server.py 24.1 KB
Newer Older
1
from flask import Flask, g, request, url_for, redirect, session, render_template, flash, Response, make_response
2
from werkzeug.routing import Rule
3
from functools import wraps
Julian Rother's avatar
Julian Rother committed
4
from datetime import date, timedelta, datetime, time, MINYEAR
5
import threading
6
import os
7
import sys
Julian Rother's avatar
Julian Rother committed
8
import hashlib
9
import random
10
import sched
11
import traceback
12
import string
13
from socket import gethostname
Julian Rother's avatar
Julian Rother committed
14
from ipaddress import ip_address, ip_network
15
import math
16

17
app = Flask(__name__)
18

Andreas Valder's avatar
Andreas Valder committed
19
20
app.jinja_env.trim_blocks = True
app.jinja_env.lstrip_blocks = True
Julian Rother's avatar
Julian Rother committed
21
app.add_template_global(random.randint, name='randint')
22
23
app.add_template_global(datetime, name='datetime')
app.add_template_global(timedelta, name='timedelta')
24
app.add_template_global(gethostname, name='gethostname')
25
26
app.add_template_global(min, name='min')
app.add_template_global(max, name='max')
Andreas Valder's avatar
Andreas Valder committed
27

28
29
scheduler = sched.scheduler()
def run_scheduler():
Andreas Valder's avatar
Andreas Valder committed
30
	import time
31
	time.sleep(1) # UWSGI does weird things on startup
32
33
	while True:
		scheduler.run()
34
		time.sleep(10)
35

36
37
38
def sched_func(delay, priority=0, firstdelay=None, args=[], kargs={}):
	if firstdelay == None:
		firstdelay = random.randint(1, 120)
39
40
41
	def wrapper(func):
		def sched_wrapper():
			with app.test_request_context():
42
43
44
45
				try:
					func(*args, **kargs)
				except Exception:
					traceback.print_exc()
46
			scheduler.enter(delay, priority, sched_wrapper)
47
		scheduler.enter(firstdelay, priority, sched_wrapper)
48
49
50
51
		return func
	return wrapper

threading.Thread(target=run_scheduler, daemon=True).start()
52

53
config = app.config
54
config.from_pyfile('config.py.example', silent=True)
55
56
57
if sys.argv[0].endswith('run.py'): 
	config['SQLITE_INIT_DATA'] = True
	config['DEBUG'] = True
58
config.from_pyfile('config.py', silent=True)
Andreas Valder's avatar
Andreas Valder committed
59
60
if config['DEBUG']:
	app.jinja_env.auto_reload = True
Andreas Valder's avatar
Andreas Valder committed
61
62
63

# get git commit
import subprocess
64
output = subprocess.check_output(['git', "log", "-g", "-1", "--pretty=%H # %h # %d # %s"]).decode('UTF-8').split('#', 4)
Andreas Valder's avatar
Andreas Valder committed
65
app.jinja_env.globals['gitversion'] = { 'hash': output[1], 'longhash': output[0], 'branch': output[2], 'msg': output[3]  }
66

67
68
if not config.get('SECRET_KEY', None):
	config['SECRET_KEY'] = os.urandom(24)
Julian Rother's avatar
Julian Rother committed
69

Julian Rother's avatar
Julian Rother committed
70
from db import query, modify, searchquery, ldapauth, ldapget
Julian Rother's avatar
Julian Rother committed
71

72
mod_endpoints = []
Julian Rother's avatar
Julian Rother committed
73

Julian Rother's avatar
Cleanup    
Julian Rother committed
74
@app.template_global()
75
76
77
78
def ismod(*args):
	return ('user' in session)

def mod_required(func):
79
	mod_endpoints.append(func.__name__)
80
81
	@wraps(func)
	def decorator(*args, **kwargs):
82
		if not ismod():
83
84
85
86
87
88
			flash('Diese Funktion ist nur für Moderatoren verfügbar!')
			return redirect(url_for('login', ref=request.url))
		else:
			return func(*args, **kwargs)
	return decorator

89
90
csrf_endpoints = []

91
def csrf_protect(func):
92
	csrf_endpoints.append(func.__name__)
93
94
95
96
	@wraps(func)
	def decorator(*args, **kwargs):
		if '_csrf_token' in request.values:
			token = request.values['_csrf_token']
Andreas Valder's avatar
Andreas Valder committed
97
		elif request.get_json() and ('_csrf_token' in request.get_json()):
98
99
			token = request.get_json()['_csrf_token']
		else:
100
			token = None
101
102
103
104
105
106
		if not ('_csrf_token' in session) or (session['_csrf_token'] != token ) or not token: 
			return 'csrf test failed', 403
		else:
			return func(*args, **kwargs)
	return decorator

107
108
@app.url_defaults
def csrf_inject(endpoint, values):
109
	if endpoint not in csrf_endpoints or not session.get('_csrf_token'):
110
111
112
		return
	values['_csrf_token'] = session['_csrf_token']

113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
def evalperm(perms):
	cperms = []
	lperms = []
	vperms = []
	for perm in perms:
		if perm['course_id']:
			cperms.append(perm)
		elif perm['lecture_id']:
			lperms.append(perm)
		elif perm['video_id']:
			vperms.append(perm)
	if vperms:
		return vperms
	elif lperms:
	 	return lperms
	elif cperms:
		return cperms
	return [{'type': 'public'}]
131
132

@app.template_filter()
133
def checkperm(perms, username=None, password=None):
134
135
	if ismod():
		return True
136
137
138
	perms = evalperm(perms)
	for perm in perms:
		if perm['type'] == 'public':
139
			return True
140
141
		elif perm['type'] == 'password':
			if perm['param1'] == username and perm['param2'] == password:
142
				return True
143
144
		elif perm['type'] == 'l2p':
			if perm['param1'] in session.get('l2p_courses', []):
145
				return True
146
		elif perm['type'] == 'rwth':
147
148
			if session.get('rwthintern', False):
				return True
149
150
151
			if 'X-Real-IP' not in request.headers:
				continue
			ip = ip_address(request.headers['X-Real-IP'])
Julian Rother's avatar
Julian Rother committed
152
			for net in config['RWTH_IP_RANGES']:
153
154
				if ip in ip_network(net):
					return True
155
156
157
	return False

@app.template_filter()
158
159
def permdescr(perms):
	perms = evalperm(perms)
160
161
162
163
	public = False
	password = False
	l2p_courses = []
	rwth_intern = False
164
	fsmpi_intern = False
165
166
	for perm in perms:
		if perm['type'] == 'public':
167
			public = True
168
		elif perm['type'] == 'password':
169
			password = True
170
		elif perm['type'] == 'l2p':
171
			l2p_courses.append(perm['param1'])
172
		elif perm['type'] == 'rwth':
173
			rwth_intern = True
174
175
		elif perm['type'] == 'fsmpi':
			fsmpi_intern = True
176
	if public or not perms:
177
178
179
180
181
		return 'public', 'Öffentlich verfügbar'
	if rwth_intern:
		if password:
			return 'rwth', 'Nur für RWTH-Angehörige und Nutzer mit Passwort verfügbar'
		return 'rwth', 'Nur für RWTH-Angehörige verfügbar'
182
183
	if fsmpi_intern:
		return 'fsmpi', 'Nur für Fachschaftler verfügbar'
184
185
	if l2p_courses:
		if password:
186
187
			return 'l2p', 'Nur für Teilnehmer der Veranstaltung und Nutzer mit Passwort verfügbar'
		return 'l2p', 'Nur für Teilnehmer der Veranstaltung verfügbar'
188
189
190
191
	if password:
		return 'password', 'Nur für Nutzer mit Passwort verfügbar'
	return 'public', 'Öffentlich verfügbar'

192
app.jinja_env.globals['navbar'] = []
193
194
195
196
197
# iconlib can be 'bootstrap'
# ( see: http://getbootstrap.com/components/#glyphicons )
# or 'fa'
# ( see: http://fontawesome.io/icons/ )
def register_navbar(name, iconlib='bootstrap', icon=None):
198
	def wrapper(func):
199
		endpoint = func.__name__
200
		app.jinja_env.globals['navbar'].append((endpoint, name, iconlib, icon, not endpoint in mod_endpoints))
201
202
203
		return func
	return wrapper

Julian Rother's avatar
Cleanup    
Julian Rother committed
204
205
206
207
def render_endpoint(endpoint, flashtext=None, **kargs):
	if flashtext:
		flash(flashtext)
	# request.endpoint is used for navbar highlighting
208
	request.url_rule = Rule(request.path, endpoint=endpoint)
Julian Rother's avatar
Cleanup    
Julian Rother committed
209
210
	return app.view_functions[endpoint](**kargs)

211
212
213
214
215
216
217
def handle_errors(endpoint, text, code, *errors, **epargs):
	def wrapper(func):
		@wraps(func)
		def decorator(*args, **kwargs):
			try:
				return func(*args, **kwargs)
			except errors:
Julian Rother's avatar
Julian Rother committed
218
				if endpoint:
219
					return make_response(render_endpoint(endpoint, text, **epargs), code)
Julian Rother's avatar
Julian Rother committed
220
221
				else:
					return text, code
222
223
224
		return decorator
	return wrapper

Julian Rother's avatar
Cleanup    
Julian Rother committed
225
226
@app.errorhandler(404)
def handle_not_found(e):
227
	return render_endpoint('index', 'Diese Seite existiert nicht!'), 404
Julian Rother's avatar
Cleanup    
Julian Rother committed
228

229
230
231
232
@app.errorhandler(500)
@app.errorhandler(Exception)
def handle_internal_error(e):
	traceback.print_exc()
233
	return render_template('500.html'), 500
234

235
236
237
238
239
240
241
242
243
244
@sched_func(5*60, firstdelay=0)
def dump_error_page():
	if 'ERROR_PAGE' not in config:
		return
	request.url_rule = Rule(request.path, endpoint='handle_internal_error')
	text = render_template('500.html')
	f = open(config['ERROR_PAGE'], 'w')
	f.write(text)
	f.close()

Andreas Valder's avatar
Andreas Valder committed
245
246
# debian ships jinja2 without this test...
@app.template_test(name='equalto')
247
248
249
def equalto(a,b):
	return a == b

250
251
252
253
254
255
256
257
@app.template_filter(name='filterdict')
def jinja2_filterdict(value, attrdel):
	v = dict(value)
	for a in attrdel:
		if a in v:
			del v[a]
	return dict(v)

Julian Rother's avatar
Julian Rother committed
258
@app.template_filter(name='semester')
259
260
261
262
263
264
265
266
267
268
269
270
271
272
def human_semester(s, long=False):
	if not s or s == 'zeitlos' or len(s) != 6:
		return 'Zeitlos'
	year = s[0:4]
	semester = s[4:6].upper()
	if not year.isdigit() or semester not in ['SS', 'WS']:
		print('Invalid semester string "%s"'%s)
		return '??'
	if not long:
		return semester+year[2:]
	elif semester == 'SS':
		return 'Sommersemester %s'%year
	else:
		return 'Wintersemester %s/%s'%(year, str(int(year)+1)[2:])
Julian Rother's avatar
Julian Rother committed
273
274
275

@app.template_filter(name='date')
def human_date(d):
Andreas Valder's avatar
Andreas Valder committed
276
	return d.strftime('%d.%m.%Y')
Julian Rother's avatar
Julian Rother committed
277

Andreas Valder's avatar
Andreas Valder committed
278
@app.template_filter(name='time')
279
def human_time(d):
Andreas Valder's avatar
Andreas Valder committed
280
281
	return d.strftime('%H:%M')

Julian Rother's avatar
Julian Rother committed
282
283
284
285
@app.template_filter()
def rfc3339(d):
	return d.strftime('%Y-%m-%dT%H:%M:%S+02:00')

286
287
@app.template_global()
def get_announcements(minlevel=0):
288
289
	offset = timedelta()
	if ismod():
290
		offset = timedelta(hours=24)
291
292
293
294
	try:
		return query('SELECT * FROM announcements WHERE NOT deleted AND ((time_expire = NULL) OR time_expire > ?) AND (? OR (visible AND time_publish < ?)) AND level >= ? ORDER BY level DESC', datetime.now()-offset, ismod(), datetime.now(), minlevel)
	except:
		return []
295

296
297
298
299
300
@app.template_filter()
def fixnl(s):
	# To be remove, as soon as db schema is cleaned-up
	return str(s).replace('\n', '<br>')

301
302
303
304
305
306
307
308
309
310
311
@app.template_filter()
def tagid(s):
	if not s:
		return 'EMPTY'
	s = s.replace(' ', '_').lower()
	r = ''
	for c in s:
		if c in string.ascii_lowercase+string.digits+'_':
			r = r + c
	return r

312
@app.route('/')
313
@register_navbar('Home', icon='home')
314
def index():
315
316
317
	# handle legacy urls...
	if 'course' in request.args:
		return redirect(url_for('course', handle=request.args['course']),code=302)
318
319
	if 'view' in request.args:
		if (request.args['view'] == 'player') and ('lectureid' in request.args) :
320
321
322
323
			courses = query('SELECT courses.handle FROM courses JOIN lectures ON courses.id = lectures.course_id WHERE lectures.id = ?', request.args['lectureid'])
			if not courses:
				return "Not found", 404
			return redirect(url_for('lecture', course=courses[0]['handle'], id=request.args['lectureid']),code=302)
324

325
326
	start = date.today() - timedelta(days=1)
	end = start + timedelta(days=7)
327
328
	upcomming = query('''
		SELECT lectures.*, "course" AS sep, courses.*
Andreas Valder's avatar
Andreas Valder committed
329
330
		FROM lectures
		JOIN courses ON (lectures.course_id = courses.id)
331
332
		WHERE (time > ?) AND (time < ?) and lectures.visible and courses.visible and courses.listed
		ORDER BY time ASC LIMIT 30''',start,end)
Andreas Valder's avatar
Andreas Valder committed
333
334
335
	for i in upcomming:
		i['date'] = i['time'].date()
	latestvideos=query('''
336
		SELECT lectures.*, "course" AS sep, courses.*
Andreas Valder's avatar
Andreas Valder committed
337
338
339
340
341
		FROM lectures
		LEFT JOIN videos ON (videos.lecture_id = lectures.id)
		LEFT JOIN courses on (courses.id = lectures.course_id)
		WHERE (? OR (courses.visible AND courses.listed AND lectures.visible AND videos.visible))
		GROUP BY videos.lecture_id
342
		ORDER BY MAX(videos.time_created) DESC
Andreas Valder's avatar
Andreas Valder committed
343
		LIMIT 6	''',ismod())
344
345
346
347
348
349
	livestreams = query('''SELECT streams.handle AS live, lectures.*, "course" AS sep, courses.*
		FROM streams
		JOIN lectures ON lectures.id = streams.lecture_id
		JOIN courses ON courses.id = lectures.course_id
		WHERE streams.active AND (? OR (streams.visible AND courses.visible AND courses.listed AND lectures.visible))
		''', ismod())
Julian Rother's avatar
Julian Rother committed
350
	featured = query('SELECT * FROM featured WHERE (? OR visible) ORDER BY `order`', ismod())
351
	featured = list(filter(lambda x: not x['deleted'], featured))
Julian Rother's avatar
Julian Rother committed
352
353
354
355
	for item in featured:
		if item['type'] == 'courses':
			if item['param'] not in ['title', 'semester', 'organizer', 'subject']:
				continue
356
			item['courses'] = query('SELECT * FROM courses WHERE (visible AND listed) AND `%s` = ? ORDER BY `%s`'%(item['param'], item['param']), item['param2'])
357
	return render_template('index.html', latestvideos=livestreams+latestvideos, upcomming=upcomming, featured=featured)
358

359
@app.route('/courses')
360
@register_navbar('Videos', icon='film')
361
def courses():
Andreas Valder's avatar
Andreas Valder committed
362
	courses = query('SELECT * FROM courses WHERE (? OR (visible AND listed)) ORDER BY semester, title COLLATE NOCASE', ismod())
363
364
365
	for course in courses:
		if course['semester'] == '':
			course['semester'] = 'zeitlos'
Andreas Valder's avatar
Andreas Valder committed
366
	groupedby = request.args.get('groupedby')
Julian Rother's avatar
Julian Rother committed
367
	if groupedby not in ['title', 'semester', 'organizer', 'subject']:
Andreas Valder's avatar
Andreas Valder committed
368
		groupedby = 'semester'
369
	return render_template('courses.html', courses=courses, groupedby=groupedby)
Andreas Valder's avatar
Andreas Valder committed
370

371
372
373
374
375
376
377
378
def genlive(streams):
	for stream in streams:
		stream['visible'] = True
		stream['downloadable'] = False
		stream['path'] = 'pub/hls/%s.m3u8'%stream['live']
		stream['file_size'] = 0
	return streams

379
380
@app.route('/<handle>')
@app.route('/<int:id>')
381
@handle_errors('courses', 'Diese Veranstaltung existiert nicht!', 404, IndexError)
382
383
def course(id=None, handle=None):
	if id:
384
		course = query('SELECT * FROM courses WHERE id = ? AND (? OR visible)', id, ismod())[0]
385
	else:
386
		course = query('SELECT * FROM courses WHERE handle = ? AND (? OR visible)', handle, ismod())[0]
387
388
	course['perm'] = query('SELECT * FROM perm WHERE (NOT perm.deleted) AND course_id = ? ORDER BY type', course['id'])
	perms = query('SELECT perm.* FROM perm JOIN lectures ON (perm.lecture_id = lectures.id) WHERE (NOT perm.deleted) AND lectures.course_id = ? ORDER BY perm.type', course['id'])
389
	lectures = query('SELECT * FROM lectures WHERE course_id = ? AND (? OR visible) ORDER BY time, duration DESC', course['id'], ismod())
390
	for lecture in lectures:
391
		lecture['perm'] = []
392
		lecture['perm'] += course['perm']
393
		lecture['course'] = course
394
395
396
		for perm in perms:
			if perm['lecture_id'] == lecture['id']:
				lecture['perm'].append(perm)
Andreas Valder's avatar
Andreas Valder committed
397
	videos = query('''
398
			SELECT videos.*, (videos.downloadable AND courses.downloadable) as downloadable, formats.description AS format_description, formats.player_prio, formats.prio
Andreas Valder's avatar
Andreas Valder committed
399
400
401
402
403
404
			FROM videos
			JOIN lectures ON (videos.lecture_id = lectures.id)
			JOIN formats ON (videos.video_format = formats.id)
			JOIN courses ON (lectures.course_id = courses.id)
			WHERE lectures.course_id= ? AND (? OR videos.visible)
			ORDER BY lectures.time, formats.prio DESC
405
			''', course['id'], ismod())
406
407
408
409
410
411
412
	livestreams = query('''SELECT streams.handle AS live, streams.lecture_id, formats.description AS format_description, formats.player_prio, formats.prio
			FROM streams
			JOIN lectures ON lectures.id = streams.lecture_id
			JOIN formats ON formats.keywords = "hls"
			WHERE streams.active AND (? OR streams.visible) AND lectures.course_id = ?
			''', ismod(), course['id'])
	videos += genlive(livestreams)
413
	return render_template('course.html', course=course, lectures=lectures, videos=videos)
Andreas Valder's avatar
Andreas Valder committed
414

Andreas Valder's avatar
Andreas Valder committed
415
@app.route('/faq')
416
@register_navbar('FAQ', icon='question-sign')
Andreas Valder's avatar
Andreas Valder committed
417
def faq():
418
	return render_template('faq.html')
Andreas Valder's avatar
Andreas Valder committed
419

420
421
422
423
@app.route('/<course>/<int:id>')
@app.route('/<int:courseid>/<int:id>')
@app.route('/<course>/<int:id>/embed', endpoint='embed')
@app.route('/<int:courseid>/<int:id>/embed', endpoint='embed')
424
@handle_errors('course', 'Diese Vorlesung existiert nicht!', 404, IndexError)
425
def lecture(id, course=None, courseid=None):
Andreas Valder's avatar
Andreas Valder committed
426
427
	lecture = query('SELECT * FROM lectures WHERE id = ? AND (? OR visible)', id, ismod())[0]
	videos = query('''
428
			SELECT videos.*, (videos.downloadable AND courses.downloadable) as downloadable, formats.description AS format_description, formats.player_prio, formats.prio, formats.mimetype
Andreas Valder's avatar
Andreas Valder committed
429
430
			FROM videos
			JOIN formats ON (videos.video_format = formats.id)
431
432
433
434
			JOIN courses ON (courses.id = ?)
			WHERE videos.lecture_id = ? AND (? OR videos.visible)
			ORDER BY formats.prio DESC
			''', lecture['course_id'], lecture['id'], ismod())
435
436
437
438
439
440
441
	livestreams = query('''SELECT streams.handle AS live, streams.lecture_id, formats.description AS format_description, formats.player_prio, formats.prio, formats.mimetype
			FROM streams
			JOIN lectures ON lectures.id = streams.lecture_id
			JOIN formats ON formats.keywords = "hls"
			WHERE streams.active AND (? OR streams.visible) AND lectures.id = ?
			''', ismod(), id)
	videos += genlive(livestreams)
442
	perms = query('SELECT perm.* FROM perm WHERE ((NOT perm.deleted) AND (perm.lecture_id = ? OR perm.course_id = ?))',
443
			lecture['id'], lecture['course_id'])
444
445
	if not videos:
		flash('Zu dieser Vorlesung wurden noch keine Videos veröffentlicht!')
446
	courses = query('SELECT * FROM courses WHERE id = ? AND (? OR visible)', lecture['course_id'], ismod())
447
448
	if not courses:
		return render_endpoint('courses', 'Diese Veranstaltung existiert nicht!'), 404
449
	chapters = query('SELECT * FROM chapters WHERE lecture_id = ? AND NOT deleted AND (? OR visible) ORDER BY time ASC', id, ismod())
450
451
	if not checkperm(perms):
		mode, text = permdescr(perms)
452
		if mode == 'rwth':
453
			flash(text+'. <a target="_blank" class="reloadonclose" href="'+url_for('start_rwthauth')+'">Hier authorisieren</a>.', category='player')
454
		elif mode == 'l2p':
455
			if 'l2p_courses' in session:
456
				flash(text+'. Du bist kein Teilnehmer des L2P-Kurses! <a target="_blank" class="reloadonclose" href="'+url_for('start_l2pauth')+'">Kurse aktualisieren</a>.', category='player')
457
			else:
458
				flash(text+'. <a target="_blank" class="reloadonclose" href="'+url_for('start_l2pauth')+'">Hier authorisieren</a>.', category='player')
459
		else:
460
			flash(text+'.', category='player')
461
	return render_template('embed.html' if request.endpoint == 'embed' else 'lecture.html', course=courses[0], lecture=lecture, videos=videos, chapters=chapters)
Andreas Valder's avatar
Andreas Valder committed
462

463
464
465
466
467
468
469

@app.route('/search')
def search():
	if 'q' not in request.args:
		return redirect(url_for('index'))
	q = request.args['q']
	courses = searchquery(q, '*', ['title', 'short', 'organizer', 'subject', 'description'],
470
			'courses', 'WHERE (? OR (visible AND listed)) GROUP BY id ORDER BY _score DESC, semester DESC LIMIT 20', ismod())
Julian Rother's avatar
Julian Rother committed
471
472
473
474
475
	#lectures = searchquery(q, 'lectures.*, courses.visible AS coursevisible, courses.listed, "course" AS sep, courses.*',
	#			['lectures.title', 'lectures.comment', 'lectures.speaker', 'courses.short'],
	#			'lectures LEFT JOIN courses on (courses.id = lectures.course_id)',
	#			'WHERE (? OR (coursevisible AND listed AND visible)) GROUP BY id ORDER BY _score DESC, time DESC LIMIT 30', ismod())
	lectures = searchquery(q, 'lectures.*, courses.visible AS coursevisible, courses.listed, courses.id AS courses_id, courses.visible AS courses_visible, courses.listed AS courses_listed, courses.title AS courses_title, courses.short AS courses_short, courses.handle AS courses_handle, courses.organizer AS courses_organizer, courses.subject AS courses_subject, courses.credits AS courses_credits, courses.created_by AS courses_created_by, courses.time_created AS courses_time_created, courses.time_updated AS courses_time_updated, courses.semester AS courses_semester, courses.downloadable AS courses_downloadable, courses.embedinvisible AS courses_embedinvisible, courses.description AS courses_description, courses.internal AS courses_internal, courses.responsible AS courses_responsible',
476
477
			['lectures.title', 'lectures.comment', 'lectures.speaker', 'courses.short'],
			'lectures LEFT JOIN courses on (courses.id = lectures.course_id)',
478
			'WHERE (? OR (coursevisible AND listed AND visible)) GROUP BY id ORDER BY _score DESC, time DESC LIMIT 30', ismod())
Julian Rother's avatar
Julian Rother committed
479
480
481
482
483
	for lecture in lectures:
		lecture['course'] = {}
		for key in lecture:
			if key.startswith('courses_'):
				lecture['course'][key[8:]] = lecture[key]
484
	return render_template('search.html', searchtext=request.args['q'], courses=courses, lectures=lectures)
Andreas Valder's avatar
Andreas Valder committed
485

486
487
488
def check_mod(user, groups):
	return user and 'users' in groups

489
@app.route('/internal/login', methods=['GET', 'POST'])
Julian Rother's avatar
Julian Rother committed
490
def login():
491
492
	if request.method == 'GET':
		return render_template('login.html')
Julian Rother's avatar
Julian Rother committed
493
	user, groups = ldapauth(request.form.get('user'), request.form.get('password'))
494
	if not check_mod(user, groups):
495
		flash('Login fehlgeschlagen!')
496
497
498
499
		return render_template('login.html')
	session['user'] = ldapget(user)
	dbuser = query('SELECT * FROM users WHERE name = ?', user)
	if not dbuser:
Julian Rother's avatar
Julian Rother committed
500
		modify('INSERT INTO users (name, realname, fsacc, level, calendar_key, rfc6238) VALUES (?, ?, ?, 1, "", "")', user, session['user']['givenName'], user)
501
502
		dbuser = query('SELECT * FROM users WHERE name = ?', user)
	session['user']['dbid'] = dbuser[0]['id']
503
	session['_csrf_token'] = ''.join(random.SystemRandom().choice(string.ascii_letters + string.digits) for _ in range(128))
Andreas Valder's avatar
Andreas Valder committed
504
	session.permanent = True
Julian Rother's avatar
Julian Rother committed
505
	return redirect(request.values.get('ref', url_for('index')))
Julian Rother's avatar
Julian Rother committed
506

507
@app.route('/internal/logout', methods=['GET', 'POST'])
Julian Rother's avatar
Julian Rother committed
508
509
def logout():
	session.pop('user')
Julian Rother's avatar
Julian Rother committed
510
	return redirect(request.values.get('ref', url_for('index')))
Julian Rother's avatar
Julian Rother committed
511

512
@app.route('/internal/auth')
513
514
515
516
def auth(): # For use with nginx auth_request
	if 'X-Original-Uri' not in request.headers:
		return 'Internal Server Error', 500
	url = request.headers['X-Original-Uri'].lstrip(config['VIDEOPREFIX'])
Julian Rother's avatar
Julian Rother committed
517
518
	if request.cookies.get('tracking', '') and request.cookies['tracking'].isdigit():
		cookie = int(request.cookies['tracking'])
519
	else:
Julian Rother's avatar
Julian Rother committed
520
		cookie = random.getrandbits(8*8-1)
521
	if url.endswith('jpg') or ismod():
522
		return "OK", 200
523
524
	if url.startswith('pub/hls/'):
		handle = url[len('pub/hls/'):].split('_')[0].split('.')[0]
525
		perms = query('''SELECT lectures.id AS lecture, perm.*
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
				FROM streams
				JOIN lectures ON (streams.lecture_id = lectures.id)
				JOIN courses ON (lectures.course_id = courses.id)
				LEFT JOIN perm ON ((lectures.id = perm.lecture_id OR courses.id = perm.course_id) AND NOT perm.deleted)
				WHERE streams.handle = ?
				AND (courses.visible AND lectures.visible AND streams.visible)
				ORDER BY perm.video_id DESC, perm.lecture_id DESC, perm.course_id DESC''', handle)
	else:
		perms = query('''SELECT videos.path, videos.id AS vid, perm.*
				FROM videos
				JOIN lectures ON (videos.lecture_id = lectures.id)
				JOIN courses ON (lectures.course_id = courses.id)
				LEFT JOIN perm ON ((videos.id = perm.video_id OR lectures.id = perm.lecture_id OR courses.id = perm.course_id) AND NOT perm.deleted)
				WHERE videos.path = ?
				AND (courses.visible AND lectures.visible AND videos.visible)
				ORDER BY perm.video_id DESC, perm.lecture_id DESC, perm.course_id DESC''',
				url)
543
	if not perms:
544
		return "Not allowed", 403
545
	auth = request.authorization
546
547
548
549
	username = password = None
	if auth:
		username = auth.username
		password = auth.password
550
	if checkperm(perms, username=username, password=password):
551
		try:
552
553
			if not url.startswith('pub/hls/'):
				modify('INSERT INTO log (id, `time`, `date`, video, source) VALUES (?, ?, ?, ?, 1)', cookie, datetime.now(), datetime.combine(date.today(), time()), perms[0]['vid'])
554
555
556
557
			elif url.endswith('.ts'):
				fmt = url.split('_')[-1].split('-')[0]
				seg = url.split('.')[0].split('-')[-1]
				modify('INSERT INTO hlslog (id, `time`, segment, lecture, handle, format) VALUES (?, ?, ?, ?, ?, ?)', cookie, datetime.now(), seg, perms[0]['lecture'], handle, fmt)
558
559
560
		except:
			pass
		r = make_response('OK', 200)
Julian Rother's avatar
Julian Rother committed
561
		r.set_cookie('tracking', str(cookie), max_age=2147483647) # Many many years
562
		return r
563
	password_auth = False
564
565
	for perm in perms:
		if perm['type'] == 'password':
566
567
568
			password_auth = True
			break
	if password_auth:
569
570
		return Response("Login required", 401, {'WWW-Authenticate': 'Basic realm="Login Required"'})
	return "Not allowed", 403
Andreas Valder's avatar
Andreas Valder committed
571

Julian Rother's avatar
Julian Rother committed
572
573
574
575
@app.route('/files/<filename>')
def files(filename):
	return redirect(config['VIDEOPREFIX']+'/'+filename)

Andreas Valder's avatar
Andreas Valder committed
576
@app.route('/sitemap.xml')
Andreas Valder's avatar
Andreas Valder committed
577
578
579
580
581
582
583
584
585
586
def sitemap():
	pages=[]
	# static pages
	for rule in app.url_map.iter_rules():
		if 'GET' in rule.methods and len(rule.arguments)==0:
			if rule.endpoint not in mod_endpoints:
				pages.append([rule.rule])
	for i in query('select * from courses where visible and listed'):
		pages.append([url_for('course',handle=i['handle'])])
		for j in query('select * from lectures where (course_id = ? and visible)',i['id']):
587
			pages.append([url_for('lecture',course=i['handle'],id=j['id'])])
Andreas Valder's avatar
Andreas Valder committed
588
589
590
591


	return Response(render_template('sitemap.xml', pages=pages), 200, {'Content-Type': 'application/atom+xml'} )

592
593
594
595
596

@app.route('/site/')
@app.route('/site/<string:phpfile>')
def legacy(phpfile=None):
	if phpfile=='embed.php' and ('lecture' in request.args):
597
598
599
600
		courses = query('SELECT courses.handle FROM courses JOIN lectures ON courses.id = lectures.course_id WHERE lectures.id = ?', request.args['lecture'])
		if not courses:
			return render_endpoint('index', 'Diese Seite existiert nicht!'), 404
		return redirect(url_for('embed', course=courses[0]['handle'], id=request.args['lecture']),code=302)
601
602
603
604
605
606
607
608
	if phpfile=='embed.php' and ('vid' in request.args):
		lectures = query('SELECT lecture_id FROM videos WHERE id = ?', request.args['vid'])
		if not lectures:
			return render_endpoint('index', 'Dieses Videos existiert nicht!'), 404
		courses = query('SELECT courses.handle FROM courses JOIN lectures ON courses.id = lectures.course_id WHERE lectures.id = ?', lectures[0]['lecture_id'])
		if not courses:
			return render_endpoint('index', 'Diese Seite existiert nicht!'), 404
		return redirect(url_for('embed', course=courses[0]['handle'], id=lectures[0]['lecture_id']),code=302)
609
610
611
612
613
614
615
616
617
	if phpfile=='feed.php' and ('all' in request.args):
		return redirect(url_for('feed'),code=302)
	if phpfile=='feed.php' and ('newcourses' in request.args):
		return redirect(url_for('courses_feed'),code=302)
	if phpfile=='feed.php':
		return redirect(url_for('feed', handle=request.args.copy().popitem()[0]),code=302)
	print("Unknown legacy url:",request.url)
	return redirect(url_for('index'),code=302)
	
Andreas Valder's avatar
Andreas Valder committed
618
import edit
Julian Rother's avatar
Julian Rother committed
619
import feeds
620
import importer
621
import stats
Andreas Valder's avatar
Andreas Valder committed
622
import sorter
623
624
if 'ICAL_URL' in config:
	import meetings
625
import l2pauth
Andreas Valder's avatar
Andreas Valder committed
626
627
if 'JOBS_API_KEY' in config:
	import jobs
Andreas Valder's avatar
Andreas Valder committed
628
import timetable
Andreas Valder's avatar
Andreas Valder committed
629
import chapters