i dZddlZddlmZddlmZmZdeddfdZ dd e fd Z d ed e defd Z dZdd e ddfdZdd e de ddfdZdZdefdZdS)z) Hermes Web UI -- HTTP helper functions. N)Path) IMAGE_EXTSMD_EXTSbodyreturncrfd|D}|r%tdd|dS)zHPhase D: Validate required fields. Raises ValueError with clean message.cpg|]2}||dk0|3S)r)get).0frs (/home/ubuntu/hermes-webui/api/helpers.py zrequire.. s<IIIQ I q8H8Hq8H8H8HzMissing required field(s): z, N) ValueErrorjoin)rfieldsmissings` r requirer sTIIII&IIIGMKtyy7I7IKKLLLMMrstatusc*t|d|i|S)z#Return a clean JSON error response.error)r)j)handlermsgrs r badrs WwnV 4 4 44rroot requestedc||z }|||S)zEResolve a relative path inside root, raising ValueError on traversal.)resolve relative_to)rrresolveds r safe_resolver#s9y ))++H ((( Orc|dd|dd|dddS)z'Add security headers to every response.zX-Content-Type-OptionsnosniffzX-Frame-OptionsDENYzReferrer-Policyz same-originN) send_header)rs r _security_headersr(sM 0)<<< )6222 )=99999rctj|ddd}|||dd|dt t ||dd t|||j |d S) zSend a JSON response.F) ensure_asciiindentutf-8 Content-Typezapplication/json; charset=utf-8Content-Length Cache-Controlno-storeN) _jsondumpsencode send_responser'strlenr( end_headerswfilewrite)rpayloadrrs r rr#s ;wU1 = = = D DW M MD &!!! (IJJJ (#c$ii..999 444g  Mrtext/plain; charset=utf-8 content_typect|tr|n!t|d}|||d||dtt ||ddt|||j |dS)z#Send a plain text or HTML response.r.r/r0r1r2N) isinstancebytesr7r5r6r'r8r(r9r:r;)rr<rr>rs r trB/s %00 R77c'll6I6I'6R6RD &!!!  555 (#c$ii..999 444g  Mri@c(t|jdd}|tkrt d|dtd|r|j|nd} tj|S#t$ricYSwxYw)z9Read and JSON-parse a POST request body (capped at 20MB).r0rzRequest body too large (z bytes, max )s{}) intheadersr MAX_BODY_BYTESrrfilereadr3loads Exception)rlengthraws r read_bodyrN>s $$%5q99 : :F YFYYYYYZZZ(. 9'-  V $ $ $EC{3  s.B BB)r)r))r)r=)__doc__jsonr3pathlibr api.configrrdictrrErr7r#r(rrBrGrNrr rUsI********M$MDMMMM55c5555 t:::   D       s [_    " $      r