anoopmb
/
frappe
1
0
Разклонения 0
Код Задачи 0 Заявки за сливане 0 Версии 0 Уики Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
32884 Ревизии
1 Клон
314 MiB
 
 
 
 
 
 
ИН на ревизия: 10fe05da29
Клонове Маркери
${ item.name }
Create branch ${ searchTerm }
от '10fe05da29'
${ noResults }
frappe/frappe/handler.py

255 lines
6.4 KiB
Директен файл Blame История 

  1. # Copyright (c) 2015, Frappe Technologies Pvt. Ltd. and Contributors

  2. # MIT License. See license.txt

  3. 

  4. from __future__ import unicode_literals

  5. 

  6. from werkzeug.wrappers import Response

  7. 

  8. import frappe

  9. import frappe.utils

  10. import frappe.sessions

  11. from frappe.utils import cint

  12. from frappe import _, is_whitelisted

  13. from frappe.utils.response import build_response

  14. from frappe.utils.csvutils import build_csv_response

  15. from frappe.core.doctype.server_script.server_script_utils import run_server_script_api

  16. 

  17. 

  18. ALLOWED_MIMETYPES = ('image/png', 'image/jpeg', 'application/pdf', 'application/msword',

  19. 			'application/vnd.openxmlformats-officedocument.wordprocessingml.document',

  20. 			'application/vnd.ms-excel', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',

  21. 			'application/vnd.oasis.opendocument.text', 'application/vnd.oasis.opendocument.spreadsheet')

  22. 

  23. 

  24. def handle():

  25. 	"""handle request"""

  26. 

  27. 	cmd = frappe.local.form_dict.cmd

  28. 	data = None

  29. 

  30. 	if cmd!='login':

  31. 		data = execute_cmd(cmd)

  32. 

  33. 	# data can be an empty string or list which are valid responses

  34. 	if data is not None:

  35. 		if isinstance(data, Response):

  36. 			# method returns a response object, pass it on

  37. 			return data

  38. 

  39. 		# add the response to `message` label

  40. 		frappe.response['message'] = data

  41. 

  42. 	return build_response("json")

  43. 

  44. def execute_cmd(cmd, from_async=False):

  45. 	"""execute a request as python module"""

  46. 	for hook in frappe.get_hooks("override_whitelisted_methods", {}).get(cmd, []):

  47. 		# override using the first hook

  48. 		cmd = hook

  49. 		break

  50. 

  51. 	# via server script

  52. 	if run_server_script_api(cmd):

  53. 		return None

  54. 

  55. 	try:

  56. 		method = get_attr(cmd)

  57. 	except Exception as e:

  58. 		frappe.throw(_('Invalid Method'))

  59. 

  60. 	if from_async:

  61. 		method = method.queue

  62. 

  63. 	if method != run_doc_method:

  64. 		is_whitelisted(method)

  65. 		is_valid_http_method(method)

  66. 

  67. 	return frappe.call(method, **frappe.form_dict)

  68. 

  69. def is_valid_http_method(method):

  70. 	http_method = frappe.local.request.method

  71. 

  72. 	if http_method not in frappe.allowed_http_methods_for_whitelisted_func[method]:

  73. 		throw_permission_error()

  74. 

  75. def throw_permission_error():

  76. 	frappe.throw(_("Not permitted"), frappe.PermissionError)

  77. 

  78. @frappe.whitelist(allow_guest=True)

  79. def version():

  80. 	return frappe.__version__

  81. 

  82. @frappe.whitelist(allow_guest=True)

  83. def logout():

  84. 	frappe.local.login_manager.logout()

  85. 	frappe.db.commit()

  86. 

  87. @frappe.whitelist(allow_guest=True)

  88. def web_logout():

  89. 	frappe.local.login_manager.logout()

  90. 	frappe.db.commit()

  91. 	frappe.respond_as_web_page(_("Logged Out"), _("You have been successfully logged out"),

  92. 		indicator_color='green')

  93. 

  94. @frappe.whitelist()

  95. def uploadfile():

  96. 	ret = None

  97. 

  98. 	try:

  99. 		if frappe.form_dict.get('from_form'):

  100. 			try:

  101. 				ret = frappe.get_doc({

  102. 					"doctype": "File",

  103. 					"attached_to_name": frappe.form_dict.docname,

  104. 					"attached_to_doctype": frappe.form_dict.doctype,

  105. 					"attached_to_field": frappe.form_dict.docfield,

  106. 					"file_url": frappe.form_dict.file_url,

  107. 					"file_name": frappe.form_dict.filename,

  108. 					"is_private": frappe.utils.cint(frappe.form_dict.is_private),

  109. 					"content": frappe.form_dict.filedata,

  110. 					"decode": True

  111. 				})

  112. 				ret.save()

  113. 			except frappe.DuplicateEntryError:

  114. 				# ignore pass

  115. 				ret = None

  116. 				frappe.db.rollback()

  117. 		else:

  118. 			if frappe.form_dict.get('method'):

  119. 				method = frappe.get_attr(frappe.form_dict.method)

  120. 				is_whitelisted(method)

  121. 				ret = method()

  122. 	except Exception:

  123. 		frappe.errprint(frappe.utils.get_traceback())

  124. 		frappe.response['http_status_code'] = 500

  125. 		ret = None

  126. 

  127. 	return ret

  128. 

  129. @frappe.whitelist(allow_guest=True)

  130. def upload_file():

  131. 	user = None

  132. 	if frappe.session.user == 'Guest':

  133. 		if frappe.get_system_settings('allow_guests_to_upload_files'):

  134. 			ignore_permissions = True

  135. 		else:

  136. 			return

  137. 	else:

  138. 		user = frappe.get_doc("User", frappe.session.user)

  139. 		ignore_permissions = False

  140. 

  141. 	files = frappe.request.files

  142. 	is_private = frappe.form_dict.is_private

  143. 	doctype = frappe.form_dict.doctype

  144. 	docname = frappe.form_dict.docname

  145. 	fieldname = frappe.form_dict.fieldname

  146. 	file_url = frappe.form_dict.file_url

  147. 	folder = frappe.form_dict.folder or 'Home'

  148. 	method = frappe.form_dict.method

  149. 	content = None

  150. 	filename = None

  151. 

  152. 	if 'file' in files:

  153. 		file = files['file']

  154. 		content = file.stream.read()

  155. 		filename = file.filename

  156. 

  157. 	frappe.local.uploaded_file = content

  158. 	frappe.local.uploaded_filename = filename

  159. 

  160. 	if frappe.session.user == 'Guest' or (user and not user.has_desk_access()):

  161. 		import mimetypes

  162. 		filetype = mimetypes.guess_type(filename)[0]

  163. 		if filetype not in ALLOWED_MIMETYPES:

  164. 			frappe.throw(_("You can only upload JPG, PNG, PDF, or Microsoft documents."))

  165. 

  166. 	if method:

  167. 		method = frappe.get_attr(method)

  168. 		is_whitelisted(method)

  169. 		return method()

  170. 	else:

  171. 		ret = frappe.get_doc({

  172. 			"doctype": "File",

  173. 			"attached_to_doctype": doctype,

  174. 			"attached_to_name": docname,

  175. 			"attached_to_field": fieldname,

  176. 			"folder": folder,

  177. 			"file_name": filename,

  178. 			"file_url": file_url,

  179. 			"is_private": cint(is_private),

  180. 			"content": content

  181. 		})

  182. 		ret.save(ignore_permissions=ignore_permissions)

  183. 		return ret

  184. 

  185. 

  186. def get_attr(cmd):

  187. 	"""get method object from cmd"""

  188. 	if '.' in cmd:

  189. 		method = frappe.get_attr(cmd)

  190. 	else:

  191. 		method = globals()[cmd]

  192. 	frappe.log("method:" + cmd)

  193. 	return method

  194. 

  195. @frappe.whitelist(allow_guest=True)

  196. def ping():

  197. 	return "pong"

  198. 

  199. 

  200. def run_doc_method(method, docs=None, dt=None, dn=None, arg=None, args=None):

  201. 	"""run a whitelisted controller method"""

  202. 	import json

  203. 	import inspect

  204. 

  205. 	if not args:

  206. 		args = arg or ""

  207. 

  208. 	if dt: # not called from a doctype (from a page)

  209. 		if not dn:

  210. 			dn = dt # single

  211. 		doc = frappe.get_doc(dt, dn)

  212. 

  213. 	else:

  214. 		doc = frappe.get_doc(json.loads(docs))

  215. 		doc._original_modified = doc.modified

  216. 		doc.check_if_latest()

  217. 

  218. 	if not doc or not doc.has_permission("read"):

  219. 		throw_permission_error()

  220. 

  221. 	try:

  222. 		args = json.loads(args)

  223. 	except ValueError:

  224. 		args = args

  225. 

  226. 	method_obj = getattr(doc, method)

  227. 	fn = getattr(method_obj, '__func__', method_obj)

  228. 	is_whitelisted(fn)

  229. 	is_valid_http_method(fn)

  230. 

  231. 	fnargs = inspect.getfullargspec(method_obj).args

  232. 

  233. 	if not fnargs or (len(fnargs)==1 and fnargs[0]=="self"):

  234. 		response = doc.run_method(method)

  235. 

  236. 	elif "args" in fnargs or not isinstance(args, dict):

  237. 		response = doc.run_method(method, args)

  238. 

  239. 	else:

  240. 		response = doc.run_method(method, **args)

  241. 

  242. 	frappe.response.docs.append(doc)

  243. 	if not response:

  244. 		return

  245. 

  246. 	# build output as csv

  247. 	if cint(frappe.form_dict.get('as_csv')):

  248. 		build_csv_response(response, doc.doctype.replace(' ', ''))

  249. 		return

  250. 

  251. 	frappe.response['message'] = response

  252. 

  253. # for backwards compatibility

  254. runserverobj = run_doc_method