haiwen/seahub
1
0
Fork 0
mirror of https://github.com/haiwen/seahub.git synced 2025-09-01 07:01:12 +00:00
Code Issues Releases Wiki Activity

[shared-link] add token to cache when set/check shared link access

Browse Source
This commit is contained in:
lian
2015-03-17 14:59:24 +08:00
parent cd66730377
commit f8ba28f723
3 changed files with 22 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
seahub/share/models.py
View File

@@ -19,21 +19,22 @@ class AnonymousShare(models.Model):
anonymous_email = LowerCaseCharField(max_length=255) anonymous_email = LowerCaseCharField(max_length=255)
token = models.CharField(max_length=25, unique=True) token = models.CharField(max_length=25, unique=True)
def _get_cache_key(request, prefix): def _get_cache_key(request, prefix, token):
"""Return cache key of certain ``prefix``. If user is logged in, use """Return cache key of certain ``prefix``. If user is logged in, use
username, otherwise use combination of request ip and user agent. username and token, otherwise use combination of request ip and user agent
and token.
Arguments: Arguments:
- `prefix`: - `prefix`:
""" """
if request.user.is_authenticated(): if request.user.is_authenticated():
key = normalize_cache_key(request.user.username, 'SharedLink_') key = normalize_cache_key(request.user.username, 'SharedLink_', token)
else: else:
ip = get_remote_ip(request) ip = get_remote_ip(request)
# Memcached key length limit is 250 chars, and user agent somethings may # Memcached key length limit is 250 chars, and user agent somethings may
# be long which will cause error. # be long which will cause error.
agent = request.META.get('HTTP_USER_AGENT', '')[:150] agent = request.META.get('HTTP_USER_AGENT', '')[:150]
key = normalize_cache_key(ip + agent, 'SharedLink_') key = normalize_cache_key(ip + agent, 'SharedLink_', token)
return key return key
@@ -41,13 +42,13 @@ def set_share_link_access(request, token):
"""Remember which share download/upload links user can access without """Remember which share download/upload links user can access without
providing password. providing password.
""" """
key = _get_cache_key(request, 'SharedLink_') key = _get_cache_key(request, 'SharedLink_', token)
cache.set(key, True, SHARE_ACCESS_PASSWD_TIMEOUT) cache.set(key, True, SHARE_ACCESS_PASSWD_TIMEOUT)
def check_share_link_access(request, token): def check_share_link_access(request, token):
"""Check whether user can access share link without providing password. """Check whether user can access share link without providing password.
""" """
key = _get_cache_key(request, 'SharedLink_') key = _get_cache_key(request, 'SharedLink_', token)
return cache.get(key, False) return cache.get(key, False)
class FileShareManager(models.Manager): class FileShareManager(models.Manager):

5
seahub/utils/__init__.py
View File

@@ -195,11 +195,12 @@ def gen_token(max_length=5):
return uuid.uuid4().hex[:max_length] return uuid.uuid4().hex[:max_length]
def normalize_cache_key(value, prefix=None): def normalize_cache_key(value, prefix=None, token=None):
"""Returns a cache key consisten of ``value`` and ``prefix``. Cache key """Returns a cache key consisten of ``value`` and ``prefix`` and ``token``. Cache key
must not include control characters or whitespace. must not include control characters or whitespace.
""" """
key = value if prefix is None else prefix + value key = value if prefix is None else prefix + value
key = key if token is None else key + '_' + token
return urlquote(key) return urlquote(key)
def get_repo_last_modify(repo): def get_repo_last_modify(repo):

25
seahub/views/repo.py
View File

@@ -449,22 +449,21 @@ def view_shared_upload_link(request, token):
if uploadlink is None: if uploadlink is None:
raise Http404 raise Http404
if uploadlink.is_encrypted(): if uploadlink.is_encrypted() and not check_share_link_access(request, token):
if not check_share_link_access(request, token): d = {'token': token, 'view_name': 'view_shared_upload_link', }
d = {'token': token, 'view_name': 'view_shared_upload_link', } if request.method == 'POST':
if request.method == 'POST': post_values = request.POST.copy()
post_values = request.POST.copy() post_values['enc_password'] = uploadlink.password
post_values['enc_password'] = uploadlink.password form = SharedLinkPasswordForm(post_values)
form = SharedLinkPasswordForm(post_values) d['form'] = form
d['form'] = form if form.is_valid():
if form.is_valid(): set_share_link_access(request, token)
set_share_link_access(request, token)
else:
return render_to_response('share_access_validation.html', d,
context_instance=RequestContext(request))
else: else:
return render_to_response('share_access_validation.html', d, return render_to_response('share_access_validation.html', d,
context_instance=RequestContext(request)) context_instance=RequestContext(request))
else:
return render_to_response('share_access_validation.html', d,
context_instance=RequestContext(request))
username = uploadlink.username username = uploadlink.username
repo_id = uploadlink.repo_id repo_id = uploadlink.repo_id