summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGravatar RaNaN <Mast3rRaNaN@hotmail.de> 2011-02-19 23:22:14 +0100
committerGravatar RaNaN <Mast3rRaNaN@hotmail.de> 2011-02-19 23:22:14 +0100
commite1927e427125a93a8f6ea369b760f7f21f879fcc (patch)
tree5a6ae69172fef51da1f6e4df2c7b869977f7b17d
parentencoding fixes (diff)
downloadpyload-e1927e427125a93a8f6ea369b760f7f21f879fcc.tar.xz
new permission system
-rw-r--r--module/HookManager.py6
-rw-r--r--module/Scheduler.py41
-rw-r--r--module/database/UserDatabase.py2
-rw-r--r--module/plugins/Hook.py8
-rw-r--r--module/plugins/hooks/UpdateManager.py3
-rw-r--r--module/web/json_app.py44
-rw-r--r--module/web/pyload_app.py21
-rw-r--r--module/web/utils.py9
8 files changed, 72 insertions, 62 deletions
diff --git a/module/HookManager.py b/module/HookManager.py
index fd51242fc..2a40d18a2 100644
--- a/module/HookManager.py
+++ b/module/HookManager.py
@@ -80,12 +80,12 @@ class HookManager():
self.core.log.error(_("Error executing hooks: %s") % str(e))
if self.core.debug:
traceback.print_exc()
-
- self.core.scheduler.addJob(plugin.interval, wrapPeriodical, args=[plugin])
+
+ self.core.scheduler.addJob(plugin.interval, wrapPeriodical, args=[plugin], threaded=False)
for plugin in self.plugins:
if plugin.isActivated():
- self.core.scheduler.addJob(0, wrapPeriodical, args=[plugin])
+ self.core.scheduler.addJob(0, wrapPeriodical, args=[plugin], threaded=False)
@try_catch
diff --git a/module/Scheduler.py b/module/Scheduler.py
index c145b1582..5837dec9e 100644
--- a/module/Scheduler.py
+++ b/module/Scheduler.py
@@ -19,31 +19,21 @@
from time import time
from heapq import heappop, heappush
-from threading import Thread, Lock
+from thread import start_new_thread
+from threading import Lock
class AlreadyCalled(Exception):
pass
-def callInThread(f, *args, **kwargs):
- class FThread(Thread):
- def run(self):
- f(*args, **kwargs)
- t = FThread()
- t.start()
class Deferred():
def __init__(self):
self.call = []
self.result = ()
-
+
def addCallback(self, f, *cargs, **ckwargs):
self.call.append((f, cargs, ckwargs))
- if self.result:
- args, kwargs = self.result
- args.extend(cargs)
- kwargs.update(ckwargs)
- callInThread(f, *args, **kwargs)
-
+
def callback(self, *args, **kwargs):
if self.result:
raise AlreadyCalled
@@ -51,7 +41,7 @@ class Deferred():
for f, cargs, ckwargs in self.call:
args+=tuple(cargs)
kwargs.update(ckwargs)
- callInThread(f, *args, **kwargs)
+ f(*args **kwargs)
class Scheduler():
def __init__(self, core):
@@ -59,10 +49,10 @@ class Scheduler():
self.queue = PriorityQueue()
- def addJob(self, t, call, args=[], kwargs={}):
+ def addJob(self, t, call, args=[], kwargs={}, threaded=True):
d = Deferred()
t += time()
- j = Job(t, call, args, kwargs, d)
+ j = Job(t, call, args, kwargs, d, threaded)
self.queue.put((t, j))
return d
@@ -78,24 +68,27 @@ class Scheduler():
self.queue.put((t, j))
break
-class Job(Thread):
- def __init__(self, time, call, args=[], kwargs={}, deferred=None):
- Thread.__init__(self)
+class Job():
+ def __init__(self, time, call, args=[], kwargs={}, deferred=None, threaded=True):
self.time = float(time)
self.call = call
- self.deferred = deferred
self.args = args
self.kwargs = kwargs
-
+ self.deferred = deferred
+ self.threaded = threaded
+
def run(self):
ret = self.call(*self.args, **self.kwargs)
if self.deferred is None:
return
- if ret is None:
- self.deferred.callback()
else:
self.deferred.callback(ret)
+ def start(self):
+ if self.threaded:
+ start_new_thread(self.run, ())
+ else:
+ self.run()
class PriorityQueue():
""" a non blocking priority queue """
diff --git a/module/database/UserDatabase.py b/module/database/UserDatabase.py
index 6137581ed..d2809fcea 100644
--- a/module/database/UserDatabase.py
+++ b/module/database/UserDatabase.py
@@ -84,7 +84,7 @@ class UserMethods():
@style.queue
def removeUser(db, user):
- c.execute('DELETE FROM users WHERE name=?', (user, ))
+ db.c.execute('DELETE FROM users WHERE name=?', (user, ))
DatabaseBackend.registerSub(UserMethods)
diff --git a/module/plugins/Hook.py b/module/plugins/Hook.py
index 4bbf6e33a..56541f7fe 100644
--- a/module/plugins/Hook.py
+++ b/module/plugins/Hook.py
@@ -18,6 +18,12 @@
@interface-version: 0.2
"""
+from thread import start_new_thread
+
+def threaded(f):
+ def run(*args,**kwargs):
+ return start_new_thread(f, args, kwargs)
+ return run
class Hook():
__name__ = "Hook"
@@ -39,7 +45,7 @@ class Hook():
self.setup()
def __repr__(self):
- return self.__name__
+ return "<Hook %s>" % self.__name__
def setup(self):
""" more init stuff if needed"""
diff --git a/module/plugins/hooks/UpdateManager.py b/module/plugins/hooks/UpdateManager.py
index 70fd15fad..887aedbd1 100644
--- a/module/plugins/hooks/UpdateManager.py
+++ b/module/plugins/hooks/UpdateManager.py
@@ -20,7 +20,7 @@
from os.path import join
from module.network.RequestFactory import getURL
-from module.plugins.Hook import Hook
+from module.plugins.Hook import threaded, Hook
class UpdateManager(Hook):
__name__ = "UpdateManager"
@@ -35,6 +35,7 @@ class UpdateManager(Hook):
self.interval = self.getConfig("interval") * 60
self.updated = False
+ @threaded
def periodical(self):
update = self.checkForUpdate()
if not update:
diff --git a/module/web/json_app.py b/module/web/json_app.py
index 8eb2dbbfe..a654b8ce8 100644
--- a/module/web/json_app.py
+++ b/module/web/json_app.py
@@ -26,7 +26,7 @@ def get_sort_key(item):
@route("/json/status")
@route("/json/status", method="POST")
-@login_required('can_see_dl')
+@login_required('see_downloads')
def status():
try:
status = PYLOAD.status_server()
@@ -38,7 +38,7 @@ def status():
@route("/json/links")
@route("/json/links", method="POST")
-@login_required('can_see_dl')
+@login_required('see_downloads')
def links():
try:
links = PYLOAD.status_downloads()
@@ -62,7 +62,7 @@ def links():
return HTTPError()
@route("/json/queue")
-@login_required('can_see_dl')
+@login_required('see_downloads')
def queue():
try:
return PYLOAD.get_queue()
@@ -72,7 +72,7 @@ def queue():
@route("/json/pause")
-@login_required('can_change_satus')
+@login_required('status')
def pause():
try:
return PYLOAD.pause_server()
@@ -82,7 +82,7 @@ def pause():
@route("/json/unpause")
-@login_required('can_change_status')
+@login_required('status')
def unpause():
try:
return PYLOAD.unpause_server()
@@ -92,7 +92,7 @@ def unpause():
@route("/json/cancel")
-@login_required('can_change_status')
+@login_required('status')
def cancel():
try:
return PYLOAD.stop_downloads()
@@ -100,7 +100,7 @@ def cancel():
return HTTPError()
@route("/json/packages")
-@login_required('can_see_dl')
+@login_required('see_downloads')
def packages():
try:
data = PYLOAD.get_queue()
@@ -117,7 +117,7 @@ def packages():
@route("/json/package/:id")
@validate(id=int)
-@login_required('pyload.can_see_dl')
+@login_required('see_downloads')
def package(id):
try:
data = PYLOAD.get_package_data(id)
@@ -147,7 +147,7 @@ def package(id):
return HTTPError()
@route("/json/package_order/:ids")
-@login_required('can_add')
+@login_required('add')
def package_order(ids):
try:
pid, pos = ids.split("|")
@@ -158,7 +158,7 @@ def package_order(ids):
@route("/json/link/:id")
@validate(id=int)
-@login_required('can_see_dl')
+@login_required('see_downloads')
def link(id):
try:
data = PYLOAD.get_file_info(id)
@@ -168,7 +168,7 @@ def link(id):
@route("/json/remove_link/:id")
@validate(id=int)
-@login_required('can_delete')
+@login_required('delete')
def remove_link(id):
try:
PYLOAD.del_links([id])
@@ -178,7 +178,7 @@ def remove_link(id):
@route("/json/restart_link/:id")
@validate(id=int)
-@login_required('can_add')
+@login_required('add')
def restart_link(id):
try:
PYLOAD.restart_file(id)
@@ -188,7 +188,7 @@ def restart_link(id):
@route("/json/abort_link/:id")
@validate(id=int)
-@login_required('can_delete')
+@login_required('delete')
def abort_link(id):
try:
PYLOAD.stop_download("link", id)
@@ -197,7 +197,7 @@ def abort_link(id):
return HTTPError()
@route("/json/link_order/:ids")
-@login_required('can_add')
+@login_required('add')
def link_order(ids):
try:
pid, pos = ids.split("|")
@@ -208,7 +208,7 @@ def link_order(ids):
@route("/json/add_package")
@route("/json/add_package", method="POST")
-@login_required('can_add')
+@login_required('add')
def add_package():
name = request.forms.get("add_name", "New Package")
queue = int(request.forms['add_dest'])
@@ -246,7 +246,7 @@ def add_package():
@route("/json/remove_package/:id")
@validate(id=int)
-@login_required('can_delete')
+@login_required('delete')
def remove_package(id):
try:
PYLOAD.del_packages([id])
@@ -256,7 +256,7 @@ def remove_package(id):
@route("/json/restart_package/:id")
@validate(id=int)
-@login_required('can_add')
+@login_required('add')
def restart_package(id):
try:
PYLOAD.restart_package(id)
@@ -267,7 +267,7 @@ def restart_package(id):
@route("/json/move_package/:dest/:id")
@validate(dest=int, id=int)
-@login_required('can_add')
+@login_required('add')
def move_package(dest, id):
try:
PYLOAD.move_package(dest, id)
@@ -276,7 +276,7 @@ def move_package(dest, id):
return HTTPError()
@route("/json/edit_package", method="POST")
-@login_required('can_add')
+@login_required('add')
def edit_package():
try:
id = int(request.forms.get("pack_id"))
@@ -293,7 +293,7 @@ def edit_package():
@route("/json/set_captcha")
@route("/json/set_captcha", method="POST")
-@login_required('can_add')
+@login_required('add')
def set_captcha():
if request.environ.get('REQUEST_METHOD', "GET") == "POST":
try:
@@ -313,11 +313,11 @@ def set_captcha():
@route("/json/delete_finished")
-@login_required('pyload.can_delete')
+@login_required('delete')
def delete_finished():
return {"del": PYLOAD.delete_finished()}
@route("/json/restart_failed")
-@login_required('pyload.can_delete')
+@login_required('delete')
def restart_failed():
return PYLOAD.restart_failed() \ No newline at end of file
diff --git a/module/web/pyload_app.py b/module/web/pyload_app.py
index 643e1e75c..3869fd4cf 100644
--- a/module/web/pyload_app.py
+++ b/module/web/pyload_app.py
@@ -94,6 +94,10 @@ def login():
else:
return render_to_response("login.html", proc=[pre_processor])
+@route('/nopermission')
+def nopermission():
+ return base([_("You dont have permission to access this page.")])
+
@route("/login", method="POST")
def login_post():
user = request.forms.get("username")
@@ -124,7 +128,7 @@ def logout():
@route("/")
@route("/home")
-@login_required("can_see_dl")
+@login_required("see_downloads")
def home():
try:
res = PYLOAD.status_downloads()
@@ -141,7 +145,7 @@ def home():
@route("/queue")
-@login_required("can_see_dl")
+@login_required("see_downloads")
def queue():
queue = PYLOAD.get_queue_info()
@@ -151,7 +155,7 @@ def queue():
return render_to_response('queue.html', {'content': data}, [pre_processor])
@route("/collector")
-@login_required('can_see_dl')
+@login_required('see_downloads')
def collector():
queue = PYLOAD.get_collector_info()
@@ -161,7 +165,7 @@ def collector():
return render_to_response('collector.html', {'content': data}, [pre_processor])
@route("/downloads")
-@login_required('can_download')
+@login_required('download')
def downloads():
root = PYLOAD.get_conf_val("general", "download_folder")
@@ -193,7 +197,7 @@ def downloads():
return render_to_response('downloads.html', {'files': data}, [pre_processor])
@route("/downloads/get/:path#.+#")
-@login_required("can_download")
+@login_required("download")
def get_download(path):
path = unquote(path)
#@TODO some files can not be downloaded
@@ -210,7 +214,7 @@ def get_download(path):
@route("/settings")
@route("/settings", method="POST")
-@login_required('can_change_status')
+@login_required('settings')
def config():
conf = PYLOAD.get_config()
plugin = PYLOAD.get_plugin_config()
@@ -325,7 +329,7 @@ def package_ui():
@route("/pathchooser")
@route("/filechooser/:file#.+#")
@route("/pathchooser/:path#.+#")
-@login_required('can_change_status')
+@login_required('status')
def path(file="", path=""):
if file:
type = "file"
@@ -416,7 +420,7 @@ def path(file="", path=""):
@route("/logs", method="POST")
@route("/logs/:item")
@route("/logs/:item", method="POST")
-@login_required('can_see_logs')
+@login_required('status')
def logs(item=-1):
s = request.environ.get('beaker.session')
@@ -499,6 +503,7 @@ def logs(item=-1):
[pre_processor])
@route("/admin")
+@login_required("settings")
def admin():
return base(["Comming Soon."])
diff --git a/module/web/utils.py b/module/web/utils.py
index 8674fea1c..c76454c1f 100644
--- a/module/web/utils.py
+++ b/module/web/utils.py
@@ -65,8 +65,13 @@ def login_required(perm=None):
s = request.environ.get('beaker.session')
if s.get("name", None) and s.get("authenticated", False):
if perm:
- pass
- #print perm
+ perms = parse_permissions(s)
+ if not perms.has_key(perm) or not perms[perm]:
+ if request.header.get('X-Requested-With') == 'XMLHttpRequest':
+ return HTTPError(403, "Forbidden")
+ else:
+ return redirect("/nopermission")
+
return func(*args, **kwargs)
else:
if request.header.get('X-Requested-With') == 'XMLHttpRequest':