def test_rate_limit(self):
# Return rate limit, if user is staff always return False
self.assertFalse(
util.has_rate_limit(self.suser, self.doc3, self.file_type.slug))
self.assertFalse(
util.has_rate_limit(self.ruser, self.doc1, self.file_type.slug))
self.assertTrue(
util.has_rate_limit(self.ruser, self.doc2, self.file_type.slug))
self.assertFalse(
util.has_rate_limit(self.suser, self.doc2, self.file_type.slug))
def download_external(request, uuid, ftype):
# Test authentication. We support a rest-framework token
# or a logged-in user
user = request.user
try:
t = auther.authenticate(request)
if t:
user = t[0]
except exceptions.AuthenticationFailed:
pass
try:
doc = models.Document.objects.get(external_identifier=uuid)
except models.Document.DoesNotExist:
return HttpResponseNotFound("Cannot find a document with id %s" % uuid)
# if ftype is a sourcetype and it has streamable set, and
# referrer is dunya, then has_access is true (but we rate-limit)
referrer = request.META.get("HTTP_REFERER")
good_referrer = False
if referrer:
if "dunya.compmusic.upf.edu" in referrer or "dunya.upf.edu" in referrer:
good_referrer = True
has_access = util.user_has_access(user, doc, ftype, good_referrer)
if not has_access:
return HttpResponse("Not logged in", status=401)
try:
version = request.GET.get("v")
subtype = request.GET.get("subtype")
part = request.GET.get("part")
# This could be a SourceFile, or DerivedFile
result = doc.get_file(ftype, subtype, part, version)
if isinstance(result, models.SourceFile):
fname = result.fullpath
else:
if part is None:
part = 1
fname = result.full_path_for_part(part)
mimetype = result.mimetype
ratelimit = "off"
if util.has_rate_limit(user, doc, ftype):
# 200k
ratelimit = 200 * 1024
# TODO: We should ratelimit mp3 requests, but not any others,
# so we need a different path for nginx for these ones
response = sendfile(request, fname, mimetype=mimetype)
response['X-Accel-Limit-Rate'] = ratelimit
return response
except docserver.exceptions.TooManyFilesException as e:
return HttpResponseBadRequest(e)
except docserver.exceptions.NoFileException as e:
return HttpResponseNotFound(e)
def download_external(request, uuid, ftype):
# Test authentication. We support a rest-framework token
# or a logged-in user
user = request.user
try:
t = auther.authenticate(request)
if t:
user = t[0]
except exceptions.AuthenticationFailed:
pass
try:
doc = models.Document.objects.get(external_identifier=uuid)
except models.Document.DoesNotExist:
return HttpResponseNotFound("Cannot find a document with id %s" % uuid)
# if ftype is a sourcetype and it has streamable set, and
# referrer is dunya, then has_access is true (but we rate-limit)
referrer = request.META.get("HTTP_REFERER")
good_referrer = False
if referrer and "dunya.compmusic.upf.edu" in referrer:
good_referrer = True
has_access = util.user_has_access(user, doc, ftype, good_referrer)
if not has_access:
return HttpResponse("Not logged in", status=401)
try:
version = request.GET.get("v")
subtype = request.GET.get("subtype")
part = request.GET.get("part")
# This could be a SourceFile, or DerivedFile
result = doc.get_file(ftype, subtype, part, version)
if isinstance(result, models.SourceFile):
fname = result.fullpath
else:
if part is None:
part = 1
fname = result.full_path_for_part(part)
mimetype = result.mimetype
ratelimit = "off"
if util.has_rate_limit(user, doc, ftype):
# 200k
ratelimit = 200 * 1024
# TODO: We should ratelimit mp3 requests, but not any others,
# so we need a different path for nginx for these ones
response = sendfile(request, fname, mimetype=mimetype)
response['X-Accel-Limit-Rate'] = ratelimit
return response
except docserver.exceptions.TooManyFilesException as e:
return HttpResponseBadRequest(e)
except docserver.exceptions.NoFileException as e:
return HttpResponseNotFound(e)
def test_rate_limit(self):
# Return rate limit, if user is staff always return False
self.assertFalse(util.has_rate_limit(self.suser, self.doc3, self.file_type.slug))
self.assertFalse(util.has_rate_limit(self.ruser, self.doc1, self.file_type.slug))
self.assertTrue(util.has_rate_limit(self.ruser, self.doc2, self.file_type.slug))
self.assertFalse(util.has_rate_limit(self.suser, self.doc2, self.file_type.slug))