class OrderPdfHandler(webapp.RequestHandler): def get(self): from shop.models import Customer from shop.view import generate_order_or_invoice_pdf service_user = users.get_current_user() customer_id = long(self.request.get("customer_id")) order_number = self.request.get("order_number") download = self.request.get("download", "false") == "true" self.response.headers['Content-Type'] = 'application/pdf' self.response.headers['Content-Disposition'] = str( '%s; filename=order_%s.pdf' % ("attachment" if download else "inline", order_number)) try: customer = Customer.get_by_id(customer_id) except CustomerNotFoundException, exception: logging.exception(exception) self.abort(500) return if customer.service_email != service_user.email(): logging.error("%s attempted to download order of %s", service_user, customer.service_email) self.abort(403) return order = Order.get_by_key_name(order_number, parent=customer) generate_order_or_invoice_pdf(self.response.out, customer, order)