source: TI07-MOLES/trunk/StubB/XSLT/browse/portal/cgi/browseCGI.py @ 938

#!/usr/bin/env python
# CGI Script to support prototype NDG MOLES_Portal (Browse) functionality
# Bryan Lawrence, April, 2006

import cgi
#import cgitb;ctitb.enable()

import os
import ElementTree as ET

from insecure import *
from secure import *
from stubB import *

from renderEntity import renderEntity
from renderPage import renderPage
from Utilities import *

import Cookie

class BrowseSession:
        
        ''' Holds the browse history and contact details for the NDG session manager, designed
        to work with the discovery portal as well '''
        
        def __init__(self,cookie,url,config):
                
                '''Instantiate with an unsecured browse session (security only
                required if a secure resource is the target) '''
                self.config=config
                self.rawCookie=cookie
                self.cookie=Cookie.SimpleCookie(cookie)
                self.history=RingBuffer(10)
                self.__loadBrowseHistory()
        
        def makeGateway(self):
                ''' Make connection to NDG security '''
                self.ndgGate=gateway2NDGsession(self.rawCookie,self.config)
        
        def __toXML(self):
                ''' Used to serialise the history into a cookie string '''
                xml='<BH>'
                for uri,name in self.getHistory():
                        xml+='<i><u>%s</u><n>%s</n></i>'%(uri,name)
                xml+='</BH>'
                return xml
                                
        def __loadBrowseHistory(self):
                ''' get the string of URI values out of the cookie (if it's there)'''
                try:
                        self.tree=ET.fromstring(self.cookie['BrowseHistory'].value)
                        for item in self.tree:
                                self.addToHistory(item.find('u').text,item.find('n').text,ignore=True)
                except:
                        pass
        def addToHistory(self,uri,name,ignore=False):
                ''' Add a URI to the session history'''
                if not ignore:
                        current=self.getHistory()
                        if (uri,name) not in current:
                                self.history.append((uri,name))
                else:
                        self.history.append((uri,name))
        def getHistory(self):
                ''' Return a list of the items in the history '''
                return self.history.tolist()
        def getCredentials(self):
                '''Obtain the attribute certificate from the wallet '''
                return 'empty attribute certificate'
        def makeCookie(self):
                ''' Create a local cookie '''
                import md5,time,base64
                # start by creating a unique session id
                m=md5.new()
                m.update('this is a seed string')
                m.update(str(time.time()))
                cookie=Cookie.SimpleCookie()
                cookie['session']=base64.encodestring(m.digest())[:-3].replace("/", "$")
                cookie['BrowseHistory']=self.__toXML()
                return cookie
        
class CGIcontroller:
        ''' Currently holds the cgi environment and controls '''
        
        def __init__(self):
                ''' Instantiate the CGI environment'''
                self.env=os.environ
                self.path=self.env.get('PATH_INFO','/')
                self.FieldStorage=cgi.FieldStorage()
                self.config=myConfig('cgi/browse.config')
                self.response=Response()

        def goforit(self):
                ''' This method actually responds to the user'''
                
                #Instantiate the Session Environment
                self.cookie=self.env.get('HTTP_COOKIE',None)

                #this will do for the moment, although I'd rather the whole
                #URI was self consistent ...
                
                if self.FieldStorage.has_key('uri'):
                        self.uri=self.FieldStorage['uri'].value
                else: 
                        return self.error('No valid URI')
                
                self.session=BrowseSession(self.cookie,self.uri,self.config)
                if self.config.logfile is not None: self.config.log(self.cookie)
                
                #Handle authorisation
                self.ac=self.session.getCredentials()
                
                #get the xml document
                db=self.config.get('db','exist',None)
                xml=insecureGetDoc(self.uri,db)
                
                #create stub-b instance
                self.b=stubB(xml,makeHTML=renderEntity)
                
                if self.b.xml is None:
                    content=self.error('Unable to obtain stub-B from database')
                else:
                    self.session.addToHistory(self.b.Burl,self.b.abbreviation)
                    self.response.cookie=self.session.makeCookie()
                    if  self.b.constraints.exist:
                        # we need to evaluate them
                        access=self.session.ndgGate.check(self.b.constraints.SimpleCondition)
                    else:
                        access=1
                    if access:
                        content=self.b.toHTML()
                    else:
                        content=self.error('No access to Secure Metadata')
                
                historyHTML='<p>'
                for item in self.session.getHistory():
                        historyHTML+='<a href="%s">%s</a><br/>'%item
                historyHTML+='</p>'
                self.response.content=renderPage(
                        content,historyHTML,historyHTML,self.b.name,self.config)
                return self.response
                
        def error(self,message):
                ''' Construct a nice formal response, but don't throw a 404 ... '''
                return '<p>Error: %s</p>'%message