Skip to content
This repository
Browse code

fix bug 834300 - attachments from ATTACHMENT_HOST

Only serve raw attachments when requested on the ATTACHMENT_HOST as configured
in constance.
  • Loading branch information...
commit 581ca78a029bcd43d722cc5fa22cd69bde288b4e 1 parent 31638ae
luke crouch groovecoder authored
10 apps/wiki/models.py
@@ -1839,11 +1839,13 @@ class Meta(object):
1839 1839 def get_absolute_url(self):
1840 1840 return ('wiki.attachment_detail', (), {'attachment_id': self.id})
1841 1841
1842   - @models.permalink
1843 1842 def get_file_url(self):
1844   - return ('wiki.raw_file', (),
1845   - {'attachment_id': self.id,
1846   - 'filename': self.current_revision.filename()})
  1843 + uri = reverse('wiki.raw_file', kwargs={'attachment_id': self.id,
  1844 + 'filename': self.current_revision.filename()})
  1845 + url = '%s%s%s' % (settings.PROTOCOL,
  1846 + constance.config.ATTACHMENT_HOST,
  1847 + uri)
  1848 + return url
1847 1849
1848 1850 def attach(self, document, user, name):
1849 1851 if self.id not in document.attachments.values_list('id', flat=True):
47 apps/wiki/tests/test_views.py
@@ -3109,6 +3109,23 @@ def setUp(self):
3109 3109 def tearDown(self):
3110 3110 constance.config.WIKI_ATTACHMENT_ALLOWED_TYPES = self.old_allowed_types
3111 3111
  3112 + def _post_new_attachment(self):
  3113 + self.client = Client() # file views don't need LocalizingClient
  3114 + self.client.login(username='admin', password='testpass')
  3115 +
  3116 + file_for_upload = make_test_file(
  3117 + content='A test file uploaded into kuma.')
  3118 + post_data = {
  3119 + 'title': 'Test uploaded file',
  3120 + 'description': 'A test file uploaded into kuma.',
  3121 + 'comment': 'Initial upload',
  3122 + 'file': file_for_upload,
  3123 + }
  3124 +
  3125 + resp = self.client.post(reverse('wiki.new_attachment'), data=post_data)
  3126 + return resp
  3127 +
  3128 +
3112 3129 def test_legacy_redirect(self):
3113 3130 self.client = Client() # file views don't need LocalizingClient
3114 3131 test_user = User.objects.get(username='testuser2')
@@ -3148,19 +3165,7 @@ def test_legacy_redirect(self):
3148 3165 ok_(a.get_file_url() in resp['Location'])
3149 3166
3150 3167 def test_new_attachment(self):
3151   - self.client = Client() # file views don't need LocalizingClient
3152   - self.client.login(username='admin', password='testpass')
3153   -
3154   - file_for_upload = make_test_file(
3155   - content='A test file uploaded into kuma.')
3156   - post_data = {
3157   - 'title': 'Test uploaded file',
3158   - 'description': 'A test file uploaded into kuma.',
3159   - 'comment': 'Initial upload',
3160   - 'file': file_for_upload,
3161   - }
3162   -
3163   - resp = self.client.post(reverse('wiki.new_attachment'), data=post_data)
  3168 + resp = self._post_new_attachment()
3164 3169 eq_(302, resp.status_code)
3165 3170
3166 3171 attachment = Attachment.objects.get(title='Test uploaded file')
@@ -3219,10 +3224,24 @@ def test_edit_attachment(self):
3219 3224 eq_('Second revision.', rev.comment)
3220 3225 ok_(rev.is_approved)
3221 3226
3222   - resp = self.client.get(attachment.get_file_url())
  3227 + url = attachment.get_file_url()
  3228 + resp = self.client.get(url, HTTP_HOST=constance.config.ATTACHMENT_HOST)
3223 3229 eq_('text/plain', rev.mime_type)
3224 3230 ok_('I am a new version of the test file for editing.' in resp.content)
3225 3231
  3232 + def test_attachment_raw_requires_attachment_host(self):
  3233 + resp = self._post_new_attachment()
  3234 + attachment = Attachment.objects.get(title='Test uploaded file')
  3235 +
  3236 + url = attachment.get_file_url()
  3237 + resp = self.client.get(url)
  3238 + eq_(301, resp.status_code)
  3239 + eq_(attachment.get_file_url(), resp['Location'])
  3240 +
  3241 + url = attachment.get_file_url()
  3242 + resp = self.client.get(url, HTTP_HOST=constance.config.ATTACHMENT_HOST)
  3243 + eq_(200, resp.status_code)
  3244 +
3226 3245 def test_attachment_detail(self):
3227 3246 self.client = Client() # file views don't need LocalizingClient
3228 3247 self.client.login(username='admin', password='testpass')
13 apps/wiki/views.py
@@ -2074,11 +2074,14 @@ def raw_file(request, attachment_id, filename):
2074 2074 attachment = get_object_or_404(Attachment, pk=attachment_id)
2075 2075 if attachment.current_revision is None:
2076 2076 raise Http404
2077   - rev = attachment.current_revision
2078   - resp = HttpResponse(rev.file.read(), mimetype=rev.mime_type)
2079   - resp["Last-Modified"] = rev.created
2080   - resp["Content-Length"] = rev.file.size
2081   - return resp
  2077 + if request.get_host() == constance.config.ATTACHMENT_HOST:
  2078 + rev = attachment.current_revision
  2079 + resp = HttpResponse(rev.file.read(), mimetype=rev.mime_type)
  2080 + resp["Last-Modified"] = rev.created
  2081 + resp["Content-Length"] = rev.file.size
  2082 + return resp
  2083 + else:
  2084 + return HttpResponsePermanentRedirect(attachment.get_file_url())
2082 2085
2083 2086
2084 2087 def mindtouch_file_redirect(request, file_id, filename):
1  puppet/files/etc/apache2/conf.d/mozilla-kuma-apache.conf
@@ -16,6 +16,7 @@ WSGISocketPrefix /var/run/wsgi
16 16 ServerAlias developer-kumadev.mozilla.org
17 17 ServerAlias developer-mdndev.mozilla.org
18 18 ServerAlias developer-dev.mozilla.org
  19 + ServerAlias mdn-local.mozillademos.org
19 20
20 21 DirectoryIndex index.html
21 22 Options -Indexes
5 settings.py
@@ -1042,6 +1042,11 @@ def read_only_mode(env):
1042 1042 '(space-separated)'
1043 1043 ),
1044 1044
  1045 + ATTACHMENT_HOST = (
  1046 + 'mdn.mozillademos.org',
  1047 + 'Host from which attachments should be served',
  1048 + ),
  1049 +
1045 1050 GOOGLE_ANALYTICS_ACCOUNT = (
1046 1051 '0',
1047 1052 'Google Analytics Tracking Account Number (0 to disable)',

0 comments on commit 581ca78

Please sign in to comment.
Something went wrong with that request. Please try again.