Verified Command, fixes in webnotes.conn.touch

2013-12-30 18:26:35 +05:30 · 2013-12-30 18:26:35 +05:30 · 44d258c8f8
commit 44d258c8f8
parent 4e978b8639
3 changed files with 35 additions and 45 deletions
--- a/webnotes/db.py
+++ b/webnotes/db.py
@ -404,8 +404,10 @@ class Database:
 		
 	def touch(self, doctype, docname):
 		from webnotes.utils import now
+		modified = now()
 		webnotes.conn.sql("""update `tab{doctype}` set `modified`=%s 
-			where name=%s""".format(doctype=doctype), (now(), docname))
+			where name=%s""".format(doctype=doctype), (modified, docname))
+		return modified

 	def set_global(self, key, val, user='__global'):
 		self.set_default(key, val, user)
--- a/webnotes/utils/init.py
+++ b/webnotes/utils/init.py
@ -904,47 +904,3 @@ def touch_file(path):
 	with open(path, 'a'):
 		os.utime(path, None)
 	return True
-	
-class HashAuthenticatedCommand(object):
-	def __init__(self):
-		if hasattr(self, 'command'):
-			import inspect
-			self.fnargs, varargs, varkw, defaults = inspect.getargspec(self.command)
-			self.fnargs.append('signature')
-
-	def __call__(self, *args, **kwargs):
-		signature = kwargs.pop('signature')
-		if self.verify_signature(kwargs, signature):
-			return self.command(*args, **kwargs)
-		else:
-			self.signature_error()
-
-	def command(self):
-		raise NotImplementedError
-		
-	def signature_error(self):
-		raise InvalidSignatureError
-
-	def get_signature(self, params, ignore_params=None):
-		import hmac
-		params = self.get_param_string(params, ignore_params=ignore_params)
-		secret = "secret"
-		signature = hmac.new(self.get_nonce())
-		signature.update(secret)
-		signature.update(params)
-		return signature.hexdigest()
-
-	def get_param_string(self, params, ignore_params=None):
-		if not ignore_params:
-			ignore_params = []
-		params = [unicode(param) for param in params if param not in ignore_params]
-		params = ''.join(params)
-		return params
-
-	def get_nonce():
-		raise NotImplementedError
-
-	def verify_signature(self, params, signature):
-		if signature == self.get_signature(params):
-			return True
-		return False
--- a/webnotes/utils/verified_command.py
+++ b/webnotes/utils/verified_command.py
@ -0,0 +1,32 @@
+# Copyright (c) 2013, Web Notes Technologies Pvt. Ltd. and Contributors
+# MIT License. See license.txt 
+
+from __future__ import unicode_literals
+import hmac
+import urllib
+
+import webnotes
+from webnotes.utils import cstr
+
+def get_url(params, nonce, secret=None):
+	signature = get_signature(params, nonce, secret)
+	params['signature'] = signature
+	return ''.join([webnotes.local.request.url_root, '?', urllib.urlencode(params)])
+	
+def get_signature(params, nonce, secret=None):
+	params = "".join((cstr(p) for p in params))
+	if not secret:
+		secret = webnotes.local.conf.get("secret") or "secret"
+		
+	signature = hmac.new(nonce)
+	signature.update(secret)
+	signature.update(params)
+	return signature.hexdigest()
+
+def verify_using_bean(bean, signature):
+	controller = bean.get_controller()
+	return signature == get_signature(controller.get_signature_params(), controller.get_nonce())
+	
+def get_url_using_bean(bean):
+	controller = bean.get_controller()
+	return get_url(controller.get_signature_params(), controller.get_nonce())