[Hardening] Original Dataset link: skip checks for external links

geonode/layers/templates/layers/layer_detail.html

@@ -404,7 +404,7 @@ <h4>{% trans "Pick your download format:" %}</h4>
                       <ul>
                         {% for link in links_download %}
                           {% if link.name == 'Original Dataset' %}
-                            {% original_link_available resource.id as original_dwn_link_available %}
+                            {% original_link_available resource.id link.url as original_dwn_link_available %}
                             {% if original_dwn_link_available %}
                             <li><a href="{{ link.url }}" target="_blank" id="{{ link.name | slugify }}" class="urls">{% trans link.name %}</a></li>
                             {% else %}

geonode/proxy/templatetags/proxy_lib_tags.py

@@ -18,17 +18,21 @@
 #
 #########################################################################
 from django import template
+from django.conf import settings
+from django.core.urlresolvers import reverse
 from django.utils.translation import ugettext as _
 from django.core.files.storage import default_storage as storage
 
+from urlparse import urljoin
+
 from geonode.utils import resolve_object
 from geonode.layers.models import Layer, LayerFile
 
 register = template.Library()
 
 
 @register.simple_tag(takes_context=True)
-def original_link_available(context, resourceid):
+def original_link_available(context, resourceid, url):
 
     _not_permitted = _("You are not permitted to save or edit this resource.")
 
@@ -39,6 +43,10 @@ def original_link_available(context, resourceid):
                               permission='base.download_resourcebase',
                               permission_msg=_not_permitted)
 
+    download_url = urljoin(settings.SITEURL, reverse("download", args={resourceid}))
+    if url != download_url:
+        return True
+
     layer_files = []
     if isinstance(instance, Layer):
         try: