code.py

from __future__ import annotations


__copyright__ = "Copyright (C) 2014 Andreas Kloeckner"

__license__ = """
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
"""

import django.forms as forms
from django.conf import settings
from django.core.exceptions import ObjectDoesNotExist
from django.utils.html import escape
from django.utils.translation import gettext as _

from course.constants import flow_permission
from course.page.base import (
    AnswerFeedback,
    PageBaseWithHumanTextFeedback,
    PageBaseWithoutHumanGrading,
    PageBaseWithTitle,
    PageBaseWithValue,
    get_auto_feedback,
    get_editor_interaction_mode,
    markup_to_html,
)
from course.validation import AttrSpec, ValidationError
from relate.utils import StyledForm, string_concat


# DEBUGGING SWITCH:
# True for 'spawn containers' (normal operation)
# False for 'just connect to localhost:CODE_QUESTION_CONTAINER_PORT' as runcode'
SPAWN_CONTAINERS = True


# {{{ html sanitization helper

def is_allowed_data_uri(allowed_mimetypes, uri):
    import re
    m = re.match(r"^data:([-a-z0-9]+/[-a-z0-9]+);base64,", uri)
    if not m:
        return False

    mimetype = m.group(1)
    return mimetype in allowed_mimetypes


def filter_audio_attributes(tag, name, value):
    if name in ["controls"]:
        return True
    else:
        return False


def filter_source_attributes(tag, name, value):
    if name in ["type"]:
        return True
    elif name == "src":
        if is_allowed_data_uri([
                "audio/wav",
                ], value):
            return True
        else:
            return False
    else:
        return False


def filter_img_attributes(tag, name, value):
    if name in ["alt", "title"]:
        return True
    elif name == "src":
        return is_allowed_data_uri([
            "image/png",
            "image/jpeg",
            ], value)
    else:
        return False


def filter_attributes(tag, name, value):
    from bleach.sanitizer import ALLOWED_ATTRIBUTES

    allowed_attrs = ALLOWED_ATTRIBUTES.get(tag, [])
    result = name in allowed_attrs

    if tag == "audio":
        result = result or filter_audio_attributes(tag, name, value)
    elif tag == "source":
        result = result or filter_source_attributes(tag, name, value)
    elif tag == "img":
        result = result or filter_img_attributes(tag, name, value)

    # {{{ prohibit data URLs anywhere not allowed above

    # Follows approach suggested in
    # https://github.com/mozilla/bleach/issues/348#issuecomment-359484660

    from html5lib.filters.sanitizer import attr_val_is_uri

    if (None, name) in attr_val_is_uri or (tag, name) in attr_val_is_uri:
        from urllib.parse import urlparse
        try:
            parsed_url = urlparse(value)
        except ValueError:
            # could not parse URL: tough beans
            return False

        if parsed_url.scheme == "data" and not result:
            return False

    # }}}

    return result


def sanitize_from_code_html(s):
    import bleach

    if not isinstance(s, str):
        return _("(Non-string in 'HTML' output filtered out)")

    return bleach.clean(s,
            tags=[*bleach.ALLOWED_TAGS, "audio", "video", "source"],
            protocols=[*bleach.ALLOWED_PROTOCOLS, "data"],
            attributes=filter_attributes)

# }}}


# {{{ base code question

class CodeForm(StyledForm):
    # prevents form submission with codemirror's empty textarea
    use_required_attribute = False

    def __init__(self, read_only, interaction_mode, initial_code,
            language_mode, data=None, *args, **kwargs):
        super().__init__(data, *args, **kwargs)

        from course.utils import get_codemirror_widget
        cm_widget, cm_help_text = get_codemirror_widget(
                language_mode=language_mode,
                interaction_mode=interaction_mode,

                # Automatically focus the text field once there has
                # been some input.
                autofocus=(
                    not read_only
                    and (data is not None and "answer" in data)))
        if read_only:
            cm_widget.attrs["readonly"] = None

        self.fields["answer"] = forms.CharField(required=True,
            initial=initial_code,
            help_text=cm_help_text,
            widget=cm_widget,
            label=_("Answer"))

    def clean(self):
        # FIXME Should try compilation
        pass


CODE_QUESTION_CONTAINER_PORT = 9941
DOCKER_TIMEOUT = 15


class InvalidPingResponse(RuntimeError):
    pass


def request_run(run_req, run_timeout, image=None):
    import errno
    import http.client as http_client
    import json

    import docker
    from docker.errors import APIError as DockerAPIError

    debug = False
    if debug:
        def debug_print(s):