unstablevortex
/
webshop
3
0
Fork 0
Code Pull Requests Releases Activity

implemented /content

This commit is contained in:
Pünkösd Marcell 2020-11-28 19:24:58 +01:00
parent aa874781e3
commit 4f95cb7f2f
3 changed files with 40 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/app.py
View File

@ -10,7 +10,7 @@ from flask_mail import Mail
from utils import Config
from utils import health_database_status, init_security_real_good
from utils import storage
from views import ItemView, ProfileView, UploadView, IndexView
from views import ItemView, ProfileView, UploadView, IndexView, ContentView
from models import db
@ -45,7 +45,7 @@ CORS(app)
Mail(app)
storage.init_app(app)
for view in [ItemView, ProfileView, UploadView, IndexView]:
for view in [ItemView, ProfileView, UploadView, IndexView, ContentView]:
view.register(app, trailing_slash=False)
health.add_check(health_database_status)

1
src/views/__init__.py
View File

@ -2,3 +2,4 @@ from .profileview import ProfileView
from .uploadview import UploadView
from .itemview import ItemView
from .indexview import IndexView
from .contentview import ContentView

37
src/views/contentview.py Normal file
View File

@ -0,0 +1,37 @@
#!/usr/bin/env python3
from flask import abort, Response, current_app
from flask_classful import FlaskView
from flask_security import login_required, current_user
from utils import storage
from minio.error import NoSuchKey
from models import db, Item, Purchase
class ContentView(FlaskView):
"""
This is just a simple content proxy with access control
"""
def _stream_from_minio(self, bucket: str, filename: str):
try:
data = storage.connection.get_object(bucket, filename)
except NoSuchKey:
abort(404)
return Response(data.stream(), mimetype=data.headers['Content-type'])
def preview(self, id_: int):
i = Item.query.get_or_404(id_)
return self._stream_from_minio(current_app.config['MINIO_PREVIEW_BUCKET_NAME'], str(i.id))
@login_required
def caff(self, id_: int):
p = Purchase.query.filter(db.and_(Purchase.purchaser_id == current_user.id, Purchase.item_id == id_)).first()
if not p:
abort(403)
return self._stream_from_minio(current_app.config['MINIO_CAFF_BUCKET_NAME'], str(p.item.id))