[Checkins] SVN: zopyx.smartprintng.server/branches/calibre-integration/zopyx/smartprintng/server/ added authentication and authorization support

Andreas Jung andreas at andreas-jung.com
Sun Sep 13 05:03:38 EDT 2009 

Log message for revision 103888:
  added authentication and authorization support
  

Changed:
  A   zopyx.smartprintng.server/branches/calibre-integration/zopyx/smartprintng/server/nullauth.py
  U   zopyx.smartprintng.server/branches/calibre-integration/zopyx/smartprintng/server/run.py
  U   zopyx.smartprintng.server/branches/calibre-integration/zopyx/smartprintng/server/tests.py
  U   zopyx.smartprintng.server/branches/calibre-integration/zopyx/smartprintng/server/views.py

-=-
Added: zopyx.smartprintng.server/branches/calibre-integration/zopyx/smartprintng/server/nullauth.py
===================================================================
--- zopyx.smartprintng.server/branches/calibre-integration/zopyx/smartprintng/server/nullauth.py	                        (rev 0)
+++ zopyx.smartprintng.server/branches/calibre-integration/zopyx/smartprintng/server/nullauth.py	2009-09-13 09:03:37 UTC (rev 103888)
@@ -0,0 +1,16 @@
+
+##########################################################################
+# zopyx.smartprintng.server
+# (C) 2008, 2009, ZOPYX Ltd & Co. KG, Tuebingen, Germany
+##########################################################################
+
+def authenticateRequest(username, password):
+    """ Anonymous authentication """
+
+    return True
+
+
+def authorizeRequest(auth_token):
+    """ Anonymous authorization """
+
+    return True

Modified: zopyx.smartprintng.server/branches/calibre-integration/zopyx/smartprintng/server/run.py
===================================================================
--- zopyx.smartprintng.server/branches/calibre-integration/zopyx/smartprintng/server/run.py	2009-09-13 08:39:36 UTC (rev 103887)
+++ zopyx.smartprintng.server/branches/calibre-integration/zopyx/smartprintng/server/run.py	2009-09-13 09:03:37 UTC (rev 103888)
@@ -6,6 +6,7 @@
 import os
 from repoze.bfg.router import make_app
 import mail_util
+from views import have_authentication
 
 def app(global_config, **kw):
     """ This function returns a repoze.bfg.router.Router object.  It
@@ -28,5 +29,10 @@
     LOG.info('SmartPrintNG server started')
     LOG.info('Temp directory: %s' % root.temp_directory)
     LOG.info('Spool directory: %s' % spool_directory)
+    if have_authentication:
+        LOG.info('Authentication module found - server requires authentication')
+    else:
+        LOG.info('No auth module found - serving for anonymous')
+
     return make_app(get_root, zopyx.smartprintng.server, options=kw)
 

Modified: zopyx.smartprintng.server/branches/calibre-integration/zopyx/smartprintng/server/tests.py
===================================================================
--- zopyx.smartprintng.server/branches/calibre-integration/zopyx/smartprintng/server/tests.py	2009-09-13 08:39:36 UTC (rev 103887)
+++ zopyx.smartprintng.server/branches/calibre-integration/zopyx/smartprintng/server/tests.py	2009-09-13 09:03:37 UTC (rev 103888)
@@ -122,7 +122,7 @@
         request = testing.DummyRequest(headers=headers, post=True)
         zip_archive = os.path.join(os.path.dirname(__file__), 'test_data', 'test.zip')
         zip_data = file(zip_archive, 'rb').read()
-        params = xmlrpclib.dumps((base64.encodestring(zip_data), 'pdf-prince'))
+        params = xmlrpclib.dumps(('', base64.encodestring(zip_data), 'pdf-prince'))
         request.body = xml2 % params
         result = convertZIP(context, request)
         self.assertEqual(result.status, '200 OK')
@@ -142,7 +142,7 @@
         request = testing.DummyRequest(headers=headers, post=True)
         zip_archive = os.path.join(os.path.dirname(__file__), 'test_data', 'test.zip')
         zip_data = file(zip_archive, 'rb').read()
-        params = xmlrpclib.dumps((base64.encodestring(zip_data), 'pdf-prince'))
+        params = xmlrpclib.dumps(('', base64.encodestring(zip_data), 'pdf-prince'))
         request.body = xml3 % params
         result = convertZIPandRedirect(context, request)
         self.assertEqual(result.status, '200 OK')

Modified: zopyx.smartprintng.server/branches/calibre-integration/zopyx/smartprintng/server/views.py
===================================================================
--- zopyx.smartprintng.server/branches/calibre-integration/zopyx/smartprintng/server/views.py	2009-09-13 08:39:36 UTC (rev 103887)
+++ zopyx.smartprintng.server/branches/calibre-integration/zopyx/smartprintng/server/views.py	2009-09-13 09:03:37 UTC (rev 103888)
@@ -19,6 +19,13 @@
 from models import Server
 from logger import LOG
 
+try:
+    from zopyx.smartprintng.authentication import authenticateRequest, authorizeRequest
+    have_authentication = True
+except ImportError:
+    from nullauth import authenticateRequest, authorizeRequest
+    have_authentication = False
+
 static_view = static('templates/static')
 
 spool_directory = os.path.join(tempfile.gettempdir(), 
@@ -83,10 +90,26 @@
 # XMLRPC views
 ##################
 
+ at bfg_view(name='authenticate', for_=Server)
+ at xmlrpc_view
+def authenticate(context, username, password):
 
+    if not have_authentication:
+        return True
+
+    try:
+        return authenticateRequest(username, password)
+    except Exception, e:
+        msg = 'Authentication failed (%s)' % e
+        LOG.error(msg, exc_info=True)
+        return xmlrpclib.Fault(123, msg)
+
 @bfg_view(name='convertZIP', for_=Server)
 @xmlrpc_view
-def convertZIP(context, zip_archive, converter_name='pdf-prince'):
+def convertZIP(context, auth_token, zip_archive, converter_name='pdf-prince'):
+
+    authorizeRequest(auth_token)
+
     try:
         return context.convertZIP(zip_archive, converter_name)
     except Exception, e:
@@ -97,7 +120,10 @@
 
 @bfg_view(name='convertZIPEmail', for_=Server)
 @xmlrpc_view
-def convertZIPEmail(context, zip_archive, converter_name='pdf-prince', sender=None, recipient=None, subject=None, body=None):
+def convertZIPEmail(context, auth_token, zip_archive, converter_name='pdf-prince', sender=None, recipient=None, subject=None, body=None):
+
+    authorizeRequest(auth_token)
+
     try:
         return context.convertZIPEmail(zip_archive, converter_name, sender, recipient, subject, body)
     except Exception, e:
@@ -108,7 +134,7 @@
 
 @bfg_view(name='convertZIPandRedirect',  for_=Server)
 @xmlrpc_view
-def convertZIPandRedirect(context, zip_archive, converter_name='prince-pdf', prefix=None):
+def convertZIPandRedirect(context, auth_token, zip_archive, converter_name='prince-pdf', prefix=None):
     """ This view appects a ZIP archive through a POST request containing all
         relevant information (similar to the XMLRPC API). However the converted
         output file is not returned to the caller but delivered "directly" through
@@ -119,6 +145,8 @@
          view (in order to avoid redudant code).)
     """
 
+    authorizeRequest(auth_token)
+
     try:
         output_archivename, output_filename = context._processZIP(zip_archive, converter_name)
         output_ext = os.path.splitext(output_filename)[1]

More information about the checkins mailing list