| 1 | #!/usr/bin/env python |
|---|
| 2 | # CGI Script to support prototype NDG MOLES_Portal (Browse) functionality |
|---|
| 3 | # Bryan Lawrence, April, 2006 |
|---|
| 4 | |
|---|
| 5 | |
|---|
| 6 | import cgi |
|---|
| 7 | import os |
|---|
| 8 | |
|---|
| 9 | xalanCLASSPATH='wherever' |
|---|
| 10 | |
|---|
| 11 | def insecureGetDoc(uri): |
|---|
| 12 | ''' Use Kevin's code to get the document from exist ''' |
|---|
| 13 | return '' |
|---|
| 14 | |
|---|
| 15 | def doXSLT (document,xsltMethod): |
|---|
| 16 | ''' Handle a possibly external transformation to produce an html page ''' |
|---|
| 17 | return '<p> One day a document</p>' |
|---|
| 18 | |
|---|
| 19 | def EvaluateCredentials(ac,securityMetadata): |
|---|
| 20 | ''' Take Moles security metadata and compare with attribute certificate ''' |
|---|
| 21 | return 1 |
|---|
| 22 | |
|---|
| 23 | class BrowseSession: |
|---|
| 24 | ''' Holds the browse history and contact details for the NDG session manager ''' |
|---|
| 25 | def __init__(self,cookie): |
|---|
| 26 | '''Instantiate and get security environment''' |
|---|
| 27 | self.cookie=cookie |
|---|
| 28 | self.history=[] |
|---|
| 29 | def addToHistory(self,uri): |
|---|
| 30 | ''' Add a URI to the session history''' |
|---|
| 31 | self.history.append(uri) |
|---|
| 32 | def getCredentials(self): |
|---|
| 33 | '''Obtain the attribute certificate from the wallet ''' |
|---|
| 34 | pass |
|---|
| 35 | |
|---|
| 36 | class StubB: |
|---|
| 37 | ''' Holds the stub-b document and provides methods which get and manipulate it ''' |
|---|
| 38 | |
|---|
| 39 | def __init__(self,uri,xsltMethod='JavaXalan'): |
|---|
| 40 | '''Instantiate by getting URI from exist database''' |
|---|
| 41 | try: |
|---|
| 42 | self.xml=insecureGetDoc(uri) |
|---|
| 43 | except: |
|---|
| 44 | raise 'NotFound' |
|---|
| 45 | self.xsltMethod=xsltMethod |
|---|
| 46 | |
|---|
| 47 | def getSecurityDetails(self): |
|---|
| 48 | '''Obtain the roles and attribute authority address''' |
|---|
| 49 | #issue an xquery on the stub-b |
|---|
| 50 | #parse for roles |
|---|
| 51 | #parse for AA WSDL |
|---|
| 52 | roles=[] |
|---|
| 53 | AAaddress='' |
|---|
| 54 | return roles, AAaddress |
|---|
| 55 | |
|---|
| 56 | def toHTML(self): |
|---|
| 57 | return doXSLT(self.xml,self.xsltMethod) |
|---|
| 58 | |
|---|
| 59 | class CGIcontroller: |
|---|
| 60 | ''' Currently holds the cgi environment and controls ''' |
|---|
| 61 | |
|---|
| 62 | def __init__(self): |
|---|
| 63 | ''' Instantiate the CGI environment''' |
|---|
| 64 | self.env=os.environ |
|---|
| 65 | self.path=self.env.get('PATH_INFO','/') |
|---|
| 66 | self.FieldStorage=cgi.FieldStorage() |
|---|
| 67 | |
|---|
| 68 | def goforit(self): |
|---|
| 69 | ''' This method actually responds to the user''' |
|---|
| 70 | |
|---|
| 71 | #Instantiate the Session Environment |
|---|
| 72 | self.cookie=self.env.get('HTTP_COOKIE',None) |
|---|
| 73 | |
|---|
| 74 | self.session=BrowseSession(self.cookie) |
|---|
| 75 | |
|---|
| 76 | #Handle authorisation |
|---|
| 77 | self.ac=self.session.getCredentials() |
|---|
| 78 | |
|---|
| 79 | #the uri may not be the whole path, but this will do for the moment |
|---|
| 80 | self.uri=self.path |
|---|
| 81 | try: |
|---|
| 82 | self.b=StubB(self.uri) |
|---|
| 83 | except 'NotFound': |
|---|
| 84 | return self.error('NotFound') |
|---|
| 85 | |
|---|
| 86 | if EvaluateCredentials(self.ac,self.uri): |
|---|
| 87 | #we can show the user the page |
|---|
| 88 | return self.b.toHTML() |
|---|
| 89 | else: |
|---|
| 90 | return self.error('Not Allowed') |
|---|
| 91 | |
|---|
| 92 | def error(self,message): |
|---|
| 93 | ''' Construct a nice formal response with appropriate HTML headers ''' |
|---|
| 94 | return 'error' |
|---|
| 95 | |
|---|
