improve language handling and url-parameter sanitizing
This commit is contained in:
parent
f4bf1c7a34
commit
baafed8f38
6 changed files with 63 additions and 19 deletions
|
@ -24,14 +24,15 @@ class CryptoBoxWebserverRender:
|
|||
website.log.error("Couldn't read cs file: %s" % cs_path)
|
||||
return "Couldn't read cs file: %s" % cs_path
|
||||
|
||||
hdf_path = website.cbxPrefs["Locations"]["LangDir"]+"/"+website.cbxPrefs["WebSettings"]["Language"]+".hdf"
|
||||
#hdf_path = website.cbxPrefs["Locations"]["LangDir"]+"/"+website.cbxPrefs["WebSettings"]["Language"]+".hdf"
|
||||
hdf_path = website.cbxPrefs["Locations"]["LangDir"]+"/"+website.settings["Settings.Language"]+".hdf"
|
||||
if not os.access(hdf_path, os.R_OK):
|
||||
website.log.error("Couldn't read hdf file: %s" % hdf_path)
|
||||
return "Couldn't read hdf file: %s" % hdf_path
|
||||
|
||||
hdf = neo_util.HDF()
|
||||
hdf.readFile(hdf_path)
|
||||
#website.log.info(website.settings)
|
||||
website.log.info(website.settings)
|
||||
for key in website.settings.keys():
|
||||
hdf.setValue(key,str(website.settings[key]))
|
||||
cs = neo_cs.CS(hdf)
|
||||
|
|
|
@ -42,19 +42,40 @@ class CryptoBoxWebserverSites(CryptoBox.CryptoBoxProps, CryptoBoxWebserverSettin
|
|||
# RFC: why shouldn't it be called in __init__? [l]
|
||||
there is no such thing like __init__ in cherrypy sites [a]
|
||||
'''
|
||||
niceparams = { 'weblang': self.settings["Settings.AvailableLanguages"],
|
||||
'loglevel': ('','info', 'warn', 'debug', 'error'),
|
||||
'type': ('reboot', 'poweroff')
|
||||
niceparams = {
|
||||
'weblang': ["Settings.Language", self.settings["Settings.AvailableLanguages"]],
|
||||
'loglevel': ["Log.Level", ('','info', 'warn', 'debug', 'error')],
|
||||
'type': ["Data.Type", ('reboot', 'poweroff')]
|
||||
}
|
||||
## check all given evil parameters against the nice ones
|
||||
## set them to self.settings if accepted, otherwise do nothing
|
||||
for evilkey in evilparams.keys():
|
||||
for nicekey in niceparams.keys():
|
||||
if evilkey == nicekey:
|
||||
#self.log.warn(niceparams[nicekey][0])
|
||||
#self.log.warn(niceparams[nicekey][1])
|
||||
if evilparams[nicekey] and evilparams[nicekey] in niceparams[nicekey][1]:
|
||||
self.settings[niceparams[nicekey][0]] = evilparams[nicekey]
|
||||
#self.log.warn(niceparams[nicekey][0])
|
||||
#self.log.warn(evilparams[nicekey])
|
||||
|
||||
'''
|
||||
## e.g. do this manually
|
||||
if evilkey == "weblang":
|
||||
if evilparams["weblang"] and evilparams["weblang"] in niceparams["weblang"]:
|
||||
self.settings["Settings.Language"] = evilparams["weblang"]
|
||||
if evilkey == "loglevel":
|
||||
if evilparams["loglevel"] and evilparams["loglevel"] in niceparams["loglevel"]:
|
||||
self.settings["Log.Level"] = evilparams["loglevel"]
|
||||
if evilkey == "type":
|
||||
if evilparams["type"] and evilparams["type"] in niceparams["type"]:
|
||||
self.settings["Data.Type"] = evilparams["type"]
|
||||
'''
|
||||
|
||||
return
|
||||
|
||||
def __isHDAvailable(self):
|
||||
return False
|
||||
|
||||
def __check_config(self):
|
||||
#TODO
|
||||
|
@ -112,8 +133,9 @@ class CryptoBoxWebserverSites(CryptoBox.CryptoBoxProps, CryptoBoxWebserverSettin
|
|||
TODO: "action" is unnessessary, remove it here and from all html
|
||||
files in doc/html/[de|en]/*
|
||||
'''
|
||||
# RFC: sanitize?
|
||||
self.__prepare("show_doc")
|
||||
# TODO: single pagenames should be sanitized
|
||||
self.__sanitize_input({"weblang":weblang})
|
||||
if page:
|
||||
self.settings["Data.Doc.Page"] = page
|
||||
else:
|
||||
|
@ -121,24 +143,26 @@ class CryptoBoxWebserverSites(CryptoBox.CryptoBoxProps, CryptoBoxWebserverSettin
|
|||
self.settings["Data.Doc.Page"] ="CryptoBoxUser"
|
||||
if len(self.settings["Settings.AvailableDocLanguages"]) < 1:
|
||||
self.settings["Data.Error"] = "NoDocumentation"
|
||||
## set doclang to weblang, otherwise the default lang from the config will be used
|
||||
elif weblang in ("en","de"):
|
||||
self.settings["Settings.DocLang"] = weblang
|
||||
## set doclang to weblang, otherwise the default weblang from the config will be used for doclang
|
||||
elif self.settings["Settings.Language"] in ("en","de"):
|
||||
self.settings["Settings.DocLang"] = self.settings["Settings.Language"]
|
||||
|
||||
return website.render(self)
|
||||
|
||||
|
||||
def system(self,typeOfShutdown=""):
|
||||
def system(self, type="", weblang=""):
|
||||
self.__prepare("form_system")
|
||||
if typeOfShutdown == "reboot":
|
||||
self.__sanitize_input({"type":type,"weblang":weblang})
|
||||
if type == "reboot":
|
||||
self.settings["Data.Success"] = "ReBoot"
|
||||
self.settings["Data.Redirect.Action"] = "show_status"
|
||||
self.settings["Data.Redirect.Delay"] = "180"
|
||||
self.log.info("TODO: call function for system reboot")
|
||||
elif typeOfShutdown == "poweroff":
|
||||
elif type == "poweroff":
|
||||
self.settings["Data.Success"] = "PowerOff"
|
||||
self.log.info("TODO: call function for system shutdown")
|
||||
else:
|
||||
self.log.warn("someone tried to shutdown the system in a broken way (%s)" % typeOfShutdown)
|
||||
self.log.warn("This shutdown-mode (%s) is not supplied." % type)
|
||||
return website.render(self)
|
||||
|
||||
|
||||
|
@ -146,7 +170,12 @@ class CryptoBoxWebserverSites(CryptoBox.CryptoBoxProps, CryptoBoxWebserverSettin
|
|||
self.__prepare("show_status")
|
||||
return website.render(self)
|
||||
|
||||
|
||||
def umount_do(self):
|
||||
if not __isHDAvailable():
|
||||
pass
|
||||
else:
|
||||
pass
|
||||
|
||||
'''
|
||||
## DONE: these functions are pythonized
|
||||
#################### show_log #######################
|
||||
|
@ -155,11 +184,6 @@ class CryptoBoxWebserverSites(CryptoBox.CryptoBoxProps, CryptoBoxWebserverSettin
|
|||
##################### reboot ########################
|
||||
|
||||
## but there are even more TODO
|
||||
##################### check for a harddisk ##########################
|
||||
# catch this error, to prevent all following actions from execution #
|
||||
#####################################################################
|
||||
elif not True: #TODO: replace True with check for hard disk is_harddisk_available()
|
||||
settings["Data.Error"] = "NoHardDisk"
|
||||
#-------------------------------------------------------#
|
||||
# here you may define all cases that require a harddisk #
|
||||
#-------------------------------------------------------#
|
||||
|
|
|
@ -9,6 +9,8 @@ help!
|
|||
- SuccessMessage.InitRunning contains only the first sentence
|
||||
- SuccessMessage.ReBoot: add a hint for automatic redirection (3rd sentence)
|
||||
- EmptyCryptoPassword: change 'Text' accordingly to English string.
|
||||
- Button.System: is in eglish
|
||||
- ErrorMessage.NoDocumentation: is in english
|
||||
|
||||
Below are some smaller changes in English sentences. Someone may change it accordingly.
|
||||
- MountFailed: add 'Pleasy try again' to the end of the string.
|
||||
|
|
|
@ -211,6 +211,12 @@ Lang {
|
|||
Title = Keine Festplatte
|
||||
Text = Es wurde kein Datenträger gefunden, der zur Speicherung der verschlüsselten Daten geeignet ist. Prüfe bitte, ob beim Anschalten des Computers eine Festplatte vom BIOS erkannt wurde.
|
||||
}
|
||||
|
||||
NoDocumentation {
|
||||
Title = Keine Hilfeseiten
|
||||
Text = Es sind keine Hilfeseiten verfügbar!
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -250,6 +250,11 @@ Lang {
|
|||
Title = No hard disk
|
||||
Text = No disk suitable for an encrypted filesystem found. Please ensure the BIOS detected the disk during power-on of the computer.
|
||||
}
|
||||
|
||||
NoDocumentation {
|
||||
Title = No Documentation
|
||||
Text = There is no Documentation available!
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -55,6 +55,7 @@ Lang {
|
|||
Protocol = Dnevnik
|
||||
Documentation = Priročnik
|
||||
Status = Stanje
|
||||
System = System
|
||||
}
|
||||
|
||||
|
||||
|
@ -210,6 +211,11 @@ Lang {
|
|||
Title = Ni trdega diska
|
||||
Text = Primeren trdi disk za shranjenje kriptiranega datotečnega sistema ni zaznan. Poskrbite da bo med zagonom BIOS zaznal trdi disk.
|
||||
}
|
||||
|
||||
NoDocumentation {
|
||||
Title = No Documentation
|
||||
Text = There is no Documentation available!
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue