Главная Обзор Помощь
Вход
221V
/
Misago
1
0
Ответвить 0
Файлы Задачи 0 Запросы на слияние 0 Вики
Дерево: 98195767f5
Ветки Метки
Misago
/
misago
/
apps
/
attachments.py

attachments.py 2.7 KB
История Исходник

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859 
  1. from django.conf import settings
    2. 

  2. from django.http import StreamingHttpResponse
    3. 

  3. from django.template import RequestContext
    4. 

  4. from misago.acl.exceptions import ACLError403, ACLError404
    5. 

  5. from django.utils.translation import ugettext as _
    6. 

  6. from misago.apps.errors import error403, error404
    7. 

  7. from misago.models import Attachment
    8. 

  8. from misago.readstrackers import ForumsTracker
    9. 

  9. from misago.shortcuts import render_to_response
    10. 

  10. 

  11. def server(request, attachment, thumb=False):
    12. 

  12.     try:
    13. 

  13.         attachment = Attachment.objects.select_related('forum', 'thread', 'post', 'user').get(hash_id=attachment)
    14. 

  14.         request.acl.forums.allow_forum_view(attachment.forum)
    15. 

  15.         if attachment.thread:
    16. 

  16.             request.acl.threads.allow_thread_view(request.user, attachment.thread)
    17. 

  17.             if attachment.forum.special == 'private_threads':
    18. 

  18.                 if not request.user.is_authenticated():
    19. 

  19.                     raise ACLError404()
    20. 

  20.                 can_see_thread_because_reported = (
    21. 

  21.                     request.acl.privatethreads.is_mod() and attachment.thread.replies_reported)
    22. 

  22.                 can_see_thread_because_participates = request.user in thread.participants
    23. 

  23.                 if not (can_see_thread_because_reported or can_see_thread_because_participates):
    24. 

  24.                     raise ACLError404()
    25. 

  25.             if attachment.post:
    26. 

  26.                 request.acl.threads.allow_post_view(request.user, attachment.thread, attachment.post)
    27. 

  27.                 request.acl.threads.allow_attachment_download(request.user, attachment.forum, attachment.post)
    28. 

  28.         return serve_file(attachment, thumb)
    29. 

  29.     except ACLError403:
    30. 

  30.         if attachment.is_image:
    31. 

  31.             return serve_403_image()
    32. 

  32.         return error403(request,  _("You don't have permission to download this file."))
    33. 

  33.     except (Attachment.DoesNotExist, ACLError404):
    34. 

  34.         if thumb:
    35. 

  35.             return serve_404_image()
    36. 

  36.         return error404(request, _("Requested file could not be found."))
    37. 

  37. 

  38. 

  39. def serve_file(attachment, thumb):
    40. 

  40.     if thumb:
    41. 

  41.         response = StreamingHttpResponse(open(attachment.thumb_path), content_type=attachment.content_type)
    42. 

  42.     else:
    43. 

  43.         response = StreamingHttpResponse(open(attachment.file_path), content_type=attachment.content_type)
    44. 

  44.         response['Cache-Control'] = 'no-cache'
    45. 

  45.     if not attachment.is_image:
    46. 

  46.         response['Content-Disposition'] = 'attachment;filename="%s"' % attachment.name
    47. 

  47.     return response
    48. 

  48. 

  49. 

  50. def serve_403_image():
    51. 

  51.     response = StreamingHttpResponse(open('%s403.png' % settings.ATTACHMENTS_ROOT), content_type='image/png')
    52. 

  52.     response['Cache-Control'] = 'no-cache'
    53. 

  53.     return response
    54. 

  54. 

  55. 

  56. def serve_404_image():
    57. 

  57.     response = StreamingHttpResponse(open('%s404.png' % settings.ATTACHMENTS_ROOT), content_type='image/png')
    58. 

  58.     response['Cache-Control'] = 'no-cache'
    59. 

  59.     return response
    60.