def public_download(self, shareId, **kwargs): user = None message, publicShare, config = None, None, cherrypy.request.app.config['filelocker'] orgConfig = get_config_dict_from_objects(session.query(ConfigParameter).filter(ConfigParameter.name.like('org_%')).all()) cherrypy.response.timeout = 36000 shareId = strip_tags(shareId) try: publicShare = session.query(PublicShare).filter(PublicShare.id==shareId).one() if cherrypy.session.has_key("public_share_id") == False or cherrypy.session.get("public_share_id") != publicShare.id: password = kwargs['password'] if kwargs.has_key("password") else None if publicShare.password == None or (password is not None and Encryption.compare_password_hash(password, publicShare.password)): cherrypy.session['public_share_id'] = publicShare.id elif password == None: message = "This file share is password protected." publicShare = None elif password is not None and Encryption.compare_password_hash(password, publicShare.password) == False: message = "Invalid password" publicShare = None else: publicShare = None except sqlalchemy.orm.exc.NoResultFound: message = "Invalid Share ID" shareId = None except Exception, e: message = "Unable to access download page: %s " % str(e)
def public_download(self, shareId, **kwargs): user = None message, publicShare, config = None, None, cherrypy.request.app.config[ 'filelocker'] orgConfig = get_config_dict_from_objects( session.query(ConfigParameter).filter( ConfigParameter.name.like('org_%')).all()) cherrypy.response.timeout = 36000 shareId = strip_tags(shareId) try: publicShare = session.query(PublicShare).filter( PublicShare.id == shareId).one() if cherrypy.session.has_key( "public_share_id") == False or cherrypy.session.get( "public_share_id") != publicShare.id: password = kwargs['password'] if kwargs.has_key( "password") else None if publicShare.password == None or ( password is not None and Encryption.compare_password_hash( password, publicShare.password)): cherrypy.session['public_share_id'] = publicShare.id elif password == None: message = "This file share is password protected." publicShare = None elif password is not None and Encryption.compare_password_hash( password, publicShare.password) == False: message = "Invalid password" publicShare = None else: publicShare = None except sqlalchemy.orm.exc.NoResultFound: message = "Invalid Share ID" shareId = None except Exception, e: message = "Unable to access download page: %s " % str(e)
500, "Invalid password" ) if format == "content_only" else cherrypy.HTTPRedirect( config['root_url'] + '/upload_request?requestId=%s&msg=3' % requestId) requestOwner = session.query(User).filter( User.id == uploadRequest.owner_id).one() except cherrypy.HTTPError, httpe: raise httpe except cherrypy.HTTPRedirect, httpr: raise httpr except Exception, e: messages.append(str(e)) elif password is not None and password != "": # if they do have a password and requestId, try to load the whole upload ticket uploadRequest = session.query(UploadRequest).filter( UploadRequest.id == requestId).one() if Encryption.compare_password_hash(password, uploadRequest.password): cherrypy.session['uploadRequest'] = uploadRequest.get_copy( ) requestOwner = session.query(User).filter( User.id == uploadRequest.owner_id).one() else: uploadRequest = None raise cherrypy.HTTPError( 500, "Invalid password" ) if format == "content_only" else cherrypy.HTTPRedirect( config['root_url'] + '/upload_request?requestId=%s&msg=3' % requestId) elif cherrypy.session.has_key("uploadRequest"): uploadRequest = cherrypy.session.get("uploadRequest") requestOwner = session.query(User).filter( User.id == uploadRequest.owner_id).one()
if uploadRequest.password == None and uploadRequest.type == "single": cherrypy.session['uploadRequest'] = uploadRequest.get_copy() else: messages.append("This upload request requires a password before you can upload files") uploadRequest = None raise cherrypy.HTTPError(500, "Invalid password") if format == "content_only" else cherrypy.HTTPRedirect(config['root_url']+'/upload_request?requestId=%s&msg=3' % requestId) requestOwner = session.query(User).filter(User.id == uploadRequest.owner_id).one() except cherrypy.HTTPError, httpe: raise httpe except cherrypy.HTTPRedirect, httpr: raise httpr except Exception, e: messages.append(str(e)) elif password is not None and password!="": # if they do have a password and requestId, try to load the whole upload ticket uploadRequest = session.query(UploadRequest).filter(UploadRequest.id == requestId).one() if Encryption.compare_password_hash(password, uploadRequest.password): cherrypy.session['uploadRequest'] = uploadRequest.get_copy() requestOwner = session.query(User).filter(User.id == uploadRequest.owner_id).one() else: uploadRequest = None raise cherrypy.HTTPError(500, "Invalid password") if format == "content_only" else cherrypy.HTTPRedirect(config['root_url']+'/upload_request?requestId=%s&msg=3' % requestId) elif cherrypy.session.has_key("uploadRequest"): uploadRequest = cherrypy.session.get("uploadRequest") requestOwner = session.query(User).filter(User.id == uploadRequest.owner_id).one() else: raise cherrypy.HTTPError(500, "Unable to load upload request") if format == "content_only" else cherrypy.HTTPRedirect("%s/upload_request?msg=1" % (config['root_url'])) if uploadRequest is not None: fileList = session.query(File).filter(File.upload_request_id==uploadRequest.id).all() for flFile in fileList: flFile.documentType = "document"