Mental-Cache/utils.py at master · ryanrdetzel/Mental-Cache · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
import re
import web
import simplejson as json
from random import choice
import string
import logging
import pytc
import time

DBNAME="mental_cache.hdb" ## move to config?

PERM_READ = 1
PERM_WRITE = 2
PERM_OWNER = 7 # 4,2,1

def create_page(file_name,from_page=None):

    content = '{"order": "","name": "Untitled","components": {},"last_id": 0}'
    if from_page is not None:
        content = fetch_file(from_page)

    obj = json.loads(content)
    obj["name"] = file_name
    content = json.dumps(obj)

    session = web.config._session

    db = pytc.HDB()
    db.open(DBNAME, pytc.HDBOWRITER | pytc.HDBOCREAT)

    ## Make sure we don't conflict with that name
    chars = string.letters.lower() + string.digits
    page_name = ''.join([choice(chars) for i in xrange(8)])
    while db.has_key(page_name):
        page_name = ''.join([choice(chars) for i in xrange(8)])

    db.put(page_name,content)
    ## set permissions
    db.put(page_name + ":perm:" + session.userid, str(PERM_OWNER))
    ## update index

    if db.has_key(session.userid + ':index'):
        new_entry = { 'page_name': page_name, 'file_name': clean_filename(file_name), 'name' : file_name }
        obj = json.loads(db.get(session.userid + ':index'))
        obj.append(new_entry)
        db.put(session.userid + ':index',json.dumps(obj))

    return page_name


def delete_page(page_name):
    db = pytc.HDB()
    db.open(DBNAME, pytc.HDBOWRITER | pytc.HDBOCREAT)

    session = web.config._session

    try:
        db.out(page_name)
        db.out(page_name + ':perm:' + session.userid)

        if db.has_key(session.userid + ':index'):
            obj = json.loads(db.get(session.userid + ':index'))
            pages = []
            for item in obj:
                if item["page_name"] != page_name:
                    pages.append(item)

            db.put(session.userid + ':index',json.dumps(pages))

        return page_name
    except:
        return None

def fetch_file(file_name):
    db = pytc.HDB()
    db.open(DBNAME, pytc.HDBOWRITER | pytc.HDBOCREAT)

    content = db.get(file_name)
    return content

def handle_error(msg,redirect=None):
    obj = {}
    obj['error'] = msg;
    if redirect is not None:
        obj['redirect'] = redirect

    return callback(json.dumps(obj))

def callback(json):
    web.header('Content-type','application/json')
    data = web.input(callback="bpcallback")
    return data.callback + "(" + json + ")"

def save_file(file_name,content):
    db = pytc.HDB()
    db.open(DBNAME, pytc.HDBOWRITER | pytc.HDBOCREAT)
    db.put(file_name,content);

def clean_filename(file_name):
    file_name = re.sub("[^a-zA-Z0-9\.\-_\s]","",file_name).lower()
    return re.sub("\s","-",file_name)

# 1 - read, 2 - write
def check_permissions(page_name,userid,type=1):
    db = pytc.HDB()
    db.open(DBNAME, pytc.HDBOWRITER | pytc.HDBOCREAT)

    file_perm = db.get(page_name + ":perm:" + userid)
    is_public = db.has_key(page_name + ":public")

    logging.info("Check Permission %s - %s" % (userid,type))

    web.config._canwrite = 0
    web.config._ispublic = 0

    if is_public:
        web.config._ispublic = 1

    can_write = int(file_perm) & PERM_WRITE

    if can_write > 0:
        web.config._canwrite = 1

    if type == PERM_READ:
        if int(file_perm) & PERM_READ:  return 1
    elif type == PERM_WRITE:
        if int(file_perm) & PERM_WRITE:  return 1

    return None


def page_access(page_name,type=PERM_READ,redirect=None):
    session = web.config._session
    logging.info("Page Name %s" % page_name)

    if session is None:
        return handle_error("no session",'/login')

    logging.info("User id %s" % session.userid)

    if session.userid is None:
        return handle_error("not logged in",'/login')

    if check_permissions(page_name,session.userid,type) is None:
        if redirect is not None:
            raise web.seeother(redirect)
        else:
            return handle_error("access denied")

    return None