def guest_download_check(self, context, request: TracimRequest, hapic_data=None) -> None: """ Check if share token is correct and password given valid """ app_config = request.registry.settings["CFG"] # type: CFG api = ShareLib(current_user=None, session=request.dbsession, config=app_config) content_share = api.get_content_share_by_token( share_token=hapic_data.path.share_token) # type: ContentShare # TODO - G.M - 2019-08-01 - verify in access to content share can be granted # we should considered do these check at decorator level api.check_password(content_share, password=hapic_data.body.password) content = ContentApi(current_user=None, session=request.dbsession, config=app_config).get_one( content_share.content_id, content_type=content_type_list.Any_SLUG) workspace_api = WorkspaceApi(current_user=None, session=request.dbsession, config=app_config) workspace = workspace_api.get_one(content.workspace_id) workspace_api.check_public_download_enabled(workspace) if content.type not in shareables_content_type: raise ContentTypeNotAllowed()
def guest_download_file(self, context, request: TracimRequest, hapic_data=None) -> HapicFile: app_config = request.registry.settings["CFG"] # type: CFG api = ShareLib(current_user=None, session=request.dbsession, config=app_config) content_share = api.get_content_share_by_token( share_token=hapic_data.path.share_token) # type: ContentShare # TODO - G.M - 2019-08-01 - verify in access to content share can be granted # we should considered do these check at decorator level if hapic_data.forms: password = hapic_data.forms.password else: password = None api.check_password(content_share, password=password) content = ContentApi(current_user=None, session=request.dbsession, config=app_config).get_one( content_share.content_id, content_type=content_type_list.Any_SLUG) workspace_api = WorkspaceApi(current_user=None, session=request.dbsession, config=app_config) workspace = workspace_api.get_one(content.workspace_id) workspace_api.check_public_download_enabled(workspace) if content.type not in shareables_content_type: raise ContentTypeNotAllowed() try: file = DepotManager.get( app_config.UPLOADED_FILES__STORAGE__STORAGE_NAME).get( content.depot_file) except IOError as exc: raise TracimFileNotFound( "file related to revision {} of content {} not found in depot." .format(content.cached_revision_id, content.content_id)) from exc filename = hapic_data.path.filename # INFO - G.M - 2019-08-08 - use given filename in all case but none or # "raw", when filename returned will be original file one. if not filename or filename == "raw": filename = content.file_name return HapicFile( file_object=file, mimetype=file.content_type, filename=filename, as_attachment=True, content_length=file.content_length, last_modified=content.updated, )