cleanup

wildfirebill · Dec 2, 2016 · 53cdce2 · 53cdce2
1 parent c0b1a68
commit 53cdce2
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 16 deletions.
diff --git a/README.md b/README.md
@@ -37,13 +37,11 @@ https://dev.titledb.com/v1/entry?nested=true&exclude=cia.icon_l&exclude=cia.icon
 
 DELETE is also supported, but only by admin accounts, since an object's id will be considered static, delisting will be done instead, by setting 'active' to False on the record by general moderators.
 
-For the moment, the authorization controls on http://dev.titledb.com are disabled, so everyone has full admin rights, and can utilize all of these functions to test things out. 
-
-Authentication is currently managed with basic web pages on /v1/login and /v1/logout, and current status can be checked via /v1/login_status, I've not settled on how this should be implemented quite yet, so things will change around a bit here. This is why authorization is currently disabled.
+Authentication is currently managed with basic web pages on /v1/login and /v1/logout, and current status can be checked via /v1/login_status, I've not settled on how this should be implemented quite yet, so things will change around a bit here.
 
 There's also a /v1/time object which will return the current time in ISO8601 format
 
-Feel free to play around with the dev preview and and make a few records to try it all out. The database may get blown away here or there while I'm working with it though, as right now dev is being served by a reverse proxy pointed at my local development environment at home. I'll switch this out to a proper uWSGI deployment on a hosted server in the near future, and set it up with hooks to track the GitHub repository as commits are published instead.
+Feel free to play around with the dev preview and try it all out. The database may get blown away here or there while I'm working with it though, as right now dev is being served by a reverse proxy pointed at my local development environment at home. I'll switch this out to a proper uWSGI deployment on a hosted server in the near future, and set it up with hooks to track the GitHub repository as commits are published instead.
 
 
 For example, here is entry #58, and it's associated components with nesting disabled for clarity:  

diff --git a/titledb/proxy.py b/titledb/proxy.py
@@ -1,3 +1,3 @@
 
-def verify_cache():
-    None
+def verify_cache(item):
+    return True
diff --git a/titledb/security.py b/titledb/security.py
@@ -21,15 +21,15 @@ def check_password(pw, hashed_pw):
 
 def authtkt_callback(userid, request):
     try:
-        userquery = DBSession.query(User).filter_by(name=userid,active=True).one()
+        userquery = DBSession.query(User).filter_by(name=userid, active=True).one()
     except NoResultFound:
         return None
 
     groupquery = DBSession.query(Group).filter_by(id=userquery.id).all()
 
     groups = []
     for item in groupquery:
-        groups.append("group:"+item.name)
+        groups.append("group:" + item.name)
 
     log.debug('Callback checking user: %s (groups: %s)', userid, groups)
     return groups
diff --git a/titledb/views.py b/titledb/views.py
@@ -2,6 +2,7 @@
 log = logging.getLogger(__name__)
 
 import json
+import os
 
 from datetime import datetime
 
@@ -64,6 +65,8 @@
     Group
 )
 
+from .magic import url_to_cache_path
+
 from time import (
     gmtime,
     strftime
@@ -353,18 +356,20 @@ def proxy_or_redirect_cia(self):
         if request.matchdict and request.matchdict['titleid']:
             titleid = request.matchdict['titleid']
             cia = DBSession.query(CIA).filter(CIA.titleid.ilike(titleid)).first()
+            url = cia.url
             if cia:
                 if cia.path:
                     # Verify cache file is there and valid.
-                    verify_cache()
-
-                    return FileResponse(
-                               'cache/'+ parse.quote_plus(cia.url) +'/'+cia.path,
-                               request=request,
-                               content_type='application/x-3ds-archive'
-                           )
+                    if verify_cache(cia):
+                        return FileResponse(
+                                   os.path.join(url_to_cache_path(url.url, '/var/cache/titledb'), 'archive_root', cia.path),
+                                   request=request,
+                                   content_type='application/x-3ds-archive'
+                               )
+                    else:
+                        return HTTPNotFound()
                 else:
-                    return HTTPFound(location=cia.url)
+                    return HTTPFound(location=url.url)
         return dict(error='TitleID not found.')
 
     @view_config(route_name='time_v1')