def expose_path(group):
form_keys = ["path", "size", "hash", "hash_function", "modified", "signature"]
for key in form_keys:
if key not in request.form:
raise ValueError("Missing form value %s" % key)
path = request.form["path"]
signature = request.form["signature"]
# Don't include signature
d = {k: request.form[k] for k in form_keys[:-1]}
if not security.check_json_sig(d, app.config["BASEJUMP_KEY"], signature):
raise ValueError("Invalid signature provided.")
key = security.sign_path(path, app.config["SECRET_KEY"])
meta = request.form
with db_session() as s:
f = s.query(File).filter(File.key == key).all()
if f:
raise ValueError("This path is already exposed.")
last_modified = datetime.fromtimestamp(int(meta["modified"]))
f = File(path=path, group=group, key=key, size=meta["size"], checksum=meta["hash"], checksumType=meta["hash_function"], modified=last_modified)
s.add(f)
s.commit()
url_path = f.queue_url()
url = request.url_root + url_path
return jsonify({"queue_url": url})
