anoopmb
/
frappe
1
0
Разклонения 0
Код Задачи 0 Заявки за сливане 0 Версии 0 Уики Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1935 Ревизии
1 Клон
314 MiB
 
 
 
 
 
 
ИН на ревизия: 1a7a6b228f
Клонове Маркери
${ item.name }
Create branch ${ searchTerm }
от '1a7a6b228f'
${ noResults }
frappe/webnotes/handler.py

368 lines
11 KiB
Директен файл Blame История 

  1. # Copyright (c) 2012 Web Notes Technologies Pvt Ltd (http://erpnext.com)

  2. # 

  3. # MIT License (MIT)

  4. # 

  5. # Permission is hereby granted, free of charge, to any person obtaining a 

  6. # copy of this software and associated documentation files (the "Software"), 

  7. # to deal in the Software without restriction, including without limitation 

  8. # the rights to use, copy, modify, merge, publish, distribute, sublicense, 

  9. # and/or sell copies of the Software, and to permit persons to whom the 

  10. # Software is furnished to do so, subject to the following conditions:

  11. # 

  12. # The above copyright notice and this permission notice shall be included in 

  13. # all copies or substantial portions of the Software.

  14. # 

  15. # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, 

  16. # INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A 

  17. # PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT 

  18. # HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF 

  19. # CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE 

  20. # OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

  21. # 

  22. 

  23. from __future__ import unicode_literals

  24. import sys, os

  25. import webnotes

  26. import webnotes.utils

  27. import webnotes.sessions

  28. 

  29. form = webnotes.form

  30. form_dict = webnotes.form_dict

  31. 

  32. sql = None

  33. session = None

  34. errdoc = ''

  35. errdoctype = ''

  36. errmethod = ''

  37. 

  38. def get_cgi_fields():

  39. 	"""make webnotes.form_dict from cgi field storage"""

  40. 	import cgi

  41. 	import webnotes

  42. 	from webnotes.utils import cstr

  43. 	

  44. 	# make the form_dict

  45. 	webnotes.form = cgi.FieldStorage(keep_blank_values=True)

  46. 	for key in webnotes.form.keys():

  47. 		# file upload must not be decoded as it is treated as a binary

  48. 		# file and hence in any encoding (it does not matter)

  49. 		if not getattr(webnotes.form[key], 'filename', None):

  50. 			webnotes.form_dict[key] = cstr(webnotes.form.getvalue(key))

  51. 

  52. @webnotes.whitelist(allow_guest=True)

  53. def startup():

  54. 	webnotes.response.update(webnotes.sessions.get())

  55. 

  56. def cleanup_docs():

  57. 	import webnotes.model.utils

  58. 	if webnotes.response.get('docs') and type(webnotes.response['docs'])!=dict:

  59. 		webnotes.response['docs'] = webnotes.model.utils.compress(webnotes.response['docs'])

  60. 

  61. @webnotes.whitelist()

  62. def runserverobj(arg=None):

  63. 	import webnotes.widgets.form.run_method

  64. 	webnotes.widgets.form.run_method.runserverobj()

  65. 

  66. @webnotes.whitelist(allow_guest=True)

  67. def logout():

  68. 	webnotes.login_manager.logout()

  69. 

  70. @webnotes.whitelist()

  71. def dt_map():

  72. 	import webnotes

  73. 	import webnotes.model.utils

  74. 	from webnotes.model.code import get_obj

  75. 	from webnotes.model.doc import Document

  76. 	from webnotes.model.wrapper import ModelWrapper

  77. 	

  78. 	form_dict = webnotes.form_dict

  79. 	

  80. 	dt_list = webnotes.model.utils.expand(form_dict.get('docs'))

  81. 	from_doctype = form_dict.get('from_doctype')

  82. 	to_doctype = form_dict.get('to_doctype')

  83. 	from_docname = form_dict.get('from_docname')

  84. 	from_to_list = form_dict.get('from_to_list')

  85. 	

  86. 	dm = get_obj('DocType Mapper', from_doctype +'-' + to_doctype)

  87. 	dl = dm.dt_map(from_doctype, to_doctype, from_docname, Document(fielddata = dt_list[0]), (len(dt_list) > 1) and ModelWrapper(dt_list).doclist or [], from_to_list)

  88. 	

  89. 	webnotes.response['docs'] = dl

  90. 

  91. @webnotes.whitelist()

  92. def load_month_events():

  93. 	import webnotes

  94. 

  95. 	mm = webnotes.form_dict.get('month')

  96. 	yy = webnotes.form_dict.get('year')

  97. 	m_st = str(yy) + '-' + str(mm) + '-01'

  98. 	m_end = str(yy) + '-' + str(mm) + '-31'

  99. 

  100. 	import webnotes.widgets.event

  101. 	webnotes.response['docs'] = webnotes.widgets.event.get_cal_events(m_st, m_end)

  102. 

  103. @webnotes.whitelist()

  104. def uploadfile():

  105. 	import webnotes.utils

  106. 	import webnotes.utils.file_manager

  107. 	import json

  108. 

  109. 	ret = []

  110. 

  111. 	try:

  112. 		if webnotes.form_dict.get('from_form'):

  113. 			webnotes.utils.file_manager.upload()

  114. 		else:

  115. 			if webnotes.form_dict.get('method'):

  116. 				m = webnotes.form_dict['method']

  117. 				modulename = '.'.join(m.split('.')[:-1])

  118. 				methodname = m.split('.')[-1]

  119. 

  120. 				__import__(modulename)

  121. 				import sys

  122. 				moduleobj = sys.modules[modulename]

  123. 				ret = getattr(moduleobj, methodname)()

  124. 	except Exception, e:

  125. 		webnotes.msgprint(e)

  126. 		webnotes.errprint(webnotes.utils.getTraceback())

  127. 

  128. 	webnotes.response['type'] = 'iframe'

  129. 	if not webnotes.response.get('result'):

  130. 		webnotes.response['result'] = """<script>

  131. 			window.parent.wn.upload.callback("%s", %s);

  132. 		</script>""" % (webnotes.form_dict.get('_id'),

  133. 			json.dumps(ret))

  134. 

  135. @webnotes.whitelist(allow_guest=True)

  136. def reset_password():

  137. 	from webnotes.model.code import get_obj

  138. 	from webnotes.utils import random_string

  139. 	

  140. 	user = webnotes.form_dict.get('user', '')

  141. 	if user in ["demo@erpnext.com", "Administrator"]:

  142. 		webnotes.msgprint("Not allowed", raise_exception=1)

  143. 		

  144. 	if webnotes.conn.sql("""select name from tabProfile where name=%s""", user):

  145. 		new_password = random_string(8)

  146. 		webnotes.conn.sql("""update `__Auth` set password=password(%s)

  147. 			where `user`=%s""", (new_password, user))

  148. 

  149. 		# Hack!

  150. 		webnotes.session["user"] = "Administrator"

  151. 		profile = get_obj("Profile", user)

  152. 		profile.password_reset_mail(new_password)

  153. 		webnotes.msgprint("Password has been reset and sent to your email id.")

  154. 	else:

  155. 		webnotes.msgprint("No such user (%s)" % user)

  156. 

  157. 

  158. def handle():

  159. 	"""handle request"""

  160. 	cmd = webnotes.form_dict['cmd']

  161. 

  162. 	if cmd!='login':

  163. 		# login executed in webnotes.auth

  164. 		try:

  165. 			execute_cmd(cmd)

  166. 		except webnotes.ValidationError, e:

  167. 			#webnotes.errprint(webnotes.utils.getTraceback())

  168. 			webnotes.errprint(e)

  169. 			webnotes.conn.rollback()

  170. 		except:

  171. 			webnotes.errprint(webnotes.utils.getTraceback())

  172. 			webnotes.conn and webnotes.conn.rollback()

  173. 				

  174. 	print_response()

  175. 

  176. 	if webnotes.conn:

  177. 		webnotes.conn.close()

  178. 

  179. def execute_cmd(cmd):

  180. 	"""execute a request as python module"""

  181. 	validate_cmd(cmd)

  182. 	method = get_method(cmd)

  183. 

  184. 	# check if whitelisted

  185. 	if webnotes.session['user'] == 'Guest':

  186. 		if (method not in webnotes.guest_methods):

  187. 			webnotes.response['403'] = 1

  188. 			raise Exception, 'Not Allowed, %s' % str(method)

  189. 	else:

  190. 		if not method in webnotes.whitelisted:

  191. 			webnotes.response['403'] = 1

  192. 			webnotes.msgprint('Not Allowed, %s' % str(method))

  193. 			raise Exception, 'Not Allowed, %s' % str(method)

  194. 		

  195. 	if not webnotes.conn.in_transaction:

  196. 		webnotes.conn.begin()

  197. 

  198. 	ret = call(method, webnotes.form_dict)

  199. 

  200. 	# returns with a message

  201. 	if ret:

  202. 		webnotes.response['message'] = ret

  203. 

  204. 	# update session

  205. 	webnotes.session_obj.update()

  206. 

  207. 	if webnotes.conn.in_transaction:

  208. 		webnotes.conn.commit()

  209. 

  210. def call(fn, args):

  211. 	import inspect

  212. 	fnargs, varargs, varkw, defaults = inspect.getargspec(fn)

  213. 	newargs = {}

  214. 	for a in fnargs:

  215. 		if a in args:

  216. 			newargs[a] = args.get(a)

  217. 	return fn(**newargs)

  218. 

  219. def get_method(cmd):

  220. 	"""get method object from cmd"""

  221. 	if '.' in cmd:

  222. 		cmd_parts = cmd.split('.')

  223. 		module_string = ".".join(cmd_parts[:-1])

  224. 		fn_string = cmd_parts[-1]

  225. 		module = __import__(module_string, fromlist=[module_string.split('.')[-1].encode('utf-8')])

  226. 		method = getattr(module, fn_string)

  227. 	else:

  228. 		method = globals()[cmd]

  229. 	return method

  230. 	

  231. def validate_cmd(cmd):

  232. 	# check if there is no direct possibility of malicious script injection

  233. 	if cmd.startswith('webnotes.model.code'):

  234. 		raise Exception, 'Cannot call any methods from webnotes.model.code directly from the handler'

  235. 

  236. 	if cmd.startswith('webnotes.model.db_schema'):

  237. 		raise Exception, 'Cannot call any methods from webnotes.model.db_schema directly from the handler'

  238. 

  239. 	if cmd.startswith('webnotes.conn'):

  240. 		raise Exception, 'Cannot call database connection method directly from the handler'

  241. 		

  242. def print_response():

  243. 	print_map = {

  244. 		'csv': print_csv,

  245. 		'iframe': print_iframe,

  246. 		'download': print_raw,

  247. 		'json': print_json,

  248. 		'page': print_page

  249. 	}

  250. 	

  251. 	print_map.get(webnotes.response.get('type'), print_json)()

  252. 

  253. def print_page():

  254. 	"""print web page"""

  255. 	from website.utils import render

  256. 	render(webnotes.response['page_name'])

  257. 

  258. def eprint(content):

  259. 	print content.encode('utf-8')

  260. 

  261. def print_json():	

  262. 	make_logs()

  263. 	cleanup_docs()

  264. 	add_cookies()

  265. 

  266. 	eprint("Content-Type: text/html; charset: utf-8")

  267. 	if webnotes.cookies:

  268. 		print webnotes.cookies

  269. 

  270. 	import json

  271. 	print_zip(json.dumps(webnotes.response, default=json_handler, separators=(',',':')))

  272. 		

  273. def print_csv():

  274. 	eprint("Content-Type: text/csv; charset: utf-8")

  275. 	eprint("Content-Disposition: attachment; filename=%s.csv" % webnotes.response['doctype'].replace(' ', '_'))

  276. 	eprint("")

  277. 	eprint(webnotes.response['result'])

  278. 

  279. def print_iframe():

  280. 	eprint("Content-Type: text/html; charset: utf-8")

  281. 	eprint("")

  282. 	eprint(webnotes.response.get('result') or '')

  283. 	

  284. 	if webnotes.debug_log:

  285. 		import json

  286. 		eprint("""\

  287. 			<script>

  288. 				var messages = %(messages)s;

  289. 				if (messages.length) {

  290. 					for (var i in messages) {

  291. 						window.parent.msgprint(messages[i]);

  292. 					}

  293. 				}

  294. 				var errors = %(errors)s;

  295. 				if (errors.length) {

  296. 					for (var i in errors) {

  297. 						window.parent.console.log(errors[i]);

  298. 					}

  299. 				}

  300. 			</script>""" % {

  301. 				'messages': json.dumps(webnotes.message_log).replace("'", "\\'"),

  302. 				'errors': json.dumps(webnotes.debug_log).replace("'", "\\'"),

  303. 			})

  304. 

  305. def print_raw():

  306. 	eprint("Content-Type: %s" % \

  307. 		mimetypes.guess_type(webnotes.response['filename'])[0] \

  308. 		or 'application/unknown'),

  309. 	eprint("Content-Disposition: filename=%s" % \

  310. 		webnotes.response['filename'].replace(' ', '_'))

  311. 	eprint("")

  312. 	eprint(webnotes.response['filecontent'])

  313. 

  314. def make_logs():

  315. 	"""make strings for msgprint and errprint"""

  316. 	import json

  317. 	from webnotes.utils import cstr

  318. 	if webnotes.debug_log:

  319. 		webnotes.response['exc'] = json.dumps("\n".join([cstr(d) for d in webnotes.debug_log]))

  320. 

  321. 	if webnotes.message_log:

  322. 		webnotes.response['server_messages'] = json.dumps([cstr(d) for d in webnotes.message_log])

  323. 

  324. def add_cookies():

  325. 	"""if there ar additional cookies defined during the request, add them"""

  326. 	if webnotes.cookies or webnotes.add_cookies:

  327. 		for c in webnotes.add_cookies.keys():

  328. 			webnotes.cookies[c.encode('utf-8')] = \

  329. 				webnotes.add_cookies[c].encode('utf-8')

  330. 

  331. def print_zip(response):

  332. 	response = response.encode('utf-8')

  333. 	orig_len = len(response)

  334. 	if accept_gzip() and orig_len>512:

  335. 		response = compressBuf(response)

  336. 		eprint("Content-Encoding: gzip")

  337. 		eprint("Original-Length: %d" % orig_len)

  338. 	

  339. 	eprint("Content-Length: %d" % len(response))

  340. 		

  341. 	eprint("")

  342. 	print response

  343. 	

  344. def json_handler(obj):

  345. 	"""serialize non-serializable data for json"""

  346. 	import datetime

  347. 	

  348. 	# serialize date

  349. 	if isinstance(obj, datetime.date):

  350. 		return unicode(obj)

  351. 	if isinstance(obj, datetime.timedelta):

  352. 		return unicode(obj)

  353. 	else:

  354. 		raise TypeError, """Object of type %s with value of %s is not JSON serializable""" % \

  355. 			(type(obj), repr(obj))

  356. 

  357. def accept_gzip():

  358. 	if "gzip" in os.environ.get("HTTP_ACCEPT_ENCODING", ""):

  359. 		return True

  360. 

  361. def compressBuf(buf):

  362. 	import gzip, cStringIO

  363. 	zbuf = cStringIO.StringIO()

  364. 	zfile = gzip.GzipFile(mode = 'wb',  fileobj = zbuf, compresslevel = 5)

  365. 	zfile.write(buf)

  366. 	zfile.close()

  367. 	return zbuf.getvalue()