-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrest.py
149 lines (128 loc) · 4.08 KB
/
rest.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
#!/usr/bin/python
#
# Access control, file/directory permission, authorization.
#
# TODO:
# ~ for home of HTTP authenticator
#
DEBUG = 4
class Rest():
def __init__(self, db):
self.db = db
def can_access(self, user, path):
"""
If the user is permitted to access this directory
'user' -- String. The username in the Authenticate header.
None if no authenticate header.
'path' -- String. The path to access.
Can be a file or a directory.
Returns: True if the user is accessible to the path.
"""
if not self.db.need_authentication(path):
# Free for all. No need to authenticate.
if DEBUG >= 5:
print "The path '%s' is free to access (not under .htpasswd)." % path
return True
if user is None:
if DEBUG >= 5:
print "The path '%s' isn't free to access, but no user is provided." % path
return False
#
# return error if the 'user' is not prefix of 'path'.
#
i = 0
u = self.db.safe_path(user.split("/")).split("/")
p = self.db.safe_path(path.split("/")).split("/")
if DEBUG >= 5:
print "User: ", u
print "Path: ", p
if len(u) > len(p):
return False
for i in range(len(u)):
if u[i] != p[i]:
return False
if DEBUG >= 5:
print "The user '%s' is able to access the path '%s'." % (user, path)
return True
def handle(self, http_method, full_path, args = None):
if args and "action" in args:
http_method = args["action"][0]
if args and "content" in args:
content = args["content"][0]
else:
content = ""
if len(full_path) > 1 and full_path[-1] == "/":
slash_at_end = True
else:
slash_at_end = False
# split path into array
path = full_path.split("/")
type = self.db.path_type(path)
if http_method == "GET":
if type is self.db.DIR:
ret = self.db.get_dir(path)
status_code = 200
elif type is self.db.FILE:
ret = self.db.get_file(path)
status_code = 200
else:
ret = "GET %s is not found." % full_path
status_code = 404
elif http_method == "PUT":
if slash_at_end:
if self.db.put_dir(path):
ret = "PUT: dirctory %s is created." % full_path
status_code = 201
else:
ret = "PUT: directory %s is failed." % full_path
status_code = 403
else:
if self.db.put_file(path, content):
ret = "PUT: file %s is created." % full_path
status_code = 201
else:
ret = "PUT: file %s is failed." % full_path
status_code = 403
elif http_method == "UPDATE":
if type is self.db.FILE:
if self.db.update_file(path, content):
ret = "UPDATE: file %s is updated." % full_path
status_code = 200
else:
ret = "UPDATE: file %s is failed." % full_path
status_code = 403
else:
ret = "UPDATE: %s is not a file." % full_path
status_code = 403
elif http_method == "DELETE":
if type is self.db.DIR:
if self.db.delete_dir(path):
ret = "DELETE: directory %s is deleted." % full_path
status_code = 200
else:
ret = "DELETE: directory %s is failed." % full_path
status_code = 403
elif type is self.db.FILE:
if self.db.delete_file(path):
ret = "DELETE: file %s is deleted." % full_path
status_code = 200
else:
ret = "DELETE: file %s is failed." % full_path
status_code = 403
elif type is self.db.NOT_EXIST:
ret = "DELETE: file %s is not found." % full_path
status_code = 404
else:
ret = "DELETE: type %d of path %s is not supported." % (type, full_path)
status_code = 501
""" TODO:
elif http_method == "POST":
if type is self.db.DIR:
ret = self.db.post_dir(path, content)
else:
ret = self.db.EXISTED
"""
else:
status_code = 400
ret = "The HTTP method %s is not supported." % http_method
return (status_code, ret)