def setup_viewer(request, file_obj):
data = {
'file': file_obj,
'version': file_obj.version,
'addon': file_obj.version.addon,
'status': False,
'selected': {},
'validate_url': ''
}
if (acl.check_addons_reviewer(request) or acl.check_addon_ownership(
request, file_obj.version.addon, viewer=True,
ignore_disabled=True)):
addon = file_obj.version.addon
data['validate_url'] = reverse('devhub.json_file_validation',
args=[addon.slug, file_obj.id])
data['automated_signing'] = file_obj.automated_signing
if file_obj.has_been_validated:
data['validation_data'] = file_obj.validation.processed_validation
if acl.check_addons_reviewer(request):
data['file_link'] = {
'text': ugettext('Back to review'),
'url': reverse('reviewers.review', args=[data['addon'].slug])
}
else:
data['file_link'] = {
'text': ugettext('Back to add-on'),
'url': reverse('addons.detail', args=[data['addon'].pk])
}
return data
def setup_viewer(request, file_obj):
data = {'file': file_obj,
'version': file_obj.version,
'addon': file_obj.version.addon,
'status': False,
'selected': {},
'validate_url': ''}
if (acl.check_addons_reviewer(request) or
acl.check_addon_ownership(request, file_obj.version.addon,
viewer=True, ignore_disabled=True)):
addon = file_obj.version.addon
data['validate_url'] = reverse('devhub.json_file_validation',
args=[addon.slug, file_obj.id])
if acl.check_addons_reviewer(request):
data['annotate_url'] = reverse('devhub.annotate_file_validation',
args=[addon.slug, file_obj.id])
data['automated_signing'] = file_obj.automated_signing
if file_obj.has_been_validated:
data['validation_data'] = file_obj.validation.processed_validation
if acl.check_addons_reviewer(request):
data['file_link'] = {'text': _('Back to review'),
'url': reverse('editors.review',
args=[data['addon'].slug])}
else:
data['file_link'] = {'text': _('Back to add-on'),
'url': reverse('addons.detail',
args=[data['addon'].pk])}
return data
def download_file(request, file_id, type=None, file_=None, addon=None):
if not file_:
file_ = get_object_or_404(File.objects, pk=file_id)
if not addon:
addon = get_object_or_404(Addon.with_unlisted,
pk=file_.version.addon_id)
if addon.is_disabled or file_.status == amo.STATUS_DISABLED:
if (acl.check_addon_ownership(
request, addon, viewer=True, ignore_disabled=True)
or acl.check_addons_reviewer(request)):
return HttpResponseSendFile(request,
file_.guarded_file_path,
content_type='application/x-xpinstall')
log.info(u'download file {file_id}: addon/file disabled or user '
u'{user_id} is not an owner'.format(file_id=file_id,
user_id=request.user.pk))
raise http.Http404()
if not (addon.is_listed or owner_or_unlisted_reviewer(request, addon)):
log.info(u'download file {file_id}: addon is unlisted but user '
u'{user_id} is not an owner'.format(file_id=file_id,
user_id=request.user.pk))
raise http.Http404 # Not listed, not owner or admin.
attachment = (type == 'attachment' or not request.APP.browser)
loc = urlparams(file_.get_mirror(addon, attachment=attachment),
filehash=file_.hash)
response = http.HttpResponseRedirect(loc)
response['X-Target-Digest'] = file_.hash
return response
def download_file(request, file_id, type=None, file_=None, addon=None):
if not file_:
file_ = get_object_or_404(File.objects, pk=file_id)
if not addon:
addon = get_object_or_404(Addon.with_unlisted,
pk=file_.version.addon_id)
if addon.is_disabled or file_.status == amo.STATUS_DISABLED:
if (acl.check_addon_ownership(request, addon, viewer=True,
ignore_disabled=True) or
acl.check_addons_reviewer(request)):
return HttpResponseSendFile(request, file_.guarded_file_path,
content_type='application/x-xpinstall')
log.info(u'download file {file_id}: addon/file disabled or user '
u'{user_id} is not an owner'.format(file_id=file_id,
user_id=request.user.pk))
raise http.Http404()
if not (addon.is_listed or owner_or_unlisted_reviewer(request, addon)):
log.info(u'download file {file_id}: addon is unlisted but user '
u'{user_id} is not an owner'.format(file_id=file_id,
user_id=request.user.pk))
raise http.Http404 # Not listed, not owner or admin.
attachment = (type == 'attachment' or not request.APP.browser)
loc = urlparams(file_.get_mirror(addon, attachment=attachment),
filehash=file_.hash)
response = http.HttpResponseRedirect(loc)
response['X-Target-Digest'] = file_.hash
return response
def allowed(request, file):
try:
addon = file.version.addon
except ObjectDoesNotExist:
raise http.Http404
# General case: addon is listed.
if addon.is_listed:
if ((addon.view_source and addon.status in amo.REVIEWED_STATUSES) or
acl.check_addons_reviewer(request) or
acl.check_addon_ownership(request, addon, viewer=True,
dev=True)):
return True # Public and sources are visible, or reviewer.
raise PermissionDenied # Listed but not allowed.
# Not listed? Needs an owner or an "unlisted" admin.
else:
if owner_or_unlisted_reviewer(request, addon):
return True
raise http.Http404 # Not listed, not owner or admin.
def allowed(request, file):
try:
addon = file.version.addon
except ObjectDoesNotExist:
raise http.Http404
# General case: addon is listed.
if addon.is_listed:
if ((addon.view_source and addon.status in amo.REVIEWED_STATUSES)
or acl.check_addons_reviewer(request)
or acl.check_addon_ownership(
request, addon, viewer=True, dev=True)):
return True # Public and sources are visible, or reviewer.
raise PermissionDenied # Listed but not allowed.
# Not listed? Needs an owner or an "unlisted" admin.
else:
if owner_or_unlisted_reviewer(request, addon):
return True
raise http.Http404 # Not listed, not owner or admin.
def allowed(request, file):
try:
version = file.version
addon = version.addon
except ObjectDoesNotExist:
raise http.Http404
# General case: addon is listed.
if version.channel == amo.RELEASE_CHANNEL_LISTED:
# We don't show the file-browser publicly because of potential DOS
# issues, we're working on a fix but for now, let's not do this.
# (cgrebs, 06042017)
is_owner = acl.check_addon_ownership(request, addon, dev=True)
if (acl.check_addons_reviewer(request) or is_owner):
return True # Public and sources are visible, or reviewer.
raise PermissionDenied # Listed but not allowed.
# Not listed? Needs an owner or an "unlisted" admin.
else:
if owner_or_unlisted_reviewer(request, addon):
return True
raise http.Http404 # Not listed, not owner or admin.
def reviewlog(request):
data = request.GET.copy()
if not data.get('start') and not data.get('end'):
today = date.today()
data['start'] = date(today.year, today.month, 1)
form = ReviewLogForm(data)
approvals = ActivityLog.objects.review_log()
if not acl.check_unlisted_addons_reviewer(request):
# Only display logs related to unlisted versions to users with the
# right permission.
list_channel = amo.RELEASE_CHANNEL_LISTED
approvals = approvals.filter(versionlog__version__channel=list_channel)
if not acl.check_addons_reviewer(request):
approvals = approvals.exclude(
versionlog__version__addon__type__in=amo.GROUP_TYPE_ADDON)
if not acl.check_static_theme_reviewer(request):
approvals = approvals.exclude(
versionlog__version__addon__type=amo.ADDON_STATICTHEME)
if form.is_valid():
data = form.cleaned_data
if data['start']:
approvals = approvals.filter(created__gte=data['start'])
if data['end']:
approvals = approvals.filter(created__lt=data['end'])
if data['search']:
term = data['search']
approvals = approvals.filter(
Q(commentlog__comments__icontains=term) |
Q(addonlog__addon__name__localized_string__icontains=term) |
Q(user__display_name__icontains=term) |
Q(user__username__icontains=term)).distinct()
pager = amo.utils.paginate(request, approvals, 50)
data = context(request, form=form, pager=pager)
return render(request, 'reviewers/reviewlog.html', data)
def reviewlog(request):
data = request.GET.copy()
if not data.get('start') and not data.get('end'):
today = date.today()
data['start'] = date(today.year, today.month, 1)
form = ReviewLogForm(data)
approvals = ActivityLog.objects.review_log()
if not acl.check_unlisted_addons_reviewer(request):
# Only display logs related to unlisted versions to users with the
# right permission.
list_channel = amo.RELEASE_CHANNEL_LISTED
approvals = approvals.filter(versionlog__version__channel=list_channel)
if not acl.check_addons_reviewer(request):
approvals = approvals.exclude(
versionlog__version__addon__type__in=amo.GROUP_TYPE_ADDON)
if not acl.check_static_theme_reviewer(request):
approvals = approvals.exclude(
versionlog__version__addon__type=amo.ADDON_STATICTHEME)
if form.is_valid():
data = form.cleaned_data
if data['start']:
approvals = approvals.filter(created__gte=data['start'])
if data['end']:
approvals = approvals.filter(created__lt=data['end'])
if data['search']:
term = data['search']
approvals = approvals.filter(
Q(commentlog__comments__icontains=term) |
Q(addonlog__addon__name__localized_string__icontains=term) |
Q(user__display_name__icontains=term) |
Q(user__username__icontains=term)).distinct()
pager = amo.utils.paginate(request, approvals, 50)
data = context(request, form=form, pager=pager)
return render(request, 'reviewers/reviewlog.html', data)
def allowed(request, file):
try:
version = file.version
addon = version.addon
except ObjectDoesNotExist:
raise http.Http404
# General case: addon is listed.
if version.channel == amo.RELEASE_CHANNEL_LISTED:
# We don't show the file-browser publicly because of potential DOS
# issues, we're working on a fix but for now, let's not do this.
# (cgrebs, 06042017)
is_owner = acl.check_addon_ownership(
request, addon, viewer=True, dev=True)
if (acl.check_addons_reviewer(request) or is_owner):
return True # Public and sources are visible, or reviewer.
raise PermissionDenied # Listed but not allowed.
# Not listed? Needs an owner or an "unlisted" admin.
else:
if owner_or_unlisted_reviewer(request, addon):
return True
raise http.Http404 # Not listed, not owner or admin.
def has_permission(self, request, view):
return ((request.method in SAFE_METHODS
and acl.action_allowed(request, 'ReviewerTools', 'View'))
or acl.check_addons_reviewer(request))
def has_permission(self, request, view):
return ((request.method in SAFE_METHODS and
acl.action_allowed(request, 'ReviewerTools', 'View')) or
acl.check_addons_reviewer(request))
def wrapper(request, *args, **kw):
if _view_on_get(request) or acl.check_addons_reviewer(request):
return f(request, *args, **kw)
raise PermissionDenied
def is_reviewer(channel):
return (acl.check_addons_reviewer(request)
if channel == amo.RELEASE_CHANNEL_LISTED
else acl.check_unlisted_addons_reviewer(request))
def global_settings(request):
"""
Storing standard AMO-wide information used in global headers, such as
account links and settings.
"""
account_links = []
tools_links = []
context = {}
tools_title = ugettext('Tools')
is_reviewer = False
if request.user.is_authenticated():
user = request.user
profile = request.user
is_reviewer = (acl.check_addons_reviewer(request)
or acl.check_personas_reviewer(request))
account_links.append({
'text': ugettext('My Profile'),
'href': profile.get_url_path()
})
if user.is_artist:
account_links.append({
'text': ugettext('My Themes'),
'href': profile.get_themes_url_path()
})
account_links.append({
'text': ugettext('Account Settings'),
'href': reverse('users.edit')
})
account_links.append({
'text':
ugettext('My Collections'),
'href':
reverse('collections.user', args=[user.username])
})
if user.favorite_addons:
account_links.append({
'text':
ugettext('My Favorites'),
'href':
reverse('collections.detail',
args=[user.username, 'favorites'])
})
account_links.append({
'text':
ugettext('Log out'),
'href':
reverse('users.logout') + '?to=' + urlquote(request.path),
})
if request.user.is_developer:
tools_links.append({
'text': ugettext('Manage My Submissions'),
'href': reverse('devhub.addons')
})
links = [
{
'text': ugettext('Submit a New Add-on'),
'href': reverse('devhub.submit.agreement')
},
{
'text': ugettext('Submit a New Theme'),
'href': reverse('devhub.themes.submit')
},
{
'text': ugettext('Developer Hub'),
'href': reverse('devhub.index')
},
]
links.append({
'text': ugettext('Manage API Keys'),
'href': reverse('devhub.api_key')
})
tools_links += links
if is_reviewer:
tools_links.append({
'text': ugettext('Reviewer Tools'),
'href': reverse('reviewers.dashboard')
})
if (acl.action_allowed(request, amo.permissions.ADMIN) or
acl.action_allowed(request, amo.permissions.ADMIN_TOOLS_VIEW)):
tools_links.append({
'text': ugettext('Admin Tools'),
'href': reverse('zadmin.index')
})
context['user'] = request.user
else:
context['user'] = AnonymousUser()
context.update({
'account_links': account_links,
'settings': settings,
'amo': amo,
'tools_links': tools_links,
'tools_title': tools_title,
'ADMIN_MESSAGE': get_config('site_notice'),
'is_reviewer': is_reviewer
})
return context
def global_settings(request):
"""
Storing standard AMO-wide information used in global headers, such as
account links and settings.
"""
account_links = []
tools_links = []
context = {}
tools_title = _('Tools')
is_reviewer = False
if request.user.is_authenticated():
user = request.user
profile = request.user
is_reviewer = (acl.check_addons_reviewer(request) or
acl.check_personas_reviewer(request))
account_links.append({'text': _('My Profile'),
'href': profile.get_url_path()})
if user.is_artist:
account_links.append({'text': _('My Themes'),
'href': profile.get_user_url('themes')})
account_links.append({'text': _('Account Settings'),
'href': reverse('users.edit')})
account_links.append({
'text': _('My Collections'),
'href': reverse('collections.user', args=[user.username])})
if user.favorite_addons:
account_links.append(
{'text': _('My Favorites'),
'href': reverse('collections.detail',
args=[user.username, 'favorites'])})
account_links.append({
'text': _('Log out'),
'href': reverse('users.logout') + '?to=' + urlquote(request.path),
})
if request.user.is_developer:
tools_links.append({'text': _('Manage My Submissions'),
'href': reverse('devhub.addons')})
links = [
{'text': _('Submit a New Add-on'),
'href': reverse('devhub.submit.1')},
{'text': _('Submit a New Theme'),
'href': reverse('devhub.themes.submit')},
{'text': _('Developer Hub'),
'href': reverse('devhub.index')},
]
if waffle.switch_is_active('signing-api'):
links.append({'text': _('Manage API Keys'),
'href': reverse('devhub.api_key')})
tools_links += links
if is_reviewer:
tools_links.append({'text': _('Editor Tools'),
'href': reverse('editors.home')})
if (acl.action_allowed(request, 'Admin', '%') or
acl.action_allowed(request, 'AdminTools', 'View')):
tools_links.append({'text': _('Admin Tools'),
'href': reverse('zadmin.home')})
context['user'] = request.user
else:
context['user'] = AnonymousUser()
context.update({'account_links': account_links,
'settings': settings, 'amo': amo,
'tools_links': tools_links,
'tools_title': tools_title,
'ADMIN_MESSAGE': get_config('site_notice'),
'is_reviewer': is_reviewer})
return context
def has_permission(self, request, view):
return ((request.method in SAFE_METHODS and acl.action_allowed(
request, amo.permissions.REVIEWER_TOOLS_VIEW))
or acl.check_addons_reviewer(request))
def is_reviewer(channel):
return (acl.check_addons_reviewer(request)
if channel == amo.RELEASE_CHANNEL_LISTED else
acl.check_unlisted_addons_reviewer(request))
