paul@0 | 1 | # -*- coding: iso-8859-1 -*- |
paul@0 | 2 | """ |
paul@0 | 3 | MoinMoin - PostMessage Action |
paul@0 | 4 | |
paul@0 | 5 | @copyright: 2012 by Paul Boddie <paul@boddie.org.uk> |
paul@0 | 6 | @license: GNU GPL (v2 or later), see COPYING.txt for details. |
paul@0 | 7 | """ |
paul@0 | 8 | |
paul@0 | 9 | from MoinMoin.PageEditor import PageEditor |
paul@2 | 10 | from MoinMoin.log import getLogger |
paul@0 | 11 | from MoinSupport import * |
paul@0 | 12 | from email.parser import Parser |
paul@2 | 13 | from subprocess import Popen, PIPE |
paul@3 | 14 | from tempfile import mkstemp |
paul@3 | 15 | import os |
paul@0 | 16 | |
paul@0 | 17 | try: |
paul@0 | 18 | from cStringIO import StringIO |
paul@0 | 19 | except ImportError: |
paul@0 | 20 | from StringIO import StringIO |
paul@0 | 21 | |
paul@0 | 22 | Dependencies = ['pages'] |
paul@0 | 23 | |
paul@0 | 24 | class PostMessage: |
paul@0 | 25 | |
paul@0 | 26 | "A posted message handler." |
paul@0 | 27 | |
paul@0 | 28 | def __init__(self, pagename, request): |
paul@0 | 29 | |
paul@0 | 30 | """ |
paul@0 | 31 | On the page with the given 'pagename', use the given 'request' when |
paul@0 | 32 | reading posted messages, modifying the Wiki. |
paul@0 | 33 | """ |
paul@0 | 34 | |
paul@0 | 35 | self.pagename = pagename |
paul@0 | 36 | self.request = request |
paul@0 | 37 | self.page = Page(request, pagename) |
paul@0 | 38 | |
paul@0 | 39 | def do_action(self): |
paul@0 | 40 | request = self.request |
paul@0 | 41 | content_length = getHeader(request, "Content-Length", "HTTP") |
paul@0 | 42 | if content_length: |
paul@0 | 43 | content_length = int(content_length) |
paul@0 | 44 | |
paul@0 | 45 | # Get the message. |
paul@0 | 46 | |
paul@2 | 47 | self.handle_message(StringIO(request.read(content_length))) |
paul@1 | 48 | |
paul@1 | 49 | def handle_message(self, message_text): |
paul@1 | 50 | |
paul@1 | 51 | "Handle the given 'message_text'." |
paul@1 | 52 | |
paul@1 | 53 | request = self.request |
paul@1 | 54 | message = Parser().parse(message_text) |
paul@1 | 55 | mimetype = message.get_content_type() |
paul@1 | 56 | encoding = message.get_content_charset() |
paul@1 | 57 | |
paul@1 | 58 | # Detect PGP/GPG-encoded payloads. |
paul@1 | 59 | # See: http://tools.ietf.org/html/rfc3156 |
paul@1 | 60 | |
paul@3 | 61 | # NOTE: RFC 3156 states that signed messages should employ a detached |
paul@3 | 62 | # NOTE: signature but then shows "BEGIN PGP MESSAGE" for signatures |
paul@3 | 63 | # NOTE: instead of "BEGIN PGP SIGNATURE". |
paul@3 | 64 | |
paul@3 | 65 | if mimetype == "multipart/signed" and \ |
paul@3 | 66 | message.get_param("protocol") == "application/pgp-signature": |
paul@1 | 67 | |
paul@1 | 68 | try: |
paul@3 | 69 | content, signature = message.get_payload() |
paul@1 | 70 | except ValueError: |
paul@1 | 71 | writeHeaders(request, "text/plain", getMetadata(self.page), "415 Unsupported Media Type") |
paul@3 | 72 | request.write("There must be a content part and a signature for signed uploads.") |
paul@1 | 73 | return |
paul@1 | 74 | |
paul@1 | 75 | # Verify the message format. |
paul@1 | 76 | |
paul@3 | 77 | if signature.get_content_type() != "application/pgp-signature": |
paul@1 | 78 | writeHeaders(request, "text/plain", getMetadata(self.page), "415 Unsupported Media Type") |
paul@3 | 79 | request.write("Signature data must be provided in the second part as application/pgp-signature.") |
paul@1 | 80 | return |
paul@1 | 81 | |
paul@1 | 82 | # Locate the keyring. |
paul@1 | 83 | |
paul@1 | 84 | homedir = getattr(request.cfg, "postmessage_gpg_homedir") |
paul@1 | 85 | if not homedir: |
paul@1 | 86 | writeHeaders(request, "text/plain", getMetadata(self.page), "415 Unsupported Media Type") |
paul@3 | 87 | request.write("Encoded data cannot currently be understood. Please notify the site administrator.") |
paul@1 | 88 | return |
paul@1 | 89 | |
paul@3 | 90 | # Write the detached signature and content to files. |
paul@2 | 91 | |
paul@3 | 92 | signature_fd, signature_filename = mkstemp() |
paul@3 | 93 | content_fd, content_filename = mkstemp() |
paul@3 | 94 | try: |
paul@3 | 95 | signature_fp = os.fdopen(signature_fd, "w") |
paul@3 | 96 | content_fp = os.fdopen(content_fd, "w") |
paul@3 | 97 | try: |
paul@3 | 98 | signature_fp.write(signature.get_payload()) |
paul@3 | 99 | content_fp.write(content.as_string()) |
paul@3 | 100 | finally: |
paul@3 | 101 | signature_fp.close() |
paul@3 | 102 | content_fp.close() |
paul@2 | 103 | |
paul@3 | 104 | # Verify the message text. |
paul@1 | 105 | |
paul@3 | 106 | cmd = Popen(["gpg", "--homedir", homedir, "--verify", signature_filename, content_filename], |
paul@3 | 107 | stdout=PIPE, stderr=PIPE) |
paul@1 | 108 | |
paul@3 | 109 | errors = cmd.stderr.read() |
paul@3 | 110 | if errors: |
paul@3 | 111 | getLogger(__name__).warning(errors) |
paul@2 | 112 | |
paul@3 | 113 | # Handle the embedded message. |
paul@3 | 114 | |
paul@3 | 115 | try: |
paul@3 | 116 | # With a zero return code, accept the message. |
paul@2 | 117 | |
paul@3 | 118 | if not cmd.wait(): |
paul@3 | 119 | self.handle_parsed_message(content) |
paul@3 | 120 | |
paul@3 | 121 | # Otherwise, reject the unverified message. |
paul@2 | 122 | |
paul@3 | 123 | else: |
paul@3 | 124 | writeHeaders(request, "text/plain", getMetadata(self.page), "403 Forbidden") |
paul@3 | 125 | request.write("The message could not be verified.") |
paul@2 | 126 | |
paul@3 | 127 | finally: |
paul@3 | 128 | cmd.stdout.close() |
paul@3 | 129 | cmd.stderr.close() |
paul@2 | 130 | |
paul@1 | 131 | finally: |
paul@3 | 132 | os.remove(signature_filename) |
paul@3 | 133 | os.remove(content_filename) |
paul@1 | 134 | |
paul@1 | 135 | # Reject unsigned payloads. |
paul@1 | 136 | |
paul@1 | 137 | else: |
paul@1 | 138 | writeHeaders(request, "text/plain", getMetadata(self.page), "415 Unsupported Media Type") |
paul@1 | 139 | request.write("Only PGP/GPG-signed payloads are supported.") |
paul@1 | 140 | |
paul@1 | 141 | def handle_plaintext_message(self, message_text): |
paul@1 | 142 | |
paul@1 | 143 | "Handle the given 'message_text'." |
paul@1 | 144 | |
paul@3 | 145 | message = Parser().parse(message_text) |
paul@3 | 146 | self.handle_parsed_message(message) |
paul@3 | 147 | |
paul@3 | 148 | def handle_parsed_message(self, message): |
paul@3 | 149 | |
paul@3 | 150 | "Handle the given 'message_text'." |
paul@3 | 151 | |
paul@1 | 152 | request = self.request |
paul@0 | 153 | |
paul@0 | 154 | # Handle a single part. |
paul@0 | 155 | |
paul@0 | 156 | if not message.is_multipart(): |
paul@0 | 157 | self.handle_message_parts([message], to_replace(message)) |
paul@0 | 158 | |
paul@0 | 159 | # Handle multiple parts. |
paul@0 | 160 | |
paul@0 | 161 | # This can be a collection of updates, with each update potentially being a |
paul@0 | 162 | # collection of alternative representations. |
paul@0 | 163 | |
paul@0 | 164 | elif is_collection(message): |
paul@0 | 165 | for part in message.get_payload(): |
paul@0 | 166 | if part.is_multipart(): |
paul@0 | 167 | self.handle_message_parts(part.get_payload(), to_replace(part)) |
paul@0 | 168 | else: |
paul@0 | 169 | self.handle_message_parts([part], to_replace(part)) |
paul@0 | 170 | |
paul@0 | 171 | # Or it can be a collection of alternative representations for a single |
paul@0 | 172 | # update. |
paul@0 | 173 | |
paul@0 | 174 | else: |
paul@0 | 175 | self.handle_message_parts(message.get_payload(), to_replace(message)) |
paul@0 | 176 | |
paul@0 | 177 | # Default output. |
paul@0 | 178 | |
paul@0 | 179 | writeHeaders(request, "text/plain", getMetadata(self.page), "204 No Content") |
paul@0 | 180 | |
paul@0 | 181 | def handle_message_parts(self, parts, replace): |
paul@0 | 182 | |
paul@0 | 183 | """ |
paul@0 | 184 | Handle the given message 'parts', replacing the page content if |
paul@0 | 185 | 'replace' is set to a true value. |
paul@0 | 186 | """ |
paul@0 | 187 | |
paul@0 | 188 | # NOTE: Should either choose preferred content types or somehow retain them |
paul@0 | 189 | # NOTE: all but present one at a time. |
paul@0 | 190 | |
paul@0 | 191 | body = [] |
paul@0 | 192 | |
paul@0 | 193 | for part in parts: |
paul@1 | 194 | mimetype = part.get_content_type() |
paul@1 | 195 | encoding = part.get_content_charset() |
paul@0 | 196 | if mimetype == "text/moin": |
paul@0 | 197 | body.append(part.get_payload()) |
paul@0 | 198 | if replace: |
paul@0 | 199 | break |
paul@0 | 200 | |
paul@0 | 201 | if not replace: |
paul@0 | 202 | body.append(self.page.get_raw_body()) |
paul@0 | 203 | |
paul@0 | 204 | page_editor = PageEditor(self.request, self.pagename) |
paul@0 | 205 | page_editor.saveText("\n\n".join(body), 0) |
paul@0 | 206 | |
paul@0 | 207 | def is_collection(message): |
paul@2 | 208 | return message.get("Update-Type") == "collection" |
paul@0 | 209 | |
paul@0 | 210 | def to_replace(message): |
paul@0 | 211 | return message.get("Update-Action") == "replace" |
paul@0 | 212 | |
paul@0 | 213 | # Action function. |
paul@0 | 214 | |
paul@0 | 215 | def execute(pagename, request): |
paul@0 | 216 | PostMessage(pagename, request).do_action() |
paul@0 | 217 | |
paul@0 | 218 | # vim: tabstop=4 expandtab shiftwidth=4 |