o k`-b@sddlZddlmZmZmZmZddlmZmZm Z m Z m Z ddl m Z mZmZmZmZddlmZmZmZmZmZmZddlmZddlmZddlmZmZd Z d Z!d Z"Gd d d e#Z$Gddde$Z%Gddde%Z&GdddeZ'dddZ(dS)N)AdminCommandErrorIAdminCommandProviderconsole_date_formatget_console_locale) ComponentExtensionPoint TracErrorTracValueError implements)as_boolas_floatas_int hex_entropylazy)get_datetime_format_hint format_date parse_datetime_now to_datetime to_timestamp) print_table)_)IRequestHandleris_valid_default_handlerQiv trac_sessioncsTeZdZfddZfddZdddZddd Zdd d Zdfd d ZZ S) SessionDictcs(tj|i|d|_d|_d|_dS)NFr)super__init__ authenticated last_visitsid)selfargskwargs __class__2/usr/lib/python3/dist-packages/trac/web/session.pyr/s zSessionDict.__init__cst|t|dSN)r __setitem__str)r"keyvaluer%r'r(r*5szSessionDict.__setitem__NcCs||vr|St|||S)aReturn the value as a boolean. Return `default` if if an exception is raised while converting the value to a boolean. :param key: the name of the session attribute :keyword default: the value to return if the parameter is not specified or an exception occurs converting the value to a boolean. :since: 1.2 )r )r"r,defaultr'r'r(r 8s zSessionDict.as_boolcC||vr|St|||||S)aReturn the value as an integer. Return `default` if if an exception is raised while converting the value to an integer. :param key: the name of the session attribute :keyword default: the value to return if the parameter does not exist or an exception occurs converting the value to an integer. :keyword min: lower bound to which the value is limited :keyword max: upper bound to which the value is limited :since: 1.2 )r r"r,r.minmaxr'r'r(r HzSessionDict.as_intcCr/)aReturn the value as a float. Return `default` if if an exception is raised while converting the value to a float. :param key: the name of the session attribute :keyword default: the value to return if the parameter does not exist or an exception occurs converting the value to a float. :keyword min: lower bound to which the value is limited :keyword max: upper bound to which the value is limited :since: 1.3.6 )r r0r'r'r(r Zr3zSessionDict.as_floatcsBt|}|durt|}||kr||ddSt||dS)z`Set a variable in the session, or remove it if it's equal to the default value. N)r+poprr*)r"r,r-r.r%r'r(setls zSessionDict.setr))NNN) __name__ __module__ __qualname__rr*r r r r5 __classcell__r'r'r%r(r-s     rcs.eZdZfddZdddZddZZS) DetachedSessioncs6t||_d|_i|_|r|j|dddSdS)NTr)rrenv_new_old get_session)r"r<r!r%r'r(r{s zDetachedSession.__init__Fc Cs|jjd||jjM}||_||_||d|t|fD]\}d|_t|p*d|_ | |d|t|f| |_ nd|_ d|_i|_ WddSWddS1s\wYdS)NzRetrieving session for ID %rz~ SELECT last_visit FROM session WHERE sid=%s AND authenticated=%s Frz SELECT name, value FROM session_attribute WHERE sid=%s and authenticated=%s T) r<logdebugdb_queryr!rclearintr=r updatecopyr>)r"r!rdbr r'r'r(r?s*     "zDetachedSession.get_sessionc stjtt}t}sjs|sdSd}jj}j}|rX|_ d_z |dj j fWn jj j yWjj dj |YWddSwrw|srjddksrjddkrwjjkr|ss|dj f|dj ft_z|dfd d |DWn jj j yjj d j |YWddSwd }Wdn1swY|rO|j tkrQ|_ jj}|d kr||dnd}jj+}jj dj |dj j f|rjj d|d|fWdn 1s)wY|rSjj}|d|fWddS1sHwYdSdSdSdS)NFz{INSERT INTO session (sid, last_visit, authenticated) VALUES (%s,%s,%s) zSession %s already existsnameemail4DELETE FROM session WHERE sid=%s AND authenticated=0zlDELETE FROM session_attribute WHERE sid=%s AND authenticated=%s z INSERT INTO session_attribute (sid,authenticated,name,value) VALUES (%s,%s,%s,%s) csg|] \}}j||fqSr'r!).0kvrr"r'r( sz(DetachedSession.save..z)Attributes for session %s already updatedTrrzRefreshing session %szoUPDATE session SET last_visit=%s WHERE sid=%s AND authenticated=%s zPurging old, expired, sessions.aDELETE FROM session_attribute WHERE authenticated=0 AND sid IN ( SELECT sid FROM session WHERE authenticated=0 AND last_visit < %s ) z DELETE FROM session WHERE authenticated=0 AND last_visit < %s )rDrrlistitemsr>r<db_transactionr=r r!db_excIntegrityErrorr@warningrollbackgetinvalidate_known_users_cachedict executemanyUPDATE_INTERVALanonymous_session_lifetimeinforA)r"nowrR session_savedrGnewlifetimemintimer'rOr(saves         .8   $zDetachedSession.saveF)r6r7r8rr?rdr9r'r'r%r(r:ys  r:csTeZdZdZfddZefddZedZ dfdd Z d d Z d d Z Z S)Sessionz/Basic session handling and per-session storage.cst|d||_|js*t|jvrtd|_|dS|jtj }| |dSt|jvr:|jtj }| ||j |j dddS)NTr;) rrreqis_authenticated COOKIE_KEYincookierr! bake_cookier-r?promote_sessionauthname)r"r<rhr!r%r'r(rs       zSession.__init__cCsp|jsJd|j|jjt<|jjpd|jjtd<||jjtd<|jjr.d|jjtd<d|jjtd<dS)NzSession ID not set/pathexpiresTsecurehttponly)r!rh outcookierj base_pathr<secure_cookies)r"rqr'r'r(rlszSession.bake_cookiez[_A-Za-z0-9]+\ZFcsxd}|s|j|sttd|jr||jkrd}t|||jr.t|jt kr.d}|s8|r:| dSdSdS)NF Session ID must be alphanumeric.T) _valid_sid_rematchr rr!rr?r rr\rl)r"r!rrefresh_cookier%r'r(r?"s  zSession.get_sessioncCs|jjrJd|sJd||jkrdS|j|s$ttdtd|jj3}|d|fr:t td|dtd|jj d|j||d ||jf|d ||jfWdn1s^wY||_| dS) Nz)Cannot change ID of authenticated sessionzSession ID cannot be emptyrwzError renaming sessionz$SELECT sid FROM session WHERE sid=%szFSession '%(id)s' already exists. Please choose a different session ID.)idzChanging session ID %s to %sz:UPDATE session SET sid=%s WHERE sid=%s AND authenticated=0ziUPDATE session_attribute SET sid=%s WHERE sid=%s and authenticated=0 ) rhrir!rxryr rr<rSrr@rArl)r"new_sidrGr'r'r( change_sid2s:       zSession.change_sidc Cs6|jjsJd|jjz}dd|d||jjfD}t|dkr.|d|f|d|fnQt|dkrV|d sU|jjd ||jj|d |jj|f|d |jj|fn)z|d |jjtt fWn|jj j y~|jj d|jj| YnwWdn1swYd|_||_|d dS)zPromotes an anonymous session to an authenticated session, if there is no preexisting session data for that user name. z(Cannot promote session of anonymous usercSsg|]\}|qSr'r')rLrr'r'r(rPSsz+Session.promote_session..z8SELECT authenticated FROM session WHERE sid=%s OR sid=%srJzkDELETE FROM session_attribute WHERE sid=%s AND authenticated=0 rzCPromoting anonymous session %s to authenticated session for user %szUPDATE session SET sid=%s, authenticated=1 WHERE sid=%s AND authenticated=0 zvUPDATE session_attribute SET sid=%s, authenticated=1 WHERE sid=%s z|INSERT INTO session (sid, last_visit, authenticated) VALUES (%s, %s, 1) z+Authenticated session for %s already existsNF)rhrir<rSrnlenr@rArDrrTrUrVrWr=r!rl)r"r!rGauthenticated_flagsr'r'r(rmKsT          &zSession.promote_sessionre)r6r7r8__doc__r PURGE_AGErlrecompilerxr?r}rmr9r'r'r%r(rfs   rfc@seZdZdZeeeeZddZ e ddZ ddZ dd Z d d Zd d ZddZddZddZdddZddZddZddZdS) SessionAdminz2trac-admin command provider for session managementccstt|jtdd}ddd|j|jfVdddd|jfVd d d |j|jfVd d d|j|j fVddd|d|j fVdS)Niso8601)datetimerz session listz[sid[:0|1]] [...]aList the name and email for the given sids Specifying the sid 'anonymous' lists all unauthenticated sessions, and 'authenticated' all authenticated sessions. '*' lists all sessions, and is the default if no sids are given. An sid suffix ':0' operates on an unauthenticated session with the given sid, and a suffix ':1' on an authenticated session (the default).z session addz [name] [email]a3Create a session for the given sid Populates the name and email attributes for the given session. Adding a suffix ':0' to the sid makes the session unauthenticated, and a suffix ':1' makes it authenticated (the default if no suffix is specified).z session setz0 zSet the name or email attribute of the given sid An sid suffix ':0' operates on an unauthenticated session with the given sid, and a suffix ':1' on an authenticated session (the default).zsession deletez [...]a2Delete the session of the specified sid An sid suffix ':0' operates on an unauthenticated session with the given sid, and a suffix ':1' on an authenticated session (the default). Specifying the sid 'anonymous' will delete all anonymous sessions.z session purgezzPurge anonymous sessions older than given age or date Age may be specified as a relative time like "90 days ago", or as a date in the "%(datetime)s" or "%(iso8601)s" (ISO 8601) format.) rrr<_complete_list_do_list_do_add _complete_set_do_set_complete_delete _do_delete _do_purge)r"hintsr'r'r(get_admin_commandss4       zSessionAdmin.get_admin_commandscCstdd|jDS)Ncss |] }t|r|jjVqdSr))rr&r6)rLhandlerr'r'r( s z7SessionAdmin._valid_default_handlers..)sortedrequest_handlersr"r'r'r(_valid_default_handlerssz$SessionAdmin._valid_default_handlerscCs<|dr |dddfS|dr|dddfS|dfS)Nz:0rz:1r)endswith)r"r!r'r'r( _split_sids  zSessionAdmin._split_sidcCs|jd}dd|DS)Nz&SELECT sid, authenticated FROM sessioncSsg|] \}}d||fqS)z%s:%dr')rLr!authr'r'r(rPsz*SessionAdmin._get_sids..)r<rB)r"rowsr'r'r( _get_sidss zSessionAdmin._get_sidsc #sd|vpd|v}d|vpd|v}fdd|D}jd}|D]$\}}}}} } |r.|r8|r2|s8||f|vrF||tt|t|| | fVq"dS)N anonymous*rcsh|] }|dvr|qS))rrr)r)rLr!rr'r( s z)SessionAdmin._get_list..a SELECT DISTINCT s.sid, s.authenticated, s.last_visit, n.value, e.value, h.value FROM session AS s LEFT JOIN session_attribute AS n ON (n.sid=s.sid AND n.authenticated=s.authenticated AND n.name='name') LEFT JOIN session_attribute AS e ON (e.sid=s.sid AND e.authenticated=s.authenticated AND e.name='email') LEFT JOIN session_attribute AS h ON (h.sid=s.sid AND h.authenticated=s.authenticated AND h.name='default_handler') ORDER BY s.sid, s.authenticated )r<rBrrr) r"sidsall_anonall_authrr!rr rHrIrr'rr( _get_lists$   zSessionAdmin._get_listcCs |gd}t|t|S)N)rrrrr5r"r#all_sidsr'r'r(rszSessionAdmin._complete_listcCs,t|dkr ddgSt|dkr|SdS)NrrHrIr~)rr)r"r#r'r'r(rs  zSessionAdmin._complete_setcCs|dg}t|t|S)Nrrrr'r'r(rszSessionAdmin._complete_deletecGsF|sdg}tdtdtdtdtdtdf}t|||dS)NrSIDAuthz Last VisitNameEmailzDefault Handler)rrr)r"rheadersr'r'r(rs  zSessionAdmin._do_listNc Cs||\}}|jj9}z |d||ttfWnty(ttd|dw|r3|d|||f|r=|d|||fWdn1sGwY|jdS)Nz'INSERT INTO session VALUES (%s, %s, %s)z Session '%(sid)s' already existsrKz6INSERT INTO session_attribute VALUES (%s,%s,'name',%s)z7INSERT INTO session_attribute VALUES (%s,%s,'email',%s)) rr<rSrDr ExceptionrrrY)r"r!rHrIrrGr'r'r(rs,   zSessionAdmin._do_addcCs|dvr ttd|d|dkr|r||jvrttd|d||\}}|jj*}|d||fs:ttd|d |d |||f|rM|d ||||fWdn1sWwY|jdS) N)rHrIdefault_handlerzInvalid attribute '%(attr)s')attrrz!Invalid default_handler '%(val)s')valzRSELECT sid FROM session WHERE sid=%s AND authenticated=%szSession '%(sid)s' not foundrKz} DELETE FROM session_attribute WHERE sid=%s AND authenticated=%s AND name=%s z5INSERT INTO session_attribute VALUES (%s, %s, %s, %s))rrrrr<rSrY)r"rr!rrrGr'r'r(rs6   zSessionAdmin._do_setcGs|jj/}|D]$}||\}}|dkr|d|dq|d||f|d||fqWdn1s6wY|jdS)Nrz)DELETE FROM session WHERE authenticated=0z3DELETE FROM session_attribute WHERE authenticated=0z DELETE FROM session WHERE sid=%s AND authenticated=%s z DELETE FROM session_attribute WHERE sid=%s AND authenticated=%s )r<rSrrY)r"rrGr!rr'r'r(r's  zSessionAdmin._do_deletecCs^t|dt|jd}|jj}t|}|d|f|dWddS1s(wYdS)Nr)hintlocalezm DELETE FROM session WHERE authenticated=0 AND last_visit<%s a+ DELETE FROM session_attribute WHERE authenticated=0 AND NOT EXISTS (SELECT * FROM session AS s WHERE s.sid=session_attribute.sid AND s.authenticated=0) )rrr<rSr)r"agewhenrGtsr'r'r(r9s  "zSessionAdmin._do_purge)NN)r6r7r8rr rrrrrrrrrrrrrrrrrrr'r'r'r(r~s$5   rcCs.|d||rdnd|fD]}|dS|S)Nzw SELECT value FROM session_attribute WHERE sid=%s AND authenticated=%s AND name=%s rr)rB)r<r!rrHr.rowr'r'r(get_session_attributeKs  rr)))rtrac.admin.apirrrr trac.corerrrr r trac.utilr r r rrtrac.util.datefmtrrrrrrtrac.util.textrtrac.util.translationr trac.web.apirrr\rrjrZrr:rfrrr'r'r'r(s$    L zN