From a637742bb02abcad4ad22c7f3978001ee3256939 Mon Sep 17 00:00:00 2001
From: thomas girod <thgirod@hotmail.com>
Date: Mon, 5 Aug 2024 10:46:15 +0200
Subject: [PATCH] apply review comment

---
 core/lookups.py     |  4 ++--
 core/views/files.py |  8 ++++----
 counter/utils.py    |  2 +-
 counter/views.py    | 10 +++++-----
 4 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/core/lookups.py b/core/lookups.py
index 0e8af504..9a555f1b 100644
--- a/core/lookups.py
+++ b/core/lookups.py
@@ -21,12 +21,12 @@ from club.models import Club
 from core.models import Group, SithFile, User
 from core.views.site import search_user
 from counter.models import Counter, Customer, Product
-from counter.utils import sent_from_logged_counter
+from counter.utils import is_logged_in_counter
 
 
 class RightManagedLookupChannel(LookupChannel):
     def check_auth(self, request):
-        if not request.user.was_subscribed and not sent_from_logged_counter(request):
+        if not request.user.was_subscribed and not is_logged_in_counter(request):
             raise PermissionDenied
 
 
diff --git a/core/views/files.py b/core/views/files.py
index 52474b55..064b9aaa 100644
--- a/core/views/files.py
+++ b/core/views/files.py
@@ -12,7 +12,7 @@
 # OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #
-from urllib.parse import quote
+from urllib.parse import quote, urljoin
 
 # This file contains all the views that concern the page model
 from wsgiref.util import FileWrapper
@@ -38,7 +38,7 @@ from core.views import (
     CanViewMixin,
     can_view,
 )
-from counter.utils import sent_from_logged_counter
+from counter.utils import is_logged_in_counter
 
 
 def send_file(
@@ -55,7 +55,7 @@ def send_file(
     In debug mode, the server will directly send the file.
     """
     f = get_object_or_404(file_class, id=file_id)
-    if not can_view(f, request.user) and not sent_from_logged_counter(request):
+    if not can_view(f, request.user) and not is_logged_in_counter(request):
         raise PermissionDenied
     name = getattr(f, file_attr).name
     filepath = settings.MEDIA_ROOT / name
@@ -71,7 +71,7 @@ def send_file(
         # so please do not mess with this.
         response = HttpResponse(status=200)
         response["Content-Type"] = ""
-        response["X-Accel-Redirect"] = f"/data/{quote(name)}"
+        response["X-Accel-Redirect"] = quote(urljoin(settings.MEDIA_URL, name))
         return response
 
     with open(filepath, "rb") as filename:
diff --git a/counter/utils.py b/counter/utils.py
index 6196081f..08ae0490 100644
--- a/counter/utils.py
+++ b/counter/utils.py
@@ -6,7 +6,7 @@ from django.urls import resolve
 from counter.models import Counter
 
 
-def sent_from_logged_counter(request: HttpRequest) -> bool:
+def is_logged_in_counter(request: HttpRequest) -> bool:
     """Check if the request is sent from a device logged to a counter.
 
     The request must also be sent within the frame of a counter's activity.
diff --git a/counter/views.py b/counter/views.py
index aae2f183..373539bf 100644
--- a/counter/views.py
+++ b/counter/views.py
@@ -80,7 +80,7 @@ from counter.models import (
     Selling,
     StudentCard,
 )
-from counter.utils import sent_from_logged_counter
+from counter.utils import is_logged_in_counter
 
 
 class CounterAdminMixin(View):
@@ -904,7 +904,7 @@ class RefillingDeleteView(DeleteView):
         self.object = self.get_object()
         if timezone.now() - self.object.date <= timedelta(
             minutes=settings.SITH_LAST_OPERATIONS_LIMIT
-        ) and sent_from_logged_counter(request):
+        ) and is_logged_in_counter(request):
             self.success_url = reverse(
                 "counter:details", kwargs={"counter_id": self.object.counter.id}
             )
@@ -929,7 +929,7 @@ class SellingDeleteView(DeleteView):
         self.object = self.get_object()
         if timezone.now() - self.object.date <= timedelta(
             minutes=settings.SITH_LAST_OPERATIONS_LIMIT
-        ) and sent_from_logged_counter(request):
+        ) and is_logged_in_counter(request):
             self.success_url = reverse(
                 "counter:details", kwargs={"counter_id": self.object.counter.id}
             )
@@ -1164,7 +1164,7 @@ class CounterLastOperationsView(CounterTabsMixin, CanViewMixin, DetailView):
     def dispatch(self, request, *args, **kwargs):
         """We have here again a very particular right handling."""
         self.object = self.get_object()
-        if sent_from_logged_counter(request) and self.object.barmen_list:
+        if is_logged_in_counter(request) and self.object.barmen_list:
             return super().dispatch(request, *args, **kwargs)
         return HttpResponseRedirect(
             reverse("counter:details", kwargs={"counter_id": self.object.id})
@@ -1197,7 +1197,7 @@ class CounterCashSummaryView(CounterTabsMixin, CanViewMixin, DetailView):
     def dispatch(self, request, *args, **kwargs):
         """We have here again a very particular right handling."""
         self.object = self.get_object()
-        if sent_from_logged_counter(request) and self.object.barmen_list:
+        if is_logged_in_counter(request) and self.object.barmen_list:
             return super().dispatch(request, *args, **kwargs)
         return HttpResponseRedirect(
             reverse("counter:details", kwargs={"counter_id": self.object.id})