def download_file(request, file_id, type=None): file = get_object_or_404(File.objects, pk=file_id) addon = get_object_or_404(Addon.with_unlisted, pk=file.version.addon_id) if addon.is_disabled or file.status == amo.STATUS_DISABLED: if (acl.check_addon_ownership(request, addon, viewer=True, ignore_disabled=True) or acl.check_addons_reviewer(request)): return HttpResponseSendFile(request, file.guarded_file_path, content_type='application/x-xpinstall') log.info(u'download file {file_id}: addon/file disabled or user ' u'{user_id} is not an owner'.format(file_id=file_id, user_id=request.user.pk)) raise http.Http404() if not (addon.is_listed or owner_or_unlisted_reviewer(request, addon)): log.info(u'download file {file_id}: addon is unlisted but user ' u'{user_id} is not an owner'.format(file_id=file_id, user_id=request.user.pk)) raise http.Http404 # Not listed, not owner or admin. attachment = (type == 'attachment' or not request.APP.browser) loc = urlparams(file.get_mirror(addon, attachment=attachment), filehash=file.hash) response = http.HttpResponseRedirect(loc) response['X-Target-Digest'] = file.hash return response
def download_file(request, file_id, type=None): file = get_object_or_404(File.objects, pk=file_id) addon = get_object_or_404(Addon.with_unlisted, pk=file.version.addon_id) # General case: addon is listed. if addon.is_listed: if addon.is_disabled or file.status == amo.STATUS_DISABLED: if (acl.check_addon_ownership( request, addon, viewer=True, ignore_disabled=True) or acl.check_addons_reviewer(request)): return HttpResponseSendFile( request, file.guarded_file_path, content_type='application/xp-install') else: raise http.Http404() else: if not owner_or_unlisted_reviewer(request, addon): raise http.Http404 # Not listed, not owner or admin. attachment = (type == 'attachment' or not request.APP.browser) loc = urlparams(file.get_mirror(addon, attachment=attachment), filehash=file.hash) response = http.HttpResponseRedirect(loc) response['X-Target-Digest'] = file.hash return response
def download_file(request, file_id, type=None): file = get_object_or_404(File.objects, pk=file_id) addon = get_object_or_404(Addon.with_unlisted, pk=file.version.addon_id) # General case: addon is listed. if addon.is_listed: if addon.is_disabled or file.status == amo.STATUS_DISABLED: if (acl.check_addon_ownership(request, addon, viewer=True, ignore_disabled=True) or acl.check_addons_reviewer(request)): return HttpResponseSendFile( request, file.guarded_file_path, content_type='application/xp-install') else: raise http.Http404() else: if not owner_or_unlisted_reviewer(request, addon): raise http.Http404 # Not listed, not owner or admin. attachment = (type == 'attachment' or not request.APP.browser) loc = urlparams(file.get_mirror(addon, attachment=attachment), filehash=file.hash) response = http.HttpResponseRedirect(loc) response['X-Target-Digest'] = file.hash return response
def download_source(request, version_id): version = get_object_or_404(Version, pk=version_id) # General case: addon is listed. if version.addon.is_listed: if not (version.source and (acl.check_addon_ownership( request, version.addon, viewer=True, ignore_disabled=True) or acl.action_allowed(request, 'Editors', 'BinarySource'))): raise http.Http404() else: if not owner_or_unlisted_reviewer(request, version.addon): raise http.Http404 # Not listed, not owner or admin. res = HttpResponseSendFile(request, version.source.path) name = os.path.basename(version.source.path.replace('"', '')) res['Content-Disposition'] = 'attachment; filename="{0}"'.format(name) return res
def download_source(request, version_id): version = get_object_or_404(Version, pk=version_id) # General case: addon is listed. if version.addon.is_listed: if not (version.source and (acl.check_addon_ownership(request, version.addon, viewer=True, ignore_disabled=True) or acl.action_allowed(request, 'Editors', 'BinarySource'))): raise http.Http404() else: if not owner_or_unlisted_reviewer(request, version.addon): raise http.Http404 # Not listed, not owner or admin. res = HttpResponseSendFile(request, version.source.path) name = os.path.basename(version.source.path.replace('"', '')) res['Content-Disposition'] = 'attachment; filename="{0}"'.format(name) return res
def allowed(request, file): try: addon = file.version.addon except ObjectDoesNotExist: raise http.Http404 # General case: addon is listed. if addon.is_listed: if ((addon.view_source and addon.status in amo.REVIEWED_STATUSES) or acl.check_addons_reviewer(request) or acl.check_addon_ownership(request, addon, viewer=True, dev=True)): return True # Public and sources are visible, or reviewer. raise PermissionDenied # Listed but not allowed. # Not listed? Needs an owner or an "unlisted" admin. else: if owner_or_unlisted_reviewer(request, addon): return True raise http.Http404 # Not listed, not owner or admin.
def allowed(request, file): try: addon = file.version.addon except ObjectDoesNotExist: raise http.Http404 # General case: addon is listed. if addon.is_listed: if ((addon.view_source and addon.status in amo.REVIEWED_STATUSES) or acl.check_addons_reviewer(request) or acl.check_addon_ownership( request, addon, viewer=True, dev=True)): return True # Public and sources are visible, or reviewer. raise PermissionDenied # Listed but not allowed. # Not listed? Needs an owner or an "unlisted" admin. else: if owner_or_unlisted_reviewer(request, addon): return True raise http.Http404 # Not listed, not owner or admin.
def reporter_detail(request, guid): try: addon = Addon.with_unlisted.get(guid=guid) except Addon.DoesNotExist: addon = None name = addon.name if addon else guid qs = CompatReport.objects.filter(guid=guid) if (addon and not addon.is_listed and not owner_or_unlisted_reviewer(request, addon)): # Not authorized? Let's pretend this addon simply doesn't exist. name = guid qs = CompatReport.objects.none() form = AppVerForm(request.GET) if request.GET and form.is_valid() and form.cleaned_data['appver']: # Apply filters only if we have a good app/version combination. app, ver = form.cleaned_data['appver'].split('-') app = amo.APP_IDS[int(app)] ver = vdict(floor_version(ver))['major'] # 3.6 => 3 # Ideally we'd have a `version_int` column to do strict version # comparing, but that's overkill for basic version filtering here. qs = qs.filter(app_guid=app.guid, app_version__startswith=str(ver) + '.') works_ = dict(qs.values_list('works_properly').annotate(Count('id'))) works = {'success': works_.get(True, 0), 'failure': works_.get(False, 0)} works_properly = request.GET.get('works_properly') if works_properly: qs = qs.filter(works_properly=works_properly) reports = amo.utils.paginate(request, qs.order_by('-created'), 100) return render( request, 'compat/reporter_detail.html', dict(reports=reports, works=works, works_properly=works_properly, name=name, guid=guid, form=form))
def reporter(request): query = request.GET.get('guid') if query: qs = None if query.isdigit(): qs = Addon.with_unlisted.filter(id=query) if not qs: qs = Addon.with_unlisted.filter(slug=query) if not qs: qs = Addon.with_unlisted.filter(guid=query) if not qs and len(query) > 4: qs = CompatReport.objects.filter(guid__startswith=query) if qs: guid = qs[0].guid addon = Addon.with_unlisted.get(guid=guid) if addon.is_listed or owner_or_unlisted_reviewer(request, addon): return redirect('compat.reporter_detail', guid) addons = (Addon.with_unlisted.filter(authors=request.user) if request.user.is_authenticated() else []) return render(request, 'compat/reporter.html', dict(query=query, addons=addons))
def reporter(request): query = request.GET.get('guid') if query: qs = None if query.isdigit(): qs = Addon.with_unlisted.filter(id=query) if not qs: qs = Addon.with_unlisted.filter(slug=query) if not qs: qs = Addon.with_unlisted.filter(guid=query) if not qs and len(query) > 4: qs = CompatReport.objects.filter(guid__startswith=query) if qs: guid = qs[0].guid addon = Addon.with_unlisted.get(guid=guid) if addon.is_listed or owner_or_unlisted_reviewer(request, addon): return redirect('compat.reporter_detail', guid) addons = (Addon.with_unlisted.filter(authors=request.amo_user) if request.user.is_authenticated() else []) return render(request, 'compat/reporter.html', dict(query=query, addons=addons))
def reporter_detail(request, guid): try: addon = Addon.with_unlisted.get(guid=guid) except Addon.DoesNotExist: addon = None name = addon.name if addon else guid qs = CompatReport.objects.filter(guid=guid) if (addon and not addon.is_listed and not owner_or_unlisted_reviewer(request, addon)): # Not authorized? Let's pretend this addon simply doesn't exist. name = guid qs = CompatReport.objects.none() form = AppVerForm(request.GET) if request.GET and form.is_valid() and form.cleaned_data['appver']: # Apply filters only if we have a good app/version combination. app, ver = form.cleaned_data['appver'].split('-') app = amo.APP_IDS[int(app)] ver = vdict(floor_version(ver))['major'] # 3.6 => 3 # Ideally we'd have a `version_int` column to do strict version # comparing, but that's overkill for basic version filtering here. qs = qs.filter(app_guid=app.guid, app_version__startswith=str(ver) + '.') works_ = dict(qs.values_list('works_properly').annotate(Count('id'))) works = {'success': works_.get(True, 0), 'failure': works_.get(False, 0)} works_properly = request.GET.get('works_properly') if works_properly: qs = qs.filter(works_properly=works_properly) reports = amo.utils.paginate(request, qs.order_by('-created'), 100) return render(request, 'compat/reporter_detail.html', dict(reports=reports, works=works, works_properly=works_properly, name=name, guid=guid, form=form))