server.py 25.5 KB
Newer Older
1
from flask import Flask, g, request, url_for, redirect, session, render_template, flash, Response, make_response
2
from werkzeug.routing import Rule
3
from functools import wraps
Julian Rother's avatar
Julian Rother committed
4
from datetime import date, timedelta, datetime, time, MINYEAR
5
import threading
6
import os
7
import sys
Julian Rother's avatar
Julian Rother committed
8
import hashlib
9
import random
10
import sched
11
import traceback
12
import string
13
from socket import gethostname
Julian Rother's avatar
Julian Rother committed
14
from ipaddress import ip_address, ip_network
15
import math
Julian Rother's avatar
Julian Rother committed
16
17
18
import locale

locale.setlocale(locale.LC_ALL, 'de_DE.utf8')
19

20
app = Flask(__name__)
21

Andreas Valder's avatar
Andreas Valder committed
22
23
app.jinja_env.trim_blocks = True
app.jinja_env.lstrip_blocks = True
Julian Rother's avatar
Julian Rother committed
24
app.add_template_global(random.randint, name='randint')
25
26
app.add_template_global(datetime, name='datetime')
app.add_template_global(timedelta, name='timedelta')
27
app.add_template_global(gethostname, name='gethostname')
28
29
app.add_template_global(min, name='min')
app.add_template_global(max, name='max')
Andreas Valder's avatar
Andreas Valder committed
30

31
32
scheduler = sched.scheduler()
def run_scheduler():
Andreas Valder's avatar
Andreas Valder committed
33
	import time
34
	time.sleep(1) # UWSGI does weird things on startup
35
36
	while True:
		scheduler.run()
37
		time.sleep(10)
38

39
40
41
def sched_func(delay, priority=0, firstdelay=None, args=[], kargs={}):
	if firstdelay == None:
		firstdelay = random.randint(1, 120)
42
43
44
	def wrapper(func):
		def sched_wrapper():
			with app.test_request_context():
45
46
47
48
				try:
					func(*args, **kargs)
				except Exception:
					traceback.print_exc()
49
			scheduler.enter(delay, priority, sched_wrapper)
50
		scheduler.enter(firstdelay, priority, sched_wrapper)
51
52
53
54
		return func
	return wrapper

threading.Thread(target=run_scheduler, daemon=True).start()
55

56
config = app.config
57
config.from_pyfile('config.py.example', silent=True)
58
59
60
if sys.argv[0].endswith('run.py'): 
	config['SQLITE_INIT_DATA'] = True
	config['DEBUG'] = True
61
config.from_pyfile('config.py', silent=True)
Andreas Valder's avatar
Andreas Valder committed
62
63
if config['DEBUG']:
	app.jinja_env.auto_reload = True
Andreas Valder's avatar
Andreas Valder committed
64
65
66

# get git commit
import subprocess
Andreas Valder's avatar
Andreas Valder committed
67
output = subprocess.check_output(['git', "log", "-g", "-1", "--pretty=%H # %h # %d # %s"]).decode('UTF-8').split('#', 3)
Andreas Valder's avatar
Andreas Valder committed
68
app.jinja_env.globals['gitversion'] = { 'hash': output[1], 'longhash': output[0], 'branch': output[2], 'msg': output[3]  }
69

70
71
if not config.get('SECRET_KEY', None):
	config['SECRET_KEY'] = os.urandom(24)
Julian Rother's avatar
Julian Rother committed
72

Julian Rother's avatar
Julian Rother committed
73
from db import query, modify, show, searchquery, ldapauth, ldapget
Julian Rother's avatar
Julian Rother committed
74

75
mod_endpoints = []
Julian Rother's avatar
Julian Rother committed
76

Julian Rother's avatar
Cleanup    
Julian Rother committed
77
@app.template_global()
78
79
80
81
def ismod(*args):
	return ('user' in session)

def mod_required(func):
82
	mod_endpoints.append(func.__name__)
83
84
	@wraps(func)
	def decorator(*args, **kwargs):
85
		if not ismod():
86
87
88
89
90
91
			flash('Diese Funktion ist nur für Moderatoren verfügbar!')
			return redirect(url_for('login', ref=request.url))
		else:
			return func(*args, **kwargs)
	return decorator

92
93
csrf_endpoints = []

94
def csrf_protect(func):
95
	csrf_endpoints.append(func.__name__)
96
97
98
99
	@wraps(func)
	def decorator(*args, **kwargs):
		if '_csrf_token' in request.values:
			token = request.values['_csrf_token']
Andreas Valder's avatar
Andreas Valder committed
100
		elif request.get_json() and ('_csrf_token' in request.get_json()):
101
102
			token = request.get_json()['_csrf_token']
		else:
103
			token = None
104
105
106
107
108
109
		if not ('_csrf_token' in session) or (session['_csrf_token'] != token ) or not token: 
			return 'csrf test failed', 403
		else:
			return func(*args, **kwargs)
	return decorator

110
111
@app.url_defaults
def csrf_inject(endpoint, values):
112
	if endpoint not in csrf_endpoints or not session.get('_csrf_token'):
113
114
115
		return
	values['_csrf_token'] = session['_csrf_token']

116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
def evalperm(perms):
	cperms = []
	lperms = []
	vperms = []
	for perm in perms:
		if perm['course_id']:
			cperms.append(perm)
		elif perm['lecture_id']:
			lperms.append(perm)
		elif perm['video_id']:
			vperms.append(perm)
	if vperms:
		return vperms
	elif lperms:
	 	return lperms
	elif cperms:
		return cperms
	return [{'type': 'public'}]
134
135

@app.template_filter()
136
def checkperm(perms, username=None, password=None):
137
138
	if ismod():
		return True
139
140
141
	perms = evalperm(perms)
	for perm in perms:
		if perm['type'] == 'public':
142
			return True
143
144
		elif perm['type'] == 'password':
			if perm['param1'] == username and perm['param2'] == password:
145
				return True
146
147
		elif perm['type'] == 'l2p':
			if perm['param1'] in session.get('l2p_courses', []):
148
				return True
149
		elif perm['type'] == 'rwth':
150
151
			if session.get('rwthintern', False):
				return True
152
153
154
			if 'X-Real-IP' not in request.headers:
				continue
			ip = ip_address(request.headers['X-Real-IP'])
Julian Rother's avatar
Julian Rother committed
155
			for net in config['RWTH_IP_RANGES']:
156
157
				if ip in ip_network(net):
					return True
158
159
160
	return False

@app.template_filter()
161
162
def permdescr(perms):
	perms = evalperm(perms)
163
164
165
166
	public = False
	password = False
	l2p_courses = []
	rwth_intern = False
167
	fsmpi_intern = False
168
169
	for perm in perms:
		if perm['type'] == 'public':
170
			public = True
171
		elif perm['type'] == 'password':
172
			password = True
173
		elif perm['type'] == 'l2p':
174
			l2p_courses.append(perm['param1'])
175
		elif perm['type'] == 'rwth':
176
			rwth_intern = True
177
178
		elif perm['type'] == 'fsmpi':
			fsmpi_intern = True
179
	if public or not perms:
180
181
182
183
184
		return 'public', 'Öffentlich verfügbar'
	if rwth_intern:
		if password:
			return 'rwth', 'Nur für RWTH-Angehörige und Nutzer mit Passwort verfügbar'
		return 'rwth', 'Nur für RWTH-Angehörige verfügbar'
185
186
	if fsmpi_intern:
		return 'fsmpi', 'Nur für Fachschaftler verfügbar'
187
188
	if l2p_courses:
		if password:
189
190
			return 'l2p', 'Nur für Teilnehmer der Veranstaltung und Nutzer mit Passwort verfügbar'
		return 'l2p', 'Nur für Teilnehmer der Veranstaltung verfügbar'
191
192
	if password:
		return 'password', 'Nur für Nutzer mit Passwort verfügbar'
Julian Rother's avatar
Julian Rother committed
193
	return 'none', 'Nicht verfügbar'
194

195
app.jinja_env.globals['navbar'] = []
196
197
198
199
200
# iconlib can be 'bootstrap'
# ( see: http://getbootstrap.com/components/#glyphicons )
# or 'fa'
# ( see: http://fontawesome.io/icons/ )
def register_navbar(name, iconlib='bootstrap', icon=None):
201
	def wrapper(func):
202
		endpoint = func.__name__
203
		app.jinja_env.globals['navbar'].append((endpoint, name, iconlib, icon, not endpoint in mod_endpoints))
204
205
206
		return func
	return wrapper

Julian Rother's avatar
Cleanup    
Julian Rother committed
207
208
209
210
def render_endpoint(endpoint, flashtext=None, **kargs):
	if flashtext:
		flash(flashtext)
	# request.endpoint is used for navbar highlighting
211
	request.url_rule = Rule(request.path, endpoint=endpoint)
Julian Rother's avatar
Cleanup    
Julian Rother committed
212
213
	return app.view_functions[endpoint](**kargs)

214
215
216
217
218
219
220
def handle_errors(endpoint, text, code, *errors, **epargs):
	def wrapper(func):
		@wraps(func)
		def decorator(*args, **kwargs):
			try:
				return func(*args, **kwargs)
			except errors:
Julian Rother's avatar
Julian Rother committed
221
				if endpoint:
222
					return make_response(render_endpoint(endpoint, text, **epargs), code)
Julian Rother's avatar
Julian Rother committed
223
224
				else:
					return text, code
225
226
227
		return decorator
	return wrapper

Julian Rother's avatar
Cleanup    
Julian Rother committed
228
229
@app.errorhandler(404)
def handle_not_found(e):
230
	return render_endpoint('index', 'Diese Seite existiert nicht!'), 404
Julian Rother's avatar
Cleanup    
Julian Rother committed
231

232
233
234
235
@app.errorhandler(500)
@app.errorhandler(Exception)
def handle_internal_error(e):
	traceback.print_exc()
236
	return render_template('500.html'), 500
237

238
239
240
241
242
243
244
245
246
247
@sched_func(5*60, firstdelay=0)
def dump_error_page():
	if 'ERROR_PAGE' not in config:
		return
	request.url_rule = Rule(request.path, endpoint='handle_internal_error')
	text = render_template('500.html')
	f = open(config['ERROR_PAGE'], 'w')
	f.write(text)
	f.close()

Andreas Valder's avatar
Andreas Valder committed
248
249
# debian ships jinja2 without this test...
@app.template_test(name='equalto')
250
251
252
def equalto(a,b):
	return a == b

253
254
255
256
257
258
259
260
@app.template_filter(name='filterdict')
def jinja2_filterdict(value, attrdel):
	v = dict(value)
	for a in attrdel:
		if a in v:
			del v[a]
	return dict(v)

Julian Rother's avatar
Julian Rother committed
261
@app.template_filter(name='semester')
262
263
264
265
266
267
268
269
270
271
272
273
274
275
def human_semester(s, long=False):
	if not s or s == 'zeitlos' or len(s) != 6:
		return 'Zeitlos'
	year = s[0:4]
	semester = s[4:6].upper()
	if not year.isdigit() or semester not in ['SS', 'WS']:
		print('Invalid semester string "%s"'%s)
		return '??'
	if not long:
		return semester+year[2:]
	elif semester == 'SS':
		return 'Sommersemester %s'%year
	else:
		return 'Wintersemester %s/%s'%(year, str(int(year)+1)[2:])
Julian Rother's avatar
Julian Rother committed
276
277
278

@app.template_filter(name='date')
def human_date(d):
Andreas Valder's avatar
Andreas Valder committed
279
	return d.strftime('%d.%m.%Y')
Julian Rother's avatar
Julian Rother committed
280

Andreas Valder's avatar
Andreas Valder committed
281
@app.template_filter(name='time')
282
def human_time(d):
Andreas Valder's avatar
Andreas Valder committed
283
284
	return d.strftime('%H:%M')

Julian Rother's avatar
Julian Rother committed
285
286
287
288
@app.template_filter()
def rfc3339(d):
	return d.strftime('%Y-%m-%dT%H:%M:%S+02:00')

289
290
@app.template_global()
def get_announcements(minlevel=0):
291
292
	offset = timedelta()
	if ismod():
293
		offset = timedelta(hours=24)
294
295
296
297
	try:
		return query('SELECT * FROM announcements WHERE NOT deleted AND ((time_expire = NULL) OR time_expire > ?) AND (? OR (visible AND time_publish < ?)) AND level >= ? ORDER BY level DESC', datetime.now()-offset, ismod(), datetime.now(), minlevel)
	except:
		return []
298

299
300
301
302
303
@app.template_filter()
def fixnl(s):
	# To be remove, as soon as db schema is cleaned-up
	return str(s).replace('\n', '<br>')

304
305
306
307
308
309
310
311
312
313
314
@app.template_filter()
def tagid(s):
	if not s:
		return 'EMPTY'
	s = s.replace(' ', '_').lower()
	r = ''
	for c in s:
		if c in string.ascii_lowercase+string.digits+'_':
			r = r + c
	return r

315
@app.route('/')
316
@register_navbar('Home', icon='home')
317
def index():
318
319
320
	# handle legacy urls...
	if 'course' in request.args:
		return redirect(url_for('course', handle=request.args['course']),code=302)
321
322
	if 'view' in request.args:
		if (request.args['view'] == 'player') and ('lectureid' in request.args) :
323
324
325
326
			courses = query('SELECT courses.handle FROM courses JOIN lectures ON courses.id = lectures.course_id WHERE lectures.id = ?', request.args['lectureid'])
			if not courses:
				return "Not found", 404
			return redirect(url_for('lecture', course=courses[0]['handle'], id=request.args['lectureid']),code=302)
327

328
	start = date.today()
329
	end = start + timedelta(days=7)
330
331
	upcomming = query('''
		SELECT lectures.*, "course" AS sep, courses.*
Andreas Valder's avatar
Andreas Valder committed
332
333
		FROM lectures
		JOIN courses ON (lectures.course_id = courses.id)
334
335
		WHERE (time > ?) AND (time < ?) AND (? OR (lectures.visible AND courses.visible AND courses.listed)) AND NOT lectures.norecording
		ORDER BY time ASC LIMIT 30''', start, end, ismod())
Andreas Valder's avatar
Andreas Valder committed
336
337
338
	for i in upcomming:
		i['date'] = i['time'].date()
	latestvideos=query('''
339
		SELECT lectures.*, "course" AS sep, courses.*
Andreas Valder's avatar
Andreas Valder committed
340
341
342
343
344
		FROM lectures
		LEFT JOIN videos ON (videos.lecture_id = lectures.id)
		LEFT JOIN courses on (courses.id = lectures.course_id)
		WHERE (? OR (courses.visible AND courses.listed AND lectures.visible AND videos.visible))
		GROUP BY videos.lecture_id
345
		ORDER BY MAX(videos.time_created) DESC
Andreas Valder's avatar
Andreas Valder committed
346
		LIMIT 6	''',ismod())
347
	livestreams = query('''SELECT streams.handle AS livehandle, lectures.*, "course" AS sep, courses.*
348
349
350
351
352
		FROM streams
		JOIN lectures ON lectures.id = streams.lecture_id
		JOIN courses ON courses.id = lectures.course_id
		WHERE streams.active AND (? OR (streams.visible AND courses.visible AND courses.listed AND lectures.visible))
		''', ismod())
Julian Rother's avatar
Julian Rother committed
353
	featured = query('SELECT * FROM featured WHERE (? OR visible) ORDER BY `order`', ismod())
354
	featured = list(filter(lambda x: not x['deleted'], featured))
Julian Rother's avatar
Julian Rother committed
355
356
357
358
	for item in featured:
		if item['type'] == 'courses':
			if item['param'] not in ['title', 'semester', 'organizer', 'subject']:
				continue
359
			item['courses'] = query('SELECT * FROM courses WHERE (visible AND listed) AND `%s` = ? ORDER BY `%s`'%(item['param'], item['param']), item['param2'])
360
	return render_template('index.html', latestvideos=livestreams+latestvideos, upcomming=upcomming, featured=featured)
361

362
@app.route('/courses')
363
@register_navbar('Videos', icon='film')
364
def courses():
365
	courses = query('SELECT * FROM courses WHERE (? OR (visible AND listed)) ORDER BY lower(semester), lower(title)', ismod())
366
367
368
	for course in courses:
		if course['semester'] == '':
			course['semester'] = 'zeitlos'
Andreas Valder's avatar
Andreas Valder committed
369
	groupedby = request.args.get('groupedby')
Julian Rother's avatar
Julian Rother committed
370
	if groupedby not in ['title', 'semester', 'organizer', 'subject']:
Andreas Valder's avatar
Andreas Valder committed
371
		groupedby = 'semester'
372
	return render_template('courses.html', courses=courses, groupedby=groupedby)
Andreas Valder's avatar
Andreas Valder committed
373

374
375
376
377
def genlive(streams):
	for stream in streams:
		stream['visible'] = True
		stream['downloadable'] = False
378
		stream['path'] = 'pub/hls/%s.m3u8'%stream['livehandle']
379
380
381
		stream['file_size'] = 0
	return streams

382
383
@app.route('/<handle>')
@app.route('/<int:id>')
384
@handle_errors('courses', 'Diese Veranstaltung existiert nicht!', 404, IndexError)
385
386
def course(id=None, handle=None):
	if id:
387
		course = query('SELECT * FROM courses WHERE id = ? AND (? OR visible)', id, ismod())[0]
388
	else:
389
		course = query('SELECT * FROM courses WHERE handle = ? AND (? OR visible)', handle, ismod())[0]
390
391
	course['perm'] = query('SELECT * FROM perm WHERE (NOT perm.deleted) AND course_id = ? ORDER BY type', course['id'])
	perms = query('SELECT perm.* FROM perm JOIN lectures ON (perm.lecture_id = lectures.id) WHERE (NOT perm.deleted) AND lectures.course_id = ? ORDER BY perm.type', course['id'])
392
	lectures = query('SELECT * FROM lectures WHERE course_id = ? AND (? OR visible) ORDER BY time, duration DESC', course['id'], ismod())
393
	for lecture in lectures:
394
		lecture['perm'] = []
395
		lecture['perm'] += course['perm']
396
		lecture['course'] = course
397
398
399
		for perm in perms:
			if perm['lecture_id'] == lecture['id']:
				lecture['perm'].append(perm)
Andreas Valder's avatar
Andreas Valder committed
400
	videos = query('''
401
			SELECT videos.*, (videos.downloadable AND courses.downloadable) as downloadable, formats.description AS format_description, formats.player_prio, formats.prio
Andreas Valder's avatar
Andreas Valder committed
402
403
404
405
406
407
			FROM videos
			JOIN lectures ON (videos.lecture_id = lectures.id)
			JOIN formats ON (videos.video_format = formats.id)
			JOIN courses ON (lectures.course_id = courses.id)
			WHERE lectures.course_id= ? AND (? OR videos.visible)
			ORDER BY lectures.time, formats.prio DESC
408
			''', course['id'], ismod())
409
	livestreams = query('''SELECT streams.handle AS livehandle, streams.lecture_id, formats.description AS format_description, formats.player_prio, formats.prio
410
411
412
413
414
415
			FROM streams
			JOIN lectures ON lectures.id = streams.lecture_id
			JOIN formats ON formats.keywords = "hls"
			WHERE streams.active AND (? OR streams.visible) AND lectures.course_id = ?
			''', ismod(), course['id'])
	videos += genlive(livestreams)
416
	return render_template('course.html', course=course, lectures=lectures, videos=videos)
Andreas Valder's avatar
Andreas Valder committed
417

Andreas Valder's avatar
Andreas Valder committed
418
@app.route('/faq')
419
@register_navbar('FAQ', icon='question-sign')
Andreas Valder's avatar
Andreas Valder committed
420
def faq():
421
	return render_template('faq.html')
Andreas Valder's avatar
Andreas Valder committed
422

423
424
425
426
@app.route('/<course>/<int:id>')
@app.route('/<int:courseid>/<int:id>')
@app.route('/<course>/<int:id>/embed', endpoint='embed')
@app.route('/<int:courseid>/<int:id>/embed', endpoint='embed')
427
@handle_errors('course', 'Diese Vorlesung existiert nicht!', 404, IndexError)
428
def lecture(id, course=None, courseid=None):
Andreas Valder's avatar
Andreas Valder committed
429
430
	lecture = query('SELECT * FROM lectures WHERE id = ? AND (? OR visible)', id, ismod())[0]
	videos = query('''
431
			SELECT videos.*, (videos.downloadable AND courses.downloadable) as downloadable, formats.description AS format_description, formats.player_prio, formats.prio, formats.mimetype
Andreas Valder's avatar
Andreas Valder committed
432
433
			FROM videos
			JOIN formats ON (videos.video_format = formats.id)
434
435
436
437
			JOIN courses ON (courses.id = ?)
			WHERE videos.lecture_id = ? AND (? OR videos.visible)
			ORDER BY formats.prio DESC
			''', lecture['course_id'], lecture['id'], ismod())
438
	livestreams = query('''SELECT streams.handle AS livehandle, streams.lecture_id, formats.description AS format_description, formats.player_prio, formats.prio, formats.mimetype
439
440
441
442
443
444
			FROM streams
			JOIN lectures ON lectures.id = streams.lecture_id
			JOIN formats ON formats.keywords = "hls"
			WHERE streams.active AND (? OR streams.visible) AND lectures.id = ?
			''', ismod(), id)
	videos += genlive(livestreams)
445
	perms = query('SELECT perm.* FROM perm WHERE ((NOT perm.deleted) AND (perm.lecture_id = ? OR perm.course_id = ?))',
446
			lecture['id'], lecture['course_id'])
447
448
	if not videos:
		flash('Zu dieser Vorlesung wurden noch keine Videos veröffentlicht!')
449
	courses = query('SELECT * FROM courses WHERE id = ? AND (? OR visible)', lecture['course_id'], ismod())
450
451
	if not courses:
		return render_endpoint('courses', 'Diese Veranstaltung existiert nicht!'), 404
452
	chapters = query('SELECT * FROM chapters WHERE lecture_id = ? AND NOT deleted AND (? OR visible) ORDER BY time ASC', id, ismod())
453
454
	if not checkperm(perms):
		mode, text = permdescr(perms)
455
		if mode == 'rwth':
456
			flash(text+'. <a target="_blank" class="reloadonclose" href="'+url_for('start_rwthauth')+'">Hier authorisieren</a>.', category='player')
457
		elif mode == 'l2p':
458
			if 'l2p_courses' in session:
459
				flash(text+'. Du bist kein Teilnehmer des L2P-Kurses! <a target="_blank" class="reloadonclose" href="'+url_for('start_l2pauth')+'">Kurse aktualisieren</a>.', category='player')
460
			else:
461
				flash(text+'. <a target="_blank" class="reloadonclose" href="'+url_for('start_l2pauth')+'">Hier authorisieren</a>.', category='player')
462
		else:
463
			flash(text+'.', category='player')
464
	return render_template('embed.html' if request.endpoint == 'embed' else 'lecture.html', course=courses[0], lecture=lecture, videos=videos, chapters=chapters)
Andreas Valder's avatar
Andreas Valder committed
465

466
467
468
469
470
471
472

@app.route('/search')
def search():
	if 'q' not in request.args:
		return redirect(url_for('index'))
	q = request.args['q']
	courses = searchquery(q, '*', ['title', 'short', 'organizer', 'subject', 'description'],
473
			'courses', 'WHERE (? OR (visible AND listed)) GROUP BY id ORDER BY _score DESC, semester DESC LIMIT 20', ismod())
Julian Rother's avatar
Julian Rother committed
474
475
476
477
478
	#lectures = searchquery(q, 'lectures.*, courses.visible AS coursevisible, courses.listed, "course" AS sep, courses.*',
	#			['lectures.title', 'lectures.comment', 'lectures.speaker', 'courses.short'],
	#			'lectures LEFT JOIN courses on (courses.id = lectures.course_id)',
	#			'WHERE (? OR (coursevisible AND listed AND visible)) GROUP BY id ORDER BY _score DESC, time DESC LIMIT 30', ismod())
	lectures = searchquery(q, 'lectures.*, courses.visible AS coursevisible, courses.listed, courses.id AS courses_id, courses.visible AS courses_visible, courses.listed AS courses_listed, courses.title AS courses_title, courses.short AS courses_short, courses.handle AS courses_handle, courses.organizer AS courses_organizer, courses.subject AS courses_subject, courses.credits AS courses_credits, courses.created_by AS courses_created_by, courses.time_created AS courses_time_created, courses.time_updated AS courses_time_updated, courses.semester AS courses_semester, courses.downloadable AS courses_downloadable, courses.embedinvisible AS courses_embedinvisible, courses.description AS courses_description, courses.internal AS courses_internal, courses.responsible AS courses_responsible',
479
480
			['lectures.title', 'lectures.comment', 'lectures.speaker', 'courses.short'],
			'lectures LEFT JOIN courses on (courses.id = lectures.course_id)',
481
			'WHERE (? OR (coursevisible AND listed AND visible)) GROUP BY id ORDER BY _score DESC, time DESC LIMIT 30', ismod())
Julian Rother's avatar
Julian Rother committed
482
483
484
485
486
	for lecture in lectures:
		lecture['course'] = {}
		for key in lecture:
			if key.startswith('courses_'):
				lecture['course'][key[8:]] = lecture[key]
487
	return render_template('search.html', searchtext=request.args['q'], courses=courses, lectures=lectures)
Andreas Valder's avatar
Andreas Valder committed
488

489
490
491
def check_mod(user, groups):
	return user and 'users' in groups

492
@app.route('/internal/login', methods=['GET', 'POST'])
Julian Rother's avatar
Julian Rother committed
493
def login():
494
495
	if request.method == 'GET':
		return render_template('login.html')
Julian Rother's avatar
Julian Rother committed
496
	user, groups = ldapauth(request.form.get('user'), request.form.get('password'))
497
	if not check_mod(user, groups):
498
		flash('Login fehlgeschlagen!')
499
500
501
502
		return render_template('login.html')
	session['user'] = ldapget(user)
	dbuser = query('SELECT * FROM users WHERE name = ?', user)
	if not dbuser:
Julian Rother's avatar
Julian Rother committed
503
		modify('INSERT INTO users (name, realname, fsacc, level, calendar_key, rfc6238) VALUES (?, ?, ?, 1, "", "")', user, session['user']['givenName'], user)
504
505
		dbuser = query('SELECT * FROM users WHERE name = ?', user)
	session['user']['dbid'] = dbuser[0]['id']
506
	session['_csrf_token'] = ''.join(random.SystemRandom().choice(string.ascii_letters + string.digits) for _ in range(128))
Andreas Valder's avatar
Andreas Valder committed
507
	session.permanent = True
Julian Rother's avatar
Julian Rother committed
508
	return redirect(request.values.get('ref', url_for('index')))
Julian Rother's avatar
Julian Rother committed
509

510
@app.route('/internal/logout', methods=['GET', 'POST'])
Julian Rother's avatar
Julian Rother committed
511
def logout():
512
	session.pop('user', None)
Julian Rother's avatar
Julian Rother committed
513
	return redirect(request.values.get('ref', url_for('index')))
Julian Rother's avatar
Julian Rother committed
514

515
@app.route('/internal/auth')
516
517
518
519
def auth(): # For use with nginx auth_request
	if 'X-Original-Uri' not in request.headers:
		return 'Internal Server Error', 500
	url = request.headers['X-Original-Uri'].lstrip(config['VIDEOPREFIX'])
Julian Rother's avatar
Julian Rother committed
520
521
	if request.cookies.get('tracking', '') and request.cookies['tracking'].isdigit():
		cookie = int(request.cookies['tracking'])
522
	else:
Julian Rother's avatar
Julian Rother committed
523
		cookie = random.getrandbits(8*8-1)
524
	if url.endswith('jpg') or ismod():
525
		return "OK", 200
526
527
	if url.startswith('pub/hls/'):
		handle = url[len('pub/hls/'):].split('_')[0].split('.')[0]
528
		perms = query('''SELECT lectures.id AS lecture, perm.*
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
				FROM streams
				JOIN lectures ON (streams.lecture_id = lectures.id)
				JOIN courses ON (lectures.course_id = courses.id)
				LEFT JOIN perm ON ((lectures.id = perm.lecture_id OR courses.id = perm.course_id) AND NOT perm.deleted)
				WHERE streams.handle = ?
				AND (courses.visible AND lectures.visible AND streams.visible)
				ORDER BY perm.video_id DESC, perm.lecture_id DESC, perm.course_id DESC''', handle)
	else:
		perms = query('''SELECT videos.path, videos.id AS vid, perm.*
				FROM videos
				JOIN lectures ON (videos.lecture_id = lectures.id)
				JOIN courses ON (lectures.course_id = courses.id)
				LEFT JOIN perm ON ((videos.id = perm.video_id OR lectures.id = perm.lecture_id OR courses.id = perm.course_id) AND NOT perm.deleted)
				WHERE videos.path = ?
				AND (courses.visible AND lectures.visible AND videos.visible)
				ORDER BY perm.video_id DESC, perm.lecture_id DESC, perm.course_id DESC''',
				url)
546
	if not perms:
547
		return "Not allowed", 403
548
	auth = request.authorization
549
550
551
552
	username = password = None
	if auth:
		username = auth.username
		password = auth.password
553
	if checkperm(perms, username=username, password=password):
554
		try:
555
556
			if not url.startswith('pub/hls/'):
				modify('INSERT INTO log (id, `time`, `date`, video, source) VALUES (?, ?, ?, ?, 1)', cookie, datetime.now(), datetime.combine(date.today(), time()), perms[0]['vid'])
557
558
559
560
			elif url.endswith('.ts'):
				fmt = url.split('_')[-1].split('-')[0]
				seg = url.split('.')[0].split('-')[-1]
				modify('INSERT INTO hlslog (id, `time`, segment, lecture, handle, format) VALUES (?, ?, ?, ?, ?, ?)', cookie, datetime.now(), seg, perms[0]['lecture'], handle, fmt)
561
562
563
		except:
			pass
		r = make_response('OK', 200)
Julian Rother's avatar
Julian Rother committed
564
		r.set_cookie('tracking', str(cookie), max_age=2147483647) # Many many years
565
		return r
566
	password_auth = False
567
568
	for perm in perms:
		if perm['type'] == 'password':
569
570
571
			password_auth = True
			break
	if password_auth:
572
573
		return Response("Login required", 401, {'WWW-Authenticate': 'Basic realm="Login Required"'})
	return "Not allowed", 403
Andreas Valder's avatar
Andreas Valder committed
574

Julian Rother's avatar
Julian Rother committed
575
576
577
578
@app.route('/files/<filename>')
def files(filename):
	return redirect(config['VIDEOPREFIX']+'/'+filename)

Andreas Valder's avatar
Andreas Valder committed
579
@app.route('/sitemap.xml')
Andreas Valder's avatar
Andreas Valder committed
580
581
582
583
584
585
586
587
588
589
def sitemap():
	pages=[]
	# static pages
	for rule in app.url_map.iter_rules():
		if 'GET' in rule.methods and len(rule.arguments)==0:
			if rule.endpoint not in mod_endpoints:
				pages.append([rule.rule])
	for i in query('select * from courses where visible and listed'):
		pages.append([url_for('course',handle=i['handle'])])
		for j in query('select * from lectures where (course_id = ? and visible)',i['id']):
590
			pages.append([url_for('lecture',course=i['handle'],id=j['id'])])
Andreas Valder's avatar
Andreas Valder committed
591
592
593
594


	return Response(render_template('sitemap.xml', pages=pages), 200, {'Content-Type': 'application/atom+xml'} )

595
596
597
598
599

@app.route('/site/')
@app.route('/site/<string:phpfile>')
def legacy(phpfile=None):
	if phpfile=='embed.php' and ('lecture' in request.args):
600
601
602
603
		courses = query('SELECT courses.handle FROM courses JOIN lectures ON courses.id = lectures.course_id WHERE lectures.id = ?', request.args['lecture'])
		if not courses:
			return render_endpoint('index', 'Diese Seite existiert nicht!'), 404
		return redirect(url_for('embed', course=courses[0]['handle'], id=request.args['lecture']),code=302)
604
605
606
607
608
609
610
611
	if phpfile=='embed.php' and ('vid' in request.args):
		lectures = query('SELECT lecture_id FROM videos WHERE id = ?', request.args['vid'])
		if not lectures:
			return render_endpoint('index', 'Dieses Videos existiert nicht!'), 404
		courses = query('SELECT courses.handle FROM courses JOIN lectures ON courses.id = lectures.course_id WHERE lectures.id = ?', lectures[0]['lecture_id'])
		if not courses:
			return render_endpoint('index', 'Diese Seite existiert nicht!'), 404
		return redirect(url_for('embed', course=courses[0]['handle'], id=lectures[0]['lecture_id']),code=302)
612
613
614
615
616
617
618
619
	if phpfile=='feed.php' and ('all' in request.args):
		return redirect(url_for('feed'),code=302)
	if phpfile=='feed.php' and ('newcourses' in request.args):
		return redirect(url_for('courses_feed'),code=302)
	if phpfile=='feed.php':
		return redirect(url_for('feed', handle=request.args.copy().popitem()[0]),code=302)
	print("Unknown legacy url:",request.url)
	return redirect(url_for('index'),code=302)
Julian Rother's avatar
Julian Rother committed
620
621
622
623
624
625
626
627
628
629
630
631

import json

@app.route('/internal/dbstatus')
@register_navbar('DB-Status', icon='ok')
@mod_required
def dbstatus():
	hosts = set()
	clusters = {}
	status = {}
	variables = {}
	for host in config.get('MYSQL_DBSTATUS_HOSTS', [])+[config.get('MYSQL_HOST', None)]:
Andreas Valder's avatar
Andreas Valder committed
632
633
634
635
636
		try:
			for _host in show('SHOW VARIABLES LIKE "wsrep_cluster_address"', host=host)['wsrep_cluster_address'][len('gcomm://'):].split(','):
				hosts.add(_host)
		except:
			pass
Julian Rother's avatar
Julian Rother committed
637
	for host in sorted(list(hosts)):
Julian Rother's avatar
Julian Rother committed
638
639
640
641
642
643
644
645
646
647
648
649
		try:
			status[host] = show('SHOW GLOBAL STATUS LIKE "wsrep%"', host=host)
			variables[host] = show('SHOW GLOBAL VARIABLES LIKE "wsrep%"', host=host)
		except:
			status[host] = {'wsrep_cluster_state_uuid': '', 'wsrep_local_state_comment': 'Not reachable', 'wsrep_cluster_conf_id': '0', 'wsrep_cluster_status': 'Unknown'}
			variables[host] = {'wsrep_node_name': host, 'wsrep_cluster_name': 'unknown'}
		cluster = variables[host]['wsrep_cluster_name']+'-'+status[host]['wsrep_cluster_conf_id']
		if cluster not in clusters:
			clusters[cluster] = []
		clusters[cluster].append(host)
	return render_template('dbstatus.html', clusters=clusters, statuses=status, vars=variables), 200

650
651
652
653
654
655
656
@app.template_global()
def is_readonly():
	try:
		return show('SHOW GLOBAL STATUS LIKE "wsrep_ready"')['wsrep_ready'] != 'ON'
	except:
		return True

Andreas Valder's avatar
Andreas Valder committed
657
import edit
Julian Rother's avatar
Julian Rother committed
658
import feeds
659
import importer
660
import stats
Andreas Valder's avatar
Andreas Valder committed
661
import sorter
662
663
if 'ICAL_URL' in config:
	import meetings
664
import l2pauth
Andreas Valder's avatar
Andreas Valder committed
665
666
if 'JOBS_API_KEY' in config:
	import jobs
Andreas Valder's avatar
Andreas Valder committed
667
import timetable
Andreas Valder's avatar
Andreas Valder committed
668
import chapters