Skip to content

Use our standard auth mixin for proxito downloads #6572

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Jan 23, 2020
Merged

Use our standard auth mixin for proxito downloads #6572

merged 5 commits into from
Jan 23, 2020

Conversation

ericholscher
Copy link
Member

This is the same logic as in the Proxito views,
it just extends it to the downloads.

@ericholscher
Use our standard auth mixin for proxito downloads
c818879 
This is the same logic as in the Proxito views,
it just extends it to the downloads.
davidfischer
davidfischer reviewed Jan 23, 2020
View reviewed changes
readthedocs/projects/views/public.py Outdated
if not self.allowed_user(request, final_project, version_slug):
return self.get_unauthed_response(request, final_project)

version = final_project.versions.public(user=request.user).filter(slug=version_slug).first()
Copy link
Contributor

@davidfischer davidfischer Jan 23, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't we need to raise a 404 here if version is None?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

True -- I will re-add that logic.

davidfischer
davidfischer approved these changes Jan 23, 2020
View reviewed changes
Copy link
Contributor

@davidfischer davidfischer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good.

We should probably have a test case that would catch that no-404 issue.

@agjohnson agjohnson added the PR: hotfix Pull request applied as hotfix to release label Jan 23, 2020
agjohnson
agjohnson approved these changes Jan 23, 2020
View reviewed changes
Copy link
Contributor

@agjohnson agjohnson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

From a code level perspective, changes look good. The logic around the same domain methods are foreign to me, but these changes seem to be working. This might be something to come back and refactor, but fixes the release issues we're having for now.

@agjohnson agjohnson merged commit 9860cbc into master Jan 23, 2020
@agjohnson agjohnson deleted the proxito-auth-downloads branch January 23, 2020 00:50
agjohnson pushed a commit that referenced this pull request Jan 23, 2020
@ericholscher @agjohnson
Use our standard auth mixin for proxito downloads (#6572)
88cbc38 
* Use our standard auth mixin for proxito downloads

This is the same logic as in the Proxito views,
it just extends it to the downloads.

* re-add 404 logic

* Add a bit of janky hacks

* Remove functions to remove hacky isinstance

* Fix lint
@ericholscher ericholscher mentioned this pull request Jan 23, 2020
Closed
humitos
humitos reviewed Jan 28, 2020
View reviewed changes
readthedocs/proxito/views/mixins.py
Comment on lines +121 to +122
def allowed_user(self, *args, **kwargs):
return True
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My idea was to default this to False to avoid mistakes if it's not overwritten in the class that inherit from this. Forcing the class that inherit from this to re-define it.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yea, this worried me a bit, we should fix it in another PR.

@ericholscher ericholscher mentioned this pull request Aug 29, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@humitos humitos humitos left review comments

@davidfischer davidfischer davidfischer approved these changes

@agjohnson agjohnson agjohnson approved these changes

Assignees
No one assigned
Labels
PR: hotfix Pull request applied as hotfix to release
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ericholscher @davidfischer @humitos @agjohnson