def test_s3_download_with_correct_params(file_app, s3_resource):
with file_app.app_context():
s3_download_file('file.txt', 'path')
s3_resource.Bucket().download_fileobj.assert_called_once_with(
'path/file.txt',
mock.ANY
)
def download_brief_attachment(brief_id, slug):
"""Get brief attachments.
---
tags:
- brief
parameters:
- name: brief_id
in: path
type: number
required: true
- name: slug
in: path
type: string
required: true
responses:
200:
description: Attachment retrieved successfully.
404:
description: Attachment not found.
500:
description: Unexpected error.
"""
brief = briefs.get(brief_id)
brief_user_ids = [user.id for user in brief.users]
if (hasattr(current_user, 'role') and
(current_user.role == 'buyer' or
(current_user.role == 'supplier' and _can_do_brief_response(brief_id)))):
file = s3_download_file(slug, os.path.join(brief.framework.slug, 'attachments',
'brief-' + str(brief_id)))
mimetype = mimetypes.guess_type(slug)[0] or 'binary/octet-stream'
return Response(file, mimetype=mimetype)
else:
return not_found('File not found')
def download_brief_responses(brief_id):
brief = Brief.query.filter(
Brief.id == brief_id
).first_or_404()
brief_user_ids = [user.id for user in brief.users]
if current_user.id not in brief_user_ids:
return forbidden("Unauthorised to view brief or brief does not exist")
if brief.status != 'closed':
return forbidden("You can only download documents for closed briefs")
response = ('', 404)
if brief.lot.slug in ['digital-professionals', 'training', 'rfx', 'atm']:
try:
file = s3_download_file(
'brief-{}-resumes.zip'.format(brief_id),
os.path.join(brief.framework.slug, 'archives', 'brief-{}'.format(brief_id))
)
except botocore.exceptions.ClientError as e:
rollbar.report_exc_info()
not_found("Brief documents not found for brief id '{}'".format(brief_id))
response = Response(file, mimetype='application/zip')
response.headers['Content-Disposition'] = 'attachment; filename="brief-{}-responses.zip"'.format(brief_id)
elif brief.lot.slug == 'digital-outcome':
responses = BriefResponse.query.filter(
BriefResponse.brief_id == brief_id,
BriefResponse.withdrawn_at.is_(None)
).all()
csvdata = generate_brief_responses_csv(brief, responses)
response = Response(csvdata, mimetype='text/csv')
response.headers['Content-Disposition'] = (
'attachment; filename="responses-to-requirements-{}.csv"'.format(brief_id))
return response
def test_s3_download_with_correct_params(s3_client, file_app):
with file_app.app_context():
mock_s3 = mock.MagicMock()
s3_client.return_value = mock_s3
for download in s3_download_file('testbucket', 'file.txt', 'path'):
pass
mock_s3.get_object.assert_called_once_with(Bucket='testbucket',
Key='path/file.txt')
def download_single_file(id, slug):
application = data_api_client.get_application(id)
if not can_user_view_application(application) and not current_user.has_role('admin'):
abort(403, 'Not authorised to access application')
file = s3_download_file(slug, os.path.join(S3_PATH, str(id)))
mimetype = mimetypes.guess_type(slug)[0] or 'binary/octet-stream'
return Response(file, mimetype=mimetype)
def download_single_file(id, slug):
mimetype = mimetypes.guess_type(slug)[0] or 'binary/octet-stream'
return Response(
s3_download_file(
current_app.config.get('S3_BUCKET_NAME'),
slug,
os.path.join('applications', str(id))
),
mimetype=mimetype
)
def download_single_file(id, slug):
application = data_api_client.get_application(id)
if not can_user_view_application(
application) and not current_user.has_role('admin'):
abort(403, 'Not authorised to access application')
mimetype = mimetypes.guess_type(slug)[0] or 'binary/octet-stream'
return Response(s3_download_file(
current_app.config.get('S3_BUCKET_NAME', None), slug,
os.path.join(S3_PATH, str(id))),
mimetype=mimetype)
def download_brief_response_file(brief_id, supplier_code, slug):
brief = Brief.query.filter(
Brief.id == brief_id
).first_or_404()
brief_user_ids = [user.id for user in brief.users]
if hasattr(current_user, 'role') and (current_user.role == 'buyer' and current_user.id in brief_user_ids) \
or (current_user.role == 'supplier' and current_user.supplier_code == supplier_code):
file = s3_download_file(slug, os.path.join(brief.framework.slug, 'documents',
'brief-' + str(brief_id),
'supplier-' + str(supplier_code)))
mimetype = mimetypes.guess_type(slug)[0] or 'binary/octet-stream'
return Response(file, mimetype=mimetype)
else:
return forbidden("Unauthorised to view brief or brief does not exist")
def download_brief_response_attachment(framework_slug, lot_slug, brief_id, response_id, attachment_id):
get_framework_and_lot(framework_slug, lot_slug, data_api_client, status='live', must_allow_brief=True)
brief = data_api_client.get_brief(brief_id)["briefs"]
if not is_brief_correct(
brief, framework_slug, lot_slug, current_user.id, data_api_client
):
abort(404)
if brief['status'] != "closed":
abort(404)
response = data_api_client.get_brief_response(response_id)
if not response or not response.get('briefResponses', {}).get('attachedDocumentURL'):
abort(404)
try:
slug = response['briefResponses']['attachedDocumentURL'][attachment_id]
except IndexError:
abort(404)
if slug is None:
abort(404)
try:
# try newer file storage
mimetype = mimetypes.guess_type(slug)[0] or 'binary/octet-stream'
return Response(
s3_download_file(
current_app.config.get('S3_BUCKET_NAME', None),
slug,
os.path.join(
brief['frameworkSlug'],
'documents',
'brief-' + str(brief_id),
'supplier-' + str(response['briefResponses']['supplierCode'])
)
),
mimetype=mimetype
)
except botocore.exceptions.ClientError:
url = get_signed_url(current_app.config['S3_BUCKET_NAME'], slug, None)
if not url:
abort(404)
return redirect(url)
def download_brief_response_attachment(framework_slug, lot_slug, brief_id, response_id, attachment_id):
get_framework_and_lot(framework_slug, lot_slug, data_api_client, status='live', must_allow_brief=True)
brief = data_api_client.get_brief(brief_id)["briefs"]
if not is_brief_correct(
brief, framework_slug, lot_slug, current_user.id
):
abort(404)
if brief['status'] != "closed":
abort(404)
response = data_api_client.get_brief_response(response_id)
if not response or not response.get('briefResponses', {}).get('attachedDocumentURL'):
abort(404)
try:
slug = response['briefResponses']['attachedDocumentURL'][attachment_id]
except IndexError:
abort(404)
if slug is None:
abort(404)
try:
# try newer file storage
file = s3_download_file(slug, os.path.join(brief['frameworkSlug'], 'documents',
'brief-' + str(brief_id),
'supplier-' + str(response['briefResponses']['supplierCode'])))
mimetype = mimetypes.guess_type(slug)[0] or 'binary/octet-stream'
return Response(file, mimetype=mimetype)
except botocore.exceptions.ClientError:
url = get_signed_url(current_app.config['S3_BUCKET_NAME'], slug, None)
if not url:
abort(404)
return redirect(url)
def download_single_file(id, slug):
file = s3_download_file(slug, os.path.join('applications', str(id)))
mimetype = mimetypes.guess_type(slug)[0] or 'binary/octet-stream'
return Response(file, mimetype=mimetype)