def download_dist(request, path, document_root=None, show_indexes=False):
log = logging.getLogger(__name__)
def serve(username, dist):
log.info('user: %s package: %s downloaded' % (username, package.name))
return sendfile(request, dist.content.path, attachment=True)
def forbidden(username, dist):
error = 'user: %s package: %s download permission denied' % (
username, package.name)
log.info(error)
return HttpResponseForbidden(error)
dist = get_object_or_404(Distribution, content=path)
package = dist.release.package
if package.download_permissions.count(
) == 0 and not package.allow_authenticated:
# If no download permissions, anon users can access the package
return serve('Anonymous', dist)
else:
# Check authentication, falling-back to basic auth if necessary
if request.user.is_authenticated():
user = request.user
else:
user = login_basic_auth(request)
if user is None: # Specify 401 and await creds on next request
return HttpResponseUnauthorized('pypi')
else:
if package in user_packages(user):
return serve(user.username, dist)
else:
return forbidden(user.username, dist)
def download_dist(request, path, document_root=None, show_indexes=False):
log = logging.getLogger(__name__)
def serve(username, dist):
log.info('user: %s package: %s downloaded' % (username, package.name))
return sendfile(request, dist.content.path, attachment=True)
def forbidden(username, dist):
error = 'user: %s package: %s download permission denied' % (
username,
package.name
)
log.info(error)
return HttpResponseForbidden(error)
dist = get_object_or_404(Distribution, content=path)
package = dist.release.package
if package.download_permissions.count() == 0 and not package.allow_authenticated:
# If no download permissions, anon users can access the package
return serve('Anonymous', dist)
else:
# Check authentication, falling-back to basic auth if necessary
if request.user.is_authenticated():
user = request.user
else:
user = login_basic_auth(request)
if user is None: # Specify 401 and await creds on next request
return HttpResponseUnauthorized('pypi')
else:
if package in user_packages(user):
return serve(user.username, dist)
else:
return forbidden(user.username, dist)
def register_or_upload(request, post_data, files):
user = login_basic_auth(request)
if not user:
return HttpResponseUnauthorized('pypi')
login(request, user)
if not request.user.is_authenticated():
return HttpResponseForbidden(
"Not logged in, or invalid username/password.")
return submit_project_or_release(user, post_data, files)
def register_or_upload(request, post_data, files):
user = login_basic_auth(request)
if not user:
return HttpResponseUnauthorized('pypi')
login(request, user)
if not request.user.is_authenticated():
return HttpResponseForbidden(
"Not logged in, or invalid username/password.")
return submit_project_or_release(user, post_data, files)
def simple_index(request, **kwargs):
if request.user.is_authenticated():
user = request.user
else:
user = login_basic_auth(request)
if user is None:
return HttpResponseUnauthorized('pypi')
kwargs.setdefault('template_name', 'djangopypi/package_list_simple.html')
kwargs['queryset'] = user_packages(user)
return index(request, **kwargs)
def simple_index(request, **kwargs):
if request.user.is_authenticated():
user = request.user
else:
user = login_basic_auth(request)
if user is None:
return HttpResponseUnauthorized('pypi')
kwargs.setdefault('template_name', 'djangopypi/package_list_simple.html')
kwargs['queryset'] = user_packages(user)
return index(request, **kwargs)
def _wrapped_view(request, *args, **kwargs):
if request.user.is_authenticated():
return view_func(request, *args, **kwargs)
user = login_basic_auth(request)
if not user:
return HttpResponseUnauthorized('pypi')
login(request, user)
if not request.user.is_authenticated():
return HttpResponseForbidden("Not logged in, or invalid username/"
"password.")
return view_func(request, *args, **kwargs)
def _wrapped_view(request, *args, **kwargs):
if request.user.is_authenticated():
return view_func(request, *args, **kwargs)
user = login_basic_auth(request)
if not user:
return HttpResponseUnauthorized('pypi')
login(request, user)
if not request.user.is_authenticated():
return HttpResponseForbidden("Not logged in, or invalid username/"
"password.")
return view_func(request, *args, **kwargs)
def details(request, package, simple=False, **kwargs):
package = get_object_or_404(Package, name=package)
kwargs.setdefault('template_object_name', 'package')
if not simple:
if not request.user.is_authenticated():
return redirect_to_login(request.get_full_path())
else:
user = request.user
else:
user = login_basic_auth(request)
if not user:
return HttpResponseUnauthorized('pypi')
kwargs.setdefault('queryset', user_packages(user))
try:
return list_detail.object_detail(request, object_id=package, **kwargs)
except Http404:
return HttpResponseForbidden('You do not have sufficient \
permissions to view this package')
def details(request, package, simple=False, **kwargs):
package = get_object_or_404(Package, name=package)
kwargs.setdefault('template_object_name', 'package')
if not simple:
if not request.user.is_authenticated():
return redirect_to_login(request.get_full_path())
else:
user = request.user
else:
user = login_basic_auth(request)
if not user:
return HttpResponseUnauthorized('pypi')
kwargs.setdefault('queryset', user_packages(user))
try:
return list_detail.object_detail(request, object_id=package, **kwargs)
except Http404:
return HttpResponseForbidden('You do not have sufficient \
permissions to view this package')
