2025-summer/team-3
12
Fork 0
Code Issues Pull requests Projects Releases Activity

allow specifying tile access permissions directly if authorized

Browse source
This commit is contained in:
Laura Klünder 2017-11-21 00:41:19 +01:00
parent bf98f54b55
commit 7ccfe058f6
2 changed files with 27 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/c3nav/mapdata/urls.py
View file

@ -4,6 +4,8 @@ from c3nav.mapdata.views import get_cache_package, map_history, tile, tile_acces
urlpatterns = [
url(r'^(?P<level>\d+)/(?P<zoom>\d+)/(?P<x>-?\d+)/(?P<y>-?\d+).png$', tile, name='mapdata.tile'),
url(r'^(?P<level>\d+)/(?P<zoom>\d+)/(?P<x>-?\d+)/(?P<y>-?\d+)/(?P<access_permissions>\d(-\d)*).png$', tile,
name='mapdata.tile'),
url(r'^history/(?P<level>\d+)/(?P<mode>base|composite)\.(?P<filetype>png|data)$', map_history,
name='mapdata.map_history'),
url(r'^cache/package\.(?P<filetype>tar|tar\.gz|tar\.xz)$', get_cache_package, name='mapdata.cache_package'),

40
src/c3nav/mapdata/views.py
View file

@ -36,8 +36,23 @@ def set_tile_access_cookie(func):
return wrapper
encoded_tile_secret = base64.b64encode(settings.SECRET_TILE_KEY.encode()).decode()
def enforce_tile_secret_auth(request):
x_tile_secret = request.META.get('HTTP_X_TILE_SECRET')
if x_tile_secret:
if x_tile_secret != encoded_tile_secret:
raise PermissionDenied
elif not request.user.is_superuser:
raise PermissionDenied
@no_language()
def tile(request, level, zoom, x, y):
def tile(request, level, zoom, x, y, access_permissions=None):
if access_permissions is not None:
enforce_tile_secret_auth(request)
zoom = int(zoom)
if not (0 <= zoom <= 10):
raise Http404
@ -58,12 +73,15 @@ def tile(request, level, zoom, x, y):
raise Http404
# decode access permissions
try:
cookie = request.COOKIES[settings.TILE_ACCESS_COOKIE_NAME]
except KeyError:
access_permissions = set()
if access_permissions is None:
try:
cookie = request.COOKIES[settings.TILE_ACCESS_COOKIE_NAME]
except KeyError:
access_permissions = set()
else:
access_permissions = parse_tile_access_cookie(cookie, settings.SECRET_TILE_KEY)
else:
access_permissions = parse_tile_access_cookie(cookie, settings.SECRET_TILE_KEY)
access_permissions = set(int(i) for i in access_permissions.split('-')) - set([0])
# only access permissions that are affecting this tile
access_permissions &= set(level_data.restrictions[minx:miny, maxx:maxy])
@ -159,18 +177,10 @@ def map_history(request, level, mode, filetype):
return response
encoded_tile_secret = base64.b64encode(settings.SECRET_TILE_KEY.encode()).decode()
@etag(lambda *args, **kwargs: MapUpdate.current_processed_cache_key())
@no_language()
def get_cache_package(request, filetype):
x_tile_secret = request.META.get('HTTP_X_TILE_SECRET')
if x_tile_secret:
if x_tile_secret != encoded_tile_secret:
raise PermissionDenied
elif not request.user.is_superuser:
raise PermissionDenied
enforce_tile_secret_auth(request)
filename = os.path.join(settings.CACHE_ROOT, 'package.'+filetype)
f = open(filename, 'rb')