diff options
-rw-r--r-- | license_protected_downloads/common.py | 19 | ||||
-rw-r--r-- | license_protected_downloads/views.py | 20 |
2 files changed, 11 insertions, 28 deletions
diff --git a/license_protected_downloads/common.py b/license_protected_downloads/common.py index 98d93b3..a0560fc 100644 --- a/license_protected_downloads/common.py +++ b/license_protected_downloads/common.py @@ -183,15 +183,6 @@ def find_artifact(request, path): raise Http404 -def _hidden_file(file_name): - hidden_files = ["BUILD-INFO.txt", "EULA.txt", "HEADER.html", - "HOWTO_", "textile", ".htaccess", "licenses"] - for pattern in hidden_files: - if re.search(pattern, file_name): - return True - return False - - def _sort_artifacts(a, b): '''Ensures directory listings follow our ordering rules for artifacts. @@ -241,6 +232,14 @@ class Artifact(object): def isdir(self): raise RuntimeError() + def hidden(self): + hidden_files = ["BUILD-INFO.txt", "EULA.txt", "HEADER.html", + "HOWTO_", "textile", ".htaccess", "licenses"] + for pattern in hidden_files: + if re.search(pattern, self.file_name): + return True + return False + def url(self): url = self.urlbase if url: @@ -323,6 +322,6 @@ def dir_list(url, path, human_readable=True): listing = [] for artifact in artifacts: - if not _hidden_file(artifact.file_name): + if not artifact.hidden(): listing.append(artifact.get_listing()) return listing diff --git a/license_protected_downloads/views.py b/license_protected_downloads/views.py index 17ae1da..71d1b71 100644 --- a/license_protected_downloads/views.py +++ b/license_protected_downloads/views.py @@ -160,20 +160,6 @@ def redirect_to_root(request): return redirect('/') -def file_listed(path, url): - """Boolean response to "does this files show up in a directory listing.""" - file_name = os.path.basename(path) - dir_name = os.path.dirname(path) - - found = False - file_list = dir_list(url, dir_name) - for file in file_list: - if file["name"] == file_name: - found = True - - return found - - def is_whitelisted(url): """ Check if requested file is under whitelisted path. """ @@ -339,10 +325,8 @@ def file_server_get(request, path): if artifact.isdir(): return _handle_dir_list(request, url, path) - # If the file listing doesn't contain the file requested for download, - # return a 404. This prevents the download of BUILD-INFO.txt and other - # hidden files. - if not file_listed(path, url): + # prevent download of files like BUILD-INFO.txt + if artifact.hidden(): raise Http404 resp = _check_file_permission(request, artifact, internal) |