Mercurial > libervia-web
annotate libervia/server/constants.py @ 1480:e739600267cd
server (restricted_bridge): don't allow bridge methods modifying anything with service profile
author | Goffi <goffi@goffi.org> |
---|---|
date | Fri, 22 Oct 2021 16:04:24 +0200 |
parents | 095e94ca6728 |
children | ec3ad9abf9f9 |
rev | line source |
---|---|
1239 | 1 #!/usr/bin/env python3 |
2 | |
1275
334d044f2713
server: default theme can now be specified in site section of `sat.conf` with `theme` key
Goffi <goffi@goffi.org>
parents:
1257
diff
changeset
|
3 # Libervia: a SàT frontend |
1396 | 4 # Copyright (C) 2009-2021 Jérôme Poisson (goffi@goffi.org) |
317
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
5 |
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
6 # This program is free software: you can redistribute it and/or modify |
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
7 # it under the terms of the GNU Affero General Public License as published by |
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
8 # the Free Software Foundation, either version 3 of the License, or |
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
9 # (at your option) any later version. |
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
10 |
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
11 # This program is distributed in the hope that it will be useful, |
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
14 # GNU Affero General Public License for more details. |
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
15 |
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
16 # You should have received a copy of the GNU Affero General Public License |
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
17 # along with this program. If not, see <http://www.gnu.org/licenses/>. |
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
18 |
860
05cd9dc775e6
server: use of relative import instead of try/except block in server/constants
Goffi <goffi@goffi.org>
parents:
856
diff
changeset
|
19 from ..common import constants |
317
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
20 |
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
21 |
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
22 class Const(constants.Const): |
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
23 |
1397
ed037818d6de
core (constants): renaming following global project renaming
Goffi <goffi@goffi.org>
parents:
1396
diff
changeset
|
24 APP_NAME = "Libervia Web" |
ed037818d6de
core (constants): renaming following global project renaming
Goffi <goffi@goffi.org>
parents:
1396
diff
changeset
|
25 APP_COMPONENT = "web" |
ed037818d6de
core (constants): renaming following global project renaming
Goffi <goffi@goffi.org>
parents:
1396
diff
changeset
|
26 APP_NAME_ALT = APP_NAME |
ed037818d6de
core (constants): renaming following global project renaming
Goffi <goffi@goffi.org>
parents:
1396
diff
changeset
|
27 APP_NAME_FILE = "libervia_web" |
1402
388558a30cf8
core (config): use component (i.e. "web") as config section
Goffi <goffi@goffi.org>
parents:
1397
diff
changeset
|
28 CONFIG_SECTION = APP_COMPONENT.lower() |
1479
095e94ca6728
pages: disable CSRF token check when service profile is used:
Goffi <goffi@goffi.org>
parents:
1435
diff
changeset
|
29 # the Libervia profile that is used for public operations (when nobody is connected) |
095e94ca6728
pages: disable CSRF token check when service profile is used:
Goffi <goffi@goffi.org>
parents:
1435
diff
changeset
|
30 SERVICE_PROFILE = "libervia" |
317
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
31 |
993
641664553a41
server: changed session timeout from 5 min to 2h, avoiding undesired disconnection on Libervia pages.
Goffi <goffi@goffi.org>
parents:
990
diff
changeset
|
32 SESSION_TIMEOUT = 7200 # Session's timeout, after that the user will be disconnected |
449
981ed669d3b3
/!\ reorganize all the file hierarchy, move the code and launching script to src:
souliane <souliane@mailoo.org>
parents:
445
diff
changeset
|
33 HTML_DIR = "html/" |
703
1a19ee7d8d8a
server_side: add default theme
souliane <souliane@mailoo.org>
parents:
685
diff
changeset
|
34 THEMES_DIR = "themes/" |
823
027139763511
server (blog): cleaning & improvments:
Goffi <goffi@goffi.org>
parents:
818
diff
changeset
|
35 THEMES_URL = "themes" |
317
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
36 MEDIA_DIR = "media/" |
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
37 CARDS_DIR = "games/cards/tarot" |
1216 | 38 PAGES_DIR = "pages" |
39 TASKS_DIR = "tasks" | |
40 LIBERVIA_CACHE = "libervia" | |
1246 | 41 SITE_NAME_DEFAULT = "default" |
1257
1ec41ac1e7cf
server: seperation between production build dir and dev build dir:
Goffi <goffi@goffi.org>
parents:
1253
diff
changeset
|
42 # generated files will be accessible there |
1216 | 43 BUILD_DIR = "__b" |
1246 | 44 BUILD_DIR_DYN = "dyn" |
1257
1ec41ac1e7cf
server: seperation between production build dir and dev build dir:
Goffi <goffi@goffi.org>
parents:
1253
diff
changeset
|
45 # directory where build files are served to the client |
1ec41ac1e7cf
server: seperation between production build dir and dev build dir:
Goffi <goffi@goffi.org>
parents:
1253
diff
changeset
|
46 PRODUCTION_BUILD_DIR = "sites" |
1ec41ac1e7cf
server: seperation between production build dir and dev build dir:
Goffi <goffi@goffi.org>
parents:
1253
diff
changeset
|
47 # directory used for files needed temporarily (e.g. for compiling other files) |
1ec41ac1e7cf
server: seperation between production build dir and dev build dir:
Goffi <goffi@goffi.org>
parents:
1253
diff
changeset
|
48 DEV_BUILD_DIR = "dev_build" |
317
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
49 |
1216 | 50 TPL_RESOURCE = '_t' |
1127
9234f29053b0
server, pages: update to handle multi sites themes, first draft:
Goffi <goffi@goffi.org>
parents:
1124
diff
changeset
|
51 |
317
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
52 ERRNUM_BRIDGE_ERRBACK = 0 # FIXME |
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
53 ERRNUM_LIBERVIA = 0 # FIXME |
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
54 |
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
55 # Security limit for Libervia (get/set params) |
338
80016abf3ad3
server_side: raised default security_limit to 5
Goffi <goffi@goffi.org>
parents:
317
diff
changeset
|
56 SECURITY_LIMIT = 5 |
317
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
57 |
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
58 # Security limit for Libervia server_side |
bbadd490e63c
misc: gather the constants in a single file, as it is done for other frontends
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
59 SERVER_SECURITY_LIMIT = constants.Const.NO_SECURITY_LIMIT |
605
917e271975d9
server + browser side: implementation of new getEntitiesData bridge method + added a security check: only a white list of entities can be gotten
Goffi <goffi@goffi.org>
parents:
555
diff
changeset
|
60 |
917e271975d9
server + browser side: implementation of new getEntitiesData bridge method + added a security check: only a white list of entities can be gotten
Goffi <goffi@goffi.org>
parents:
555
diff
changeset
|
61 # keys for cache values we can get from browser |
1113
cdd389ef97bc
server: code style reformatting using black
Goffi <goffi@goffi.org>
parents:
1111
diff
changeset
|
62 ALLOWED_ENTITY_DATA = {"avatar", "nick"} |
823
027139763511
server (blog): cleaning & improvments:
Goffi <goffi@goffi.org>
parents:
818
diff
changeset
|
63 |
027139763511
server (blog): cleaning & improvments:
Goffi <goffi@goffi.org>
parents:
818
diff
changeset
|
64 STATIC_RSM_MAX_LIMIT = 100 |
027139763511
server (blog): cleaning & improvments:
Goffi <goffi@goffi.org>
parents:
818
diff
changeset
|
65 STATIC_RSM_MAX_DEFAULT = 10 |
027139763511
server (blog): cleaning & improvments:
Goffi <goffi@goffi.org>
parents:
818
diff
changeset
|
66 STATIC_RSM_MAX_COMMENTS_DEFAULT = 10 |
917 | 67 |
68 ## Libervia pages ## | |
1216 | 69 PAGES_META_FILE = "page_meta.py" |
1246 | 70 PAGES_BROWSER_DIR = "_browser" |
1253
6d49fae517ba
pages: browser metadata + root `_browser`:
Goffi <goffi@goffi.org>
parents:
1248
diff
changeset
|
71 PAGES_BROWSER_META_FILE = "browser_meta.json" |
1113
cdd389ef97bc
server: code style reformatting using black
Goffi <goffi@goffi.org>
parents:
1111
diff
changeset
|
72 PAGES_ACCESS_NONE = ( |
1216 | 73 "none" |
1113
cdd389ef97bc
server: code style reformatting using black
Goffi <goffi@goffi.org>
parents:
1111
diff
changeset
|
74 ) # no access to this page (using its path will return a 404 error) |
1216 | 75 PAGES_ACCESS_PUBLIC = "public" |
1113
cdd389ef97bc
server: code style reformatting using black
Goffi <goffi@goffi.org>
parents:
1111
diff
changeset
|
76 PAGES_ACCESS_PROFILE = ( |
1216 | 77 "profile" |
1113
cdd389ef97bc
server: code style reformatting using black
Goffi <goffi@goffi.org>
parents:
1111
diff
changeset
|
78 ) # a session with an existing profile must be started |
1216 | 79 PAGES_ACCESS_ADMIN = "admin" # only profiles set in admins_list can access the page |
1113
cdd389ef97bc
server: code style reformatting using black
Goffi <goffi@goffi.org>
parents:
1111
diff
changeset
|
80 PAGES_ACCESS_ALL = ( |
cdd389ef97bc
server: code style reformatting using black
Goffi <goffi@goffi.org>
parents:
1111
diff
changeset
|
81 PAGES_ACCESS_NONE, |
cdd389ef97bc
server: code style reformatting using black
Goffi <goffi@goffi.org>
parents:
1111
diff
changeset
|
82 PAGES_ACCESS_PUBLIC, |
cdd389ef97bc
server: code style reformatting using black
Goffi <goffi@goffi.org>
parents:
1111
diff
changeset
|
83 PAGES_ACCESS_PROFILE, |
cdd389ef97bc
server: code style reformatting using black
Goffi <goffi@goffi.org>
parents:
1111
diff
changeset
|
84 PAGES_ACCESS_ADMIN, |
cdd389ef97bc
server: code style reformatting using black
Goffi <goffi@goffi.org>
parents:
1111
diff
changeset
|
85 ) |
990
6daa59d44ee2
pages: menu implementation, first draft:
Goffi <goffi@goffi.org>
parents:
985
diff
changeset
|
86 # names of the page to use for menu |
1113
cdd389ef97bc
server: code style reformatting using black
Goffi <goffi@goffi.org>
parents:
1111
diff
changeset
|
87 DEFAULT_MENU = [ |
cdd389ef97bc
server: code style reformatting using black
Goffi <goffi@goffi.org>
parents:
1111
diff
changeset
|
88 "login", |
cdd389ef97bc
server: code style reformatting using black
Goffi <goffi@goffi.org>
parents:
1111
diff
changeset
|
89 "chat", |
cdd389ef97bc
server: code style reformatting using black
Goffi <goffi@goffi.org>
parents:
1111
diff
changeset
|
90 "blog", |
cdd389ef97bc
server: code style reformatting using black
Goffi <goffi@goffi.org>
parents:
1111
diff
changeset
|
91 "forums", |
cdd389ef97bc
server: code style reformatting using black
Goffi <goffi@goffi.org>
parents:
1111
diff
changeset
|
92 "photos", |
cdd389ef97bc
server: code style reformatting using black
Goffi <goffi@goffi.org>
parents:
1111
diff
changeset
|
93 "files", |
cdd389ef97bc
server: code style reformatting using black
Goffi <goffi@goffi.org>
parents:
1111
diff
changeset
|
94 "events", |
1378
e3e303a30a74
pages (tickets): renamed "tickets" to "lists":
Goffi <goffi@goffi.org>
parents:
1296
diff
changeset
|
95 "lists", |
1113
cdd389ef97bc
server: code style reformatting using black
Goffi <goffi@goffi.org>
parents:
1111
diff
changeset
|
96 "merge-requests", |
1248
9b865f2604a9
server (constants): temporarily removed `app` from menu
Goffi <goffi@goffi.org>
parents:
1246
diff
changeset
|
97 # XXX: app is not available anymore since removal of pyjamas code with Python 3 |
9b865f2604a9
server (constants): temporarily removed `app` from menu
Goffi <goffi@goffi.org>
parents:
1246
diff
changeset
|
98 # port. It should come back at a later point with an alternative (Brython |
9b865f2604a9
server (constants): temporarily removed `app` from menu
Goffi <goffi@goffi.org>
parents:
1246
diff
changeset
|
99 # probably). |
1113
cdd389ef97bc
server: code style reformatting using black
Goffi <goffi@goffi.org>
parents:
1111
diff
changeset
|
100 ] |
922
16d1084d1371
server (pages): added "None" access (page is not rendered at all) and some HTTP code constants + helper methods to get session data
Goffi <goffi@goffi.org>
parents:
917
diff
changeset
|
101 |
957
67bf14c91d5c
server (pages): added a confirm flag on successful post:
Goffi <goffi@goffi.org>
parents:
956
diff
changeset
|
102 ## Session flags ## |
1216 | 103 FLAG_CONFIRM = "CONFIRM" |
962 | 104 |
105 ## Data post ## | |
1216 | 106 POST_NO_CONFIRM = "POST_NO_CONFIRM" |
957
67bf14c91d5c
server (pages): added a confirm flag on successful post:
Goffi <goffi@goffi.org>
parents:
956
diff
changeset
|
107 |
931
8a393ae90f8c
server (pages): post requests are now handled:
Goffi <goffi@goffi.org>
parents:
922
diff
changeset
|
108 ## HTTP methods ## |
1216 | 109 HTTP_METHOD_GET = b"GET" |
110 HTTP_METHOD_POST = b"POST" | |
931
8a393ae90f8c
server (pages): post requests are now handled:
Goffi <goffi@goffi.org>
parents:
922
diff
changeset
|
111 |
922
16d1084d1371
server (pages): added "None" access (page is not rendered at all) and some HTTP code constants + helper methods to get session data
Goffi <goffi@goffi.org>
parents:
917
diff
changeset
|
112 ## HTTP codes ## |
956
dabecab10faa
server (pages): impleted CSRF protection:
Goffi <goffi@goffi.org>
parents:
934
diff
changeset
|
113 HTTP_SEE_OTHER = 303 |
1019
34240d08f682
pages: HTTP cache headers handling:
Goffi <goffi@goffi.org>
parents:
1005
diff
changeset
|
114 HTTP_NOT_MODIFIED = 304 |
922
16d1084d1371
server (pages): added "None" access (page is not rendered at all) and some HTTP code constants + helper methods to get session data
Goffi <goffi@goffi.org>
parents:
917
diff
changeset
|
115 HTTP_BAD_REQUEST = 400 |
16d1084d1371
server (pages): added "None" access (page is not rendered at all) and some HTTP code constants + helper methods to get session data
Goffi <goffi@goffi.org>
parents:
917
diff
changeset
|
116 HTTP_UNAUTHORIZED = 401 |
1173
0f37b65fe7c2
server: replaced wrong usage of C.HTTP_UNAUTHORIZED by C.HTTP_FORBIDDEN
Goffi <goffi@goffi.org>
parents:
1146
diff
changeset
|
117 HTTP_FORBIDDEN = 403 |
922
16d1084d1371
server (pages): added "None" access (page is not rendered at all) and some HTTP code constants + helper methods to get session data
Goffi <goffi@goffi.org>
parents:
917
diff
changeset
|
118 HTTP_NOT_FOUND = 404 |
934
a21fee7e30ee
server (constants): added HTTP_INTERNAL_ERROR and HTTP_SERVICE_UNAVAILABLE
Goffi <goffi@goffi.org>
parents:
931
diff
changeset
|
119 HTTP_INTERNAL_ERROR = 500 |
1296
b1215347b5c3
pages (bridge): better handling of errors:
Goffi <goffi@goffi.org>
parents:
1275
diff
changeset
|
120 HTTP_PROXY_ERROR = 502 |
934
a21fee7e30ee
server (constants): added HTTP_INTERNAL_ERROR and HTTP_SERVICE_UNAVAILABLE
Goffi <goffi@goffi.org>
parents:
931
diff
changeset
|
121 HTTP_SERVICE_UNAVAILABLE = 503 |
985
64826e69f365
pages: cache mechanism, first draft:
Goffi <goffi@goffi.org>
parents:
964
diff
changeset
|
122 |
1435
396d5606477f
server (proxy): add "Forwarded" and "X-Forwarded-xxx" headers to reverse proxy
Goffi <goffi@goffi.org>
parents:
1402
diff
changeset
|
123 ## HTTP HEADERS ## |
396d5606477f
server (proxy): add "Forwarded" and "X-Forwarded-xxx" headers to reverse proxy
Goffi <goffi@goffi.org>
parents:
1402
diff
changeset
|
124 H_FORWARDED = "Forwarded" |
396d5606477f
server (proxy): add "Forwarded" and "X-Forwarded-xxx" headers to reverse proxy
Goffi <goffi@goffi.org>
parents:
1402
diff
changeset
|
125 H_X_FORWARDED_FOR = "X-Forwarded-For" |
396d5606477f
server (proxy): add "Forwarded" and "X-Forwarded-xxx" headers to reverse proxy
Goffi <goffi@goffi.org>
parents:
1402
diff
changeset
|
126 H_X_FORWARDED_HOST = "X-Forwarded-Host" |
396d5606477f
server (proxy): add "Forwarded" and "X-Forwarded-xxx" headers to reverse proxy
Goffi <goffi@goffi.org>
parents:
1402
diff
changeset
|
127 H_X_FORWARDED_PROTO = "X-Forwarded-Proto" |
396d5606477f
server (proxy): add "Forwarded" and "X-Forwarded-xxx" headers to reverse proxy
Goffi <goffi@goffi.org>
parents:
1402
diff
changeset
|
128 |
396d5606477f
server (proxy): add "Forwarded" and "X-Forwarded-xxx" headers to reverse proxy
Goffi <goffi@goffi.org>
parents:
1402
diff
changeset
|
129 |
985
64826e69f365
pages: cache mechanism, first draft:
Goffi <goffi@goffi.org>
parents:
964
diff
changeset
|
130 ## Cache ## |
64826e69f365
pages: cache mechanism, first draft:
Goffi <goffi@goffi.org>
parents:
964
diff
changeset
|
131 CACHE_PUBSUB = 0 |
1019
34240d08f682
pages: HTTP cache headers handling:
Goffi <goffi@goffi.org>
parents:
1005
diff
changeset
|
132 |
34240d08f682
pages: HTTP cache headers handling:
Goffi <goffi@goffi.org>
parents:
1005
diff
changeset
|
133 ## Date/Time ## |
34240d08f682
pages: HTTP cache headers handling:
Goffi <goffi@goffi.org>
parents:
1005
diff
changeset
|
134 HTTP_DAYS = ("Mon", "Tue", "Wed", "Thu", "Fri", "Sat", "Sun") |
1127
9234f29053b0
server, pages: update to handle multi sites themes, first draft:
Goffi <goffi@goffi.org>
parents:
1124
diff
changeset
|
135 HTTP_MONTH = ("Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", |
9234f29053b0
server, pages: update to handle multi sites themes, first draft:
Goffi <goffi@goffi.org>
parents:
1124
diff
changeset
|
136 "Nov", "Dec") |