extract sent_from_logged_counter(request)

2025-07-10 03:49:24 +00:00 · 2024-08-04 22:30:54 +02:00
parent e5dfe1e638
commit a9f66e2cd9
5 changed files with 60 additions and 62 deletions
--- a/core/lookups.py
+++ b/core/lookups.py
@ -21,19 +21,12 @@ from club.models import Club
 from core.models import Group, SithFile, User
 from core.views.site import search_user
 from counter.models import Counter, Customer, Product
-
-
-def check_token(request):
-    return (
-        "counter_token" in request.session.keys()
-        and request.session["counter_token"]
-        and Counter.objects.filter(token=request.session["counter_token"]).exists()
-    )
+from counter.utils import sent_from_logged_counter


 class RightManagedLookupChannel(LookupChannel):
    def check_auth(self, request):
-        if not request.user.was_subscribed and not check_token(request):
+        if not request.user.was_subscribed and not sent_from_logged_counter(request):
            raise PermissionDenied


--- a/core/models.py
+++ b/core/models.py
@ -1137,11 +1137,9 @@ class SithFile(models.Model):
        else:
            self._check_path_consistence()

-    def __getattribute__(self, attr):
-        if attr == "is_file":
-            return not self.is_folder
-        else:
-            return super().__getattribute__(attr)
+    @property
+    def is_file(self):
+        return not self.is_folder

    @cached_property
    def as_picture(self):
--- a/core/views/files.py
+++ b/core/views/files.py
@ -21,7 +21,7 @@ from django import forms
 from django.conf import settings
 from django.core.exceptions import PermissionDenied
 from django.forms.models import modelform_factory
-from django.http import Http404, HttpResponse
+from django.http import Http404, HttpRequest, HttpResponse
 from django.shortcuts import get_object_or_404, redirect
 from django.urls import reverse
 from django.utils.http import http_date
@ -37,27 +37,23 @@ from core.views import (
    CanViewMixin,
    can_view,
 )
-from counter.models import Counter
+from counter.utils import sent_from_logged_counter


-def send_file(request, file_id, file_class=SithFile, file_attr="file"):
+def send_file(
+    request: HttpRequest,
+    file_id: int,
+    file_class: type[SithFile] = SithFile,
+    file_attr: str = "file",
+):
    """Send a file through Django without loading the whole file into
    memory at once. The FileWrapper will turn the file object into an
    iterator for chunks of 8KB.
    """
    f = get_object_or_404(file_class, id=file_id)
-    if not (
-        can_view(f, request.user)
-        or (
-            "counter_token" in request.session.keys()
-            and request.session["counter_token"]
-            and Counter.objects.filter(  # check if not null for counters that have no token set
-                token=request.session["counter_token"]
-            ).exists()
-        )
-    ):
+    if not can_view(f, request.user) and not sent_from_logged_counter(request):
        raise PermissionDenied
-    name = f.__getattribute__(file_attr).name
+    name = getattr(f, file_attr).name
    filepath = settings.MEDIA_ROOT / name

    # check if file exists on disk