Ejemplo n.º 1
0
 def test_rate_limit(self):
     # Return rate limit, if user is staff always return False
     self.assertFalse(
         util.has_rate_limit(self.suser, self.doc3, self.file_type.slug))
     self.assertFalse(
         util.has_rate_limit(self.ruser, self.doc1, self.file_type.slug))
     self.assertTrue(
         util.has_rate_limit(self.ruser, self.doc2, self.file_type.slug))
     self.assertFalse(
         util.has_rate_limit(self.suser, self.doc2, self.file_type.slug))
Ejemplo n.º 2
0
def download_external(request, uuid, ftype):
    # Test authentication. We support a rest-framework token
    # or a logged-in user
    user = request.user
    try:
        t = auther.authenticate(request)
        if t:
            user = t[0]
    except exceptions.AuthenticationFailed:
        pass

    try:
        doc = models.Document.objects.get(external_identifier=uuid)
    except models.Document.DoesNotExist:
        return HttpResponseNotFound("Cannot find a document with id %s" % uuid)

    # if ftype is a sourcetype and it has streamable set, and
    # referrer is dunya, then has_access is true (but we rate-limit)
    referrer = request.META.get("HTTP_REFERER")
    good_referrer = False
    if referrer:
        if "dunya.compmusic.upf.edu" in referrer or "dunya.upf.edu" in referrer:
            good_referrer = True

    has_access = util.user_has_access(user, doc, ftype, good_referrer)
    if not has_access:
        return HttpResponse("Not logged in", status=401)

    try:
        version = request.GET.get("v")
        subtype = request.GET.get("subtype")
        part = request.GET.get("part")

        # This could be a SourceFile, or DerivedFile
        result = doc.get_file(ftype, subtype, part, version)
        if isinstance(result, models.SourceFile):
            fname = result.fullpath
        else:
            if part is None:
                part = 1
            fname = result.full_path_for_part(part)

        mimetype = result.mimetype
        ratelimit = "off"
        if util.has_rate_limit(user, doc, ftype):
            # 200k
            ratelimit = 200 * 1024

        # TODO: We should ratelimit mp3 requests, but not any others,
        # so we need a different path for nginx for these ones
        response = sendfile(request, fname, mimetype=mimetype)
        response['X-Accel-Limit-Rate'] = ratelimit

        return response
    except docserver.exceptions.TooManyFilesException as e:
        return HttpResponseBadRequest(e)
    except docserver.exceptions.NoFileException as e:
        return HttpResponseNotFound(e)
Ejemplo n.º 3
0
def download_external(request, uuid, ftype):
    # Test authentication. We support a rest-framework token
    # or a logged-in user
    user = request.user
    try:
        t = auther.authenticate(request)
        if t:
            user = t[0]
    except exceptions.AuthenticationFailed:
        pass

    try:
        doc = models.Document.objects.get(external_identifier=uuid)
    except models.Document.DoesNotExist:
        return HttpResponseNotFound("Cannot find a document with id %s" % uuid)

    # if ftype is a sourcetype and it has streamable set, and
    # referrer is dunya, then has_access is true (but we rate-limit)
    referrer = request.META.get("HTTP_REFERER")
    good_referrer = False
    if referrer and "dunya.compmusic.upf.edu" in referrer:
        good_referrer = True

    has_access = util.user_has_access(user, doc, ftype, good_referrer)
    if not has_access:
        return HttpResponse("Not logged in", status=401)

    try:
        version = request.GET.get("v")
        subtype = request.GET.get("subtype")
        part = request.GET.get("part")

        # This could be a SourceFile, or DerivedFile
        result = doc.get_file(ftype, subtype, part, version)
        if isinstance(result, models.SourceFile):
            fname = result.fullpath
        else:
            if part is None:
                part = 1
            fname = result.full_path_for_part(part)

        mimetype = result.mimetype
        ratelimit = "off"
        if util.has_rate_limit(user, doc, ftype):
            # 200k
            ratelimit = 200 * 1024

        # TODO: We should ratelimit mp3 requests, but not any others,
        # so we need a different path for nginx for these ones
        response = sendfile(request, fname, mimetype=mimetype)
        response['X-Accel-Limit-Rate'] = ratelimit

        return response
    except docserver.exceptions.TooManyFilesException as e:
        return HttpResponseBadRequest(e)
    except docserver.exceptions.NoFileException as e:
        return HttpResponseNotFound(e)
Ejemplo n.º 4
0
 def test_rate_limit(self):
     # Return rate limit, if user is staff always return False
     self.assertFalse(util.has_rate_limit(self.suser, self.doc3, self.file_type.slug))
     self.assertFalse(util.has_rate_limit(self.ruser, self.doc1, self.file_type.slug))
     self.assertTrue(util.has_rate_limit(self.ruser, self.doc2, self.file_type.slug))
     self.assertFalse(util.has_rate_limit(self.suser, self.doc2, self.file_type.slug))