appengine_scripts/skia-tree-status/base_page.py - buildbot - Git at Google

 # Copyright (c) 2013 The Chromium Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.

 """Utility base class."""

 import datetime
 import hashlib
 import logging
 import os
 import re

 from google.appengine.api import memcache
 from google.appengine.api import oauth
 from google.appengine.api import users
 from google.appengine.ext import db
 from google.appengine.ext import webapp
 from google.appengine.ext.webapp import template

 import utils


 class Passwords(db.Model):
   """Super users. Useful for automated scripts."""
   password_sha1 = db.StringProperty(required=True, multiline=False)


 class GlobalConfig(db.Model):
   """Instance-specific config like application name."""
   app_name = db.StringProperty(required=True)


 class BasePage(webapp.RequestHandler):
   """Utility functions needed to validate user and display a template."""

   # Check if the username ends with @chromium.org/@google.com.
   _VALID_EMAIL = re.compile(r"^.*@(chromium\.org|google\.com)$")

   # The name of the application's project.
   APP_NAME = 'Skia'

   def __init__(self, *args, **kwargs):
     super(BasePage, self).__init__(*args, **kwargs)
     self._is_admin = None
     self._user = None
     self._initialized = False

   def _late_init(self):
     """Initializes self._is_admin and self._user once the request object is
     setup.
     """
     self._is_admin = False

     def look_for_password():
       """Looks for password parameter. Not awesome."""
       password = self.request.get('password')
       if password:
         sha1_pass = hashlib.sha1(password).hexdigest()
         if Passwords.gql('WHERE password_sha1 = :1', sha1_pass).get():
           # The password is valid, this is a super admin.
           self._is_admin = True
         else:
           if utils.is_dev_env() and password == 'foobar':
             # Dev server is unsecure.
             self._is_admin = True
           else:
             logging.error('Password is invalid')

     self._user = users.get_current_user()
     if utils.is_dev_env():
       look_for_password()
     elif not self._user:
       try:
         self._user = oauth.get_current_user()
       except oauth.OAuthRequestError:
         if self.request.scheme == 'https':
           look_for_password()

     if not self._is_admin and self._user:
       self._is_admin = bool(
           users.is_current_user_admin() or
           self._VALID_EMAIL.match(self._user.email()))
     self._initialized = True
     logging.info('Admin: %s, User: %s' % (self._is_admin, self._user))

   @property
   def is_admin(self):
     if not self._initialized:
       self._late_init()
     return self._is_admin

   @property
   def user(self):
     if not self._initialized:
       self._late_init()
     return self._user

   def InitializeTemplate(self, title):
     """Initializes the template values with information needed by all pages."""
     if self.user:
       user_email = self.user.email()
     else:
       user_email = ''
     template_values = {
       'app_name': self.APP_NAME,
       'username': user_email,
       'title': title,
       'current_UTC_time': datetime.datetime.now(),
       'is_admin': self.is_admin,
       'user': self.user,
     }
     return template_values

   def DisplayTemplate(self, name, template_values, use_cache=False):
     """Replies to a http request with a template.

     Optionally cache it for 1 second. Only to be used for user-invariant
     pages!
     """
     self.response.headers['Cache-Control'] =  'no-cache, private, max-age=0'
     buff = None
     if use_cache:
       buff = memcache.get(name)
     if not buff:
       path = os.path.join(os.path.dirname(__file__), 'templates/%s' % name)
       buff = template.render(path, template_values)
       if use_cache:
         memcache.add(name, buff, 1)
     self.response.out.write(buff)


 def bootstrap():
   if db.GqlQuery('SELECT __key__ FROM Passwords').get() is None:
     # Insert a dummy Passwords so it can be edited through the admin console
     Passwords(password_sha1='invalidhash').put()
	# Copyright (c) 2013 The Chromium Authors. All rights reserved.
	# Use of this source code is governed by a BSD-style license that can be
	# found in the LICENSE file.

	"""Utility base class."""

	import datetime
	import hashlib
	import logging
	import os
	import re

	from google.appengine.api import memcache
	from google.appengine.api import oauth
	from google.appengine.api import users
	from google.appengine.ext import db
	from google.appengine.ext import webapp
	from google.appengine.ext.webapp import template

	import utils


	class Passwords(db.Model):
	"""Super users. Useful for automated scripts."""
	password_sha1 = db.StringProperty(required=True, multiline=False)


	class GlobalConfig(db.Model):
	"""Instance-specific config like application name."""
	app_name = db.StringProperty(required=True)


	class BasePage(webapp.RequestHandler):
	"""Utility functions needed to validate user and display a template."""

	# Check if the username ends with @chromium.org/@google.com.
	_VALID_EMAIL = re.compile(r"^.*@(chromium\.org\|google\.com)$")

	# The name of the application's project.
	APP_NAME = 'Skia'

	def __init__(self, args, *kwargs):
	super(BasePage, self).__init__(args, *kwargs)
	self._is_admin = None
	self._user = None
	self._initialized = False

	def _late_init(self):
	"""Initializes self._is_admin and self._user once the request object is
	setup.
	"""
	self._is_admin = False

	def look_for_password():
	"""Looks for password parameter. Not awesome."""
	password = self.request.get('password')
	if password:
	sha1_pass = hashlib.sha1(password).hexdigest()
	if Passwords.gql('WHERE password_sha1 = :1', sha1_pass).get():
	# The password is valid, this is a super admin.
	self._is_admin = True
	else:
	if utils.is_dev_env() and password == 'foobar':
	# Dev server is unsecure.
	self._is_admin = True
	else:
	logging.error('Password is invalid')

	self._user = users.get_current_user()
	if utils.is_dev_env():
	look_for_password()
	elif not self._user:
	try:
	self._user = oauth.get_current_user()
	except oauth.OAuthRequestError:
	if self.request.scheme == 'https':
	look_for_password()

	if not self._is_admin and self._user:
	self._is_admin = bool(
	users.is_current_user_admin() or
	self._VALID_EMAIL.match(self._user.email()))
	self._initialized = True
	logging.info('Admin: %s, User: %s' % (self._is_admin, self._user))

	@property
	def is_admin(self):
	if not self._initialized:
	self._late_init()
	return self._is_admin

	@property
	def user(self):
	if not self._initialized:
	self._late_init()
	return self._user

	def InitializeTemplate(self, title):
	"""Initializes the template values with information needed by all pages."""
	if self.user:
	user_email = self.user.email()
	else:
	user_email = ''
	template_values = {
	'app_name': self.APP_NAME,
	'username': user_email,
	'title': title,
	'current_UTC_time': datetime.datetime.now(),
	'is_admin': self.is_admin,
	'user': self.user,
	}
	return template_values

	def DisplayTemplate(self, name, template_values, use_cache=False):
	"""Replies to a http request with a template.

	Optionally cache it for 1 second. Only to be used for user-invariant
	pages!
	"""
	self.response.headers['Cache-Control'] = 'no-cache, private, max-age=0'
	buff = None
	if use_cache:
	buff = memcache.get(name)
	if not buff:
	path = os.path.join(os.path.dirname(__file__), 'templates/%s' % name)
	buff = template.render(path, template_values)
	if use_cache:
	memcache.add(name, buff, 1)
	self.response.out.write(buff)


	def bootstrap():
	if db.GqlQuery('SELECT __key__ FROM Passwords').get() is None:
	# Insert a dummy Passwords so it can be edited through the admin console
	Passwords(password_sha1='invalidhash').put()