arthexis 0.1.20__py3-none-any.whl → 0.1.22__py3-none-any.whl

pages/views.py

@@ -1,5 +1,6 @@
 import base64
 import logging
+import mimetypes
 from pathlib import Path
 from types import SimpleNamespace
 import datetime
@@ -21,9 +22,11 @@ from django import forms
 from django.apps import apps as django_apps
 from utils.decorators import security_group_required
 from utils.sites import get_site
-from django.http import Http404, HttpResponse, JsonResponse
+from django.contrib.staticfiles import finders
+from django.http import FileResponse, Http404, HttpResponse, JsonResponse
 from django.shortcuts import get_object_or_404, redirect, render
 from nodes.models import Node
+from nodes.utils import capture_screenshot, save_screenshot
 from django.template import loader
 from django.template.response import TemplateResponse
 from django.test import RequestFactory, signals as test_signals
@@ -33,14 +36,19 @@ from django.utils.encoding import force_bytes, force_str
 from django.utils.http import urlsafe_base64_decode, urlsafe_base64_encode
 from core import mailer, public_wifi
 from core.backends import TOTP_DEVICE_NAME
-from django.utils.translation import gettext as _
+from django.utils.translation import get_language, gettext as _
+
+try:  # pragma: no cover - compatibility shim for Django versions without constant
+    from django.utils.translation import LANGUAGE_SESSION_KEY
+except ImportError:  # pragma: no cover - fallback when constant is unavailable
+    LANGUAGE_SESSION_KEY = "_language"
 from django.views.decorators.csrf import csrf_exempt, ensure_csrf_cookie
 from django.views.decorators.http import require_POST
 from django.core.cache import cache
 from django.views.decorators.cache import never_cache
-from django.utils.cache import patch_vary_headers
-from django.core.exceptions import PermissionDenied
-from django.utils.text import slugify
+from django.utils.cache import patch_cache_control, patch_vary_headers
+from django.core.exceptions import PermissionDenied, SuspiciousFileOperation
+from django.utils.text import slugify, Truncator
 from django.core.validators import EmailValidator
 from django.db.models import Q
 from core.models import (
@@ -48,6 +56,7 @@ from core.models import (
     ClientReport,
     ClientReportSchedule,
     SecurityGroup,
+    Todo,
 )
 
 try:  # pragma: no cover - optional dependency guard
@@ -58,16 +67,34 @@ except ImportError:  # pragma: no cover - handled gracefully in views
     CalledProcessError = ExecutableNotFound = None
 
 import markdown
+from django.utils._os import safe_join
 
 
 MARKDOWN_EXTENSIONS = ["toc", "tables", "mdx_truly_sane_lists"]
 
+MARKDOWN_IMAGE_PATTERN = re.compile(
+    r"(?P<prefix><img\b[^>]*\bsrc=[\"\'])(?P<scheme>(?:static|work))://(?P<path>[^\"\']+)(?P<suffix>[\"\'])",
+    re.IGNORECASE,
+)
+
+ALLOWED_IMAGE_EXTENSIONS = {
+    ".apng",
+    ".avif",
+    ".gif",
+    ".jpg",
+    ".jpeg",
+    ".png",
+    ".svg",
+    ".webp",
+}
+
 
 def _render_markdown_with_toc(text: str) -> tuple[str, str]:
     """Render ``text`` to HTML and return the HTML and stripped TOC."""
 
     md = markdown.Markdown(extensions=MARKDOWN_EXTENSIONS)
     html = md.convert(text)
+    html = _rewrite_markdown_asset_links(html)
     toc_html = md.toc
     toc_html = _strip_toc_wrapper(toc_html)
     return html, toc_html
@@ -82,6 +109,86 @@ def _strip_toc_wrapper(toc_html: str) -> str:
         if toc_html.endswith("</div>"):
             toc_html = toc_html[: -len("</div>")]
     return toc_html.strip()
+
+
+def _rewrite_markdown_asset_links(html: str) -> str:
+    """Rewrite asset links that reference local asset schemes."""
+
+    def _replace(match: re.Match[str]) -> str:
+        scheme = match.group("scheme").lower()
+        asset_path = match.group("path").lstrip("/")
+        if not asset_path:
+            return match.group(0)
+        extension = Path(asset_path).suffix.lower()
+        if extension not in ALLOWED_IMAGE_EXTENSIONS:
+            return match.group(0)
+        try:
+            asset_url = reverse(
+                "pages:readme-asset",
+                kwargs={"source": scheme, "asset": asset_path},
+            )
+        except NoReverseMatch:
+            return match.group(0)
+        return f"{match.group('prefix')}{escape(asset_url)}{match.group('suffix')}"
+
+    return MARKDOWN_IMAGE_PATTERN.sub(_replace, html)
+
+
+def _resolve_static_asset(path: str) -> Path:
+    normalized = path.lstrip("/")
+    if not normalized:
+        raise Http404("Asset not found")
+    resolved = finders.find(normalized)
+    if not resolved:
+        raise Http404("Asset not found")
+    if isinstance(resolved, (list, tuple)):
+        resolved = resolved[0]
+    file_path = Path(resolved)
+    if file_path.is_dir():
+        raise Http404("Asset not found")
+    return file_path
+
+
+def _resolve_work_asset(user, path: str) -> Path:
+    if not (user and getattr(user, "is_authenticated", False)):
+        raise PermissionDenied
+    normalized = path.lstrip("/")
+    if not normalized:
+        raise Http404("Asset not found")
+    username = getattr(user, "get_username", None)
+    if callable(username):
+        username = username()
+    else:
+        username = getattr(user, "username", "")
+    username_component = Path(str(username or user.pk)).name
+    base_work = Path(settings.BASE_DIR) / "work"
+    try:
+        user_dir = Path(safe_join(str(base_work), username_component))
+        asset_path = Path(safe_join(str(user_dir), normalized))
+    except SuspiciousFileOperation as exc:
+        logger.warning("Rejected suspicious work asset path: %s", normalized, exc_info=exc)
+        raise Http404("Asset not found") from exc
+    try:
+        user_dir_resolved = user_dir.resolve(strict=True)
+    except FileNotFoundError as exc:
+        logger.warning(
+            "Work directory missing for asset request: %s", user_dir, exc_info=exc
+        )
+        raise Http404("Asset not found") from exc
+    try:
+        asset_resolved = asset_path.resolve(strict=True)
+    except FileNotFoundError as exc:
+        raise Http404("Asset not found") from exc
+    try:
+        asset_resolved.relative_to(user_dir_resolved)
+    except ValueError as exc:
+        logger.warning(
+            "Rejected work asset outside directory: %s", asset_resolved, exc_info=exc
+        )
+        raise Http404("Asset not found") from exc
+    if asset_resolved.is_dir():
+        raise Http404("Asset not found")
+    return asset_resolved
 from pages.utils import landing
 from core.liveupdate import live_update
 from django_otp import login as otp_login
@@ -487,19 +594,33 @@ def _locate_readme_document(role, doc: str | None, lang: str) -> SimpleNamespace
                     continue
                 candidates.append(candidate)
     else:
+        default_readme = readme_base / "README.md"
+        root_default: Path | None = None
         if lang:
             candidates.append(readme_base / f"README.{lang}.md")
             short = lang.split("-")[0]
             if short != lang:
                 candidates.append(readme_base / f"README.{short}.md")
-        candidates.append(readme_base / "README.md")
         if readme_base != root_base:
+            candidates.append(default_readme)
             if lang:
                 candidates.append(root_base / f"README.{lang}.md")
                 short = lang.split("-")[0]
                 if short != lang:
                     candidates.append(root_base / f"README.{short}.md")
-            candidates.append(root_base / "README.md")
+            root_default = root_base / "README.md"
+        else:
+            root_default = default_readme
+        locale_base = root_base / "locale"
+        if locale_base.exists():
+            if lang:
+                candidates.append(locale_base / f"README.{lang}.md")
+                short = lang.split("-")[0]
+                if short != lang:
+                    candidates.append(locale_base / f"README.{short}.md")
+            candidates.append(locale_base / "README.md")
+        if root_default is not None:
+            candidates.append(root_default)
 
     readme_file = next((p for p in candidates if p.exists()), None)
     if readme_file is None:
@@ -552,6 +673,44 @@ def _render_readme(request, role, doc: str | None = None):
     return response
 
 
+def readme_asset(request, source: str, asset: str):
+    source_normalized = (source or "").lower()
+    if source_normalized == "static":
+        file_path = _resolve_static_asset(asset)
+    elif source_normalized == "work":
+        file_path = _resolve_work_asset(getattr(request, "user", None), asset)
+    else:
+        raise Http404("Asset not found")
+
+    if not file_path.exists() or not file_path.is_file():
+        raise Http404("Asset not found")
+
+    extension = file_path.suffix.lower()
+    if extension not in ALLOWED_IMAGE_EXTENSIONS:
+        raise Http404("Asset not found")
+
+    try:
+        file_handle = file_path.open("rb")
+    except OSError as exc:  # pragma: no cover - unexpected filesystem error
+        logger.warning("Unable to open asset %s", file_path, exc_info=exc)
+        raise Http404("Asset not found") from exc
+
+    content_type = mimetypes.guess_type(str(file_path))[0] or "application/octet-stream"
+    response = FileResponse(file_handle, content_type=content_type)
+    try:
+        response["Content-Length"] = str(file_path.stat().st_size)
+    except OSError:  # pragma: no cover - filesystem race
+        pass
+
+    if source_normalized == "work":
+        patch_cache_control(response, private=True, no_store=True)
+        patch_vary_headers(response, ["Cookie"])
+    else:
+        patch_cache_control(response, public=True, max_age=3600)
+
+    return response
+
+
 class MarkdownDocumentForm(forms.Form):
     content = forms.CharField(
         widget=forms.Textarea(
@@ -710,11 +869,6 @@ def release_checklist(request):
     return response
 
 
-@csrf_exempt
-def datasette_auth(request):
-    if request.user.is_authenticated:
-        return HttpResponse("OK")
-    return HttpResponse(status=401)
 
 
 class CustomLoginView(LoginView):
@@ -1274,6 +1428,25 @@ def client_report(request):
     return render(request, "pages/client_report.html", context)
 
 
+def _get_request_language_code(request) -> str:
+    language_code = ""
+    if hasattr(request, "session"):
+        language_code = request.session.get(LANGUAGE_SESSION_KEY, "")
+    if not language_code:
+        cookie_name = getattr(settings, "LANGUAGE_COOKIE_NAME", "django_language")
+        language_code = request.COOKIES.get(cookie_name, "")
+    if not language_code:
+        language_code = getattr(request, "LANGUAGE_CODE", "") or ""
+    if not language_code:
+        language_code = get_language() or ""
+
+    language_code = language_code.strip()
+    if not language_code:
+        return ""
+
+    return language_code.replace("_", "-").lower()[:15]
+
+
 @require_POST
 def submit_user_story(request):
     throttle_seconds = getattr(settings, "USER_STORY_THROTTLE_SECONDS", 300)
@@ -1295,12 +1468,12 @@ def submit_user_story(request):
             )
 
     data = request.POST.copy()
-    if request.user.is_authenticated and not data.get("name"):
+    if request.user.is_authenticated:
         data["name"] = request.user.get_username()[:40]
     if not data.get("path"):
         data["path"] = request.get_full_path()
 
-    form = UserStoryForm(data)
+    form = UserStoryForm(data, user=request.user)
     if request.user.is_authenticated:
         form.instance.user = request.user
 
@@ -1309,8 +1482,7 @@ def submit_user_story(request):
         if request.user.is_authenticated:
             story.user = request.user
             story.owner = request.user
-            if not story.name:
-                story.name = request.user.get_username()[:40]
+            story.name = request.user.get_username()[:40]
         if not story.name:
             story.name = str(_("Anonymous"))[:40]
         story.path = (story.path or request.get_full_path())[:500]
@@ -1318,7 +1490,83 @@ def submit_user_story(request):
         story.user_agent = request.META.get("HTTP_USER_AGENT", "")
         story.ip_address = client_ip or None
         story.is_user_data = True
+        language_code = _get_request_language_code(request)
+        if language_code:
+            story.language_code = language_code
         story.save()
+        if request.user.is_authenticated and request.user.is_superuser:
+            comment_text = (story.comments or "").strip()
+            prefix = "Triage "
+            request_field = Todo._meta.get_field("request")
+            available_length = max(request_field.max_length - len(prefix), 0)
+            if available_length > 0 and comment_text:
+                summary = Truncator(comment_text).chars(
+                    available_length, truncate="…"
+                )
+            else:
+                summary = comment_text[:available_length]
+            todo_request = f"{prefix}{summary}".strip()
+            user_is_authenticated = request.user.is_authenticated
+            node = Node.get_local()
+            existing_todo = (
+                Todo.objects.filter(request__iexact=todo_request, is_deleted=False)
+                .order_by("pk")
+                .first()
+            )
+            if existing_todo:
+                update_fields: set[str] = set()
+                if node and existing_todo.origin_node_id != node.pk:
+                    existing_todo.origin_node = node
+                    update_fields.add("origin_node")
+                if existing_todo.original_user_id != request.user.pk:
+                    existing_todo.original_user = request.user
+                    update_fields.add("original_user")
+                if (
+                    existing_todo.original_user_is_authenticated
+                    != user_is_authenticated
+                ):
+                    existing_todo.original_user_is_authenticated = (
+                        user_is_authenticated
+                    )
+                    update_fields.add("original_user_is_authenticated")
+                if not existing_todo.is_user_data:
+                    existing_todo.is_user_data = True
+                    update_fields.add("is_user_data")
+                if update_fields:
+                    existing_todo.save(update_fields=tuple(update_fields))
+            else:
+                Todo.objects.create(
+                    request=todo_request,
+                    origin_node=node,
+                    original_user=request.user,
+                    original_user_is_authenticated=user_is_authenticated,
+                    is_user_data=True,
+                )
+        if story.take_screenshot:
+            screenshot_url = request.META.get("HTTP_REFERER", "")
+            parsed = urlparse(screenshot_url)
+            if not (parsed.scheme and parsed.netloc):
+                target_path = story.path or request.get_full_path() or "/"
+                screenshot_url = request.build_absolute_uri(target_path)
+            try:
+                screenshot_path = capture_screenshot(screenshot_url)
+            except Exception:  # pragma: no cover - best effort capture
+                logger.exception("Failed to capture screenshot for user story %s", story.pk)
+            else:
+                try:
+                    sample = save_screenshot(
+                        screenshot_path,
+                        method="USER_STORY",
+                        user=story.user if story.user_id else None,
+                    )
+                except Exception:  # pragma: no cover - best effort persistence
+                    logger.exception(
+                        "Failed to persist screenshot for user story %s", story.pk
+                    )
+                else:
+                    if sample is not None:
+                        story.screenshot = sample
+                        story.save(update_fields=["screenshot"])
         return JsonResponse({"success": True})
 
     return JsonResponse({"success": False, "errors": form.errors}, status=400)

core/workgroup_urls.py

@@ -1,17 +0,0 @@
-"""URL routes for assistant profile endpoints."""
-
-from django.urls import path
-
-from . import workgroup_views as views
-
-app_name = "workgroup"
-
-urlpatterns = [
-    path(
-        "assistant-profiles/<int:user_id>/",
-        views.issue_key,
-        name="assistantprofile-issue",
-    ),
-    path("assistant/test/", views.assistant_test, name="assistant-test"),
-    path("chat/", views.chat, name="chat"),
-]

core/workgroup_views.py

@@ -1,94 +0,0 @@
-"""REST endpoints for AssistantProfile issuance and authentication."""
-
-from __future__ import annotations
-
-from functools import wraps
-
-from django.apps import apps
-from django.contrib.auth import get_user_model
-from django.forms.models import model_to_dict
-from django.http import HttpResponse, JsonResponse
-from django.views.decorators.csrf import csrf_exempt
-from django.views.decorators.http import require_GET, require_POST
-
-from .models import AssistantProfile, hash_key
-
-
-@csrf_exempt
-@require_POST
-def issue_key(request, user_id: int) -> JsonResponse:
-    """Issue a new ``user_key`` for ``user_id``.
-
-    The response reveals the plain key once. Store only the hash server-side.
-    """
-
-    user = get_user_model().objects.get(pk=user_id)
-    profile, key = AssistantProfile.issue_key(user)
-    return JsonResponse({"user_id": user_id, "user_key": key})
-
-
-def authenticate(view_func):
-    """View decorator that validates the ``Authorization`` header."""
-
-    @wraps(view_func)
-    def wrapper(request, *args, **kwargs):
-        header = request.META.get("HTTP_AUTHORIZATION", "")
-        if not header.startswith("Bearer "):
-            return HttpResponse(status=401)
-
-        key_hash = hash_key(header.split(" ", 1)[1])
-        try:
-            profile = AssistantProfile.objects.get(
-                user_key_hash=key_hash, is_active=True
-            )
-        except AssistantProfile.DoesNotExist:
-            return HttpResponse(status=401)
-
-        profile.touch()
-        request.assistant_profile = profile
-        request.chat_profile = profile
-        return view_func(request, *args, **kwargs)
-
-    return wrapper
-
-
-@require_GET
-@authenticate
-def assistant_test(request):
-    """Return a simple greeting to confirm authentication."""
-
-    profile = getattr(request, "assistant_profile", None)
-    user_id = profile.user_id if profile else None
-    return JsonResponse({"message": f"Hello from user {user_id}"})
-
-
-@require_GET
-@authenticate
-def chat(request):
-    """Return serialized data from any model.
-
-    Clients must provide ``model`` as ``app_label.ModelName`` and may include a
-    ``pk`` to fetch a specific record. When ``pk`` is omitted, the view returns
-    up to 100 records.
-    """
-
-    model_label = request.GET.get("model")
-    if not model_label:
-        return JsonResponse({"error": "model parameter required"}, status=400)
-    try:
-        model = apps.get_model(model_label)
-    except LookupError:
-        return JsonResponse({"error": "unknown model"}, status=400)
-
-    qs = model.objects.all()
-    pk = request.GET.get("pk")
-    if pk is not None:
-        try:
-            obj = qs.get(pk=pk)
-        except model.DoesNotExist:
-            return JsonResponse({"error": "object not found"}, status=404)
-        data = model_to_dict(obj)
-    else:
-        data = [model_to_dict(o) for o in qs[:100]]
-
-    return JsonResponse({"data": data})