OpenDroneMap-WebODM/app/api/common.py

from django.core.exceptions import ObjectDoesNotExist, SuspiciousFileOperation
from rest_framework import exceptions
import os

from app import models

def get_and_check_project(request, project_pk, perms=('view_project',)):
    """
    Django comes with a standard `model level` permission system. You can
    check whether users are logged-in and have privileges to act on things
    model wise (can a user add a project? can a user view projects?).
    Django-guardian adds a `row level` permission system. Now not only can you
    decide whether a user can add a project or view projects, you can specify exactly
    which projects a user has or has not access to.

    This brings up the reason the following function: tasks are part of a project,
    and it would add a tremendous headache (and redundancy) to specify row level permissions
    for each task. Instead, we check the row level permissions of the project
    to which a task belongs to.

    Perhaps this could be added as a django-rest filter?

    Retrieves a project and raises an exception if the current user
    has no access to it.
    """
    try:
        project = models.Project.objects.get(pk=project_pk, deleting=False)
        for perm in perms:
            if not request.user.has_perm(perm, project): raise ObjectDoesNotExist()
    except ObjectDoesNotExist:
        raise exceptions.NotFound()
    return project


def get_tile_json(name, tiles, bounds):
    return {
        'tilejson': '2.1.0',
        'name': name,
        'version': '1.0.0',
        'scheme': 'tms',
        'tiles': tiles,
        'minzoom': 0,
        'maxzoom': 21,
        'bounds': bounds
    }

def path_traversal_check(unsafe_path, known_safe_path):
    known_safe_path = os.path.abspath(known_safe_path)
    unsafe_path = os.path.abspath(unsafe_path)

    if (os.path.commonprefix([known_safe_path, unsafe_path]) != known_safe_path):
        raise SuspiciousFileOperation("{} is not safe".format(unsafe_path))

    # Passes the check
    return unsafe_path
Raw assets API, path traversal checks 2017-01-18 19:49:53 +00:00			`from django.core.exceptions import ObjectDoesNotExist, SuspiciousFileOperation`
Project tiles.json almost working 2016-11-15 20:55:48 +00:00			`from rest_framework import exceptions`
Raw assets API, path traversal checks 2017-01-18 19:49:53 +00:00			`import os`
Project tiles.json almost working 2016-11-15 20:55:48 +00:00
			`from app import models`

			`def get_and_check_project(request, project_pk, perms=('view_project',)):`
Added proposed changes by @mojodna 2016-11-21 21:32:37 +00:00			`"""`
			Django comes with a standard `model level` permission system. You can
			`check whether users are logged-in and have privileges to act on things`
			`model wise (can a user add a project? can a user view projects?).`
			Django-guardian adds a `row level` permission system. Now not only can you
			`decide whether a user can add a project or view projects, you can specify exactly`
			`which projects a user has or has not access to.`

			`This brings up the reason the following function: tasks are part of a project,`
			`and it would add a tremendous headache (and redundancy) to specify row level permissions`
			`for each task. Instead, we check the row level permissions of the project`
			`to which a task belongs to.`

			`Perhaps this could be added as a django-rest filter?`

			`Retrieves a project and raises an exception if the current user`
Project tiles.json almost working 2016-11-15 20:55:48 +00:00			`has no access to it.`
Added proposed changes by @mojodna 2016-11-21 21:32:37 +00:00			`"""`
Project tiles.json almost working 2016-11-15 20:55:48 +00:00			`try:`
			`project = models.Project.objects.get(pk=project_pk, deleting=False)`
			`for perm in perms:`
			`if not request.user.has_perm(perm, project): raise ObjectDoesNotExist()`
			`except ObjectDoesNotExist:`
			`raise exceptions.NotFound()`
			`return project`


Added proposed changes by @mojodna 2016-11-21 21:32:37 +00:00			`def get_tile_json(name, tiles, bounds):`
Project tiles.json almost working 2016-11-15 20:55:48 +00:00			`return {`
			`'tilejson': '2.1.0',`
			`'name': name,`
			`'version': '1.0.0',`
			`'scheme': 'tms',`
			`'tiles': tiles,`
			`'minzoom': 0,`
Added standby component for loading textured mesh 2017-01-19 20:40:04 +00:00			`'maxzoom': 21,`
Project tiles.json almost working 2016-11-15 20:55:48 +00:00			`'bounds': bounds`
Raw assets API, path traversal checks 2017-01-18 19:49:53 +00:00			`}`

			`def path_traversal_check(unsafe_path, known_safe_path):`
			`known_safe_path = os.path.abspath(known_safe_path)`
			`unsafe_path = os.path.abspath(unsafe_path)`

			`if (os.path.commonprefix([known_safe_path, unsafe_path]) != known_safe_path):`
			`raise SuspiciousFileOperation("{} is not safe".format(unsafe_path))`

			`# Passes the check`
			`return unsafe_path`