Limit api endpoint /plain to access private data

setup.py

@@ -47,7 +47,7 @@
 # https://packaging.python.org/en/latest/guides/distributing-packages-using-setuptools/
 setup(
     name=package,
-    version="0.1.30",
+    version="0.1.33",
     python_requires=">=3.8, <3.13",
     description=f"UniqueBible App is a cross-platform & offline bible application, integrated with high-quality resources and unique features. Developers: Eliran Wong and Oliver Tseng",
     long_description=long_description,

uniquebible/__init__.py

@@ -7,14 +7,12 @@
 
 # go to resource directory
 thisFile = os.path.realpath(__file__)
-config.packageDir = wd = os.path.dirname(thisFile)
-if os.getcwd() != wd:
-    os.chdir(wd)
+config.packageDir = os.path.dirname(thisFile)
 
 ubahome = os.path.expanduser(os.path.join("~", "UniqueBible"))
 
 # restor previous backup
-configFile = os.path.join(wd, "config.py")
+configFile = os.path.join(config.packageDir, "config.py")
 backupFile = os.path.join(ubahome, "config.py")
 if os.path.isfile(backupFile) and not hasattr(config, "mainText"):
     print(f"Configuration backup found: {backupFile}")
@@ -35,15 +33,18 @@
             pass
         print("Failed to restore previous configurations!")
 
+# set up folders for storing user content in ~/UniqueBible
 if not os.path.isdir(ubahome):
     Path(ubahome).mkdir(parents=True, exist_ok=True)
 for i in ("audio", "htmlResources", "import", "macros", "marvelData", "music", "notes", "temp", "terminal_history", "terminal_mode", "thirdParty", "video", "webstorage", "workspace"):
+    sourceFolder = os.path.join(config.packageDir, i)
     targetFolder = os.path.join(ubahome, i)
     if not os.path.isdir(targetFolder):
-        copytree(i, targetFolder, dirs_exist_ok=True)
+        print(f"Setting up user directory '{i}' ...")
+        copytree(sourceFolder, targetFolder, dirs_exist_ok=True)
     #copytree(i, os.path.join(ubahome, i), dirs_exist_ok=True)
 
-# images
+# set up map images
 import uniquebible.htmlResources.images.exlbl
 import uniquebible.htmlResources.images.exlbl_large
 import uniquebible.htmlResources.images.exlbl_largeHD_1
@@ -53,7 +54,7 @@
 # Add folders below for all new folders created after version 0.1.17
 # ...
 
-# change directory
+# change directory to user directory
 if os.getcwd() != ubahome:
     os.chdir(ubahome)
 

uniquebible/htmlResources/images/exlbl/__init__.py

@@ -14,4 +14,5 @@
 #for i in ("exlbl", "exlbl_large", "exlbl_largeHD"):
 destFolder = os.path.join(imageFolder, "exlbl")
 if not os.path.isdir(destFolder):
+    print("Setting up map images ...")
     copytree(thisFolder, destFolder, dirs_exist_ok=True)

uniquebible/latest_changes.txt

@@ -1,6 +1,10 @@
 PIP package:
 
-0.1.28
+0.1.32-0.1.33
+
+* Limit api endpoint `/plain` to access private data, only when `private=xxxxxxx` where xxxxxxx matches config.webPrivateHomePage
+
+0.1.28-0.1.31
 
 * install uniquebible map images via a sparate packages
 

uniquebible/startup/nonGui.py

@@ -72,7 +72,7 @@ def runTerminalModeCommandWrapper(command):
 
 def closingTerminalMode():
     config.mainWindow.removeAudioPlayingFile()
-    if config.terminalUseMarvelDataPrivate:
+    if hasattr(config, "defaultMarvelData"):
         config.marvelData = config.defaultMarvelData
     if config.saveConfigOnExit:
         ConfigUtil.save()

uniquebible/util/ConfigUtil.py

@@ -59,7 +59,7 @@ def setup(noQt=None, cli=None, enableCli=None, enableApiServer=None, enableHttpS
 
         # check current directory
         ubaUserDir = os.path.join(os.path.expanduser("~"), "UniqueBible")
-        config.ubaUserDir = ubaUserDir if os.path.isdir(ubaUserDir) else os.getcwd()
+        config.ubaUserDir = ubaUserDir if os.path.isdir(ubaUserDir) else os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
 
         # check running mode
         config.runMode = sys.argv[1] if len(sys.argv) > 1 else ""

uniquebible/util/LocalCliHandler.py

@@ -56,8 +56,8 @@
 
 class LocalCliHandler:
 
-    def __init__(self, command="John 3:16"):
-        if config.terminalUseMarvelDataPrivate:
+    def __init__(self, command="John 3:16", allowPrivateData=True):
+        if config.terminalUseMarvelDataPrivate and allowPrivateData:
             config.defaultMarvelData = config.marvelData
             config.marvelData = config.marvelDataPrivate
         try:

uniquebible/util/RemoteHttpHandler.py

@@ -338,12 +338,24 @@ def do_GET(self):
             elif self.path.startswith("/plain"):
                 query_components = parse_qs(urlparse(self.path).query)
                 cmd = query_components.get("cmd", [])
+                private = query_components.get("private", [])
                 if cmd:
+                    # tweak configs
+                    if private and private[0] == config.webPrivateHomePage:
+                        marvelData = config.marvelData
+                        config.marvelData = config.marvelDataPrivate
+                        allowPrivateData = True
+                    else:
+                        allowPrivateData = False
                     addFavouriteToMultiRef = config.addFavouriteToMultiRef
                     config.addFavouriteToMultiRef = False
+                    # output
                     self.commonHeader()
-                    plainOutput = LocalCliHandler().getContent(cmd[0], False).strip()
+                    plainOutput = LocalCliHandler(allowPrivateData=allowPrivateData).getContent(cmd[0], False).strip()
                     self.wfile.write(bytes(plainOutput, "utf8"))
+                    # restore user config
+                    if allowPrivateData:
+                        config.marvelData = marvelData
                     config.addFavouriteToMultiRef = addFavouriteToMultiRef
                 else:
                     self.blankPage()