Start adding html and resources

47fd557a · Franco (nextime) Lanza · 5e31a364 · 47fd557a · 47fd557a · 47fd557a
Commit 47fd557a authored Jan 11, 2018 by Franco (nextime) Lanza
5 changed files
--- a/Web/resources/img/favicon.ico
+++ b/Web/resources/img/favicon.ico
--- a/Web/resources/index.html
+++ b/Web/resources/index.html
+<html>
+<body>
+Directory listing denied
+</body>
+</html>
--- a/Web/resources/login.html
+++ b/Web/resources/login.html
+<html>
+<head>
+<title>Penguidom GUI</title>
+   <meta charset="UTF-8" />
+   <meta name="viewport" content="width=device-width, initial-scale=0.85, maximum-scale=0.85, minimum-scale=0.85, user-scalable=no" />
+   <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=0.85" />
+<style>
+body {
+    background: none repeat scroll 0 0 #FBFBFB;
+    font-family: "HelveticaNeue-Light","Helvetica Neue Light","Helvetica Neue",sans-serif;
+    font-size: 12px;
+    height: 100%;
+    line-height: 1.4em;
+    margin: 0;
+    min-width: 0;
+    padding: 0;
+}
+.theme_dmblack {
+   background-color: #000 !important;
+}
+.login * {
+    margin: 0;
+    padding: 0;
+}
+.login form {
+   margin-left: 8px;
+   margin-right: 8px;
+   padding: 26px 24px 46px;
+   font-weight: normal;
+   background: #fff;
+   border: 1px solid #e5e5e5;
+   -webkit-box-shadow: rgba(200, 200, 200, 0.7) 0px 4px 10px -1px;
+   box-shadow: rgba(200, 200, 200, 0.7) 0px 4px 10px -1px;
+}
+.login form .theme_dmblack {
+   background-color: #c2c2c2;
+}
+.login .button-primary {
+   float: right;
+}
+.login form .forgetmenot {
+    float: left;
+    font-weight: normal;
+    margin-bottom: 0;
+}
+.login .button-primary {
+    float: right;
+}
+#login form p {
+    margin-bottom: 0;
+}
+#login form p.submit {
+    padding: 0;
+}
+.login label {
+    color: #777777;
+    font-size: 14px;
+}
+.login form .forgetmenot label {
+    font-size: 12px;
+    line-height: 19px;
+}
+.login h1 {
+    background-position: center top;
+    background-repeat: no-repeat;
+    display: block;
+    outline: 0 none;
+    overflow: hidden;
+    padding-bottom: 15px;
+}
+#login {
+    margin: auto;
+    padding: 114px 0 0;
+    width: 320px;
+}
+#login_error, .login .message {
+    margin: 0 0 16px 8px;
+    padding: 12px;
+}
+.login #nav, .login #backtoblog {
+    margin: 0 0 0 16px;
+    padding: 16px 16px 0;
+    text-shadow: 0 1px 0 #FFFFFF;
+}
+#backtoblog {
+    padding: 12px 16px 0;
+}
+.login, .login form .input, .login input[type="text"], .login input[type="password"] {
+    background: none repeat scroll 0 0 #FBFBFB;
+    border: 1px solid #E5E5E5;
+    box-shadow: 1px 1px 2px rgba(200, 200, 200, 0.2) inset;
+    color: #555555;
+    font-size: 24px;
+    font-weight: 200;
+    line-height: 1;
+    margin-bottom: 16px;
+    margin-right: 6px;
+    margin-top: 2px;
+    outline: 0 none;
+    padding: 3px;
+    width: 100%;
+   -webkit-border-radius: 3px;
+   border-radius: 3px;
+   border-width: 1px;
+   border-style: solid;
+}
+#login form {
+   padding: 20px;
+   padding-bottom: 40px;
+   background: #fff;
+}
+.login #pass-strength-result {
+    border-style: solid;
+    border-width: 1px;
+    font-weight: bold;
+    margin: 12px 0 6px;
+    padding: 6px 5px;
+    text-align: center;
+    width: 250px;
+}
+.mobile #login {
+    padding: 20px 0;
+}
+.mobile #login form, .mobile #login .message, .mobile #login_error {
+    margin-left: 0;
+}
+.mobile #login #nav, .mobile #login #backtoblog {
+    margin-left: 8px;
+}
+.mobile #login h1 a {
+    width: auto;
+}
+label {
+   text-align:left;
+}
+p {
+   text-align:left;
+}
+h4 {
+   text-align:center;
+   padding-bottom: 20px !important;
+}
+img {
+   padding-left: 20px;
+}
+/** LOgin button */
+.loginbutton {
+   float:right;
+   -moz-box-shadow:inset 0px 1px 0px 0px #c1ed9c;
+   -webkit-box-shadow:inset 0px 1px 0px 0px #c1ed9c;
+   box-shadow:inset 0px 1px 0px 0px #c1ed9c;
+   background:-webkit-gradient( linear, left top, left bottom, color-stop(0.05, #9dce2c), color-stop(1, #8cb82b) );
+   background:-moz-linear-gradient( center top, #9dce2c 5%, #8cb82b 100% );
+   filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#9dce2c', endColorstr='#8cb82b');
+   background-color:#9dce2c;
+   -moz-border-radius:6px;
+   -webkit-border-radius:6px;
+   border-radius:6px;
+   border:1px solid #83c41a;
+   display:inline-block;
+   color:#ffffff;
+   font-family:arial;
+   font-size:15px;
+   font-weight:bold;
+   padding:6px 24px;
+   text-decoration:none;
+   text-shadow:1px 1px 0px #689324;
+}.loginbutton:hover {
+   background:-webkit-gradient( linear, left top, left bottom, color-stop(0.05, #8cb82b), color-stop(1, #9dce2c) );
+   background:-moz-linear-gradient( center top, #8cb82b 5%, #9dce2c 100% );
+   filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#8cb82b', endColorstr='#9dce2c');
+   background-color:#8cb82b;
+}.loginbutton:active {
+   position:relative;
+   top:1px;
+}
+/* END LOGIN BUTTON */
+</style>
+@SCRIPT@
+</head>
+<body class="@THEME@">
+<div id="login" class="@THEME@" >
+<img src="/img/logo_login.png">
+<form name="loginform" id="login" class="login @THEME@" action="@PATH@" method="post">
+   <h4>Domotika Login</h4>
+   <p>
+      <label for="user_login">Username<br />
+      <input type="text" name="username" id="user_login" class="input" value="@USERNAME@" size="20" /></label>
+   </p>
+   <p>
+      <label for="user_pass">Password<br />
+      <input type="password" name="password" id="user_pass" class="input" value="@PASSWORD@" size="20" /></label>
+   </p>
+   <p class="forgetmenot"><label for="rememberme"><input name="rememberMe" type="checkbox" id="rememberme" value="Yes"  @CHECKED@ /> Remember Me</label></p>
+   <p class="submit">
+      <input type="submit" name="wp-submit" id="wp-submit" class="loginbutton" value="Login" />
+   </p>
+</form>
+</div>
+</body>
+</html>
--- a/Web/resources/xml/crossdomain.xml
+++ b/Web/resources/xml/crossdomain.xml
+<?xml version="1.0"?>
+<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
+<cross-domain-policy>
+   <allow-access-from domain="*" />
+</cross-domain-policy>
--- a/penguidom/web/web.py
+++ b/penguidom/web/web.py
@@ -27,42 +27,28 @@ try:
 except ImportError:
   from twisted.protocols import http
-import random
 import time
-try:
-   import hashlib
-   md5 = hashlib
-   md5.new = hashlib.md5
-   sha1 = hashlib.sha1
-except:
-   import md5
-   import sha1
-import urllib
-import logging
 from nexlibs.utils.blockingdefer import blockingDeferred
 from nexlibs.utils import genutils 
-import cgi, logging
+import logging
 from zope.interface import implements
 from twisted.cred import portal, checkers, credentials
 from nevow import inevow, rend, tags, loaders, flat, stan, guard
 from nevow import static as nstatic
-import proxy, mediaproxy, rest, bot
+import rest, bot
 import os, sys
-from twisted.python import reflect
 from twisted import cred
 from twisted.internet import defer
 from nevow import appserver
-import time
 import auth
 from nexlibs.utils.genutils import configFile
-import phpserialize
 log = logging.getLogger( 'Webgui' )
 curdir=os.path.abspath(os.path.dirname(sys.argv[0]))
 LOGINFILE=os.path.normpath("/".join([curdir, 'Web/resources/login.html']))
-from common import uni, GzipRequest, StaticFile, codeOk, permissionDenied, RedirectToHome, PHPRunner, neededPermission
+from common import uni, GzipRequest, StaticFile, codeOk, permissionDenied, RedirectToHome, neededPermission
 import ajax
 import sse
@@ -80,8 +66,7 @@ WEB_SYSTEM_PATHS=[
   '/favicon.ico',
 ]
-server.version='DomotikaWeb/1.0'
+server.version='PenguidomWeb/1.0'
 class RootPage(rend.Page):
@@ -125,14 +110,6 @@ class RootPage(rend.Page):
         return self.rest
      return self.childFactory(ctx, 'rest')
-   def child_sse(self, ctx):
-      if str(self.core.configGet('web', 'enableajaxgui')).lower() in ['yes', '1', 'y','true']:
-         session = inevow.ISession(ctx)
-         if not 'sse' in dir(session) or session.sse == False:
-            session.sse = sse.SseResource(self.core, session.mind.perms.username)
-         return session.sse
-      return self.childFactory(ctx, 'sse')
   def child_rawplugin(self, ctx):
      request = inevow.IRequest(ctx)
      pl=request.path.split("/")
@@ -158,44 +135,6 @@ class RootPage(rend.Page):
         log.debug("no plugin name in request")
      return self.childFactory(ctx, 'rawplugin')
-   def child_rawdaemon(self, ctx):
-      request = inevow.IRequest(ctx)
-      log.debug("Raw Daemon request for "+str(request.path))
-      pl=request.path.split("/")
-      if len(pl)>2:
-         dname=pl[2]
-         dconf=os.path.normpath("/".join([curdir, 'daemons', dname, 'conf', dname+".conf" ]))
-         log.debug("trying to read "+str(dconf))
-         if os.path.isfile(dconf):
-            try:
-               dcfg=configFile(dconf)
-               dcfg.readConfig()
-               port=int(dcfg.get('web','port'))
-            except:
-               port=False
-               log.debug("Cannot read config file for daemon "+dname)
-            if port:
-               self._sendProxySession(request, ctx)
-               log.debug("Proxying to daemon path "+str(request.path))
-               return proxy.WebProxyResource('localhost', port, path='/', remove=1)
-         else:
-            log.debug("Daemon hasn't a conf file to read")
-      else:
-         log.debug("no daemon name in request")
-      return self.childFactory(ctx, 'rawdaemon') 
-   def child_mediaproxy(self, ctx):
-      if str(self.core.configGet('web', 'enablemediagui')).lower() in ['yes', '1', 'y','true']:
-         self.mediaproxy = mediaproxy.MediaStreamProxy()
-         self.mediaproxy.core = self.core
-         return self.mediaproxy
-      return self.childFactory(ctx, 'mediaproxy')   
-   def child_genproxy(self, ctx):
-      return proxy.GenericProxy(self.core)
   def _addPermissions(self, ctx, name, session, request):
      def addPerms(dbres, ctx, name, session, request):
         try:
@@ -216,8 +155,6 @@ class RootPage(rend.Page):
         except:
            log.info("PERMISSION DB DENIED, USER: GUEST SESSION: "+str(session.uid)+" ARGS: "+str(request.args)+" REQ "+str(request))
         return permissionDenied(), ()
-      if not 'sse' in dir(session):
-         session.sse = False
      if not 'dmpermissions' in dir(session):
         session.dmpermissions={}
      if not request.path in session.dmpermissions.keys():
@@ -262,42 +199,9 @@ class RootPage(rend.Page):
      else:
         return self._addPermissions(ctx, name, session, request)
      log.debug("PERMISSION DENIED, SESSION: "+str(session.uid)+" ARGS: "+str(request.args)+" REQ "+str(request))
-      #return rend.Page.locateChild(self, ctx, name)
      return permissionDenied(), ()
-   def _sendProxySession(self, req, ctx):
-      session = inevow.ISession(ctx)
-      headers=req.requestHeaders
-      if headers.hasHeader("DMSESSION"):
-         headers.removeHeader("DMSESSION")
-      headervalue = str(session.uid)
-      cols=['username','passwd','id','homepath','email','tts','language','slide',
-            'webspeech','speechlang','gui_theme', 'left_bar','right_bar']
-      try:
-         headervalue = session.mind.perms.toHash(cols)
-      except:
-         headervalue={}
-         headervalue['username'] = "guest"
-         headervalue['passwd'] = ""
-         headervalue['id'] = 0
-         headervalue['homepath'] = '/'
-         headervalue['email'] = ""
-         headervalue['tts']= 0
-         headervalue['language']="it"
-         headervalue['slide'] = 0
-         headervalue['webspeech'] = 'touch'
-         headervalue['speechlang'] = 'it-IT'
-         headervalue['gui_theme' ] = 'dmblack'
-         headervalue['left_bar' ] = 'hidden-sm'
-         headervalue['right_bar' ] = 'hidden-sm'
-      headervalue['sessionid'] = session.uid
-      headervalue['logged'] = self.logged
-      log.debug('DMSESSION SEND '+str(headervalue))
-      headers.addRawHeader("DMSESSION", phpserialize.dumps(headervalue))
-      return req
   def child_(self, ctx):
      if str(self.core.configGet('web', 'enableusergui')).lower() not in ['yes', '1', 'y','true']:
         return "Permission Denied"
@@ -307,11 +211,6 @@ class RootPage(rend.Page):
      request = inevow.IRequest(ctx)
      host=request.getHeader('host')
      log.debug("HOST CALLED: "+str(host))
-      #log.info("Request: "+str(request))
-      if host and host in self.core.configGet('proxy', 'localproxyhosts').split(','):
-         self._sendProxySession(request, ctx)
-         return proxy.WebProxyResource('localhost', int(self.core.configGet('proxy', 'localproxyport')), path='/')
-      else:
      if self.logged:
         if(len(self.perms.homepath)) > 0:
            request.setHeader('Location', self.perms.homepath);
@@ -323,17 +222,9 @@ class RootPage(rend.Page):
      return html
   def childFactory(self, ctx, name):
-      #log.info("childFactory "+str(name))
      request = inevow.IRequest(ctx)
-      #log.info("childFactory2 "+str(request))
-      if name in self.core.configGet('proxy', 'localproxypaths').split(','):
-         self._sendProxySession(request, ctx)
-         return proxy.WebProxyResource('localhost', 80, path='/'+name)
      host=request.getHeader('host')
      log.debug("HOST CALLED: "+str(host))
-      if host and host in self.core.configGet('proxy', 'localproxyhosts').split(','):
-         self._sendProxySession(request, ctx)
-         return proxy.WebProxyResource('localhost', 80, path='/'+name)
      log.debug("No child found (%s)" % name)
      return permissionDenied()
@@ -390,9 +281,6 @@ class SessionWrapper(guard.SessionWrapper):
      host=request.getHeader('host')
      log.info("USERNAME: "+str(request.getUser())+" "+str(request.getPassword()))
      log.debug("SessionWrapper HOST CALLED: "+str(host))
-      if host and host in self.core.configGet('proxy', 'localproxyhostsnologin').split(','):
-         log.debug("Proxy Bypass Host in SessionWrapper renderHTTP "+host)
-         return proxy.WebProxyResource('localhost', int(self.core.configGet('proxy', 'localproxyport')), path='/')
      return guard.SessionWrapper.renderHTTP(self, ctx)
@@ -402,52 +290,14 @@ class SessionWrapper(guard.SessionWrapper):
      if name=='':
         name="/"
      log.info("SessionWrapper locateChild "+str(name)+" from IP:"+str(request.getClientIP()))
-      if name: 
+      if name and name.startswith('bot/'):
-         if name.startswith('mediaproxy') and request.getClientIP()=='127.0.0.1':
-            mp = mediaproxy.MediaStreamProxy()
-            mp.core = self.core
-            return (mp, segments[1:]) 
-         if name.startswith('bot/'):
         # Bypass for chat bots
         chatbot = bot.BotPages()
         chatbot.core = self.core
         return (chatbot,  segments[1:])
-         for n in self.core.configGet('proxy', 'localproxypathsnologin').split(','):
-            if n and name.startswith(n):
-               log.info("Proxy Bypass localproxypathsnologin locateChild "+name)
-               return (proxy.WebProxyResource('localhost', 80, path='/'+name), '')
-         for n in self.core.configGet('web', 'nologinpaths').split(','):
-            if n and name.startswith(n):
-               if not ((name==n and n.endswith("/")) or (name[:-1]==n and name.endswith("/"))):
-                  log.debug("Nologin path "+str(name))
-                  return (StaticFile(curdir+'/Web/'+name), '')
      host=request.getHeader('host')
      log.debug("SessionWrapper HOST CALLED: "+str(host))
-      for n in self.core.configGet('proxy', 'localproxyhostsnologin').split(','):
-         if n and host==n:
-            log.info("Proxy Bypass Host in SessionWrapper locateChild "+host)
-            return (proxy.WebProxyResource('localhost', 80, path='/'+name), '')
-      u = self.core.configGet('web', 'nologindefaultuser')
-      p = self.core.configGet('web', 'nologindefaultpass')
-      for n in self.core.configGet('web', 'nologinips').split(','):
-         if ':' in n:
-            nn = n.split(':')
-            n = nn[0]
-            if len(nn) > 1:
-               u = nn[1]
-            if len(nn) > 2:
-               p = nn[2]
-         if n and n!='no' and n!='':
-            if genutils.isIp(n):
-               if n==request.getClientIP():
-                  log.info("IP "+str(request.getClientIP())+" permitted with user "+str(u)+" checking auth...")
-                  request.args["username"] = [u]
-                  request.args["password"] = [p]
-                  request.getUser = lambda: u
-                  request.getPassword = lambda: p
-                  break
      if request.getUser() and request.getPassword():
         log.info("BASIC AUTH REQUESTED FOR USER "+str(request.getUser()))
         request.args["username"] = [request.getUser()]
@@ -470,10 +320,10 @@ class LogoutPage(rend.Page):
   def renderHTTP(self, ctx):
      request = inevow.IRequest(ctx)
-      rmec=request.getCookie("Domotikad_rme")
+      rmec=request.getCookie("Penguidom_rme")
      # XXX Come si fa a capire SE esiste? ritorna davvero None?
      if rmec:
-         request.addCookie("Domotikad_rme", str(rmec), path="/", secure=True,
+         request.addCookie("Penguidom_rme", str(rmec), path="/", secure=True,
            expires=http.datetimeToString(time.time()))
      request.setHeader('Location', self.locpath)
      request.setResponseCode(302)
@@ -514,7 +364,7 @@ class RootAuthPage(RootPage):
            except:
               expire=http.datetimeToString(time.time() + 3600*24*365*10)
-            request.addCookie("Domotikad_rme", str(self.perms.id)+':'+rme, 
+            request.addCookie("Penguidom_rme", str(self.perms.id)+':'+rme, 
               path="/", secure=True, expires=expire)
      return RootPage.locateChild(self, ctx, name)
@@ -534,7 +384,7 @@ class LoginPage(rend.Page):
   addSlash = True
   html="""<html><head>
-<title>Domotika GUI</title>
+<title>Penguidom GUI</title>
 @SCRIPT@
 </head>
 <body class="@THEME@">
@@ -574,21 +424,19 @@ class LoginPage(rend.Page):
         cookies=cookies.replace(" ","").split(';')
         for cookie in cookies:
            cookiename = cookie.split("=")[0]
-            if cookiename.startswith('Domotikad_session'):
+            if cookiename.startswith('Penguidom_session'):
               log.info("REMOVE COOKIE: "+str(request.getCookie(cookie.split("=")[0])))
               # XXX This won't work as expected if user is logging in with path != from "/"
               # Also, is cookie secure even for http requests?
               request.addCookie(cookiename, cookie.split("=")[1],  expires=http.datetimeToString(time.time()), path="/", secure=True)
-            elif cookiename.startswith('Domotikad_rme'):
+            elif cookiename.startswith('Penguidom_rme'):
-               rmec=str(request.getCookie("Domotikad_rme"))
+               rmec=str(request.getCookie("Penguidom_rme"))
               log.info("RememberMe COOKIE FOUND: "+rmec)
               rmecl = rmec.split(':')
               try:
                  if len(rmecl) > 1:
                     uid = str(int(rmecl[0]))
                     rme = self.core.getUserFromID(uid)
-                  #request.setHeader('Location', '/'+self.resolution+'/home')
-                  #request.setResponseCode(302)
               except:
                  pass
@@ -635,7 +483,7 @@ class LoginPage(rend.Page):
               except:
                  expire=http.datetimeToString(time.time() + 3600*24*365*10)
-               req.addCookie("Domotikad_rme", has,
+               req.addCookie("Penguidom_rme", has,
                  path="/", secure=True, expires=expire)
               html = self.html.replace("@PATH@", '/__login__'+req.uri)
@@ -647,7 +495,7 @@ class LoginPage(rend.Page):
               log.debug("login html")
               return html
-      req.addCookie("Domotikad_rme", has, path="/", secure=True, expires=http.datetimeToString(time.time()))
+      req.addCookie("Penguidom_rme", has, path="/", secure=True, expires=http.datetimeToString(time.time()))
      return self.getStandardHTML(req.path)
   def child_bot(self, ctx):
@@ -662,7 +510,7 @@ class LoginPage(rend.Page):
      return self
-class DomotikaAuthRealm(object):
+class PenguidomAuthRealm(object):
   """A simple implementor of cred's IRealm.
      For web, this gives us the LoggedIn page.
   """
@@ -690,21 +538,20 @@ class DomotikaAuthRealm(object):
               resc.realm = self
               resc.core = self.core
               if str(self.core.configGet('web', 'enableajaxgui')).lower() in ['yes', '1', 'y','true']:
-                  resc.putChild('autobahn', ajax.getAutoBahn(self.core, resc.port))
                  resc.putChild('sockjs', ajax.getSocketJSResource(self.core))
               return (inevow.IResource, resc, resc.logout)
      raise NotImplementedError("Can't support that interface.")
 def getAuthResource(core):
-   realm = DomotikaAuthRealm(core.configGet('web', 'sslport'))
+   realm = PenguidomAuthRealm(core.configGet('web', 'sslport'))
   realm.core = core
   porta = portal.Portal(realm)
   mycheck=auth.clientAuth()
   mycheck.core = core
   porta.registerChecker(checkers.AllowAnonymousAccess(), credentials.IAnonymous)
   porta.registerChecker(mycheck)
-   site = SessionWrapper(porta, 'Domotikad_session', mindFactory=auth.mindFactory)
+   site = SessionWrapper(porta, 'Penguidom_session', mindFactory=auth.mindFactory)
   site.core = core
   return site