def wrapper(request, file_id, key, *args, **kw): viewer = FileViewer(get_object_or_404(File, pk=file_id)) token = request.GET.get('token') if not token: log.error('Denying access to %s, no token.' % viewer.file.id) raise PermissionDenied if not Token.valid(token, [viewer.file.id, key]): log.error('Denying access to %s, token invalid.' % viewer.file.id) raise PermissionDenied return func(request, viewer, key, *args, **kw)
def wrapper(request, file_id, key, *args, **kw): viewer = FileViewer(get_object_or_404(File, pk=file_id)) token = request.GET.get('token') if not token: log.error('Denying access to %s, no token.' % viewer.file.id) return http.HttpResponseForbidden() if not Token.valid(token, [viewer.file.id, key]): log.error('Denying access to %s, token invalid.' % viewer.file.id) return http.HttpResponseForbidden() return func(request, viewer, key, *args, **kw)
def wrapper(request, file_id, key, *args, **kw): viewer = FileViewer(get_object_or_404(File, pk=file_id), is_webapp=kwargs.get("is_webapp", False)) token = request.GET.get("token") if not token: log.error("Denying access to %s, no token." % viewer.file.id) raise PermissionDenied if not Token.valid(token, [viewer.file.id, key]): log.error("Denying access to %s, token invalid." % viewer.file.id) raise PermissionDenied return func(request, viewer, key, *args, **kw)
def test_token_no_ip_invalid(self): new = Token() assert not Token.valid(new.token, '255.255.255.0')
def test_token_ip(self): new = Token(data='127.0.0.1') new.save() assert Token.valid(new.token, '127.0.0.1')
def test_token_valid(self): new = Token() new.save() assert Token.valid(new.token)
def test_token_no_ip_invalid(self): new = Token() assert not Token.valid(new.token, "255.255.255.0")
def test_token_ip(self): new = Token(data="127.0.0.1") new.save() assert Token.valid(new.token, "127.0.0.1")