server.py 26.1 KB
Newer Older
1
from flask import Flask, g, request, url_for, redirect, session, render_template, flash, Response, make_response
2
from werkzeug.routing import Rule
3
from functools import wraps
Julian Rother's avatar
Julian Rother committed
4
from datetime import date, timedelta, datetime, time, MINYEAR
5
import threading
6
import os
7
import sys
Julian Rother's avatar
Julian Rother committed
8
import hashlib
9
import random
10
import sched
11
import traceback
12
import string
13
from socket import gethostname
Julian Rother's avatar
Julian Rother committed
14
from ipaddress import ip_address, ip_network
15
import math
Julian Rother's avatar
Julian Rother committed
16
import locale
17
import base64
Julian Rother's avatar
Julian Rother committed
18
19

locale.setlocale(locale.LC_ALL, 'de_DE.utf8')
20

21
app = Flask(__name__)
22

Andreas Valder's avatar
Andreas Valder committed
23
24
app.jinja_env.trim_blocks = True
app.jinja_env.lstrip_blocks = True
Julian Rother's avatar
Julian Rother committed
25
app.add_template_global(random.randint, name='randint')
26
27
app.add_template_global(datetime, name='datetime')
app.add_template_global(timedelta, name='timedelta')
28
app.add_template_global(gethostname, name='gethostname')
29
30
app.add_template_global(min, name='min')
app.add_template_global(max, name='max')
Andreas Valder's avatar
Andreas Valder committed
31

32

33
34
scheduler = sched.scheduler()
def run_scheduler():
Andreas Valder's avatar
Andreas Valder committed
35
	import time
36
	time.sleep(1) # UWSGI does weird things on startup
37
38
	while True:
		scheduler.run()
39
		time.sleep(10)
40

41
42
43
def sched_func(delay, priority=0, firstdelay=None, args=[], kargs={}):
	if firstdelay == None:
		firstdelay = random.randint(1, 120)
44
45
46
	def wrapper(func):
		def sched_wrapper():
			with app.test_request_context():
47
48
49
50
				try:
					func(*args, **kargs)
				except Exception:
					traceback.print_exc()
51
			scheduler.enter(delay, priority, sched_wrapper)
52
		scheduler.enter(firstdelay, priority, sched_wrapper)
53
54
55
56
		return func
	return wrapper

threading.Thread(target=run_scheduler, daemon=True).start()
57

58
config = app.config
59
config.from_pyfile('config.py.example', silent=True)
60
61
62
if sys.argv[0].endswith('run.py'): 
	config['SQLITE_INIT_DATA'] = True
	config['DEBUG'] = True
63
config.from_pyfile('config.py', silent=True)
Andreas Valder's avatar
Andreas Valder committed
64
65
if config['DEBUG']:
	app.jinja_env.auto_reload = True
Andreas Valder's avatar
Andreas Valder committed
66
67
68

# get git commit
import subprocess
Andreas Valder's avatar
Andreas Valder committed
69
output = subprocess.check_output(['git', "log", "-g", "-1", "--pretty=%H # %h # %d # %s"]).decode('UTF-8').split('#', 3)
Andreas Valder's avatar
Andreas Valder committed
70
app.jinja_env.globals['gitversion'] = { 'hash': output[1], 'longhash': output[0], 'branch': output[2], 'msg': output[3]  }
71

72
73
if not config.get('SECRET_KEY', None):
	config['SECRET_KEY'] = os.urandom(24)
Julian Rother's avatar
Julian Rother committed
74

Julian Rother's avatar
Julian Rother committed
75
from db import query, modify, show, searchquery, ldapauth, ldapget
Julian Rother's avatar
Julian Rother committed
76

77
mod_endpoints = []
Julian Rother's avatar
Julian Rother committed
78

Julian Rother's avatar
Cleanup    
Julian Rother committed
79
@app.template_global()
80
81
82
83
def ismod(*args):
	return ('user' in session)

def mod_required(func):
84
	mod_endpoints.append(func.__name__)
85
86
	@wraps(func)
	def decorator(*args, **kwargs):
87
		if not ismod():
88
89
90
91
92
93
			flash('Diese Funktion ist nur für Moderatoren verfügbar!')
			return redirect(url_for('login', ref=request.url))
		else:
			return func(*args, **kwargs)
	return decorator

94
95
csrf_endpoints = []

96
def csrf_protect(func):
97
	csrf_endpoints.append(func.__name__)
98
99
100
101
	@wraps(func)
	def decorator(*args, **kwargs):
		if '_csrf_token' in request.values:
			token = request.values['_csrf_token']
Andreas Valder's avatar
Andreas Valder committed
102
		elif request.get_json() and ('_csrf_token' in request.get_json()):
103
104
			token = request.get_json()['_csrf_token']
		else:
105
			token = None
106
107
108
109
110
111
		if not ('_csrf_token' in session) or (session['_csrf_token'] != token ) or not token: 
			return 'csrf test failed', 403
		else:
			return func(*args, **kwargs)
	return decorator

112
113
@app.url_defaults
def csrf_inject(endpoint, values):
114
	if endpoint not in csrf_endpoints or not session.get('_csrf_token'):
115
116
117
		return
	values['_csrf_token'] = session['_csrf_token']

118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
def evalperm(perms):
	cperms = []
	lperms = []
	vperms = []
	for perm in perms:
		if perm['course_id']:
			cperms.append(perm)
		elif perm['lecture_id']:
			lperms.append(perm)
		elif perm['video_id']:
			vperms.append(perm)
	if vperms:
		return vperms
	elif lperms:
	 	return lperms
	elif cperms:
		return cperms
	return [{'type': 'public'}]
136

137
138
139
140
@app.template_filter()
def base64encode(str):
	return base64.b64encode(str.encode('UTF-8')).decode('UTF-8')

141
@app.template_filter()
142
def checkperm(perms, username=None, password=None):
143
144
	if ismod():
		return True
145
146
147
	perms = evalperm(perms)
	for perm in perms:
		if perm['type'] == 'public':
148
			return True
149
150
		elif perm['type'] == 'password':
			if perm['param1'] == username and perm['param2'] == password:
151
				return True
152
153
		elif perm['type'] == 'l2p':
			if perm['param1'] in session.get('l2p_courses', []):
154
				return True
155
		elif perm['type'] == 'rwth':
156
157
			if session.get('rwthintern', False):
				return True
158
159
160
			if 'X-Real-IP' not in request.headers:
				continue
			ip = ip_address(request.headers['X-Real-IP'])
Julian Rother's avatar
Julian Rother committed
161
			for net in config['RWTH_IP_RANGES']:
162
163
				if ip in ip_network(net):
					return True
164
165
166
	return False

@app.template_filter()
167
168
def permdescr(perms):
	perms = evalperm(perms)
169
170
171
172
	public = False
	password = False
	l2p_courses = []
	rwth_intern = False
173
	fsmpi_intern = False
174
175
	for perm in perms:
		if perm['type'] == 'public':
176
			public = True
177
		elif perm['type'] == 'password':
178
			password = True
179
		elif perm['type'] == 'l2p':
180
			l2p_courses.append(perm['param1'])
181
		elif perm['type'] == 'rwth':
182
			rwth_intern = True
183
184
		elif perm['type'] == 'fsmpi':
			fsmpi_intern = True
185
	if public or not perms:
186
187
188
189
190
		return 'public', 'Öffentlich verfügbar'
	if rwth_intern:
		if password:
			return 'rwth', 'Nur für RWTH-Angehörige und Nutzer mit Passwort verfügbar'
		return 'rwth', 'Nur für RWTH-Angehörige verfügbar'
191
192
	if fsmpi_intern:
		return 'fsmpi', 'Nur für Fachschaftler verfügbar'
193
194
	if l2p_courses:
		if password:
195
196
			return 'l2p', 'Nur für Teilnehmer der Veranstaltung und Nutzer mit Passwort verfügbar'
		return 'l2p', 'Nur für Teilnehmer der Veranstaltung verfügbar'
197
198
	if password:
		return 'password', 'Nur für Nutzer mit Passwort verfügbar'
Julian Rother's avatar
Julian Rother committed
199
	return 'none', 'Nicht verfügbar'
200

201
app.jinja_env.globals['navbar'] = []
202
203
204
205
206
# iconlib can be 'bootstrap'
# ( see: http://getbootstrap.com/components/#glyphicons )
# or 'fa'
# ( see: http://fontawesome.io/icons/ )
def register_navbar(name, iconlib='bootstrap', icon=None):
207
	def wrapper(func):
208
		endpoint = func.__name__
209
		app.jinja_env.globals['navbar'].append((endpoint, name, iconlib, icon, not endpoint in mod_endpoints))
210
211
212
		return func
	return wrapper

Julian Rother's avatar
Cleanup    
Julian Rother committed
213
214
215
216
def render_endpoint(endpoint, flashtext=None, **kargs):
	if flashtext:
		flash(flashtext)
	# request.endpoint is used for navbar highlighting
217
	request.url_rule = Rule(request.path, endpoint=endpoint)
Julian Rother's avatar
Cleanup    
Julian Rother committed
218
219
	return app.view_functions[endpoint](**kargs)

220
221
222
223
224
225
226
def handle_errors(endpoint, text, code, *errors, **epargs):
	def wrapper(func):
		@wraps(func)
		def decorator(*args, **kwargs):
			try:
				return func(*args, **kwargs)
			except errors:
Julian Rother's avatar
Julian Rother committed
227
				if endpoint:
228
					return make_response(render_endpoint(endpoint, text, **epargs), code)
Julian Rother's avatar
Julian Rother committed
229
230
				else:
					return text, code
231
232
233
		return decorator
	return wrapper

Julian Rother's avatar
Cleanup    
Julian Rother committed
234
235
@app.errorhandler(404)
def handle_not_found(e):
236
	return render_endpoint('index', 'Diese Seite existiert nicht!'), 404
Julian Rother's avatar
Cleanup    
Julian Rother committed
237

238
239
240
241
@app.errorhandler(500)
@app.errorhandler(Exception)
def handle_internal_error(e):
	traceback.print_exc()
242
	return render_template('500.html'), 500
243

244
245
246
247
248
249
250
251
252
253
@sched_func(5*60, firstdelay=0)
def dump_error_page():
	if 'ERROR_PAGE' not in config:
		return
	request.url_rule = Rule(request.path, endpoint='handle_internal_error')
	text = render_template('500.html')
	f = open(config['ERROR_PAGE'], 'w')
	f.write(text)
	f.close()

Andreas Valder's avatar
Andreas Valder committed
254
255
# debian ships jinja2 without this test...
@app.template_test(name='equalto')
256
257
258
def equalto(a,b):
	return a == b

259
260
261
262
263
264
265
266
@app.template_filter(name='filterdict')
def jinja2_filterdict(value, attrdel):
	v = dict(value)
	for a in attrdel:
		if a in v:
			del v[a]
	return dict(v)

Julian Rother's avatar
Julian Rother committed
267
@app.template_filter(name='semester')
268
269
270
271
272
273
274
275
276
277
278
279
280
281
def human_semester(s, long=False):
	if not s or s == 'zeitlos' or len(s) != 6:
		return 'Zeitlos'
	year = s[0:4]
	semester = s[4:6].upper()
	if not year.isdigit() or semester not in ['SS', 'WS']:
		print('Invalid semester string "%s"'%s)
		return '??'
	if not long:
		return semester+year[2:]
	elif semester == 'SS':
		return 'Sommersemester %s'%year
	else:
		return 'Wintersemester %s/%s'%(year, str(int(year)+1)[2:])
Julian Rother's avatar
Julian Rother committed
282
283
284

@app.template_filter(name='date')
def human_date(d):
Andreas Valder's avatar
Andreas Valder committed
285
	return d.strftime('%d.%m.%Y')
Julian Rother's avatar
Julian Rother committed
286

Andreas Valder's avatar
Andreas Valder committed
287
@app.template_filter(name='time')
288
def human_time(d):
Andreas Valder's avatar
Andreas Valder committed
289
290
	return d.strftime('%H:%M')

Julian Rother's avatar
Julian Rother committed
291
292
293
294
@app.template_filter()
def rfc3339(d):
	return d.strftime('%Y-%m-%dT%H:%M:%S+02:00')

295
296
@app.template_global()
def get_announcements(minlevel=0):
297
298
	offset = timedelta()
	if ismod():
299
		offset = timedelta(hours=24)
300
301
302
303
	try:
		return query('SELECT * FROM announcements WHERE NOT deleted AND ((time_expire = NULL) OR time_expire > ?) AND (? OR (visible AND time_publish < ?)) AND level >= ? ORDER BY level DESC', datetime.now()-offset, ismod(), datetime.now(), minlevel)
	except:
		return []
304

305
306
307
308
309
@app.template_filter()
def fixnl(s):
	# To be remove, as soon as db schema is cleaned-up
	return str(s).replace('\n', '<br>')

310
311
312
313
314
315
316
317
318
319
320
@app.template_filter()
def tagid(s):
	if not s:
		return 'EMPTY'
	s = s.replace(' ', '_').lower()
	r = ''
	for c in s:
		if c in string.ascii_lowercase+string.digits+'_':
			r = r + c
	return r

321
@app.route('/')
322
@register_navbar('Home', icon='home')
323
def index():
324
325
326
	# handle legacy urls...
	if 'course' in request.args:
		return redirect(url_for('course', handle=request.args['course']),code=302)
327
328
	if 'view' in request.args:
		if (request.args['view'] == 'player') and ('lectureid' in request.args) :
329
330
331
332
			courses = query('SELECT courses.handle FROM courses JOIN lectures ON courses.id = lectures.course_id WHERE lectures.id = ?', request.args['lectureid'])
			if not courses:
				return "Not found", 404
			return redirect(url_for('lecture', course=courses[0]['handle'], id=request.args['lectureid']),code=302)
333

334
	start = date.today()
335
	end = start + timedelta(days=7)
336
337
	upcomming = query('''
		SELECT lectures.*, "course" AS sep, courses.*
Andreas Valder's avatar
Andreas Valder committed
338
339
		FROM lectures
		JOIN courses ON (lectures.course_id = courses.id)
340
341
		WHERE (time > ?) AND (time < ?) AND (? OR (lectures.visible AND courses.visible AND courses.listed)) AND NOT lectures.norecording
		ORDER BY time ASC LIMIT 30''', start, end, ismod())
Andreas Valder's avatar
Andreas Valder committed
342
343
344
	for i in upcomming:
		i['date'] = i['time'].date()
	latestvideos=query('''
345
		SELECT lectures.*, "course" AS sep, courses.*
Andreas Valder's avatar
Andreas Valder committed
346
347
348
349
350
		FROM lectures
		LEFT JOIN videos ON (videos.lecture_id = lectures.id)
		LEFT JOIN courses on (courses.id = lectures.course_id)
		WHERE (? OR (courses.visible AND courses.listed AND lectures.visible AND videos.visible))
		GROUP BY videos.lecture_id
351
		ORDER BY MAX(videos.time_created) DESC
Andreas Valder's avatar
Andreas Valder committed
352
		LIMIT 6	''',ismod())
353
	livestreams = query('''SELECT streams.handle AS livehandle, lectures.*, "course" AS sep, courses.*
354
355
356
357
358
		FROM streams
		JOIN lectures ON lectures.id = streams.lecture_id
		JOIN courses ON courses.id = lectures.course_id
		WHERE streams.active AND (? OR (streams.visible AND courses.visible AND courses.listed AND lectures.visible))
		''', ismod())
Julian Rother's avatar
Julian Rother committed
359
	featured = query('SELECT * FROM featured WHERE (? OR visible) ORDER BY `order`', ismod())
360
	featured = list(filter(lambda x: not x['deleted'], featured))
Julian Rother's avatar
Julian Rother committed
361
362
363
364
	for item in featured:
		if item['type'] == 'courses':
			if item['param'] not in ['title', 'semester', 'organizer', 'subject']:
				continue
365
			item['courses'] = query('SELECT * FROM courses WHERE (visible AND listed) AND `%s` = ? ORDER BY `%s`'%(item['param'], item['param']), item['param2'])
366
	return render_template('index.html', latestvideos=livestreams+latestvideos, upcomming=upcomming, featured=featured)
367

368
@app.route('/courses')
369
@register_navbar('Videos', icon='film')
370
def courses():
371
	courses = query('SELECT * FROM courses WHERE (? OR (visible AND listed)) ORDER BY lower(semester), lower(title)', ismod())
372
373
374
	for course in courses:
		if course['semester'] == '':
			course['semester'] = 'zeitlos'
Andreas Valder's avatar
Andreas Valder committed
375
	groupedby = request.args.get('groupedby')
Julian Rother's avatar
Julian Rother committed
376
	if groupedby not in ['title', 'semester', 'organizer', 'subject']:
Andreas Valder's avatar
Andreas Valder committed
377
		groupedby = 'semester'
378
	return render_template('courses.html', courses=courses, groupedby=groupedby)
Andreas Valder's avatar
Andreas Valder committed
379

380
381
382
383
def genlive(streams):
	for stream in streams:
		stream['visible'] = True
		stream['downloadable'] = False
384
		stream['path'] = 'pub/hls/%s.m3u8'%stream['livehandle']
385
386
387
		stream['file_size'] = 0
	return streams

388
389
@app.route('/<handle>')
@app.route('/<int:id>')
390
@handle_errors('courses', 'Diese Veranstaltung existiert nicht!', 404, IndexError)
391
392
def course(id=None, handle=None):
	if id:
393
		course = query('SELECT * FROM courses WHERE id = ? AND (? OR visible)', id, ismod())[0]
394
	else:
395
		course = query('SELECT * FROM courses WHERE handle = ? AND (? OR visible)', handle, ismod())[0]
396
397
	course['perm'] = query('SELECT * FROM perm WHERE (NOT perm.deleted) AND course_id = ? ORDER BY type', course['id'])
	perms = query('SELECT perm.* FROM perm JOIN lectures ON (perm.lecture_id = lectures.id) WHERE (NOT perm.deleted) AND lectures.course_id = ? ORDER BY perm.type', course['id'])
398
	lectures = query('SELECT * FROM lectures WHERE course_id = ? AND (? OR visible) ORDER BY time, duration DESC', course['id'], ismod())
399
	for lecture in lectures:
400
		lecture['perm'] = []
401
		lecture['perm'] += course['perm']
402
		lecture['course'] = course
403
404
405
		for perm in perms:
			if perm['lecture_id'] == lecture['id']:
				lecture['perm'].append(perm)
Andreas Valder's avatar
Andreas Valder committed
406
	videos = query('''
407
			SELECT videos.*, (videos.downloadable AND courses.downloadable) as downloadable, formats.description AS format_description, formats.player_prio, formats.prio
Andreas Valder's avatar
Andreas Valder committed
408
409
410
411
412
413
			FROM videos
			JOIN lectures ON (videos.lecture_id = lectures.id)
			JOIN formats ON (videos.video_format = formats.id)
			JOIN courses ON (lectures.course_id = courses.id)
			WHERE lectures.course_id= ? AND (? OR videos.visible)
			ORDER BY lectures.time, formats.prio DESC
414
			''', course['id'], ismod())
415
	livestreams = query('''SELECT streams.handle AS livehandle, streams.lecture_id, formats.description AS format_description, formats.player_prio, formats.prio
416
417
418
419
420
421
			FROM streams
			JOIN lectures ON lectures.id = streams.lecture_id
			JOIN formats ON formats.keywords = "hls"
			WHERE streams.active AND (? OR streams.visible) AND lectures.course_id = ?
			''', ismod(), course['id'])
	videos += genlive(livestreams)
422
	return render_template('course.html', course=course, lectures=lectures, videos=videos)
Andreas Valder's avatar
Andreas Valder committed
423

Andreas Valder's avatar
Andreas Valder committed
424
@app.route('/faq')
425
@register_navbar('FAQ', icon='question-sign')
Andreas Valder's avatar
Andreas Valder committed
426
def faq():
427
	return render_template('faq.html')
Andreas Valder's avatar
Andreas Valder committed
428

429
430
431
432
@app.route('/<course>/<int:id>')
@app.route('/<int:courseid>/<int:id>')
@app.route('/<course>/<int:id>/embed', endpoint='embed')
@app.route('/<int:courseid>/<int:id>/embed', endpoint='embed')
433
@handle_errors('course', 'Diese Vorlesung existiert nicht!', 404, IndexError)
434
def lecture(id, course=None, courseid=None):
Andreas Valder's avatar
Andreas Valder committed
435
436
	lecture = query('SELECT * FROM lectures WHERE id = ? AND (? OR visible)', id, ismod())[0]
	videos = query('''
437
			SELECT videos.*, (videos.downloadable AND courses.downloadable) as downloadable, formats.description AS format_description, formats.player_prio, formats.prio, formats.mimetype
Andreas Valder's avatar
Andreas Valder committed
438
439
			FROM videos
			JOIN formats ON (videos.video_format = formats.id)
440
441
442
443
			JOIN courses ON (courses.id = ?)
			WHERE videos.lecture_id = ? AND (? OR videos.visible)
			ORDER BY formats.prio DESC
			''', lecture['course_id'], lecture['id'], ismod())
444
	livestreams = query('''SELECT streams.handle AS livehandle, streams.lecture_id, formats.description AS format_description, formats.player_prio, formats.prio, formats.mimetype
445
446
447
448
449
450
			FROM streams
			JOIN lectures ON lectures.id = streams.lecture_id
			JOIN formats ON formats.keywords = "hls"
			WHERE streams.active AND (? OR streams.visible) AND lectures.id = ?
			''', ismod(), id)
	videos += genlive(livestreams)
451
	perms = query('SELECT perm.* FROM perm WHERE ((NOT perm.deleted) AND (perm.lecture_id = ? OR perm.course_id = ?))',
452
			lecture['id'], lecture['course_id'])
453
	if not videos:
454
455
456
457
458
459
		if lecture['live'] and lecture['time'] > datetime.now()-timedelta(minutes=30) and lecture['time']-timedelta(hours=20) < datetime.now():
			flash('Der Livestream beginnt um '+human_time(lecture['time'])+' Uhr.')
		elif lecture['time'] > datetime.now():
			flash('Diese Vorlesung hat noch nicht stattgefunden!')
		else:
			flash('Zu dieser Vorlesung wurden noch keine Videos veröffentlicht!')
460
	courses = query('SELECT * FROM courses WHERE id = ? AND (? OR visible)', lecture['course_id'], ismod())
461
462
	if not courses:
		return render_endpoint('courses', 'Diese Veranstaltung existiert nicht!'), 404
463
	chapters = query('SELECT * FROM chapters WHERE lecture_id = ? AND NOT deleted AND (? OR visible) ORDER BY time ASC', id, ismod())
464
465
466
467
468
	username = password = None
	if request.authorization:
		username = request.authorization.username
		password = request.authorization.password
	if not checkperm(perms, username=username, password=password):
469
		mode, text = permdescr(perms)
470
		if mode == 'rwth':
471
			flash(text+'. <a target="_blank" class="reloadonclose" href="'+url_for('start_rwthauth')+'">Hier authorisieren</a>.', category='player')
472
		elif mode == 'l2p':
473
			if 'l2p_courses' in session:
474
				flash(text+'. Du bist kein Teilnehmer des L2P-Kurses! <a target="_blank" class="reloadonclose" href="'+url_for('start_l2pauth')+'">Kurse aktualisieren</a>.', category='player')
475
			else:
476
				flash(text+'. <a target="_blank" class="reloadonclose" href="'+url_for('start_l2pauth')+'">Hier authorisieren</a>.', category='player')
477
		else:
478
			flash(text+'.', category='player')
479
	return render_template('embed.html' if request.endpoint == 'embed' else 'lecture.html', course=courses[0], lecture=lecture, videos=videos, chapters=chapters)
Andreas Valder's avatar
Andreas Valder committed
480

481
482
483
484
485
486
487

@app.route('/search')
def search():
	if 'q' not in request.args:
		return redirect(url_for('index'))
	q = request.args['q']
	courses = searchquery(q, '*', ['title', 'short', 'organizer', 'subject', 'description'],
488
			'courses', 'WHERE (? OR (visible AND listed)) GROUP BY id ORDER BY _score DESC, semester DESC LIMIT 20', ismod())
Julian Rother's avatar
Julian Rother committed
489
490
491
492
493
	#lectures = searchquery(q, 'lectures.*, courses.visible AS coursevisible, courses.listed, "course" AS sep, courses.*',
	#			['lectures.title', 'lectures.comment', 'lectures.speaker', 'courses.short'],
	#			'lectures LEFT JOIN courses on (courses.id = lectures.course_id)',
	#			'WHERE (? OR (coursevisible AND listed AND visible)) GROUP BY id ORDER BY _score DESC, time DESC LIMIT 30', ismod())
	lectures = searchquery(q, 'lectures.*, courses.visible AS coursevisible, courses.listed, courses.id AS courses_id, courses.visible AS courses_visible, courses.listed AS courses_listed, courses.title AS courses_title, courses.short AS courses_short, courses.handle AS courses_handle, courses.organizer AS courses_organizer, courses.subject AS courses_subject, courses.credits AS courses_credits, courses.created_by AS courses_created_by, courses.time_created AS courses_time_created, courses.time_updated AS courses_time_updated, courses.semester AS courses_semester, courses.downloadable AS courses_downloadable, courses.embedinvisible AS courses_embedinvisible, courses.description AS courses_description, courses.internal AS courses_internal, courses.responsible AS courses_responsible',
494
495
			['lectures.title', 'lectures.comment', 'lectures.speaker', 'courses.short'],
			'lectures LEFT JOIN courses on (courses.id = lectures.course_id)',
496
			'WHERE (? OR (coursevisible AND listed AND visible)) GROUP BY id ORDER BY _score DESC, time DESC LIMIT 30', ismod())
Julian Rother's avatar
Julian Rother committed
497
498
499
500
501
	for lecture in lectures:
		lecture['course'] = {}
		for key in lecture:
			if key.startswith('courses_'):
				lecture['course'][key[8:]] = lecture[key]
502
	return render_template('search.html', searchtext=request.args['q'], courses=courses, lectures=lectures)
Andreas Valder's avatar
Andreas Valder committed
503

504
505
506
def check_mod(user, groups):
	return user and 'users' in groups

507
@app.route('/internal/login', methods=['GET', 'POST'])
Julian Rother's avatar
Julian Rother committed
508
def login():
509
510
	if request.method == 'GET':
		return render_template('login.html')
Julian Rother's avatar
Julian Rother committed
511
	user, groups = ldapauth(request.form.get('user'), request.form.get('password'))
512
	if not check_mod(user, groups):
513
		flash('Login fehlgeschlagen!')
514
515
516
517
		return render_template('login.html')
	session['user'] = ldapget(user)
	dbuser = query('SELECT * FROM users WHERE name = ?', user)
	if not dbuser:
Julian Rother's avatar
Julian Rother committed
518
		modify('INSERT INTO users (name, realname, fsacc, level, calendar_key, rfc6238) VALUES (?, ?, ?, 1, "", "")', user, session['user']['givenName'], user)
519
520
		dbuser = query('SELECT * FROM users WHERE name = ?', user)
	session['user']['dbid'] = dbuser[0]['id']
521
	session['_csrf_token'] = ''.join(random.SystemRandom().choice(string.ascii_letters + string.digits) for _ in range(128))
Andreas Valder's avatar
Andreas Valder committed
522
	session.permanent = True
Julian Rother's avatar
Julian Rother committed
523
	return redirect(request.values.get('ref', url_for('index')))
Julian Rother's avatar
Julian Rother committed
524

525
@app.route('/internal/logout', methods=['GET', 'POST'])
Julian Rother's avatar
Julian Rother committed
526
def logout():
527
	session.pop('user', None)
Julian Rother's avatar
Julian Rother committed
528
	return redirect(request.values.get('ref', url_for('index')))
Julian Rother's avatar
Julian Rother committed
529

530
@app.route('/internal/auth')
531
532
533
534
def auth(): # For use with nginx auth_request
	if 'X-Original-Uri' not in request.headers:
		return 'Internal Server Error', 500
	url = request.headers['X-Original-Uri'].lstrip(config['VIDEOPREFIX'])
Julian Rother's avatar
Julian Rother committed
535
536
	if request.cookies.get('tracking', '') and request.cookies['tracking'].isdigit():
		cookie = int(request.cookies['tracking'])
537
	else:
Julian Rother's avatar
Julian Rother committed
538
		cookie = random.getrandbits(8*8-1)
539
	if url.endswith('jpg') or ismod():
540
		return "OK", 200
541
542
	if url.startswith('pub/hls/'):
		handle = url[len('pub/hls/'):].split('_')[0].split('.')[0]
543
		perms = query('''SELECT lectures.id AS lecture, perm.*
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
				FROM streams
				JOIN lectures ON (streams.lecture_id = lectures.id)
				JOIN courses ON (lectures.course_id = courses.id)
				LEFT JOIN perm ON ((lectures.id = perm.lecture_id OR courses.id = perm.course_id) AND NOT perm.deleted)
				WHERE streams.handle = ?
				AND (courses.visible AND lectures.visible AND streams.visible)
				ORDER BY perm.video_id DESC, perm.lecture_id DESC, perm.course_id DESC''', handle)
	else:
		perms = query('''SELECT videos.path, videos.id AS vid, perm.*
				FROM videos
				JOIN lectures ON (videos.lecture_id = lectures.id)
				JOIN courses ON (lectures.course_id = courses.id)
				LEFT JOIN perm ON ((videos.id = perm.video_id OR lectures.id = perm.lecture_id OR courses.id = perm.course_id) AND NOT perm.deleted)
				WHERE videos.path = ?
				AND (courses.visible AND lectures.visible AND videos.visible)
				ORDER BY perm.video_id DESC, perm.lecture_id DESC, perm.course_id DESC''',
				url)
561
	if not perms:
562
		return "Not allowed", 403
563
	auth = request.authorization
564
565
566
567
	username = password = None
	if auth:
		username = auth.username
		password = auth.password
568
	if checkperm(perms, username=username, password=password):
569
		try:
570
571
			if not url.startswith('pub/hls/'):
				modify('INSERT INTO log (id, `time`, `date`, video, source) VALUES (?, ?, ?, ?, 1)', cookie, datetime.now(), datetime.combine(date.today(), time()), perms[0]['vid'])
572
573
574
575
			elif url.endswith('.ts'):
				fmt = url.split('_')[-1].split('-')[0]
				seg = url.split('.')[0].split('-')[-1]
				modify('INSERT INTO hlslog (id, `time`, segment, lecture, handle, format) VALUES (?, ?, ?, ?, ?, ?)', cookie, datetime.now(), seg, perms[0]['lecture'], handle, fmt)
576
577
578
		except:
			pass
		r = make_response('OK', 200)
Julian Rother's avatar
Julian Rother committed
579
		r.set_cookie('tracking', str(cookie), max_age=2147483647) # Many many years
580
		return r
581
	password_auth = False
582
583
	for perm in perms:
		if perm['type'] == 'password':
584
585
586
			password_auth = True
			break
	if password_auth:
587
588
		return Response("Login required", 401, {'WWW-Authenticate': 'Basic realm="Login Required"'})
	return "Not allowed", 403
Andreas Valder's avatar
Andreas Valder committed
589

Julian Rother's avatar
Julian Rother committed
590
591
592
593
@app.route('/files/<filename>')
def files(filename):
	return redirect(config['VIDEOPREFIX']+'/'+filename)

Andreas Valder's avatar
Andreas Valder committed
594
@app.route('/sitemap.xml')
Andreas Valder's avatar
Andreas Valder committed
595
596
597
598
599
600
601
602
603
604
def sitemap():
	pages=[]
	# static pages
	for rule in app.url_map.iter_rules():
		if 'GET' in rule.methods and len(rule.arguments)==0:
			if rule.endpoint not in mod_endpoints:
				pages.append([rule.rule])
	for i in query('select * from courses where visible and listed'):
		pages.append([url_for('course',handle=i['handle'])])
		for j in query('select * from lectures where (course_id = ? and visible)',i['id']):
605
			pages.append([url_for('lecture',course=i['handle'],id=j['id'])])
Andreas Valder's avatar
Andreas Valder committed
606
607
608
609


	return Response(render_template('sitemap.xml', pages=pages), 200, {'Content-Type': 'application/atom+xml'} )

610
611
612
613
614

@app.route('/site/')
@app.route('/site/<string:phpfile>')
def legacy(phpfile=None):
	if phpfile=='embed.php' and ('lecture' in request.args):
615
616
617
618
		courses = query('SELECT courses.handle FROM courses JOIN lectures ON courses.id = lectures.course_id WHERE lectures.id = ?', request.args['lecture'])
		if not courses:
			return render_endpoint('index', 'Diese Seite existiert nicht!'), 404
		return redirect(url_for('embed', course=courses[0]['handle'], id=request.args['lecture']),code=302)
619
620
621
622
623
624
625
626
	if phpfile=='embed.php' and ('vid' in request.args):
		lectures = query('SELECT lecture_id FROM videos WHERE id = ?', request.args['vid'])
		if not lectures:
			return render_endpoint('index', 'Dieses Videos existiert nicht!'), 404
		courses = query('SELECT courses.handle FROM courses JOIN lectures ON courses.id = lectures.course_id WHERE lectures.id = ?', lectures[0]['lecture_id'])
		if not courses:
			return render_endpoint('index', 'Diese Seite existiert nicht!'), 404
		return redirect(url_for('embed', course=courses[0]['handle'], id=lectures[0]['lecture_id']),code=302)
627
628
629
630
631
632
633
634
	if phpfile=='feed.php' and ('all' in request.args):
		return redirect(url_for('feed'),code=302)
	if phpfile=='feed.php' and ('newcourses' in request.args):
		return redirect(url_for('courses_feed'),code=302)
	if phpfile=='feed.php':
		return redirect(url_for('feed', handle=request.args.copy().popitem()[0]),code=302)
	print("Unknown legacy url:",request.url)
	return redirect(url_for('index'),code=302)
Julian Rother's avatar
Julian Rother committed
635
636
637
638
639
640
641
642
643
644
645
646

import json

@app.route('/internal/dbstatus')
@register_navbar('DB-Status', icon='ok')
@mod_required
def dbstatus():
	hosts = set()
	clusters = {}
	status = {}
	variables = {}
	for host in config.get('MYSQL_DBSTATUS_HOSTS', [])+[config.get('MYSQL_HOST', None)]:
Andreas Valder's avatar
Andreas Valder committed
647
648
649
650
651
		try:
			for _host in show('SHOW VARIABLES LIKE "wsrep_cluster_address"', host=host)['wsrep_cluster_address'][len('gcomm://'):].split(','):
				hosts.add(_host)
		except:
			pass
Julian Rother's avatar
Julian Rother committed
652
	for host in sorted(list(hosts)):
Julian Rother's avatar
Julian Rother committed
653
654
655
656
657
658
659
660
661
662
663
664
		try:
			status[host] = show('SHOW GLOBAL STATUS LIKE "wsrep%"', host=host)
			variables[host] = show('SHOW GLOBAL VARIABLES LIKE "wsrep%"', host=host)
		except:
			status[host] = {'wsrep_cluster_state_uuid': '', 'wsrep_local_state_comment': 'Not reachable', 'wsrep_cluster_conf_id': '0', 'wsrep_cluster_status': 'Unknown'}
			variables[host] = {'wsrep_node_name': host, 'wsrep_cluster_name': 'unknown'}
		cluster = variables[host]['wsrep_cluster_name']+'-'+status[host]['wsrep_cluster_conf_id']
		if cluster not in clusters:
			clusters[cluster] = []
		clusters[cluster].append(host)
	return render_template('dbstatus.html', clusters=clusters, statuses=status, vars=variables), 200

665
666
667
668
669
670
671
@app.template_global()
def is_readonly():
	try:
		return show('SHOW GLOBAL STATUS LIKE "wsrep_ready"')['wsrep_ready'] != 'ON'
	except:
		return True

Andreas Valder's avatar
Andreas Valder committed
672
import edit
Julian Rother's avatar
Julian Rother committed
673
import feeds
674
import importer
675
import stats
Andreas Valder's avatar
Andreas Valder committed
676
import sorter
677
678
if 'ICAL_URL' in config:
	import meetings
679
import l2pauth
Andreas Valder's avatar
Andreas Valder committed
680
681
if 'JOBS_API_KEY' in config:
	import jobs
Andreas Valder's avatar
Andreas Valder committed
682
import timetable
Andreas Valder's avatar
Andreas Valder committed
683
import chapters