[ipfire.org.git] / src / web / nopaste.py

#!/usr/bin/python

import tornado.web

from . import base
from . import ui_modules

class CreateHandler(base.AnalyticsMixin, base.BaseHandler):
	@tornado.web.authenticated
	def get(self):
		self.render("nopaste/create.html")

	@tornado.web.authenticated
	@base.ratelimit(minutes=15, requests=5)
	def post(self):
		subject = self.get_argument("subject", None)
		content = self.get_argument("content")

		# Fetch expires time
		expires = self.get_argument_int("expires", "0")

		with self.db.transaction():
			paste = self.backend.nopaste.create(content, subject=subject, expires=expires,
				account=self.current_user, address=self.get_remote_ip())

		# Redirect to the paste
		return self.redirect("/view/%s" % paste.uuid)

	# cURL Interface

	def get_current_user(self):
		if self.request.method == "PUT":
			return self.perform_basic_authentication()

		# Perform the usual authentication
		return super().get_current_user()

	def check_xsrf_cookie(self):
		# Skip the check on PUT
		if self.request.method == "PUT":
			return

		# Perform the check as usual
		super().check_xsrf_cookie()

	def write_error(self, *args, **kwargs):
		if self.request.method == "PUT":
			return

		# Write errors as usual
		return super().write_error(*args, **kwargs)

	@tornado.web.authenticated
	@base.ratelimit(minutes=15, requests=5)
	def put(self):
		with self.db.transaction():
			paste = self.backend.nopaste.create(
				self.request.body, account=self.current_user, address=self.get_remote_ip())

		# Send a message to the client
		self.write("https://%s/view/%s\n" % (self.request.host, paste.uuid))

		# Tell the user when this expires
		if paste.expires_at:
			self.write("  This paste will expire at %s\n" % self.locale.format_date(paste.expires_at))

		# All done
		self.finish()


class UploadHandler(base.AnalyticsMixin, base.BaseHandler):
	@tornado.web.authenticated
	def get(self):
		self.render("nopaste/upload.html")

	@tornado.web.authenticated
	def post(self):
		subject = self.get_argument("subject", None)

		# Fetch expires time
		expires = self.get_argument_int("expires", "0")

		with self.db.transaction():
			for f in self.request.files.get("file", []):
				paste = self.backend.nopaste.create(f.body, subject=subject, expires=expires,
					account=self.current_user, address=self.get_remote_ip())

				# Only accept one file
				break

			# Complain if no file was selected
			else:
				raise tornado.web.HTTPError(400, "No file uploaded")

		# Redirect to the paste
		return self.redirect("/view/%s" % paste.uuid)


class RawHandler(base.AnalyticsMixin, base.BaseHandler):
	def get(self, uid):
		with self.db.transaction():
			paste = self.backend.nopaste.get(uid)
			if not paste:
				raise tornado.web.HTTPError(404)

			# This has received a view
			paste.viewed()

		# Set the filename
		self.set_header("Content-Disposition", "inline; filename=\"%s\"" % paste.subject)

		# Set mimetype
		self.set_header("Content-Type", paste.mimetype)

		# Send content
		self.finish(paste.blob)


class ViewHandler(base.AnalyticsMixin, base.BaseHandler):
	def get(self, uid):
		with self.db.transaction():
			paste = self.backend.nopaste.get(uid)
			if not paste:
				raise tornado.web.HTTPError(404)

			# This has received a view
			paste.viewed()

		self.render("nopaste/view.html", paste=paste)


class CodeModule(ui_modules.UIModule):
	def render(self, content):
		return self.render_string("nopaste/modules/code.html", content=content)

	def javascript_files(self):
		return "js/prettify.js"

	def css_files(self):
		return "css/prettify.css"

	def embedded_javascript(self):
		return """
			// Run pretty print
			prettyPrint();
		"""
Commit	Line	Data
60024cc8 MT	1	#!/usr/bin/python
	2
	3	import tornado.web
	4
124a8404	5	from . import base
e1814f16	6	from . import ui_modules
60024cc8	7
28e09035	8	class CreateHandler(base.AnalyticsMixin, base.BaseHandler):
fbac12cb	9	@tornado.web.authenticated
60024cc8	10	def get(self):
fbac12cb	11	self.render("nopaste/create.html")
60024cc8	12
fbac12cb	13	@tornado.web.authenticated
372ef119	14	@base.ratelimit(minutes=15, requests=5)
60024cc8	15	def post(self):
fbac12cb MT	16	subject = self.get_argument("subject", None)
fbac12cb MT	17	content = self.get_argument("content")
b0b3e3e7	18
fbac12cb MT	19	# Fetch expires time
fbac12cb MT	20	expires = self.get_argument_int("expires", "0")
66862195	21
fbac12cb MT	22	with self.db.transaction():
	23	paste = self.backend.nopaste.create(content, subject=subject, expires=expires,
	24	account=self.current_user, address=self.get_remote_ip())
66862195	25
fbac12cb	26	# Redirect to the paste
672150b2	27	return self.redirect("/view/%s" % paste.uuid)
66862195	28
f678c97b MT	29	# cURL Interface
f678c97b MT	30
c2513d37 MT	31	def get_current_user(self):
	32	if self.request.method == "PUT":
	33	return self.perform_basic_authentication()
	34
	35	# Perform the usual authentication
	36	return super().get_current_user()
	37
f678c97b MT	38	def check_xsrf_cookie(self):
	39	# Skip the check on PUT
	40	if self.request.method == "PUT":
	41	return
	42
	43	# Perform the check as usual
	44	super().check_xsrf_cookie()
	45
fa86bd76 MT	46	def write_error(self, args, *kwargs):
	47	if self.request.method == "PUT":
	48	return
	49
	50	# Write errors as usual
	51	return super().write_error(args, *kwargs)
	52
c2513d37	53	@tornado.web.authenticated
f678c97b MT	54	@base.ratelimit(minutes=15, requests=5)
	55	def put(self):
	56	with self.db.transaction():
	57	paste = self.backend.nopaste.create(
8a0904b5	58	self.request.body, account=self.current_user, address=self.get_remote_ip())
f678c97b MT	59
	60	# Send a message to the client
	61	self.write("https://%s/view/%s\n" % (self.request.host, paste.uuid))
	62
3e24383c MT	63	# Tell the user when this expires
	64	if paste.expires_at:
	65	self.write(" This paste will expire at %s\n" % self.locale.format_date(paste.expires_at))
	66
f678c97b MT	67	# All done
	68	self.finish()
	69
66862195	70
0ad49bfe MT	71	class UploadHandler(base.AnalyticsMixin, base.BaseHandler):
	72	@tornado.web.authenticated
	73	def get(self):
	74	self.render("nopaste/upload.html")
	75
	76	@tornado.web.authenticated
	77	def post(self):
	78	subject = self.get_argument("subject", None)
	79
	80	# Fetch expires time
	81	expires = self.get_argument_int("expires", "0")
	82
	83	with self.db.transaction():
999cf387	84	for f in self.request.files.get("file", []):
0ad49bfe MT	85	paste = self.backend.nopaste.create(f.body, subject=subject, expires=expires,
	86	account=self.current_user, address=self.get_remote_ip())
	87
	88	# Only accept one file
	89	break
	90
999cf387 MT	91	# Complain if no file was selected
	92	else:
	93	raise tornado.web.HTTPError(400, "No file uploaded")
	94
0ad49bfe MT	95	# Redirect to the paste
	96	return self.redirect("/view/%s" % paste.uuid)
	97
	98
28e09035	99	class RawHandler(base.AnalyticsMixin, base.BaseHandler):
66862195	100	def get(self, uid):
5482e5f2	101	with self.db.transaction():
f8ae15d9 MT	102	paste = self.backend.nopaste.get(uid)
f8ae15d9 MT	103	if not paste:
5482e5f2 MT	104	raise tornado.web.HTTPError(404)
	105
	106	# This has received a view
f8ae15d9	107	paste.viewed()
66862195	108
6f3eb7f9	109	# Set the filename
f8ae15d9	110	self.set_header("Content-Disposition", "inline; filename=\"%s\"" % paste.subject)
6f3eb7f9	111
66862195	112	# Set mimetype
f8ae15d9	113	self.set_header("Content-Type", paste.mimetype)
e2708eb5	114
66862195	115	# Send content
f8ae15d9	116	self.finish(paste.blob)
60024cc8 MT	117
60024cc8 MT	118
28e09035	119	class ViewHandler(base.AnalyticsMixin, base.BaseHandler):
66862195	120	def get(self, uid):
5482e5f2	121	with self.db.transaction():
a8ca3207 MT	122	paste = self.backend.nopaste.get(uid)
a8ca3207 MT	123	if not paste:
5482e5f2 MT	124	raise tornado.web.HTTPError(404)
	125
	126	# This has received a view
a8ca3207	127	paste.viewed()
60024cc8	128
a8ca3207	129	self.render("nopaste/view.html", paste=paste)
e1814f16 MT	130
	131
	132	class CodeModule(ui_modules.UIModule):
	133	def render(self, content):
	134	return self.render_string("nopaste/modules/code.html", content=content)
	135
	136	def javascript_files(self):
	137	return "js/prettify.js"
	138
	139	def css_files(self):
	140	return "css/prettify.css"
	141
	142	def embedded_javascript(self):
	143	return """
	144	// Run pretty print
	145	prettyPrint();
	146	"""