Changeset 1184:03073d3aa649

Timestamp:

09/15/06 13:29:18 (7 years ago)

Author:

boothby@…

Branch:

default

Message:

[project @ worksheet locking]

Location:

sage/server/notebook

Files:

• css.py (modified) (1 diff)
• js.py (modified) (6 diffs)
• notebook.py (modified) (8 diffs)
• server.py (modified) (16 diffs)
• worksheet.py (modified) (6 diffs)

sage/server/notebook/css.py

@@ -1127 +1127 @@
   width: 100%;
 }
+
+span.red{
+  color:red;
+}
+
 
 

sage/server/notebook/js.py

@@ -75 +75 @@
 var sub_introspecting = false;
 
-var worksheet_id=0;   // The current worksheet.  Where else does this get set?
+// Info about the current worksheet.  These get set in notebook.py
+var worksheet_id=0;   
+var worksheet_filename='';
+var worksheet_name='';
 
 var id_to_delete=-1;
@@ -107 +110 @@
 var in_slide_mode = false; //whether or not we're in slideshow mode
 var slide_hidden = false; //whether the current slide has the hidden input class
+
+var worksheet_locked;
 
 ///////////////////////////////////////////////////////////////////
@@ -488 +493 @@
 ///////////////////////////////////////////////////////////////////
 
-function add_worksheet(name) {
+function add_worksheet(name,pass) {
     async_request('async_obj_add_worksheet', '/add_worksheet',
-                   add_worksheet_callback, 'name='+name)
-}
-
-function add_worksheet_callback(status, response_text) {
+                   add_worksheet_callback, 'name='+name+'&passcode='+pass)
+}
+
+function add_worksheet_callback(status,response_text) {
     if (status == "success") {
         /* expect response_text to encode a pair consisting of
@@ -606 +611 @@
     var add_worksheet_box = get_element('new_worksheet_box');
     name = add_worksheet_box.value;
+    var add_worksheet_pass = get_element('new_worksheet_pass');
+    pass = add_worksheet_pass.value;
     add_worksheet_box.value = '';    
-    add_worksheet(name);
+    add_worksheet_pass.value = '';    
+    add_worksheet(name,pass);
 }
 
@@ -630 +638 @@
 }
 
+function unlock_worksheet() {
+    lock = get_element("worksheet_lock");
+    lock.innerHTML = 'Enter Passcode: <input onKeyPress="return unlock_worksheet_submit(event,value);" id="lock_input">';
+    lock.innerHTML+= '<span id="unlock_error" class="red"></span>';
+    lock_input = get_element("lock_input");
+    lock_input.focus();    
+}
+
+function unlock_worksheet_submit(e,passcode) {
+    if(is_submit(e)) {
+        document.cookie = "ws_"+worksheet_name+"_passcode="+passcode;
+        async_request('async_unlock', '/unlock_worksheet', unlock_worksheet_callback, 'worksheet_id='+worksheet_id);
+        return false;
+    }
+    return true;
+}
+
+function unlock_worksheet_callback(status, response_text) {
+    if(status == 'success' && response_text == 'ok') {
+        lock = get_element("worksheet_lock");
+        lock.parentNode.removeChild(lock);
+        worksheet_locked = false;
+    } else {
+        lock_input = get_element("lock_input");
+        lock_input.value = "";
+        lock_input.focus();
+        txt = get_element('unlock_error');
+        if(txt)
+            txt.innerHTML = 'incorrect';
+    }
+}
 
 ///////////////////////////////////////////////////////////////////
@@ -1025 +1064 @@
 
 function evaluate_cell(id, action) {
+    if(worksheet_locked) {
+        alert("This worksheet is locked.  Click on the word [locked] next to the worksheet name to unlock it.")
+        return;
+    }
+
     active_cell_list = active_cell_list.concat([id]);
 

sage/server/notebook/notebook.py

@@ -561 +561 @@
         return set([W.id() for W in self.__worksheets.itervalues()])
 
-    def create_new_worksheet(self, name='untitled'):
+    def create_new_worksheet(self, name='untitled', passcode=''):
         if name in self.__worksheets.keys():
             raise KeyError, 'name (=%s) already taken.'%name
         name = str(name)
+        passcode = str(passcode)
         wids = self.worksheet_ids()
         id = 0
@@ -573 +574 @@
             raise ValueError, 'there can be at most %s worksheets'%MAX_WORKSHEETS
         self.__next_worksheet_id += 1
-        W = worksheet.Worksheet(name, self, id, system=self.system())
+        W = worksheet.Worksheet(name, self, id, system=self.system(), passcode=passcode)
         self.__worksheets[name] = W
         return W
@@ -718 +719 @@
         return head
 
-    def _html_body(self, worksheet_id, show_debug=False):
+    def _html_body(self, worksheet_id, show_debug=False, worksheet_authorized=False):
         worksheet = self.get_worksheet_with_id(worksheet_id)
         if worksheet.computing():
@@ -727 +728 @@
         add_new_worksheet_menu = """
              <div class="add_new_worksheet_menu" id="add_worksheet_menu">
-             <input id="new_worksheet_box" class="add_new_worksheet_menu"
+             Name: <input id="new_worksheet_box" class="add_new_worksheet_menu"
                     onKeyPress="if(is_submit(event)) process_new_worksheet_menu_submit();"></input>
+             Pass: <input id="new_worksheet_pass" class="add_new_worksheet_menu"
+                    onKeyPress="if(is_submit(event)) process_new_worksheet_menu_submit();"></input>
+
              <button class="add_new_worksheet_menu"  onClick="process_new_worksheet_menu_submit();">add</button>
-             &nbsp;&nbsp;&nbsp;<span class="X" onClick="hide_add_new_worksheet_menu()">X</span>
+             <span class="X" onClick="hide_add_new_worksheet_menu()">X</span>
              </div>
         """             
@@ -790 +794 @@
             body += " onFocus='debug_focus();' onBlur='debug_blur();'></textarea>"
             body += "</div>"
-        body += worksheet.html()
+        body += worksheet.html(authorized = worksheet_authorized) + '\n</div>\n'
 
         # The blank space given by '<br>'*15  is needed so the input doesn't get
@@ -818 +822 @@
         body += '<script language=javascript>focus(%s)</script>\n'%(worksheet[0].id())
         body += '<script language=javascript>jsmath_init();</script>\n'
+
+        if worksheet_authorized:
+            body += '<script language=javascript>worksheet_locked=false;</script>'
+        else:
+            body += '<script language=javascript>worksheet_locked=true;</script>'
 
         if worksheet.computing():
@@ -953 +962 @@
          """%(css.css(self.color()),js.javascript())
 
-    def html(self, worksheet_id=None, authorized=False, show_debug=False):
+    def html(self, worksheet_id=None, authorized=False, show_debug=False, worksheet_authorized=False):
         if worksheet_id is None:
             W = self.default_worksheet()
@@ -965 +974 @@
 
         if authorized:
-            body = self._html_body(worksheet_id,show_debug=show_debug)
+            body = self._html_body(worksheet_id,show_debug=show_debug, worksheet_authorized=worksheet_authorized)
         else:
             body = self._html_authorize()
 
-        body += '<script language=javascript>worksheet_id=%s; worksheet_filename="%s"</script>'%(worksheet_id, W.filename())
+        body += '<script language=javascript>worksheet_id=%s; worksheet_filename="%s"; worksheet_name="%s";</script>'%(worksheet_id, W.filename(), W.name())
 
         head = self._html_head(worksheet_id)

sage/server/notebook/server.py

@@ -61 +61 @@
         typ = C['type'][0]
         W = notebook.get_worksheet_that_has_cell_with_id(id)
-        cell = W.get_cell_with_id(id)
-        cell.set_cell_output_type(typ)
+        if self.auth_worksheet(W):
+            cell = W.get_cell_with_id(id)
+            cell.set_cell_output_type(typ)
 
     def hide_all(self):
@@ -68 +69 @@
         id = int(C['worksheet_id'][0])
         W = notebook.get_worksheet_with_id(id)
-        W.hide_all()
+        if self.auth_worksheet(W):
+            W.hide_all()
 
     def restart_sage(self):
@@ -74 +76 @@
         id = int(C['worksheet_id'][0])
         W = notebook.get_worksheet_with_id(id)
-        W.restart_sage()
-        self.wfile.write('done')
+        if self.auth_worksheet(W):
+            W.restart_sage()
+            self.wfile.write('done')
 
     def show_all(self):
         C = self.get_postvars()
         id = int(C['worksheet_id'][0])
-        W = notebook.get_worksheet_with_id(id)
-        W.show_all()
+        if self.auth_worksheet(W):
+            W = notebook.get_worksheet_with_id(id)
+            W.show_all()
 
     def eval_cell(self, newcell=False, introspect=False):
@@ -90 +94 @@
         verbose('%s: %s'%(id, input_text))
         W = notebook.get_worksheet_that_has_cell_with_id(id)
+        if not self.auth_worksheet(W):
+            return
+
         cell = W.get_cell_with_id(id)
         if not introspect:
@@ -118 +125 @@
 
         W = notebook.get_worksheet_that_has_cell_with_id(id)
+        if not self.auth_worksheet(W):
+            return
+
         cell = W.get_cell_with_id(id)
         #TB: this tends to obliterate long cells -- if the user doesn't submit between
@@ -135 +145 @@
         verbose("Adding new cell before cell with id %s"%id)
         W = notebook.get_worksheet_that_has_cell_with_id(id)
+        if not self.auth_worksheet(W):
+            return
+
         cell = W.new_cell_before(id)
         #notebook.save()
@@ -145 +158 @@
         verbose("Adding new cell after cell with id %s"%id)
         W = notebook.get_worksheet_that_has_cell_with_id(id)
+        if not self.auth_worksheet(W):
+            return
+
         cell = W.new_cell_after(id)
         #notebook.save()
@@ -155 +171 @@
         verbose("Deleting cell with id %s"%id)
         W = notebook.get_worksheet_that_has_cell_with_id(id)
+        if not self.auth_worksheet(W):
+            return
+
         if len(W) <= 1 or W.is_last_id_and_previous_is_nonempty(id):
             self.wfile.write('ignore')
@@ -219 +238 @@
         C = self.get_postvars()
         worksheet_id = int(C['worksheet_id'][0])
-        worksheet = notebook.get_worksheet_with_id(worksheet_id)
-        t = worksheet.interrupt()
+        W = notebook.get_worksheet_with_id(worksheet_id)
+        if not self.auth_worksheet(W):
+            return
+
+        t = W.interrupt()
         if t:
             self.wfile.write('ok')
@@ -229 +251 @@
         C = self.get_postvars()
         worksheet_name = C['name'][0]
-        try:
-            W = notebook.create_new_worksheet(worksheet_name)
+        passcode = C['passcode'][0]
+        try:
+            W = notebook.create_new_worksheet(worksheet_name, passcode)
         except ValueError, msg:
             print msg
@@ -238 +261 @@
         self.wfile.write(new_worksheet_list + SEP + str(W.name()))
 
+    def auth_worksheet(self, W):
+        n = W.name()
+        passcode = ''
+        if self.cookie.has_key('ws_%s_passcode'%n):
+            passcode = self.cookie['ws_%s_passcode'%n].value
+        return W.auth(passcode)
+
+    def unlock_worksheet(self):
+        C = self.get_postvars()
+        worksheet_id = int(C['worksheet_id'][0])
+        W = notebook.get_worksheet_with_id(worksheet_id)
+        if not self.auth_worksheet(W):
+            self.wfile.write('failed')
+        else:
+            self.wfile.write('ok')
+
     def delete_worksheet(self):
         C = self.get_postvars()
         worksheet_name = C['name'][0]
+        W = notebook.get_worksheet_with_name(worksheet_name)
+        if not self.auth_worksheet(W):
+            return
+
         try:
             W = notebook.delete_worksheet(worksheet_name)
@@ -450 +493 @@
     def show_page(self, worksheet_id=None,show_debug=False):
         self.send_head()
+        W = notebook.get_worksheet_with_id(worksheet_id)
         self.wfile.write(notebook.html(worksheet_id=worksheet_id,
                                        authorized=self.authorize(),
-                                       show_debug=show_debug))
+                                       show_debug=show_debug,
+                                       worksheet_authorized = self.auth_worksheet(W)))
 
 
@@ -463 +508 @@
     def do_GET(self):
         verbose("GET: " + self.path)
+        self.get_cookie()
         # The question mark hack here is so that images will be reloaded when
         # the async request requests the output text for a computation.
@@ -499 +545 @@
             self.file_not_found()
 
-    def authorize(self):
+    def get_cookie(self):
         self.cookie=Cookie.SimpleCookie()
         if self.headers.has_key('cookie'):
             self.cookie=Cookie.SimpleCookie(self.headers.getheader("cookie"))
+
+    def authorize(self):
         username = password = "";
         if self.cookie.has_key('username'):
@@ -511 +559 @@
 
     def do_POST(self):
+        self.get_cookie()
         content_type, post_dict = cgi.parse_header(self.headers.getheader('content-type'))
         verbose("POST: %s"%post_dict)
@@ -567 +616 @@
             elif self.path[-17:] == '/delete_worksheet':
                 self.delete_worksheet()
+            elif self.path[-17:] == '/unlock_worksheet':
+                self.unlock_worksheet()
 #            elif self.path == '/upload_worksheet':
 #                self.upload_worksheet_local_file()

sage/server/notebook/worksheet.py

@@ -43 +43 @@
 
 class Worksheet:
-    def __init__(self, name, notebook, id, system=None):
+    def __init__(self, name, notebook, id, system=None, passcode = ''):
         name = ' '.join(name.split())
         self.__id = id
@@ -50 +50 @@
         self.__name = name
         self.__notebook = notebook
+        self.__passcode = passcode
         dir = list(name)
         for i in range(len(dir)):
@@ -81 +82 @@
             for C in self.__cells:
                 C.set_worksheet(self)
+
+    def passcode(self):
+        try:
+            return self.__passcode
+        except AttributeError:
+            self.__passcode = ''
+            return ''
 
     def filename(self):
@@ -537 +545 @@
         return self.__notebook.format_completions_as_html(id, rows)
 
-
-
-
+    def auth(self, passcode):
+        if self.passcode() == '':
+            return True
+        else:
+            return self.passcode() == passcode
 
     def _strip_synchro_from_start_of_output(self, s):
@@ -1051 +1061 @@
         return s
 
-    def html(self, include_title=True, do_print=False):
+    def html(self, include_title=True, do_print=False, authorized=False):
         n = len(self.__cells)
         s = ''
@@ -1061 +1071 @@
             else:
                 system =''
-            s += '<div class="worksheet_title">Worksheet: %s%s</div>\n'%(self.name(),system)
+            if not authorized:
+                lock_text = '&nbsp;&nbsp;<span id="worksheet_lock" class="locked" onClick="unlock_worksheet()">[locked]</span>'
+            else:
+                lock_text = ''
+
+            s += '<div class="worksheet_title">Worksheet: %s%s%s</div>\n'%(self.name(),system,lock_text)
         D = self.__notebook.defaults()
         ncols = D['word_wrap_cols']