Example #1
0
    def guest_download_check(self,
                             context,
                             request: TracimRequest,
                             hapic_data=None) -> None:
        """
        Check if share token is correct and password given valid
        """
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = ShareLib(current_user=None,
                       session=request.dbsession,
                       config=app_config)
        content_share = api.get_content_share_by_token(
            share_token=hapic_data.path.share_token)  # type: ContentShare

        # TODO - G.M - 2019-08-01 - verify in access to content share can be granted
        # we should considered do these check at decorator level
        api.check_password(content_share, password=hapic_data.body.password)
        content = ContentApi(current_user=None,
                             session=request.dbsession,
                             config=app_config).get_one(
                                 content_share.content_id,
                                 content_type=content_type_list.Any_SLUG)
        workspace_api = WorkspaceApi(current_user=None,
                                     session=request.dbsession,
                                     config=app_config)
        workspace = workspace_api.get_one(content.workspace_id)
        workspace_api.check_public_download_enabled(workspace)
        if content.type not in shareables_content_type:
            raise ContentTypeNotAllowed()
Example #2
0
    def guest_download_file(self,
                            context,
                            request: TracimRequest,
                            hapic_data=None) -> HapicFile:
        app_config = request.registry.settings["CFG"]  # type: CFG
        api = ShareLib(current_user=None,
                       session=request.dbsession,
                       config=app_config)
        content_share = api.get_content_share_by_token(
            share_token=hapic_data.path.share_token)  # type: ContentShare

        # TODO - G.M - 2019-08-01 - verify in access to content share can be granted
        # we should considered do these check at decorator level
        if hapic_data.forms:
            password = hapic_data.forms.password
        else:
            password = None
        api.check_password(content_share, password=password)
        content = ContentApi(current_user=None,
                             session=request.dbsession,
                             config=app_config).get_one(
                                 content_share.content_id,
                                 content_type=content_type_list.Any_SLUG)
        workspace_api = WorkspaceApi(current_user=None,
                                     session=request.dbsession,
                                     config=app_config)
        workspace = workspace_api.get_one(content.workspace_id)
        workspace_api.check_public_download_enabled(workspace)
        if content.type not in shareables_content_type:
            raise ContentTypeNotAllowed()

        try:
            file = DepotManager.get(
                app_config.UPLOADED_FILES__STORAGE__STORAGE_NAME).get(
                    content.depot_file)
        except IOError as exc:
            raise TracimFileNotFound(
                "file related to revision {} of content {} not found in depot."
                .format(content.cached_revision_id,
                        content.content_id)) from exc
        filename = hapic_data.path.filename

        # INFO - G.M - 2019-08-08 - use given filename in all case but none or
        # "raw", when filename returned will be original file one.
        if not filename or filename == "raw":
            filename = content.file_name
        return HapicFile(
            file_object=file,
            mimetype=file.content_type,
            filename=filename,
            as_attachment=True,
            content_length=file.content_length,
            last_modified=content.updated,
        )