def download():
"""Downloads an artifact by it's content hash."""
# Allow users with access to the build to download the file. Falls back
# to API keys with access to the build. Prefer user first for speed.
try:
build = auth.can_user_access_build('build_id')
except HTTPException:
logging.debug('User access to artifact failed. Trying API key.')
_, build = auth.can_api_key_access_build('build_id')
sha1sum = request.args.get('sha1sum', type=str)
if not sha1sum:
logging.debug('Artifact sha1sum=%r not supplied', sha1sum)
abort(404)
artifact = models.Artifact.query.get(sha1sum)
if not artifact:
logging.debug('Artifact sha1sum=%r does not exist', sha1sum)
abort(404)
build_id = request.args.get('build_id', type=int)
if not build_id:
logging.debug('build_id missing for artifact sha1sum=%r', sha1sum)
abort(404)
is_owned = artifact.owners.filter_by(id=build_id).first()
if not is_owned:
logging.debug('build_id=%r not owner of artifact sha1sum=%r', build_id,
sha1sum)
abort(403)
# Make sure there are no Set-Cookie headers on the response so this
# request is cachable by all HTTP frontends.
@utils.after_this_request
def no_session(response):
if 'Set-Cookie' in response.headers:
del response.headers['Set-Cookie']
if not utils.is_production():
# Insert a sleep to emulate how the page loading looks in production.
time.sleep(1.5)
if request.if_none_match and request.if_none_match.contains(sha1sum):
response = flask.Response(status=304)
return response
return _get_artifact_response(artifact)
def download():
"""Downloads an artifact by it's content hash."""
# Allow users with access to the build to download the file. Falls back
# to API keys with access to the build. Prefer user first for speed.
try:
build = auth.can_user_access_build('build_id')
except HTTPException:
logging.debug('User access to artifact failed. Trying API key.')
_, build = auth.can_api_key_access_build('build_id')
sha1sum = request.args.get('sha1sum', type=str)
if not sha1sum:
logging.debug('Artifact sha1sum=%r not supplied', sha1sum)
abort(404)
artifact = models.Artifact.query.get(sha1sum)
if not artifact:
logging.debug('Artifact sha1sum=%r does not exist', sha1sum)
abort(404)
build_id = request.args.get('build_id', type=int)
if not build_id:
logging.debug('build_id missing for artifact sha1sum=%r', sha1sum)
abort(404)
is_owned = artifact.owners.filter_by(id=build_id).first()
if not is_owned:
logging.debug('build_id=%r not owner of artifact sha1sum=%r',
build_id, sha1sum)
abort(403)
# Make sure there are no Set-Cookie headers on the response so this
# request is cachable by all HTTP frontends.
@utils.after_this_request
def no_session(response):
if 'Set-Cookie' in response.headers:
del response.headers['Set-Cookie']
if not utils.is_production():
# Insert a sleep to emulate how the page loading looks in production.
time.sleep(1.5)
if request.if_none_match and request.if_none_match.contains(sha1sum):
response = flask.Response(status=304)
return response
return _get_artifact_response(artifact)