user = binascii.b2a_base64('%s:%s'%(user, password)).strip()
1108 if user[-1] == '=':
1109 if user[-2] == '=':
1110 user = user[:-2]
1111 else:
1112 user = user[:-1]
1113 expire = Cookie._getdate(86400*365)
1114 path = '/'.join((self.env['SCRIPT_NAME'], self.env['INSTANCE_NAME']))
1115 self.header({'Set-Cookie': 'roundup_user=%s; expires=%s; Path=%s;' % (
1116 user, expire, path)})
1118 def make_user_anonymous(self):
1119 # make us anonymous if we can
1120 try:
1121 self.db.user.lookup('anonymous')
1122 self.user = 'anonymous'
1123 except KeyError:
1124 self.user = None
1126 def logout(self, message=None):
1127 self.make_user_anonymous()
1128 # construct the logout cookie
1129 now = Cookie._getdate()
1130 path = '/'.join((self.env['SCRIPT_NAME'], self.env['INSTANCE_NAME']))
1131 self.header({'Set-Cookie':
1132 'roundup_user=deleted; Max-Age=0; expires=%s; Path=%s;'%(now,
1133 path)})
1134 self.login()
1136 def main(self):
1137 '''Wrap the database accesses so we can close the database cleanly
1138 '''
1139 # determine the uid to use
1140 self.db = self.instance.open('admin')
1141 cookie = Cookie.Cookie(self.env.get('HTTP_COOKIE', ''))
1142 user = 'anonymous'
1143 if (cookie.has_key('roundup_user') and
1144 cookie['roundup_user'].value != 'deleted'):
1145 cookie = cookie['roundup_user'].value
1146 if len(cookie)%4:
1147 cookie = cookie + '='*(4-len(cookie)%4)
1148 try:
1149 user, password = binascii.a2b_base64(cookie).split(':')
1150 except (TypeError, binascii.Error, binascii.Incomplete):
1151 # damaged cookie!
1152 user, password = 'anonymous', ''
1154 # make sure the user exists
1155 try:
1156 uid = self.db.user.lookup(user)
1157 # now validate the password
1158 if password != self.db.user.get(uid, 'password'):
1159 user = 'anonymous'
1160 except KeyError:
1161 user = 'anonymous'
1163 # make sure the anonymous user is valid if we're using it
1164 if user == 'anonymous':
1165 self.make_user_anonymous()
1166 else:
1167 self.user = user
1169 # re-open the database for real, using the user
1170 self.db = self.instance.open(self.user)
1172 # now figure which function to call
1173 path = self.split_path
1175 # default action to index if the path has no information in it
1176 if not path or path[0] in ('', 'index'):
1177 action = 'index'
1178 else:
1179 action = path[0]
1181 # Everthing ignores path[1:]
1182 # - The file download link generator actually relies on this - it
1183 # appends the name of the file to the URL so the download file name
1184 # is correct, but doesn't actually use it.
1186 # everyone is allowed to try to log in
1187 if action == 'login_action':
1188 # try to login
1189 if not self.login_action():
1190 return
1191 # figure the resulting page
1192 action = self.form['__destination_url'].value
1193 if not action:
1194 action = 'index'
1195 self.do_action(action)
1196 return
1198 # allow anonymous people to register
1199 if action == 'newuser_action':
1200 # if we don't have a login and anonymous people aren't allowed to
1201 # register, then spit up the login form
1202 if self.instance.ANONYMOUS_REGISTER == 'deny' and self.user is None:
1203 if action == 'login':
1204 self.login() # go to the index after login
1205 else:
1206 self.login(action=action)
1207 return
1208 # try to add the user
1209 if not self.newuser_action():
1210 return
1211 # figure the resulting page
1212 action = self.form['__destination_url'].value
1213 if not action:
1214 action = 'index'
1216 # no login or registration, make sure totally anonymous access is OK
1217 elif self.instance.ANONYMOUS_ACCESS == 'deny' and self.user is None:
1218 if action == 'login':
1219 self.login() # go to the index after login
1220 else:
1221 self.login(action=action)
1222 return
1224 # just a regular action
1225 self.do_action(action)
1227 # commit all changes to the database
1228 self.db.commit()
1230 def do_action(self, action, dre=re.compile(r'([^\d]+)(\d+)'),
1231 nre=re.compile(r'new(\w+)')):
1232 '''Figure the user's action and do it.
1233 '''
1234 # here be the "normal" functionality
1235 if action == 'index':
1236 self.index()
1237 return
1238 if action == 'list_classes':
1239 self.classes()
1240 return
1241 if action == 'classhelp':
1242 self.classhelp()
1243 return
1244 if action == 'login':
1245 self.login()
1246 return
1247 if action == 'logout':
1248 self.logout()
1249 return
1251 # see if we're to display an existing node
1252 m = dre.match(action)
1253 if m:
1254 self.classname = m.group(1)
1255 self.nodeid = m.group(2)
1256 try:
1257 cl = self.db.classes[self.classname]
1258 except KeyError:
1259 raise NotFound
1260 try:
1261 cl.get(self.nodeid, 'id')
1262 except IndexError:
1263 raise NotFound
1264 try:
1265 func = getattr(self, 'show%s'%self.classname)
1266 except AttributeError:
1267 raise NotFound
1268 func()
1269 return
1271 # see if we're to put up the new node page
1272 m = nre.match(action)
1273 if m:
1274 self.classname = m.group(1)
1275 try:
1276 func = getattr(self, 'new%s'%self.classname)
1277 except AttributeError:
1278 raise NotFound
1279 func()
1280 return
1282 # otherwise, display the named class
1283 self.classname = action
1284 try:
1285 self.db.getclass(self.classname)
1286 except KeyError:
1287 raise NotFound
1288 self.list()
1291 class ExtendedClient(Client):
1292 '''Includes pages and page heading information that relate to the
1293 extended schema.
1294 '''
1295 showsupport = Client.shownode
1296 showtimelog = Client.shownode
1297 newsupport = Client.newnode
1298 newtimelog = Client.newnode
1300 default_index_sort = ['-activity']
1301 default_index_group = ['priority']
1302 default_index_filter = ['status']
1303 default_index_columns = ['activity','status','title','assignedto']
1304 default_index_filterspec = {'status': ['1', '2', '3', '4', '5', '6', '7']}
1306 def parsePropsFromForm(db, cl, form, nodeid=0):
1307 '''Pull properties for the given class out of the form.
1308 '''
1309 props = {}
1310 keys = form.keys()
1311 num_re = re.compile('^\d+$')
1312 for key in keys:
1313 if not cl.properties.has_key(key):
1314 continue
1315 proptype = cl.properties[key]
1316 if isinstance(proptype, hyperdb.String):
1317 value = form[key].value.strip()
1318 elif isinstance(proptype, hyperdb.Password):
1319 value = password.Password(form[key].value.strip())
1320 elif isinstance(proptype, hyperdb.Date):
1321 value = form[key].value.strip()
1322 if value:
1323 value = date.Date(form[key].value.strip())
1324 else:
1325 value = None
1326 elif isinstance(proptype, hyperdb.Interval):
1327 value = form[key].value.strip()
1328 if value:
1329 value = date.Interval(form[key].value.strip())
1330 else:
1331 value = None
1332 elif isinstance(proptype, hyperdb.Link):
1333 value = form[key].value.strip()
1334 # see if it's the "no selection" choice
1335 if value == '-1':
1336 # don't set this property
1337 continue
1338 else:
1339 # handle key values
1340 link = cl.properties[key].classname
1341 if not num_re.match(value):
1342 try:
1343 value = db.classes[link].lookup(value)
1344 except KeyError:
1345 raise ValueError, _('property "%(propname)s": '
1346 '%(value)s not a %(classname)s')%{'propname':key,
1347 'value': value, 'classname': link}
1348 elif isinstance(proptype, hyperdb.Multilink):
1349 value = form[key]
1350 if type(value) != type([]):
1351 value = [i.strip() for i in value.value.split(',')]
1352 else:
1353 value = [i.value.strip() for i in value]
1354 link = cl.properties[key].classname
1355 l = []
1356 for entry in map(str, value):
1357 if entry == '': continue
1358 if not num_re.match(entry):
1359 try:
1360 entry = db.classes[link].lookup(entry)
1361 except KeyError:
1362 raise ValueError, _('property "%(propname)s": '
1363 '"%(value)s" not an entry of %(classname)s')%{
1364 'propname':key, 'value': entry, 'classname': link}
1365 l.append(entry)
1366 l.sort()
1367 value = l
1369 # get the old value
1370 if nodeid:
1371 try:
1372 existing = cl.get(nodeid, key)
1373 except KeyError:
1374 # this might be a new property for which there is no existing
1375 # value
1376 if not cl.properties.has_key(key): raise
1378 # if changed, set it
1379 if value != existing:
1380 props[key] = value
1381 else:
1382 props[key] = value
1383 return props
1385 #
1386 # $Log: not supported by cvs2svn $
1387 # Revision 1.120 2002/05/21 06:05:53 richard
1388 # . #551483 ] assignedto in Client.make_index_link
1389 #
1390 # Revision 1.119 2002/05/15 06:21:21 richard
1391 # . node caching now works, and gives a small boost in performance
1392 #
1393 # As a part of this, I cleaned up the DEBUG output and implemented TRACE
1394 # output (HYPERDBTRACE='file to trace to') with checkpoints at the start of
1395 # CGI requests. Run roundup with python -O to skip all the DEBUG/TRACE stuff
1396 # (using if __debug__ which is compiled out with -O)
1397 #
1398 # Revision 1.118 2002/05/12 23:46:33 richard
1399 # ehem, part 2
1400 #
1401 # Revision 1.117 2002/05/12 23:42:29 richard
1402 # ehem
1403 #
1404 # Revision 1.116 2002/05/02 08:07:49 richard
1405 # Added the ADD_AUTHOR_TO_NOSY handling to the CGI interface.
1406 #
1407 # Revision 1.115 2002/04/02 01:56:10 richard
1408 # . stop sending blank (whitespace-only) notes
1409 #
1410 # Revision 1.114 2002/03/17 23:06:05 richard
1411 # oops
1412 #
1413 # Revision 1.113 2002/03/14 23:59:24 richard
1414 # . #517734 ] web header customisation is obscure
1415 #
1416 # Revision 1.112 2002/03/12 22:52:26 richard
1417 # more pychecker warnings removed
1418 #
1419 # Revision 1.111 2002/02/25 04:32:21 richard
1420 # ahem
1421 #
1422 # Revision 1.110 2002/02/21 07:19:08 richard
1423 # ... and label, width and height control for extra flavour!
1424 #
1425 # Revision 1.109 2002/02/21 07:08:19 richard
1426 # oops
1427 #
1428 # Revision 1.108 2002/02/21 07:02:54 richard
1429 # The correct var is "HTTP_HOST"
1430 #
1431 # Revision 1.107 2002/02/21 06:57:38 richard
1432 # . Added popup help for classes using the classhelp html template function.
1433 # - add <display call="classhelp('priority', 'id,name,description')">
1434 # to an item page, and it generates a link to a popup window which displays
1435 # the id, name and description for the priority class. The description
1436 # field won't exist in most installations, but it will be added to the
1437 # default templates.
1438 #
1439 # Revision 1.106 2002/02/21 06:23:00 richard
1440 # *** empty log message ***
1441 #
1442 # Revision 1.105 2002/02/20 05:52:10 richard
1443 # better error handling
1444 #
1445 # Revision 1.104 2002/02/20 05:45:17 richard
1446 # Use the csv module for generating the form entry so it's correct.
1447 # [also noted the sf.net feature request id in the change log]
1448 #
1449 # Revision 1.103 2002/02/20 05:05:28 richard
1450 # . Added simple editing for classes that don't define a templated interface.
1451 # - access using the admin "class list" interface
1452 # - limited to admin-only
1453 # - requires the csv module from object-craft (url given if it's missing)
1454 #
1455 # Revision 1.102 2002/02/15 07:08:44 richard
1456 # . Alternate email addresses are now available for users. See the MIGRATION
1457 # file for info on how to activate the feature.
1458 #
1459 # Revision 1.101 2002/02/14 23:39:18 richard
1460 # . All forms now have "double-submit" protection when Javascript is enabled
1461 # on the client-side.
1462 #
1463 # Revision 1.100 2002/01/16 07:02:57 richard
1464 # . lots of date/interval related changes:
1465 # - more relaxed date format for input
1466 #
1467 # Revision 1.99 2002/01/16 03:02:42 richard
1468 # #503793 ] changing assignedto resets nosy list
1469 #
1470 # Revision 1.98 2002/01/14 02:20:14 richard
1471 # . changed all config accesses so they access either the instance or the
1472 # config attriubute on the db. This means that all config is obtained from
1473 # instance_config instead of the mish-mash of classes. This will make
1474 # switching to a ConfigParser setup easier too, I hope.
1475 #
1476 # At a minimum, this makes migration a _little_ easier (a lot easier in the
1477 # 0.5.0 switch, I hope!)
1478 #
1479 # Revision 1.97 2002/01/11 23:22:29 richard
1480 # . #502437 ] rogue reactor and unittest
1481 # in short, the nosy reactor was modifying the nosy list. That code had
1482 # been there for a long time, and I suspsect it was there because we
1483 # weren't generating the nosy list correctly in other places of the code.
1484 # We're now doing that, so the nosy-modifying code can go away from the
1485 # nosy reactor.
1486 #
1487 # Revision 1.96 2002/01/10 05:26:10 richard
1488 # missed a parsePropsFromForm in last update
1489 #
1490 # Revision 1.95 2002/01/10 03:39:45 richard
1491 # . fixed some problems with web editing and change detection
1492 #
1493 # Revision 1.94 2002/01/09 13:54:21 grubert
1494 # _add_assignedto_to_nosy did set nosy to assignedto only, no adding.
1495 #
1496 # Revision 1.93 2002/01/08 11:57:12 richard
1497 # crying out for real configuration handling... :(
1498 #
1499 # Revision 1.92 2002/01/08 04:12:05 richard
1500 # Changed message-id format to "<%s.%s.%s%s@%s>" so it complies with RFC822
1501 #
1502 # Revision 1.91 2002/01/08 04:03:47 richard
1503 # I mucked the intent of the code up.
1504 #
1505 # Revision 1.90 2002/01/08 03:56:55 richard
1506 # Oops, missed this before the beta:
1507 # . #495392 ] empty nosy -patch
1508 #
1509 # Revision 1.89 2002/01/07 20:24:45 richard
1510 # *mutter* stupid cutnpaste
1511 #
1512 # Revision 1.88 2002/01/02 02:31:38 richard
1513 # Sorry for the huge checkin message - I was only intending to implement #496356
1514 # but I found a number of places where things had been broken by transactions:
1515 # . modified ROUNDUPDBSENDMAILDEBUG to be SENDMAILDEBUG and hold a filename
1516 # for _all_ roundup-generated smtp messages to be sent to.
1517 # . the transaction cache had broken the roundupdb.Class set() reactors
1518 # . newly-created author users in the mailgw weren't being committed to the db
1519 #
1520 # Stuff that made it into CHANGES.txt (ie. the stuff I was actually working
1521 # on when I found that stuff :):
1522 # . #496356 ] Use threading in messages
1523 # . detectors were being registered multiple times
1524 # . added tests for mailgw
1525 # . much better attaching of erroneous messages in the mail gateway
1526 #
1527 # Revision 1.87 2001/12/23 23:18:49 richard
1528 # We already had an admin-specific section of the web heading, no need to add
1529 # another one :)
1530 #
1531 # Revision 1.86 2001/12/20 15:43:01 rochecompaan
1532 # Features added:
1533 # . Multilink properties are now displayed as comma separated values in
1534 # a textbox
1535 # . The add user link is now only visible to the admin user
1536 # . Modified the mail gateway to reject submissions from unknown
1537 # addresses if ANONYMOUS_ACCESS is denied
1538 #
1539 # Revision 1.85 2001/12/20 06:13:24 rochecompaan
1540 # Bugs fixed:
1541 # . Exception handling in hyperdb for strings-that-look-like numbers got
1542 # lost somewhere
1543 # . Internet Explorer submits full path for filename - we now strip away
1544 # the path
1545 # Features added:
1546 # . Link and multilink properties are now displayed sorted in the cgi
1547 # interface
1548 #
1549 # Revision 1.84 2001/12/18 15:30:30 rochecompaan
1550 # Fixed bugs:
1551 # . Fixed file creation and retrieval in same transaction in anydbm
1552 # backend
1553 # . Cgi interface now renders new issue after issue creation
1554 # . Could not set issue status to resolved through cgi interface
1555 # . Mail gateway was changing status back to 'chatting' if status was
1556 # omitted as an argument
1557 #
1558 # Revision 1.83 2001/12/15 23:51:01 richard
1559 # Tested the changes and fixed a few problems:
1560 # . files are now attached to the issue as well as the message
1561 # . newuser is a real method now since we don't want to do the message/file
1562 # stuff for it
1563 # . added some documentation
1564 # The really big changes in the diff are a result of me moving some code
1565 # around to keep like methods together a bit better.
1566 #
1567 # Revision 1.82 2001/12/15 19:24:39 rochecompaan
1568 # . Modified cgi interface to change properties only once all changes are
1569 # collected, files created and messages generated.
1570 # . Moved generation of change note to nosyreactors.
1571 # . We now check for changes to "assignedto" to ensure it's added to the
1572 # nosy list.
1573 #
1574 # Revision 1.81 2001/12/12 23:55:00 richard
1575 # Fixed some problems with user editing
1576 #
1577 # Revision 1.80 2001/12/12 23:27:14 richard
1578 # Added a Zope frontend for roundup.
1579 #
1580 # Revision 1.79 2001/12/10 22:20:01 richard
1581 # Enabled transaction support in the bsddb backend. It uses the anydbm code
1582 # where possible, only replacing methods where the db is opened (it uses the
1583 # btree opener specifically.)
1584 # Also cleaned up some change note generation.
1585 # Made the backends package work with pydoc too.
1586 #
1587 # Revision 1.78 2001/12/07 05:59:27 rochecompaan
1588 # Fixed small bug that prevented adding issues through the web.
1589 #
1590 # Revision 1.77 2001/12/06 22:48:29 richard
1591 # files multilink was being nuked in post_edit_node
1592 #
1593 # Revision 1.76 2001/12/05 14:26:44 rochecompaan
1594 # Removed generation of change note from "sendmessage" in roundupdb.py.
1595 # The change note is now generated when the message is created.
1596 #
1597 # Revision 1.75 2001/12/04 01:25:08 richard
1598 # Added some rollbacks where we were catching exceptions that would otherwise
1599 # have stopped committing.
1600 #
1601 # Revision 1.74 2001/12/02 05:06:16 richard
1602 # . We now use weakrefs in the Classes to keep the database reference, so
1603 # the close() method on the database is no longer needed.
1604 # I bumped the minimum python requirement up to 2.1 accordingly.
1605 # . #487480 ] roundup-server
1606 # . #487476 ] INSTALL.txt
1607 #
1608 # I also cleaned up the change message / post-edit stuff in the cgi client.
1609 # There's now a clearly marked "TODO: append the change note" where I believe
1610 # the change note should be added there. The "changes" list will obviously
1611 # have to be modified to be a dict of the changes, or somesuch.
1612 #
1613 # More testing needed.
1614 #
1615 # Revision 1.73 2001/12/01 07:17:50 richard
1616 # . We now have basic transaction support! Information is only written to
1617 # the database when the commit() method is called. Only the anydbm
1618 # backend is modified in this way - neither of the bsddb backends have been.
1619 # The mail, admin and cgi interfaces all use commit (except the admin tool
1620 # doesn't have a commit command, so interactive users can't commit...)
1621 # . Fixed login/registration forwarding the user to the right page (or not,
1622 # on a failure)
1623 #
1624 # Revision 1.72 2001/11/30 20:47:58 rochecompaan
1625 # Links in page header are now consistent with default sort order.
1626 #
1627 # Fixed bugs:
1628 # - When login failed the list of issues were still rendered.
1629 # - User was redirected to index page and not to his destination url
1630 # if his first login attempt failed.
1631 #
1632 # Revision 1.71 2001/11/30 20:28:10 rochecompaan
1633 # Property changes are now completely traceable, whether changes are
1634 # made through the web or by email
1635 #
1636 # Revision 1.70 2001/11/30 00:06:29 richard
1637 # Converted roundup/cgi_client.py to use _()
1638 # Added the status file, I18N_PROGRESS.txt
1639 #
1640 # Revision 1.69 2001/11/29 23:19:51 richard
1641 # Removed the "This issue has been edited through the web" when a valid
1642 # change note is supplied.
1643 #
1644 # Revision 1.68 2001/11/29 04:57:23 richard
1645 # a little comment
1646 #
1647 # Revision 1.67 2001/11/28 21:55:35 richard
1648 # . login_action and newuser_action return values were being ignored
1649 # . Woohoo! Found that bloody re-login bug that was killing the mail
1650 # gateway.
1651 # (also a minor cleanup in hyperdb)
1652 #
1653 # Revision 1.66 2001/11/27 03:00:50 richard
1654 # couple of bugfixes from latest patch integration
1655 #
1656 # Revision 1.65 2001/11/26 23:00:53 richard
1657 # This config stuff is getting to be a real mess...
1658 #
1659 # Revision 1.64 2001/11/26 22:56:35 richard
1660 # typo
1661 #
1662 # Revision 1.63 2001/11/26 22:55:56 richard
1663 # Feature:
1664 # . Added INSTANCE_NAME to configuration - used in web and email to identify
1665 # the instance.
1666 # . Added EMAIL_SIGNATURE_POSITION to indicate where to place the roundup
1667 # signature info in e-mails.
1668 # . Some more flexibility in the mail gateway and more error handling.
1669 # . Login now takes you to the page you back to the were denied access to.
1670 #
1671 # Fixed:
1672 # . Lots of bugs, thanks Roché and others on the devel mailing list!
1673 #
1674 # Revision 1.62 2001/11/24 00:45:42 jhermann
1675 # typeof() instead of type(): avoid clash with database field(?) "type"
1676 #
1677 # Fixes this traceback:
1678 #
1679 # Traceback (most recent call last):
1680 # File "roundup\cgi_client.py", line 535, in newnode
1681 # self._post_editnode(nid)
1682 # File "roundup\cgi_client.py", line 415, in _post_editnode
1683 # if type(value) != type([]): value = [value]
1684 # UnboundLocalError: local variable 'type' referenced before assignment
1685 #
1686 # Revision 1.61 2001/11/22 15:46:42 jhermann
1687 # Added module docstrings to all modules.
1688 #
1689 # Revision 1.60 2001/11/21 22:57:28 jhermann
1690 # Added dummy hooks for I18N and some preliminary (test) markup of
1691 # translatable messages
1692 #
1693 # Revision 1.59 2001/11/21 03:21:13 richard
1694 # oops
1695 #
1696 # Revision 1.58 2001/11/21 03:11:28 richard
1697 # Better handling of new properties.
1698 #
1699 # Revision 1.57 2001/11/15 10:24:27 richard
1700 # handle the case where there is no file attached
1701 #
1702 # Revision 1.56 2001/11/14 21:35:21 richard
1703 # . users may attach files to issues (and support in ext) through the web now
1704 #
1705 # Revision 1.55 2001/11/07 02:34:06 jhermann
1706 # Handling of damaged login cookies
1707 #
1708 # Revision 1.54 2001/11/07 01:16:12 richard
1709 # Remove the '=' padding from cookie value so quoting isn't an issue.
1710 #
1711 # Revision 1.53 2001/11/06 23:22:05 jhermann
1712 # More IE fixes: it does not like quotes around cookie values; in the
1713 # hope this does not break anything for other browser; if it does, we
1714 # need to check HTTP_USER_AGENT
1715 #
1716 # Revision 1.52 2001/11/06 23:11:22 jhermann
1717 # Fixed debug output in page footer; added expiry date to the login cookie
1718 # (expires 1 year in the future) to prevent probs with certain versions
1719 # of IE
1720 #
1721 # Revision 1.51 2001/11/06 22:00:34 jhermann
1722 # Get debug level from ROUNDUP_DEBUG env var
1723 #
1724 # Revision 1.50 2001/11/05 23:45:40 richard
1725 # Fixed newuser_action so it sets the cookie with the unencrypted password.
1726 # Also made it present nicer error messages (not tracebacks).
1727 #
1728 # Revision 1.49 2001/11/04 03:07:12 richard
1729 # Fixed various cookie-related bugs:
1730 # . bug #477685 ] base64.decodestring breaks
1731 # . bug #477837 ] lynx does not like the cookie
1732 # . bug #477892 ] Password edit doesn't fix login cookie
1733 # Also closed a security hole - a logged-in user could edit another user's
1734 # details.
1735 #
1736 # Revision 1.48 2001/11/03 01:30:18 richard
1737 # Oops. uses pagefoot now.
1738 #
1739 # Revision 1.47 2001/11/03 01:29:28 richard
1740 # Login page didn't have all close tags.
1741 #
1742 # Revision 1.46 2001/11/03 01:26:55 richard
1743 # possibly fix truncated base64'ed user:pass
1744 #
1745 # Revision 1.45 2001/11/01 22:04:37 richard
1746 # Started work on supporting a pop3-fetching server
1747 # Fixed bugs:
1748 # . bug #477104 ] HTML tag error in roundup-server
1749 # . bug #477107 ] HTTP header problem
1750 #
1751 # Revision 1.44 2001/10/28 23:03:08 richard
1752 # Added more useful header to the classic schema.
1753 #
1754 # Revision 1.43 2001/10/24 00:01:42 richard
1755 # More fixes to lockout logic.
1756 #
1757 # Revision 1.42 2001/10/23 23:56:03 richard
1758 # HTML typo
1759 #
1760 # Revision 1.41 2001/10/23 23:52:35 richard
1761 # Fixed lock-out logic, thanks Roch'e for pointing out the problems.
1762 #
1763 # Revision 1.40 2001/10/23 23:06:39 richard
1764 # Some cleanup.
1765 #
1766 # Revision 1.39 2001/10/23 01:00:18 richard
1767 # Re-enabled login and registration access after lopping them off via
1768 # disabling access for anonymous users.
1769 # Major re-org of the htmltemplate code, cleaning it up significantly. Fixed
1770 # a couple of bugs while I was there. Probably introduced a couple, but
1771 # things seem to work OK at the moment.
1772 #
1773 # Revision 1.38 2001/10/22 03:25:01 richard
1774 # Added configuration for:
1775 # . anonymous user access and registration (deny/allow)
1776 # . filter "widget" location on index page (top, bottom, both)
1777 # Updated some documentation.
1778 #
1779 # Revision 1.37 2001/10/21 07:26:35 richard
1780 # feature #473127: Filenames. I modified the file.index and htmltemplate
1781 # source so that the filename is used in the link and the creation
1782 # information is displayed.
1783 #
1784 # Revision 1.36 2001/10/21 04:44:50 richard
1785 # bug #473124: UI inconsistency with Link fields.
1786 # This also prompted me to fix a fairly long-standing usability issue -
1787 # that of being able to turn off certain filters.
1788 #
1789 # Revision 1.35 2001/10/21 00:17:54 richard
1790 # CGI interface view customisation section may now be hidden (patch from
1791 # Roch'e Compaan.)
1792 #
1793 # Revision 1.34 2001/10/20 11:58:48 richard
1794 # Catch errors in login - no username or password supplied.
1795 # Fixed editing of password (Password property type) thanks Roch'e Compaan.
1796 #
1797 # Revision 1.33 2001/10/17 00:18:41 richard
1798 # Manually constructing cookie headers now.
1799 #
1800 # Revision 1.32 2001/10/16 03:36:21 richard
1801 # CGI interface wasn't handling checkboxes at all.
1802 #
1803 # Revision 1.31 2001/10/14 10:55:00 richard
1804 # Handle empty strings in HTML template Link function
1805 #
1806 # Revision 1.30 2001/10/09 07:38:58 richard
1807 # Pushed the base code for the extended schema CGI interface back into the
1808 # code cgi_client module so that future updates will be less painful.
1809 # Also removed a debugging print statement from cgi_client.
1810 #
1811 # Revision 1.29 2001/10/09 07:25:59 richard
1812 # Added the Password property type. See "pydoc roundup.password" for
1813 # implementation details. Have updated some of the documentation too.
1814 #
1815 # Revision 1.28 2001/10/08 00:34:31 richard
1816 # Change message was stuffing up for multilinks with no key property.
1817 #
1818 # Revision 1.27 2001/10/05 02:23:24 richard
1819 # . roundup-admin create now prompts for property info if none is supplied
1820 # on the command-line.
1821 # . hyperdb Class getprops() method may now return only the mutable
1822 # properties.
1823 # . Login now uses cookies, which makes it a whole lot more flexible. We can
1824 # now support anonymous user access (read-only, unless there's an
1825 # "anonymous" user, in which case write access is permitted). Login
1826 # handling has been moved into cgi_client.Client.main()
1827 # . The "extended" schema is now the default in roundup init.
1828 # . The schemas have had their page headings modified to cope with the new
1829 # login handling. Existing installations should copy the interfaces.py
1830 # file from the roundup lib directory to their instance home.
1831 # . Incorrectly had a Bizar Software copyright on the cgitb.py module from
1832 # Ping - has been removed.
1833 # . Fixed a whole bunch of places in the CGI interface where we should have
1834 # been returning Not Found instead of throwing an exception.
1835 # . Fixed a deviation from the spec: trying to modify the 'id' property of
1836 # an item now throws an exception.
1837 #
1838 # Revision 1.26 2001/09/12 08:31:42 richard
1839 # handle cases where mime type is not guessable
1840 #
1841 # Revision 1.25 2001/08/29 05:30:49 richard
1842 # change messages weren't being saved when there was no-one on the nosy list.
1843 #
1844 # Revision 1.24 2001/08/29 04:49:39 richard
1845 # didn't clean up fully after debugging :(
1846 #
1847 # Revision 1.23 2001/08/29 04:47:18 richard
1848 # Fixed CGI client change messages so they actually include the properties
1849 # changed (again).
1850 #
1851 # Revision 1.22 2001/08/17 00:08:10 richard
1852 # reverted back to sending messages always regardless of who is doing the web
1853 # edit. change notes weren't being saved. bleah. hackish.
1854 #
1855 # Revision 1.21 2001/08/15 23:43:18 richard
1856 # Fixed some isFooTypes that I missed.
1857 # Refactored some code in the CGI code.
1858 #
1859 # Revision 1.20 2001/08/12 06:32:36 richard
1860 # using isinstance(blah, Foo) now instead of isFooType
1861 #
1862 # Revision 1.19 2001/08/07 00:24:42 richard
1863 # stupid typo
1864 #
1865 # Revision 1.18 2001/08/07 00:15:51 richard
1866 # Added the copyright/license notice to (nearly) all files at request of
1867 # Bizar Software.
1868 #
1869 # Revision 1.17 2001/08/02 06:38:17 richard
1870 # Roundupdb now appends "mailing list" information to its messages which
1871 # include the e-mail address and web interface address. Templates may
1872 # override this in their db classes to include specific information (support
1873 # instructions, etc).
1874 #
1875 # Revision 1.16 2001/08/02 05:55:25 richard
1876 # Web edit messages aren't sent to the person who did the edit any more. No
1877 # message is generated if they are the only person on the nosy list.
1878 #
1879 # Revision 1.15 2001/08/02 00:34:10 richard
1880 # bleah syntax error
1881 #
1882 # Revision 1.14 2001/08/02 00:26:16 richard
1883 # Changed the order of the information in the message generated by web edits.
1884 #
1885 # Revision 1.13 2001/07/30 08:12:17 richard
1886 # Added time logging and file uploading to the templates.
1887 #
1888 # Revision 1.12 2001/07/30 06:26:31 richard
1889 # Added some documentation on how the newblah works.
1890 #
1891 # Revision 1.11 2001/07/30 06:17:45 richard
1892 # Features:
1893 # . Added ability for cgi newblah forms to indicate that the new node
1894 # should be linked somewhere.
1895 # Fixed:
1896 # . Fixed the agument handling for the roundup-admin find command.
1897 # . Fixed handling of summary when no note supplied for newblah. Again.
1898 # . Fixed detection of no form in htmltemplate Field display.
1899 #
1900 # Revision 1.10 2001/07/30 02:37:34 richard
1901 # Temporary measure until we have decent schema migration...
1902 #
1903 # Revision 1.9 2001/07/30 01:25:07 richard
1904 # Default implementation is now "classic" rather than "extended" as one would
1905 # expect.
1906 #
1907 # Revision 1.8 2001/07/29 08:27:40 richard
1908 # Fixed handling of passed-in values in form elements (ie. during a
1909 # drill-down)
1910 #
1911 # Revision 1.7 2001/07/29 07:01:39 richard
1912 # Added vim command to all source so that we don't get no steenkin' tabs :)
1913 #
1914 # Revision 1.6 2001/07/29 04:04:00 richard
1915 # Moved some code around allowing for subclassing to change behaviour.
1916 #
1917 # Revision 1.5 2001/07/28 08:16:52 richard
1918 # New issue form handles lack of note better now.
1919 #
1920 # Revision 1.4 2001/07/28 00:34:34 richard
1921 # Fixed some non-string node ids.
1922 #
1923 # Revision 1.3 2001/07/23 03:56:30 richard
1924 # oops, missed a config removal
1925 #
1926 # Revision 1.2 2001/07/22 12:09:32 richard
1927 # Final commit of Grande Splite
1928 #
1929 # Revision 1.1 2001/07/22 11:58:35 richard
1930 # More Grande Splite
1931 #
1932 #
1933 # vim: set filetype=python ts=4 sw=4 et si