1 # -*- encoding: utf-8 -*-
4 # Copyright P. Christeas <p_christ@hol.gr> 2008,2009
7 # WARNING: This program as such is intended to be used by professional
8 # programmers who take the whole responsability of assessing all potential
9 # consequences resulting from its eventual inadequacies and bugs
10 # End users who are looking for a ready-to-use solution with commercial
11 # garantees and support are strongly adviced to contract a Free Software
14 # This program is Free Software; you can redistribute it and/or
15 # modify it under the terms of the GNU General Public License
16 # as published by the Free Software Foundation; either version 2
17 # of the License, or (at your option) any later version.
19 # This program is distributed in the hope that it will be useful,
20 # but WITHOUT ANY WARRANTY; without even the implied warranty of
21 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 # GNU General Public License for more details.
24 # You should have received a copy of the GNU General Public License
25 # along with this program; if not, write to the Free Software
26 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
27 ###############################################################################
31 from dav_fs import openerp_dav_handler
32 from tools.config import config
33 from DAV.WebDAVServer import DAVRequestHandler
34 from service.websrv_lib import HTTPDir, FixSendError, HttpOptions
35 from BaseHTTPServer import BaseHTTPRequestHandler
39 from string import atoi
40 from DAV.errors import *
41 from DAV.utils import IfParser, TagList
42 # from DAV.constants import DAV_VERSION_1, DAV_VERSION_2
43 from xml.dom import minidom
45 khtml_re = re.compile(r' KHTML/([0-9\.]+) ')
47 def OpenDAVConfig(**kw):
49 def __init__(self, **kw):
50 self.__dict__.update(**kw)
52 def getboolean(self, word):
53 return self.__dict__.get(word, False)
61 class DAVHandler(HttpOptions, FixSendError, DAVRequestHandler):
63 protocol_version = 'HTTP/1.1'
64 _HTTP_OPTIONS= { 'DAV' : ['1', '2'],
65 'Allow' : [ 'GET', 'HEAD', 'COPY', 'MOVE', 'POST', 'PUT',
66 'PROPFIND', 'PROPPATCH', 'OPTIONS', 'MKCOL',
67 'DELETE', 'TRACE', 'REPORT', ]
70 def get_userinfo(self,user,pw):
72 def _log(self, message):
73 netsvc.Logger().notifyChannel("webdav",netsvc.LOG_DEBUG,message)
81 def get_db_from_path(self, uri):
82 # interface class will handle all cases.
83 res = self.IFACE_CLASS.get_db(uri, allow_last=True)
87 self.davpath = '/'+config.get_misc('webdav','vdir','webdav')
88 addr, port = self.server.server_name, self.server.server_port
89 server_proto = getattr(self.server,'proto', 'http').lower()
91 if hasattr(self.request, 'getsockname'):
92 addr, port = self.request.getsockname()
94 self.log_error("Cannot calculate own address: %s" , e)
95 # Too early here to use self.headers
96 self.baseuri = "%s://%s:%d/"% (server_proto, addr, port)
97 self.IFACE_CLASS = openerp_dav_handler(self, self.verbose)
99 def copymove(self, CLASS):
100 """ Our uri scheme removes the /webdav/ component from there, so we
101 need to mangle the header, too.
103 up = urlparse.urlparse(urllib.unquote(self.headers['Destination']))
104 if up.path.startswith(self.davpath):
105 self.headers['Destination'] = up.path[len(self.davpath):]
107 raise DAV_Forbidden("Not allowed to copy/move outside webdav path")
109 DAVRequestHandler.copymove(self, CLASS)
111 def get_davpath(self):
114 def log_message(self, format, *args):
115 netsvc.Logger().notifyChannel('webdav', netsvc.LOG_DEBUG_RPC, format % args)
117 def log_error(self, format, *args):
118 netsvc.Logger().notifyChannel('xmlrpc', netsvc.LOG_WARNING, format % args)
120 def _prep_OPTIONS(self, opts):
123 uri=urlparse.urljoin(self.get_baseuri(dc), self.path)
124 uri=urllib.unquote(uri)
126 ret = dc.prep_http_options(uri, opts)
127 except DAV_Error, (ec,dd):
130 self.log_error("Error at options: %s", str(e))
134 def send_response(self, code, message=None):
135 # the BufferingHttpServer will send Connection: close , while
136 # the BaseHTTPRequestHandler will only accept int code.
137 # workaround both of them.
138 if self.command == 'PROPFIND' and int(code) == 404:
139 kh = khtml_re.search(self.headers.get('User-Agent',''))
140 if kh and (kh.group(1) < '4.5'):
141 # There is an ugly bug in all khtml < 4.5.x, where the 404
142 # response is treated as an immediate error, which would even
143 # break the flow of a subsequent PUT request. At the same time,
144 # the 200 response (rather than 207 with content) is treated
145 # as "path not exist", so we send this instead
146 # https://bugs.kde.org/show_bug.cgi?id=166081
148 BaseHTTPRequestHandler.send_response(self, int(code), message)
150 def send_header(self, key, value):
151 if key == 'Connection' and value == 'close':
152 self.close_connection = 1
153 DAVRequestHandler.send_header(self, key, value)
155 def send_body(self, DATA, code = None, msg = None, desc = None, ctype='application/octet-stream', headers=None):
156 if headers and 'Connection' in headers:
158 elif self.request_version in ('HTTP/1.0', 'HTTP/0.9'):
160 elif self.close_connection == 1: # close header already sent
165 if self.headers.get('Connection',False) == 'Keep-Alive':
166 headers['Connection'] = 'keep-alive'
168 DAVRequestHandler.send_body(self, DATA, code=code, msg=msg, desc=desc,
169 ctype=ctype, headers=headers)
173 uri=urlparse.urljoin(self.get_baseuri(dc), self.path)
174 uri=urllib.unquote(uri)
176 if self.headers.has_key('If-Match'):
180 for match in self.headers['If-Match'].split(','):
186 if dc.match_prop(uri, match, "DAV:", "getetag"):
191 self.send_status(412)
194 # Handle If-None-Match
195 if self.headers.has_key('If-None-Match'):
198 for match in self.headers['If-None-Match'].split(','):
204 if dc.match_prop(uri, match, "DAV:", "getetag"):
209 self.send_status(412)
213 expect = self.headers.get('Expect', '')
214 if (expect.lower() == '100-continue' and
215 self.protocol_version >= 'HTTP/1.1' and
216 self.request_version >= 'HTTP/1.1'):
217 self.send_status(100)
221 body=self._get_body()
223 # locked resources are not allowed to be overwritten
224 if self._l_isLocked(uri):
225 return self.send_body(None, '423', 'Locked', 'Locked')
228 if self.headers.has_key("Content-Type"):
229 ct=self.headers['Content-Type']
231 location = dc.put(uri, body, ct)
232 except DAV_Error, (ec,dd):
233 self.log_error("Cannot PUT to %s: %s", uri, dd)
234 return self.send_status(ec)
238 if location and isinstance(location, tuple):
240 location = location[0]
241 # note that we have allowed for > 2 elems
243 headers['Location'] = location
247 etag = dc.get_prop(location or uri, "DAV:", "getetag")
249 headers['ETag'] = str(etag)
253 self.send_body(None, '201', 'Created', '', headers=headers)
257 if self.headers.has_key("Content-Length"):
258 l=self.headers['Content-Length']
259 body=self.rfile.read(atoi(l))
264 DAVRequestHandler.do_DELETE(self)
265 except DAV_Error, (ec, dd):
266 return self.send_status(ec)
269 """ Unlocks given resource """
271 dc = self.IFACE_CLASS
272 self.log_message('UNLOCKing resource %s' % self.headers)
274 uri = urlparse.urljoin(self.get_baseuri(dc), self.path)
275 uri = urllib.unquote(uri)
277 token = self.headers.get('Lock-Token', False)
279 token = token.strip()
280 if token[0] == '<' and token[-1] == '>':
286 return self.send_status(400, 'Bad lock token')
289 res = dc.unlock(uri, token)
290 except DAV_Error, (ec, dd):
291 return self.send_status(ec, dd)
294 self.send_body(None, '204', 'OK', 'Resource unlocked.')
296 # We just differentiate the description, for debugging purposes
297 self.send_body(None, '204', 'OK', 'Resource not locked.')
300 """ Attempt to place a lock on the given resource.
303 dc = self.IFACE_CLASS
306 self.log_message('LOCKing resource %s' % self.headers)
309 if self.headers.has_key('Content-Length'):
310 l = self.headers['Content-Length']
311 body = self.rfile.read(atoi(l))
313 depth = self.headers.get('Depth', 'infinity')
315 uri = urlparse.urljoin(self.get_baseuri(dc), self.path)
316 uri = urllib.unquote(uri)
317 self.log_message('do_LOCK: uri = %s' % uri)
319 ifheader = self.headers.get('If')
322 ldif = IfParser(ifheader)
323 if isinstance(ldif, list):
324 if len(ldif) !=1 or (not isinstance(ldif[0], TagList)) \
325 or len(ldif[0].list) != 1:
326 raise DAV_Error(400, "Cannot accept multiple tokens")
327 ldif = ldif[0].list[0]
328 if ldif[0] == '<' and ldif[-1] == '>':
331 lock_data['token'] = ldif
334 lock_data['refresh'] = True
336 lock_data['refresh'] = False
337 lock_data.update(self._lock_unlock_parse(body))
339 if lock_data['refresh'] and not lock_data.get('token', False):
340 raise DAV_Error(400, 'Lock refresh must specify token')
342 lock_data['depth'] = depth
345 created, data, lock_token = dc.lock(uri, lock_data)
346 except DAV_Error, (ec, dd):
347 return self.send_status(ec, dd)
350 if not lock_data['refresh']:
351 headers['Lock-Token'] = '<%s>' % lock_token
354 self.send_body(data, '201', 'Created', ctype='text/xml', headers=headers)
356 self.send_body(data, '200', 'OK', ctype='text/xml', headers=headers)
358 def _lock_unlock_parse(self, body):
359 # Override the python-webdav function, with some improvements
360 # Unlike the py-webdav one, we also parse the owner minidom elements into
361 # pure pythonic struct.
362 doc = minidom.parseString(body)
366 for info in doc.getElementsByTagNameNS('DAV:', 'lockinfo'):
367 for scope in info.getElementsByTagNameNS('DAV:', 'lockscope'):
368 for scc in scope.childNodes:
369 if scc.nodeType == info.ELEMENT_NODE \
370 and scc.namespaceURI == 'DAV:':
371 data['lockscope'] = scc.localName
373 for ltype in info.getElementsByTagNameNS('DAV:', 'locktype'):
374 for ltc in ltype.childNodes:
375 if ltc.nodeType == info.ELEMENT_NODE \
376 and ltc.namespaceURI == 'DAV:':
377 data['locktype'] = ltc.localName
379 for own in info.getElementsByTagNameNS('DAV:', 'owner'):
380 for ono in own.childNodes:
381 if ono.nodeType == info.TEXT_NODE:
383 owners.append(ono.data)
384 elif ono.nodeType == info.ELEMENT_NODE \
385 and ono.namespaceURI == 'DAV:' \
386 and ono.localName == 'href':
388 for hno in ono.childNodes:
389 if hno.nodeType == info.TEXT_NODE:
391 owners.append(('href','DAV:', href))
394 data['lockowner'] = owners[0]
398 data['lockowner'] = owners
401 from service.http_server import reg_http_service,OpenERPAuthProvider
403 class DAVAuthProvider(OpenERPAuthProvider):
404 def authenticate(self, db, user, passwd, client_address):
405 """ authenticate, but also allow the False db, meaning to skip
406 authentication when no db is specified.
410 return OpenERPAuthProvider.authenticate(self, db, user, passwd, client_address)
414 if (config.get_misc('webdav','enable',True)):
415 directory = '/'+config.get_misc('webdav','vdir','webdav')
417 verbose = config.get_misc('webdav','verbose',True)
418 handler.debug = config.get_misc('webdav','debug',True)
419 _dc = { 'verbose' : verbose,
420 'directory' : directory,
421 'lockemulation' : True,
424 conf = OpenDAVConfig(**_dc)
425 handler._config = conf
426 reg_http_service(HTTPDir(directory,DAVHandler,DAVAuthProvider()))
427 netsvc.Logger().notifyChannel('webdav', netsvc.LOG_INFO, "WebDAV service registered at path: %s/ "% directory)
429 logger = netsvc.Logger()
430 logger.notifyChannel('webdav', netsvc.LOG_ERROR, 'Cannot launch webdav: %s' % e)