diff --git a/vj4/app.py b/vj4/app.py index 54635fb57..1d05efb8e 100644 --- a/vj4/app.py +++ b/vj4/app.py @@ -69,10 +69,11 @@ def __init__(self): self.router.add_static('/', static_path, name='static') -def route(url, name): +def route(url, name, global_route=False): def decorate(handler): handler.NAME = handler.NAME or name handler.TITLE = handler.TITLE or name + handler.GLOBAL = global_route Application().router.add_route('*', url, handler, name=name) Application().router.add_route('*', '/d/{domain_id}' + url, handler, name=name + '_with_domain_id') @@ -81,8 +82,9 @@ def decorate(handler): return decorate -def connection_route(prefix, name): +def connection_route(prefix, name, global_route=False): def decorate(conn): + conn.GLOBAL = global_route async def handler(msg, session): try: if msg.tp == sockjs.MSG_OPEN: diff --git a/vj4/handler/base.py b/vj4/handler/base.py index 763120743..508190e2f 100644 --- a/vj4/handler/base.py +++ b/vj4/handler/base.py @@ -65,7 +65,7 @@ async def prepare(self): self.reverse_url = functools.partial(_reverse_url, domain_id=self.domain_id) self.build_path = functools.partial(_build_path, domain_id=self.domain_id, domain_name=self.domain['name']) - if not self.has_priv(builtin.PRIV_VIEW_ALL_DOMAIN): + if not self.GLOBAL and not self.has_priv(builtin.PRIV_VIEW_ALL_DOMAIN): self.check_perm(builtin.PERM_VIEW) def has_perm(self, perm): diff --git a/vj4/handler/fs.py b/vj4/handler/fs.py index dcbf4d99e..f69cc84fe 100644 --- a/vj4/handler/fs.py +++ b/vj4/handler/fs.py @@ -15,7 +15,7 @@ ALLOWED_MIMETYPE_PREFIX = ['image/', 'text/', 'application/zip'] -@app.route('/fs/{secret:\w{40}}', 'fs_get') +@app.route('/fs/{secret:\w{40}}', 'fs_get', global_route=True) class FsGetHandler(base.Handler): @base.route_argument @base.sanitize @@ -63,7 +63,7 @@ async def stream_data(self, *, secret: str, headers_only: bool=False): get = stream_data -@app.route('/fs/upload', 'fs_upload') +@app.route('/fs/upload', 'fs_upload', global_route=True) class FsUploadHandler(base.Handler): def get_content_type(self, filename): content_type = mimetypes.guess_type(filename)[0] diff --git a/vj4/handler/home.py b/vj4/handler/home.py index aa3ada8bc..0f206f908 100644 --- a/vj4/handler/home.py +++ b/vj4/handler/home.py @@ -30,7 +30,7 @@ } -@app.route('/home/security', 'home_security') +@app.route('/home/security', 'home_security', global_route=True) class HomeSecurityHandler(base.OperationHandler): @base.require_priv(builtin.PRIV_USER_PROFILE) async def get(self): @@ -104,7 +104,7 @@ async def post_delete_all_tokens(self): self.json_or_redirect(self.url) -@app.route('/home/security/changemail/{code}', 'user_changemail_with_code') +@app.route('/home/security/changemail/{code}', 'user_changemail_with_code', global_route=True) class UserChangemailWithCodeHandler(base.Handler): @base.require_priv(builtin.PRIV_USER_PROFILE) @base.route_argument @@ -122,7 +122,7 @@ async def get(self, *, code: str): self.json_or_redirect(self.reverse_url('home_security')) -@app.route('/home/account', 'home_account') +@app.route('/home/account', 'home_account', global_route=True) class HomeAccountHandler(base.Handler): @base.require_priv(builtin.PRIV_USER_PROFILE) async def get(self): @@ -136,7 +136,7 @@ async def post(self, **kwargs): self.json_or_redirect(self.url) -@app.route('/home/preference', 'home_preference') +@app.route('/home/preference', 'home_preference', global_route=True) class HomeAccountHandler(base.Handler): @base.require_priv(builtin.PRIV_USER_PROFILE) async def get(self): @@ -150,7 +150,7 @@ async def post(self, **kwargs): self.json_or_redirect(self.url) -@app.route('/home/messages', 'home_messages') +@app.route('/home/messages', 'home_messages', global_route=True) class HomeMessagesHandler(base.OperationHandler): def modify_udoc(self, udict, key): udoc = udict.get(key) @@ -218,7 +218,7 @@ async def post_delete_message(self, *, message_id: objectid.ObjectId): self.json_or_redirect(self.url) -@app.connection_route('/home/messages-conn', 'home_messages-conn') +@app.connection_route('/home/messages-conn', 'home_messages-conn', global_route=True) class HomeMessagesConnection(base.Connection): @base.require_priv(builtin.PRIV_USER_PROFILE) async def on_open(self): @@ -232,7 +232,7 @@ async def on_close(self): bus.unsubscribe(self.on_message_received) -@app.route('/home/domain', 'home_domain') +@app.route('/home/domain', 'home_domain', global_route=True) class HomeDomainHandler(base.Handler): @base.require_priv(builtin.PRIV_USER_PROFILE) async def get(self): @@ -252,7 +252,7 @@ async def get(self): self.render('home_domain.html', ddocs=ddocs, dudict=dudict, can_manage=can_manage) -@app.route('/home/domain/create', 'home_domain_create') +@app.route('/home/domain/create', 'home_domain_create', global_route=True) class HomeDomainCreateHandler(base.Handler): @base.require_priv(builtin.PRIV_CREATE_DOMAIN) async def get(self): @@ -268,7 +268,7 @@ async def post(self, *, id: str, name: str, gravatar: str, bulletin: str): self.json_or_redirect(self.reverse_url('domain_manage', domain_id=domain_id)) -@app.route('/home/file', 'home_file') +@app.route('/home/file', 'home_file', global_route=True) class HomeFileHandler(base.OperationHandler): def file_url(self, fdoc): return options.cdn_prefix.rstrip('/') + \ diff --git a/vj4/handler/i18n.py b/vj4/handler/i18n.py index 68b26d079..9816469ef 100644 --- a/vj4/handler/i18n.py +++ b/vj4/handler/i18n.py @@ -2,7 +2,7 @@ from vj4.handler import base -@app.route('/lang/{lang}', 'language_set') +@app.route('/lang/{lang}', 'language_set', global_route=True) class LanguageHandler(base.Handler): @base.route_argument @base.sanitize diff --git a/vj4/handler/misc.py b/vj4/handler/misc.py index 5c8bdf2f2..b0a92b351 100644 --- a/vj4/handler/misc.py +++ b/vj4/handler/misc.py @@ -3,19 +3,19 @@ from vj4.handler import base -@app.route('/about', 'about') +@app.route('/about', 'about', global_route=True) class AboutHandler(base.Handler): async def get(self): self.render('about.html') -@app.route('/wiki/help', 'wiki_help') +@app.route('/wiki/help', 'wiki_help', global_route=True) class AboutHandler(base.Handler): async def get(self): self.render('wiki_help.html') -@app.route('/preview', 'preview') +@app.route('/preview', 'preview', global_route=True) class PreviewHandler(base.Handler): @base.post_argument @base.sanitize diff --git a/vj4/handler/user.py b/vj4/handler/user.py index e167ba3c4..02f84d161 100644 --- a/vj4/handler/user.py +++ b/vj4/handler/user.py @@ -37,7 +37,7 @@ def get_udoc_setting(self, udoc, key): return None -@app.route('/register', 'user_register') +@app.route('/register', 'user_register', global_route=True) class UserRegisterHandler(base.Handler): @base.require_priv(builtin.PRIV_REGISTER_USER) async def get(self): @@ -59,7 +59,7 @@ async def post(self, *, mail: str): self.render('user_register_mail_sent.html') -@app.route('/register/{code}', 'user_register_with_code') +@app.route('/register/{code}', 'user_register_with_code', global_route=True) class UserRegisterWithCodeHandler(base.Handler): TITLE = 'user_register' @@ -89,7 +89,7 @@ async def post(self, *, code: str, uname: str, password: str, verify_password: s self.json_or_redirect(self.reverse_url('domain_main')) -@app.route('/lostpass', 'user_lostpass') +@app.route('/lostpass', 'user_lostpass', global_route=True) class UserLostpassHandler(base.Handler): @base.require_priv(builtin.PRIV_REGISTER_USER) async def get(self): @@ -113,7 +113,7 @@ async def post(self, *, mail: str): self.render('user_lostpass_mail_sent.html') -@app.route('/lostpass/{code}', 'user_lostpass_with_code') +@app.route('/lostpass/{code}', 'user_lostpass_with_code', global_route=True) class UserLostpassWithCodeHandler(base.Handler): TITLE = 'user_lostpass' @@ -142,7 +142,7 @@ async def post(self, *, code: str, password: str, verify_password: str): self.json_or_redirect(self.reverse_url('domain_main')) -@app.route('/login', 'user_login') +@app.route('/login', 'user_login', global_route=True) class UserLoginHandler(base.Handler): async def get(self): if self.has_priv(builtin.PRIV_USER_PROFILE): @@ -163,7 +163,7 @@ async def post(self, *, uname: str, password: str, rememberme: bool=False): self.json_or_redirect(self.referer_or_main) -@app.route('/logout', 'user_logout') +@app.route('/logout', 'user_logout', global_route=True) class UserLogoutHandler(base.Handler): @base.require_priv(builtin.PRIV_USER_PROFILE) async def get(self):