def download_file(request, file_id, type=None, file_=None, addon=None):
def is_appropriate_reviewer(addon, channel):
return (acl.is_reviewer(request, addon)
if channel == amo.RELEASE_CHANNEL_LISTED
else acl.check_unlisted_addons_reviewer(request))
if not file_:
file_ = get_object_or_404(File.objects, pk=file_id)
if not addon:
addon = get_object_or_404(Addon.objects,
pk=file_.version.addon_id)
channel = file_.version.channel
if addon.is_disabled or file_.status == amo.STATUS_DISABLED:
if (is_appropriate_reviewer(addon, channel) or
acl.check_addon_ownership(
request, addon, dev=True, ignore_disabled=True)):
return HttpResponseSendFile(
request, file_.guarded_file_path,
content_type='application/x-xpinstall')
else:
log.info(
u'download file {file_id}: addon/file disabled and '
u'user {user_id} is not an owner or reviewer.'.format(
file_id=file_id, user_id=request.user.pk))
raise http.Http404() # Not owner or admin.
if channel == amo.RELEASE_CHANNEL_UNLISTED:
if (acl.check_unlisted_addons_reviewer(request) or
acl.check_addon_ownership(
request, addon, dev=True, ignore_disabled=True)):
return HttpResponseSendFile(
request, file_.file_path,
content_type='application/x-xpinstall')
else:
log.info(
u'download file {file_id}: version is unlisted and '
u'user {user_id} is not an owner or reviewer.'.format(
file_id=file_id, user_id=request.user.pk))
raise http.Http404() # Not owner or admin.
attachment = (type == 'attachment' or not request.APP.browser)
loc = urlparams(file_.get_file_cdn_url(attachment=attachment),
filehash=file_.hash)
response = http.HttpResponseRedirect(loc)
response['X-Target-Digest'] = file_.hash
return response
def download_file(request, file_id, type=None, file_=None, addon=None):
if not file_:
file_ = get_object_or_404(File.objects, pk=file_id)
if not addon:
addon = get_object_or_404(Addon.with_unlisted,
pk=file_.version.addon_id)
if addon.is_disabled or file_.status == amo.STATUS_DISABLED:
if (acl.check_addon_ownership(
request, addon, viewer=True, ignore_disabled=True)
or acl.check_addons_reviewer(request)):
return HttpResponseSendFile(request,
file_.guarded_file_path,
content_type='application/x-xpinstall')
log.info(u'download file {file_id}: addon/file disabled or user '
u'{user_id} is not an owner'.format(file_id=file_id,
user_id=request.user.pk))
raise http.Http404()
if not (addon.is_listed or owner_or_unlisted_reviewer(request, addon)):
log.info(u'download file {file_id}: addon is unlisted but user '
u'{user_id} is not an owner'.format(file_id=file_id,
user_id=request.user.pk))
raise http.Http404 # Not listed, not owner or admin.
attachment = (type == 'attachment' or not request.APP.browser)
loc = urlparams(file_.get_mirror(addon, attachment=attachment),
filehash=file_.hash)
response = http.HttpResponseRedirect(loc)
response['X-Target-Digest'] = file_.hash
return response
def serve(request, viewer, key):
"""
This is to serve files off of st.a.m.o, not standard a.m.o. For this we
use token based authentication.
"""
files = viewer.get_files()
obj = files.get(key)
if not obj:
log.error(u'Couldn\'t find %s in %s (%d entries) for file %s' %
(key, files.keys()[:10], len(files.keys()), viewer.file.id))
raise http.Http404
return HttpResponseSendFile(request, obj['full'],
content_type=obj['mimetype'])
def download_source(request, version_id):
version = get_object_or_404(Version.objects, pk=version_id)
# General case: version is listed.
if version.channel == amo.RELEASE_CHANNEL_LISTED:
if not (version.source and (acl.check_addon_ownership(
request, version.addon, dev=True, ignore_disabled=True))):
raise http.Http404()
else:
if not owner_or_unlisted_reviewer(request, version.addon):
raise http.Http404 # Not listed, not owner or unlisted reviewer.
res = HttpResponseSendFile(request, version.source.path)
path = version.source.path
if not isinstance(path, six.text_type):
path = path.decode('utf8')
name = os.path.basename(path.replace(u'"', u''))
disposition = u'attachment; filename="{0}"'.format(name).encode('utf8')
res['Content-Disposition'] = disposition
return res
def download_source(request, version_id):
version = get_object_or_404(Version, pk=version_id)
# General case: addon is listed.
if version.addon.is_listed:
if not (version.source and
(acl.check_addon_ownership(
request, version.addon, viewer=True, ignore_disabled=True)
or acl.action_allowed(request, 'Editors', 'BinarySource'))):
raise http.Http404()
else:
if not owner_or_unlisted_reviewer(request, version.addon):
raise http.Http404 # Not listed, not owner or admin.
res = HttpResponseSendFile(request, version.source.path)
path = version.source.path
if not isinstance(path, unicode):
path = path.decode('utf8')
name = os.path.basename(path.replace(u'"', u''))
disposition = u'attachment; filename="{0}"'.format(name).encode('utf8')
res['Content-Disposition'] = disposition
return res
def download_file(request, uuid):
upload = get_object_or_404(FileUpload, uuid=uuid)
return HttpResponseSendFile(request,
upload.path,
content_type='application/octet-stream')
