diff options
78 files changed, 5570 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..f451fdb --- /dev/null +++ b/.gitignore @@ -0,0 +1,20 @@ +*.pyc +*.tiny.css +data/*.log +data/cherrypy_sessions +data/store.sqlite3 +doc/*.tex +doc/*.pdf +doc/*.html +doc/*.aux +doc/*.toc +doc/*.log +doc/*.out +doc/COPYING.mdwn +doc/INSTALL.mdwn +doc/README.mdwn +doc/TODO.mdwn +doc/oneline.txt +doc/plinth.1 +templates/*.py +TODO
\ No newline at end of file @@ -0,0 +1,1251 @@ +# License to Copy the Plinth front end to the Freedom Plug + +Plinth is Copyright 2011 James Vasile (<james@hackervisions.org>). It +is distributed under the GNU Affero General Public License, Version 3 +or later. A copy of GPLv3 is available [from the Free Software +Foundation](http://www.gnu.org/licenses/gpl.html). + +In addition, the documentation to this software is distributed under a +Creative Commons Attribution-ShareAlike 3.0 Unported, Version 3 +license. This CC-By-SA license is available in both +[full](http://creativecommons.org/licenses/by-sa/3.0/legalcode) and +[summarized](http://creativecommons.org/licenses/by-sa/3.0/) versions +from Creative Commons. + +The documentation to this software is also distributed under the [GNU +Free Documentation License](http://www.gnu.org/licenses/fdl.html), +version 1.3 or later. + +In default form, Plinth incorporates FileDict, a Python module +released under a "MIT/BSD/Python" license, as per [its blog +page](https://erezsh.wordpress.com/2009/05/31/filedict-bug-fixes-and-updates/). + +## GNU General Public License, Version 3 + + GNU GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/> + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU General Public License is a free, copyleft license for +software and other kinds of works. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. + + Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. + + For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. + + Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users. + + Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Use with the GNU Affero General Public License. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + <one line to give the program's name and a brief idea of what it does.> + Copyright (C) <year> <name of author> + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. + +Also add information on how to contact you by electronic and paper mail. + + If the program does terminal interaction, make it output a short +notice like this when it starts in an interactive mode: + + <program> Copyright (C) <year> <name of author> + This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, your program's commands +might be different; for a GUI interface, you would use an "about box". + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU GPL, see +<http://www.gnu.org/licenses/>. + + The GNU General Public License does not permit incorporating your program +into proprietary programs. If your program is a subroutine library, you +may consider it more useful to permit linking proprietary applications with +the library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. But first, please read +<http://www.gnu.org/philosophy/why-not-lgpl.html>. + +## Creative Commons Attribution-ShareAlike 3.0 Unported + +License + +THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. + +BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. + +1. Definitions + + 1. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. + 2. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined below) for the purposes of this License. + 3. "Creative Commons Compatible License" means a license that is listed at http://creativecommons.org/compatiblelicenses that has been approved by Creative Commons as being essentially equivalent to this License, including, at a minimum, because that license: (i) contains terms that have the same purpose, meaning and effect as the License Elements of this License; and, (ii) explicitly permits the relicensing of adaptations of works made available under that license under this License or a Creative Commons jurisdiction license with the same License Elements as this License. + 4. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. + 5. "License Elements" means the following high-level license attributes as selected by Licensor and indicated in the title of this License: Attribution, ShareAlike. + 6. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. + 7. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. + 8. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. + 9. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. + 10. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. + 11. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. + +2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. + +3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: + + 1. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; + 2. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; + 3. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, + 4. to Distribute and Publicly Perform Adaptations. + 5. + + For the avoidance of doubt: + 1. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; + 2. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, + 3. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. + +The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. + +4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: + + 1. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(c), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(c), as requested. + 2. You may Distribute or Publicly Perform an Adaptation only under the terms of: (i) this License; (ii) a later version of this License with the same License Elements as this License; (iii) a Creative Commons jurisdiction license (either this or a later license version) that contains the same License Elements as this License (e.g., Attribution-ShareAlike 3.0 US)); (iv) a Creative Commons Compatible License. If you license the Adaptation under one of the licenses mentioned in (iv), you must comply with the terms of that license. If you license the Adaptation under the terms of any of the licenses mentioned in (i), (ii) or (iii) (the "Applicable License"), you must comply with the terms of the Applicable License generally and the following provisions: (I) You must include a copy of, or the URI for, the Applicable License with every copy of each Adaptation You Distribute or Publicly Perform; (II) You may not offer or impose any terms on the Adaptation that restrict the terms of the Applicable License or the ability of the recipient of the Adaptation to exercise the rights granted to that recipient under the terms of the Applicable License; (III) You must keep intact all notices that refer to the Applicable License and to the disclaimer of warranties with every copy of the Work as included in the Adaptation You Distribute or Publicly Perform; (IV) when You Distribute or Publicly Perform the Adaptation, You may not impose any effective technological measures on the Adaptation that restrict the ability of a recipient of the Adaptation from You to exercise the rights granted to that recipient under the terms of the Applicable License. This Section 4(b) applies to the Adaptation as incorporated in a Collection, but this does not require the Collection apart from the Adaptation itself to be made subject to the terms of the Applicable License. + 3. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Ssection 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(c) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. + 4. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. + +5. Representations, Warranties and Disclaimer + +UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. + +6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. + +7. Termination + + 1. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. + 2. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. + +8. Miscellaneous + + 1. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. + 2. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. + 3. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. + 4. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. + 5. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. + 6. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. + +## GNU Free Documentation License, Version 1.3 + + GNU Free Documentation License + Version 1.3, 3 November 2008 + + + Copyright (C) 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc. + <http://fsf.org/> + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + +0. PREAMBLE + +The purpose of this License is to make a manual, textbook, or other +functional and useful document "free" in the sense of freedom: to +assure everyone the effective freedom to copy and redistribute it, +with or without modifying it, either commercially or noncommercially. +Secondarily, this License preserves for the author and publisher a way +to get credit for their work, while not being considered responsible +for modifications made by others. + +This License is a kind of "copyleft", which means that derivative +works of the document must themselves be free in the same sense. It +complements the GNU General Public License, which is a copyleft +license designed for free software. + +We have designed this License in order to use it for manuals for free +software, because free software needs free documentation: a free +program should come with manuals providing the same freedoms that the +software does. But this License is not limited to software manuals; +it can be used for any textual work, regardless of subject matter or +whether it is published as a printed book. We recommend this License +principally for works whose purpose is instruction or reference. + + +1. APPLICABILITY AND DEFINITIONS + +This License applies to any manual or other work, in any medium, that +contains a notice placed by the copyright holder saying it can be +distributed under the terms of this License. Such a notice grants a +world-wide, royalty-free license, unlimited in duration, to use that +work under the conditions stated herein. The "Document", below, +refers to any such manual or work. Any member of the public is a +licensee, and is addressed as "you". You accept the license if you +copy, modify or distribute the work in a way requiring permission +under copyright law. + +A "Modified Version" of the Document means any work containing the +Document or a portion of it, either copied verbatim, or with +modifications and/or translated into another language. + +A "Secondary Section" is a named appendix or a front-matter section of +the Document that deals exclusively with the relationship of the +publishers or authors of the Document to the Document's overall +subject (or to related matters) and contains nothing that could fall +directly within that overall subject. (Thus, if the Document is in +part a textbook of mathematics, a Secondary Section may not explain +any mathematics.) The relationship could be a matter of historical +connection with the subject or with related matters, or of legal, +commercial, philosophical, ethical or political position regarding +them. + +The "Invariant Sections" are certain Secondary Sections whose titles +are designated, as being those of Invariant Sections, in the notice +that says that the Document is released under this License. If a +section does not fit the above definition of Secondary then it is not +allowed to be designated as Invariant. The Document may contain zero +Invariant Sections. If the Document does not identify any Invariant +Sections then there are none. + +The "Cover Texts" are certain short passages of text that are listed, +as Front-Cover Texts or Back-Cover Texts, in the notice that says that +the Document is released under this License. A Front-Cover Text may +be at most 5 words, and a Back-Cover Text may be at most 25 words. + +A "Transparent" copy of the Document means a machine-readable copy, +represented in a format whose specification is available to the +general public, that is suitable for revising the document +straightforwardly with generic text editors or (for images composed of +pixels) generic paint programs or (for drawings) some widely available +drawing editor, and that is suitable for input to text formatters or +for automatic translation to a variety of formats suitable for input +to text formatters. A copy made in an otherwise Transparent file +format whose markup, or absence of markup, has been arranged to thwart +or discourage subsequent modification by readers is not Transparent. +An image format is not Transparent if used for any substantial amount +of text. A copy that is not "Transparent" is called "Opaque". + +Examples of suitable formats for Transparent copies include plain +ASCII without markup, Texinfo input format, LaTeX input format, SGML +or XML using a publicly available DTD, and standard-conforming simple +HTML, PostScript or PDF designed for human modification. Examples of +transparent image formats include PNG, XCF and JPG. Opaque formats +include proprietary formats that can be read and edited only by +proprietary word processors, SGML or XML for which the DTD and/or +processing tools are not generally available, and the +machine-generated HTML, PostScript or PDF produced by some word +processors for output purposes only. + +The "Title Page" means, for a printed book, the title page itself, +plus such following pages as are needed to hold, legibly, the material +this License requires to appear in the title page. For works in +formats which do not have any title page as such, "Title Page" means +the text near the most prominent appearance of the work's title, +preceding the beginning of the body of the text. + +The "publisher" means any person or entity that distributes copies of +the Document to the public. + +A section "Entitled XYZ" means a named subunit of the Document whose +title either is precisely XYZ or contains XYZ in parentheses following +text that translates XYZ in another language. (Here XYZ stands for a +specific section name mentioned below, such as "Acknowledgements", +"Dedications", "Endorsements", or "History".) To "Preserve the Title" +of such a section when you modify the Document means that it remains a +section "Entitled XYZ" according to this definition. + +The Document may include Warranty Disclaimers next to the notice which +states that this License applies to the Document. These Warranty +Disclaimers are considered to be included by reference in this +License, but only as regards disclaiming warranties: any other +implication that these Warranty Disclaimers may have is void and has +no effect on the meaning of this License. + +2. VERBATIM COPYING + +You may copy and distribute the Document in any medium, either +commercially or noncommercially, provided that this License, the +copyright notices, and the license notice saying this License applies +to the Document are reproduced in all copies, and that you add no +other conditions whatsoever to those of this License. You may not use +technical measures to obstruct or control the reading or further +copying of the copies you make or distribute. However, you may accept +compensation in exchange for copies. If you distribute a large enough +number of copies you must also follow the conditions in section 3. + +You may also lend copies, under the same conditions stated above, and +you may publicly display copies. + + +3. COPYING IN QUANTITY + +If you publish printed copies (or copies in media that commonly have +printed covers) of the Document, numbering more than 100, and the +Document's license notice requires Cover Texts, you must enclose the +copies in covers that carry, clearly and legibly, all these Cover +Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on +the back cover. Both covers must also clearly and legibly identify +you as the publisher of these copies. The front cover must present +the full title with all words of the title equally prominent and +visible. You may add other material on the covers in addition. +Copying with changes limited to the covers, as long as they preserve +the title of the Document and satisfy these conditions, can be treated +as verbatim copying in other respects. + +If the required texts for either cover are too voluminous to fit +legibly, you should put the first ones listed (as many as fit +reasonably) on the actual cover, and continue the rest onto adjacent +pages. + +If you publish or distribute Opaque copies of the Document numbering +more than 100, you must either include a machine-readable Transparent +copy along with each Opaque copy, or state in or with each Opaque copy +a computer-network location from which the general network-using +public has access to download using public-standard network protocols +a complete Transparent copy of the Document, free of added material. +If you use the latter option, you must take reasonably prudent steps, +when you begin distribution of Opaque copies in quantity, to ensure +that this Transparent copy will remain thus accessible at the stated +location until at least one year after the last time you distribute an +Opaque copy (directly or through your agents or retailers) of that +edition to the public. + +It is requested, but not required, that you contact the authors of the +Document well before redistributing any large number of copies, to +give them a chance to provide you with an updated version of the +Document. + + +4. MODIFICATIONS + +You may copy and distribute a Modified Version of the Document under +the conditions of sections 2 and 3 above, provided that you release +the Modified Version under precisely this License, with the Modified +Version filling the role of the Document, thus licensing distribution +and modification of the Modified Version to whoever possesses a copy +of it. In addition, you must do these things in the Modified Version: + +A. Use in the Title Page (and on the covers, if any) a title distinct + from that of the Document, and from those of previous versions + (which should, if there were any, be listed in the History section + of the Document). You may use the same title as a previous version + if the original publisher of that version gives permission. +B. List on the Title Page, as authors, one or more persons or entities + responsible for authorship of the modifications in the Modified + Version, together with at least five of the principal authors of the + Document (all of its principal authors, if it has fewer than five), + unless they release you from this requirement. +C. State on the Title page the name of the publisher of the + Modified Version, as the publisher. +D. Preserve all the copyright notices of the Document. +E. Add an appropriate copyright notice for your modifications + adjacent to the other copyright notices. +F. Include, immediately after the copyright notices, a license notice + giving the public permission to use the Modified Version under the + terms of this License, in the form shown in the Addendum below. +G. Preserve in that license notice the full lists of Invariant Sections + and required Cover Texts given in the Document's license notice. +H. Include an unaltered copy of this License. +I. Preserve the section Entitled "History", Preserve its Title, and add + to it an item stating at least the title, year, new authors, and + publisher of the Modified Version as given on the Title Page. If + there is no section Entitled "History" in the Document, create one + stating the title, year, authors, and publisher of the Document as + given on its Title Page, then add an item describing the Modified + Version as stated in the previous sentence. +J. Preserve the network location, if any, given in the Document for + public access to a Transparent copy of the Document, and likewise + the network locations given in the Document for previous versions + it was based on. These may be placed in the "History" section. + You may omit a network location for a work that was published at + least four years before the Document itself, or if the original + publisher of the version it refers to gives permission. +K. For any section Entitled "Acknowledgements" or "Dedications", + Preserve the Title of the section, and preserve in the section all + the substance and tone of each of the contributor acknowledgements + and/or dedications given therein. +L. Preserve all the Invariant Sections of the Document, + unaltered in their text and in their titles. Section numbers + or the equivalent are not considered part of the section titles. +M. Delete any section Entitled "Endorsements". Such a section + may not be included in the Modified Version. +N. Do not retitle any existing section to be Entitled "Endorsements" + or to conflict in title with any Invariant Section. +O. Preserve any Warranty Disclaimers. + +If the Modified Version includes new front-matter sections or +appendices that qualify as Secondary Sections and contain no material +copied from the Document, you may at your option designate some or all +of these sections as invariant. To do this, add their titles to the +list of Invariant Sections in the Modified Version's license notice. +These titles must be distinct from any other section titles. + +You may add a section Entitled "Endorsements", provided it contains +nothing but endorsements of your Modified Version by various +parties--for example, statements of peer review or that the text has +been approved by an organization as the authoritative definition of a +standard. + +You may add a passage of up to five words as a Front-Cover Text, and a +passage of up to 25 words as a Back-Cover Text, to the end of the list +of Cover Texts in the Modified Version. Only one passage of +Front-Cover Text and one of Back-Cover Text may be added by (or +through arrangements made by) any one entity. If the Document already +includes a cover text for the same cover, previously added by you or +by arrangement made by the same entity you are acting on behalf of, +you may not add another; but you may replace the old one, on explicit +permission from the previous publisher that added the old one. + +The author(s) and publisher(s) of the Document do not by this License +give permission to use their names for publicity for or to assert or +imply endorsement of any Modified Version. + + +5. COMBINING DOCUMENTS + +You may combine the Document with other documents released under this +License, under the terms defined in section 4 above for modified +versions, provided that you include in the combination all of the +Invariant Sections of all of the original documents, unmodified, and +list them all as Invariant Sections of your combined work in its +license notice, and that you preserve all their Warranty Disclaimers. + +The combined work need only contain one copy of this License, and +multiple identical Invariant Sections may be replaced with a single +copy. If there are multiple Invariant Sections with the same name but +different contents, make the title of each such section unique by +adding at the end of it, in parentheses, the name of the original +author or publisher of that section if known, or else a unique number. +Make the same adjustment to the section titles in the list of +Invariant Sections in the license notice of the combined work. + +In the combination, you must combine any sections Entitled "History" +in the various original documents, forming one section Entitled +"History"; likewise combine any sections Entitled "Acknowledgements", +and any sections Entitled "Dedications". You must delete all sections +Entitled "Endorsements". + + +6. COLLECTIONS OF DOCUMENTS + +You may make a collection consisting of the Document and other +documents released under this License, and replace the individual +copies of this License in the various documents with a single copy +that is included in the collection, provided that you follow the rules +of this License for verbatim copying of each of the documents in all +other respects. + +You may extract a single document from such a collection, and +distribute it individually under this License, provided you insert a +copy of this License into the extracted document, and follow this +License in all other respects regarding verbatim copying of that +document. + + +7. AGGREGATION WITH INDEPENDENT WORKS + +A compilation of the Document or its derivatives with other separate +and independent documents or works, in or on a volume of a storage or +distribution medium, is called an "aggregate" if the copyright +resulting from the compilation is not used to limit the legal rights +of the compilation's users beyond what the individual works permit. +When the Document is included in an aggregate, this License does not +apply to the other works in the aggregate which are not themselves +derivative works of the Document. + +If the Cover Text requirement of section 3 is applicable to these +copies of the Document, then if the Document is less than one half of +the entire aggregate, the Document's Cover Texts may be placed on +covers that bracket the Document within the aggregate, or the +electronic equivalent of covers if the Document is in electronic form. +Otherwise they must appear on printed covers that bracket the whole +aggregate. + + +8. TRANSLATION + +Translation is considered a kind of modification, so you may +distribute translations of the Document under the terms of section 4. +Replacing Invariant Sections with translations requires special +permission from their copyright holders, but you may include +translations of some or all Invariant Sections in addition to the +original versions of these Invariant Sections. You may include a +translation of this License, and all the license notices in the +Document, and any Warranty Disclaimers, provided that you also include +the original English version of this License and the original versions +of those notices and disclaimers. In case of a disagreement between +the translation and the original version of this License or a notice +or disclaimer, the original version will prevail. + +If a section in the Document is Entitled "Acknowledgements", +"Dedications", or "History", the requirement (section 4) to Preserve +its Title (section 1) will typically require changing the actual +title. + + +9. TERMINATION + +You may not copy, modify, sublicense, or distribute the Document +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense, or distribute it is void, and +will automatically terminate your rights under this License. + +However, if you cease all violation of this License, then your license +from a particular copyright holder is reinstated (a) provisionally, +unless and until the copyright holder explicitly and finally +terminates your license, and (b) permanently, if the copyright holder +fails to notify you of the violation by some reasonable means prior to +60 days after the cessation. + +Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + +Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, receipt of a copy of some or all of the same material does +not give you any rights to use it. + + +10. FUTURE REVISIONS OF THIS LICENSE + +The Free Software Foundation may publish new, revised versions of the +GNU Free Documentation License from time to time. Such new versions +will be similar in spirit to the present version, but may differ in +detail to address new problems or concerns. See +http://www.gnu.org/copyleft/. + +Each version of the License is given a distinguishing version number. +If the Document specifies that a particular numbered version of this +License "or any later version" applies to it, you have the option of +following the terms and conditions either of that specified version or +of any later version that has been published (not as a draft) by the +Free Software Foundation. If the Document does not specify a version +number of this License, you may choose any version ever published (not +as a draft) by the Free Software Foundation. If the Document +specifies that a proxy can decide which future versions of this +License can be used, that proxy's public statement of acceptance of a +version permanently authorizes you to choose that version for the +Document. + +11. RELICENSING + +"Massive Multiauthor Collaboration Site" (or "MMC Site") means any +World Wide Web server that publishes copyrightable works and also +provides prominent facilities for anybody to edit those works. A +public wiki that anybody can edit is an example of such a server. A +"Massive Multiauthor Collaboration" (or "MMC") contained in the site +means any set of copyrightable works thus published on the MMC site. + +"CC-BY-SA" means the Creative Commons Attribution-Share Alike 3.0 +license published by Creative Commons Corporation, a not-for-profit +corporation with a principal place of business in San Francisco, +California, as well as future copyleft versions of that license +published by that same organization. + +"Incorporate" means to publish or republish a Document, in whole or in +part, as part of another Document. + +An MMC is "eligible for relicensing" if it is licensed under this +License, and if all works that were first published under this License +somewhere other than this MMC, and subsequently incorporated in whole or +in part into the MMC, (1) had no cover texts or invariant sections, and +(2) were thus incorporated prior to November 1, 2008. + +The operator of an MMC Site may republish an MMC contained in the site +under CC-BY-SA on the same site at any time before August 1, 2009, +provided the MMC is eligible for relicensing. + + +ADDENDUM: How to use this License for your documents + +To use this License in a document you have written, include a copy of +the License in the document and put the following copyright and +license notices just after the title page: + + Copyright (c) YEAR YOUR NAME. + Permission is granted to copy, distribute and/or modify this document + under the terms of the GNU Free Documentation License, Version 1.3 + or any later version published by the Free Software Foundation; + with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. + A copy of the license is included in the section entitled "GNU + Free Documentation License". + +If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, +replace the "with...Texts." line with this: + + with the Invariant Sections being LIST THEIR TITLES, with the + Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. + +If you have Invariant Sections without Cover Texts, or some other +combination of the three, merge those two alternatives to suit the +situation. + +If your document contains nontrivial examples of program code, we +recommend releasing these examples in parallel under your choice of +free software license, such as the GNU General Public License, +to permit their use in free software. + +## FileDict License. + +Copyright (c) 2009, Erez +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + + * Redistributions in binary form must reproduce the above + copyright notice, this list of conditions and the following + disclaimer in the documentation and/or other materials provided + with the distribution. + + * Neither the name of the <ORGANIZATION> nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + @@ -0,0 +1,34 @@ +# Quick Start + +## Installing Plinth + +Unzip and untar the source into a directory. Change to the directory +containing the program. Run `./plinth.py` and point your web +browser at `localhost:8000`. The default username is "admin" and the +default password is "secret". + +## Dependencies + +* cherrypy - python web engine + +* python - tested with version 2.6.6 + +* *GNU Make* is used to build the templates and such. + +The documentation has some dependencies too. + +* *Markdown* is used to format and style docs. + +* *Pandoc* converts the markdown to different formats. + +* *PDFLatex* generates pdf versions of the documentation. + +* *GNU Make* processes /doc/Makefile. + +## Building the Documentation + +Documentation has been collected into a pdf that can be built using +`make doc`. It also gets built into smaller files and other formats, +including one suitable for install as a man page. + +<a name="installing_systemwide" /> diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..533ca4c --- /dev/null +++ b/Makefile @@ -0,0 +1,36 @@ +MAKE=make + +#TODO: add install target + +CSS=$(wildcard *.css) +CSS=$(subst .tiny,,$(shell find themes -type f -name '*.css')) +COMPRESSED_CSS := $(patsubst %.css,%.tiny.css,$(CSS)) + +## Catch-all tagets +default: template docs css +all: default + +%.tiny.css: %.css + @cat $< | python -c 'import re,sys;print re.sub("\s*([{};,:])\s*", "\\1", re.sub("/\*.*?\*/", "", re.sub("\s+", " ", sys.stdin.read())))' > $@ +css: $(COMPRESSED_CSS) + +template: + @$(MAKE) -s -C templates +templates: template + +docs: + @$(MAKE) -s -C doc +doc: docs + +html: + @$(MAKE) -s -C doc html + +clean: + @find themes -name "*.tiny.css" -exec rm {} \; + @find . -name "*~" -exec rm {} \; + @find . -name ".#*" -exec rm {} \; + @find . -name "#*" -exec rm {} \; + @find . -name "*.pyc" -exec rm {} \; + @find . -name "*.bak" -exec rm {} \; + @$(MAKE) -s -C doc clean + @$(MAKE) -s -C templates clean @@ -0,0 +1,53 @@ +% PLINTH(1) Version 0.1 | Plinth User Manual +% +% February 2011 + +# Introduction + +## Name + +plinth - a web front end for administering every aspect of a Freedom Box. + +## Synopsis + +plinth.py + +## Description + +The Freedom Box is a net appliance conceived by Eben Moglen. It +contains free software and is designed to allow you to interface with +the rest of the net under conditions of protected privacy and data +security. + +The Plinth front end is a web interface to administer the functions of +the Freedom Box. For example, the Freedom Box is a wireless router, +and the front end is where you can adjust its settings. + +## Overview + +The front end is an extensible web platform for forms and menus. It +allows authenticated users to fill out forms. The interface saves the +form data and from them generates configuration files for the various +services running on the box. + +The interface is extremely pluggable. Drop modules into place to add +new capabilities to Plinth and your Freedom Box. Replace existing modules to get +newer, better shinier functions. The modules will automatically +integrate into the existing menu system so you can control all of the +box's parts from one central location. + +The interface has a 'basic' and an 'expert' mode. In basic mode, much +of Plinth's configuration and capability are hidden. Sane defaults +are chosen whenever possible. In expert mode, you can get down into +the details and configure things the average user never thinks about. +For example, experts can turn off ntp or switch ntp servers. Basic +users should never even know those options exist. + +One caveat: expert mode is not as powerful as the commandline. We can +only do so much when translating free-form configuration files into +web forms. And if you manually change your configuration files, the +interface will overwrite those changes at first opportunity. This +interface is not a tool for super admins facing complex scenarios. It +is for home users to do a wide variety of basic tasks. + + @@ -0,0 +1,16 @@ +from menu import Menu +import os + +file_root = os.path.dirname(os.path.realpath(__file__)) +data_dir = os.path.join(file_root, "data") +store_file = os.path.join(data_dir, "store.sqlite3") +status_log_file = os.path.join(data_dir, "status.log") +access_log_file = os.path.join(data_dir, "access.log") +users_dir = os.path.join(data_dir, "users") + +product_name = "Plinth" +box_name = "Freedom Plug" + +html_root = None +main_menu = Menu() + diff --git a/cherrypy.config b/cherrypy.config new file mode 100644 index 0000000..813b28c --- /dev/null +++ b/cherrypy.config @@ -0,0 +1,19 @@ +[global] +server.socket_host = '0.0.0.0' +server.socket_port = 8000 +server.thread_pool = 10 +tools.staticdir.root = "/home/vasile/src/plinth" +tools.sessions.on = True +tools.auth.on = True +tools.sessions.storage_type = "file" +tools.sessions.storage_path = "/home/vasile/src/plinth/data/cherrypy_sessions" +tools.sessions.timeout = 90 + +[/static] +tools.staticdir.on = True +tools.staticdir.dir = "static" + +[/favicon.ico] +tools.staticfile.on = True +tools.staticfile.filename = "/home/vasile/src/plinth/static/theme/favicon.ico" + diff --git a/data/users/admin b/data/users/admin new file mode 100644 index 0000000..acda278 --- /dev/null +++ b/data/users/admin @@ -0,0 +1 @@ +{"username": "admin", "name": "Admin", "expert": "on", "groups": ["expert"], "passphrase": "5ebe2294ecd0e0f08eab7690d2a6ee69", "password": "", "email": "root@localhost"}
\ No newline at end of file diff --git a/doc/Makefile b/doc/Makefile new file mode 100644 index 0000000..2e6037a --- /dev/null +++ b/doc/Makefile @@ -0,0 +1,118 @@ +DOCDIR=../dist/doc + +PANDOC=pandoc +PDFLATEX=pdflatex + + +# List text files in the order in which you want them to appear in the +# complete manual: +SOURCES=README.mdwn INSTALL.mdwn themes.mdwn hacking.mdwn TODO.mdwn modules.mdwn scripts.mdwn design.mdwn roadmap.mdwn faq.mdwn COPYING.mdwn colophon.mdwn +TODO_SOURCES=$(patsubst TODO.mdwn,,$(SOURCES)) +MAN_SOURCES=$(patsubst COPYING.mdwn,copyright_notice00,$(SOURCES)) + +NEWLINE_SOURCES=$(patsubst %,% oneline.txt,$(SOURCES)) +NEWLINE_MAN_SOURCES=$(patsubst %,% oneline.txt,$(MAN_SOURCES)) + +HTML=plinth.html $(patsubst %.mdwn,%.html,$(SOURCES)) +HTML_PART=$(patsubst %.html,%.part.html,$(HTML)) +LATEX=plinth.tex $(patsubst %.mdwn,%.tex,$(SOURCES)) +PDF=plinth.pdf $(patsubst %.mdwn,%.pdf,$(SOURCES)) +MAN=plinth.1 + +OUTPUTS=$(HTML) $(LATEX) $(MAN) $(PDF) $(HTML_PART) +DIST_OUTPUT=$(patsubst %,$(DOCDIR)/%,$(OUTPUTS)) + +# Yes, do it twice. TODO created during the process requires a second run +default: + make all + make all +all: oneline.txt $(OUTPUTS) Makefile + +$(DOCDIR)/%: % + cp $< $@ +dist: $(DIST_OUTPUT) +############################################################################### +oneline.txt: Makefile + perl -e 'print "\n"' > oneline.txt + +$(SOURCES): + @rm -f $@ + @ln -s ../$(patsubst %.mdwn,%,$@) $@ + +../TODO : $(TODO_SOURCES) ../*.py ../modules/*.py ../Makefile Makefile ../templates/Makefile + grep -ro --exclude=.git* --exclude=plinth.1 --exclude=*.tex --exclude=*.html \ + --exclude=README.mdwn --exclude=INSTALL.mdwn \ + --exclude=TODO.mdwn --exclude=COPYING.mdwn \ + "TODO\:.*" ../* 2>/dev/null | \ + sed -e "s/TODO\://g" | \ + sed -e "s/^..\//* /g" | \ + sed -e 's/"""$$//g' | \ + sed -e 's/<\/p>$$//g' \ + > ../TODO +############################################################################### +## +## MAN PAGES +## +$(MAN): $(SOURCES) ../TODO + @csplit -s -f copyright_notice COPYING.mdwn '/##/' + cat $(NEWLINE_MAN_SOURCES) | perl -pe 'BEGIN { $$/=undef } $$_ =~ s/\n\n#\s.*/\n/gm; $$_ =~ s/\n\n#/\n\n/gm; $$_ =~ s/(\n\n#\s.*)/uc($$1)/gme' > .make_man + $(PANDOC) -s -t man -o $@ .make_man + @rm -f copyright_notice0? .make_man +manpages: $(MAN) +############################################################################### +## +## LaTeX +## +%.tex: %.mdwn + $(PANDOC) -s --toc -f markdown --standalone -o $@ $< + +hacking.tex: hacking.mdwn ../TODO + $(PANDOC) -s --toc -f markdown -o $@ hacking.mdwn ../TODO + +plinth.tex: $(NEWLINE_SOURCES) ../TODO + $(PANDOC) -s --toc -f markdown -o $@ $(NEWLINE_SOURCES) + +latex: $(LATEX) +############################################################################### +## +## HTML +## + + +# This gets us the html sections complete with TOC, but without the +# HTML and head section boilerplate. /help/view uses the parts. +%.part.html: %.html + csplit -s -f $@ $< '%.*<body>%' + sed '1d' $@00 > $@01 + csplit -s -f $@ $@01 '/<\/body>/' + mv $@00 $@ + rm $@01 +%.html: %.mdwn header.html footer.html style.css Makefile + $(PANDOC) -s --toc -c style.css -f markdown -o $@ header.html $< footer.html + +hacking.html: hacking.mdwn ../TODO style.css Makefile + $(PANDOC) -s --toc -c style.css -o $@ -f markdown hacking.mdwn ../TODO + +#plinth.html: $(NEWLINE_SOURCES) ../TODO style.css Makefile +# $(PANDOC) -s --toc -c style.css -o $@ -f markdown $(NEWLINE_SOURCES) + +plinth.html: $(NEWLINE_SOURCES) ../TODO style.css Makefile + @csplit -s -f copyright_notice COPYING.mdwn '/##/' + $(PANDOC) -s --toc -c style.css -o $@ -f markdown $(NEWLINE_MAN_SOURCES) + @rm -f copyright_notice0? .make_man + +html: $(HTML) $(HTML_PART) +############################################################################### +%.pdf: %.tex + $(PDFLATEX) -interaction=batchmode $< >/dev/null + $(PDFLATEX) -interaction=batchmode $< >/dev/null # yes, do it twice so the toc works + +pdf: $(PDF) +############################################################################### + +clean-latex: + rm -f *.log *.out *.aux *.toc + +clean: clean-latex + rm -f $(OUTPUTS) README.mdwn INSTALL.mdwn TODO.mdwn COPYING.mdwn \ + copyright_notice0? \#*\# ../TODO oneline.txt diff --git a/doc/colophon.mdwn b/doc/colophon.mdwn new file mode 100644 index 0000000..8ab6932 --- /dev/null +++ b/doc/colophon.mdwn @@ -0,0 +1,8 @@ +# Colophon + +This manual was typed in emacs, formatted using markdown and converted +to pdf, html, troff and latex using pandoc and pdflatex. + +The complete source code to this manual is available in the 'doc' +directory of the Freedom Box front end source distribution. + diff --git a/doc/design.mdwn b/doc/design.mdwn new file mode 100644 index 0000000..acaa17e --- /dev/null +++ b/doc/design.mdwn @@ -0,0 +1,196 @@ +# Freedom Box Design and Architecture + +This article describes and documents architectural considerations for +my vision of Freedom Box. It is not specific to the user interface +and instead contains thoughts about the Freedom Box as a whole. + +The major immediate design problems that I see are authentication, ip +addressing, and backup. I'm sure there are others. + +If the Freedom Box front end pulls together basic pieces and +configures them properly, we'll have the start of the freedom stack. +Then we can build things like free social networking applications on +top. + +## Design Goals + +The target hardware for this project is the +[GuruPlug](http://www.globalscaletechnologies.com/t-guruplugdetails.aspx). +It has low power consumption, two wired network interfaces, one +wireless hostapd-capable interface (802.11b), and two usb slots for +connecting external drives and peripherals. The hardware target might +change if a better unit becomes available (for example, with 802.11n +or USB 3 capability). The GuruPlug is reputed to have availability +problems involving shipping delays, and targetting a unit that cannot +satsify high demand might be an issue. + +Freedom Boxes are not giant honking servers. They are small boxes +that do perform a lot of functions. They are not heavily resourced. +So keep things small and light. + +By the same token, there is no need to scale up to thousands of users. +A box should happily serve a person and her family, maybe an extended +group of friends. Call it 100 people at the most. + +The target user for this project is the home consumer of network +appliances. It ranges from the most basic user (the kind of person +who might have spent all of three minutes setting up her LinkSys +WRT54G) to the home enthusiast who wants a local file server for media +and backups, print server and dns service. + + +## Authentication + +Authentication in the context of the Freedom Box is a diffiult +problem. You need to be able to trust your box, and it needs to be +able to trust you. What's more, security must withstand forgotten +passwords, server destruction, changing email addresses and any other +possible disaster scenario. + +In addition, your friends (and their boxes) need to trust your box +when it acts on your behalf, even if it does so when you're not around +to enter passphrases or otherwise confirm agency. But even as it +needs to operate in your absence, it can't itself have authority to +access all your data, because you might lack exclusive physical +control of the box (e.g. if you have a roommate). If the box can act +as you without limits, anybody who takes control of the box takes +control of your online identity. + +What's more, security should be high. Freedom Boxes might contain +emails or other sensitive documents. The box mediates network +traffic, which means rooting it would allow an attacker to spy on or +even change traffic. Demonstrating control of an email address should +not be enough to gain access to the box and its admin functions. + +### Passphrases + +Most users habitually think of passwords. We need to force them to +think of passphrases. It starts by using 'passphrase' in the +literature. Second, we need to encourage users to pick phrases, and +prompts should urge them to do so. We also need minimum password +lengths and maybe even a requirement of at least a few spaces. + +Even better than passphrases are passfiles. We should keep a lookout +for ways to use files instead of phrases when securing the Freedom +Box. + +### A Scheme for Secure Web Login + +Passphrases should +[never be stored in plain text](http://www.codinghorror.com/blog/2007/09/rainbow-hash-cracking.html). +[MD5 is too fast for passphrases.](http://chargen.matasano.com/chargen/2007/9/7/enough-with-the-rainbow-tables-what-you-need-to-know-about-s.html) +Therefore, my current plan for secure website login involves bcrypt: + +The server sends the client a permanent salt, PS, a random session +salt, SS and a number of rounds, R. It brcypts the password using PS +and stores the result, B. + +The browser +[bcrypts the passphrase using javascript](https://code.google.com/p/javascript-bcrypt/) +and PS. Then, it bcrypts that result with SS. It does R rounds of +bcrypt with S. The browser then sends the result, C, back to the +server. + +The server retrieves bcrypts its stored, hashed passphrase and does R +rounds of bcrypt on it with SS. If that matches C, the passphrase is +a match. + +The server must be able to keep track of sessions, as it needs to +remember SS between giving it to the client and getting it back. The +Server cannot rely on the client to remind it of SS. This would allow +an attacker to dictate SS and leave the server vulnerable to replay +attacks. + +This scheme has the dual advantage of not storing any cleartext +passphrases and also never sending any cleartext passphrases between +client and server. + +TODO: consult a security expert as to the strength of this scheme + +### Other Schemes + +#### Monkeysphere + +[Monkeysphere](http://web.monkeysphere.info/) is a promising project. +Monkeysphere's major win is that it avoids the clunkiness of SSL +certificate authorities. That's huge, except it replaces the +certificate authority structure with the PGP web of trust. Relying on +the web of trust is a good idea +([much better than relying on SSL certificate authorities](http://www.crypto.com/blog/spycerts/)), +except that new users might not have joined the web. It also requires +a bunch of GPG infrastructure that might be difficult to setup +automatically and with little user intervention. + +As of this writing, it does not appear to support Windows or Macintosh +clients, making it unsuitable for this project. + +#### Secure Remote Password + +[SRP](http://srp.stanford.edu/) is an interesting technique. Patents +are a concern. What does it buy us that my scheme, above does not? + +There is a +[python implementation](http://members.tripod.com/professor_tom/archives/srpsocket.html), +although it is not clear that it has been through the crucible. Even +if SRP is solid, this implementation might be flawed. + + + +## Finding Each Other + +### Dynamic DNS + +Each box might need multiple dynamic DNS pointers. Every box is going +to require its own set of dynamic names. For example, my Freedom Box +might be known as both `fb.hackervisions.org` and +`james.softwarefreedom.org`. My work colleagues might know me as +`james@james.softwarefreedom.org` while my friends might reach me at +`james@fb.hackervisions.org`. By default, when contacts come in via +different names, my box might be smart enough to treat those contacts +differently. + +If I share this box with my partner, Emily, she might be +`emily@jv187.fboxes.columbia.edu`, in which case my box will need +another dynamic DNS pointer. + +### Mesh Networking + +Freedom Boxes should be meshed. Rather than run in infrastructure +mode, they should route for each other and create strong local meshes +that will carry data for anybody that passes through. + +There are some problems, though. + +* I'm not sure how well nodes in ad-hoc mesh mode interact with +others in infrastructure mode. + +* The Freedom Box only has one wireless radio, which will drastically +hurt speed. + +* Routing can be difficult when connecting mesh network nodes to the WAN. + +## Backup + +Everybody should automatically and redundantly store encrypted backups +on their friend's freedom boxes. Recovery should not assume you kept +your key or know a password. We can recover the decryption key by +having a bunch of friends encrypt the key in various combinations. If +enough of my friends get together, they can decrypt it for me. +Optionally, a passphrase can serve to slow my friends down if they +turn against me. Maybe it takes 5 friends acting in concert to +recover my key, but only 3 to recover a version protected by the +passphrase. + +## Push vs Pull + +For a social network, real time communication is key. Asynch +communication is good, but sometimes people just want to bash comments +back and forth. For that, you need push, which is just a web fetch +meaning "pull my rss feed". + +If, however, you have a lot of friends and they have a lot of friends, +your extended network can be large, resulting in many "pull my rss +feed" commands. We should only process push requests for friends to +reduce load. You really don't need real time updates of the social +networking activity of strangers. Friends of friends is as far out as +things should ever go. diff --git a/doc/faq.mdwn b/doc/faq.mdwn new file mode 100644 index 0000000..08c7f16 --- /dev/null +++ b/doc/faq.mdwn @@ -0,0 +1,37 @@ +# Plinth and Freedom Plug FAQ + +## General Questions + +### What is the Freedom Plug? + +The Freedom Plug is .... insert links... + +The Freedom Plug is based on the GNU/Debian operating system. It is +not a Linux distribution. It is a network appliance that depends on a +series of Debian packages that configure a plug computer to behave as +a Freedom Plug. + +### What is Plinth? + +Plinth is the web-based GUI administration front end for the Freedom Plug. + +### On what hardware is the Freedom Plug based? + +The current targets are the [Guru Plug](http://guruplug) and the +[Dream Plug](http://dreamplug). + +## Accessing the Freedom Plug + +### Why does ssh listen on port 2222 instead of 22? + +If ssh listens on port 2222, bots and scripts will forever attempt to +guess your username and password. Maybe your password isn't so +strong. Maybe the bots get lucky. Either way, if you allow ssh +access on port 22, you're taking a chance that can be avoided quite +easily by moving your ssh activity to a slightly more obscure port. + +Because ssh activity on these boxes will be limited to programs +configured to work specifically with Freedom Plugs as well relatively +few people generally using ssh, the coordination necessary to use a +non-standard port is easily achieved. + diff --git a/doc/footer.html b/doc/footer.html new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/doc/footer.html diff --git a/doc/hacking.mdwn b/doc/hacking.mdwn new file mode 100644 index 0000000..38e59fb --- /dev/null +++ b/doc/hacking.mdwn @@ -0,0 +1,97 @@ +# Hacking + +This codebase could really use a testing framework. + +If you are interested in helping out, writing tests is a great place +to start-- you don't need to know much about the code or python to +write useful tests. + +In addition to a testing framework, the code is in need of some +general cleanup. I've been inconsistent in capitalization conventions +as well as in my use of underscores. + +The plugin interface could use some attention as well. Right now, +it's a a bit of a free-for-all until I see how the plugins actually +code up. Channeling all that into a few plugin interface grooves +would be a help. + +If you're feeling more ambitious than that, the best way to improve +Plinth is to add modules. More functionality, especially in the +router section, could convert the Freedom Box from a good idea to a +must-have appliance. + +Beyond that, we need to train some expert eyes on the interaction +between Freedom Boxes. Transparent, zero-config box-to-box backup is +possible. We just need to build an auth and dns layer. There are +lots of theories on how to do this well. The first theory reduced to +practice wins! + +There is a list of TODO items below. Some of them are discrete pieces +that can be tackled without diving too deep into the code. + +## Repository + +Plinth is available from github at +`git://github.com/jvasile/plinth.git`. The [project page on +github](https://github.com/jvasile/plinth) is at +`https://github.com/jvasile/plinth`. + +## Bugs + +There are lots of bugs. We don't have a spec or tests, so a bug is +really just any unexpected behavior. I am not easily surprised, but +there are still lots of bugs. + +<a name="hacking_code_practices" /> + +## Coding Practices + +I try to stick to [PEP 8](http://www.python.org/dev/peps/pep-0008/) +recommendations. That's not to say I don't deviate, just that +deviations are usually bugs that should be fixed. + +### Internationalization + +Every module should `from gettext import gettext as _` and wrap +displayed strings with _(). We don't have the language stuff in place +yet (we have no translation files), but we need to put the +infrastructure in place for it from the start. Use it like this: + + cfg.log.error(_("Couldn't import %s: %s") % (path, e)) + +### Variables and Data Stores + +Plinth needs to keep information for short and long term +future use, and it can't just store all of that on the stack. + +Global config information can be put in the `cfg` module namespace. +Keep it thread and session safe, though, or you'll get undefined +behavior as soon as multiple simultaneous users enter the picture. + +Cherrpy has support for session variables. Use those for short term +user-specific data. + +For long term storage, the Plinth needs a back end +storage solution. Databases are a bit opaque and can be hard for +third party software or shell users to manipulate. For now, I've +decided that persistent data should be placed in dicts and stored in +json format. We'll need a file locking solution too. + +The `user_store.py` module implements the `UserStoreModule` interface +specified in `plugin_mount.py`. Any new system that respects that +interface can be used. The existing `user_store.py` holds entire user +files in memory and caches user files as it goes. This has two +downsides: first, if you have lots of users and store big things in +the user dict, you'll run out of memory. Second, it's not thread +safe. Maybe a database is a good idea after all. + +We do not yet have a means of storing module data for long terms. My +current thinking is that modules can store data in their own +directories. That makes removal easy. + +## Todo + +Plinth has a number of open todo items. Please help! + +* Implement the functions in the submenus of router.py +* Unify our logging and cherrypy's. diff --git a/doc/header.html b/doc/header.html new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/doc/header.html diff --git a/doc/modules.mdwn b/doc/modules.mdwn new file mode 100644 index 0000000..6d8851a --- /dev/null +++ b/doc/modules.mdwn @@ -0,0 +1,71 @@ +# Modules + +Almost all of the front end's functionality is contained in small, +separate modules that reside in the directory tree beneath +`/modules/installed`. Some are installed by default, some are +required for operation, and some are entirely optional. + +## Installing and Loading Modules + +Eventually, the goal is for module to be separate Debian package so +installation is as simple as `aptitude install freedombox-foo`. As an +intermediate step, we'll start scripting module installation. But +until then, we can install them manually. + +Modules are installed by copying them into the tree beneath the +`/modules/installed` directory. They are activated by linking their +.py files into the modules directory. (Freedom Box will not load +modules unless they are symlinks.) If the module provides other +resources, they can be linked from wherever in the working tree they +need to be. So if a module provides a template, that template can be +linked from `/templates`. + +Modules can be organized into subdirectories beneath the installed +directory. As an initial matter, I've made separate directories for +each major tab. Modules that extend the functionality of the Freedom +Box code base (as opposed to being user-visible interface modules +under specific major tabs) go in `modules/installed/lib`. This +convention can be adjusted or ignored as needed. In fact, modules can +be installed anywhere in the file system as long as the symlinks are +in `/modules`. + +The names of the symlinks in the `modules` directory can be arbitrary, +and if a name is already taken, (e.g. if `router/info.py` and +`apps/info.p`y both exist), append a counter to the end (e.g. link +`info.py` to `router/info.py` and `info1.py` to `apps/info.py`). + +If a module cannot be imported for any reason (e.g. it's a dead +symlink), freedombox.py will log an error but will otherwise just keep +going. + +TODO: automatically prune dead links to clear out old module installs. +This is something the install scripts should do. + +## Pluggable Module Structure + +Plugin interfaces are contained in `plugin_mount.py`. Each interface +is a metaclass. Classes that implement a given interface should +inherit the metaclass and then provide the indicated properties. New +metaclasses can be created to make new classes of plugins. + +Any place that might be affected by arbitrary addition of modules +should have its own metaclass. + +### FromPlugin + +Each form displayed in the interface should inherit from FormPlugin. +This will allow the system to display multiple forms on the page in +the correct order. Forms will likely also want to inherit from +PagePlugin because after the user clicks submit, the plugin usually +displays a responsive message or an error (along with the form to fill +out again). + +## Coding Practices for Modules + +All the +[coding practices for hacking on the front end](#hacking_code_practices) +also apply to modules. In addition, I try to stick to the other +practices listed in this section. + +* Every module should `from gettext import gettext as _` and wrap +displayed strings with _(). diff --git a/doc/roadmap.mdwn b/doc/roadmap.mdwn new file mode 100644 index 0000000..31c00fb --- /dev/null +++ b/doc/roadmap.mdwn @@ -0,0 +1,64 @@ +# Plinth Roadmap + +## 0.1 Basic Wireless Access Point + +* <strike>Basic/Expert mode toggle</strike> +* SSH access +* Connect to WAN via DHCP and static IP +* Offer DHCP on wired and wireless interfaces +* WEP +* WPA2 +* Bridge WAN and LAN + +## 0.2 Basic Wireless Router + +* NAT +* DMZ +* Port forwarding and triggering +* dhcp server (on by default, expert can disable) +* dns server +* MAC address filtering +* NTP client + +## 0.3 Advanced Wireless Router + +* dynamic dns - This is special. See the notes in the section on + [dynamic DNS](#dynamic-dns) for details. +* UPnP +* Cron +* Tx power management + +## 0.4 File Server, More Routing Features + +* boxbackupd +* NFS +* Samba +* Auto mount usb volumes and create samba shares for them +* TOR +* Ad blocking web proxy +* HTTPS everywhere (on by default, experts can disable) + +## 0.5 Print Server and Backups + +* Social backup to friend's boxes via ddns and boxbackup +* printer discovery and sharing via samba and cups + +## 1.0 Plinth Lives! + +* Complete user documentation for every basic and expert menu item +* Package management complete + +## Unscheduled Features + +There are a variety of other features to be implemented, but they are +of lower priority than all the tasks scheduled above. + +* NTP Server +* Provide virtual networks and multiple SSIDs +* Radius Server +* QoS +* file explorer +* Mesh networking +* Chaining boxes so the furthest upstream knows to route messages down + the chain (e.g. if you and your roommate both have your own box, you + just plug one into the other). diff --git a/doc/style.css b/doc/style.css new file mode 120000 index 0000000..1d18299 --- /dev/null +++ b/doc/style.css @@ -0,0 +1 @@ +../static/theme/style.css
\ No newline at end of file diff --git a/doc/themes.mdwn b/doc/themes.mdwn new file mode 100644 index 0000000..3546182 --- /dev/null +++ b/doc/themes.mdwn @@ -0,0 +1,59 @@ +# Themes and Templates + +The visual look and feel of the front end is described in theme files +while <a href="http://cheetahtemplate.org">Cheetah templates</a> +handle layout. + +## Themes + +Themes are stored in `/themes`. Themes consist entirely of static +files (e.g. css, images and javascript) and templates. The default or +active theme is linked from `/static/default` and `templates/default`. +If your theme needs to change anything other than these items, you'll +need a module (perhaps you'll need both). + +There is not currently any support for dynamically choosing a theme at +runtime, but it is theoretically possible. + +## Templates + +Plinth uses the Cheetah templating system. Templates are stored in +`/templates`. Template requirements are not specified. + +TODO: formalize the template spec so template writers know what they need to implement and where they can deviate. + +In this section, I'll attempt to document some of the assumptions the +program has about templates. The goal is that if you write a tempate +that implements the spec, it should work just fine. + +### The Template Stack +The template is a hierarchical stack, where some templates extend on +others. At the base of this stack is `base.tmpl`. It should specify +variables as blocks (rather than using the $ notation). This allows +other templates to easily override the base template. + +Next up is the `page.tmpl`. It extends `base.tmpl` and simply +replaces all the blocks with interpolable variables. Most of the +time, `page.tmpl` is what you will actually use to create pages. + +`err.tmpl` builds on top of `page.tmpl` by adding some decoration to +the title field. + +### Layout + +Plinth expects a `main` block. This is where the +meat of the content goes. It is the center pain in the default +layout. There is a `title` block that the program will fill with text +describing the current page. `sidebar_left` contains the submenu +navigation menu, and `sidebar_right` is where we put all short text +that helps the admin fill out forms. They don't have to be sidebars, +and they don't have to go on the left and right. + +It is possible to override the `footer`, but I haven't yet found a +reason to do so. + +## Cheetah + +This section is for Cheetah hints that are especially useful in this context. + +TODO: add Cheetah hints diff --git a/filedict.py b/filedict.py new file mode 100644 index 0000000..1e76d67 --- /dev/null +++ b/filedict.py @@ -0,0 +1,150 @@ +"""filedict.py +a Persistent Dictionary in Python + +Author: Erez Shinan +Date : 31-May-2009 +""" + +import simplejson as json ## jlv replaced pickle with json + +import UserDict +##import cPickle as pickle + +import sqlite3 + +class DefaultArg: + pass + +class Solutions: + Sqlite3 = 0 + +class FileDict(UserDict.DictMixin): + "A dictionary that stores its data persistantly in a file" + + def __init__(self, solution=Solutions.Sqlite3, **options): + assert solution == Solutions.Sqlite3 + try: + self.__conn = options.pop('connection') + except KeyError: + filename = options.pop('filename') + self.__conn = sqlite3.connect(filename) + + self.__tablename = options.pop('table', 'dict') + + self._nocommit = False + + assert not options, "Unrecognized options: %s" % options + + self.__conn.execute('create table if not exists %s (id integer primary key, hash integer, key blob, value blob);'%self.__tablename) + self.__conn.execute('create index if not exists %s_index ON %s(hash);' % (self.__tablename, self.__tablename)) + self.__conn.commit() + + def _commit(self): + if self._nocommit: + return + + self.__conn.commit() + + def __pack(self, value): + return sqlite3.Binary(json.dumps(value)) + ##return sqlite3.Binary(pickle.dumps(value, -1)) + def __unpack(self, value): + return json.loads(str(value)) + ##return pickle.loads(str(value)) + + def __get_id(self, key): + cursor = self.__conn.execute('select key,id from %s where hash=?;'%self.__tablename, (hash(key),)) + for k,id in cursor: + if self.__unpack(k) == key: + return id + + raise KeyError(key) + + def __getitem__(self, key): + cursor = self.__conn.execute('select key,value from %s where hash=?;'%self.__tablename, (hash(key),)) + for k,v in cursor: + if self.__unpack(k) == key: + return self.__unpack(v) + + raise KeyError(key) + + def __setitem(self, key, value): + value_pickle = self.__pack(value) + + try: + id = self.__get_id(key) + cursor = self.__conn.execute('update %s set value=? where id=?;'%self.__tablename, (value_pickle, id) ) + except KeyError: + key_pickle = self.__pack(key) + cursor = self.__conn.execute('insert into %s (hash, key, value) values (?, ?, ?);' + %self.__tablename, (hash(key), key_pickle, value_pickle) ) + + assert cursor.rowcount == 1 + + def __setitem__(self, key, value): + self.__setitem(key, value) + self._commit() + + def __delitem__(self, key): + id = self.__get_id(key) + cursor = self.__conn.execute('delete from %s where id=?;'%self.__tablename, (id,)) + if cursor.rowcount <= 0: + raise KeyError(key) + + self._commit() + + def update(self, d): + for k,v in d.iteritems(): + self.__setitem(k, v) + self._commit() + + def __iter__(self): + return (self.__unpack(x[0]) for x in self.__conn.execute('select key from %s;'%self.__tablename) ) + def keys(self): + return iter(self) + def values(self): + return (self.__unpack(x[0]) for x in self.__conn.execute('select value from %s;'%self.__tablename) ) + def items(self): + return (map(self.__unpack, x) for x in self.__conn.execute('select key,value from %s;'%self.__tablename) ) + def iterkeys(self): + return self.keys() + def itervalues(self): + return self.values() + def iteritems(self): + return self.items() + + def __contains__(self, key): + try: + self.__get_id(key) + return True + except KeyError: + return False + + def __len__(self): + return self.__conn.execute('select count(*) from %s;' % self.__tablename).fetchone()[0] + + def __del__(self): + try: + self.__conn + except AttributeError: + pass + else: + self.__conn.commit() + + @property + def batch(self): + return self._Batch(self) + + class _Batch: + def __init__(self, d): + self.__d = d + + def __enter__(self): + self.__old_nocommit = self.__d._nocommit + self.__d._nocommit = True + return self.__d + + def __exit__(self, type, value, traceback): + self.__d._nocommit = self.__old_nocommit + self.__d._commit() + return True diff --git a/logger.py b/logger.py new file mode 100644 index 0000000..6fd8171 --- /dev/null +++ b/logger.py @@ -0,0 +1,39 @@ +import cherrypy +import inspect +import cfg + +cherrypy.log.error_file = cfg.status_log_file +cherrypy.log.access_file = cfg.access_log_file +cherrypy.log.screen = False + +class Logger(): + """By convention, log levels are DEBUG, INFO, WARNING, ERROR and CRITICAL.""" + def log(self, msg, level="DEBUG"): + try: + username = cherrypy.session.get(cfg.session_key) + except AttributeError: + username = '' + cherrypy.log.error("%s %s %s" % (username, level, msg), inspect.stack()[2][3], 20) + def __call__(self, *args): + self.log(*args) + + def debug(self, msg): + self.log(msg) + + def info(self, msg): + self.log(msg, "INFO") + + def warn(self, msg): + self.log(msg, "WARNING") + + def warning(self, msg): + self.log(msg, "WARNING") + + def error(self, msg): + self.log(msg, "ERROR") + + def err(self, msg): + self.error(msg) + + def critical(self, msg): + self.log(msg, "CRITICAL") @@ -0,0 +1,74 @@ +import simplejson as json +from urlparse import urlparse +import cherrypy +import cfg + +class Menu(): + """One menu item.""" + def __init__(self, label="", url="#", order=50): + """label is the text that is displayed on the menu. + + url is the url location that will be activated when the menu + item is selected + + order is the numerical rank of this item within the menu. + Lower order items appear closest to the top/left of the menu. + By convention, we use the spectrum between 0 and 100 to rank + orders, but feel free to disregard that. If you need more + granularity, don't bother renumbering things. Feel free to + use fractional orders. + """ + + self.label = label + self.order = order + self.url = url + self.items = [] + + def sort_items(self): + """Sort the items in self.items by order.""" + self.items = sorted(self.items, key=lambda x: x.order, reverse=False) + def add_item(self, label, url, order=50): + """This method creates a menu item with the parameters, adds + that menu item to this menu, and returns the item.""" + item = Menu(label=label, url=url, order=order) + self.items.append(item) + self.sort_items() + return item + + def active_p(self): + """Returns True if this menu item is active, otherwise False. + + We can tell if a menu is active if the menu item points + anywhere above url we are visiting in the url tree.""" + return urlparse(cherrypy.url()).path.startswith(self.url) + + def active_item(self): + """Return item list (e.g. submenu) of active menu item.""" + path = urlparse(cherrypy.url()).path + for item in self.items: + if path.startswith(item.url): + return item + + def serializable(self, render_subs=False): + """Return the items in self.items as a serializable object we can pass to json. + Note: this doesn't serialize all the data in this object.""" + + so = [] + for item in self.items: + i = { 'label':item.label, 'url':item.url} + if item.active_p(): + i['active']=True + if item.items and render_subs: + i['subs'] = item.serializable() + so.append(i) + return so + def encode(self, name="", render_subs=False): + """return a string containing a javascript data structure + assigned to the menu name + + if render_subs is True, we render submenus too""" + + return ('<SCRIPT LANGUAGE="JavaScript">\n <!--\n var %s_items=' % name + #+ json.dumps(self.serializable(render_subs=render_subs), separators=(',',':')) # compact + + "\n"+ json.dumps(self.serializable(render_subs=render_subs), sort_keys=True, indent=4) # pretty print + + ';\n // -->\n </SCRIPT>') diff --git a/model.py b/model.py new file mode 100644 index 0000000..d3807d0 --- /dev/null +++ b/model.py @@ -0,0 +1,14 @@ +class User(dict): + """ Every user must have keys for a username, name, password (this + is a md5 hash of the password), groups, and an email address. They can be + blank or None, but the keys must exist. """ + def __init__(self, dict=None): + for key in ['username', 'name', 'password', 'email']: + self[key] = '' + for key in ['groups']: + self[key] = [] + for key in dict: + self[key] = dict[key] + + def __getattr__(self, attr): + return None diff --git a/modules/__init__.py b/modules/__init__.py new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/modules/__init__.py diff --git a/modules/apps.py b/modules/apps.py new file mode 120000 index 0000000..d69ec80 --- /dev/null +++ b/modules/apps.py @@ -0,0 +1 @@ +installed/apps/apps.py
\ No newline at end of file diff --git a/modules/auth.py b/modules/auth.py new file mode 120000 index 0000000..7a4c6ec --- /dev/null +++ b/modules/auth.py @@ -0,0 +1 @@ +installed/lib/auth.py
\ No newline at end of file diff --git a/modules/auth_page.py b/modules/auth_page.py new file mode 120000 index 0000000..7ce3ca2 --- /dev/null +++ b/modules/auth_page.py @@ -0,0 +1 @@ +installed/lib/auth_page.py
\ No newline at end of file diff --git a/modules/config.py b/modules/config.py new file mode 120000 index 0000000..2e37164 --- /dev/null +++ b/modules/config.py @@ -0,0 +1 @@ +installed/system/config.py
\ No newline at end of file diff --git a/modules/expert_mode.py b/modules/expert_mode.py new file mode 120000 index 0000000..aaa140e --- /dev/null +++ b/modules/expert_mode.py @@ -0,0 +1 @@ +installed/system/expert_mode.py
\ No newline at end of file diff --git a/modules/file_explorer.py b/modules/file_explorer.py new file mode 120000 index 0000000..f191916 --- /dev/null +++ b/modules/file_explorer.py @@ -0,0 +1 @@ +installed/sharing/file_explorer.py
\ No newline at end of file diff --git a/modules/forms.py b/modules/forms.py new file mode 120000 index 0000000..4b0a507 --- /dev/null +++ b/modules/forms.py @@ -0,0 +1 @@ +installed/lib/forms.py
\ No newline at end of file diff --git a/modules/help.py b/modules/help.py new file mode 120000 index 0000000..3fc0799 --- /dev/null +++ b/modules/help.py @@ -0,0 +1 @@ +installed/help/help.py
\ No newline at end of file diff --git a/modules/info.py b/modules/info.py new file mode 120000 index 0000000..0cc4052 --- /dev/null +++ b/modules/info.py @@ -0,0 +1 @@ +installed/router/info.py
\ No newline at end of file diff --git a/modules/installed/apps/apps.py b/modules/installed/apps/apps.py new file mode 100644 index 0000000..1de7617 --- /dev/null +++ b/modules/installed/apps/apps.py @@ -0,0 +1,35 @@ +import cherrypy +from modules.auth import require +from plugin_mount import PagePlugin +import cfg + +class Apps(PagePlugin): + def __init__(self, *args, **kwargs): + PagePlugin.__init__(self, *args, **kwargs) + self.register_page("apps") + self.menu = cfg.main_menu.add_item("User Apps", "/apps", 80) + self.menu.add_item("Photo Gallery", "/apps/photos", 35) + + @cherrypy.expose + def index(self): + main = """ + <p>User Applications are web apps hosted on your %s.</p> + + <p>Eventually this box could be your photo sharing site, your + instant messaging site, your social networking site, your news + site. Remember web portals? We can be one of those too. + Many of the services you use on the web could soon be on site + and under your control!</p> + """ % (cfg.product_name) + return self.fill_template(title="User Applications", main=main, sidebar_right='') + + @cherrypy.expose + @require() + def photos(self): + return self.fill_template(title="Open ID", main='', sidebar_right=""" +<h2>Photo Gallery</h2><p>Your photos might well be the most valuable +digital property you have, so why trust it to companies that have no +investment in the sentimental value of your family snaps? Keep those +photos local, backed up, easily accessed and free from the whims of +some other websites business model.</p> +""") diff --git a/modules/installed/help/help.py b/modules/installed/help/help.py new file mode 100644 index 0000000..28229a3 --- /dev/null +++ b/modules/installed/help/help.py @@ -0,0 +1,91 @@ +import os +import cherrypy +from gettext import gettext as _ +from plugin_mount import PagePlugin +import cfg +class Help(PagePlugin): + def __init__(self, *args, **kwargs): + PagePlugin.__init__(self, *args, **kwargs) + self.register_page("help") + self.menu = cfg.main_menu.add_item(_("Documentation and FAQ"), "/help", 101) + self.menu.add_item(_("Where to Get Help"), "/help/index", 5) + self.menu.add_item(_("Developer's Manual"), "/help/view/plinth", 10) + self.menu.add_item(_("FAQ"), "/help/view/faq", 20) + self.menu.add_item(_("%s Wiki" % cfg.box_name), "http://wiki.debian.org/FreedomBox", 30) + self.menu.add_item(_("Design and Architecture"), "/help/view/design", 40) + self.menu.add_item(_("About"), "/help/about", 100) + + @cherrypy.expose + def index(self): + main=""" + <p>There are a variety of places to go for help with Plinth + and the box it runs on.</p> + + <p>This front end has a <a + href="/help/view/plinth">developer's manual</a>. It isn't + complete, but it is the first place to look. Feel free to + offer suggestions, edits, and screenshots for completing + it!</p> + + <p><a href="http://wiki.debian.org/FreedomBox">A section of + the Debian wiki</a> is devoted to the %(box)s. At some + point the documentation in the wiki and the documentation in + the manual should dovetail.</p> + + <p>I have collected some of my thoughts about the %(box)s + in a <a href="/help/view/design">document focused on its + design and architecture</a>.</p> + + <p>There + are Debian gurus in the \#debian channels of both + irc.freenode.net and irc.oftc.net. They probably don't know + much about the %(box)s and almost surely know nothing of + this front end, but they are an incredible resource for + general Debian issues.</p> + + <p>There is no <a href="/help/view/faq">FAQ</a> because + the question frequency is currently zero for all + questions.</p> + """ % {'box':cfg.box_name} + return self.fill_template(title="Documentation and FAQ", main=main) + + @cherrypy.expose + def about(self): + return self.fill_template(title=_("About the %s" % cfg.box_name), main=""" + <p> We live in a world where our use of the network is + mediated by organizations that often do not have our best + interests at heart. By building software that does not rely on + a central service, we can regain control and privacy. By + keeping our data in our homes, we gain useful legal + protections over it. By giving back power to the users over + their networks and machines, we are returning the Internet to + its intended peer-to-peer architecture.</p> + + <p>In order to bring about the new network order, it is + paramount that it is easy to convert to it. The hardware it + runs on must be cheap. The software it runs on must be easy to + install and administrate by anybody. It must be easy to + transition from existing services.</p> + + <p>There are a number of projects working to realize a future + of distributed services; we aim to bring them all together in + a convenient package.</p> + + <p>For more information about the Freedom Box project, see the + <a href="http://wiki.debian.org/FreedomBox">Debian + Wiki</a>.</p>""") + +class View(PagePlugin): + def __init__(self, *args, **kwargs): + PagePlugin.__init__(self, *args, **kwargs) + self.register_page("help.view") + + @cherrypy.expose + def default(self, page=''): + if page not in ['design', 'plinth', 'hacking', 'faq']: + raise cherrypy.HTTPError(404, "The path '/help/view/%s' was not found." % page) + return self.fill_template(template="err", main="<p>Sorry, as much as I would like to show you that page, I don't seem to have a page named %s!</p>" % page) + IF = open(os.path.join("doc", "%s.part.html" % page), 'r') + main = IF.read() + IF.close() + return self.fill_template(template="two_col", title=_("%s Documentation" % cfg.product_name), main=main) diff --git a/modules/installed/lib/auth.py b/modules/installed/lib/auth.py new file mode 100644 index 0000000..4b0f229 --- /dev/null +++ b/modules/installed/lib/auth.py @@ -0,0 +1,118 @@ +# Form based authentication for CherryPy. Requires the +# Session tool to be loaded. +# +# Thanks for this code is owed to Arnar Birgisson -at - gmail.com. It +# is based on code he wrote that was retrieved from +# http://tools.cherrypy.org/wiki/AuthenticationAndAccessRestrictions +# on 1 February 2011. + +# TODO: DeprecationWarning: the md5 module is deprecated; use hashlib instead import md5 + +import cherrypy +import urllib, hashlib +import cfg + +cfg.session_key = '_cp_username' + +def check_credentials(username, passphrase): + """Verifies credentials for username and passphrase. + Returns None on success or a string describing the error on failure""" + + u = cfg.users.get(username) + if u is None: + cfg.log("Unknown user: %s" % username) + return u"Username %s is unknown to me." % username + if u['passphrase'] != hashlib.md5(passphrase).hexdigest(): + return u"Incorrect passphrase." + + +def check_auth(*args, **kwargs): + """A tool that looks in config for 'auth.require'. If found and it + is not None, a login is required and the entry is evaluated as a + list of conditions that the user must fulfill""" + conditions = cherrypy.request.config.get('auth.require', None) + if conditions is not None: + username = cherrypy.session.get(cfg.session_key) + if username: + cherrypy.request.login = username + for condition in conditions: + # A condition is just a callable that returns true or false + if not condition(): + raise cherrypy.HTTPRedirect("/auth/login") + else: + raise cherrypy.HTTPRedirect("/auth/login") + +def check_auth(*args, **kwargs): + """A tool that looks in config for 'auth.require'. If found and it + is not None, a login is required and the entry is evaluated as a + list of conditions that the user must fulfill""" + conditions = cherrypy.request.config.get('auth.require', None) + # format GET params + get_params = urllib.quote(cherrypy.request.request_line.split()[1]) + if conditions is not None: + username = cherrypy.session.get(cfg.session_key) + if username: + cherrypy.request.login = username + for condition in conditions: + # A condition is just a callable that returns true or false + if not condition(): + # Send old page as from_page parameter + raise cherrypy.HTTPRedirect("/auth/login?from_page=%s" % get_params) + else: + # Send old page as from_page parameter + raise cherrypy.HTTPRedirect("/auth/login?from_page=%s" % get_params) + +cherrypy.tools.auth = cherrypy.Tool('before_handler', check_auth) + +def require(*conditions): + """A decorator that appends conditions to the auth.require config + variable.""" + def decorate(f): + if not hasattr(f, '_cp_config'): + f._cp_config = dict() + if 'auth.require' not in f._cp_config: + f._cp_config['auth.require'] = [] + f._cp_config['auth.require'].extend(conditions) + return f + return decorate + + +# Conditions are callables that return True +# if the user fulfills the conditions they define, False otherwise +# +# They can access the current username as cherrypy.request.login +# +# Define those at will however suits the application. + +def member_of(groupname): + def check(): + # replace with actual check if <username> is in <groupname> + return cherrypy.request.login == 'joe' and groupname == 'admin' + return check + +def name_is(reqd_username): + return lambda: reqd_username == cherrypy.request.login + +# These might be handy + +def any_of(*conditions): + """Returns True if any of the conditions match""" + def check(): + for c in conditions: + if c(): + return True + return False + return check + +# By default all conditions are required, but this might still be +# needed if you want to use it inside of an any_of(...) condition +def all_of(*conditions): + """Returns True if all of the conditions match""" + def check(): + for c in conditions: + if not c(): + return False + return True + return check + + diff --git a/modules/installed/lib/auth_page.py b/modules/installed/lib/auth_page.py new file mode 100644 index 0000000..6525dc6 --- /dev/null +++ b/modules/installed/lib/auth_page.py @@ -0,0 +1,49 @@ +import cherrypy +import cfg +from plugin_mount import PagePlugin +from modules.forms import Form +from auth import * +# Controller to provide login and logout actions + +class AuthController(PagePlugin): + def __init__(self, *args, **kwargs): + PagePlugin.__init__(self, *args, **kwargs) + self.register_page("auth") + + def on_login(self, username): + """Called on successful login""" + + def on_logout(self, username): + """Called on logout""" + + def get_loginform(self, username, msg='', from_page="/"): + form = Form(title="Login", action="/auth/login", message=msg) + form.text_input(name="from_page", value=from_page, type="hidden") + form.text_input("Username", name="username", value=username) + form.text_input("Passphrase", name="passphrase", type="password") + form.submit(label="Login") + + return self.fill_template(main=form.render(), sidebar_right=" ") + + @cherrypy.expose + def login(self, username=None, passphrase=None, from_page="/", **kwargs): + if username is None or passphrase is None: + return self.get_loginform("", from_page=from_page) + + error_msg = check_credentials(username, passphrase) + if error_msg: + return self.get_loginform(username, error_msg, from_page) + else: + cherrypy.session[cfg.session_key] = cherrypy.request.login = username + self.on_login(username) + raise cherrypy.HTTPRedirect(from_page or "/") + + @cherrypy.expose + def logout(self, from_page="/"): + sess = cherrypy.session + username = sess.get(cfg.session_key, None) + sess[cfg.session_key] = None + if username: + cherrypy.request.login = None + self.on_logout(username) + raise cherrypy.HTTPRedirect(from_page or "/") diff --git a/modules/installed/lib/forms.py b/modules/installed/lib/forms.py new file mode 100644 index 0000000..aac4cd4 --- /dev/null +++ b/modules/installed/lib/forms.py @@ -0,0 +1,123 @@ +class Form(): + def __init__(self, action=None, cls='form', title=None, onsubmit=None, name=None, message='', method="get"): + """Note that there appears to be a bug in cherrypy whereby + forms submitted via post don't have their fields included in + kwargs for the default index method. So we use get by + default, though it's not as neat.""" + + action = self.get_form_attrib_text('action', action) + onsubmit = self.get_form_attrib_text('onsubmit', onsubmit) + name = self.get_form_attrib_text('name', name) + + self.pretext = ' <form class="%s" method="%s" %s%s%s>\n' % (cls, method, action, onsubmit, name) + if title: + self.pretext += ' <h2>%s</h2>\n' % title + + if message: + self.message = "<h3>%s</h3>" % message + else: + self.message = '' + self.text = '' + self.end_text = "</form>\n" + def get_form_attrib_text(self, field, val): + if val: + return ' %s="%s"' % (field, val) + else: + return '' + def html(self, html): + self.text += html + def dropdown(self, label='', name=None, id=None, vals=None, select=None, onchange=''): + """vals is a list of values. + select is the index in vals of the selected item. None means no item is selected yet.""" + name, id = self.name_or_id(name, id) + self.text += (""" <label> + <span>%(label)s</span> + <select name="%(name)s" id="%(id)s" onchange="%(onchange)s">\n""" + % {'label':label, 'name':name, 'id':id, 'onchange':onchange}) + for i in range(len(vals)): + v = vals[i] + if i == select: + selected = "SELECTED" + else: + selected = '' + self.text +=" <option value=\"%s\" %s>%s</option>\n" % (v, selected, v) + self.text += """ </select> + </label>\n""" + + def dotted_quad(self, label='', name=None, id=None, quad=None): + name, id = self.name_or_id(name, id) + if not quad: + quad = [0,0,0,0] + self.text += """ <label> + <span>%(label)s</span> + <input type="text" class="inputtextnowidth" name="%(name)s0" id="%(id)s0" value="%(q0)s" maxlength="3" size="1"/><b>.</b> + <input type="text" class="inputtextnowidth" name="%(name)s1" id="%(id)s1" value="%(q1)s" maxlength="3" size="1"/><b>.</b> + <input type="text" class="inputtextnowidth" name="%(name)s2" id="%(id)s2" value="%(q2)s" maxlength="3" size="1"/><b>.</b> + <input type="text" class="inputtextnowidth" name="%(name)s3" id="%(id)s3" value="%(q3)s" maxlength="3" size="1"/> + </label>""" % {'label':label, 'name':name, 'id':id, 'q0':quad[0], 'q1':quad[1], 'q2':quad[2], 'q3':quad[3]} + + def text_input(self, label='', name=None, id=None, type='text', value='', size=20): + name, id = self.name_or_id(name, id) + if type=="hidden": + self.text += '<input type="%s" class="inputtext" name="%s" id="%s" value="%s"/>' % (type, name, id, value) + else: + self.text += """ <label> + <span>%s</span> + <input type="%s" class="inputtext" name="%s" id="%s" value="%s" size="%s"/> + </label>""" % (label, type, name, id, value, size) + def text_box(self, label='', name=None, id=None): + name, id = self.name_or_id(name, id) + self.text += """ + <label> + <span>%s</span> + <textarea class="textbox" name="%s" id="%s"></textarea> + </label>""" % (label, name, id) + def submit(self, label='', name=None, id=None): + name, id = self.name_or_id(name, id) + self.text += """ + <div class="submit"> + <label><span></span> + <input type="submit" class="button" value="%s" name="%s" id="%s" /> + </label></div>\n""" % (label, name, id) + def submit_row(self, buttons): + """buttons is a list of tuples, each containing label, name, id. Name and id are optional.""" + self.text += '<div class="submit"><label>' + button_text = '' + for button in buttons: + label = button[0] + try: + name = button[1] + except: + name = None + + try: + id = button[2] + except: + id = None + + name, id = self.name_or_id(name, id) + + if button_text != '': + button_text += " " + button_text += '<input type="submit" class="button" value="%s" name="%s" id="%s" />\n' % (label, name, id) + self.text += '%s</div></label>' % button_text + def name_or_id(self, name, id): + if not name: name = id + if not id: id = name + if not name: name = '' + if not id: id = '' + return name, id + def checkbox(self, label='', name='', id='', checked=''): + name, id = self.name_or_id(name, id) + if checked: + checked = 'checked="on"' + self.text += """ + <div class="checkbox"> + <label> + <span>%s</span> + <input type=checkbox name="%s" id="%s" %s/> + </label></div>\n""" % (label, name, id, checked) + def get_checkbox(self, name='', id=''): + return '<input type=checkbox name="%s" id="%s" />\n' % self.name_or_id(name, id) + def render(self): + return self.pretext+self.message+self.text+self.end_text diff --git a/modules/installed/lib/user_store.py b/modules/installed/lib/user_store.py new file mode 100644 index 0000000..f5a7f48 --- /dev/null +++ b/modules/installed/lib/user_store.py @@ -0,0 +1,112 @@ +import os +import simplejson as json +import cherrypy +import cfg +from model import User +from plugin_mount import UserStoreModule + +class UserStore(UserStoreModule): + """The user storage is on disk. Rather than slurp the entire + thing, we read from the disk as needed. Writes are immediate, + though. + + TODO: file locking""" + def __init__(self): + self.data_dir = cfg.users_dir + self.users = {} + def sanitize(username): + """Return username with nonalphanumeric/underscore chars + removed. + + TODO: allow international chars in usernames.""" + pass + def attr(self, key, username): + """Return field from username's record. If key does not + exist, don't raise attribute error, just return None. + + User defaults to current. If no current user and none + specified, return none.""" + try: + return self.get(username)[key] + except AttributeError: + return None + + def current(self, name=False): + """Return current user, if there is one, else None. + If name = True, return the username instead of the user.""" + try: + username = cherrypy.session.get(cfg.session_key) + if name: + return username + else: + return self.get(username) + except AttributeError: + return None + + def expert(self, username=None): + """Return True if user username is an expert, else False. + + If username is None, use the current user. If no such user exists, return False.""" + user = self.get(username) + if not user: + return False + return 'expert' in user['groups'] + + def get(self, username=None, reload=False): + """Returns a user instance with the user's info or else None if the user couldn't be found. + + If reload is true, reload from disk, regardless of dict's contents + + If username is None, try current user. If no current user, return None. + + TODO: implement user_store.get reload""" + + if not username: + username = self.current(name=True) + + try: + return self.users[username] + except KeyError: + try: + IF = open(os.path.join(self.data_dir, username), "r") + except IOError: + return None + data = IF.read() + IF.close() + + # We cache the result, and since we assume a system with + # relatively few users and small user data files, we never + # expire those results. If we revisit that assumption, we + # might need some cache expiry. + self.users[username] = User(json.loads(data)) + + return self.users[username] + def exists(self, username): + """Return True if username exists, else False.""" + return username in self.users or os.path.exists(os.path.join(cfg.users_dir, username)) + def get_all(self): + "Returns a list of all the user objects" + usernames = os.listdir(self.data_dir) + for name in usernames: + self.get(name) + return self.users + def set(self, user): + """Set the user data, both in memory and as needed in storage.""" + OF = open(os.path.join(self.data_dir, user['username']), 'w') + OF.write(json.dumps(user)) + OF.close() + def remove(self, user): + """Delete the user from storage and RAM. User can be a user instance or a username.""" + try: + name = user['name'] + except TypeError: + if isinstance(user, basestring): + name = user + else: + raise TypeError + os.unlink(os.path.join(cfg.users_dir, name)) + try: + del self.users[name] + except KeyError: + pass + cfg.log.info("%s deleted %s" % (cherrypy.session.get(cfg.session_key), name)) diff --git a/modules/installed/privacy/privacy.py b/modules/installed/privacy/privacy.py new file mode 100644 index 0000000..b62ba5d --- /dev/null +++ b/modules/installed/privacy/privacy.py @@ -0,0 +1,41 @@ +import cherrypy +from gettext import gettext as _ +from plugin_mount import PagePlugin +from modules.auth import require +import cfg + +class Privacy(PagePlugin): + def __init__(self, *args, **kwargs): + PagePlugin.__init__(self, *args, **kwargs) + self.register_page("privacy") + self.menu = cfg.main_menu.add_item("Privacy Controls", "/privacy", 12) + self.menu.add_item("General Config", "/privacy/config", 10) + self.menu.add_item("Ad Blocking", "/privacy/adblock", 20) + self.menu.add_item("TOR", "/privacy/TOR", 30) + self.menu.add_item("HTTPS Everywhere", "/privacy/https_everywhere", 30) + + @cherrypy.expose + def index(self): + #raise cherrypy.InternalRedirect('/privacy/config') + return self.config() + + @cherrypy.expose + @require() + def config(self): + main=""" + <p>Privacy controls are not yet implemented. This page is a + placeholder and a promise: privacy is important enough that it + is a founding consideration, not an afterthought.</p> + """ + return self.fill_template(title=_("Privacy Control Panel"), main=main, +sidebar_right=_("""<h2>Statement of Principles</h2><p>When we say your +privacy is important, it's not just an empty pleasantry. We really +mean it. Your privacy control panel should give you fine-grained +control over exactly who can access your %s and the +information on it.</p> + +<p>Your personal information should not leave this box without your +knowledge and direction. And if companies or government wants this +information, they have to ask <b>you</b> for it. This gives you a +change to refuse and also tells you who wants your data.</p> +""") % cfg.product_name) diff --git a/modules/installed/router/info.py b/modules/installed/router/info.py new file mode 100644 index 0000000..1f4585a --- /dev/null +++ b/modules/installed/router/info.py @@ -0,0 +1,18 @@ +import cherrypy +from plugin_mount import PagePlugin +from modules.auth import require + +class Info(PagePlugin): + title = 'Info' + order = 10 + url = 'info' + + def __init__(self, *args, **kwargs): + self.register_page("router.info") + + @cherrypy.expose + @require() + def index(self): + return self.fill_template(title="Router Information", main=""" +<p> Eventually we will display a bunch of info, graphs and logs about the routing functions here.</p> +""") diff --git a/modules/installed/router/router.py b/modules/installed/router/router.py new file mode 100644 index 0000000..8d9ac1d --- /dev/null +++ b/modules/installed/router/router.py @@ -0,0 +1,160 @@ +from urlparse import urlparse +import os, cherrypy +from gettext import gettext as _ +from plugin_mount import PagePlugin, PluginMount, FormPlugin +from modules.auth import require +from forms import Form +from util import * +import cfg + +class router(PagePlugin): + order = 10 # order of running init in PagePlugins + def __init__(self, *args, **kwargs): + self.register_page("router") + self.menu = cfg.main_menu.add_item("Router Admin", "/router", 10) + self.menu.add_item("Wireless", "/router/wireless", 12) + self.menu.add_item("Firewall", "/router/firewall", 18) + self.menu.add_item("Hotspot and Mesh", "/router/hotspot") + self.menu.add_item("Info", "/router/info", 100) + + @cherrypy.expose + def index(self): + """This isn't an internal redirect, because we need the url to + reflect that we've moved down into the submenu hierarchy. + Otherwise, it's hard to know which menu portion to make active + or expand or contract.""" + raise cherrypy.HTTPRedirect('/router/setup') + + @cherrypy.expose + @require() + def wireless(self): + return self.fill_template(title="Wireless", main="<p>wireless setup: essid, etc.</p>") + + @cherrypy.expose + @require() + def firewall(self): + return self.fill_template(title="Firewall", main="<p>Iptables twiddling.</p>") + + @cherrypy.expose + @require() + def hotspot(self): + return self.fill_template(title="Hotspot and Mesh", main="<p>connection sharing setup.</p>") + + + +class setup(PagePlugin): + def __init__(self, *args, **kwargs): + self.register_page("router.setup") + self.menu = cfg.html_root.router.menu.add_item("General Setup", "/router/setup", 10) + self.menu.add_item("Dynamic DNS", "/router/setup/ddns", 20) + self.menu.add_item("MAC Address Clone", "/router/setup/mac_address", 30) + + @cherrypy.expose + @require() + def index(self): + parts = self.forms('/router/setup') + parts['title'] = "General Router Setup" + parts['sidebar_right']="""<h2>Introduction</h2><p>Your %s is a replacement for your +wireless router. By default, it should do everything your usual +router does. With the addition of some extra modules, its abilities +can rival those of high-end routers costing hundreds of dollars.</p> +""" % cfg.box_name + parts['sidebar_right'] + if not cfg.users.expert(): + main += """<p>In basic mode, you don't need to do any + router setup before you can go online. Just plug your + %(product)s in to your cable or DSL modem and the router + will try to get you on the internet using DHCP.</p> + + <p>If that fails, you might need to resort to the expert + options. Enable expert mode in the "%(product)s System / + Configure" menu.</p>""" % {'product':cfg.box_name} + else: + parts['main'] += "<p>router name, domain name, router IP, dhcp</p>" + return self.fill_template(**parts) + + @cherrypy.expose + @require() + def ddns(self): + return self.fill_template(title="Dynamic DNS", main="<p>Masquerade setup</p>") + + @cherrypy.expose + @require() + def mac_address(self): + return self.fill_template(title="MAC Address Cloning", + main="<p>Your router can pretend to have a different MAC address on any interface.</p>") + + +class wan(FormPlugin, PagePlugin): + url = ["/router/setup"] + order = 10 + + js = """<script LANGUAGE="JavaScript"> + <!-- + function hideshow_static() { + var d = document.getElementById('connect_type'); + connect_type = d.value; + if (connect_type != 'Static IP') { + hide("static_ip_form"); + } else { + show("static_ip_form"); + } + } + // --> + </script>""" + + def sidebar_right(self, *args, **kwargs): + side='' + if cfg.users.expert(): + side += """<h2>WAN Connection Type</h2> + <h3>DHCP</h3><p>DHCP allows your router to automatically + connect with the upstream network. If you are unsure what + option to choose, stick with DHCP. It is usually + correct. + + <h3>Static IP</h3><p>If you want to setup your connection + manually, you can enter static IP information. This option is + for those who know what they're doing. As such, it is only + available in expert mode.</p>""" + return side + + def main(self, wan_ip0=0, wan_ip1=0, wan_ip2=0, wan_ip3=0, + subnet0=0, subnet1=0, subnet2=0, subnet3=0, + gateway0=0, gateway1=0, gateway2=0, gateway3=0, + dns10=0, dns11=0, dns12=0, dns13=0, + dns20=0, dns21=0, dns22=0, dns23=0, + dns30=0, dns31=0, dns32=0, dns33=0, + message=None, **kwargs): + if not cfg.users.expert(): + return '' + + store = filedict_con(cfg.store_file, 'router') + defaults = {'connect_type': "'DHCP'", + } + for k,c in defaults.items(): + if not k in kwargs: + try: + kwargs[k] = store[k] + except KeyError: + exec("if not '%(k)s' in kwargs: store['%(k)s'] = kwargs['%(k)s'] = %(c)s" % {'k':k, 'c':c}) + + form = Form(title="WAN Connection", + action="/router/setup/wan/index", + name="wan_connection_form", + message=message) + form.dropdown('Connection Type', vals=["DHCP", "Static IP"], id="connect_type", onchange="hideshow_static()") + form.html('<div id="static_ip_form">') + form.dotted_quad("WAN IP Address", name="wan_ip", quad=[wan_ip0, wan_ip1, wan_ip2, wan_ip3]) + form.dotted_quad("Subnet Mask", name="subnet", quad=[subnet0, subnet1, subnet2, subnet3]) + form.dotted_quad("Gateway", name="gateway", quad=[gateway0, gateway1, gateway2, gateway3]) + form.dotted_quad("Static DNS 1", name="dns1", quad=[dns10, dns11, dns12, dns13]) + form.dotted_quad("Static DNS 2", name="dns2", quad=[dns20, dns21, dns22, dns23]) + form.dotted_quad("Static DNS 3", name="dns3", quad=[dns30, dns31, dns32, dns33]) + form.html('</div>') + form.html(""" <script LANGUAGE="JavaScript"> + <!-- + hideshow_static(); + // --> + </script>""") + form.submit("Set Wan") + return form.render() + diff --git a/modules/installed/services/services.py b/modules/installed/services/services.py new file mode 100644 index 0000000..c99da08 --- /dev/null +++ b/modules/installed/services/services.py @@ -0,0 +1,25 @@ +import cherrypy +from modules.auth import require +from plugin_mount import PagePlugin +import cfg + +class Services(PagePlugin): + def __init__(self, *args, **kwargs): + PagePlugin.__init__(self, *args, **kwargs) + self.register_page("services") + self.menu = cfg.main_menu.add_item("Other Services", "/services", 90) + self.menu.add_item("Open ID", "/services/openid", 35) + + @cherrypy.expose + def index(self): + return self.openid() + + @cherrypy.expose + @require() + def openid(self): + return self.fill_template(title="Open ID", main='', sidebar_right=""" +<h2>One Login for Every Site</h2><p>Your %s is also an OpenID +machine. It can generate credentials that allow you to log in to many +websites without the need to remember or enter a separate username and +password at each one.</p> +""" % cfg.box_name) diff --git a/modules/installed/sharing/file_explorer.py b/modules/installed/sharing/file_explorer.py new file mode 100644 index 0000000..1e7ce6f --- /dev/null +++ b/modules/installed/sharing/file_explorer.py @@ -0,0 +1,35 @@ +import cherrypy +from modules.auth import require +from plugin_mount import PagePlugin +import cfg + +class FileExplorer(PagePlugin): + def __init__(self, *args, **kwargs): + PagePlugin.__init__(self, *args, **kwargs) + self.register_page("sharing.explorer") + cfg.html_root.sharing.menu.add_item("File Explorer", "/sharing/explorer", 30) + + @cherrypy.expose + @require() + def index(self): + main = """ +<p>File explorer for users that also have shell accounts.</p> <p>Until +that is written (and it will be a while), we should install <a +href="http://www.mollify.org/demo.php">mollify</a> or <a +href="http://www.ajaxplorer.info/wordpress/demo/">ajaxplorer</a>, but +of which seem to have some support for playing media files in the +browser (as opposed to forcing users to download and play them +locally). The downsides to third-party explorers are: they're don't +fit within our theme system, they require separate login, and they're +written in php, which will make integrating them hard.</p> + +<p>There are, of course, many other options for php-based file +explorers. These were the ones I saw that might do built-in media +players.</p> + +<p>For python-friendly options, check out <a +href="http://blogfreakz.com/jquery/web-based-filemanager/">FileManager</a>. +It appears to be mostly javascript with some bindings to make it +python-friendly.</p> +""" + return self.fill_template(title="File Explorer", main=main, sidebar_right='') diff --git a/modules/installed/sharing/sharing.py b/modules/installed/sharing/sharing.py new file mode 100644 index 0000000..fcba993 --- /dev/null +++ b/modules/installed/sharing/sharing.py @@ -0,0 +1,51 @@ +import cherrypy +from gettext import gettext as _ +from modules.auth import require +from plugin_mount import PagePlugin +import cfg + +class Sharing(PagePlugin): + def __init__(self, *args, **kwargs): + PagePlugin.__init__(self, *args, **kwargs) + self.register_page("sharing") + self.menu = cfg.main_menu.add_item("Resource Sharing", "/sharing", 35) + self.menu.add_item("File Server", "/sharing/files", 10) + + @cherrypy.expose + def index(self): + """This isn't an internal redirect, because we need the url to + reflect that we've moved down into the submenu hierarchy. + Otherwise, it's hard to know which menu portion to make active + or expand or contract.""" + raise cherrypy.HTTPRedirect('/sharing/files') + + @cherrypy.expose + @require() + def files(self): + return self.fill_template(title="File Server", main='', sidebar_right=_(""" +<h2>Freedom NAS</h2><p> The %s can make your spare hard drives accessible to your +local network, thus acting as a NAS server. We currently support +sharing files via NFS and SMB. + +TODO: this is not true. We currently support no sharing.</p> +""" % cfg.box_name)) + +#TODO: move PrinterSharing to another file, as it should be an optional module (most people don't care about printer sharing) +class PrinterSharing(PagePlugin): + def __init__(self, *args, **kwargs): + PagePlugin.__init__(self, *args, **kwargs) + self.register_page("sharing.printer") + cfg.html_root.sharing.menu.add_item("Printer Sharing", "/sharing/printer", 35) + + @cherrypy.expose + @require() + def index(self): + main = """ +<p>TODO: Setup and install SAMBA</p> +<p>TODO: Setup and install CUPS</p> +""" + return self.fill_template(title="Printer Sharing", main=main, sidebar_right=""" +<h2>Share Your Printer</h2><p> The %s can share your printer via Samba and CUPS.</p> +""" % cfg.box_name) + + diff --git a/modules/installed/system/config.py b/modules/installed/system/config.py new file mode 100644 index 0000000..151b710 --- /dev/null +++ b/modules/installed/system/config.py @@ -0,0 +1,135 @@ +import os, shutil, subprocess +from socket import gethostname +import cherrypy +import simplejson as json +from gettext import gettext as _ +from filedict import FileDict +from modules.auth import require +from plugin_mount import PagePlugin, FormPlugin +import cfg +from forms import Form +from model import User +from util import * + +class Config(PagePlugin): + def __init__(self, *args, **kwargs): + self.register_page("sys.config") + + @cherrypy.expose + @require() + def index(self): + parts = self.forms('/sys/config') + parts['title']=_("Configure this %s" % cfg.box_name) + return self.fill_template(**parts) + +def valid_hostname(name): + """Return '' if name is a valid hostname by our standards (not + just by RFC 952 and RFC 1123. We're more conservative than the + standard. If hostname isn't valid, return message explaining why.""" + + message = '' + if len(name) > 63: + message += "<br />Hostname too long (max is 63 characters)" + + if not is_alphanumeric(name): + message += "<br />Hostname must be alphanumeric" + + if not name[0] in "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ": + message += "<br />Hostname must start with a letter" + + return message + +def set_hostname(hostname): + "Sets machine hostname to hostname" + cfg.log.info("Writing '%s' to /etc/hostname" % hostname) + unslurp("/etc/hostname", hostname+"\n") + try: + retcode = subprocess.call("/etc/init.d/hostname.sh start", shell=True) + if retcode < 0: + cfg.log.error("Hostname restart terminated by signal: return code is %s" % retcode) + else: + cfg.log.debug("Hostname restart returned %s" % retcode) + except OSError, e: + raise cherrypy.HTTPError(500, "Hostname restart failed: %s" % e) + + sys_store = filedict_con(cfg.store_file, 'sys') + sys_store['hostname'] = hostname + +class general(FormPlugin, PagePlugin): + url = ["/sys/config"] + order = 30 + + def help(self, *args, **kwargs): + + ## only expert users are going to get deep enough to see any timestamps + if not cfg.users.expert(): + return '' + return _(#"""<h2>Time Zone</h2> + """<p>Set your timezone to get accurate + timestamps. %(product)s will use this information to set your + %(box)s's systemwide timezone.</p> + """ % {'product':cfg.product_name, 'box':cfg.box_name}) + + def main(self, message='', **kwargs): + sys_store = filedict_con(cfg.store_file, 'sys') + defaults = {'time_zone': "slurp('/etc/timezone').rstrip()", + 'hostname': "gethostname()", + } + for k,c in defaults.items(): + if not k in kwargs: + try: + kwargs[k] = sys_store[k] + except KeyError: + exec("if not '%(k)s' in kwargs: sys_store['%(k)s'] = kwargs['%(k)s'] = %(c)s" % {'k':k, 'c':c}) + + ## Get the list of supported timezones and the index in that list of the current one + module_file = __file__ + if module_file.endswith(".pyc"): + module_file = module_file[:-1] + time_zones = json.loads(slurp(os.path.join(os.path.dirname(os.path.realpath(module_file)), "time_zones"))) + for i in range(len(time_zones)): + if kwargs['time_zone'] == time_zones[i]: + time_zone_id = i + break + + ## A little sanity checking. Make sure the current timezone is in the list. + try: + cfg.log('kwargs tz: %s, from_table: %s' % (kwargs['time_zone'], time_zones[time_zone_id])) + except NameError: + cfg.log.critical("Unknown Time Zone: %s" % kwargs['time_zone']) + raise cherrypy.HTTPError(500, "Unknown Time Zone: %s" % kwargs['time_zone']) + + ## And now, the form. + form = Form(title=_("General Config"), + action="/sys/config/general/index", + name="config_general_form", + message=message ) + form.html(self.help()) + form.dropdown(_("Time Zone"), name="time_zone", vals=time_zones, select=time_zone_id) + form.html("<p>Your hostname is the local name by which other machines on your LAN can reach you.</p>") + form.text_input('Hostname', name='hostname', value=kwargs['hostname']) + form.submit(_("Submit")) + return form.render() + + def process_form(self, time_zone='', hostname='', *args, **kwargs): + sys_store = filedict_con(cfg.store_file, 'sys') + message = '' + if hostname != sys_store['hostname']: + msg = valid_hostname(hostname) + if msg == '': + old_val = sys_store['hostname'] + try: + set_hostname(hostname) + except: + cfg.log.info("Trying to restore old hostname value.") + set_hostname(old_val) + raise + else: + message += msg + if time_zone != sys_store['time_zone']: + src = os.path.join("/usr/share/zoneinfo", time_zone) + cfg.log.info("Copying %s to /etc/localtime" % src) + shutil.copy(src, "/etc/localtime") + sys_store['time_zone'] = time_zone + return message or "Settings updated." + diff --git a/modules/installed/system/expert_mode.py b/modules/installed/system/expert_mode.py new file mode 100644 index 0000000..16420a5 --- /dev/null +++ b/modules/installed/system/expert_mode.py @@ -0,0 +1,70 @@ +import os +import cherrypy +import simplejson as json +from gettext import gettext as _ +from filedict import FileDict +from modules.auth import require +from plugin_mount import PagePlugin, FormPlugin +import cfg +from forms import Form +from model import User +from util import * + +class experts(FormPlugin, PagePlugin): + url = ["/sys/config"] + order = 10 + + def help(self, *args, **kwargs): + side = _(#"""<h2>Expert Mode</h2> + """ + <p>The %(box)s can be administered in two modes, 'basic' + and 'expert'. Basic mode hides a lot of features and + configuration options that most users will never need to think + about. Expert mode allows you to get into the details.</p> + + <p>Most users can operate the %(box)s by configuring the + limited number of options visible in Basic mode. For the sake + of simplicity and ease of use, we hid most of %(product)s's + less frequently used options. But if you want more + sophisticated features, you can enable Expert mode, and + %(product)s will present more advanced menu options.</p> + + <p>You should be aware that it might be possible to render + your %(box)s inaccessible via Expert mode options.</p> + """ % {'box':cfg.box_name, 'product':cfg.product_name}) + + return side + + def main(self, expert=None, message='', **kwargs): + """Note that kwargs contains '':"submit" if this is coming + from a submitted form. If kwargs is empty, it's a fresh form + with no user input, which means it should just reflect the + state of the stored data.""" + if not kwargs and expert == None: + expert = cfg.users.expert() + cfg.log("Expert mode is %s" % expert) + form = Form(title=_("Expert Mode"), + action="/sys/config/experts", + name="expert_mode_form", + message=message ) + form.html(self.help()) + form.checkbox(_("Expert Mode"), name="expert", checked=expert) + form.submit(_("Submit")) + return form.render() + + def process_form(self, expert='', *args, **kwargs): + user = cfg.users.get() + + message = 'settings unchanged' + + if expert: + if not 'expert' in user['groups']: + user['groups'].append('expert') + message = "enabled" + else: + if 'expert' in user['groups']: + user['groups'].remove('expert') + message = "disabled" + + cfg.users.set(user) + return "Expert mode %s." % message diff --git a/modules/installed/system/system.py b/modules/installed/system/system.py new file mode 100644 index 0000000..7f04f64 --- /dev/null +++ b/modules/installed/system/system.py @@ -0,0 +1,50 @@ +import os +import cherrypy +import simplejson as json +from gettext import gettext as _ +from filedict import FileDict +from auth import require +from plugin_mount import PagePlugin, FormPlugin +import cfg +from forms import Form +from model import User +from util import * + +sys_dir = "modules/installed/sys" + + +class Sys(PagePlugin): + order = 10 + def __init__(self, *args, **kwargs): + cfg.log("!!!!!!!!!!!!!!!!!!!!") + PagePlugin.__init__(self, *args, **kwargs) + self.register_page("sys") + self.menu = cfg.main_menu.add_item(_("%s System" % cfg.product_name), "/sys", 100) + self.menu.add_item(_("Configure"), "/sys/config", 10) + self.menu.add_item(_("Package Manager"), "/sys/packages", 20) + self.menu.add_item(_("Users and Groups"), "/sys/users", 15) + + @cherrypy.expose + def index(self): + return self.fill_template(title=_("System Configuration"), main=_(""" + <p>In this section, you can control the %(product)s's + underlying system, as opposed to its various applications and + services. These options affect the %(product)s at its most + general level. This is where you add/remove users, install + applications, reboot, etc.</p> + """ % {'product':cfg.product_name})) + + @cherrypy.expose + @require() + def packages(self): + side=_(""" +<h2>Help</h2> +<p>On this page, you can add or remove %s plugins to your %s.</p> +<p>Plugins are just Debian packages, so Debian's usual package management features should make this job fairly easy.</p> +""" % (cfg.product_name, cfg.box_name)) + return self.fill_template(title=_("Add/Remove Plugins"), main=_(""" + <p>aptitude purge modules</p> + <p>aptitude install modules</p> + <p>The modules should depend on the appropriate Debian packages.</p>"""), + sidebar_right=side) + diff --git a/modules/installed/system/time_zones b/modules/installed/system/time_zones new file mode 100644 index 0000000..58c8b7a --- /dev/null +++ b/modules/installed/system/time_zones @@ -0,0 +1,572 @@ +[ + "Africa/Abidjan", + "Africa/Accra", + "Africa/Addis_Ababa", + "Africa/Algiers", + "Africa/Asmara", + "Africa/Asmera", + "Africa/Bamako", + "Africa/Bangui", + "Africa/Banjul", + "Africa/Bissau", + "Africa/Blantyre", + "Africa/Brazzaville", + "Africa/Bujumbura", + "Africa/Cairo", + "Africa/Casablanca", + "Africa/Ceuta", + "Africa/Conakry", + "Africa/Dakar", + "Africa/Dar_es_Salaam", + "Africa/Djibouti", + "Africa/Douala", + "Africa/El_Aaiun", + "Africa/Freetown", + "Africa/Gaborone", + "Africa/Harare", + "Africa/Johannesburg", + "Africa/Kampala", + "Africa/Khartoum", + "Africa/Kigali", + "Africa/Kinshasa", + "Africa/Lagos", + "Africa/Libreville", + "Africa/Lome", + "Africa/Luanda", + "Africa/Lubumbashi", + "Africa/Lusaka", + "Africa/Malabo", + "Africa/Maputo", + "Africa/Maseru", + "Africa/Mbabane", + "Africa/Mogadishu", + "Africa/Monrovia", + "Africa/Nairobi", + "Africa/Ndjamena", + "Africa/Niamey", + "Africa/Nouakchott", + "Africa/Ouagadougou", + "Africa/Porto-Novo", + "Africa/Sao_Tome", + "Africa/Timbuktu", + "Africa/Tripoli", + "Africa/Tunis", + "Africa/Windhoek", + "America/Adak", + "America/Anchorage", + "America/Anguilla", + "America/Antigua", + "America/Araguaina", + "America/Argentina/Buenos_Aires", + "America/Argentina/Catamarca", + "America/Argentina/ComodRivadavia", + "America/Argentina/Cordoba", + "America/Argentina/Jujuy", + "America/Argentina/La_Rioja", + "America/Argentina/Mendoza", + "America/Argentina/Rio_Gallegos", + "America/Argentina/Salta", + "America/Argentina/San_Juan", + "America/Argentina/San_Luis", + "America/Argentina/Tucuman", + "America/Argentina/Ushuaia", + "America/Aruba", + "America/Asuncion", + "America/Atikokan", + "America/Atka", + "America/Bahia", + "America/Bahia_Banderas", + "America/Barbados", + "America/Belem", + "America/Belize", + "America/Blanc-Sablon", + "America/Boa_Vista", + "America/Bogota", + "America/Boise", + "America/Buenos_Aires", + "America/Cambridge_Bay", + "America/Campo_Grande", + "America/Cancun", + "America/Caracas", + "America/Catamarca", + "America/Cayenne", + "America/Cayman", + "America/Chicago", + "America/Chihuahua", + "America/Coral_Harbour", + "America/Cordoba", + "America/Costa_Rica", + "America/Cuiaba", + "America/Curacao", + "America/Danmarkshavn", + "America/Dawson", + "America/Dawson_Creek", + "America/Denver", + "America/Detroit", + "America/Dominica", + "America/Edmonton", + "America/Eirunepe", + "America/El_Salvador", + "America/Ensenada", + "America/Fort_Wayne", + "America/Fortaleza", + "America/Glace_Bay", + "America/Godthab", + "America/Goose_Bay", + "America/Grand_Turk", + "America/Grenada", + "America/Guadeloupe", + "America/Guatemala", + "America/Guayaquil", + "America/Guyana", + "America/Halifax", + "America/Havana", + "America/Hermosillo", + "America/Indiana/Indianapolis", + "America/Indiana/Knox", + "America/Indiana/Marengo", + "America/Indiana/Petersburg", + "America/Indiana/Tell_City", + "America/Indiana/Vevay", + "America/Indiana/Vincennes", + "America/Indiana/Winamac", + "America/Indianapolis", + "America/Inuvik", + "America/Iqaluit", + "America/Jamaica", + "America/Jujuy", + "America/Juneau", + "America/Kentucky/Louisville", + "America/Kentucky/Monticello", + "America/Knox_IN", + "America/La_Paz", + "America/Lima", + "America/Los_Angeles", + "America/Louisville", + "America/Maceio", + "America/Managua", + "America/Manaus", + "America/Marigot", + "America/Martinique", + "America/Matamoros", + "America/Mazatlan", + "America/Mendoza", + "America/Menominee", + "America/Merida", + "America/Mexico_City", + "America/Miquelon", + "America/Moncton", + "America/Monterrey", + "America/Montevideo", + "America/Montreal", + "America/Montserrat", + "America/Nassau", + "America/New_York", + "America/Nipigon", + "America/Nome", + "America/Noronha", + "America/North_Dakota/Center", + "America/North_Dakota/New_Salem", + "America/Ojinaga", + "America/Panama", + "America/Pangnirtung", + "America/Paramaribo", + "America/Phoenix", + "America/Port-au-Prince", + "America/Port_of_Spain", + "America/Porto_Acre", + "America/Porto_Velho", + "America/Puerto_Rico", + "America/Rainy_River", + "America/Rankin_Inlet", + "America/Recife", + "America/Regina", + "America/Resolute", + "America/Rio_Branco", + "America/Rosario", + "America/Santa_Isabel", + "America/Santarem", + "America/Santiago", + "America/Santo_Domingo", + "America/Sao_Paulo", + "America/Scoresbysund", + "America/Shiprock", + "America/St_Barthelemy", + "America/St_Johns", + "America/St_Kitts", + "America/St_Lucia", + "America/St_Thomas", + "America/St_Vincent", + "America/Swift_Current", + "America/Tegucigalpa", + "America/Thule", + "America/Thunder_Bay", + "America/Tijuana", + "America/Toronto", + "America/Tortola", + "America/Vancouver", + "America/Virgin", + "America/Whitehorse", + "America/Winnipeg", + "America/Yakutat", + "America/Yellowknife", + "Antarctica/Casey", + "Antarctica/Davis", + "Antarctica/DumontDUrville", + "Antarctica/Macquarie", + "Antarctica/Mawson", + "Antarctica/McMurdo", + "Antarctica/Palmer", + "Antarctica/Rothera", + "Antarctica/South_Pole", + "Antarctica/Syowa", + "Antarctica/Vostok", + "Arctic/Longyearbyen", + "Asia/Aden", + "Asia/Almaty", + "Asia/Amman", + "Asia/Anadyr", + "Asia/Aqtau", + "Asia/Aqtobe", + "Asia/Ashgabat", + "Asia/Ashkhabad", + "Asia/Baghdad", + "Asia/Bahrain", + "Asia/Baku", + "Asia/Bangkok", + "Asia/Beirut", + "Asia/Bishkek", + "Asia/Brunei", + "Asia/Calcutta", + "Asia/Choibalsan", + "Asia/Chongqing", + "Asia/Chungking", + "Asia/Colombo", + "Asia/Dacca", + "Asia/Damascus", + "Asia/Dhaka", + "Asia/Dili", + "Asia/Dubai", + "Asia/Dushanbe", + "Asia/Gaza", + "Asia/Harbin", + "Asia/Ho_Chi_Minh", + "Asia/Hong_Kong", + "Asia/Hovd", + "Asia/Irkutsk", + "Asia/Istanbul", + "Asia/Jakarta", + "Asia/Jayapura", + "Asia/Jerusalem", + "Asia/Kabul", + "Asia/Kamchatka", + "Asia/Karachi", + "Asia/Kashgar", + "Asia/Kathmandu", + "Asia/Katmandu", + "Asia/Kolkata", + "Asia/Krasnoyarsk", + "Asia/Kuala_Lumpur", + "Asia/Kuching", + "Asia/Kuwait", + "Asia/Macao", + "Asia/Macau", + "Asia/Magadan", + "Asia/Makassar", + "Asia/Manila", + "Asia/Muscat", + "Asia/Nicosia", + "Asia/Novokuznetsk", + "Asia/Novosibirsk", + "Asia/Omsk", + "Asia/Oral", + "Asia/Phnom_Penh", + "Asia/Pontianak", + "Asia/Pyongyang", + "Asia/Qatar", + "Asia/Qyzylorda", + "Asia/Rangoon", + "Asia/Riyadh", + "Asia/Riyadh87", + "Asia/Riyadh88", + "Asia/Riyadh89", + "Asia/Saigon", + "Asia/Sakhalin", + "Asia/Samarkand", + "Asia/Seoul", + "Asia/Shanghai", + "Asia/Singapore", + "Asia/Taipei", + "Asia/Tashkent", + "Asia/Tbilisi", + "Asia/Tehran", + "Asia/Tel_Aviv", + "Asia/Thimbu", + "Asia/Thimphu", + "Asia/Tokyo", + "Asia/Ujung_Pandang", + "Asia/Ulaanbaatar", + "Asia/Ulan_Bator", + "Asia/Urumqi", + "Asia/Vientiane", + "Asia/Vladivostok", + "Asia/Yakutsk", + "Asia/Yekaterinburg", + "Asia/Yerevan", + "Atlantic/Azores", + "Atlantic/Bermuda", + "Atlantic/Canary", + "Atlantic/Cape_Verde", + "Atlantic/Faeroe", + "Atlantic/Faroe", + "Atlantic/Jan_Mayen", + "Atlantic/Madeira", + "Atlantic/Reykjavik", + "Atlantic/South_Georgia", + "Atlantic/St_Helena", + "Atlantic/Stanley", + "Australia/ACT", + "Australia/Adelaide", + "Australia/Brisbane", + "Australia/Broken_Hill", + "Australia/Canberra", + "Australia/Currie", + "Australia/Darwin", + "Australia/Eucla", + "Australia/Hobart", + "Australia/LHI", + "Australia/Lindeman", + "Australia/Lord_Howe", + "Australia/Melbourne", + "Australia/NSW", + "Australia/North", + "Australia/Perth", + "Australia/Queensland", + "Australia/South", + "Australia/Sydney", + "Australia/Tasmania", + "Australia/Victoria", + "Australia/West", + "Australia/Yancowinna", + "Brazil/Acre", + "Brazil/DeNoronha", + "Brazil/East", + "Brazil/West", + "CET", + "CST6CDT", + "Canada/Atlantic", + "Canada/Central", + "Canada/East-Saskatchewan", + "Canada/Eastern", + "Canada/Mountain", + "Canada/Newfoundland", + "Canada/Pacific", + "Canada/Saskatchewan", + "Canada/Yukon", + "Chile/Continental", + "Chile/EasterIsland", + "Cuba", + "EET", + "EST", + "EST5EDT", + "Egypt", + "Eire", + "Etc/GMT", + "Etc/GMT+0", + "Etc/GMT+1", + "Etc/GMT+10", + "Etc/GMT+11", + "Etc/GMT+12", + "Etc/GMT+2", + "Etc/GMT+3", + "Etc/GMT+4", + "Etc/GMT+5", + "Etc/GMT+6", + "Etc/GMT+7", + "Etc/GMT+8", + "Etc/GMT+9", + "Etc/GMT-0", + "Etc/GMT-1", + "Etc/GMT-10", + "Etc/GMT-11", + "Etc/GMT-12", + "Etc/GMT-13", + "Etc/GMT-14", + "Etc/GMT-2", + "Etc/GMT-3", + "Etc/GMT-4", + "Etc/GMT-5", + "Etc/GMT-6", + "Etc/GMT-7", + "Etc/GMT-8", + "Etc/GMT-9", + "Etc/GMT0", + "Etc/Greenwich", + "Etc/UCT", + "Etc/UTC", + "Etc/Universal", + "Etc/Zulu", + "Europe/Amsterdam", + "Europe/Andorra", + "Europe/Athens", + "Europe/Belfast", + "Europe/Belgrade", + "Europe/Berlin", + "Europe/Bratislava", + "Europe/Brussels", + "Europe/Bucharest", + "Europe/Budapest", + "Europe/Chisinau", + "Europe/Copenhagen", + "Europe/Dublin", + "Europe/Gibraltar", + "Europe/Guernsey", + "Europe/Helsinki", + "Europe/Isle_of_Man", + "Europe/Istanbul", + "Europe/Jersey", + "Europe/Kaliningrad", + "Europe/Kiev", + "Europe/Lisbon", + "Europe/Ljubljana", + "Europe/London", + "Europe/Luxembourg", + "Europe/Madrid", + "Europe/Malta", + "Europe/Mariehamn", + "Europe/Minsk", + "Europe/Monaco", + "Europe/Moscow", + "Europe/Nicosia", + "Europe/Oslo", + "Europe/Paris", + "Europe/Podgorica", + "Europe/Prague", + "Europe/Riga", + "Europe/Rome", + "Europe/Samara", + "Europe/San_Marino", + "Europe/Sarajevo", + "Europe/Simferopol", + "Europe/Skopje", + "Europe/Sofia", + "Europe/Stockholm", + "Europe/Tallinn", + "Europe/Tirane", + "Europe/Tiraspol", + "Europe/Uzhgorod", + "Europe/Vaduz", + "Europe/Vatican", + "Europe/Vienna", + "Europe/Vilnius", + "Europe/Volgograd", + "Europe/Warsaw", + "Europe/Zagreb", + "Europe/Zaporozhye", + "Europe/Zurich", + "GB", + "GB-Eire", + "GMT", + "GMT+0", + "Greenwich", + "HST", + "Hongkong", + "Iceland", + "Indian/Antananarivo", + "Indian/Chagos", + "Indian/Christmas", + "Indian/Cocos", + "Indian/Comoro", + "Indian/Kerguelen", + "Indian/Mahe", + "Indian/Maldives", + "Indian/Mauritius", + "Indian/Mayotte", + "Indian/Reunion", + "Iran", + "Israel", + "Jamaica", + "Japan", + "Kwajalein", + "Libya", + "MET", + "MST", + "MST7MDT", + "Mexico/BajaNorte", + "Mexico/BajaSur", + "Mexico/General", + "Mideast/Riyadh87", + "Mideast/Riyadh88", + "Mideast/Riyadh89", + "NZ", + "NZ-CHAT", + "Navajo", + "PRC", + "PST8PDT", + "Pacific/Apia", + "Pacific/Auckland", + "Pacific/Chatham", + "Pacific/Chuuk", + "Pacific/Easter", + "Pacific/Efate", + "Pacific/Enderbury", + "Pacific/Fakaofo", + "Pacific/Fiji", + "Pacific/Funafuti", + "Pacific/Galapagos", + "Pacific/Gambier", + "Pacific/Guadalcanal", + "Pacific/Guam", + "Pacific/Honolulu", + "Pacific/Johnston", + "Pacific/Kiritimati", + "Pacific/Kosrae", + "Pacific/Kwajalein", + "Pacific/Majuro", + "Pacific/Marquesas", + "Pacific/Midway", + "Pacific/Nauru", + "Pacific/Niue", + "Pacific/Norfolk", + "Pacific/Noumea", + "Pacific/Pago_Pago", + "Pacific/Palau", + "Pacific/Pitcairn", + "Pacific/Pohnpei", + "Pacific/Ponape", + "Pacific/Port_Moresby", + "Pacific/Rarotonga", + "Pacific/Saipan", + "Pacific/Samoa", + "Pacific/Tahiti", + "Pacific/Tarawa", + "Pacific/Tongatapu", + "Pacific/Truk", + "Pacific/Wake", + "Pacific/Wallis", + "Pacific/Yap", + "Poland", + "Portugal", + "ROC", + "ROK", + "Singapore", + "Turkey", + "UCT", + "US/Alaska", + "US/Aleutian", + "US/Arizona", + "US/Central", + "US/East-Indiana", + "US/Eastern", + "US/Hawaii", + "US/Indiana-Starke", + "US/Michigan", + "US/Mountain", + "US/Pacific", + "US/Pacific-New", + "US/Samoa", + "UTC", + "Universal", + "W-SU", + "Zulu" +]
\ No newline at end of file diff --git a/modules/installed/system/users.py b/modules/installed/system/users.py new file mode 100644 index 0000000..73fbb04 --- /dev/null +++ b/modules/installed/system/users.py @@ -0,0 +1,127 @@ +import os, cherrypy +from gettext import gettext as _ +from auth import require +from plugin_mount import PagePlugin, FormPlugin +import cfg +from forms import Form +from util import * + +class users(PagePlugin): + def __init__(self, *args, **kwargs): + PagePlugin.__init__(self, *args, **kwargs) + self.register_page("sys.users") + + @cherrypy.expose + @require() + def index(self): + parts = self.forms('/sys/config') + parts['title']=_("Manage Users and Groups") + return self.fill_template(**parts) + +class add(FormPlugin, PagePlugin): + url = ["/sys/users"] + order = 30 + + sidebar_left = '' + sidebar_right = _("""<h2>Add User</h2><p>Adding a user via this + administrative interface <b>might</b> create a system user. + For example, if you provide a user with ssh access, she will + need a system account. If you don't know what that means, + don't worry about it.</p>""") + + def main(self, username='', name='', email='', message=None, *args, **kwargs): + form = Form(title="Add User", + action="/sys/users/add/index", + onsubmit="return md5ify('add_user_form', 'password')", + name="add_user_form", + message=message) + form.text = '<script type="text/javascript" src="/static/js/md5.js"></script>\n'+form.text + form.text_input(_("Username"), name="username", value=username) + form.text_input(_("Full name"), name="name", value=name) + form.text_input(_("Email"), name="email", value=email) + form.text_input(_("Password"), name="password") + form.text_input(name="md5_password", type="hidden") + form.submit(label=_("Create User"), name="create") + return form.render() + + def process_form(self, username=None, name=None, email=None, md5_password=None, **kwargs): + msg = '' + + if not username: msg = add_message(msg, _("Must specify a username!")) + if not md5_password: msg = add_message(msg, _("Must specify a password!")) + + if cfg.users.get(username): + msg = add_message(msg, _("User already exists!")) + else: + try: + cfg.users.set(User(dict={'username':username, 'name':name, 'email':email, 'password':md5_password})) + except: + msg = add_message(msg, _("Error storing user!")) + + if not msg: + msg = add_message(msg, "%s saved." % username) + + main = self.make_form(username, name, email, message=msg) + return self.fill_template(title="", main=main, sidebar_left=self.sidebar_left, sidebar_right=self.sidebar_right) + +class edit(FormPlugin, PagePlugin): + url = ["/sys/users"] + order = 35 + + sidebar_left = '' + sidebar_right = _("""<h2>Edit Users</h2><p>Click on a user's name to + go to a screen for editing that user's account.</p><h2>Delete + Users</h2><p>Check the box next to a users' names and then click + "Delete User" to remove users from %s and the %s + system.</p><p>Deleting users is permanent!</p>""" % (cfg.product_name, cfg.box_name)) + + def main(self, msg=''): + users = cfg.users.get_all() + add_form = Form(title=_("Edit or Delete User"), action="/sys/users/edit", message=msg) + add_form.html('<span class="indent"><b>Delete</b><br /></span>') + for uname in sorted(users.keys()): + add_form.html('<span class="indent"> %s ' % + add_form.get_checkbox(name=uname) + + '<a href="/sys/users/edit?username=%s">%s (%s)</a><br /></span>' % + (uname, users[uname]['name'], uname)) + add_form.submit(label=_("Delete User"), name="delete") + return add_form.render() + + def process_form(self, **kwargs): + if 'delete' in kwargs: + msg = Message() + usernames = find_keys(kwargs, 'on') + cfg.log.info("%s asked to delete %s" % (cherrypy.session.get(cfg.session_key), usernames)) + if usernames: + for username in usernames: + if cfg.users.exists(username): + try: + cfg.users.remove(username) + msg.add(_("Deleted user %s." % username)) + except IOError, e: + if cfg.users.get('username', reload=True): + m = _("Error on deletion, user %s not fully deleted: %s" % (username, e)) + cfg.log.error(m) + msg.add(m) + else: + m = _('Deletion failed on %s: %s' % (username, e)) + cfg.log.error(m) + msg.add(m) + else: + cfg.log.warning(_("Can't delete %s. User does not exist." % username)) + msg.add(_("User %s does not exist." % username)) + else: + msg.add = _("Must specify at least one valid, existing user.") + main = self.make_form(msg=msg.text) + return self.fill_template(title="", main=main, sidebar_left=self.sidebar_left, sidebar_right=self.sidebar_right) + + sidebar_right = '' + u = cfg.users.get(kwargs['username']) + if not u: + main = _("<p>Could not find a user with username of %s!</p>" % kwargs['username']) + return self.fill_template(template="err", title=_("Unnown User"), main=main, + sidebar_left=self.sidebar_left, sidebar_right=sidebar_right) + + main = _("""<h2>Edit User '%s'</h2>""" % u['username']) + sidebar_right = '' + return self.fill_template(title="", main=main, sidebar_left=self.sidebar_left, sidebar_right=sidebar_right) diff --git a/modules/installed/system/wan.py b/modules/installed/system/wan.py new file mode 100644 index 0000000..52b0cf0 --- /dev/null +++ b/modules/installed/system/wan.py @@ -0,0 +1,73 @@ +import os +import cherrypy +import simplejson as json +from gettext import gettext as _ +from filedict import FileDict +from modules.auth import require +from plugin_mount import PagePlugin, FormPlugin +import cfg +from forms import Form +from model import User +from util import * + +class wan(FormPlugin, PagePlugin): + url = ["/sys/config"] + order = 20 + + def help(self, *args, **kwargs): + if not cfg.users.expert(): + return '' + return _(#"""<h4>Admin from WAN</h4> + """<p>If you check this box, this front + end will be reachable from the WAN. If your %(box)s + connects you to the internet, that means you'll be able to log + in to the front end from the internet. This might be + convenient, but it is also <b>dangerous</b>, since it can + enable attackers to gain access to your %(box)s from the + outside world. All they'll need is your username and + passphrase, which they might guess or they might simply try + every posible combination of letters and numbers until they + get in. If you enable the WAN administration option, you + <b>must</b> use long and complex passphrases.</p> + + <p>For security reasons, neither WAN Administration nor WAN + SSH is available to the `admin` user account.</p> + + <p>TODO: in expert mode, tell user they can ssh in to enable + admin from WAN, do their business, then disable it. It would + be good to enable the option and autodisable it when the ssh + connection dies.</p> + """ % {'product':cfg.product_name, 'box':cfg.box_name}) + + def main(self, message='', **kwargs): + store = filedict_con(cfg.store_file, 'sys') + + defaults = {'wan_admin': "''", + 'wan_ssh': "''", + 'lan_ssh': "''", + } + for k,c in defaults.items(): + if not k in kwargs: + try: + kwargs[k] = store[k] + except KeyError: + exec("if not '%(k)s' in kwargs: store['%(k)s'] = kwargs['%(k)s'] = %(c)s" % {'k':k, 'c':c}) + + form = Form(title=_("Accessing the %s" % cfg.box_name), + action="/sys/config/wan", + name="admin_wan_form", + message=message ) + form.html(self.help()) + if cfg.users.expert(): + form.checkbox(_("Allow access to Plinth from WAN"), name="wan_admin", checked=kwargs['wan_admin']) + form.checkbox(_("Allow SSH access from LAN"), name="lan_ssh", checked=kwargs['lan_ssh']) + form.checkbox(_("Allow SSH access from WAN"), name="wan_ssh", checked=kwargs['wan_ssh']) + form.submit(_("Submit")) + return form.render() + + def process_form(self, wan_admin='', wan_ssh='', lan_ssh='', *args, **kwargs): + store = filedict_con(cfg.store_file, 'sys') + for field in ['wan_admin', 'wan_ssh', 'lan_ssh']: + exec("store['%s'] = %s" % (field, field)) + return "Settings updated." + diff --git a/modules/privacy.py b/modules/privacy.py new file mode 120000 index 0000000..07f303e --- /dev/null +++ b/modules/privacy.py @@ -0,0 +1 @@ +installed/privacy/privacy.py
\ No newline at end of file diff --git a/modules/router.py b/modules/router.py new file mode 120000 index 0000000..7239c9f --- /dev/null +++ b/modules/router.py @@ -0,0 +1 @@ +installed/router/router.py
\ No newline at end of file diff --git a/modules/services.py b/modules/services.py new file mode 120000 index 0000000..806ae4f --- /dev/null +++ b/modules/services.py @@ -0,0 +1 @@ +installed/services/services.py
\ No newline at end of file diff --git a/modules/sharing.py b/modules/sharing.py new file mode 120000 index 0000000..e2323fb --- /dev/null +++ b/modules/sharing.py @@ -0,0 +1 @@ +installed/sharing/sharing.py
\ No newline at end of file diff --git a/modules/system.py b/modules/system.py new file mode 120000 index 0000000..6eddf3e --- /dev/null +++ b/modules/system.py @@ -0,0 +1 @@ +installed/system/system.py
\ No newline at end of file diff --git a/modules/user_store.py b/modules/user_store.py new file mode 120000 index 0000000..09e8f90 --- /dev/null +++ b/modules/user_store.py @@ -0,0 +1 @@ +installed/lib/user_store.py
\ No newline at end of file diff --git a/modules/users.py b/modules/users.py new file mode 120000 index 0000000..4b7ce20 --- /dev/null +++ b/modules/users.py @@ -0,0 +1 @@ +installed/system/users.py
\ No newline at end of file diff --git a/modules/wan.py b/modules/wan.py new file mode 120000 index 0000000..5a68efd --- /dev/null +++ b/modules/wan.py @@ -0,0 +1 @@ +installed/system/wan.py
\ No newline at end of file diff --git a/plinth.py b/plinth.py new file mode 100755 index 0000000..2a4c089 --- /dev/null +++ b/plinth.py @@ -0,0 +1,71 @@ +#!/usr/bin/env python + +# Start listener, just for testing +import os, sys +#import logging +from gettext import gettext as _ +import cherrypy +import cfg, plugin_mount +from util import * +from logger import Logger +#from modules.auth import AuthController, require, member_of, name_is + +def error_page(status, dynamic_msg, stock_msg): + return page_template(template="err", title=status, main="<p>%s</p>%s" % (dynamic_msg, stock_msg)) + +def error_page_404(status, message, traceback, version): + return error_page(status, message, """<p>If you believe this missing page should exist, please file a + bug with either the Plinth project or the people responsible for + the module you are trying to access.</p> + + <p>Sorry for the mistake.</p> + """) + +def error_page_500(status, message, traceback, version): + cfg.log.error("500 Internal Server Error. Trackback is above.") + more="""<p>This is an internal error and not something you caused or can fix. You are welcome to report it. + TODO: add link to bug tracker.</p>""" + return error_page(status, message, "<p>%s</p><pre>%s</pre>" % (more, "\n".join(traceback.split("\n")))) + +class Root(plugin_mount.PagePlugin): + @cherrypy.expose + def index(self): + if cherrypy.session.get(cfg.session_key, None): + raise cherrypy.InternalRedirect('/router') + else: + raise cherrypy.InternalRedirect('/help/about') + +def load_modules(): + """Import all the symlinked .py files in the modules directory and + all the .py files in directories linked in the modules directory + (but don't dive deeper than that). Also, ignore the installed + directory.""" + for name in os.listdir("modules"): + if name.endswith(".py") and not name.startswith('.'): + cfg.log.info("importing modules/%s" % name) + try: + exec("import modules.%s" % (name[:-3])) + except ImportError, e: + cfg.log.error(_("Couldn't import modules/%s: %s") % (name, e)) + else: + cfg.log("skipping %s" % name) + +def setup(): + os.chdir(cfg.file_root) + cherrypy.config.update({'error_page.404': error_page_404}) + cherrypy.config.update({'error_page.500': error_page_500}) + cfg.log = Logger() + load_modules() + cfg.html_root = Root() + cfg.page_plugins = plugin_mount.PagePlugin.get_plugins() + cfg.log("Loaded %d page plugins" % len(cfg.page_plugins)) + cfg.users = plugin_mount.UserStoreModule.get_plugins()[0] + cfg.forms = plugin_mount.FormPlugin.get_plugins() +def main(): + setup() + cherrypy.quickstart(cfg.html_root, script_name='/', config="cherrypy.config") + + + +if __name__ == '__main__': + main() diff --git a/plugin_mount.py b/plugin_mount.py new file mode 100644 index 0000000..d8b7022 --- /dev/null +++ b/plugin_mount.py @@ -0,0 +1,169 @@ +import cherrypy +from modules.auth import require +import cfg +from util import * + +class PluginMount(type): + """See http://martyalchin.com/2008/jan/10/simple-plugin-framework/ for documentation""" + def __init__(cls, name, bases, attrs): + if not hasattr(cls, 'plugins'): + cls.plugins = [] + else: + cls.plugins.append(cls) + + def init_plugins(cls, *args, **kwargs): + try: + cls.plugins = sorted(cls.plugins, key=lambda x: x.order, reverse=False) + except AttributeError: + pass + return [p(*args, **kwargs) for p in cls.plugins] + def get_plugins(cls, *args, **kwargs): + return cls.init_plugins(*args, **kwargs) + +class MultiplePluginViolation: + pass + +class PluginMountSingular(PluginMount): + def __init__(cls, name, bases, attrs): + if not hasattr(cls, 'plugins'): + cls.plugins = [] + else: + if len(cls.plugins) > 0: + raise MultiplePluginViolation + cls.plugins.append(cls) + + +def get_parts(obj, parts=None, *args, **kwargs): + if parts == None: + parts={} + + fields = ['sidebar_left', 'sidebar_right', 'main', 'js', 'onload', 'nav', 'css', 'title'] + for v in fields: + if not v in parts: + parts[v] = '' + exec(""" +try: + if str(type(obj.%(v)s))=="<type 'instancemethod'>": + parts[v] += obj.%(v)s(*args, **kwargs) + else: + parts[v] += obj.%(v)s +except AttributeError: + pass""" % {'v':v}) + + return parts + +class PagePlugin: + """ + Mount point for page plugins. Page plugins provide display pages + in the interface (one menu item, for example). + + order - How early should this plugin be loaded? Lower order is earlier. + """ + + order = 50 + + __metaclass__ = PluginMount + def __init__(self, *args, **kwargs): + """If cfg.html_root is none, then this is the html_root.""" + if not cfg.html_root: + cfg.html_root = self + + def register_page(self, url): + cfg.log.info("Registering page: %s" % url) + exec "cfg.html_root.%s = self" % (url) + def fill_template(self, *args, **kwargs): + return page_template(*args, **kwargs) + + def forms(self, url, *args, **kwargs): + for form in cfg.forms: + if url in form.url: + cfg.log('Pulling together form for url %s (which matches %s)' % (url, form.url)) + + parts = get_parts(form, None, *args, **kwargs) + + return parts + return {'sidebar_left':left, 'sidebar_right':right, 'main':main} + +class FormPlugin(): + """ + Mount point for plugins that provide forms at specific URLs. + + Form plugin classes should also inherit from PagePlugin so they + can implement the page that handles the results of the form. The + name of the class will be appended to each url where the form is + displayed to get the urls of the results pages. + + Plugins implementing this reference should provide the following attributes: + + url - list of URL path strings of pages on which to display this + form, not including the url path that *only* displays this form + (that's handled by the index method) + + order - How high up on the page should this content be displayed? + Lower order is higher up. + + The following attributes are optional (though without at least one + of them, this plugin won't do much): + + sidebar_right - text to be displayed in the right column (can be attribute or method) (optional) + + sidebar_left - text to be displayed in the left column (can be attribute or method) (optional) + + main - text to be displayed in the center column (i.e. the form) (can be attribute or method) + + js - attribute containing a string that will be placed in the + template head, just below the javascript loads. Use it to load + more javascript files (optional) + + Although this plugin is intended for forms, it could just display + some html and skip the form. + """ + __metaclass__ = PluginMount + + order = 50 + url = [] + js = '' + + def __init__(self, *args, **kwargs): + for u in self.url: + exec "cfg.html_root.%s = self" % "%s.%s" % ('.'.join(u.split("/")[1:]), self.__class__.__name__) + cfg.log("Registered page: %s.%s" % ('.'.join(u.split("/")[1:]), self.__class__.__name__)) + + def main(self, *args, **kwargs): + return "<p>Override this method and replace it with a form.</p>" + + @cherrypy.expose + @require() + def index(self, **kwargs): + """If the user has tried to fill in the form, process it, otherwise, just display a default form.""" + if kwargs: + kwargs['message'] = self.process_form(**kwargs) + parts = get_parts(self) + return self.fill_template(**parts) + + def process_form(self, **kwargs): + """Process the form. Return any message as a result of processing.""" + pass + + def fill_template(self, *args, **kwargs): + if not 'js' in kwargs: + try: + kwargs['js'] = self.js + except AttributeError: + pass + cfg.log("%%%%%%%%%%% %s" % kwargs) + return page_template(*args, **kwargs) + +class UserStoreModule: + """ + Mount Point for plugins that will manage the user backend storage, + where we keep a hash for each user. + + Plugins implementing this reference should provide the following + methods, as described in the doc strings of the default + user_store.py: get, get_all, set, exists, remove, attr, expert. + See source code for doc strings. + + """ + __metaclass__ = PluginMountSingular + diff --git a/static/doc b/static/doc new file mode 120000 index 0000000..6af34c9 --- /dev/null +++ b/static/doc @@ -0,0 +1 @@ +../doc
\ No newline at end of file diff --git a/static/js/md5.js b/static/js/md5.js new file mode 100644 index 0000000..6378e7f --- /dev/null +++ b/static/js/md5.js @@ -0,0 +1,409 @@ +/* + * md5.js 1.0b 27/06/96 + * + * Javascript implementation of the RSA Data Security, Inc. MD5 + * Message-Digest Algorithm. + * + * Copyright (c) 1996 Henri Torgemane. All Rights Reserved. + * + * Permission to use, copy, modify, and distribute this software + * and its documentation for any purposes and without + * fee is hereby granted provided that this copyright notice + * appears in all copies. + * + * Of course, this soft is provided "as is" without express or implied + * warranty of any kind. + * + * + * Modified with german comments and some information about collisions. + * (Ralf Mieke, ralf@miekenet.de, http://mieke.home.pages.de) + */ + +function array(n) { + for(i=0;i<n;i++) this[i]=0; + this.length=n; +} + +/* Einige grundlegenden Funktionen müssen wegen + * Javascript Fehlern umgeschrieben werden. + * Man versuche z.B. 0xffffffff >> 4 zu berechnen.. + * Die nun verwendeten Funktionen sind zwar langsamer als die Originale, + * aber sie funktionieren. + */ + +function integer(n) { return n%(0xffffffff+1); } + +function shr(a,b) { + a=integer(a); + b=integer(b); + if (a-0x80000000>=0) { + a=a%0x80000000; + a>>=b; + a+=0x40000000>>(b-1); + } else + a>>=b; + return a; +} + +function shl1(a) { + a=a%0x80000000; + if (a&0x40000000==0x40000000) + { + a-=0x40000000; + a*=2; + a+=0x80000000; + } else + a*=2; + return a; +} + +function shl(a,b) { + a=integer(a); + b=integer(b); + for (var i=0;i<b;i++) a=shl1(a); + return a; +} + +function and(a,b) { + a=integer(a); + b=integer(b); + var t1=(a-0x80000000); + var t2=(b-0x80000000); + if (t1>=0) + if (t2>=0) + return ((t1&t2)+0x80000000); + else + return (t1&b); + else + if (t2>=0) + return (a&t2); + else + return (a&b); +} + +function or(a,b) { + a=integer(a); + b=integer(b); + var t1=(a-0x80000000); + var t2=(b-0x80000000); + if (t1>=0) + if (t2>=0) + return ((t1|t2)+0x80000000); + else + return ((t1|b)+0x80000000); + else + if (t2>=0) + return ((a|t2)+0x80000000); + else + return (a|b); +} + +function xor(a,b) { + a=integer(a); + b=integer(b); + var t1=(a-0x80000000); + var t2=(b-0x80000000); + if (t1>=0) + if (t2>=0) + return (t1^t2); + else + return ((t1^b)+0x80000000); + else + if (t2>=0) + return ((a^t2)+0x80000000); + else + return (a^b); +} + +function not(a) { + a=integer(a); + return (0xffffffff-a); +} + +/* Beginn des Algorithmus */ + + var state = new array(4); + var count = new array(2); + count[0] = 0; + count[1] = 0; + var buffer = new array(64); + var transformBuffer = new array(16); + var digestBits = new array(16); + + var S11 = 7; + var S12 = 12; + var S13 = 17; + var S14 = 22; + var S21 = 5; + var S22 = 9; + var S23 = 14; + var S24 = 20; + var S31 = 4; + var S32 = 11; + var S33 = 16; + var S34 = 23; + var S41 = 6; + var S42 = 10; + var S43 = 15; + var S44 = 21; + + function F(x,y,z) { + return or(and(x,y),and(not(x),z)); + } + + function G(x,y,z) { + return or(and(x,z),and(y,not(z))); + } + + function H(x,y,z) { + return xor(xor(x,y),z); + } + + function I(x,y,z) { + return xor(y ,or(x , not(z))); + } + + function rotateLeft(a,n) { + return or(shl(a, n),(shr(a,(32 - n)))); + } + + function FF(a,b,c,d,x,s,ac) { + a = a+F(b, c, d) + x + ac; + a = rotateLeft(a, s); + a = a+b; + return a; + } + + function GG(a,b,c,d,x,s,ac) { + a = a+G(b, c, d) +x + ac; + a = rotateLeft(a, s); + a = a+b; + return a; + } + + function HH(a,b,c,d,x,s,ac) { + a = a+H(b, c, d) + x + ac; + a = rotateLeft(a, s); + a = a+b; + return a; + } + + function II(a,b,c,d,x,s,ac) { + a = a+I(b, c, d) + x + ac; + a = rotateLeft(a, s); + a = a+b; + return a; + } + + function transform(buf,offset) { + var a=0, b=0, c=0, d=0; + var x = transformBuffer; + + a = state[0]; + b = state[1]; + c = state[2]; + d = state[3]; + + for (i = 0; i < 16; i++) { + x[i] = and(buf[i*4+offset],0xff); + for (j = 1; j < 4; j++) { + x[i]+=shl(and(buf[i*4+j+offset] ,0xff), j * 8); + } + } + + /* Runde 1 */ + a = FF ( a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */ + d = FF ( d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */ + c = FF ( c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */ + b = FF ( b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */ + a = FF ( a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */ + d = FF ( d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */ + c = FF ( c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */ + b = FF ( b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */ + a = FF ( a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */ + d = FF ( d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */ + c = FF ( c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */ + b = FF ( b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */ + a = FF ( a, b, c, d, x[12], S11, 0x6b901122); /* 13 */ + d = FF ( d, a, b, c, x[13], S12, 0xfd987193); /* 14 */ + c = FF ( c, d, a, b, x[14], S13, 0xa679438e); /* 15 */ + b = FF ( b, c, d, a, x[15], S14, 0x49b40821); /* 16 */ + + /* Runde 2 */ + a = GG ( a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */ + d = GG ( d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */ + c = GG ( c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */ + b = GG ( b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */ + a = GG ( a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */ + d = GG ( d, a, b, c, x[10], S22, 0x2441453); /* 22 */ + c = GG ( c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */ + b = GG ( b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */ + a = GG ( a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */ + d = GG ( d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */ + c = GG ( c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */ + b = GG ( b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */ + a = GG ( a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */ + d = GG ( d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */ + c = GG ( c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */ + b = GG ( b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */ + + /* Runde 3 */ + a = HH ( a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */ + d = HH ( d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */ + c = HH ( c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */ + b = HH ( b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */ + a = HH ( a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */ + d = HH ( d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */ + c = HH ( c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */ + b = HH ( b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */ + a = HH ( a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */ + d = HH ( d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */ + c = HH ( c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */ + b = HH ( b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */ + a = HH ( a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */ + d = HH ( d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */ + c = HH ( c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */ + b = HH ( b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */ + + /* Runde 4 */ + a = II ( a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */ + d = II ( d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */ + c = II ( c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */ + b = II ( b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */ + a = II ( a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */ + d = II ( d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */ + c = II ( c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */ + b = II ( b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */ + a = II ( a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */ + d = II ( d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */ + c = II ( c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */ + b = II ( b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */ + a = II ( a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */ + d = II ( d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */ + c = II ( c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */ + b = II ( b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */ + + state[0] +=a; + state[1] +=b; + state[2] +=c; + state[3] +=d; + + } + /* Mit der Initialisierung von Dobbertin: + state[0] = 0x12ac2375; + state[1] = 0x3b341042; + state[2] = 0x5f62b97c; + state[3] = 0x4ba763ed; + gibt es eine Kollision: + + begin 644 Message1 + M7MH=JO6_>MG!X?!51$)W,CXV!A"=(!AR71,<X`Y-IIT9^Z&8L$2N'Y*Y:R.; + 39GIK9>TF$W()/MEHR%C4:G1R:Q"= + ` + end + + begin 644 Message2 + M7MH=JO6_>MG!X?!51$)W,CXV!A"=(!AR71,<X`Y-IIT9^Z&8L$2N'Y*Y:R.; + 39GIK9>TF$W()/MEHREC4:G1R:Q"= + ` + end + */ + function init() { + count[0]=count[1] = 0; + state[0] = 0x67452301; + state[1] = 0xefcdab89; + state[2] = 0x98badcfe; + state[3] = 0x10325476; + for (i = 0; i < digestBits.length; i++) + digestBits[i] = 0; + } + + function update(b) { + var index,i; + + index = and(shr(count[0],3) , 0x3f); + if (count[0]<0xffffffff-7) + count[0] += 8; + else { + count[1]++; + count[0]-=0xffffffff+1; + count[0]+=8; + } + buffer[index] = and(b,0xff); + if (index >= 63) { + transform(buffer, 0); + } + } + + function finish() { + var bits = new array(8); + var padding; + var i=0, index=0, padLen=0; + + for (i = 0; i < 4; i++) { + bits[i] = and(shr(count[0],(i * 8)), 0xff); + } + for (i = 0; i < 4; i++) { + bits[i+4]=and(shr(count[1],(i * 8)), 0xff); + } + index = and(shr(count[0], 3) ,0x3f); + padLen = (index < 56) ? (56 - index) : (120 - index); + padding = new array(64); + padding[0] = 0x80; + for (i=0;i<padLen;i++) + update(padding[i]); + for (i=0;i<8;i++) + update(bits[i]); + + for (i = 0; i < 4; i++) { + for (j = 0; j < 4; j++) { + digestBits[i*4+j] = and(shr(state[i], (j * 8)) , 0xff); + } + } + } + +/* Ende des MD5 Algorithmus */ + +function hexa(n) { + var hexa_h = "0123456789abcdef"; + var hexa_c=""; + var hexa_m=n; + for (hexa_i=0;hexa_i<8;hexa_i++) { + hexa_c=hexa_h.charAt(Math.abs(hexa_m)%16)+hexa_c; + hexa_m=Math.floor(hexa_m/16); + } + return hexa_c; +} + +var ascii="01234567890123456789012345678901" + + " !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ"+ + "[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~"; + +function MD5(nachricht) +{ + var l,s,k,ka,kb,kc,kd; + + init(); + for (k=0;k<nachricht.length;k++) { + l=nachricht.charAt(k); + update(ascii.lastIndexOf(l)); + } + finish(); + ka=kb=kc=kd=0; + for (i=0;i<4;i++) ka+=shl(digestBits[15-i], (i*8)); + for (i=4;i<8;i++) kb+=shl(digestBits[15-i], ((i-4)*8)); + for (i=8;i<12;i++) kc+=shl(digestBits[15-i], ((i-8)*8)); + for (i=12;i<16;i++) kd+=shl(digestBits[15-i], ((i-12)*8)); + s=hexa(kd)+hexa(kc)+hexa(kb)+hexa(ka); + return s; +} + +function md5ify(form, field) { + /* replace the field in the form with the md5 version of the contents of that field + + The form must already have a field (preferably hidden) called md5_[field name]*/ + + var x=document.forms[form][field].value; + document.forms[form]["md5_"+field].value = MD5(x); + document.forms[form][field].value = ''; +}
\ No newline at end of file diff --git a/static/theme b/static/theme new file mode 120000 index 0000000..22c03a1 --- /dev/null +++ b/static/theme @@ -0,0 +1 @@ +../themes/default
\ No newline at end of file diff --git a/templates/Makefile b/templates/Makefile new file mode 100644 index 0000000..d2d8ed2 --- /dev/null +++ b/templates/Makefile @@ -0,0 +1,15 @@ +CHEETAH=cheetah +TEMPLATES=$(wildcard *.tmpl) +TEMPLATE_PYFILES := $(patsubst %.tmpl,%.py,$(TEMPLATES)) + +## Catch-all tagets +default: $(TEMPLATE_PYFILES) + +%.py: %.tmpl + $(CHEETAH) c $< +templates: $(TEMPLATE_PYFILES) +template: templates + +clean: + rm -rf .\#* \#* *.pyz *.bak + @rm -f $(TEMPLATE_PYFILES) diff --git a/templates/__init__.py b/templates/__init__.py new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/templates/__init__.py diff --git a/templates/__init__.pyc b/templates/__init__.pyc Binary files differnew file mode 100644 index 0000000..2b2bef4 --- /dev/null +++ b/templates/__init__.pyc diff --git a/templates/base.tmpl b/templates/base.tmpl new file mode 100644 index 0000000..eecea31 --- /dev/null +++ b/templates/base.tmpl @@ -0,0 +1,112 @@ +#def default($text, $default) +#if $text + $text +#else + $default +#end if +#end def +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-GB"> +<head> + <title>$default($title, "Plinth Front End to the Freedom Box") + </title> + <meta http-equiv="Content-Type" content="application/xhtml+xml; charset=utf-8" /> + <meta name="description" content="Plint admin frontend for Freedom Box" /> + <meta name="robots" content="noindex, nofollow" /> + <link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" /> + <link rel="stylesheet" type="text/css" href="/static/theme/style.tiny.css" media="screen" /> + $css + <script type="text/javascript" src="/static/theme/menu.js"></script> + <script type="text/javascript" src="/static/theme/plinth.js"></script> + $js + $main_menu_js + $sub_menu_js + <script LANGUAGE="JavaScript"> + <!-- + $onload + // --> + </script> +</head> +<body onLoad="javascript:onload_handler();"> + <div id="header"> + <div id="headerleft"> + <a href="/"><img src="/static/theme/freedombox.png" /></a> + </div> + <div id="headerright"> + <br /><br /><br /> + <h1><a href="/">Freedom Box</a></h1> + <h2><a href="/">Plinth Administration Control Panel</a></h2> + <SCRIPT LANGUAGE="JavaScript"> + <!-- + main_menu(main_menu_items); + // --> + </SCRIPT> + </div> + #if $username + <p id="layoutdims">Logged in as $username. <a href="/auth/logout" title="Log out">Logout.</a></p> + #else + <p id="layoutdims">Not logged in. <a href="/auth/login" title="Log in">Log in.</a></p> + #end if + + </div> +<div class="colmask threecol"> + <div class="colmid"> + <div class="colleft"> + <div class="col1"> + <!-- Column 1 start --> + <h2> + #block title_block + $title + #end block title_block + </h2> + #block main_block + $main + #end block main_block + <!-- Column 1 end --> + </div> + <div class="col2"> + <!-- Column 2 start --> + #block nav_block + $nav + #end block nav_block + #block sidebar_left_block + $sidebar_left + #end block sidebar_left_block + <!-- Column 2 end --> + </div> + <div class="col3"> + <!-- Column 3 start --> + <div id="ads"> + <!--<a href="http://matthewjamestaylor.com"> + <img src="mjt-125x125.gif" width="125" border="0" height="125" alt="Art and Design by Matthew James Taylor" /> + </a> + --> + </div> + #block sidebar_right_block + $sidebar_right + #end block sidebar_right_block + <!-- Column 3 end --> + </div> + </div> + </div> +</div> +<div id="footer"> + #block footer_block + <p> + Plinth is copyright 2011 <a href="http://hackervisions.org">James Vasile</a>. It is + free software offered to you under the terms of + the <a href="http://www.gnu.org/licenses/agpl.html">GNU Affero General Public + License</a>, Version 3 or later. + </p> + <!--<p>Current page: $current_url</p>--> + <p> + This page uses + the <a href="http://matthewjamestaylor.com/blog/perfect-3-column.htm">Perfect + 'Holy Grail' 3 Column Liquid Layout</a> + by <a href="http://matthewjamestaylor.com">Matthew James Taylor</a>. + </p> + #end block footer_block +</div> + +</body> +</html> diff --git a/templates/err.tmpl b/templates/err.tmpl new file mode 100644 index 0000000..1d3f6e1 --- /dev/null +++ b/templates/err.tmpl @@ -0,0 +1,23 @@ +#extends templates.two_col + +#def title_block +<span class="err">Error: $title</span> +<br /> +<br /> +#end def + +#def sidebar_left_block +$sidebar_left +#end def + +#def main_block +$main +#end def + +#def sidebar_right_block +$sidebar_right +#end def + +#def nav_block +$nav +#end def diff --git a/templates/two_col.tmpl b/templates/two_col.tmpl new file mode 100644 index 0000000..0b559ad --- /dev/null +++ b/templates/two_col.tmpl @@ -0,0 +1,5 @@ +#extends templates.base + +#def css +<link rel="stylesheet" type="text/css" href="/static/theme/2col.tiny.css" media="screen" /> +#end def diff --git a/themes/default/2col.css b/themes/default/2col.css new file mode 100644 index 0000000..a3754bd --- /dev/null +++ b/themes/default/2col.css @@ -0,0 +1,30 @@ +/* 2 Column settings */ + +.colright { + float:left; + width:0%; /* width of page */ + position:relative; +} + +.threecol .colmid { + right:5%; /* width of the right column */ +} +.threecol .colleft { + right:70%; /* width of the middle column */ +} +.threecol .col1 { + width:66%; /* width of center column content (column width minus padding on either side) */ + left:102%; /* 100% plus left padding of center column */ +} +.threecol .col2 { + width:21%; /* Width of left column content (column width minus padding on either side) */ + left:11%; /* width of (right column) plus (center column left and right padding) plus (left column left padding) */ +} +.threecol .col3 { + width:21%; /* Width of right column content (column width minus padding on either side) */ + + /* Note this used to be 85%, but I subtracted 1% for padding to pull stuff closer to the margin */ + left:84%; /* Please make note of the brackets here: + (100% - left column width) plus (center column left and right padding) plus (left column left and right padding) plus (right column left padding) */ +} + diff --git a/themes/default/favicon.ico b/themes/default/favicon.ico Binary files differnew file mode 100644 index 0000000..8f4e75c --- /dev/null +++ b/themes/default/favicon.ico diff --git a/themes/default/freedombox.png b/themes/default/freedombox.png Binary files differnew file mode 100644 index 0000000..58e6841 --- /dev/null +++ b/themes/default/freedombox.png diff --git a/themes/default/images/freedombox.png b/themes/default/images/freedombox.png Binary files differnew file mode 100644 index 0000000..58e6841 --- /dev/null +++ b/themes/default/images/freedombox.png diff --git a/themes/default/menu.js b/themes/default/menu.js new file mode 100644 index 0000000..8107a72 --- /dev/null +++ b/themes/default/menu.js @@ -0,0 +1,54 @@ +function main_menu(items) { + output = "<ul>" + for (item in items) { + i = items[item]; + + // Handle active page + if (i["active"]) { + active = 'class = "active"'; + } else { + active = ''; + } + + // Line break labels + label = i["label"]; + if (label.search(" ") != -1) { + label = label.replace(" ", "<br />"); + } else { + label = " <br />" + label; + } + + output = output +'<li><a href="' + i["url"] + '" ' + active + '>' + label + "</a></li>"; + } + output = output + "</ul>"; + document.write(output); +} + +function render_items(items) { + output = "<ul>"; + for (item in items) { + i = items[item]; + + // Handle active page + if (i["active"]) { + active = 'class = "active"'; + } else { + active = ''; + } + + output = output +'<li><a href="' + i["url"] + '" ' + active + '>' + i['label'] + "</a></li>"; + if (i['subs']) { + output += render_items(i['subs']); + } + } + output = output + "</ul>"; + return output +} + +function side_menu(items) { + if (items.length == 0) { + return 0; + } + output = "<h2>Menu</h2>" + render_items(items); + document.write(output); +}
\ No newline at end of file diff --git a/themes/default/plinth.js b/themes/default/plinth.js new file mode 100644 index 0000000..dfe1443 --- /dev/null +++ b/themes/default/plinth.js @@ -0,0 +1,16 @@ +function toggle_visibility(id) { + var d = document.getElementById(id); + if(d.style.display == 'block') + d.style.display = 'none'; + else + d.style.display = 'block'; +} + +function show(id) { + var d = document.getElementById(id); + d.style.display = 'block'; +} + +function hide(id) { + document.getElementById(id).style.display = 'none'; +} diff --git a/themes/default/style.css b/themes/default/style.css new file mode 100644 index 0000000..625b4f9 --- /dev/null +++ b/themes/default/style.css @@ -0,0 +1,328 @@ +body { + margin:0; + padding:0; + border:0; /* This removes the border around the viewport in old versions of IE */ + width:100%; + background:lightgoldenrodyellow; + min-width:600px; /* Minimum width of layout - remove line if not required */ + /* The min-width property does not work in old versions of Internet Explorer */ + font-size:90%; + font-family:Arial, Helvetica, sans-serif; +} +a { + color:#369; + text-decoration:none; +} +a:hover { + color:#fff; + background:GoldenRod; + text-decoration:none; +} +h1, h2, h3 { + margin:.8em 0 .2em 0; + padding:0; +} +p { + margin:.4em 0 .8em 0; + padding:0; +} +img { + margin:10px 0 5px; +} +#ads img { + display:block; + padding-top:10px; +} + +/* Header styles */ +#header { + clear:both; + float:left; + width:100%; + border-bottom:1px solid #000; +} + +#headerleft { + float: left; + padding-left: 1em; +} +#headerleft a { color:lightgoldenrodyellow; text-decoration:none; outline: none;} + +#headerright { + float:left; +} +#headerright p, +#headerright h1, +#headerright h2 { + padding:.4em 15px 0 15px; + margin:0; +} + +#headerright h1 a, +#headerright h2 a {color:black; text-decoration:none; outline: none;} +#headerright ul { + clear:left; + float:left; + width:100%; + list-style:none; + margin:10px 0 0 0; + padding:0; +} +#headerright ul li { + display:inline; + list-style:none; + margin:0; + padding:0; +} +#headerright ul li a { + display:block; + float:left; + margin:0 0 0 1px; + padding:3px 10px; + text-align:center; + background:Khaki; + color:#000; + text-decoration:none; + position:relative; + left:15px; + line-height:1.3em; +} +#headerright ul li a:hover { + background:GoldenRod; + color:#fff; +} +#headerright ul li a.active, +#headerright ul li a.active:hover { + color:#fff; + background:#000; + font-weight:bold; + text-decoration:none; +} +#headerright ul li a span { + display:block; +} + +/* 'widths' sub menu */ +#layoutdims { + clear:both; + background:#eee; + background:GoldenRod; + border-top:4px solid #000; + margin:0; + padding:6px 15px !important; + text-align:right; +} +/* column container */ +.colmask { + position:relative; /* This fixes the IE7 overflow hidden bug */ + clear:both; + float:left; + width:100%; /* width of whole page */ + overflow:hidden; /* This chops off any overhanging divs */ +} +/* common column settings */ +.colright, +.colmid, +.colleft { + float:left; + width:100%; /* width of page */ + position:relative; +} +.col1, +.col2, +.col3 { + float:left; + position:relative; + padding:0 0em 1em 0; /* no left and right padding on columns, we just make them narrower instead + only padding top and bottom is included here, make it whatever value you need */ + overflow:hidden; +} + +.col2 h2, +.col3 h2 {color:black; + font-weight:bold; + font-size:100%; + text-align:center; + background:Goldenrod; + margin-top: 1em; + margin-bottom: 0.4em;} +.col2 h3, +.col3 h3 {color:black; + font-weight:bold; + font-size:100%; + text-align:left; + padding-top: 0em; + margin-top: 0em; + margin-bottom: 0em;} +.col3 p { + margin: 0.4em 0.5em .8em 0.5em; + padding:0; +} +.col2 li {padding-bottom: 0.2em;} +.col2 a {padding-left: 0.2em;} +.col2 a.active, +.col2 a.active:hover { + color:#fff; + background:#000; + font-weight:bold; + text-decoration:none; + padding: 0.2em; +} + +/* 3 Column settings */ +.threecol { + background:#eee; /* right column background colour */ + background:Khaki; +} +.threecol .colmid { + right:25%; /* width of the right column */ + background:lightgoldenrodyellow; /* center column background colour */ +} +.threecol .colleft { + right:50%; /* width of the middle column */ + background:#f4f4f4; /* left column background colour */ + background:Khaki; +} +.threecol .col1 { + width:46%; /* width of center column content (column width minus padding on either side) */ + left:102%; /* 100% plus left padding of center column */ +} +.threecol .col2 { + width:21%; /* Width of left column content (column width minus padding on either side) */ + left:31%; /* width of (right column) plus (center column left and right padding) plus (left column left padding) */ +} +.threecol .col3 { + width:21%; /* Width of right column content (column width minus padding on either side) */ + + /* Note this used to be 85%, but I subtracted 1% for padding to pull stuff closer to the margin */ + left:84%; /* Please make note of the brackets here: + (100% - left column width) plus (center column left and right padding) plus (left column left and right padding) plus (right column left padding) */ +} +/* Footer styles */ +#footer { + clear:both; + float:left; + width:100%; + border-top:1px solid #000; + padding: 1em; + font-size:75%; + background:GoldenRod; +} +#footer p { + margin:0; +} + +/* Form Styles */ +form.form { +margin:0 auto; +width:100%; +background:khaki; +position:relative; +margin-top:2em; +} + +form.form h2 { +color:#ffffff; +font-size:1.2em; +background:goldenrod; +text-transform:uppercase; +padding:0.5em 0em 0.5em 0.5em; +margin-bottom: 1em; +} + +form.form h3 { +color:red; +font-weight:bold; +font-size:1em; +padding:0.5em 0 0.5em 0.5em; +text-align:center; +background:khaki; +} + +form.form .line, +form.form p { +width:94%; +display: block; +background:khaki; +padding:0.5em 0em 1em 1em; + +padding-right:0.5em; +margin-left:0.5em; +background:lightgoldenrodyellow; +margin-top: 0em; +margin-bottom: 0em; +} +form.form label { +width:100%; +display: block; +background:khaki; +padding:1em 0 0.5em 0em; +} + +form.form .submit { + text-align:left; +} + +form.form .indent { + padding: 0px; + padding-left: 0.75em; +} + +form.form label span { +display: block; +color:black; +font-size:12px; +float:left; +width:30%; +text-align:right; +padding:0.5em 2em 0 0; +} + +form.form .inputtext { +padding:0.2em 0.3em 0.2em 0.3em; +background:lightgoldenrodyellow; +border-bottom: 1px double #171717; +border-top: 1px double #171717; +border-left:1px double #333333; +border-right:1px double #333333; +} + +form.form .checkbox { text-align: left;} + +form.form .inputtextnowidth { +padding:0.5em 0.5em 0em 0em; +background:lightgoldenrodyellow; +border-bottom: 1px double #171717; +border-top: 1px double #171717; +border-left:1px double #333333; +border-right:1px double #333333; +} + +form.form .textbox{ +padding:7px 7px; +width:60%; +background:lightgoldenrodyellow; +border-bottom: 1px double #171717; +border-top: 1px double #171717; +border-left:1px double #333333; +border-right:1px double #333333; +overflow:hidden; +height:150px; +} + +form.form .button +{ +margin:0 0 10px 0; +padding:4px 7px; +background:goldenrod; +border:0px; +position: relative; +top:10px; +width:100px; +border-bottom: 1px double Goldenrod; +border-top: 1px double Gold; +border-left:1px double Goldenrod; +border-right:1px double Gold; +} + +.err {color:red;}
\ No newline at end of file @@ -0,0 +1,76 @@ +import sys +import cherrypy +import cfg +import sqlite3 +from filedict import FileDict + +def is_string(obj): + isinstance(obj, basestring) +def is_ascii(s): + return all(ord(c) < 128 for c in s) +def is_alphanumeric(string): + for c in string: + o = ord(c) + if not o in range(48, 58) + range(41, 91) + [95] + range(97, 123): + return False + return True + +def slurp(filespec): + with open(filespec) as x: f = x.read() + return f + +def unslurp(filespec, msg): + with open(filespec, 'w') as x: + x.write(msg) + +def find_in_seq(func, seq): + "Return first item in seq for which func(item) returns True." + for i in seq: + if func(i): + return i + +def find_keys(dic, val): + """return the key of dictionary dic given the value""" + return [k for k, v in dic.iteritems() if v == val] + +class Message(): + def __init__(self, msg=''): + self.text = msg + def add(self, text): + self.text += "<br />%s" % text + +def page_template(template='base', **kwargs): + for k in ['sidebar_left', 'sidebar_right', 'main', 'js', 'onload', 'nav', 'css']: + if not k in kwargs: + kwargs[k] = '' + + if template=='base' and kwargs['sidebar_right']=='': + template='two_col' + if isinstance(template, basestring): + exec ("from templates.%s import %s as template" % (template, template)) + try: + submenu = cfg.main_menu.active_item().encode("sub_menu", render_subs=True) + except AttributeError: + submenu = "" + + kwargs['template'] = template + kwargs['main_menu_js'] = cfg.main_menu.encode("main_menu") + kwargs['sub_menu_js'] = submenu + kwargs['current_url'] = cherrypy.url() + kwargs['username'] = cherrypy.session.get(cfg.session_key) + + if not kwargs['nav']: kwargs['nav'] = """ <SCRIPT LANGUAGE="JavaScript"> + <!-- + side_menu(sub_menu_items); + // --> + </SCRIPT>""" + + return str(template(searchList=[kwargs])) + +def filedict_con(filespec=None, table='dict'): + """TODO: better error handling in filedict_con""" + try: + return FileDict(connection=sqlite3.connect(filespec), table=table) + except IOError as (errno, strerror): + cfg.log.critical("I/O error({0}): {1}".format(errno, strerror)) + sys.exit(-1) |
