|
|
|
@ -111,6 +111,50 @@ def AuthenticateBlock(inRequest):
|
|
|
|
inRequest.end_headers()
|
|
|
|
inRequest.end_headers()
|
|
|
|
# Write content as utf-8 data
|
|
|
|
# Write content as utf-8 data
|
|
|
|
inRequest.wfile.write(bytes("", "utf8"))
|
|
|
|
inRequest.wfile.write(bytes("", "utf8"))
|
|
|
|
|
|
|
|
#Check access before execute the action
|
|
|
|
|
|
|
|
#return bool True - go execute, False - dont execute
|
|
|
|
|
|
|
|
def UserAccessCheckBefore(inMethod, inRequest):
|
|
|
|
|
|
|
|
# Help def - Get access flag from dict
|
|
|
|
|
|
|
|
def HelpGetFlag(inAccessRuleItem, inRequest, inGlobalDict, inAuthenticateDict):
|
|
|
|
|
|
|
|
if "FlagAccess" in inAccessRuleItem:
|
|
|
|
|
|
|
|
return inAccessRuleItem["FlagAccess"]
|
|
|
|
|
|
|
|
elif "FlagAccessDefRequestGlobalAuthenticate" in inAccessRuleItem:
|
|
|
|
|
|
|
|
return inAccessRuleItem["FlagAccessDefRequestGlobalAuthenticate"](inRequest, inGlobalDict,
|
|
|
|
|
|
|
|
inAuthenticateDict)
|
|
|
|
|
|
|
|
##########################################
|
|
|
|
|
|
|
|
inMethod=inMethod.upper()
|
|
|
|
|
|
|
|
#Prepare result false
|
|
|
|
|
|
|
|
lResult = False
|
|
|
|
|
|
|
|
#Check rules to find first appicable
|
|
|
|
|
|
|
|
lAuthToken = inRequest.OpenRPA["AuthToken"]
|
|
|
|
|
|
|
|
#go next if user is identified
|
|
|
|
|
|
|
|
lUserDict = None
|
|
|
|
|
|
|
|
if lAuthToken:
|
|
|
|
|
|
|
|
lUserDict = mGlobalDict["Server"]["AccessUsers"]["AuthTokensDict"][lAuthToken]
|
|
|
|
|
|
|
|
#Check rules
|
|
|
|
|
|
|
|
for lAccessRuleItem in mGlobalDict.get("Server", {}).get("AccessUsers", {}).get("RuleDict", {}).get((lUserDict["Domain"], lUserDict["User"]), {}).get("MethodMatchURLBeforeList", []):
|
|
|
|
|
|
|
|
#Go next execution if flag is false
|
|
|
|
|
|
|
|
if not lResult:
|
|
|
|
|
|
|
|
#Check if Method is identical
|
|
|
|
|
|
|
|
if lAccessRuleItem["Method"].upper() == inMethod:
|
|
|
|
|
|
|
|
#check Match type variant: BeginWith
|
|
|
|
|
|
|
|
if lAccessRuleItem["MatchType"].upper() == "BEGINWITH":
|
|
|
|
|
|
|
|
if inRequest.path.startswith(lAccessRuleItem["URL"]):
|
|
|
|
|
|
|
|
lResult = HelpGetFlag(lAccessRuleItem, inRequest, mGlobalDict, lUserDict)
|
|
|
|
|
|
|
|
#check Match type variant: Contains
|
|
|
|
|
|
|
|
elif lAccessRuleItem["MatchType"].upper() == "CONTAINS":
|
|
|
|
|
|
|
|
if inRequest.path.contains(lAccessRuleItem["URL"]):
|
|
|
|
|
|
|
|
lResult = HelpGetFlag(lAccessRuleItem, inRequest, mGlobalDict, lUserDict)
|
|
|
|
|
|
|
|
# check Match type variant: Equal
|
|
|
|
|
|
|
|
elif lAccessRuleItem["MatchType"].upper() == "EQUAL":
|
|
|
|
|
|
|
|
if lAccessRuleItem["URL"].upper() == inRequest.path.upper():
|
|
|
|
|
|
|
|
lResult = HelpGetFlag(lAccessRuleItem, inRequest, mGlobalDict, lUserDict)
|
|
|
|
|
|
|
|
# check Match type variant: EqualCase
|
|
|
|
|
|
|
|
elif lAccessRuleItem["MatchType"].upper() == "EQUALCASE":
|
|
|
|
|
|
|
|
if lAccessRuleItem["URL"] == inRequest.path:
|
|
|
|
|
|
|
|
lResult = HelpGetFlag(lAccessRuleItem, inRequest, mGlobalDict, lUserDict)
|
|
|
|
|
|
|
|
#Return lResult
|
|
|
|
|
|
|
|
return lResult
|
|
|
|
# HTTPRequestHandler class
|
|
|
|
# HTTPRequestHandler class
|
|
|
|
class testHTTPServer_RequestHandler(BaseHTTPRequestHandler):
|
|
|
|
class testHTTPServer_RequestHandler(BaseHTTPRequestHandler):
|
|
|
|
#ResponseContentTypeFile
|
|
|
|
#ResponseContentTypeFile
|
|
|
|
@ -144,6 +188,14 @@ class testHTTPServer_RequestHandler(BaseHTTPRequestHandler):
|
|
|
|
AuthenticateBlock(self)
|
|
|
|
AuthenticateBlock(self)
|
|
|
|
#####################################
|
|
|
|
#####################################
|
|
|
|
else:
|
|
|
|
else:
|
|
|
|
|
|
|
|
#Check the user access (if flag)
|
|
|
|
|
|
|
|
####################################
|
|
|
|
|
|
|
|
lFlagUserAccess = True
|
|
|
|
|
|
|
|
#If need user authentication
|
|
|
|
|
|
|
|
if mGlobalDict.get("Server", {}).get("AccessUsers", {}).get("FlagCredentialsAsk", False):
|
|
|
|
|
|
|
|
lFlagUserAccess = UserAccessCheckBefore("GET", self)
|
|
|
|
|
|
|
|
######################################
|
|
|
|
|
|
|
|
if lFlagUserAccess:
|
|
|
|
lOrchestratorFolder = "\\".join(__file__.split("\\")[:-1])
|
|
|
|
lOrchestratorFolder = "\\".join(__file__.split("\\")[:-1])
|
|
|
|
#Мост между файлом и http запросом (новый формат)
|
|
|
|
#Мост между файлом и http запросом (новый формат)
|
|
|
|
if self.path == "/":
|
|
|
|
if self.path == "/":
|
|
|
|
@ -209,7 +261,6 @@ class testHTTPServer_RequestHandler(BaseHTTPRequestHandler):
|
|
|
|
# check if file in FileURL - File Path Mapping Dict
|
|
|
|
# check if file in FileURL - File Path Mapping Dict
|
|
|
|
if lFileURL.lower() in mGlobalDict["FileManager"]["FileURLFilePathDict"]:
|
|
|
|
if lFileURL.lower() in mGlobalDict["FileManager"]["FileURLFilePathDict"]:
|
|
|
|
self.SendResponseContentTypeFile('application/octet-stream',mGlobalDict["FileManager"]["FileURLFilePathDict"][lFileURL])
|
|
|
|
self.SendResponseContentTypeFile('application/octet-stream',mGlobalDict["FileManager"]["FileURLFilePathDict"][lFileURL])
|
|
|
|
# Auth function
|
|
|
|
|
|
|
|
# POST
|
|
|
|
# POST
|
|
|
|
def do_POST(self):
|
|
|
|
def do_POST(self):
|
|
|
|
#####################################
|
|
|
|
#####################################
|
|
|
|
@ -226,6 +277,14 @@ class testHTTPServer_RequestHandler(BaseHTTPRequestHandler):
|
|
|
|
AuthenticateBlock(self)
|
|
|
|
AuthenticateBlock(self)
|
|
|
|
#####################################
|
|
|
|
#####################################
|
|
|
|
else:
|
|
|
|
else:
|
|
|
|
|
|
|
|
#Check the user access (if flag)
|
|
|
|
|
|
|
|
####################################
|
|
|
|
|
|
|
|
lFlagUserAccess = True
|
|
|
|
|
|
|
|
#If need user authentication
|
|
|
|
|
|
|
|
if mGlobalDict.get("Server", {}).get("AccessUsers", {}).get("FlagCredentialsAsk", False):
|
|
|
|
|
|
|
|
lFlagUserAccess = UserAccessCheckBefore("GET", self)
|
|
|
|
|
|
|
|
######################################
|
|
|
|
|
|
|
|
if lFlagUserAccess:
|
|
|
|
#Централизованная функция получения запросов/отправки
|
|
|
|
#Централизованная функция получения запросов/отправки
|
|
|
|
if self.path == '/Utils/Processor':
|
|
|
|
if self.path == '/Utils/Processor':
|
|
|
|
#ReadRequest
|
|
|
|
#ReadRequest
|
|
|
|
|
Ivan Maslov
5 years ago