WIP Webdav integration

setup.py

     'marshmallow <3.0.0a1,>2.0.0',
     # CLI
     'cliff',
+    # Webdav
+    'wsgidav',
+    'PyYAML',
     # others
     'filedepot',
     'babel',
             'user_create = tracim.command.user:CreateUserCommand',
             'user_update = tracim.command.user:UpdateUserCommand',
             'db_init = tracim.command.initializedb:InitializeDBCommand',
+            'webdav start = tracim.command.webdav:WebdavRunnerCommand',
         ]
     },
 )

tracim/command/__init__.py

 from pyramid.paster import bootstrap
 from pyramid.scripting import AppEnvironment
 from tracim.exceptions import CommandAbortedError
+from tracim.lib.utils.utils import DEFAULT_TRACIM_CONFIG_FILE
 
 
 class TracimCLI(App):
         parser.add_argument(
             "-c",
             "--config",
-            help='application config file to read (default: development.ini)',
+            help='application config file to read (default: {})'.format(
+                DEFAULT_TRACIM_CONFIG_FILE
+            ),
             dest='config_file',
-            default="development.ini"
+            default=DEFAULT_TRACIM_CONFIG_FILE,
         )
         return parser
 

tracim/command/webdav.py

+# -*- coding: utf-8 -*-
+import argparse
+
+import plaster_pastedeploy
+from waitress import serve
+
+from tracim.command import AppContextCommand
+from tracim.lib.webdav import WebdavAppFactory
+
+
+class WebdavRunnerCommand(AppContextCommand):
+    auto_setup_context = False
+
+    def get_description(self) -> str:
+        return "run webdav server"
+
+    def get_parser(self, prog_name: str) -> argparse.ArgumentParser:
+        parser = super().get_parser(prog_name)
+        return parser
+
+    def take_action(self, parsed_args: argparse.Namespace) -> None:
+        super(WebdavRunnerCommand, self).take_action(parsed_args)
+        tracim_config = parsed_args.config_file
+        # TODO - G.M - 16-04-2018 - Allow specific webdav config file
+        app_factory = WebdavAppFactory(
+            tracim_config_file_path=tracim_config,
+        )
+        app = app_factory.get_wsgi_app()
+        serve(app)

tracim/exceptions.py

 
 class ImmutableAttribute(TracimException):
     pass
+
+
+class DigestAuthNotImplemented(Exception):
+    pass

tracim/lib/utils/utils.py

 # -*- coding: utf-8 -*-
 import datetime
 
+DEFAULT_WEBDAV_CONFIG_FILE = "wsgidav.conf"
+DEFAULT_TRACIM_CONFIG_FILE = "development.ini"
+
 
 def cmp_to_key(mycmp):
     """

tracim/lib/webdav/__init__.py

+import json
+import sys
+import os
+from pyramid.paster import get_appsettings
+from waitress import serve
+from wsgidav.wsgidav_app import DEFAULT_CONFIG
+from wsgidav.xml_tools import useLxml
+from wsgidav.wsgidav_app import WsgiDAVApp
+
+from tracim import CFG
+from tracim.lib.utils.utils import DEFAULT_TRACIM_CONFIG_FILE, \
+    DEFAULT_WEBDAV_CONFIG_FILE
+from tracim.lib.webdav.dav_provider import Provider
+from tracim.lib.webdav.authentification import TracimDomainController
+from wsgidav.dir_browser import WsgiDavDirBrowser
+from wsgidav.http_authenticator import HTTPAuthenticator
+from wsgidav.error_printer import ErrorPrinter
+from tracim.lib.webdav.middlewares import TracimWsgiDavDebugFilter, \
+    TracimEnforceHTTPS, TracimEnv, TracimUserSession
+
+from inspect import isfunction
+import traceback
+
+from tracim.models import get_engine, get_session_factory
+
+
+class WebdavAppFactory(object):
+
+    def __init__(self,
+                 webdav_config_file_path: str = None,
+                 tracim_config_file_path: str = None,
+                 ):
+        self.config = self._initConfig(
+            webdav_config_file_path,
+            tracim_config_file_path
+        )
+
+    def _initConfig(self,
+                    webdav_config_file_path: str = None,
+                    tracim_config_file_path: str = None
+                    ):
+        """Setup configuration dictionary from default,
+         command line and configuration file."""
+        if not webdav_config_file_path:
+            webdav_config_file_path = DEFAULT_WEBDAV_CONFIG_FILE
+        if not tracim_config_file_path:
+            tracim_config_file_path = DEFAULT_TRACIM_CONFIG_FILE
+
+        # Set config defaults
+        config = DEFAULT_CONFIG.copy()
+        temp_verbose = config["verbose"]
+
+        default_config_file = os.path.abspath(webdav_config_file_path)
+        webdav_config_file = self._readConfigFile(
+            webdav_config_file_path,
+            temp_verbose
+            )
+        # Configuration file overrides defaults
+        config.update(webdav_config_file)
+
+        # Get pyramid Env
+        tracim_config_file_path = os.path.abspath(tracim_config_file_path)
+        config['tracim_config'] = tracim_config_file_path
+        settings = get_appsettings(config['tracim_config'])
+        app_config = CFG(settings)
+
+        if not useLxml and config["verbose"] >= 1:
+            print(
+                "WARNING: Could not import lxml: using xml instead (slower). "
+                "consider installing lxml from http://codespeak.net/lxml/."
+            )
+
+        config['middleware_stack'] = [
+            TracimEnforceHTTPS,
+            WsgiDavDirBrowser,
+            TracimUserSession,
+            HTTPAuthenticator,
+            TracimEnv,
+            ErrorPrinter,
+            TracimWsgiDavDebugFilter,
+
+        ]
+        config['provider_mapping'] = {
+            config['root_path']: Provider(
+                # TODO: Test to Re enabme archived and deleted
+                show_archived=False,  # config['show_archived'],
+                show_deleted=False,  # config['show_deleted'],
+                show_history=False,  # config['show_history'],
+                app_config=app_config,
+            )
+        }
+
+        config['domaincontroller'] = TracimDomainController(
+            presetdomain=None,
+            presetserver=None,
+            app_config = app_config,
+        )
+        return config
+
+    # INFO - G.M - 13-04-2018 - Copy from
+    # wsgidav.server.run_server._readConfigFile
+    def _readConfigFile(self, config_file, verbose):
+        """Read configuration file options into a dictionary."""
+
+        if not os.path.exists(config_file):
+            raise RuntimeError("Couldn't open configuration file '%s'." % config_file)
+
+        if config_file.endswith(".json"):
+            with open(config_file, mode="r", encoding="utf-8") as json_file:
+                return json.load(json_file)
+
+        try:
+            import imp
+            conf = {}
+            configmodule = imp.load_source("configuration_module", config_file)
+
+            for k, v in vars(configmodule).items():
+                if k.startswith("__"):
+                    continue
+                elif isfunction(v):
+                    continue
+                conf[k] = v
+        except Exception as e:
+            # if verbose >= 1:
+            #    traceback.print_exc()
+            exceptioninfo = traceback.format_exception_only(sys.exc_type, sys.exc_value)
+            exceptiontext = ""
+            for einfo in exceptioninfo:
+                exceptiontext += einfo + "\n"
+    #        raise RuntimeError("Failed to read configuration file: " + config_file + "\nDue to "
+    #            + exceptiontext)
+            print("Failed to read configuration file: " + config_file +
+                  "\nDue to " + exceptiontext, file=sys.stderr)
+            raise
+
+        return conf
+
+    def get_wsgi_app(self):
+        return WsgiDAVApp(self.config)
+
+
+if __name__ == '__main__':
+    app_factory = WebdavAppFactory()
+    app = app_factory.get_wsgi_app()
+    serve(app)

tracim/lib/webdav/authentification.py

+# coding: utf8
+from tracim.exceptions import DigestAuthNotImplemented
+from tracim.lib.core.user import UserApi
+
+DEFAULT_TRACIM_WEBDAV_REALM = '/'
+
+
+class TracimDomainController(object):
+    """
+    The domain controller is used by http_authenticator to authenticate the user every time a request is
+    sent
+    """
+    def __init__(self, app_config, presetdomain=None, presetserver=None):
+        self.app_config = app_config
+
+    def getDomainRealm(self, inputURL, environ):
+        return DEFAULT_TRACIM_WEBDAV_REALM
+
+    def getRealmUserPassword(self, realmname, username, environ):
+        """
+        This method is normally only use for digest auth. wsgidav need
+        plain password to deal with it. as we didn't
+        provide support for this kind of auth, this method raise an exception.
+        """
+        raise DigestAuthNotImplemented
+
+    def requireAuthentication(self, realmname, environ):
+        return True
+
+    def isRealmUser(self, realmname, username, environ):
+        """
+        Called to check if for a given root, the username exists (though here we don't make difference between
+        root as we're always starting at tracim's root
+        """
+        api = UserApi(None, environ['tracim_dbsession'], self.app_config)
+        try:
+             api.get_one_by_email(username)
+             return True
+        except:
+             return False
+
+    def authDomainUser(self, realmname, username, password, environ):
+        """
+        If you ever feel the need to send a request al-mano with a curl, this is the function that'll be called by
+        http_authenticator to validate the password sent
+        """
+        api = UserApi(None, environ['tracim_dbsession'], self.app_config)
+        return self.isRealmUser(realmname, username, environ) and \
+             api.get_one_by_email(username).validate_password(password)

tracim/lib/webdav/dav_provider.py

+# coding: utf8
+
+import re
+from os.path import basename, dirname
+
+from sqlalchemy.orm.exc import NoResultFound
+
+from tracim import CFG
+from tracim.lib.webdav.utils import transform_to_bdd, HistoryType, \
+    SpecialFolderExtension
+
+from wsgidav.dav_provider import DAVProvider
+from wsgidav.lock_manager import LockManager
+
+
+from tracim.lib.webdav.lock_storage import LockStorage
+from tracim.lib.core.content import ContentApi
+from tracim.lib.core.content import ContentRevisionRO
+from tracim.lib.core.workspace import WorkspaceApi
+from tracim.lib.webdav import resources
+from tracim.lib.webdav.utils import normpath
+from tracim.models.data import ContentType, Content, Workspace
+
+
+class Provider(DAVProvider):
+    """
+    This class' role is to provide to wsgidav _DAVResource. Wsgidav will then use them to execute action and send
+    informations to the client
+    """
+
+    def __init__(
+            self,
+            app_config: CFG,
+            show_history=True,
+            show_deleted=True,
+            show_archived=True,
+            manage_locks=True,
+    ):
+        super(Provider, self).__init__()
+
+        if manage_locks:
+            self.lockManager = LockManager(LockStorage())
+
+        self.app_config = app_config
+        self._show_archive = show_archived
+        self._show_delete = show_deleted
+        self._show_history = show_history
+
+    def show_history(self):
+        return self._show_history
+
+    def show_delete(self):
+        return self._show_delete
+
+    def show_archive(self):
+        return self._show_archive
+
+    #########################################################
+    # Everything override from DAVProvider
+    def getResourceInst(self, path: str, environ: dict):
+        """
+        Called by wsgidav whenever a request is called to get the _DAVResource corresponding to the path
+        """
+        user = environ['tracim_user']
+        session = environ['tracim_dbsession']
+        if not self.exists(path, environ):
+            return None
+        path = normpath(path)
+        root_path = environ['http_authenticator.realm']
+
+        # If the requested path is the root, then we return a Root resource
+        if path == root_path:
+            return resources.Root(path, environ, user=user, session=session)
+
+        workspace_api = WorkspaceApi(current_user=user, session=session)
+        workspace = self.get_workspace_from_path(path, workspace_api)
+
+        # If the request path is in the form root/name, then we return a Workspace resource
+        parent_path = dirname(path)
+        if parent_path == root_path:
+            if not workspace:
+                return None
+            return resources.Workspace(
+                path=path,
+                environ=environ,
+                workspace=workspace,
+                user=user,
+                session=session,
+            )
+
+        # And now we'll work on the path to establish which type or resource is requested
+
+        content_api = ContentApi(
+            current_user=user,
+            session=session,
+            config=self.app_config,
+            show_archived=False,  # self._show_archive,
+            show_deleted=False,  # self._show_delete
+        )
+
+        content = self.get_content_from_path(
+            path=path,
+            content_api=content_api,
+            workspace=workspace
+        )
+
+
+        # Easy cases : path either end with /.deleted, /.archived or /.history, then we return corresponding resources
+        if path.endswith(SpecialFolderExtension.Archived) and self._show_archive:
+            return resources.ArchivedFolder(path, environ, workspace, content)
+
+        if path.endswith(SpecialFolderExtension.Deleted) and self._show_delete:
+            return resources.DeletedFolder(path, environ, workspace, content)
+
+        if path.endswith(SpecialFolderExtension.History) and self._show_history:
+            is_deleted_folder = re.search(r'/\.deleted/\.history$', path) is not None
+            is_archived_folder = re.search(r'/\.archived/\.history$', path) is not None
+
+            type = HistoryType.Deleted if is_deleted_folder \
+                else HistoryType.Archived if is_archived_folder \
+                else HistoryType.Standard
+
+            return resources.HistoryFolder(path, environ, workspace, content, type)
+
+        # Now that's more complicated, we're trying to find out if the path end with /.history/file_name
+        is_history_file_folder = re.search(r'/\.history/([^/]+)$', path) is not None
+
+        if is_history_file_folder and self._show_history:
+            return resources.HistoryFileFolder(
+                path=path,
+                environ=environ,
+                content=content
+            )
+
+        # And here next step :
+        is_history_file = re.search(r'/\.history/[^/]+/\((\d+) - [a-zA-Z]+\) .+', path) is not None
+
+        if self._show_history and is_history_file:
+
+            revision_id = re.search(r'/\.history/[^/]+/\((\d+) - [a-zA-Z]+\) ([^/].+)$', path).group(1)
+
+            content_revision = content_api.get_one_revision(revision_id)
+            content = self.get_content_from_revision(content_revision, content_api)
+
+            if content.type == ContentType.File:
+                return resources.HistoryFile(path, environ, content, content_revision)
+            else:
+                return resources.HistoryOtherFile(path, environ, content, content_revision)
+
+        # And if we're still going, the client is asking for a standard Folder/File/Page/Thread so we check the type7
+        # and return the corresponding resource
+
+        if content is None:
+            return None
+        if content.type == ContentType.Folder:
+            return resources.Folder(
+                path=path,
+                environ=environ,
+                workspace=content.workspace,
+                content=content,
+                session=session,
+                user=user,
+            )
+        elif content.type == ContentType.File:
+            return resources.File(
+                path=path,
+                environ=environ,
+                content=content,
+                session=session,
+                user=user
+            )
+        else:
+            return resources.OtherFile(
+                path=path,
+                environ=environ,
+                content=content,
+                session=session,
+                user=user,
+            )
+
+    def exists(self, path, environ) -> bool:
+        """
+        Called by wsgidav to check if a certain path is linked to a _DAVResource
+        """
+
+        path = normpath(path)
+        working_path = self.reduce_path(path)
+        root_path = environ['http_authenticator.realm']
+        parent_path = dirname(working_path)
+        user = environ['tracim_user']
+        session = environ['tracim_dbsession']
+        if path == root_path:
+            return True
+
+        workspace = self.get_workspace_from_path(
+            path,
+            WorkspaceApi(current_user=user, session=session)
+        )
+
+        if parent_path == root_path or workspace is None:
+            return workspace is not None
+
+        # TODO bastien: Arnaud avait mis a True, verif le comportement
+        # lorsque l'on explore les dossiers archive et deleted
+        content_api = ContentApi(
+            current_user=user,
+            session=session,
+            config=self.app_config,
+            show_archived=False,
+            show_deleted=False
+        )
+
+        revision_id = re.search(r'/\.history/[^/]+/\((\d+) - [a-zA-Z]+\) ([^/].+)$', path)
+
+        is_archived = self.is_path_archive(path)
+
+        is_deleted = self.is_path_delete(path)
+
+        if revision_id:
+            revision_id = revision_id.group(1)
+            content = content_api.get_one_revision(revision_id)
+        else:
+            content = self.get_content_from_path(working_path, content_api, workspace)
+
+        return content is not None \
+            and content.is_deleted == is_deleted \
+            and content.is_archived == is_archived
+
+    def is_path_archive(self, path):
+        """
+        This function will check if a given path is linked to a file that's archived or not. We're checking if the
+        given path end with one of these string :
+
+        ex:
+            - /a/b/.archived/my_file
+            - /a/b/.archived/.history/my_file
+            - /a/b/.archived/.history/my_file/(3615 - edition) my_file
+        """
+
+        return re.search(
+            r'/\.archived/(\.history/)?(?!\.history)[^/]*(/\.)?(history|deleted|archived)?$',
+            path
+        ) is not None
+
+    def is_path_delete(self, path):
+        """
+        This function will check if a given path is linked to a file that's deleted or not. We're checking if the
+        given path end with one of these string :
+
+        ex:
+            - /a/b/.deleted/my_file
+            - /a/b/.deleted/.history/my_file
+            - /a/b/.deleted/.history/my_file/(3615 - edition) my_file
+        """
+
+        return re.search(
+            r'/\.deleted/(\.history/)?(?!\.history)[^/]*(/\.)?(history|deleted|archived)?$',
+            path
+        ) is not None
+
+    def reduce_path(self, path: str) -> str:
+        """
+        As we use the given path to request the database
+
+        ex: if the path is /a/b/.deleted/c/.archived, we're trying to get the archived content of the 'c' resource,
+        we need to keep the path /a/b/c
+
+        ex: if the path is /a/b/.history/my_file, we're trying to get the history of the file my_file, thus we need
+        the path /a/b/my_file
+
+        ex: if the path is /a/b/.history/my_file/(1985 - edition) my_old_name, we're looking for,
+        thus we remove all useless information
+        """
+        path = re.sub(r'/\.archived', r'', path)
+        path = re.sub(r'/\.deleted', r'', path)
+        path = re.sub(r'/\.history/[^/]+/(\d+)-.+', r'/\1', path)
+        path = re.sub(r'/\.history/([^/]+)', r'/\1', path)
+        path = re.sub(r'/\.history', r'', path)
+
+        return path
+
+    def get_content_from_path(self, path, content_api: ContentApi, workspace: Workspace) -> Content:
+        """
+        Called whenever we want to get the Content item from the database for a given path
+        """
+        path = self.reduce_path(path)
+        parent_path = dirname(path)
+
+        relative_parents_path = parent_path[len(workspace.label)+1:]
+        parents = relative_parents_path.split('/')
+
+        try:
+            parents.remove('')
+        except ValueError:
+            pass
+        parents = [transform_to_bdd(x) for x in parents]
+
+        try:
+            return content_api.get_one_by_label_and_parent_labels(
+                content_label=transform_to_bdd(basename(path)),
+                content_parent_labels=parents,
+                workspace=workspace,
+            )
+        except NoResultFound:
+            return None
+
+    def get_content_from_revision(self, revision: ContentRevisionRO, api: ContentApi) -> Content:
+        try:
+            return api.get_one(revision.content_id, ContentType.Any)
+        except NoResultFound:
+            return None
+
+    def get_parent_from_path(self, path, api: ContentApi, workspace) -> Content:
+        return self.get_content_from_path(dirname(path), api, workspace)
+
+    def get_workspace_from_path(self, path: str, api: WorkspaceApi) -> Workspace:
+        try:
+            return api.get_one_by_label(transform_to_bdd(path.split('/')[1]))
+        except NoResultFound:
+            return None

tracim/lib/webdav/design.py

+#coding: utf8
+from datetime import datetime
+
+from tracim.models.data import VirtualEvent
+from tracim.models.data import ContentType
+from tracim.models import data
+
+# FIXME: fix temporaire ...
+style = """
+.title {
+	background:#F5F5F5;
+	padding-right:15px;
+	padding-left:15px;
+	padding-top:10px;
+	border-bottom:1px solid #CCCCCC;
+	overflow:auto;
+} .title h1 { margin-top:0; }
+
+.content {
+	padding: 15px;
+}
+
+#left{ padding:0; }
+
+#right {
+	background:#F5F5F5;
+	border-left:1px solid #CCCCCC;
+	border-bottom: 1px solid #CCCCCC;
+	padding-top:15px;
+}
+@media (max-width: 1200px) {
+	#right {
+		border-top:1px solid #CCCCCC;
+		border-left: none;
+		border-bottom: none;
+	}
+}
+
+body { overflow:auto; }
+
+.btn {
+	text-align: left;
+}
+
+.table tbody tr .my-align {
+	vertical-align:middle;
+}
+
+.title-icon {
+	font-size:2.5em;
+	float:left;
+	margin-right:10px;
+}
+.title.page, .title-icon.page { color:#00CC00; }
+.title.thread, .title-icon.thread { color:#428BCA; }
+
+/* ****************************** */
+.description-icon {
+	color:#999;
+	font-size:3em;
+}
+
+.description {
+	border-left: 5px solid #999;
+	padding-left: 10px;
+	margin-left: 10px;
+	margin-bottom:10px;
+}
+
+.description-text {
+	display:block;
+	overflow:hidden;
+	color:#999;
+}
+
+.comment-row:nth-child(2n) {
+	background-color:#F5F5F5;
+}
+
+.comment-row:nth-child(2n+1) {
+	background-color:#FFF;
+}
+
+.comment-icon {
+	color:#CCC;
+	font-size:3em;
+	display:inline-block;
+	margin-right: 10px;
+	float:left;
+}
+
+.comment-content {
+	display:block;
+	overflow:hidden;
+}
+
+.comment, .comment-revision {
+	padding:10px;
+	border-top: 1px solid #999;
+}
+
+.comment-revision-icon {
+	color:#777;
+	margin-right: 10px;
+}
+
+.title-text {
+	display: inline-block;
+}
+"""
+
+_LABELS = {
+    'archiving': 'Item archived',
+    'content-comment': 'Item commented',
+    'creation': 'Item created',
+    'deletion': 'Item deleted',
+    'edition': 'item modified',
+    'revision': 'New revision',
+    'status-update': 'New status',
+    'unarchiving': 'Item unarchived',
+    'undeletion': 'Item undeleted',
+    'move': 'Item moved',
+    'comment': 'Comment',
+    'copy' : 'Item copied',
+}
+
+
+def create_readable_date(created, delta_from_datetime: datetime = None):
+    if not delta_from_datetime:
+        delta_from_datetime = datetime.now()
+
+    delta = delta_from_datetime - created
+
+    if delta.days > 0:
+        if delta.days >= 365:
+            aff = '%d year%s ago' % (delta.days / 365, 's' if delta.days / 365 >= 2 else '')
+        elif delta.days >= 30:
+            aff = '%d month%s ago' % (delta.days / 30, 's' if delta.days / 30 >= 2 else '')
+        else:
+            aff = '%d day%s ago' % (delta.days, 's' if delta.days >= 2 else '')
+    else:
+        if delta.seconds < 60:
+            aff = '%d second%s ago' % (delta.seconds, 's' if delta.seconds > 1 else '')
+        elif delta.seconds / 60 < 60:
+            aff = '%d minute%s ago' % (delta.seconds / 60, 's' if delta.seconds / 60 >= 2 else '')
+        else:
+            aff = '%d hour%s ago' % (delta.seconds / 3600, 's' if delta.seconds / 3600 >= 2 else '')
+
+    return aff
+
+def designPage(content: data.Content, content_revision: data.ContentRevisionRO) -> str:
+    hist = content.get_history(drop_empty_revision=False)
+    histHTML = '<table class="table table-striped table-hover">'
+    for event in hist:
+        if isinstance(event, VirtualEvent):
+            date = event.create_readable_date()
+            label = _LABELS[event.type.id]
+
+            histHTML += '''
+                <tr class="%s">
+                    <td class="my-align"><span class="label label-default"><i class="fa %s"></i> %s</span></td>
+                    <td>%s</td>
+                    <td>%s</td>
+                    <td>%s</td>
+                </tr>
+                ''' % ('warning' if event.id == content_revision.revision_id else '',
+                       event.type.icon,
+                       label,
+                       date,
+                       event.owner.display_name,
+                       # NOTE: (WABDAV_HIST_DEL_DISABLED) Disabled for beta 1.0
+                       '<i class="fa fa-caret-left"></i> shown'  if event.id == content_revision.revision_id else '' # '''<span><a class="revision-link" href="/.history/%s/(%s - %s) %s.html">(View revision)</a></span>''' % (
+                       # content.label, event.id, event.type.id, event.ref_object.label) if event.type.id in ['revision', 'creation', 'edition'] else '')
+                   )
+    histHTML += '</table>'
+
+    page = '''
+<html>
+<head>
+	<meta charset="utf-8" />
+	<title>%s</title>
+	<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css">
+	<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
+	<style>%s</style>
+	<script type="text/javascript" src="/home/arnaud/Documents/css/script.js"></script>
+	<script
+			  src="https://code.jquery.com/jquery-3.1.0.min.js"
+			  integrity="sha256-cCueBR6CsyA4/9szpPfrX3s49M9vUU5BgtiJj06wt/s="
+			  crossorigin="anonymous"></script>
+</head>
+<body>
+    <div id="left" class="col-lg-8 col-md-12 col-sm-12 col-xs-12">
+        <div class="title page">
+            <div class="title-text">
+                <i class="fa fa-file-text-o title-icon page"></i>
+                <h1>%s</h1>
+                <h6>page created on <b>%s</b> by <b>%s</b></h6>
+            </div>
+            <div class="pull-right">
+                <div class="btn-group btn-group-vertical">
+                    <!-- NOTE: Not omplemented yet, don't display not working link
+                     <a class="btn btn-default">
+                         <i class="fa fa-external-link"></i> View in tracim</a>
+                     </a>-->
+                </div>
+            </div>
+        </div>
+        <div class="content col-xs-12 col-sm-12 col-md-12 col-lg-12">
+            %s
+        </div>
+    </div>
+    <div id="right" class="col-lg-4 col-md-12 col-sm-12 col-xs-12">
+        <h4>History</h4>
+        %s
+    </div>
+    <script type="text/javascript">
+        window.onload = function() {
+            file_location = window.location.href
+            file_location = file_location.replace(/\/[^/]*$/, '')
+            file_location = file_location.replace(/\/.history\/[^/]*$/, '')
+
+            // NOTE: (WABDAV_HIST_DEL_DISABLED) Disabled for beta 1.0
+            // $('.revision-link').each(function() {
+            //    $(this).attr('href', file_location + $(this).attr('href'))
+            // });
+        }
+    </script>
+</body>
+</html>
+        ''' % (content_revision.label,
+               style,
+               content_revision.label,
+               content.created.strftime("%B %d, %Y at %H:%m"),
+               content.owner.display_name,
+               content_revision.description,
+               histHTML)
+
+    return page
+
+def designThread(content: data.Content, content_revision: data.ContentRevisionRO, comments) -> str:
+        hist = content.get_history(drop_empty_revision=False)
+
+        allT = []
+        allT += comments
+        allT += hist
+        allT.sort(key=lambda x: x.created, reverse=True)
+
+        disc = ''
+        participants = {}
+        for t in allT:
+            if t.type == ContentType.Comment:
+                disc += '''
+                    <div class="row comment comment-row">
+                        <i class="fa fa-comment-o comment-icon"></i>
+                            <div class="comment-content">
+                            <h5>
+                                <span class="comment-author"><b>%s</b> wrote :</span>
+                                <div class="pull-right text-right">%s</div>
+                            </h5>
+                            %s
+                        </div>
+                    </div>
+                    ''' % (t.owner.display_name, create_readable_date(t.created), t.description)
+
+                if t.owner.display_name not in participants:
+                    participants[t.owner.display_name] = [1, t.created]
+                else:
+                    participants[t.owner.display_name][0] += 1
+            else:
+                if isinstance(t, VirtualEvent) and t.type.id != 'comment':
+                    label = _LABELS[t.type.id]
+
+                    disc += '''
+                    <div class="%s row comment comment-row to-hide">
+                        <i class="fa %s comment-icon"></i>
+                            <div class="comment-content">
+                            <h5>
+                                <span class="comment-author"><b>%s</b></span>
+                                <div class="pull-right text-right">%s</div>
+                            </h5>
+                            %s %s
+                        </div>
+                    </div>
+                    ''' % ('warning' if t.id == content_revision.revision_id else '',
+                           t.type.icon,
+                           t.owner.display_name,
+                           t.create_readable_date(),
+                           label,
+                            # NOTE: (WABDAV_HIST_DEL_DISABLED) Disabled for beta 1.0
+                            '<i class="fa fa-caret-left"></i> shown' if t.id == content_revision.revision_id else '' # else '''<span><a class="revision-link" href="/.history/%s/%s-%s">(View revision)</a></span>''' % (
+                               # content.label,
+                               # t.id,
+                               # t.ref_object.label) if t.type.id in ['revision', 'creation', 'edition'] else '')
+                           )
+
+        thread = '''
+<html>
+<head>
+	<meta charset="utf-8" />
+	<title>%s</title>
+	<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js"></script>
+	<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css">
+	<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
+	<style>%s</style>
+	<script type="text/javascript" src="/home/arnaud/Documents/css/script.js"></script>
+</head>
+<body>
+    <div id="left" class="col-lg-12 col-md-12 col-sm-12 col-xs-12">
+        <div class="title thread">
+            <div class="title-text">
+                <i class="fa fa-comments-o title-icon thread"></i>
+                <h1>%s</h1>
+                <h6>thread created on <b>%s</b> by <b>%s</b></h6>
+            </div>
+            <div class="pull-right">
+                <div class="btn-group btn-group-vertical">
+                    <!-- NOTE: Not omplemented yet, don't display not working link
+                    <a class="btn btn-default" onclick="hide_elements()">
+                       <i id="hideshow" class="fa fa-eye-slash"></i> <span id="hideshowtxt" >Hide history</span></a>
+                    </a>-->
+                    <a class="btn btn-default">
+                        <i class="fa fa-external-link"></i> View in tracim</a>
+                    </a>
+                </div>
+            </div>
+        </div>
+        <div class="content col-xs-12 col-sm-12 col-md-12 col-lg-12">
+            <div class="description">
+                <span class="description-text">%s</span>
+            </div>
+            %s
+        </div>
+    </div>
+    <script type="text/javascript">
+        window.onload = function() {
+            file_location = window.location.href
+            file_location = file_location.replace(/\/[^/]*$/, '')
+            file_location = file_location.replace(/\/.history\/[^/]*$/, '')
+
+            // NOTE: (WABDAV_HIST_DEL_DISABLED) Disabled for beta 1.0
+            // $('.revision-link').each(function() {
+            //     $(this).attr('href', file_location + $(this).attr('href'))
+            // });
+        }
+
+        function hide_elements() {
+            elems = document.getElementsByClassName('to-hide');
+            if (elems.length > 0) {
+                for(var i = 0; i < elems.length; i++) {
+                    $(elems[i]).addClass('to-show')
+                    $(elems[i]).hide();
+                }
+                while (elems.length>0) {
+                    $(elems[0]).removeClass('comment-row');
+                    $(elems[0]).removeClass('to-hide');
+                }
+                $('#hideshow').addClass('fa-eye').removeClass('fa-eye-slash');
+                $('#hideshowtxt').html('Show history');
+            }
+            else {
+                elems = document.getElementsByClassName('to-show');
+                for(var i = 0; i<elems.length; i++) {
+                    $(elems[0]).addClass('comment-row');
+                    $(elems[i]).addClass('to-hide');
+                    $(elems[i]).show();
+                }
+                while (elems.length>0) {
+                    $(elems[0]).removeClass('to-show');
+                }
+                $('#hideshow').removeClass('fa-eye').addClass('fa-eye-slash');
+                $('#hideshowtxt').html('Hide history');
+            }
+        }
+    </script>
+</body>
+</html>
+        ''' % (content_revision.label,
+               style,
+               content_revision.label,
+               content.created.strftime("%B %d, %Y at %H:%m"),
+               content.owner.display_name,
+               content_revision.description,
+               disc)
+
+        return thread

tracim/lib/webdav/lock_storage.py

+import time
+
+from tracim.lib.webdav.model import Lock, Url2Token
+from wsgidav import util
+from wsgidav.lock_manager import normalizeLockRoot, lockString, generateLockToken, validateLock
+from wsgidav.rw_lock import ReadWriteLock
+
+_logger = util.getModuleLogger(__name__)
+
+
+def from_dict_to_base(lock):
+    return Lock(
+        token=lock["token"],
+        depth=lock["depth"],
+        root=lock["root"],
+        type=lock["type"],
+        scopre=lock["scope"],
+        owner=lock["owner"],
+        timeout=lock["timeout"],
+        principal=lock["principal"],
+        expire=lock["expire"]
+    )
+
+
+def from_base_to_dict(lock):
+    return {
+        'token': lock.token,
+        'depth': lock.depth,
+        'root': lock.root,
+        'type': lock.type,
+        'scope': lock.scope,
+        'owner': lock.owner,
+        'timeout': lock.timeout,
+        'principal': lock.principal,
+        'expire': lock.expire
+    }
+
+
+class LockStorage(object):
+    LOCK_TIME_OUT_DEFAULT = 604800  # 1 week, in seconds
+    LOCK_TIME_OUT_MAX = 4 * 604800  # 1 month, in seconds
+
+    def __init__(self):
+        self._session = None# todo Session()
+        self._lock = ReadWriteLock()
+
+    def __repr__(self):
+        return "C'est bien mon verrou..."
+
+    def __del__(self):
+        pass
+
+    def get_lock_db_from_token(self, token):
+        return self._session.query(Lock).filter(Lock.token == token).one_or_none()
+
+    def _flush(self):
+        """Overloaded by Shelve implementation."""
+        pass
+
+    def open(self):
+        """Called before first use.
+
+        May be implemented to initialize a storage.
+        """
+        pass
+
+    def close(self):
+        """Called on shutdown."""
+        pass
+
+    def cleanup(self):
+        """Purge expired locks (optional)."""
+        pass
+
+    def clear(self):
+        """Delete all entries."""
+        self._session.query(Lock).all().delete(synchronize_session=False)
+        self._session.commit()
+
+    def get(self, token):
+        """Return a lock dictionary for a token.
+
+        If the lock does not exist or is expired, None is returned.
+
+        token:
+            lock token
+        Returns:
+            Lock dictionary or <None>
+
+        Side effect: if lock is expired, it will be purged and None is returned.
+        """
+        self._lock.acquireRead()
+        try:
+            lock_base = self._session.query(Lock).filter(Lock.token == token).one_or_none()
+            if lock_base is None:
+                # Lock not found: purge dangling URL2TOKEN entries
+                _logger.debug("Lock purged dangling: %s" % token)
+                self.delete(token)
+                return None
+            expire = float(lock_base.expire)
+            if 0 <= expire < time.time():
+                _logger.debug("Lock timed-out(%s): %s" % (expire, lockString(from_base_to_dict(lock_base))))
+                self.delete(token)
+                return None
+            return from_base_to_dict(lock_base)
+        finally:
+            self._lock.release()
+
+    def create(self, path, lock):
+        """Create a direct lock for a resource path.
+
+        path:
+            Normalized path (utf8 encoded string, no trailing '/')
+        lock:
+            lock dictionary, without a token entry
+        Returns:
+            New unique lock token.: <lock
+
+        **Note:** the lock dictionary may be modified on return:
+
+        - lock['root'] is ignored and set to the normalized <path>
+        - lock['timeout'] may be normalized and shorter than requested
+        - lock['token'] is added
+        """
+        self._lock.acquireWrite()
+        try:
+            # We expect only a lock definition, not an existing lock
+            assert lock.get("token") is None
+            assert lock.get("expire") is None, "Use timeout instead of expire"
+            assert path and "/" in path
+
+            # Normalize root: /foo/bar
+            org_path = path
+            path = normalizeLockRoot(path)
+            lock["root"] = path
+
+            # Normalize timeout from ttl to expire-date
+            timeout = float(lock.get("timeout"))
+            if timeout is None:
+                timeout = LockStorage.LOCK_TIME_OUT_DEFAULT
+            elif timeout < 0 or timeout > LockStorage.LOCK_TIME_OUT_MAX:
+                timeout = LockStorage.LOCK_TIME_OUT_MAX
+
+            lock["timeout"] = timeout
+            lock["expire"] = time.time() + timeout
+
+            validateLock(lock)
+
+            token = generateLockToken()
+            lock["token"] = token
+
+            # Store lock
+            lock_db = from_dict_to_base(lock)
+
+            self._session.add(lock_db)
+
+            # Store locked path reference
+            url2token = Url2Token(
+                path=path,
+                token=token
+            )
+
+            self._session.add(url2token)
+            self._session.commit()
+
+            self._flush()
+            _logger.debug("LockStorageDict.set(%r): %s" % (org_path, lockString(lock)))
+            #            print("LockStorageDict.set(%r): %s" % (org_path, lockString(lock)))
+            return lock
+        finally:
+            self._lock.release()
+
+    def refresh(self, token, timeout):
+        """Modify an existing lock's timeout.
+
+        token:
+            Valid lock token.
+        timeout:
+            Suggested lifetime in seconds (-1 for infinite).
+            The real expiration time may be shorter than requested!
+        Returns:
+            Lock dictionary.
+            Raises ValueError, if token is invalid.
+        """
+        lock_db = self._session.query(Lock).filter(Lock.token == token).one_or_none()
+        assert lock_db is not None, "Lock must exist"
+        assert timeout == -1 or timeout > 0
+        if timeout < 0 or timeout > LockStorage.LOCK_TIME_OUT_MAX:
+            timeout = LockStorage.LOCK_TIME_OUT_MAX
+
+        self._lock.acquireWrite()
+        try:
+            # Note: shelve dictionary returns copies, so we must reassign values:
+            lock_db.timeout = timeout
+            lock_db.expire = time.time() + timeout
+            self._session.commit()
+            self._flush()
+        finally:
+            self._lock.release()
+        return from_base_to_dict(lock_db)
+
+    def delete(self, token):
+        """Delete lock.
+
+        Returns True on success. False, if token does not exist, or is expired.
+        """
+        self._lock.acquireWrite()
+        try:
+            lock_db = self._session.query(Lock).filter(Lock.token == token).one_or_none()
+            _logger.debug("delete %s" % lockString(from_base_to_dict(lock_db)))
+            if lock_db is None:
+                return False
+            # Remove url to lock mapping
+            url2token = self._session.query(Url2Token).filter(
+                Url2Token.path == lock_db.root,
+                Url2Token.token == token).one_or_none()
+            if url2token is not None:
+                self._session.delete(url2token)
+            # Remove the lock
+            self._session.delete(lock_db)
+            self._session.commit()
+
+            self._flush()
+        finally:
+            self._lock.release()
+        return True
+
+    def getLockList(self, path, includeRoot, includeChildren, tokenOnly):
+        """Return a list of direct locks for <path>.
+
+        Expired locks are *not* returned (but may be purged).
+
+        path:
+            Normalized path (utf8 encoded string, no trailing '/')
+        includeRoot:
+            False: don't add <path> lock (only makes sense, when includeChildren
+            is True).
+        includeChildren:
+            True: Also check all sub-paths for existing locks.
+        tokenOnly:
+            True: only a list of token is returned. This may be implemented
+            more efficiently by some providers.
+        Returns:
+            List of valid lock dictionaries (may be empty).
+        """
+        assert path and path.startswith("/")
+        assert includeRoot or includeChildren
+
+        def __appendLocks(toklist):
+            # Since we can do this quickly, we use self.get() even if
+            # tokenOnly is set, so expired locks are purged.
+            for token in toklist:
+                lock_db = self.get_lock_db_from_token(token)
+                if lock_db:
+                    if tokenOnly:
+                        lockList.append(lock_db.token)
+                    else:
+                        lockList.append(from_base_to_dict(lock_db))
+
+        path = normalizeLockRoot(path)
+        self._lock.acquireRead()
+        try:
+            tokList = self._session.query(Url2Token.token).filter(Url2Token.path == path).all()
+            lockList = []
+            if includeRoot:
+                __appendLocks(tokList)
+
+            if includeChildren:
+                for url, in self._session.query(Url2Token.path).group_by(Url2Token.path):
+                    if util.isChildUri(path, url):
+                        __appendLocks(self._session.query(Url2Token.token).filter(Url2Token.path == url))
+
+            return lockList
+        finally:
+            self._lock.release()

tracim/lib/webdav/middlewares.py

+import os
+import sys
+import threading
+import time
+from datetime import datetime
+from xml.etree import ElementTree
+
+import transaction
+import yaml
+from pyramid.paster import get_appsettings
+from wsgidav import util, compat
+from wsgidav.middleware import BaseMiddleware
+
+from tracim import CFG
+from tracim.lib.core.user import UserApi
+from tracim.models import get_engine, get_session_factory, get_tm_session
+
+
+class TracimWsgiDavDebugFilter(BaseMiddleware):
+    """
+    COPY PASTE OF wsgidav.debug_filter.WsgiDavDebugFilter
+    WITH ADD OF DUMP RESPONSE & REQUEST
+    """
+    def __init__(self, application, config):
+        self._application = application
+        self._config = config
+        #        self.out = sys.stderr
+        self.out = sys.stdout
+        self.passedLitmus = {}
+        # These methods boost verbose=2 to verbose=3
+        self.debug_methods = config.get("debug_methods", [])
+        # Litmus tests containing these string boost verbose=2 to verbose=3
+        self.debug_litmus = config.get("debug_litmus", [])
+        # Exit server, as soon as this litmus test has finished
+        self.break_after_litmus = [
+            #                                   "locks: 15",
+        ]
+
+        self.last_request_time = '__NOT_SET__'
+
+        # We disable request content dump for moment
+        # if self._config.get('dump_requests'):
+        #     # Monkey patching
+        #     old_parseXmlBody = util.parseXmlBody
+        #     def new_parseXmlBody(environ, allowEmpty=False):
+        #         xml = old_parseXmlBody(environ, allowEmpty)
+        #         self._dump_request(environ, xml)
+        #         return xml
+        #     util.parseXmlBody = new_parseXmlBody
+
+    def __call__(self, environ, start_response):
+        """"""
+        #        srvcfg = environ["wsgidav.config"]
+        verbose = self._config.get("verbose", 2)
+        self.last_request_time = '{0}_{1}'.format(
+            datetime.utcnow().strftime('%Y-%m-%d_%H-%M-%S'),
+            int(round(time.time() * 1000)),
+        )
+
+        method = environ["REQUEST_METHOD"]
+
+        debugBreak = False
+        dumpRequest = False
+        dumpResponse = False
+
+        if verbose >= 3 or self._config.get("dump_requests"):
+            dumpRequest = dumpResponse = True
+
+        # Process URL commands
+        if "dump_storage" in environ.get("QUERY_STRING"):
+            dav = environ.get("wsgidav.provider")
+            if dav.lockManager:
+                dav.lockManager._dump()
+            if dav.propManager:
+                dav.propManager._dump()
+
+        # Turn on max. debugging for selected litmus tests
+        litmusTag = environ.get("HTTP_X_LITMUS",
+                                environ.get("HTTP_X_LITMUS_SECOND"))
+        if litmusTag and verbose >= 2:
+            print("----\nRunning litmus test '%s'..." % litmusTag,
+                  file=self.out)
+            for litmusSubstring in self.debug_litmus:
+                if litmusSubstring in litmusTag:
+                    verbose = 3
+                    debugBreak = True
+                    dumpRequest = True
+                    dumpResponse = True
+                    break
+            for litmusSubstring in self.break_after_litmus:
+                if litmusSubstring in self.passedLitmus and litmusSubstring not in litmusTag:
+                    print(" *** break after litmus %s" % litmusTag,
+                          file=self.out)
+                    sys.exit(-1)
+                if litmusSubstring in litmusTag:
+                    self.passedLitmus[litmusSubstring] = True
+
+        # Turn on max. debugging for selected request methods
+        if verbose >= 2 and method in self.debug_methods:
+            verbose = 3
+            debugBreak = True
+            dumpRequest = True
+            dumpResponse = True
+
+        # Set debug options to environment
+        environ["wsgidav.verbose"] = verbose
+        #        environ["wsgidav.debug_methods"] = self.debug_methods
+        environ["wsgidav.debug_break"] = debugBreak
+        environ["wsgidav.dump_request_body"] = dumpRequest
+        environ["wsgidav.dump_response_body"] = dumpResponse
+
+        # Dump request headers
+        if dumpRequest:
+            print("<%s> --- %s Request ---" % (
+            threading.currentThread().ident, method), file=self.out)
+            for k, v in environ.items():
+                if k == k.upper():
+                    print("%20s: '%s'" % (k, v), file=self.out)
+            print("\n", file=self.out)
+            self._dump_request(environ, xml=None)
+
+        # Intercept start_response
+        #
+        sub_app_start_response = util.SubAppStartResponse()
+
+        nbytes = 0
+        first_yield = True
+        app_iter = self._application(environ, sub_app_start_response)
+
+        for v in app_iter:
+            # Start response (the first time)
+            if first_yield:
+                # Success!
+                start_response(sub_app_start_response.status,
+                               sub_app_start_response.response_headers,
+                               sub_app_start_response.exc_info)
+
+            # Dump response headers
+            if first_yield and dumpResponse:
+                print("<%s> --- %s Response(%s): ---" % (
+                threading.currentThread().ident,
+                method,
+                sub_app_start_response.status),
+                      file=self.out)
+                headersdict = dict(sub_app_start_response.response_headers)
+                for envitem in headersdict.keys():
+                    print("%s: %s" % (envitem, repr(headersdict[envitem])),
+                          file=self.out)
+                print("", file=self.out)
+
+            # Check, if response is a binary string, otherwise we probably have
+            # calculated a wrong content-length
+            assert compat.is_bytes(v), v
+
+            # Dump response body
+            drb = environ.get("wsgidav.dump_response_body")
+            if compat.is_basestring(drb):
+                # Middleware provided a formatted body representation
+                print(drb, file=self.out)
+            elif drb is True:
+                # Else dump what we get, (except for long GET responses)
+                if method == "GET":
+                    if first_yield:
+                        print(v[:50], "...", file=self.out)
+                elif len(v) > 0:
+                    print(v, file=self.out)
+
+            if dumpResponse:
+                self._dump_response(sub_app_start_response, drb)
+
+            drb = environ["wsgidav.dump_response_body"] = None
+
+            nbytes += len(v)
+            first_yield = False
+            yield v
+        if hasattr(app_iter, "close"):
+            app_iter.close()
+
+        # Start response (if it hasn't been done yet)
+        if first_yield:
+            # Success!
+            start_response(sub_app_start_response.status,
+                           sub_app_start_response.response_headers,
+                           sub_app_start_response.exc_info)
+
+        if dumpResponse:
+            print("\n<%s> --- End of %s Response (%i bytes) ---" % (
+            threading.currentThread().ident, method, nbytes), file=self.out)
+        return
+
+    def _dump_response(self, sub_app_start_response, drb):
+        dump_to_path = self._config.get(
+            'dump_requests_path',
+            '/tmp/wsgidav_dumps',
+        )
+        os.makedirs(dump_to_path, exist_ok=True)
+        dump_file = '{0}/{1}_RESPONSE_{2}.yml'.format(
+            dump_to_path,
+            self.last_request_time,
+            sub_app_start_response.status[0:3],
+        )
+        with open(dump_file, 'w+') as f:
+            dump_content = dict()
+            headers = {}
+            for header_tuple in sub_app_start_response.response_headers:
+                headers[header_tuple[0]] = header_tuple[1]
+            dump_content['headers'] = headers
+            if isinstance(drb, str):
+                dump_content['content'] = drb.replace('PROPFIND XML response body:\n', '')
+
+            f.write(yaml.dump(dump_content, default_flow_style=False))
+
+    def _dump_request(self, environ, xml):
+        dump_to_path = self._config.get(
+            'dump_requests_path',
+            '/tmp/wsgidav_dumps',
+        )
+        os.makedirs(dump_to_path, exist_ok=True)
+        dump_file = '{0}/{1}_REQUEST_{2}.yml'.format(
+            dump_to_path,
+            self.last_request_time,
+            environ['REQUEST_METHOD'],
+        )
+        with open(dump_file, 'w+') as f:
+            dump_content = dict()
+            dump_content['path'] = environ.get('PATH_INFO', '')
+            dump_content['Authorization'] = environ.get('HTTP_AUTHORIZATION', '')
+            if xml:
+                dump_content['content'] = ElementTree.tostring(xml, 'utf-8')
+
+            f.write(yaml.dump(dump_content, default_flow_style=False))
+
+
+class TracimEnforceHTTPS(BaseMiddleware):
+
+    def __init__(self, application, config):
+        super().__init__(application, config)
+        self._application = application
+        self._config = config
+
+    def __call__(self, environ, start_response):
+        # TODO - G.M - 06-03-2018 - Check protocol from http header first
+        # see http://www.bortzmeyer.org/7239.html
+        # if this params doesn't exist, rely on tracim config
+        # from tracim.config.app_cfg import CFG
+        # cfg = CFG.get_instance()
+        #
+        # if cfg.WEBSITE_BASE_URL.startswith('https'):
+        #     environ['wsgi.url_scheme'] = 'https'
+        return self._application(environ, start_response)
+
+
+class TracimEnv(BaseMiddleware):
+
+    def __init__(self, application, config):
+        super().__init__(application, config)
+        self._application = application
+        self._config = config
+        self.settings = get_appsettings(config['tracim_config'])
+        self.engine = get_engine(self.settings)
+        self.session_factory = get_session_factory(self.engine)
+        self.app_config = CFG(self.settings)
+        self.app_config.configure_filedepot()
+
+    def __call__(self, environ, start_response):
+        with transaction.manager as tm:
+            dbsession = get_tm_session(self.session_factory, transaction.manager)
+            environ['tracim_tm'] = tm
+            environ['tracim_dbsession'] = dbsession
+            environ['tracim_cfg'] = self.app_config
+
+            return self._application(environ, start_response)
+
+
+class TracimUserSession(BaseMiddleware):
+
+    def __init__(self, application, config):
+        super().__init__(application, config)
+        self._application = application
+        self._config = config
+
+    def __call__(self, environ, start_response):
+        environ['tracim_user'] = UserApi(
+            None,
+            session=environ['tracim_dbsession'],
+            config=environ['tracim_cfg'],
+        ).get_one_by_email(environ['http_authenticator.username'])
+        return self._application(environ, start_response)

tracim/lib/webdav/model.py

+#coding: utf8
+
+from sqlalchemy import Column
+from sqlalchemy import ForeignKey
+from sqlalchemy.types import Unicode, UnicodeText, Float
+
+from wsgidav.compat import to_unicode
+
+
+class Lock(object):
+    __tablename__ = 'my_locks'
+
+    token = Column(UnicodeText, primary_key=True, unique=True, nullable=False)
+    depth = Column(Unicode(32), unique=False, nullable=False, default=to_unicode('infinity'))
+    root = Column(UnicodeText, unique=False, nullable=False)
+    type = Column(Unicode(32), unique=False, nullable=False, default=to_unicode('write'))
+    scope = Column(Unicode(32), unique=False, nullable=False, default=to_unicode('exclusive'))
+    owner = Column(UnicodeText, unique=False, nullable=False)
+    expire = Column(Float, unique=False, nullable=False)
+    principal = Column(Unicode(255), ForeignKey('my_users.display_name', ondelete="CASCADE"))
+    timeout = Column(Float, unique=False, nullable=False)
+
+
+class Url2Token(object):
+    __tablename__ = 'my_url2token'
+
+    token = Column(UnicodeText, primary_key=True, unique=True, nullable=False)
+    path = Column(UnicodeText, primary_key=True, unique=False, nullable=False)

tracim/lib/webdav/utils.py

+# -*- coding: utf-8 -*-
+
+import transaction
+from os.path import normpath as base_normpath
+from wsgidav import util
+from wsgidav import compat
+
+from tracim.lib.core.content import ContentApi
+from tracim.models.data import Workspace, Content, ContentType, \
+    ActionDescription
+from tracim.models.revision_protection import new_revision
+
+
+def transform_to_display(string: str) -> str:
+    """
+    As characters that Windows does not support may have been inserted
+    through Tracim in names, before displaying information we update path
+    so that all these forbidden characters are replaced with similar
+    shape character that are allowed so that the user isn't trouble and
+    isn't limited in his naming choice
+    """
+    _TO_DISPLAY = {
+        '/': '⧸',
+        '\\': '⧹',
+        ':': '∶',
+        '*': '∗',
+        '?': 'ʔ',
+        '"': 'ʺ',
+        '<': '❮',
+        '>': '❯',
+        '|': '∣'
+    }
+
+    for key, value in _TO_DISPLAY.items():
+        string = string.replace(key, value)
+
+    return string
+
+
+def transform_to_bdd(string: str) -> str:
+    """
+    Called before sending request to the database to recover the right names
+    """
+    _TO_BDD = {
+        '⧸': '/',
+        '⧹': '\\',
+        '∶': ':',
+        '∗': '*',
+        'ʔ': '?',
+        'ʺ': '"',
+        '❮': '<',
+        '❯': '>',
+        '∣': '|'
+    }
+
+    for key, value in _TO_BDD.items():
+        string = string.replace(key, value)
+
+    return string
+
+
+def normpath(path):
+    if path == b'':
+        path = b'/'
+    elif path == '':
+        path = '/'
+    return base_normpath(path)
+
+
+class HistoryType(object):
+    Deleted = 'deleted'
+    Archived = 'archived'
+    Standard = 'standard'
+    All = 'all'
+
+
+class SpecialFolderExtension(object):
+    Deleted = '/.deleted'
+    Archived = '/.archived'
+    History = '/.history'
+
+
+class FakeFileStream(object):
+    """
+    Fake a FileStream that we're giving to wsgidav to receive data and create files / new revisions
+
+    There's two scenarios :
+    - when a new file is created, wsgidav will call the method createEmptyResource and except to get a _DAVResource
+    which should have both 'beginWrite' and 'endWrite' method implemented
+    - when a file which already exists is updated, he's going to call the 'beginWrite' function of the _DAVResource
+    to get a filestream and write content in it
+
+    In the first case scenario, the transfer takes two part : it first create the resource (createEmptyResource)
+    then add its content (beginWrite, write, close..). If we went without this class, we would create two revision
+    of the file upon creating a new file, which is not what we want.
+    """
+
+    def __init__(
+            self,
+            content_api: ContentApi,
+            workspace: Workspace,
+            path: str,
+            file_name: str='',
+            content: Content=None,
+            parent: Content=None
+    ):
+        """
+
+        :param content_api:
+        :param workspace:
+        :param path:
+        :param file_name:
+        :param content:
+        :param parent:
+        """
+        self._file_stream = compat.BytesIO()
+
+        self._file_name = file_name if file_name != '' else self._content.file_name
+        self._content = content
+        self._api = content_api
+        self._workspace = workspace
+        self._parent = parent
+        self._path = path
+
+    def getRefUrl(self) -> str:
+        """
+        As wsgidav expect to receive a _DAVResource upon creating a new resource, this method's result is used
+        by Windows client to establish both file's path and file's name
+        """
+        return self._path
+
+    def beginWrite(self, contentType) -> 'FakeFileStream':
+        """
+        Called by wsgidav, it expect a filestream which possess both 'write' and 'close' operation to write
+        the file content.
+        """
+        return self
+
+    def endWrite(self, withErrors: bool):
+        """
+        Called by request_server when finished writing everything.
+        As we call operation to create new content or revision in the close operation, called before endWrite, there
+        is nothing to do here.
+        """
+        pass
+
+    def write(self, s: str):
+        """
+        Called by request_server when writing content to files, we put it inside a filestream
+        """
+        self._file_stream.write(s)
+
+    def close(self):
+        """
+        Called by request_server when the file content has been written. We either add a new content or create
+        a new revision
+        """
+
+        self._file_stream.seek(0)
+
+        if self._content is None:
+            self.create_file()
+        else:
+            self.update_file()
+
+        transaction.commit()
+
+    def create_file(self):
+        """
+        Called when this is a new file; will create a new Content initialized with the correct content
+        """
+
+        is_temporary = self._file_name.startswith('.~') or self._file_name.startswith('~')
+
+        file = self._api.create(
+            content_type=ContentType.File,
+            workspace=self._workspace,
+            parent=self._parent,
+            is_temporary=is_temporary
+        )
+
+        self._api.update_file_data(
+            file,
+            self._file_name,
+            util.guessMimeType(self._file_name),
+            self._file_stream.read()
+        )
+
+        self._api.save(file, ActionDescription.CREATION)
+
+    def update_file(self):
+        """
+        Called when we're updating an existing content; we create a new revision and update the file content
+        """
+
+        with new_revision(self._content):
+            self._api.update_file_data(
+                self._content,
+                self._file_name,
+                util.guessMimeType(self._content.file_name),
+                self._file_stream.read()
+            )
+
+            self._api.save(self._content, ActionDescription.REVISION)