anoopmb
/
frappe
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1876 Commits
1 Branch
314 MiB
 
 
 
 
 
 
Tree: b953dcde9c
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'b953dcde9c'
${ noResults }
frappe/webnotes/handler.py

367 lines
10 KiB
Raw Blame History 

  1. # Copyright (c) 2012 Web Notes Technologies Pvt Ltd (http://erpnext.com)

  2. # 

  3. # MIT License (MIT)

  4. # 

  5. # Permission is hereby granted, free of charge, to any person obtaining a 

  6. # copy of this software and associated documentation files (the "Software"), 

  7. # to deal in the Software without restriction, including without limitation 

  8. # the rights to use, copy, modify, merge, publish, distribute, sublicense, 

  9. # and/or sell copies of the Software, and to permit persons to whom the 

  10. # Software is furnished to do so, subject to the following conditions:

  11. # 

  12. # The above copyright notice and this permission notice shall be included in 

  13. # all copies or substantial portions of the Software.

  14. # 

  15. # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, 

  16. # INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A 

  17. # PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT 

  18. # HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF 

  19. # CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE 

  20. # OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

  21. # 

  22. 

  23. from __future__ import unicode_literals

  24. import sys, os

  25. import webnotes

  26. import webnotes.utils

  27. import webnotes.sessions

  28. 

  29. form = webnotes.form

  30. form_dict = webnotes.form_dict

  31. 

  32. sql = None

  33. session = None

  34. errdoc = ''

  35. errdoctype = ''

  36. errmethod = ''

  37. 

  38. def get_cgi_fields():

  39. 	"""make webnotes.form_dict from cgi field storage"""

  40. 	import cgi

  41. 	import webnotes

  42. 	from webnotes.utils import cstr

  43. 	

  44. 	# make the form_dict

  45. 	webnotes.form = cgi.FieldStorage(keep_blank_values=True)

  46. 	for key in webnotes.form.keys():

  47. 		# file upload must not be decoded as it is treated as a binary

  48. 		# file and hence in any encoding (it does not matter)

  49. 		if not getattr(webnotes.form[key], 'filename', None):

  50. 			webnotes.form_dict[key] = cstr(webnotes.form.getvalue(key))

  51. 

  52. # Logs

  53. 

  54. @webnotes.whitelist(allow_guest=True)

  55. def startup():

  56. 	webnotes.response.update(webnotes.sessions.get())

  57. 

  58. def cleanup_docs():

  59. 	import webnotes.model.utils

  60. 	if webnotes.response.get('docs') and type(webnotes.response['docs'])!=dict:

  61. 		webnotes.response['docs'] = webnotes.model.utils.compress(webnotes.response['docs'])

  62. 

  63. @webnotes.whitelist()

  64. def runserverobj(arg=None):

  65. 	import webnotes.widgets.form.run_method

  66. 	webnotes.widgets.form.run_method.runserverobj()

  67. 

  68. @webnotes.whitelist(allow_guest=True)

  69. def logout():

  70. 	webnotes.login_manager.logout()

  71. 

  72. @webnotes.whitelist()

  73. def dt_map():

  74. 	import webnotes

  75. 	import webnotes.model.utils

  76. 	from webnotes.model.code import get_obj

  77. 	from webnotes.model.doc import Document

  78. 	from webnotes.model.wrapper import ModelWrapper

  79. 	

  80. 	form_dict = webnotes.form_dict

  81. 	

  82. 	dt_list = webnotes.model.utils.expand(form_dict.get('docs'))

  83. 	from_doctype = form_dict.get('from_doctype')

  84. 	to_doctype = form_dict.get('to_doctype')

  85. 	from_docname = form_dict.get('from_docname')

  86. 	from_to_list = form_dict.get('from_to_list')

  87. 	

  88. 	dm = get_obj('DocType Mapper', from_doctype +'-' + to_doctype)

  89. 	dl = dm.dt_map(from_doctype, to_doctype, from_docname, Document(fielddata = dt_list[0]), (len(dt_list) > 1) and ModelWrapper(dt_list).doclist or [], from_to_list)

  90. 	

  91. 	webnotes.response['docs'] = dl

  92. 

  93. @webnotes.whitelist()

  94. def load_month_events():

  95. 	import webnotes

  96. 

  97. 	mm = webnotes.form_dict.get('month')

  98. 	yy = webnotes.form_dict.get('year')

  99. 	m_st = str(yy) + '-' + str(mm) + '-01'

  100. 	m_end = str(yy) + '-' + str(mm) + '-31'

  101. 

  102. 	import webnotes.widgets.event

  103. 	webnotes.response['docs'] = webnotes.widgets.event.get_cal_events(m_st, m_end)

  104. 	

  105. @webnotes.whitelist()

  106. def uploadfile():

  107. 	import webnotes.utils

  108. 	import webnotes.utils.file_manager

  109. 	import json

  110. 

  111. 	ret = []

  112. 

  113. 	try:

  114. 		if webnotes.form_dict.get('from_form'):

  115. 			webnotes.utils.file_manager.upload()

  116. 		else:

  117. 			if webnotes.form_dict.get('method'):

  118. 				m = webnotes.form_dict['method']

  119. 				modulename = '.'.join(m.split('.')[:-1])

  120. 				methodname = m.split('.')[-1]

  121. 

  122. 				__import__(modulename)

  123. 				import sys

  124. 				moduleobj = sys.modules[modulename]

  125. 				ret = getattr(moduleobj, methodname)()

  126. 	except Exception, e:

  127. 		webnotes.msgprint(e)

  128. 		webnotes.errprint(webnotes.utils.getTraceback())

  129. 

  130. 	webnotes.response['type'] = 'iframe'

  131. 	if not webnotes.response.get('result'):

  132. 		webnotes.response['result'] = """<script>

  133. 			window.parent.wn.upload.callback("%s", %s);

  134. 		</script>""" % (webnotes.form_dict.get('_id'),

  135. 			json.dumps(ret))

  136. 

  137. @webnotes.whitelist(allow_guest=True)

  138. def reset_password():

  139. 	from webnotes.model.code import get_obj

  140. 	from webnotes.utils import random_string

  141. 	

  142. 	user = webnotes.form_dict.get('user', '')

  143. 	if webnotes.conn.sql("""select name from tabProfile where name=%s""", user):

  144. 		new_password = random_string(8)

  145. 		webnotes.conn.sql("""update `__Auth` set password=password(%s)

  146. 			where `user`=%s""", (new_password, user))

  147. 

  148. 		# Hack!

  149. 		webnotes.session["user"] = "Administrator"

  150. 		profile = get_obj("Profile", user)

  151. 		profile.password_reset_mail(new_password)

  152. 		webnotes.msgprint("Password has been reset and sent to your email id.")

  153. 	else:

  154. 		webnotes.msgprint("No such user (%s)" % user)

  155. 

  156. 

  157. def handle():

  158. 	"""handle request"""

  159. 	cmd = webnotes.form_dict['cmd']

  160. 

  161. 	if cmd!='login':

  162. 		# login executed in webnotes.auth

  163. 		try:

  164. 			execute_cmd(cmd)

  165. 		except webnotes.ValidationError, e:

  166. 			#webnotes.errprint(webnotes.utils.getTraceback())

  167. 			webnotes.errprint(e)

  168. 			webnotes.conn.rollback()

  169. 		except:

  170. 			webnotes.errprint(webnotes.utils.getTraceback())

  171. 			webnotes.conn and webnotes.conn.rollback()

  172. 				

  173. 	print_response()

  174. 

  175. 	if webnotes.conn:

  176. 		webnotes.conn.close()

  177. 

  178. def execute_cmd(cmd):

  179. 	"""execute a request as python module"""

  180. 	validate_cmd(cmd)

  181. 	method = get_method(cmd)

  182. 

  183. 	# check if whitelisted

  184. 	if webnotes.session['user'] == 'Guest':

  185. 		if (method not in webnotes.guest_methods):

  186. 			webnotes.response['403'] = 1

  187. 			raise Exception, 'Not Allowed, %s' % str(method)

  188. 	else:

  189. 		if not method in webnotes.whitelisted:

  190. 			webnotes.response['403'] = 1

  191. 			webnotes.msgprint('Not Allowed, %s' % str(method))

  192. 			raise Exception, 'Not Allowed, %s' % str(method)

  193. 		

  194. 	if not webnotes.conn.in_transaction:

  195. 		webnotes.conn.begin()

  196. 

  197. 	ret = call(method, webnotes.form_dict)

  198. 

  199. 	# returns with a message

  200. 	if ret:

  201. 		webnotes.response['message'] = ret

  202. 

  203. 	# update session

  204. 	webnotes.session_obj.update()

  205. 

  206. 	if webnotes.conn.in_transaction:

  207. 		webnotes.conn.commit()

  208. 

  209. def call(fn, args):

  210. 	import inspect

  211. 	fnargs, varargs, varkw, defaults = inspect.getargspec(fn)

  212. 	newargs = {}

  213. 	for a in fnargs:

  214. 		if a in args:

  215. 			newargs[a] = args.get(a)

  216. 	return fn(**newargs)

  217. 

  218. def get_method(cmd):

  219. 	"""get method object from cmd"""

  220. 	if '.' in cmd:

  221. 		cmd_parts = cmd.split('.')

  222. 		module_string = ".".join(cmd_parts[:-1])

  223. 		fn_string = cmd_parts[-1]

  224. 		module = __import__(module_string, fromlist=[module_string.split('.')[-1].encode('utf-8')])

  225. 		method = getattr(module, fn_string)

  226. 	else:

  227. 		method = globals()[cmd]

  228. 	return method

  229. 	

  230. def validate_cmd(cmd):

  231. 	# check if there is no direct possibility of malicious script injection

  232. 	if cmd.startswith('webnotes.model.code'):

  233. 		raise Exception, 'Cannot call any methods from webnotes.model.code directly from the handler'

  234. 

  235. 	if cmd.startswith('webnotes.model.db_schema'):

  236. 		raise Exception, 'Cannot call any methods from webnotes.model.db_schema directly from the handler'

  237. 

  238. 	if cmd.startswith('webnotes.conn'):

  239. 		raise Exception, 'Cannot call database connection method directly from the handler'

  240. 		

  241. def print_response():

  242. 	print_map = {

  243. 		'csv': print_csv,

  244. 		'iframe': print_iframe,

  245. 		'download': print_raw,

  246. 		'json': print_json,

  247. 		'page': print_page

  248. 	}

  249. 	

  250. 	print_map.get(webnotes.response.get('type'), print_json)()

  251. 

  252. def print_page():

  253. 	"""print web page"""

  254. 	from website.utils import render

  255. 	render(webnotes.response['page_name'])

  256. 

  257. def eprint(content):

  258. 	print content.encode('utf-8')

  259. 

  260. def print_json():	

  261. 	make_logs()

  262. 	cleanup_docs()

  263. 	add_cookies()

  264. 

  265. 	eprint("Content-Type: text/html; charset: utf-8")

  266. 	if webnotes.cookies:

  267. 		print webnotes.cookies

  268. 

  269. 	import json

  270. 	print_zip(json.dumps(webnotes.response, default=json_handler, separators=(',',':')))

  271. 		

  272. def print_csv():

  273. 	eprint("Content-Type: text/csv; charset: utf-8")

  274. 	eprint("Content-Disposition: attachment; filename=%s.csv" % webnotes.response['doctype'].replace(' ', '_'))

  275. 	eprint("")

  276. 	eprint(webnotes.response['result'])

  277. 

  278. def print_iframe():

  279. 	eprint("Content-Type: text/html; charset: utf-8")

  280. 	eprint("")

  281. 	eprint(webnotes.response.get('result') or '')

  282. 	

  283. 	if webnotes.debug_log:

  284. 		import json

  285. 		eprint("""\

  286. 			<script>

  287. 				var messages = %(messages)s;

  288. 				if (messages.length) {

  289. 					for (var i in messages) {

  290. 						window.parent.msgprint(messages[i]);

  291. 					}

  292. 				}

  293. 				var errors = %(errors)s;

  294. 				if (errors.length) {

  295. 					for (var i in errors) {

  296. 						window.parent.console.log(errors[i]);

  297. 					}

  298. 				}

  299. 			</script>""" % {

  300. 				'messages': json.dumps(webnotes.message_log).replace("'", "\\'"),

  301. 				'errors': json.dumps(webnotes.debug_log).replace("'", "\\'"),

  302. 			})

  303. 

  304. def print_raw():

  305. 	eprint("Content-Type: %s" % \

  306. 		mimetypes.guess_type(webnotes.response['filename'])[0] \

  307. 		or 'application/unknown'),

  308. 	eprint("Content-Disposition: filename=%s" % \

  309. 		webnotes.response['filename'].replace(' ', '_'))

  310. 	eprint("")

  311. 	eprint(webnotes.response['filecontent'])

  312. 

  313. def make_logs():

  314. 	"""make strings for msgprint and errprint"""

  315. 	import json

  316. 	from webnotes.utils import cstr

  317. 	if webnotes.debug_log:

  318. 		webnotes.response['exc'] = json.dumps("\n".join([cstr(d) for d in webnotes.debug_log]))

  319. 

  320. 	if webnotes.message_log:

  321. 		webnotes.response['server_messages'] = json.dumps([cstr(d) for d in webnotes.message_log])

  322. 

  323. def add_cookies():

  324. 	"""if there ar additional cookies defined during the request, add them"""

  325. 	if webnotes.cookies or webnotes.add_cookies:

  326. 		for c in webnotes.add_cookies.keys():

  327. 			webnotes.cookies[c.encode('utf-8')] = \

  328. 				webnotes.add_cookies[c].encode('utf-8')

  329. 

  330. def print_zip(response):

  331. 	response = response.encode('utf-8')

  332. 	orig_len = len(response)

  333. 	if accept_gzip() and orig_len>512:

  334. 		response = compressBuf(response)

  335. 		eprint("Content-Encoding: gzip")

  336. 		eprint("Original-Length: %d" % orig_len)

  337. 	

  338. 	eprint("Content-Length: %d" % len(response))

  339. 		

  340. 	eprint("")

  341. 	print response

  342. 	

  343. def json_handler(obj):

  344. 	"""serialize non-serializable data for json"""

  345. 	import datetime

  346. 	

  347. 	# serialize date

  348. 	if isinstance(obj, datetime.date):

  349. 		return unicode(obj)

  350. 	if isinstance(obj, datetime.timedelta):

  351. 		return unicode(obj)

  352. 	else:

  353. 		raise TypeError, """Object of type %s with value of %s is not JSON serializable""" % \

  354. 			(type(obj), repr(obj))

  355. 

  356. def accept_gzip():

  357. 	if "gzip" in os.environ.get("HTTP_ACCEPT_ENCODING", ""):

  358. 		return True

  359. 

  360. def compressBuf(buf):

  361. 	import gzip, cStringIO

  362. 	zbuf = cStringIO.StringIO()

  363. 	zfile = gzip.GzipFile(mode = 'wb',  fileobj = zbuf, compresslevel = 5)

  364. 	zfile.write(buf)

  365. 	zfile.close()

  366. 	return zbuf.getvalue()