def download_dist(request, path, document_root=None, show_indexes=False): log = logging.getLogger(__name__) def serve(username, dist): log.info('user: %s package: %s downloaded' % (username, package.name)) return sendfile(request, dist.content.path, attachment=True) def forbidden(username, dist): error = 'user: %s package: %s download permission denied' % ( username, package.name) log.info(error) return HttpResponseForbidden(error) dist = get_object_or_404(Distribution, content=path) package = dist.release.package if package.download_permissions.count( ) == 0 and not package.allow_authenticated: # If no download permissions, anon users can access the package return serve('Anonymous', dist) else: # Check authentication, falling-back to basic auth if necessary if request.user.is_authenticated(): user = request.user else: user = login_basic_auth(request) if user is None: # Specify 401 and await creds on next request return HttpResponseUnauthorized('pypi') else: if package in user_packages(user): return serve(user.username, dist) else: return forbidden(user.username, dist)
def download_dist(request, path, document_root=None, show_indexes=False): log = logging.getLogger(__name__) def serve(username, dist): log.info('user: %s package: %s downloaded' % (username, package.name)) return sendfile(request, dist.content.path, attachment=True) def forbidden(username, dist): error = 'user: %s package: %s download permission denied' % ( username, package.name ) log.info(error) return HttpResponseForbidden(error) dist = get_object_or_404(Distribution, content=path) package = dist.release.package if package.download_permissions.count() == 0 and not package.allow_authenticated: # If no download permissions, anon users can access the package return serve('Anonymous', dist) else: # Check authentication, falling-back to basic auth if necessary if request.user.is_authenticated(): user = request.user else: user = login_basic_auth(request) if user is None: # Specify 401 and await creds on next request return HttpResponseUnauthorized('pypi') else: if package in user_packages(user): return serve(user.username, dist) else: return forbidden(user.username, dist)
def register_or_upload(request, post_data, files): user = login_basic_auth(request) if not user: return HttpResponseUnauthorized('pypi') login(request, user) if not request.user.is_authenticated(): return HttpResponseForbidden( "Not logged in, or invalid username/password.") return submit_project_or_release(user, post_data, files)
def simple_index(request, **kwargs): if request.user.is_authenticated(): user = request.user else: user = login_basic_auth(request) if user is None: return HttpResponseUnauthorized('pypi') kwargs.setdefault('template_name', 'djangopypi/package_list_simple.html') kwargs['queryset'] = user_packages(user) return index(request, **kwargs)
def _wrapped_view(request, *args, **kwargs): if request.user.is_authenticated(): return view_func(request, *args, **kwargs) user = login_basic_auth(request) if not user: return HttpResponseUnauthorized('pypi') login(request, user) if not request.user.is_authenticated(): return HttpResponseForbidden("Not logged in, or invalid username/" "password.") return view_func(request, *args, **kwargs)
def details(request, package, simple=False, **kwargs): package = get_object_or_404(Package, name=package) kwargs.setdefault('template_object_name', 'package') if not simple: if not request.user.is_authenticated(): return redirect_to_login(request.get_full_path()) else: user = request.user else: user = login_basic_auth(request) if not user: return HttpResponseUnauthorized('pypi') kwargs.setdefault('queryset', user_packages(user)) try: return list_detail.object_detail(request, object_id=package, **kwargs) except Http404: return HttpResponseForbidden('You do not have sufficient \ permissions to view this package')