def redirect(request, viewer, key):
new = Token(data=[viewer.file.id, key])
new.save()
url = urljoin(settings.STATIC_URL,
reverse('mkt.files.serve', args=[viewer, key]))
url = urlparams(url, token=new.token)
return http.HttpResponseRedirect(url)
def redirect(request, viewer, key):
new = Token(data=[viewer.file.id, key])
new.save()
url = '%s%s?token=%s' % (settings.STATIC_URL,
reverse('files.serve', args=[viewer, key
]), new.token)
return http.HttpResponseRedirect(url)
def redirect(request, viewer, key):
new = Token(data=[viewer.file.id, key])
new.save()
url = urljoin(settings.STATIC_URL,
reverse('files.serve', args=[viewer, key]))
url = urlparams(url, token=new.token)
return http.HttpResponseRedirect(url)
def redirect(request, viewer, key):
new = Token(data=[viewer.file.id, key])
new.save()
url = '%s%s?token=%s' % (settings.STATIC_URL,
reverse('files.serve', args=[viewer, key]),
new.token)
return http.HttpResponseRedirect(url)
def wrapper(request, file_id, key, *args, **kw):
viewer = FileViewer(get_object_or_404(File, pk=file_id))
token = request.GET.get('token')
if not token:
log.error('Denying access to %s, no token.' % viewer.file.id)
raise PermissionDenied
if not Token.valid(token, [viewer.file.id, key]):
log.error('Denying access to %s, token invalid.' % viewer.file.id)
raise PermissionDenied
return func(request, viewer, key, *args, **kw)
def wrapper(request, file_id, key, *args, **kw):
viewer = FileViewer(get_object_or_404(File, pk=file_id))
token = request.GET.get('token')
if not token:
log.error('Denying access to %s, no token.' % viewer.file.id)
return http.HttpResponseForbidden()
if not Token.valid(token, [viewer.file.id, key]):
log.error('Denying access to %s, token invalid.' % viewer.file.id)
return http.HttpResponseForbidden()
return func(request, viewer, key, *args, **kw)
def wrapper(request, file_id, key, *args, **kw):
viewer = FileViewer(get_object_or_404(File, pk=file_id), is_webapp=kwargs.get("is_webapp", False))
token = request.GET.get("token")
if not token:
log.error("Denying access to %s, no token." % viewer.file.id)
raise PermissionDenied
if not Token.valid(token, [viewer.file.id, key]):
log.error("Denying access to %s, token invalid." % viewer.file.id)
raise PermissionDenied
return func(request, viewer, key, *args, **kw)
def wrapper(request, file_id, key, *args, **kw):
viewer = FileViewer(get_object_or_404(File, pk=file_id))
token = request.GET.get('token')
if not token:
log.error('Denying access to %s, no token.' % viewer.file.id)
raise PermissionDenied
if not Token.valid(token, [viewer.file.id, key]):
log.error('Denying access to %s, token invalid.' % viewer.file.id)
raise PermissionDenied
return func(request, viewer, key, *args, **kw)
def test_token_pop(self):
new = Token()
new.save()
assert Token.pop(new.token)
assert not Token.pop(new.token)
def test_token_well_formed(self):
new = Token("some badly formed token")
assert not new.well_formed()
def test_token_bad_ip_invalid(self):
new = Token(data="127.0.0.1")
new.save()
assert not Token.pop(new.token, "255.255.255.0")
assert Token.pop(new.token, "127.0.0.1")
def test_token_no_ip_invalid(self):
new = Token()
assert not Token.valid(new.token, "255.255.255.0")
def test_token_ip(self):
new = Token(data="127.0.0.1")
new.save()
assert Token.valid(new.token, "127.0.0.1")
def test_token_bad_ip_invalid(self):
new = Token(data='127.0.0.1')
new.save()
assert not Token.pop(new.token, '255.255.255.0')
assert Token.pop(new.token, '127.0.0.1')
def test_token_ip(self):
new = Token(data='127.0.0.1')
new.save()
assert Token.valid(new.token, '127.0.0.1')
def test_token_valid(self):
new = Token()
new.save()
assert Token.valid(new.token)
def test_token_bad_ip_invalid(self):
new = Token(data='127.0.0.1')
new.save()
assert not Token.pop(new.token, '255.255.255.0')
assert Token.pop(new.token, '127.0.0.1')
def test_token_fails(self):
assert not Token.pop('some-random-token')
def test_token_pop(self):
new = Token()
new.save()
assert Token.pop(new.token)
assert not Token.pop(new.token)
def test_token_no_ip_invalid(self):
new = Token()
assert not Token.valid(new.token, '255.255.255.0')
def test_token_valid(self):
new = Token()
new.save()
assert Token.valid(new.token)
def test_token_well_formed(self):
new = Token('some badly formed token')
assert not new.well_formed()
def test_token_fails(self):
assert not Token.pop("some-random-token")
