blob: e49a1249dfbf0d83e981f8a64a70e27c992a8225 [file] [log] [blame]
# Copyright 2016 The Chromium Authors. All rights reserved.
# Use of this source code is govered by a BSD-style
# license that can be found in the LICENSE file or at
"""Issue Tracker code to serve out issue attachments.
Summary of page classes:
AttachmentPage: Serve the content of an attachment w/ the appropriate
MIME type.
IssueAttachmentDeletion: Form handler for deleting attachments.
import base64
import logging
import os
import re
import urllib
import webapp2
from google.appengine.api import app_identity
from google.appengine.api import images
from framework import exceptions
from framework import framework_constants
from framework import framework_helpers
from framework import gcs_helpers
from framework import permissions
from framework import servlet
from framework import urls
from tracker import tracker_helpers
from tracker import tracker_views
# This will likely appear blank or as a broken image icon in the browser.
NO_PREVIEW_MIME_TYPE = 'image/png'
class AttachmentPage(servlet.Servlet):
"""AttachmentPage serves issue attachments."""
def GatherPageData(self, mr):
"""Parse the attachment ID from the request and serve its content.
mr: commonly used info parsed from the request.
Returns: dict of values used by EZT for rendering the page.
if mr.signed_aid != tracker_helpers.SignAttachmentID(mr.aid):
webapp2.abort(400, 'Please reload the issue page')
attachment, _issue = tracker_helpers.GetAttachmentIfAllowed(
except exceptions.NoSuchIssueException:
webapp2.abort(404, 'issue not found')
except exceptions.NoSuchAttachmentException:
webapp2.abort(404, 'attachment not found')
except exceptions.NoSuchCommentException:
webapp2.abort(404, 'comment not found')
if not attachment.gcs_object_id:
webapp2.abort(404, 'attachment data not found')
bucket_name = app_identity.get_default_gcs_bucket_name()
gcs_object_id = attachment.gcs_object_id'attachment id %d is %s', mr.aid, gcs_object_id)
# By default GCS will return images and attachments displayable inline.
if mr.thumb:
# Thumbnails are stored in a separate obj always displayed inline.
gcs_object_id = gcs_object_id + '-thumbnail'
elif not mr.inline:
# Downloads are stored in a separate obj with disposiiton set.
filename = attachment.filename
if not framework_constants.FILENAME_RE.match(filename):'bad file name: %s' % attachment.attachment_id)
filename = 'attachment-%d.dat' % attachment.attachment_id
if gcs_helpers.MaybeCreateDownload(
bucket_name, gcs_object_id, filename):
gcs_object_id = gcs_object_id + '-download'
url = gcs_helpers.SignUrl(bucket_name, gcs_object_id)
self.redirect(url, abort=True)
class IssueAttachmentDeletion(servlet.Servlet):
"""Form handler that allows user to hard-delete attachments."""
def ProcessFormData(self, mr, post_data):
"""Process the form that soft-deletes an issue attachment.
mr: commonly used info parsed from the request.
post_data: HTML form data from the request.
String URL to redirect the user to after processing.
local_id = int(post_data['id'])
sequence_num = int(post_data['sequence_num'])
attachment_id = int(post_data['aid'])
delete = 'delete' in post_data
issue =
mr.cnxn, mr.project_id, local_id)
all_comments =
mr.cnxn, issue.issue_id)'comments on %s are: %s', local_id, all_comments)
comment = all_comments[sequence_num]
if not permissions.CanDelete(
mr.auth.user_id, mr.auth.effective_ids, mr.perms,
comment.deleted_by, comment.user_id, mr.project,
raise permissions.PermissionException(
'Cannot un/delete attachment')
mr.cnxn, mr.project_id, local_id, sequence_num,
attachment_id,, delete=delete)
return framework_helpers.FormatAbsoluteURL(
mr, urls.ISSUE_DETAIL, id=local_id)