paulb@28 | 1 | #!/usr/bin/env python |
paulb@28 | 2 | |
paulb@28 | 3 | """ |
paulb@28 | 4 | BaseHTTPRequestHandler classes. |
paulb@28 | 5 | """ |
paulb@28 | 6 | |
paulb@28 | 7 | import Generic |
paulb@198 | 8 | from Helpers.Request import MessageBodyStream, get_body_fields, get_storage_items |
paulb@167 | 9 | from Helpers.Response import ConvertingStream |
paulb@49 | 10 | from Helpers.Auth import UserInfo |
paulb@239 | 11 | from Helpers.Session import SessionStore |
paulb@71 | 12 | from cgi import parse_qs, FieldStorage |
paulb@115 | 13 | import Cookie |
paulb@28 | 14 | from StringIO import StringIO |
paulb@28 | 15 | |
paulb@28 | 16 | class Transaction(Generic.Transaction): |
paulb@28 | 17 | |
paulb@28 | 18 | """ |
paulb@28 | 19 | BaseHTTPRequestHandler transaction interface. |
paulb@28 | 20 | """ |
paulb@28 | 21 | |
paulb@28 | 22 | def __init__(self, trans): |
paulb@28 | 23 | |
paulb@28 | 24 | """ |
paulb@28 | 25 | Initialise the transaction using the BaseHTTPRequestHandler instance |
paulb@28 | 26 | 'trans'. |
paulb@28 | 27 | """ |
paulb@28 | 28 | |
paulb@28 | 29 | self.trans = trans |
paulb@28 | 30 | |
paulb@28 | 31 | # Other attributes of interest in instances of this class. |
paulb@28 | 32 | |
paulb@28 | 33 | self.content_type = None |
paulb@45 | 34 | self.response_code = 200 |
paulb@28 | 35 | self.content = StringIO() |
paulb@115 | 36 | self.headers_out = {} |
paulb@115 | 37 | self.cookies_out = Cookie.SimpleCookie() |
paulb@128 | 38 | self.user = None |
paulb@115 | 39 | |
paulb@115 | 40 | # Define the incoming cookies. |
paulb@115 | 41 | |
paulb@115 | 42 | self.cookies_in = Cookie.SimpleCookie(self.get_headers().get("cookie")) |
paulb@28 | 43 | |
paulb@124 | 44 | # Cached information. |
paulb@124 | 45 | |
paulb@124 | 46 | self.storage_body = None |
paulb@124 | 47 | |
paulb@239 | 48 | # Special objects retained throughout the transaction. |
paulb@239 | 49 | |
paulb@239 | 50 | self.session_store = None |
paulb@239 | 51 | |
paulb@28 | 52 | def commit(self): |
paulb@28 | 53 | |
paulb@28 | 54 | """ |
paulb@28 | 55 | A special method, synchronising the transaction with framework-specific |
paulb@28 | 56 | objects. |
paulb@28 | 57 | """ |
paulb@28 | 58 | |
paulb@239 | 59 | # Close the session store. |
paulb@239 | 60 | |
paulb@239 | 61 | if self.session_store is not None: |
paulb@239 | 62 | self.session_store.close() |
paulb@239 | 63 | |
paulb@239 | 64 | # Prepare the response. |
paulb@239 | 65 | |
paulb@28 | 66 | self.trans.send_response(self.response_code) |
paulb@45 | 67 | if self.content_type is not None: |
paulb@224 | 68 | self.trans.send_header("Content-Type", str(self.content_type)) |
paulb@115 | 69 | |
paulb@115 | 70 | for header, value in self.headers_out.items(): |
paulb@49 | 71 | self.trans.send_header(self.format_header_value(header), self.format_header_value(value)) |
paulb@115 | 72 | |
paulb@115 | 73 | # NOTE: May not be using the appropriate method. |
paulb@115 | 74 | |
paulb@115 | 75 | for morsel in self.cookies_out.values(): |
paulb@115 | 76 | self.trans.send_header("Set-Cookie", morsel.OutputString()) |
paulb@115 | 77 | |
paulb@174 | 78 | # Add possibly missing content length information. |
paulb@174 | 79 | # NOTE: This is really inefficient, but we need to buffer things to |
paulb@174 | 80 | # NOTE: permit out of order header setting. |
paulb@174 | 81 | |
paulb@28 | 82 | self.content.seek(0) |
paulb@174 | 83 | content = self.content.read() |
paulb@174 | 84 | |
paulb@174 | 85 | if not self.headers_out.has_key("Content-Length"): |
paulb@174 | 86 | self.trans.send_header("Content-Length", str(len(content))) |
paulb@174 | 87 | |
paulb@174 | 88 | self.trans.end_headers() |
paulb@174 | 89 | self.trans.wfile.write(content) |
paulb@28 | 90 | |
paulb@28 | 91 | # Request-related methods. |
paulb@28 | 92 | |
paulb@28 | 93 | def get_request_stream(self): |
paulb@28 | 94 | |
paulb@28 | 95 | """ |
paulb@186 | 96 | Returns the request stream for the transaction. |
paulb@28 | 97 | """ |
paulb@28 | 98 | |
paulb@45 | 99 | return MessageBodyStream(self.trans.rfile, self.get_headers()) |
paulb@28 | 100 | |
paulb@28 | 101 | def get_request_method(self): |
paulb@28 | 102 | |
paulb@28 | 103 | """ |
paulb@186 | 104 | Returns the request method. |
paulb@28 | 105 | """ |
paulb@28 | 106 | |
paulb@28 | 107 | return self.trans.command |
paulb@28 | 108 | |
paulb@28 | 109 | def get_headers(self): |
paulb@28 | 110 | |
paulb@28 | 111 | """ |
paulb@186 | 112 | Returns all request headers as a dictionary-like object mapping header |
paulb@186 | 113 | names to values. |
paulb@186 | 114 | |
paulb@91 | 115 | NOTE: If duplicate header names are permitted, then this interface will |
paulb@91 | 116 | NOTE: need to change. |
paulb@28 | 117 | """ |
paulb@28 | 118 | |
paulb@28 | 119 | return self.trans.headers |
paulb@28 | 120 | |
paulb@65 | 121 | def get_header_values(self, key): |
paulb@65 | 122 | |
paulb@65 | 123 | """ |
paulb@186 | 124 | Returns a list of all request header values associated with the given |
paulb@186 | 125 | 'key'. Note that according to RFC 2616, 'key' is treated as a |
paulb@186 | 126 | case-insensitive string. |
paulb@65 | 127 | """ |
paulb@65 | 128 | |
paulb@65 | 129 | return self.convert_to_list(self.trans.headers.get(key)) |
paulb@65 | 130 | |
paulb@28 | 131 | def get_content_type(self): |
paulb@28 | 132 | |
paulb@28 | 133 | """ |
paulb@186 | 134 | Returns the content type specified on the request, along with the |
paulb@186 | 135 | charset employed. |
paulb@28 | 136 | """ |
paulb@28 | 137 | |
paulb@115 | 138 | return self.parse_content_type(self.trans.headers.get("content-type")) |
paulb@28 | 139 | |
paulb@28 | 140 | def get_content_charsets(self): |
paulb@28 | 141 | |
paulb@28 | 142 | """ |
paulb@28 | 143 | Returns the character set preferences. |
paulb@28 | 144 | """ |
paulb@28 | 145 | |
paulb@115 | 146 | return self.parse_content_preferences(self.trans.headers.get("accept-charset")) |
paulb@28 | 147 | |
paulb@28 | 148 | def get_content_languages(self): |
paulb@28 | 149 | |
paulb@28 | 150 | """ |
paulb@186 | 151 | Returns extracted language information from the transaction. |
paulb@28 | 152 | """ |
paulb@28 | 153 | |
paulb@115 | 154 | return self.parse_content_preferences(self.trans.headers.get("accept-language")) |
paulb@28 | 155 | |
paulb@28 | 156 | def get_path(self): |
paulb@28 | 157 | |
paulb@28 | 158 | """ |
paulb@186 | 159 | Returns the entire path from the request. |
paulb@28 | 160 | """ |
paulb@28 | 161 | |
paulb@28 | 162 | return self.trans.path |
paulb@28 | 163 | |
paulb@162 | 164 | def get_path_without_query(self): |
paulb@162 | 165 | |
paulb@162 | 166 | """ |
paulb@186 | 167 | Returns the entire path from the request minus the query string. |
paulb@162 | 168 | """ |
paulb@162 | 169 | |
paulb@162 | 170 | # Remove the query string from the end of the path. |
paulb@162 | 171 | |
paulb@162 | 172 | return self.trans.path.split("?")[0] |
paulb@162 | 173 | |
paulb@28 | 174 | def get_path_info(self): |
paulb@28 | 175 | |
paulb@28 | 176 | """ |
paulb@186 | 177 | Returns the "path info" (the part of the URL after the resource name |
paulb@186 | 178 | handling the current request) from the request. |
paulb@28 | 179 | """ |
paulb@28 | 180 | |
paulb@162 | 181 | return self.get_path_without_query() |
paulb@28 | 182 | |
paulb@69 | 183 | def get_query_string(self): |
paulb@69 | 184 | |
paulb@69 | 185 | """ |
paulb@186 | 186 | Returns the query string from the path in the request. |
paulb@69 | 187 | """ |
paulb@69 | 188 | |
paulb@69 | 189 | t = self.trans.path.split("?") |
paulb@69 | 190 | if len(t) == 1: |
paulb@69 | 191 | return "" |
paulb@69 | 192 | else: |
paulb@69 | 193 | |
paulb@69 | 194 | # NOTE: Overlook erroneous usage of "?" characters in the path. |
paulb@69 | 195 | |
paulb@69 | 196 | return "?".join(t[1:]) |
paulb@69 | 197 | |
paulb@28 | 198 | # Higher level request-related methods. |
paulb@28 | 199 | |
paulb@69 | 200 | def get_fields_from_path(self): |
paulb@69 | 201 | |
paulb@69 | 202 | """ |
paulb@249 | 203 | Extracts fields (or request parameters) from the path specified in the |
paulb@249 | 204 | transaction. The underlying framework may refuse to supply fields from |
paulb@249 | 205 | the path if handling a POST transaction. |
paulb@69 | 206 | |
paulb@71 | 207 | Returns a dictionary mapping field names to lists of values (even if a |
paulb@71 | 208 | single value is associated with any given field name). |
paulb@69 | 209 | """ |
paulb@69 | 210 | |
paulb@249 | 211 | # NOTE: Support at best ISO-8859-1 values. |
paulb@249 | 212 | |
paulb@249 | 213 | fields = {} |
paulb@249 | 214 | for name, values in parse_qs(self.get_query_string(), keep_blank_values=1).items(): |
paulb@249 | 215 | fields[name] = [] |
paulb@249 | 216 | for value in values: |
paulb@249 | 217 | fields[name].append(unicode(value, "iso-8859-1")) |
paulb@249 | 218 | return fields |
paulb@69 | 219 | |
paulb@167 | 220 | def get_fields_from_body(self, encoding=None): |
paulb@69 | 221 | |
paulb@69 | 222 | """ |
paulb@249 | 223 | Extracts fields (or request parameters) from the message body in the |
paulb@249 | 224 | transaction. The optional 'encoding' parameter specifies the character |
paulb@249 | 225 | encoding of the message body for cases where no such information is |
paulb@249 | 226 | available, but where the default encoding is to be overridden. |
paulb@69 | 227 | |
paulb@73 | 228 | Returns a dictionary mapping field names to lists of values (even if a |
paulb@193 | 229 | single value is associated with any given field name). Each value is |
paulb@193 | 230 | either a Unicode object (representing a simple form field, for example) |
paulb@198 | 231 | or a plain string (representing a file upload form field, for example). |
paulb@69 | 232 | """ |
paulb@69 | 233 | |
paulb@224 | 234 | encoding = encoding or self.get_content_type().charset or self.default_charset |
paulb@167 | 235 | |
paulb@124 | 236 | if self.storage_body is None: |
paulb@124 | 237 | self.storage_body = FieldStorage(fp=self.get_request_stream(), headers=self.get_headers(), |
paulb@124 | 238 | environ={"REQUEST_METHOD" : self.get_request_method()}, keep_blank_values=1) |
paulb@69 | 239 | |
paulb@75 | 240 | # Avoid strange design issues with FieldStorage by checking the internal |
paulb@75 | 241 | # field list directly. |
paulb@28 | 242 | |
paulb@73 | 243 | fields = {} |
paulb@124 | 244 | if self.storage_body.list is not None: |
paulb@75 | 245 | |
paulb@75 | 246 | # Traverse the storage, finding each field value. |
paulb@75 | 247 | |
paulb@198 | 248 | fields = get_body_fields(get_storage_items(self.storage_body), encoding) |
paulb@198 | 249 | |
paulb@73 | 250 | return fields |
paulb@28 | 251 | |
paulb@249 | 252 | def get_fields(self, encoding=None): |
paulb@249 | 253 | |
paulb@249 | 254 | """ |
paulb@249 | 255 | Extracts fields (or request parameters) from both the path specified in |
paulb@249 | 256 | the transaction as well as the message body. The optional 'encoding' |
paulb@249 | 257 | parameter specifies the character encoding of the message body for cases |
paulb@249 | 258 | where no such information is available, but where the default encoding |
paulb@249 | 259 | is to be overridden. |
paulb@249 | 260 | |
paulb@249 | 261 | Returns a dictionary mapping field names to lists of values (even if a |
paulb@249 | 262 | single value is associated with any given field name). Each value is |
paulb@249 | 263 | either a Unicode object (representing a simple form field, for example) |
paulb@249 | 264 | or a plain string (representing a file upload form field, for example). |
paulb@249 | 265 | |
paulb@249 | 266 | Where a given field name is used in both the path and message body to |
paulb@249 | 267 | specify values, the values from both sources will be combined into a |
paulb@249 | 268 | single list associated with that field name. |
paulb@249 | 269 | """ |
paulb@249 | 270 | |
paulb@249 | 271 | # Combine the two sources. |
paulb@249 | 272 | |
paulb@249 | 273 | fields = {} |
paulb@249 | 274 | fields.update(self.get_fields_from_path()) |
paulb@249 | 275 | for name, values in self.get_fields_from_body(encoding).items(): |
paulb@249 | 276 | if not fields.has_key(name): |
paulb@249 | 277 | fields[name] = values |
paulb@249 | 278 | else: |
paulb@249 | 279 | fields[name] += values |
paulb@249 | 280 | return fields |
paulb@249 | 281 | |
paulb@45 | 282 | def get_user(self): |
paulb@28 | 283 | |
paulb@28 | 284 | """ |
paulb@186 | 285 | Extracts user information from the transaction. |
paulb@108 | 286 | |
paulb@108 | 287 | Returns a username as a string or None if no user is defined. |
paulb@28 | 288 | """ |
paulb@28 | 289 | |
paulb@128 | 290 | if self.user is not None: |
paulb@128 | 291 | return self.user |
paulb@128 | 292 | |
paulb@115 | 293 | auth_header = self.get_headers().get("authorization") |
paulb@49 | 294 | if auth_header: |
paulb@49 | 295 | return UserInfo(auth_header).username |
paulb@49 | 296 | else: |
paulb@49 | 297 | return None |
paulb@28 | 298 | |
paulb@115 | 299 | def get_cookies(self): |
paulb@115 | 300 | |
paulb@115 | 301 | """ |
paulb@186 | 302 | Obtains cookie information from the request. |
paulb@115 | 303 | |
paulb@115 | 304 | Returns a dictionary mapping cookie names to cookie objects. |
paulb@115 | 305 | """ |
paulb@115 | 306 | |
paulb@115 | 307 | return self.cookies_in |
paulb@115 | 308 | |
paulb@115 | 309 | def get_cookie(self, cookie_name): |
paulb@115 | 310 | |
paulb@115 | 311 | """ |
paulb@186 | 312 | Obtains cookie information from the request. |
paulb@115 | 313 | |
paulb@115 | 314 | Returns a cookie object for the given 'cookie_name' or None if no such |
paulb@115 | 315 | cookie exists. |
paulb@115 | 316 | """ |
paulb@115 | 317 | |
paulb@115 | 318 | return self.cookies_in.get(cookie_name) |
paulb@115 | 319 | |
paulb@28 | 320 | # Response-related methods. |
paulb@28 | 321 | |
paulb@28 | 322 | def get_response_stream(self): |
paulb@28 | 323 | |
paulb@28 | 324 | """ |
paulb@186 | 325 | Returns the response stream for the transaction. |
paulb@28 | 326 | """ |
paulb@28 | 327 | |
paulb@28 | 328 | # Return a stream which is later emptied into the real stream. |
paulb@224 | 329 | # Unicode can upset this operation. Using either the specified charset |
paulb@224 | 330 | # or a default encoding. |
paulb@28 | 331 | |
paulb@252 | 332 | encoding = self.get_response_stream_encoding() |
paulb@252 | 333 | return ConvertingStream(self.content, encoding) |
paulb@252 | 334 | |
paulb@252 | 335 | def get_response_stream_encoding(self): |
paulb@252 | 336 | |
paulb@252 | 337 | """ |
paulb@252 | 338 | Returns the response stream encoding. |
paulb@252 | 339 | """ |
paulb@252 | 340 | |
paulb@167 | 341 | if self.content_type: |
paulb@224 | 342 | encoding = self.content_type.charset |
paulb@252 | 343 | else: |
paulb@252 | 344 | encoding = None |
paulb@252 | 345 | return encoding or self.default_charset |
paulb@28 | 346 | |
paulb@42 | 347 | def get_response_code(self): |
paulb@42 | 348 | |
paulb@42 | 349 | """ |
paulb@42 | 350 | Get the response code associated with the transaction. If no response |
paulb@42 | 351 | code is defined, None is returned. |
paulb@42 | 352 | """ |
paulb@42 | 353 | |
paulb@42 | 354 | return self.response_code |
paulb@42 | 355 | |
paulb@42 | 356 | def set_response_code(self, response_code): |
paulb@42 | 357 | |
paulb@42 | 358 | """ |
paulb@42 | 359 | Set the 'response_code' using a numeric constant defined in the HTTP |
paulb@42 | 360 | specification. |
paulb@42 | 361 | """ |
paulb@42 | 362 | |
paulb@42 | 363 | self.response_code = response_code |
paulb@42 | 364 | |
paulb@67 | 365 | def set_header_value(self, header, value): |
paulb@49 | 366 | |
paulb@49 | 367 | """ |
paulb@49 | 368 | Set the HTTP 'header' with the given 'value'. |
paulb@49 | 369 | """ |
paulb@49 | 370 | |
paulb@49 | 371 | # The header is not written out immediately due to the buffering in use. |
paulb@49 | 372 | |
paulb@115 | 373 | self.headers_out[header] = value |
paulb@49 | 374 | |
paulb@28 | 375 | def set_content_type(self, content_type): |
paulb@28 | 376 | |
paulb@28 | 377 | """ |
paulb@186 | 378 | Sets the 'content_type' for the response. |
paulb@28 | 379 | """ |
paulb@28 | 380 | |
paulb@28 | 381 | # The content type has to be written as a header, before actual content, |
paulb@28 | 382 | # but after the response line. This means that some kind of buffering is |
paulb@28 | 383 | # required. Hence, we don't write the header out immediately. |
paulb@28 | 384 | |
paulb@28 | 385 | self.content_type = content_type |
paulb@28 | 386 | |
paulb@186 | 387 | # Higher level response-related methods. |
paulb@186 | 388 | |
paulb@115 | 389 | def set_cookie(self, cookie): |
paulb@115 | 390 | |
paulb@115 | 391 | """ |
paulb@186 | 392 | Stores the given 'cookie' object in the response. |
paulb@115 | 393 | """ |
paulb@115 | 394 | |
paulb@115 | 395 | # NOTE: If multiple cookies of the same name could be specified, this |
paulb@115 | 396 | # NOTE: could need changing. |
paulb@115 | 397 | |
paulb@115 | 398 | self.cookies_out[cookie.name] = cookie.value |
paulb@115 | 399 | |
paulb@115 | 400 | def set_cookie_value(self, name, value, path=None, expires=None): |
paulb@115 | 401 | |
paulb@115 | 402 | """ |
paulb@186 | 403 | Stores a cookie with the given 'name' and 'value' in the response. |
paulb@115 | 404 | |
paulb@115 | 405 | The optional 'path' is a string which specifies the scope of the cookie, |
paulb@115 | 406 | and the optional 'expires' parameter is a value compatible with the |
paulb@115 | 407 | time.time function, and indicates the expiry date/time of the cookie. |
paulb@115 | 408 | """ |
paulb@115 | 409 | |
paulb@115 | 410 | self.cookies_out[name] = value |
paulb@115 | 411 | if path is not None: |
paulb@115 | 412 | self.cookies_out[name]["path"] = path |
paulb@115 | 413 | if expires is not None: |
paulb@115 | 414 | self.cookies_out[name]["expires"] = expires |
paulb@115 | 415 | |
paulb@115 | 416 | def delete_cookie(self, cookie_name): |
paulb@115 | 417 | |
paulb@115 | 418 | """ |
paulb@186 | 419 | Adds to the response a request that the cookie with the given |
paulb@186 | 420 | 'cookie_name' be deleted/discarded by the client. |
paulb@115 | 421 | """ |
paulb@115 | 422 | |
paulb@115 | 423 | # Create a special cookie, given that we do not know whether the browser |
paulb@115 | 424 | # has been sent the cookie or not. |
paulb@115 | 425 | # NOTE: Magic discovered in Webware. |
paulb@115 | 426 | |
paulb@115 | 427 | self.cookies_out[cookie_name] = "" |
paulb@115 | 428 | self.cookies_out[cookie_name]["path"] = "/" |
paulb@115 | 429 | self.cookies_out[cookie_name]["expires"] = 0 |
paulb@115 | 430 | self.cookies_out[cookie_name]["max-age"] = 0 |
paulb@115 | 431 | |
paulb@239 | 432 | # Session-related methods. |
paulb@239 | 433 | |
paulb@239 | 434 | def get_session(self, create=1): |
paulb@239 | 435 | |
paulb@239 | 436 | """ |
paulb@239 | 437 | Gets a session corresponding to an identifier supplied in the |
paulb@239 | 438 | transaction. |
paulb@239 | 439 | |
paulb@239 | 440 | If no session has yet been established according to information |
paulb@239 | 441 | provided in the transaction then the optional 'create' parameter |
paulb@239 | 442 | determines whether a new session will be established. |
paulb@239 | 443 | |
paulb@239 | 444 | Where no session has been established and where 'create' is set to 0 |
paulb@239 | 445 | then None is returned. In all other cases, a session object is created |
paulb@239 | 446 | (where appropriate) and returned. |
paulb@239 | 447 | """ |
paulb@239 | 448 | |
paulb@239 | 449 | # NOTE: Requires configuration. |
paulb@239 | 450 | |
paulb@239 | 451 | if self.session_store is None: |
paulb@239 | 452 | self.session_store = SessionStore(self, "WebStack-sessions") |
paulb@239 | 453 | return self.session_store.get_session(create) |
paulb@239 | 454 | |
paulb@239 | 455 | def expire_session(self): |
paulb@239 | 456 | |
paulb@239 | 457 | """ |
paulb@239 | 458 | Expires any session established according to information provided in the |
paulb@239 | 459 | transaction. |
paulb@239 | 460 | """ |
paulb@239 | 461 | |
paulb@239 | 462 | # NOTE: Requires configuration. |
paulb@239 | 463 | |
paulb@239 | 464 | if self.session_store is None: |
paulb@239 | 465 | self.session_store = SessionStore(self, "WebStack-sessions") |
paulb@239 | 466 | self.session_store.expire_session() |
paulb@239 | 467 | |
paulb@128 | 468 | # Application-specific methods. |
paulb@128 | 469 | |
paulb@128 | 470 | def set_user(self, username): |
paulb@128 | 471 | |
paulb@128 | 472 | """ |
paulb@128 | 473 | An application-specific method which sets the user information with |
paulb@128 | 474 | 'username' in the transaction. This affects subsequent calls to |
paulb@128 | 475 | 'get_user'. |
paulb@128 | 476 | """ |
paulb@128 | 477 | |
paulb@128 | 478 | self.user = username |
paulb@128 | 479 | |
paulb@28 | 480 | # vim: tabstop=4 expandtab shiftwidth=4 |