def download(key): """ Downloads a file from S3 based on the key in the path """ logger = DynamoAccessLogger('facgov_download') current_user = User() # Check access, no access if an empty list is returned from a User class if current_user.has_facgov_access(): client = current_app.config['S3_RESOURCE'] bucket = client.Bucket(current_app.config['FACGOV_BUCKET']) # Redirect to base url for keys that end with '/' which are valid S3 keys but are not files if key.endswith('/'): return redirect(bp.url_prefix) try: file_obj = bucket.Object(key).get() except client.meta.client.exceptions.NoSuchKey: # per boto3 docs logger.log_access(has_access=False, downloaded_object=key) raise NotFoundError(f'File {file_name(key)} not found.') logger.log_access(has_access=True, downloaded_object=key) return Response(file_obj['Body'].read(), mimetype=file_type(key), headers={ "Content-Disposition": "inline; filename={}".format(file_name(key)) }) else: logger.log_access(has_access=False, downloaded_object=key) raise ForbiddenError('You do not have access to this page. \ Please reach out to Timur Gulyamov (tg2648) to get access.' )