python-albatross 1.36-5.5 / usr / share / pyshared / albatross / branchingsession.py

This file is indexed.

/usr/share/pyshared/albatross/branchingsession.py is in python-albatross 1.36-5.5.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
#
# Copyright 2004 by Object Craft P/L, Melbourne, Australia.
#
# LICENCE - see LICENCE file distributed with this software for details.
#

import base64
try:
    import zlib
    have_zlib = 1
except ImportError:
    have_zlib = 0

from albatross.context import SessionBase, NameRecorderMixin
from albatross.app import AppContext
from albatross.common import *

class BranchingSessionMixin(SessionBase):
    def __init__(self):
        SessionBase.__init__(self)
        self.__sesid = None
        self.__txid = None

    def sesid(self):
        if self.__sesid is None:
            self.__sesid = self.app.new_session()
        return self.__sesid

    def txid(self):
        if self.__txid is None:
            self.__txid = self.app.new_session()
        return self.__txid

    def _get_id_field(self, field):
        if not self.request.has_field(field):
            return
        id = self.request.field_value(field)
        if len(id) < 8 or len(id) > 256 or not id.isalnum():
            raise SecurityError('Hostile session id in %s field: %r'%
                                field, id)
        return id

    def load_session(self):
        self.__txid = None
        sesid = self._get_id_field('__albsessid__')
        txid = self._get_id_field('__albtxid__')
        if sesid and txid:
            ses = self.app.get_session(sesid)
            text = self.app.get_session(txid)
            if not ses or not text:
                if self.request.get_method().upper() != 'GET':
                    raise SessionExpired('Session expired')
            self.__sesid = sesid
            text = base64.decodestring(text)
            try:
                if have_zlib:
                    text = zlib.decompress(text)
                self.decode_session(text)
            except:
                self.app.del_session(sesid)
                raise
        else:
            self.__sesid = self.sesid()

    def save_session(self):
        if self.should_save_session():
            text = self.encode_session()
            if have_zlib:
                text = zlib.compress(text)
            text = base64.encodestring(text)
            self.app.put_session(self.txid(), text)
            self.app.put_session(self.sesid(), 'OK\n')

    def remove_session(self):
        SessionBase.remove_session(self)
        if self.__sesid is not None:
            self.app.del_session(self.__sesid)
            self.__sesid = None

    def form_close(self):
        if self.should_save_session():
            self.write_content('<div>\n <input type="hidden" name="__albsessid__" value="%s" />\n <input type="hidden" name="__albtxid__" value="%s" />\n</div>\n' % (self.sesid(), self.txid()))

class BranchingSessionContext(AppContext,
                              NameRecorderMixin,
                              BranchingSessionMixin):
    def __init__(self, app):
        AppContext.__init__(self, app)
        NameRecorderMixin.__init__(self)
        BranchingSessionMixin.__init__(self)

    def form_close(self):
        use_multipart_enc = NameRecorderMixin.form_close(self)
        BranchingSessionMixin.form_close(self)
        return use_multipart_enc

APT Browse - Built by Thomas Orozco.