def download_file(request, file_id, type=None, file_=None, addon=None): def is_appropriate_reviewer(addon, channel): return (acl.is_reviewer(request, addon) if channel == amo.RELEASE_CHANNEL_LISTED else acl.check_unlisted_addons_reviewer(request)) if not file_: file_ = get_object_or_404(File.objects, pk=file_id) if not addon: addon = get_object_or_404(Addon.objects, pk=file_.version.addon_id) channel = file_.version.channel if addon.is_disabled or file_.status == amo.STATUS_DISABLED: if (is_appropriate_reviewer(addon, channel) or acl.check_addon_ownership( request, addon, dev=True, ignore_disabled=True)): return HttpResponseSendFile( request, file_.guarded_file_path, content_type='application/x-xpinstall') else: log.info( u'download file {file_id}: addon/file disabled and ' u'user {user_id} is not an owner or reviewer.'.format( file_id=file_id, user_id=request.user.pk)) raise http.Http404() # Not owner or admin. if channel == amo.RELEASE_CHANNEL_UNLISTED: if (acl.check_unlisted_addons_reviewer(request) or acl.check_addon_ownership( request, addon, dev=True, ignore_disabled=True)): return HttpResponseSendFile( request, file_.file_path, content_type='application/x-xpinstall') else: log.info( u'download file {file_id}: version is unlisted and ' u'user {user_id} is not an owner or reviewer.'.format( file_id=file_id, user_id=request.user.pk)) raise http.Http404() # Not owner or admin. attachment = (type == 'attachment' or not request.APP.browser) loc = urlparams(file_.get_file_cdn_url(attachment=attachment), filehash=file_.hash) response = http.HttpResponseRedirect(loc) response['X-Target-Digest'] = file_.hash return response
def download_file(request, file_id, type=None, file_=None, addon=None): if not file_: file_ = get_object_or_404(File.objects, pk=file_id) if not addon: addon = get_object_or_404(Addon.with_unlisted, pk=file_.version.addon_id) if addon.is_disabled or file_.status == amo.STATUS_DISABLED: if (acl.check_addon_ownership( request, addon, viewer=True, ignore_disabled=True) or acl.check_addons_reviewer(request)): return HttpResponseSendFile(request, file_.guarded_file_path, content_type='application/x-xpinstall') log.info(u'download file {file_id}: addon/file disabled or user ' u'{user_id} is not an owner'.format(file_id=file_id, user_id=request.user.pk)) raise http.Http404() if not (addon.is_listed or owner_or_unlisted_reviewer(request, addon)): log.info(u'download file {file_id}: addon is unlisted but user ' u'{user_id} is not an owner'.format(file_id=file_id, user_id=request.user.pk)) raise http.Http404 # Not listed, not owner or admin. attachment = (type == 'attachment' or not request.APP.browser) loc = urlparams(file_.get_mirror(addon, attachment=attachment), filehash=file_.hash) response = http.HttpResponseRedirect(loc) response['X-Target-Digest'] = file_.hash return response
def serve(request, viewer, key): """ This is to serve files off of st.a.m.o, not standard a.m.o. For this we use token based authentication. """ files = viewer.get_files() obj = files.get(key) if not obj: log.error(u'Couldn\'t find %s in %s (%d entries) for file %s' % (key, files.keys()[:10], len(files.keys()), viewer.file.id)) raise http.Http404 return HttpResponseSendFile(request, obj['full'], content_type=obj['mimetype'])
def download_source(request, version_id): version = get_object_or_404(Version.objects, pk=version_id) # General case: version is listed. if version.channel == amo.RELEASE_CHANNEL_LISTED: if not (version.source and (acl.check_addon_ownership( request, version.addon, dev=True, ignore_disabled=True))): raise http.Http404() else: if not owner_or_unlisted_reviewer(request, version.addon): raise http.Http404 # Not listed, not owner or unlisted reviewer. res = HttpResponseSendFile(request, version.source.path) path = version.source.path if not isinstance(path, six.text_type): path = path.decode('utf8') name = os.path.basename(path.replace(u'"', u'')) disposition = u'attachment; filename="{0}"'.format(name).encode('utf8') res['Content-Disposition'] = disposition return res
def download_source(request, version_id): version = get_object_or_404(Version, pk=version_id) # General case: addon is listed. if version.addon.is_listed: if not (version.source and (acl.check_addon_ownership( request, version.addon, viewer=True, ignore_disabled=True) or acl.action_allowed(request, 'Editors', 'BinarySource'))): raise http.Http404() else: if not owner_or_unlisted_reviewer(request, version.addon): raise http.Http404 # Not listed, not owner or admin. res = HttpResponseSendFile(request, version.source.path) path = version.source.path if not isinstance(path, unicode): path = path.decode('utf8') name = os.path.basename(path.replace(u'"', u'')) disposition = u'attachment; filename="{0}"'.format(name).encode('utf8') res['Content-Disposition'] = disposition return res
def download_file(request, uuid): upload = get_object_or_404(FileUpload, uuid=uuid) return HttpResponseSendFile(request, upload.path, content_type='application/octet-stream')